t/07google.t

   1 use warnings;
   2 use strict;
   3
   4 use FindBin;
   5 use lib ("$FindBin::Bin/lib");
   6
   7 use stemmaweb::Test::Common;
   8
   9 use stemmaweb;
  10 use LWP::Protocol::PSGI;
  11 use Test::WWW::Mechanize;
  12
  13 use Test::More;
  14 use HTML::TreeBuilder;
  15 use Data::Dumper;
  16 use IO::All;
  17
  18 use stemmaweb::Test::DB;
  19
  20 my $dir = stemmaweb::Test::DB->new_db;
  21
  22 # NOTE: this test uses Text::Tradition::Directory
  23 # to check user accounts really have been created.
  24 # It'll need to be changed once that is replaced...
  25
  26 LWP::Protocol::PSGI->register(stemmaweb->psgi_app);
  27
  28 my $ua = Test::WWW::Mechanize->new;
  29
  30 io("$FindBin::Bin/var")->rmtree if io("$FindBin::Bin/var")->exists;
  31
  32 {
  33     diag("Create OpenID based Google account");
  34     my $scope = $dir->new_scope;
  35
  36     $ua->get_ok('http://localhost/login');
  37
  38     local *Catalyst::Authentication::Credential::OpenID::authenticate = sub {
  39         my ( $self, $c, $realm, $authinfo ) = @_;
  40
  41         return $realm->find_user({
  42             url => 'https://www.google.com/accounts/o8/id?id=XYZ',
  43             email => 'test@example.com',
  44                                  }, $c);
  45     };
  46
  47     ok !$dir->find_user({ url => 'https://www.google.com/accounts/o8/id?id=XYZ' }), 'No such user, yet.';
  48
  49     $ua->submit_form(
  50         form_number => 2,
  51         fields => {
  52             openid_identifier => 'https://www.google.com/accounts/o8/id?id=XYZ',
  53         },
  54     );
  55
  56     $ua->content_contains('You have logged in.', 'Openid login works');
  57
  58     $ua->get('/');
  59
  60     $ua->content_contains('Hello! test@example.com!', 'We are logged in.');
  61
  62     diag("Verify new OpenID Google account exists");
  63     ok $dir->find_user({ url => 'https://www.google.com/accounts/o8/id?id=XYZ',
  64                          email => 'test@example.com',
  65                        }), 'The user is now there.';
  66     $ua->get('/logout');
  67
  68     # Converting to Google ID.
  69
  70     diag("Login/Convert to new Google+ account");
  71     local *stemmaweb::Authentication::Credential::Google::authenticate = sub {
  72         my ( $self, $c, $realm, $authinfo ) = @_;
  73
  74         return $realm->find_user({
  75                 openid_id => 'https://www.google.com/accounts/o8/id?id=XYZ',
  76                 sub        => 42,
  77                 email => $authinfo->{email},
  78             }, $c);
  79     };
  80     $ua->get_ok('http://localhost/login');
  81
  82     $ua->submit_form(
  83         form_number => 1,
  84         fields => {
  85             id_token => 'something',
  86             email    => 'test@example.com',
  87         },
  88     );
  89
  90     $ua->content_contains('You have logged in.', 'G+ login works');
  91
  92     $ua->get('/');
  93
  94     $ua->content_contains('Hello! test@example.com!', 'We are logged in.');
  95
  96     $ua->get_ok('/logout', 'Logged out');
  97 }
  98
  99 {
 100     diag("Create OpenID based Google account for email match");
 101     my $scope = $dir->new_scope;
 102
 103     $ua->get_ok('http://localhost/login');
 104
 105     local *Catalyst::Authentication::Credential::OpenID::authenticate = sub {
 106         my ( $self, $c, $realm, $authinfo ) = @_;
 107
 108         return $realm->find_user({
 109             url => 'https://www.google.com/accounts/o8/id?id=42XYZ',
 110             email => 'test42@example.com',
 111                                  }, $c);
 112     };
 113
 114     ok !$dir->find_user({ url => 'https://www.google.com/accounts/o8/id?id=42XYZ' }), 'No such user, yet.';
 115
 116     $ua->submit_form(
 117         form_number => 2,
 118         fields => {
 119             openid_identifier => 'https://www.google.com/accounts/o8/id?id=42XYZ',
 120         },
 121     );
 122
 123     $ua->content_contains('You have logged in.', 'Openid login works');
 124
 125     $ua->get('/');
 126
 127     $ua->content_contains('Hello! test42@example.com!', 'We are logged in.');
 128
 129     diag("Verify new OpenID Google account for email match exists");
 130     ok $dir->find_user({ url => 'https://www.google.com/accounts/o8/id?id=42XYZ',
 131                          email => 'test42@example.com',
 132                        }), 'The user is now there.';
 133     $ua->get('/logout');
 134
 135     # Converting to Google ID.
 136
 137     diag("Login/Convert to new Google+ account matching only on email");
 138     local *stemmaweb::Authentication::Credential::Google::authenticate = sub {
 139         my ( $self, $c, $realm, $authinfo ) = @_;
 140
 141         return $realm->find_user({
 142                 openid_id => 'https://www.google.com/accounts/o8/id?id=45XYZ',
 143                 sub        => 45,
 144                 email => $authinfo->{email},
 145             }, $c);
 146     };
 147     $ua->get_ok('http://localhost/login');
 148
 149     $ua->submit_form(
 150         form_number => 1,
 151         fields => {
 152             id_token => 'something',
 153             email    => 'test42@example.com',
 154         },
 155     );
 156
 157     $ua->content_contains('You have logged in.', 'G+ login works');
 158
 159     $ua->get('/');
 160
 161     $ua->content_contains('Hello! test42@example.com!', 'We are logged in.');
 162
 163     $ua->get('/logout');
 164 }
 165
 166 my $openid_uid;
 167 my $gplus_uid;
 168 my %tradition_names;
 169 {
 170     diag("Test converting OpenID based Google account with traditions");
 171     my $scope = $dir->new_scope;
 172
 173     my $openid_u = $dir->find_user({ url => 'https://www.google.com/accounts/o8/id?id=AItOawlFTlpuHGcI67tqahtw7xOod9VNWffB-Qg',
 174                          email => 'openid@example.org',
 175                        });
 176     ok($openid_u, 'The user is there.');
 177
 178     diag("Login/Convert to new Google+ account");
 179     local *stemmaweb::Authentication::Credential::Google::authenticate = sub {
 180         my ( $self, $c, $realm, $authinfo ) = @_;
 181
 182         return $realm->find_user({
 183                 openid_id => 'https://www.google.com/accounts/o8/id?id=AItOawlFTlpuHGcI67tqahtw7xOod9VNWffB-Qg',
 184                 sub        => 450,
 185                 email => $authinfo->{email},
 186             }, $c);
 187     };
 188     $ua->get_ok('http://localhost/login');
 189
 190     $ua->submit_form(
 191         form_number => 1,
 192         fields => {
 193             id_token => 'something',
 194             email    => 'openid@example.org',
 195         },
 196     );
 197
 198     $ua->content_contains('You have logged in.', 'G+ login works');
 199     $ua->get('/');
 200     $ua->content_contains('Hello! openid@example.org!', 'We are logged in.');
 201
 202     my $gplus_u = $dir->find_user({
 203         openid_id => 'https://www.google.com/accounts/o8/id?id=AItOawlFTlpuHGcI67tqahtw7xOod9VNWffB-Qg',
 204         sub        => 450,
 205         email => 'openid@example.org'
 206     });
 207     $openid_uid = $openid_u->kiokudb_object_id;
 208     $gplus_uid = $gplus_u->kiokudb_object_id;
 209
 210     foreach my $trad_id (0..$#{ $openid_u->traditions }) {
 211         my $trad = $gplus_u->traditions->[$trad_id];
 212         $tradition_names{$trad->name} = 1;
 213         is($trad->name, $openid_u->traditions->[$trad_id]->name, 'Traditions were copied over to G+ user');
 214     }
 215
 216     $ua->get('/logout');
 217 }
 218
 219 {
 220         diag("Check that the user traditions were removed from the old user");
 221         my $scope = $dir->new_scope;
 222         my $openid_u = $dir->lookup( $openid_uid );
 223         my $gplus_u = $dir->lookup( $gplus_uid );
 224         is( scalar @{$openid_u->traditions}, 0, "Traditions were removed from old user" );
 225         foreach my $tradition ( @{$gplus_u->traditions} ) {
 226                 ok( $tradition_names{ $tradition->name }, "Tradition has remained with new user" );
 227         }
 228 }
 229
 230 {
 231     diag("Verify we can login the new Google+ account again");
 232     my $scope = $dir->new_scope;
 233 #    ok !$dir->find_user({ url => 'https://www.google.com/accounts/o8/id?id=XYZ' }), 'Old google-openid is gone.';
 234
 235     ok $dir->find_user({
 236         sub => 42,
 237         openid_id => 'https://www.google.com/accounts/o8/id?id=XYZ',
 238         email    => 'test@example.com',
 239     }), 'The G+ user is there.';
 240
 241     $ua->get('/logout');
 242
 243     $ua->get_ok('http://localhost/login');
 244
 245     local *stemmaweb::Authentication::Credential::Google::authenticate = sub {
 246         my ( $self, $c, $realm, $authinfo ) = @_;
 247
 248         return $realm->find_user({
 249                 openid_id => 'https://www.google.com/accounts/o8/id?id=XYZ',
 250                 sub        => 42,
 251                 email      => $authinfo->{email},
 252             }, $c);
 253     };
 254
 255     $ua->submit_form(
 256         form_number => 1,
 257         fields => {
 258             id_token => 'something',
 259             email   => 'test@example.com',
 260         },
 261     );
 262
 263     $ua->content_contains('You have logged in.', 'We can now log in to our created user');
 264
 265     $ua->get('/');
 266
 267     $ua->content_contains('Hello! test@example.com!', 'We are logged in.');
 268 }
 269
 270 # Brand new user just from open id.
 271
 272 {
 273     diag("Create a fresh Google+ user");
 274     my $scope = $dir->new_scope;
 275
 276     ok !$dir->find_user({ sub => 2, openid_id => 'https://www.google.com/accounts/o8/id2?id=XYZ', email => 'test2@exmple.com' }), 'The G+ user is not yet there.';
 277
 278     $ua->get('/logout');
 279
 280     $ua->get_ok('http://localhost/login');
 281
 282     local *stemmaweb::Authentication::Credential::Google::authenticate = sub {
 283         my ( $self, $c, $realm, $authinfo ) = @_;
 284
 285         return $realm->find_user({
 286                 openid_id => 'https://www.google.com/accounts/o8/id2?id=XYZ',
 287                 sub        => 2,
 288                 email      => $authinfo->{email},
 289             }, $c);
 290     };
 291
 292     $ua->submit_form(
 293         form_number => 1,
 294         fields => {
 295             id_token => 'something',
 296             email    => 'test2@example.com',
 297         },
 298     );
 299
 300     $ua->content_contains('You have logged in.', 'We can now log in to our created user');
 301
 302     $ua->get('/');
 303
 304     $ua->content_contains('Hello! test2@example.com!', 'We are logged in.');
 305
 306     ok $dir->find_user({ sub => 2, openid_id => 'https://www.google.com/accounts/o8/id2?id=XYZ', email => 'test2@example.com' }), 'The G+ user is there.';
 307
 308     $ua->get('/logout');
 309
 310     $ua->get_ok('http://localhost/login');
 311
 312     $ua->submit_form(
 313         form_number => 1,
 314         fields => {
 315             id_token => 'something',
 316             email    => 'test2@example.com',
 317         },
 318     );
 319
 320     $ua->content_contains('You have logged in.', 'We can login again');
 321
 322     $ua->get('/');
 323
 324     $ua->content_contains('Hello! test2@example.com!', 'We are logged in.');
 325 }
 326
 327 # Decoding token
 328
 329 {
 330     my $scope = $dir->new_scope;
 331
 332     ok !$dir->find_user({ sub => 4242, openid_id => 'https://www.google.com/accounts/o8/id3', email => 'email@example.org' }), 'The G+ user is not yet there.';
 333
 334     $ua->get('/logout');
 335
 336     $ua->get_ok('http://localhost/login');
 337
 338     $ua->submit_form(
 339         form_number => 1,
 340         fields => {
 341             id_token => 'eyJraWQiOiJhIiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiI0MjQyIiwib3BlbmlkX2lkIjoiaHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS9hY2NvdW50cy9vOC9pZDMifQ.moNERe3UHCY4xGMPxdCqmbg2JKW5feVnYlA8jeB4CdE4c_KL3YHvICQeql-S486HT-AlWBeDJWMr6wWH1kkwz11a2D1oyJ8qCWBssHIkhfv8dm3dphmRbtzYssAOFdGsmnPH1oXolCnl-Qu9WgHkhYYnRJWHr3CkeNA6Yh1xOV3nkaa8REtJckuzh3jyKQgx_rjIFsWBPDmT1rqa_Q0XOGVK34N5tADwpcWmkb3fFnbddzd9L6MnybbFzF_S238Bpr5vNa9doXRBwvJ85AdSn1AWX8R6qVpDbbaiGL2RCahuZYF9XECYm6anee-KTKvxh02KXkG2zniKVvweaMlcbQ',
 342             email    => 'email@example.org',
 343         },
 344     );
 345
 346     $ua->content_contains('You have logged in.', 'We can now log in to our created user - the token was decoded');
 347
 348     $ua->get('/');
 349
 350     $ua->content_contains('Hello! email@example.org!', 'We are logged in.');
 351
 352     ok $dir->find_user({ sub => 4242, openid_id => 'https://www.google.com/accounts/o8/id3', email => 'email@example.org' }), 'The G+ user is there.';
 353
 354     $ua->get('/logout');
 355
 356     $ua->get_ok('http://localhost/login');
 357
 358     $ua->submit_form(
 359         form_number => 1,
 360         fields => {
 361             id_token => 'eyJraWQiOiJhIiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiI0MjQyIiwib3BlbmlkX2lkIjoiaHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS9hY2NvdW50cy9vOC9pZDMifQ.moNERe3UHCY4xGMPxdCqmbg2JKW5feVnYlA8jeB4CdE4c_KL3YHvICQeql-S486HT-AlWBeDJWMr6wWH1kkwz11a2D1oyJ8qCWBssHIkhfv8dm3dphmRbtzYssAOFdGsmnPH1oXolCnl-Qu9WgHkhYYnRJWHr3CkeNA6Yh1xOV3nkaa8REtJckuzh3jyKQgx_rjIFsWBPDmT1rqa_Q0XOGVK34N5tADwpcWmkb3fFnbddzd9L6MnybbFzF_S238Bpr5vNa9doXRBwvJ85AdSn1AWX8R6qVpDbbaiGL2RCahuZYF9XECYm6anee-KTKvxh02KXkG2zniKVvweaMlcbQ',
 362             email   => 'email@example.org',
 363         },
 364     );
 365
 366     $ua->content_contains('You have logged in.', 'We can login again');
 367
 368     $ua->get('/');
 369
 370     $ua->content_contains('Hello! email@example.org!', 'We are logged in.');
 371 }
 372
 373 io("$FindBin::Bin/var")->rmtree if io("$FindBin::Bin/var")->exists;
 374
 375 done_testing;