[catagits/Catalyst-Authentication-Credential-OpenID.git] / t / live-app.t

use strict;
use warnings;

use FindBin;
use IO::Socket;
use Test::More;

eval <<_DEPS_;
   use Test::WWW::Mechanize;
   use Catalyst::Runtime;
   use Catalyst::Devel;
   use Cache::FastMmap;
   use Catalyst::Authentication::User::Hash;
   use Catalyst::Plugin::Session::State::Cookie;
   use Catalyst::Plugin::Session::Store::FastMmap;
   use Class::Accessor::Fast;
   use Crypt::DH;
   use ExtUtils::MakeMaker;
   use HTML::Parser 3;
   use LWP::UserAgent;
   use Net::OpenID::Consumer;
   use Net::OpenID::Server;
   use Test::WWW::Mechanize;
   use Net::DNS;
   use IO::Socket::INET;
_DEPS_

if ( $@ )
{
    plan skip_all => 'Test application dependencies not satisfied ' . $@;
}
elsif ( not $ENV{TEST_HTTP} )
{
    plan skip_all => 'Set TEST_HTTP to enable this test';
}
else
{
    plan tests => 21;
}

# One port for consumer app, one for provider.
my $consumer_port = 10000 + int rand(1 + 10000);
my $provider_port = $consumer_port;
$provider_port = 10000 + int rand(1 + 10000) until $consumer_port != $provider_port;

my $provider_pipe = "perl -I$FindBin::Bin/../lib -I$FindBin::Bin/Provider/lib $FindBin::Bin/Provider/script/testapp_server.pl -p $consumer_port |";

my $consumer_pipe = "perl -I$FindBin::Bin/../lib -I$FindBin::Bin/Consumer/lib $FindBin::Bin/Consumer/script/testapp_server.pl -p $provider_port |";

my $provider_pid = open my $provider, $provider_pipe
    or die "Unable to spawn standalone HTTP server for Provider: $!";

diag("Started Provider with pid $provider_pid");

my $consumer_pid = open my $consumer, $consumer_pipe
    or die "Unable to spawn standalone HTTP server for Consumer: $!";

diag("Started Consumer with pid $consumer_pid");

# How long to wait for test server to start and timeout for UA.
my $seconds = 15;

diag("Waiting (up to $seconds seconds) for application servers to start...");

eval {
    local $SIG{ALRM} = sub { die "Servers took too long to start\n" }; # NB: \n required
    alarm($seconds);
    sleep 1 while check_port( 'localhost', $provider_port ) != 1;
    sleep 1 while check_port( 'localhost', $consumer_port ) != 1;
    alarm(0)
};

if ( $@ )
{
    shut_down();
    die "Could not run test: $@";
}

my $openid_consumer = $ENV{CATALYST_SERVER} = "http://localhost:$consumer_port";
my $openid_server = "http://localhost:$provider_port";

# Tests start --------------------------------------------
diag("Started...") if $ENV{TEST_VERBOSE};

my $mech = Test::WWW::Mechanize->new(timeout => $seconds);

$mech->get_ok($openid_consumer, "GET $openid_consumer");

$mech->content_contains("You are not signed in.", "Content looks right");

$mech->get_ok("$openid_consumer/signin_openid", "GET $openid_consumer/signin_openid");

{
    my $claimed_uri = "$openid_server/provider/paco";

    $mech->submit_form_ok({ form_name => "openid",
                            fields => { openid_identifier => $claimed_uri,
                            },
                          },
                          "Trying OpenID login, 'openid' realm");

    $mech->content_contains("You're not signed in so you can't be verified",
                            "Can't use OpenID, not signed in at provider");
}

# Bad claimed URI.
{
    my $claimed_uri = "gopher://localhost:443/what?";
    $mech->back();
    $mech->submit_form( form_name => "openid",
                         fields => { openid_identifier => $claimed_uri,
                                   },
                       );

    diag("Trying OpenID with ridiculous URI")
        if $ENV{TEST_VERBOSE};

    # no_identity_server: The provided URL doesn't declare its OpenID identity server.

    is( $mech->status, 500,
        "Can't use OpenID: bogus_url" );
}

# Bad claimed URI.
{
    my $claimed_uri = "localhost/some/path";
    $mech->back();
    $mech->submit_form( form_name => "openid",
                         fields => { openid_identifier => $claimed_uri,
                                   },
                       );

    diag("Trying OpenID with phony URI")
        if $ENV{TEST_VERBOSE};

    # no_identity_server: The provided URL doesn't declare its OpenID identity server.
    is( $mech->status, 500,
        "Can't use OpenID: no_identity_server");
}


#
$mech->get_ok("$openid_server/login", "GET $openid_consumer/login");

# diag($mech->content);

$mech->submit_form_ok({ form_name => "login",
                        fields => { username => "paco",
                                    password => "l4s4v3n7ur45",
                                },
                       },
                      "Trying cleartext login, 'memebers' realm");

$mech->content_contains("signed in", "Signed in successfully");

$mech->get_ok("$openid_consumer/signin_openid", "GET $openid_consumer/signin_openid");

$mech->content_contains("Sign in with OpenID", "Content looks right");

my $claimed_uri = "$openid_server/provider/paco";

$mech->submit_form_ok({ form_name => "openid",
                        fields => { openid_identifier => $claimed_uri,
                                },
                    },
                      "Trying OpenID login, 'openid' realm");

$mech->content_contains("You did it with OpenID!",
                        "Successfully signed in with OpenID");

$mech->get_ok($openid_consumer, "GET $openid_consumer");

$mech->content_contains("provider/paco", "OpenID info is in the user");

# can't be verified

$mech->get_ok("$openid_consumer/logout", "GET $openid_consumer/logout");

$mech->get_ok("$openid_consumer/signin_openid", "GET $openid_consumer/signin_openid");

$mech->content_contains("Sign in with OpenID", "Content looks right");

$mech->submit_form_ok({ form_name => "openid",
                        fields => { openid_identifier => $claimed_uri,
                                },
                    },
                      "Trying OpenID login, 'openid' realm");

$mech->content_contains("can't be verified",
                        "Proper failure for unauthenticated memember.");

shut_down();

exit 0;

# Tests end ----------------------------------------------

sub shut_down {
    kill INT => $provider_pid, $consumer_pid;
    close $provider;
    close $consumer;
}

sub check_port {
    my ( $host, $port ) = @_;

    my $remote = IO::Socket::INET->new(
        Proto    => "tcp",
        PeerAddr => $host,
        PeerPort => $port
    );
    if ($remote) {
        close $remote;
        return 1;
    }
    else {
        return 0;
    }
}

__END__
Commit	Line	Data
5f33d3e0	1	use strict;
	2	use warnings;
	3
	4	use FindBin;
	5	use IO::Socket;
	6	use Test::More;
5f33d3e0	7
0ad3a87d	8	eval <<_DEPS_;
47a60d41	9	use Test::WWW::Mechanize;
92a1e845	10	use Catalyst::Runtime;
92a1e845	11	use Catalyst::Devel;
0ad3a87d	12	use Cache::FastMmap;
	13	use Catalyst::Authentication::User::Hash;
	14	use Catalyst::Plugin::Session::State::Cookie;
	15	use Catalyst::Plugin::Session::Store::FastMmap;
	16	use Class::Accessor::Fast;
	17	use Crypt::DH;
	18	use ExtUtils::MakeMaker;
	19	use HTML::Parser 3;
	20	use LWP::UserAgent;
	21	use Net::OpenID::Consumer;
	22	use Net::OpenID::Server;
	23	use Test::WWW::Mechanize;
92a1e845	24	use Net::DNS;
92a1e845	25	use IO::Socket::INET;
0ad3a87d	26	_DEPS_
0ad3a87d	27
92a1e845	28	if ( $@ )
92a1e845	29	{
09fb9633	30	plan skip_all => 'Test application dependencies not satisfied ' . $@;
92a1e845	31	}
	32	elsif ( not $ENV{TEST_HTTP} )
	33	{
29b37787	34	plan skip_all => 'Set TEST_HTTP to enable this test';
92a1e845	35	}
	36	else
	37	{
	38	plan tests => 21;
	39	}
5f33d3e0	40
	41	# One port for consumer app, one for provider.
	42	my $consumer_port = 10000 + int rand(1 + 10000);
	43	my $provider_port = $consumer_port;
	44	$provider_port = 10000 + int rand(1 + 10000) until $consumer_port != $provider_port;
	45
41427aaf	46	my $provider_pipe = "perl -I$FindBin::Bin/../lib -I$FindBin::Bin/Provider/lib $FindBin::Bin/Provider/script/testapp_server.pl -p $consumer_port \|";
5f33d3e0	47
41427aaf	48	my $consumer_pipe = "perl -I$FindBin::Bin/../lib -I$FindBin::Bin/Consumer/lib $FindBin::Bin/Consumer/script/testapp_server.pl -p $provider_port \|";
5f33d3e0	49
	50	my $provider_pid = open my $provider, $provider_pipe
	51	or die "Unable to spawn standalone HTTP server for Provider: $!";
	52
	53	diag("Started Provider with pid $provider_pid");
	54
	55	my $consumer_pid = open my $consumer, $consumer_pipe
	56	or die "Unable to spawn standalone HTTP server for Consumer: $!";
	57
	58	diag("Started Consumer with pid $consumer_pid");
	59
	60	# How long to wait for test server to start and timeout for UA.
	61	my $seconds = 15;
	62
5f33d3e0	63	diag("Waiting (up to $seconds seconds) for application servers to start...");
	64
	65	eval {
	66	local $SIG{ALRM} = sub { die "Servers took too long to start\n" }; # NB: \n required
	67	alarm($seconds);
	68	sleep 1 while check_port( 'localhost', $provider_port ) != 1;
	69	sleep 1 while check_port( 'localhost', $consumer_port ) != 1;
	70	alarm(0)
	71	};
	72
	73	if ( $@ )
	74	{
	75	shut_down();
	76	die "Could not run test: $@";
	77	}
	78
41427aaf	79	my $openid_consumer = $ENV{CATALYST_SERVER} = "http://localhost:$consumer_port";
5f33d3e0	80	my $openid_server = "http://localhost:$provider_port";
	81
	82	# Tests start --------------------------------------------
	83	diag("Started...") if $ENV{TEST_VERBOSE};
	84
	85	my $mech = Test::WWW::Mechanize->new(timeout => $seconds);
	86
41427aaf	87	$mech->get_ok($openid_consumer, "GET $openid_consumer");
	88
	89	$mech->content_contains("You are not signed in.", "Content looks right");
	90
	91	$mech->get_ok("$openid_consumer/signin_openid", "GET $openid_consumer/signin_openid");
	92
	93	{
	94	my $claimed_uri = "$openid_server/provider/paco";
	95
	96	$mech->submit_form_ok({ form_name => "openid",
	97	fields => { openid_identifier => $claimed_uri,
	98	},
	99	},
	100	"Trying OpenID login, 'openid' realm");
	101
	102	$mech->content_contains("You're not signed in so you can't be verified",
	103	"Can't use OpenID, not signed in at provider");
	104	}
	105
	106	# Bad claimed URI.
	107	{
	108	my $claimed_uri = "gopher://localhost:443/what?";
	109	$mech->back();
	110	$mech->submit_form( form_name => "openid",
	111	fields => { openid_identifier => $claimed_uri,
	112	},
	113	);
	114
	115	diag("Trying OpenID with ridiculous URI")
	116	if $ENV{TEST_VERBOSE};
	117
	118	# no_identity_server: The provided URL doesn't declare its OpenID identity server.
	119
	120	is( $mech->status, 500,
	121	"Can't use OpenID: bogus_url" );
	122	}
	123
	124	# Bad claimed URI.
	125	{
	126	my $claimed_uri = "localhost/some/path";
	127	$mech->back();
	128	$mech->submit_form( form_name => "openid",
	129	fields => { openid_identifier => $claimed_uri,
	130	},
	131	);
	132
	133	diag("Trying OpenID with phony URI")
	134	if $ENV{TEST_VERBOSE};
	135
	136	# no_identity_server: The provided URL doesn't declare its OpenID identity server.
	137	is( $mech->status, 500,
	138	"Can't use OpenID: no_identity_server");
	139	}
	140
	141
5f33d3e0	142
41427aaf	143	#
41427aaf	144	$mech->get_ok("$openid_server/login", "GET $openid_consumer/login");
5f33d3e0	145
	146	# diag($mech->content);
	147
	148	$mech->submit_form_ok({ form_name => "login",
	149	fields => { username => "paco",
	150	password => "l4s4v3n7ur45",
	151	},
	152	},
	153	"Trying cleartext login, 'memebers' realm");
	154
	155	$mech->content_contains("signed in", "Signed in successfully");
	156
41427aaf	157	$mech->get_ok("$openid_consumer/signin_openid", "GET $openid_consumer/signin_openid");
5f33d3e0	158
	159	$mech->content_contains("Sign in with OpenID", "Content looks right");
	160
	161	my $claimed_uri = "$openid_server/provider/paco";
	162
	163	$mech->submit_form_ok({ form_name => "openid",
	164	fields => { openid_identifier => $claimed_uri,
	165	},
	166	},
	167	"Trying OpenID login, 'openid' realm");
	168
	169	$mech->content_contains("You did it with OpenID!",
	170	"Successfully signed in with OpenID");
	171
41427aaf	172	$mech->get_ok($openid_consumer, "GET $openid_consumer");
5f33d3e0	173
	174	$mech->content_contains("provider/paco", "OpenID info is in the user");
	175
	176	# can't be verified
	177
41427aaf	178	$mech->get_ok("$openid_consumer/logout", "GET $openid_consumer/logout");
5f33d3e0	179
41427aaf	180	$mech->get_ok("$openid_consumer/signin_openid", "GET $openid_consumer/signin_openid");
5f33d3e0	181
	182	$mech->content_contains("Sign in with OpenID", "Content looks right");
	183
	184	$mech->submit_form_ok({ form_name => "openid",
	185	fields => { openid_identifier => $claimed_uri,
	186	},
	187	},
	188	"Trying OpenID login, 'openid' realm");
	189
	190	$mech->content_contains("can't be verified",
	191	"Proper failure for unauthenticated memember.");
	192
	193	shut_down();
	194
	195	exit 0;
	196
	197	# Tests end ----------------------------------------------
	198
	199	sub shut_down {
	200	kill INT => $provider_pid, $consumer_pid;
	201	close $provider;
	202	close $consumer;
	203	}
	204
	205	sub check_port {
	206	my ( $host, $port ) = @_;
	207
	208	my $remote = IO::Socket::INET->new(
	209	Proto => "tcp",
	210	PeerAddr => $host,
	211	PeerPort => $port
	212	);
	213	if ($remote) {
	214	close $remote;
	215	return 1;
	216	}
	217	else {
	218	return 0;
	219	}
	220	}
	221
	222	__END__
	223