[catagits/Catalyst-Authentication-Credential-OpenID.git] / t / live-app.t

#!/usr/bin/env perl
use strict;
use warnings;

use FindBin;
use IO::Socket;
use Test::More;
use Test::WWW::Mechanize;

plan skip_all => 'set TEST_HTTP to enable this test' unless $ENV{TEST_HTTP};
eval "use Catalyst::Devel 1.0";
plan skip_all => 'Catalyst::Devel required' if $@;

plan "no_plan";
# plan tests => 17;

# One port for consumer app, one for provider.
my $consumer_port = 10000 + int rand(1 + 10000);
my $provider_port = $consumer_port;
$provider_port = 10000 + int rand(1 + 10000) until $consumer_port != $provider_port;

my $provider_pipe = "perl -I$FindBin::Bin/../lib -I$FindBin::Bin/Provider/lib $FindBin::Bin/Provider/script/testapp_server.pl -p $consumer_port |";

my $consumer_pipe = "perl -I$FindBin::Bin/../lib -I$FindBin::Bin/Consumer/lib $FindBin::Bin/Consumer/script/testapp_server.pl -p $provider_port |";

my $provider_pid = open my $provider, $provider_pipe
    or die "Unable to spawn standalone HTTP server for Provider: $!";

diag("Started Provider with pid $provider_pid");

my $consumer_pid = open my $consumer, $consumer_pipe
    or die "Unable to spawn standalone HTTP server for Consumer: $!";

diag("Started Consumer with pid $consumer_pid");

# How long to wait for test server to start and timeout for UA.
my $seconds = 15;

diag("Waiting (up to $seconds seconds) for application servers to start...");

eval {
    local $SIG{ALRM} = sub { die "Servers took too long to start\n" }; # NB: \n required
    alarm($seconds);
    sleep 1 while check_port( 'localhost', $provider_port ) != 1;
    sleep 1 while check_port( 'localhost', $consumer_port ) != 1;
    alarm(0)
};

if ( $@ )
{
    shut_down();
    die "Could not run test: $@";
}

my $openid_consumer = $ENV{CATALYST_SERVER} = "http://localhost:$consumer_port";
my $openid_server = "http://localhost:$provider_port";

# Tests start --------------------------------------------
diag("Started...") if $ENV{TEST_VERBOSE};

my $mech = Test::WWW::Mechanize->new(timeout => $seconds);

$mech->get_ok($openid_consumer, "GET $openid_consumer");

$mech->content_contains("You are not signed in.", "Content looks right");

$mech->get_ok("$openid_consumer/signin_openid", "GET $openid_consumer/signin_openid");

{
    my $claimed_uri = "$openid_server/provider/paco";

    $mech->submit_form_ok({ form_name => "openid",
                            fields => { openid_identifier => $claimed_uri,
                            },
                          },
                          "Trying OpenID login, 'openid' realm");

    $mech->content_contains("You're not signed in so you can't be verified",
                            "Can't use OpenID, not signed in at provider");
}

# Bad claimed URI.
{
    my $claimed_uri = "gopher://localhost:443/what?";
    $mech->back();
    $mech->submit_form( form_name => "openid",
                         fields => { openid_identifier => $claimed_uri,
                                   },
                       );

    diag("Trying OpenID with ridiculous URI")
        if $ENV{TEST_VERBOSE};

    # no_identity_server: The provided URL doesn't declare its OpenID identity server.

    is( $mech->status, 500,
        "Can't use OpenID: bogus_url" );
}

# Bad claimed URI.
{
    my $claimed_uri = "localhost/some/path";
    $mech->back();
    $mech->submit_form( form_name => "openid",
                         fields => { openid_identifier => $claimed_uri,
                                   },
                       );

    diag("Trying OpenID with phony URI")
        if $ENV{TEST_VERBOSE};

    # no_identity_server: The provided URL doesn't declare its OpenID identity server.
    is( $mech->status, 500,
        "Can't use OpenID: no_identity_server");
}


#
$mech->get_ok("$openid_server/login", "GET $openid_consumer/login");

# diag($mech->content);

$mech->submit_form_ok({ form_name => "login",
                        fields => { username => "paco",
                                    password => "l4s4v3n7ur45",
                                },
                       },
                      "Trying cleartext login, 'memebers' realm");

$mech->content_contains("signed in", "Signed in successfully");

$mech->get_ok("$openid_consumer/signin_openid", "GET $openid_consumer/signin_openid");

$mech->content_contains("Sign in with OpenID", "Content looks right");

my $claimed_uri = "$openid_server/provider/paco";

$mech->submit_form_ok({ form_name => "openid",
                        fields => { openid_identifier => $claimed_uri,
                                },
                    },
                      "Trying OpenID login, 'openid' realm");

$mech->content_contains("You did it with OpenID!",
                        "Successfully signed in with OpenID");

$mech->get_ok($openid_consumer, "GET $openid_consumer");

$mech->content_contains("provider/paco", "OpenID info is in the user");

# can't be verified

$mech->get_ok("$openid_consumer/logout", "GET $openid_consumer/logout");

$mech->get_ok("$openid_consumer/signin_openid", "GET $openid_consumer/signin_openid");

$mech->content_contains("Sign in with OpenID", "Content looks right");

$mech->submit_form_ok({ form_name => "openid",
                        fields => { openid_identifier => $claimed_uri,
                                },
                    },
                      "Trying OpenID login, 'openid' realm");

$mech->content_contains("can't be verified",
                        "Proper failure for unauthenticated memember.");

shut_down();

exit 0;

# Tests end ----------------------------------------------

sub shut_down {
    kill INT => $provider_pid, $consumer_pid;
    close $provider;
    close $consumer;
}

sub check_port {
    my ( $host, $port ) = @_;

    my $remote = IO::Socket::INET->new(
        Proto    => "tcp",
        PeerAddr => $host,
        PeerPort => $port
    );
    if ($remote) {
        close $remote;
        return 1;
    }
    else {
        return 0;
    }
}

__END__
Commit	Line	Data
5f33d3e0	1	#!/usr/bin/env perl
	2	use strict;
	3	use warnings;
	4
	5	use FindBin;
	6	use IO::Socket;
	7	use Test::More;
	8	use Test::WWW::Mechanize;
	9
	10	plan skip_all => 'set TEST_HTTP to enable this test' unless $ENV{TEST_HTTP};
	11	eval "use Catalyst::Devel 1.0";
	12	plan skip_all => 'Catalyst::Devel required' if $@;
	13
	14	plan "no_plan";
	15	# plan tests => 17;
	16
	17	# One port for consumer app, one for provider.
	18	my $consumer_port = 10000 + int rand(1 + 10000);
	19	my $provider_port = $consumer_port;
	20	$provider_port = 10000 + int rand(1 + 10000) until $consumer_port != $provider_port;
	21
41427aaf	22	my $provider_pipe = "perl -I$FindBin::Bin/../lib -I$FindBin::Bin/Provider/lib $FindBin::Bin/Provider/script/testapp_server.pl -p $consumer_port \|";
5f33d3e0	23
41427aaf	24	my $consumer_pipe = "perl -I$FindBin::Bin/../lib -I$FindBin::Bin/Consumer/lib $FindBin::Bin/Consumer/script/testapp_server.pl -p $provider_port \|";
5f33d3e0	25
	26	my $provider_pid = open my $provider, $provider_pipe
	27	or die "Unable to spawn standalone HTTP server for Provider: $!";
	28
	29	diag("Started Provider with pid $provider_pid");
	30
	31	my $consumer_pid = open my $consumer, $consumer_pipe
	32	or die "Unable to spawn standalone HTTP server for Consumer: $!";
	33
	34	diag("Started Consumer with pid $consumer_pid");
	35
	36	# How long to wait for test server to start and timeout for UA.
	37	my $seconds = 15;
	38
5f33d3e0	39	diag("Waiting (up to $seconds seconds) for application servers to start...");
	40
	41	eval {
	42	local $SIG{ALRM} = sub { die "Servers took too long to start\n" }; # NB: \n required
	43	alarm($seconds);
	44	sleep 1 while check_port( 'localhost', $provider_port ) != 1;
	45	sleep 1 while check_port( 'localhost', $consumer_port ) != 1;
	46	alarm(0)
	47	};
	48
	49	if ( $@ )
	50	{
	51	shut_down();
	52	die "Could not run test: $@";
	53	}
	54
41427aaf	55	my $openid_consumer = $ENV{CATALYST_SERVER} = "http://localhost:$consumer_port";
5f33d3e0	56	my $openid_server = "http://localhost:$provider_port";
	57
	58	# Tests start --------------------------------------------
	59	diag("Started...") if $ENV{TEST_VERBOSE};
	60
	61	my $mech = Test::WWW::Mechanize->new(timeout => $seconds);
	62
41427aaf	63	$mech->get_ok($openid_consumer, "GET $openid_consumer");
	64
	65	$mech->content_contains("You are not signed in.", "Content looks right");
	66
	67	$mech->get_ok("$openid_consumer/signin_openid", "GET $openid_consumer/signin_openid");
	68
	69	{
	70	my $claimed_uri = "$openid_server/provider/paco";
	71
	72	$mech->submit_form_ok({ form_name => "openid",
	73	fields => { openid_identifier => $claimed_uri,
	74	},
	75	},
	76	"Trying OpenID login, 'openid' realm");
	77
	78	$mech->content_contains("You're not signed in so you can't be verified",
	79	"Can't use OpenID, not signed in at provider");
	80	}
	81
	82	# Bad claimed URI.
	83	{
	84	my $claimed_uri = "gopher://localhost:443/what?";
	85	$mech->back();
	86	$mech->submit_form( form_name => "openid",
	87	fields => { openid_identifier => $claimed_uri,
	88	},
	89	);
	90
	91	diag("Trying OpenID with ridiculous URI")
	92	if $ENV{TEST_VERBOSE};
	93
	94	# no_identity_server: The provided URL doesn't declare its OpenID identity server.
	95
	96	is( $mech->status, 500,
	97	"Can't use OpenID: bogus_url" );
	98	}
	99
	100	# Bad claimed URI.
	101	{
	102	my $claimed_uri = "localhost/some/path";
	103	$mech->back();
	104	$mech->submit_form( form_name => "openid",
	105	fields => { openid_identifier => $claimed_uri,
	106	},
	107	);
	108
	109	diag("Trying OpenID with phony URI")
	110	if $ENV{TEST_VERBOSE};
	111
	112	# no_identity_server: The provided URL doesn't declare its OpenID identity server.
	113	is( $mech->status, 500,
	114	"Can't use OpenID: no_identity_server");
	115	}
	116
	117
5f33d3e0	118
41427aaf	119	#
41427aaf	120	$mech->get_ok("$openid_server/login", "GET $openid_consumer/login");
5f33d3e0	121
	122	# diag($mech->content);
	123
	124	$mech->submit_form_ok({ form_name => "login",
	125	fields => { username => "paco",
	126	password => "l4s4v3n7ur45",
	127	},
	128	},
	129	"Trying cleartext login, 'memebers' realm");
	130
	131	$mech->content_contains("signed in", "Signed in successfully");
	132
41427aaf	133	$mech->get_ok("$openid_consumer/signin_openid", "GET $openid_consumer/signin_openid");
5f33d3e0	134
	135	$mech->content_contains("Sign in with OpenID", "Content looks right");
	136
	137	my $claimed_uri = "$openid_server/provider/paco";
	138
	139	$mech->submit_form_ok({ form_name => "openid",
	140	fields => { openid_identifier => $claimed_uri,
	141	},
	142	},
	143	"Trying OpenID login, 'openid' realm");
	144
	145	$mech->content_contains("You did it with OpenID!",
	146	"Successfully signed in with OpenID");
	147
41427aaf	148	$mech->get_ok($openid_consumer, "GET $openid_consumer");
5f33d3e0	149
	150	$mech->content_contains("provider/paco", "OpenID info is in the user");
	151
	152	# can't be verified
	153
41427aaf	154	$mech->get_ok("$openid_consumer/logout", "GET $openid_consumer/logout");
5f33d3e0	155
41427aaf	156	$mech->get_ok("$openid_consumer/signin_openid", "GET $openid_consumer/signin_openid");
5f33d3e0	157
	158	$mech->content_contains("Sign in with OpenID", "Content looks right");
	159
	160	$mech->submit_form_ok({ form_name => "openid",
	161	fields => { openid_identifier => $claimed_uri,
	162	},
	163	},
	164	"Trying OpenID login, 'openid' realm");
	165
	166	$mech->content_contains("can't be verified",
	167	"Proper failure for unauthenticated memember.");
	168
	169	shut_down();
	170
	171	exit 0;
	172
	173	# Tests end ----------------------------------------------
	174
	175	sub shut_down {
	176	kill INT => $provider_pid, $consumer_pid;
	177	close $provider;
	178	close $consumer;
	179	}
	180
	181	sub check_port {
	182	my ( $host, $port ) = @_;
	183
	184	my $remote = IO::Socket::INET->new(
	185	Proto => "tcp",
	186	PeerAddr => $host,
	187	PeerPort => $port
	188	);
	189	if ($remote) {
	190	close $remote;
	191	return 1;
	192	}
	193	else {
	194	return 0;
	195	}
	196	}
	197
	198	__END__
	199