t/07google.t

   1 use warnings;
   2 use strict;
   3
   4 use FindBin;
   5 use lib ("$FindBin::Bin/lib");
   6
   7 use stemmaweb::Test::Common;
   8
   9 use stemmaweb;
  10 use LWP::Protocol::PSGI;
  11 use Test::WWW::Mechanize;
  12
  13 use Test::More;
  14 use HTML::TreeBuilder;
  15 use Data::Dumper;
  16 use IO::All;
  17
  18 use stemmaweb::Test::DB;
  19
  20 my $dir = stemmaweb::Test::DB->new_db;
  21
  22 # NOTE: this test uses Text::Tradition::Directory
  23 # to check user accounts really have been created.
  24 # It'll need to be changed once that is replaced...
  25
  26 LWP::Protocol::PSGI->register(stemmaweb->psgi_app);
  27
  28 my $ua = Test::WWW::Mechanize->new;
  29
  30 io("$FindBin::Bin/var")->rmtree if io("$FindBin::Bin/var")->exists;
  31
  32 {
  33     diag("Create OpenID based Google account");
  34     my $scope = $dir->new_scope;
  35
  36     $ua->get_ok('http://localhost/login');
  37
  38     local *Catalyst::Authentication::Credential::OpenID::authenticate = sub {
  39         my ( $self, $c, $realm, $authinfo ) = @_;
  40
  41         return $realm->find_user({
  42             url => 'https://www.google.com/accounts/o8/id?id=XYZ',
  43             email => 'test@example.com',
  44                                  }, $c);
  45     };
  46
  47     ok !$dir->find_user({ url => 'https://www.google.com/accounts/o8/id?id=XYZ' }), 'No such user, yet.';
  48
  49     $ua->submit_form(
  50         form_number => 2,
  51         fields => {
  52             openid_identifier => 'https://www.google.com/accounts/o8/id?id=XYZ',
  53         },
  54     );
  55
  56     $ua->content_contains('You have logged in.', 'Openid login works');
  57
  58     $ua->get('/');
  59
  60     $ua->content_contains('Hello! test@example.com!', 'We are logged in.');
  61
  62     diag("Verify new OpenID Google account exists");
  63     ok $dir->find_user({ url => 'https://www.google.com/accounts/o8/id?id=XYZ',
  64                          email => 'test@example.com',
  65                        }), 'The user is now there.';
  66     $ua->get('/logout');
  67
  68     # Converting to Google ID.
  69
  70     diag("Login/Convert to new Google+ account");
  71     local *stemmaweb::Authentication::Credential::Google::authenticate = sub {
  72         my ( $self, $c, $realm, $authinfo ) = @_;
  73
  74         return $realm->find_user({
  75                 openid_id => 'https://www.google.com/accounts/o8/id?id=XYZ',
  76                 sub        => 42,
  77                 email => $authinfo->{email},
  78             }, $c);
  79     };
  80     $ua->get_ok('http://localhost/login');
  81
  82     $ua->submit_form(
  83         form_number => 1,
  84         fields => {
  85             id_token => 'something',
  86             email    => 'test@example.com',
  87         },
  88     );
  89
  90     $ua->content_contains('You have logged in.', 'G+ login works');
  91
  92     $ua->get('/');
  93
  94     $ua->content_contains('Hello! test@example.com!', 'We are logged in.');
  95
  96     $ua->get_ok('/logout', 'Logged out');
  97 }
  98
  99 {
 100     diag("Create OpenID based Google account for email match");
 101     my $scope = $dir->new_scope;
 102
 103     $ua->get_ok('http://localhost/login');
 104
 105     local *Catalyst::Authentication::Credential::OpenID::authenticate = sub {
 106         my ( $self, $c, $realm, $authinfo ) = @_;
 107
 108         return $realm->find_user({
 109             url => 'https://www.google.com/accounts/o8/id?id=42XYZ',
 110             email => 'test42@example.com',
 111                                  }, $c);
 112     };
 113
 114     ok !$dir->find_user({ url => 'https://www.google.com/accounts/o8/id?id=42XYZ' }), 'No such user, yet.';
 115
 116     $ua->submit_form(
 117         form_number => 2,
 118         fields => {
 119             openid_identifier => 'https://www.google.com/accounts/o8/id?id=42XYZ',
 120         },
 121     );
 122
 123     $ua->content_contains('You have logged in.', 'Openid login works');
 124
 125     $ua->get('/');
 126
 127     $ua->content_contains('Hello! test42@example.com!', 'We are logged in.');
 128
 129     diag("Verify new OpenID Google account for email match exists");
 130     ok $dir->find_user({ url => 'https://www.google.com/accounts/o8/id?id=42XYZ',
 131                          email => 'test42@example.com',
 132                        }), 'The user is now there.';
 133     $ua->get('/logout');
 134
 135     # Converting to Google ID.
 136
 137     diag("Login/Convert to new Google+ account matching only on email");
 138     local *stemmaweb::Authentication::Credential::Google::authenticate = sub {
 139         my ( $self, $c, $realm, $authinfo ) = @_;
 140
 141         return $realm->find_user({
 142                 openid_id => 'https://www.google.com/accounts/o8/id?id=45XYZ',
 143                 sub        => 45,
 144                 email => $authinfo->{email},
 145             }, $c);
 146     };
 147     $ua->get_ok('http://localhost/login');
 148
 149     $ua->submit_form(
 150         form_number => 1,
 151         fields => {
 152             id_token => 'something',
 153             email    => 'test42@example.com',
 154         },
 155     );
 156
 157     $ua->content_contains('You have logged in.', 'G+ login works');
 158
 159     $ua->get('/');
 160
 161     $ua->content_contains('Hello! test42@example.com!', 'We are logged in.');
 162
 163     $ua->get('/logout');
 164 }
 165
 166 {
 167     diag("Test converting OpenID based Google account with traditions");
 168     my $scope = $dir->new_scope;
 169
 170     my $openid_u = $dir->find_user({ url => 'https://www.google.com/accounts/o8/id?id=AItOawlFTlpuHGcI67tqahtw7xOod9VNWffB-Qg',
 171                          email => 'openid@example.org',
 172                        });
 173     ok($openid_u, 'The user is there.');
 174
 175     diag("Login/Convert to new Google+ account");
 176     local *stemmaweb::Authentication::Credential::Google::authenticate = sub {
 177         my ( $self, $c, $realm, $authinfo ) = @_;
 178
 179         return $realm->find_user({
 180                 openid_id => 'https://www.google.com/accounts/o8/id?id=AItOawlFTlpuHGcI67tqahtw7xOod9VNWffB-Qg',
 181                 sub        => 450,
 182                 email => $authinfo->{email},
 183             }, $c);
 184     };
 185     $ua->get_ok('http://localhost/login');
 186
 187     $ua->submit_form(
 188         form_number => 1,
 189         fields => {
 190             id_token => 'something',
 191             email    => 'openid@example.org',
 192         },
 193     );
 194
 195     $ua->content_contains('You have logged in.', 'G+ login works');
 196     $ua->get('/');
 197     $ua->content_contains('Hello! openid@example.org!', 'We are logged in.');
 198
 199     my $gplus_u = $dir->find_user({
 200         openid_id => 'https://www.google.com/accounts/o8/id?id=AItOawlFTlpuHGcI67tqahtw7xOod9VNWffB-Qg',
 201         sub        => 450,
 202         email => 'openid@example.org'
 203     });
 204
 205     foreach my $trad_id (0..$#{ $openid_u->traditions }) {
 206         is($gplus_u->traditions->[$trad_id]->name, $openid_u->traditions->[$trad_id]->name, 'Traditions were copied over to G+ user');
 207     }
 208
 209     $ua->get('/logout');
 210 }
 211
 212 {
 213     diag("Verify we can login the new Google+ account again");
 214     my $scope = $dir->new_scope;
 215 #    ok !$dir->find_user({ url => 'https://www.google.com/accounts/o8/id?id=XYZ' }), 'Old google-openid is gone.';
 216
 217     ok $dir->find_user({
 218         sub => 42,
 219         openid_id => 'https://www.google.com/accounts/o8/id?id=XYZ',
 220         email    => 'test@example.com',
 221     }), 'The G+ user is there.';
 222
 223     $ua->get('/logout');
 224
 225     $ua->get_ok('http://localhost/login');
 226
 227     local *stemmaweb::Authentication::Credential::Google::authenticate = sub {
 228         my ( $self, $c, $realm, $authinfo ) = @_;
 229
 230         return $realm->find_user({
 231                 openid_id => 'https://www.google.com/accounts/o8/id?id=XYZ',
 232                 sub        => 42,
 233                 email      => $authinfo->{email},
 234             }, $c);
 235     };
 236
 237     $ua->submit_form(
 238         form_number => 1,
 239         fields => {
 240             id_token => 'something',
 241             email   => 'test@example.com',
 242         },
 243     );
 244
 245     $ua->content_contains('You have logged in.', 'We can now log in to our created user');
 246
 247     $ua->get('/');
 248
 249     $ua->content_contains('Hello! test@example.com!', 'We are logged in.');
 250 }
 251
 252 # Brand new user just from open id.
 253
 254 {
 255     diag("Create a fresh Google+ user");
 256     my $scope = $dir->new_scope;
 257
 258     ok !$dir->find_user({ sub => 2, openid_id => 'https://www.google.com/accounts/o8/id2?id=XYZ', email => 'test2@exmple.com' }), 'The G+ user is not yet there.';
 259
 260     $ua->get('/logout');
 261
 262     $ua->get_ok('http://localhost/login');
 263
 264     local *stemmaweb::Authentication::Credential::Google::authenticate = sub {
 265         my ( $self, $c, $realm, $authinfo ) = @_;
 266
 267         return $realm->find_user({
 268                 openid_id => 'https://www.google.com/accounts/o8/id2?id=XYZ',
 269                 sub        => 2,
 270                 email      => $authinfo->{email},
 271             }, $c);
 272     };
 273
 274     $ua->submit_form(
 275         form_number => 1,
 276         fields => {
 277             id_token => 'something',
 278             email    => 'test2@example.com',
 279         },
 280     );
 281
 282     $ua->content_contains('You have logged in.', 'We can now log in to our created user');
 283
 284     $ua->get('/');
 285
 286     $ua->content_contains('Hello! test2@example.com!', 'We are logged in.');
 287
 288     ok $dir->find_user({ sub => 2, openid_id => 'https://www.google.com/accounts/o8/id2?id=XYZ', email => 'test2@example.com' }), 'The G+ user is there.';
 289
 290     $ua->get('/logout');
 291
 292     $ua->get_ok('http://localhost/login');
 293
 294     $ua->submit_form(
 295         form_number => 1,
 296         fields => {
 297             id_token => 'something',
 298             email    => 'test2@example.com',
 299         },
 300     );
 301
 302     $ua->content_contains('You have logged in.', 'We can login again');
 303
 304     $ua->get('/');
 305
 306     $ua->content_contains('Hello! test2@example.com!', 'We are logged in.');
 307 }
 308
 309 # Decoding token
 310
 311 {
 312     my $scope = $dir->new_scope;
 313
 314     ok !$dir->find_user({ sub => 4242, openid_id => 'https://www.google.com/accounts/o8/id3', email => 'email@example.org' }), 'The G+ user is not yet there.';
 315
 316     $ua->get('/logout');
 317
 318     $ua->get_ok('http://localhost/login');
 319
 320     $ua->submit_form(
 321         form_number => 1,
 322         fields => {
 323             id_token => 'eyJraWQiOiJhIiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiI0MjQyIiwib3BlbmlkX2lkIjoiaHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS9hY2NvdW50cy9vOC9pZDMifQ.moNERe3UHCY4xGMPxdCqmbg2JKW5feVnYlA8jeB4CdE4c_KL3YHvICQeql-S486HT-AlWBeDJWMr6wWH1kkwz11a2D1oyJ8qCWBssHIkhfv8dm3dphmRbtzYssAOFdGsmnPH1oXolCnl-Qu9WgHkhYYnRJWHr3CkeNA6Yh1xOV3nkaa8REtJckuzh3jyKQgx_rjIFsWBPDmT1rqa_Q0XOGVK34N5tADwpcWmkb3fFnbddzd9L6MnybbFzF_S238Bpr5vNa9doXRBwvJ85AdSn1AWX8R6qVpDbbaiGL2RCahuZYF9XECYm6anee-KTKvxh02KXkG2zniKVvweaMlcbQ',
 324             email    => 'email@example.org',
 325         },
 326     );
 327
 328     $ua->content_contains('You have logged in.', 'We can now log in to our created user - the token was decoded');
 329
 330     $ua->get('/');
 331
 332     $ua->content_contains('Hello! email@example.org!', 'We are logged in.');
 333
 334     ok $dir->find_user({ sub => 4242, openid_id => 'https://www.google.com/accounts/o8/id3', email => 'email@example.org' }), 'The G+ user is there.';
 335
 336     $ua->get('/logout');
 337
 338     $ua->get_ok('http://localhost/login');
 339
 340     $ua->submit_form(
 341         form_number => 1,
 342         fields => {
 343             id_token => 'eyJraWQiOiJhIiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiI0MjQyIiwib3BlbmlkX2lkIjoiaHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS9hY2NvdW50cy9vOC9pZDMifQ.moNERe3UHCY4xGMPxdCqmbg2JKW5feVnYlA8jeB4CdE4c_KL3YHvICQeql-S486HT-AlWBeDJWMr6wWH1kkwz11a2D1oyJ8qCWBssHIkhfv8dm3dphmRbtzYssAOFdGsmnPH1oXolCnl-Qu9WgHkhYYnRJWHr3CkeNA6Yh1xOV3nkaa8REtJckuzh3jyKQgx_rjIFsWBPDmT1rqa_Q0XOGVK34N5tADwpcWmkb3fFnbddzd9L6MnybbFzF_S238Bpr5vNa9doXRBwvJ85AdSn1AWX8R6qVpDbbaiGL2RCahuZYF9XECYm6anee-KTKvxh02KXkG2zniKVvweaMlcbQ',
 344             email   => 'email@example.org',
 345         },
 346     );
 347
 348     $ua->content_contains('You have logged in.', 'We can login again');
 349
 350     $ua->get('/');
 351
 352     $ua->content_contains('Hello! email@example.org!', 'We are logged in.');
 353 }
 354
 355 io("$FindBin::Bin/var")->rmtree if io("$FindBin::Bin/var")->exists;
 356
 357 done_testing;