diff options
author | Dylan William Hardison <dylan@hardison.net> | 2018-04-04 16:58:06 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-04-04 16:58:06 +0200 |
commit | 3d6e2fb15c254d2d8fe75dc0307a4b0fd3e62865 (patch) | |
tree | 2f3e992600840a3c9245c315a0f92b419677a198 | |
parent | 85a2490e1e696c8d62562f8752fc486c02578ec3 (diff) | |
download | bugzilla-3d6e2fb15c254d2d8fe75dc0307a4b0fd3e62865.tar.gz bugzilla-3d6e2fb15c254d2d8fe75dc0307a4b0fd3e62865.tar.xz |
Bug 1447028 - Add auth delegation test script
-rw-r--r-- | README.rst | 16 | ||||
-rwxr-xr-x | scripts/auth-test-app | 72 | ||||
-rw-r--r-- | vagrant_support/apache.j2 | 1 |
3 files changed, 89 insertions, 0 deletions
diff --git a/README.rst b/README.rst index 64fae335b..adeb1a18e 100644 --- a/README.rst +++ b/README.rst @@ -80,6 +80,22 @@ or db is changed, do a full provision: vagrant rsync && vagrant provision +Testing Auth delegation +----------------------- + +For testing auth-delegation there is included an `scripts/auth-test-app` +script that runs a webserver and implements the auth delegation protocol. + +Provided you have `Mojolicious`_ installed: + +.. code-block:: bash + perl auth-test-app daemon + +Then just browse to `localhost:3000`_ to test creating API keys. + +.. _`Mojolicious`: https://metacpan.org/pod/Mojolicious +.. _`localhost:3000`: http://localhost:3000 + Technical Details ----------------- diff --git a/scripts/auth-test-app b/scripts/auth-test-app new file mode 100755 index 000000000..3df56796c --- /dev/null +++ b/scripts/auth-test-app @@ -0,0 +1,72 @@ +#!/usr/bin/perl +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +# +# This Source Code Form is "Incompatible With Secondary Licenses", as +# defined by the Mozilla Public License, v. 2.0. + +use 5.10.1; +use strict; +use warnings; +use Mojolicious::Lite; +use Digest::SHA qw(sha256_hex); + +my $BUGZILLA_URL = $ENV{AUTH_TEST_BUGZILLA_URL} // 'http://bmo-web.vm/auth.cgi'; +my $APP_DESC = $ENV{AUTH_TEST_APP_DESC} // 'AuthTest'; +my %SECRETS; + +get '/' => sub { + my $c = shift; + my $callback_url = $c->url_for->to_abs->path('/callback'); + my $app_id = sha256_hex($callback_url, $APP_DESC); + $c->render( + template => 'index', + app_id => $app_id, + callback_url => $callback_url, + bugzilla_url => $BUGZILLA_URL, + app_desc => $APP_DESC, + ); +}; + +post '/callback' => sub { + my $c = shift; + %SECRETS = %{ $c->req->json }; + $c->render( json => { result => 'SECRETS' } ); +}; + +get '/callback' => sub { + my $c = shift; + my $store_key = $c->param('callback_result'); + $c->render( template => 'callback', %SECRETS ); +}; + +app->start; +__DATA__ + +@@ index.html.ep +% layout 'default'; +% title 'Configure'; + +<p>Test auth delegation. <code>$app_id = <%= $app_id %></code></p> + +<form method="get" action="<%= $bugzilla_url %>"> + <input type="hidden" name="callback" value="<%= $callback_url %>"> + <input type="hidden" name="description" value="<%= $app_desc %>"> + <input type="submit" value="Login"> + </div> +</form> + +@@ callback.html.ep +% layout 'default'; +% title 'Login Result'; + +<div><b>Login</b> <%= $client_api_login %> </div> +<div><b>API Key</b> <%= $client_api_key %></div> + +@@ layouts/default.html.ep +<!DOCTYPE html> +<html> + <head><title><%= title %></title></head> + <body><%= content %></body> +</html> diff --git a/vagrant_support/apache.j2 b/vagrant_support/apache.j2 index 722ebad92..773672fa1 100644 --- a/vagrant_support/apache.j2 +++ b/vagrant_support/apache.j2 @@ -1,5 +1,6 @@ PerlSwitches -wT PerlSetEnv USE_NYTPROF 0 +PerlSetEnv BUGZILLA_UNSAFE_AUTH_DELEGATION 1 PerlConfigRequire /vagrant/mod_perl.pl <IfModule mpm_prefork_module> |