update test suite for apache 2.4

3b84a2f6 · ale · eda0d422 · 3b84a2f6 · 3b84a2f6 · 3b84a2f6
Commit 3b84a2f6 authored Jun 26, 2016 by ale
--- a/src/mod_sso/test/.gitignore
+++ b/src/mod_sso/test/.gitignore
 public.key
 *_unittest
+*.log
+*.trs
--- a/src/mod_sso/test/httpd_integration_test.py
+++ b/src/mod_sso/test/httpd_integration_test.py
@@ -17,6 +17,9 @@ for exe in (APACHE_BIN, APXS_BIN):
    if not os.path.exists(exe):
        raise Exception('%s not found, this test cannot run' % exe)

+# Use 2.4 ocnfiguration.
+APACHE_CONFIG = 'test-httpd-2.4.conf'
+
 devnull = open(os.devnull)


@@ -27,10 +30,12 @@ def _start_httpd(public_key):
    env['TESTROOT'] = os.getcwd()
    env['MODULEDIR'] = subprocess.check_output(
        [APXS_BIN, '-q', 'LIBEXECDIR'], stderr=devnull).strip()
-    cmd = [APACHE_BIN, "-f", os.path.join(os.getcwd(), "test-httpd.conf"), "-X"]
+    cmd = [APACHE_BIN, "-f", os.path.join(os.getcwd(), APACHE_CONFIG), "-X"]

    if os.getenv('STRACE'):
        cmd = ['strace', '-s', '256', '-f'] + cmd
+    if os.getenv('VALGRIND'):
+        cmd = ['valgrind'] + cmd

    httpd = subprocess.Popen(cmd, env=env)
    print 'httpd pid:', httpd.pid
@@ -136,12 +141,16 @@ class HttpdIntegrationTest(unittest.TestCase):
        def mkcookie(tkt):
            return "SSO_test=%s" % tkt

+        # For Apache 2.2, set this to the empty string (we do not use the
+        # SSOGroup directive, so only the requested groups are generated).
+        extra_groups = "&g=group1,group2,group3"
+
        # Tests have a name so that we can recognize failures.
        checks = [
            ("index -> redirect",
             {"url": "/index.html", 
              "status": 302, 
-              "location": "https://login.example.com/?s=service.example.com%2F&d=https%3A%2F%2Fservice.example.com%2Findex.html"}),
+              "location": "https://login.example.com/?s=service.example.com%2F&d=https%3A%2F%2Fservice.example.com%2Findex.html" + extra_groups}),
            ("index with cookie -> ok",
             {"url": "/index.html",
              "cookie": mkcookie(self._ticket()),
@@ -151,12 +160,12 @@ class HttpdIntegrationTest(unittest.TestCase):
             {"url": "/index.html",
              "cookie": mkcookie('blahblah' * 8),
              "status": 302,
-              "location": "https://login.example.com/?s=service.example.com%2F&d=https%3A%2F%2Fservice.example.com%2Findex.html"}),
+              "location": "https://login.example.com/?s=service.example.com%2F&d=https%3A%2F%2Fservice.example.com%2Findex.html" + extra_groups}),

            ("protected-user -> redirect",
             {"url": "/protected-user/index.html", 
              "status": 302, 
-              "location": "https://login.example.com/?s=service.example.com%2F&d=https%3A%2F%2Fservice.example.com%2Fprotected-user%2Findex.html"}),
+              "location": "https://login.example.com/?s=service.example.com%2F&d=https%3A%2F%2Fservice.example.com%2Fprotected-user%2Findex.html" + extra_groups}),
            ("protected-user with cookie -> ok",
             {"url": "/protected-user/index.html",
              "cookie": mkcookie(self._ticket()),
@@ -170,7 +179,7 @@ class HttpdIntegrationTest(unittest.TestCase):
            ("protected-group -> redirect",
             {"url": "/protected-group/index.html", 
              "status": 302, 
-              "location": "https://login.example.com/?s=service.example.com%2F&d=https%3A%2F%2Fservice.example.com%2Fprotected-group%2Findex.html&g=group1"}),
+              "location": "https://login.example.com/?s=service.example.com%2F&d=https%3A%2F%2Fservice.example.com%2Fprotected-group%2Findex.html" + (extra_groups if extra_groups else "&g=group1")}),
            ("protected-group with cookie -> ok",
             {"url": "/protected-group/index.html",
              "cookie": mkcookie(self._ticket()),
@@ -180,18 +189,18 @@ class HttpdIntegrationTest(unittest.TestCase):
             {"url": "/protected-group/index.html",
              "cookie": mkcookie(self._ticket(group="group2")),
              "status": 302,
-              "location": "https://login.example.com/?s=service.example.com%2F&d=https%3A%2F%2Fservice.example.com%2Fprotected-group%2Findex.html&g=group1"}),
+              "location": "https://login.example.com/?s=service.example.com%2F&d=https%3A%2F%2Fservice.example.com%2Fprotected-group%2Findex.html" + (extra_groups if extra_groups else "&g=group1")}),

            ("other-service -> redirect",
             {"url": "/other-service/index.html",
              "status": 302,
              "http_host": "testhost.example.com",
-              "location": "https://login.example.com/?s=testhost.example.com%2Fother-service%2F&d=https%3A%2F%2Ftesthost.example.com%2Fother-service%2Findex.html"}),
+              "location": "https://login.example.com/?s=testhost.example.com%2Fother-service%2F&d=https%3A%2F%2Ftesthost.example.com%2Fother-service%2Findex.html" + extra_groups}),

            ("protected-htaccess -> redirect",
             {"url": "/protected-htaccess/index.html",
              "status": 302,
-              "location": "https://login.example.com/?s=service.example.com%2Fprotected-htaccess%2F&d=https%3A%2F%2Fservice.example.com%2Fprotected-htaccess%2Findex.html"}),
+              "location": "https://login.example.com/?s=service.example.com%2Fprotected-htaccess%2F&d=https%3A%2F%2Fservice.example.com%2Fprotected-htaccess%2Findex.html" + extra_groups}),
            ("protected-htaccess with cookie -> ok",
             {"url": "/protected-htaccess/index.html",
              "cookie": mkcookie(self._ticket(service="service.example.com/protected-htaccess/")),
@@ -204,6 +213,7 @@ class HttpdIntegrationTest(unittest.TestCase):
            ]
        for name, check in checks:
            for i in xrange(10):
+                print 'CHECKING', check
                status, body, location = _query(check["url"],
                                                host=check.get("http_host"),
                                                cookie=check.get("cookie"))

--- a/src/mod_sso/test/test-httpd.conf
+++ b/src/mod_sso/test/test-httpd.conf
--- a/src/mod_sso/test/test-httpd-2.4.conf
+++ b/src/mod_sso/test/test-httpd-2.4.conf
+LoadModule mpm_worker_module /usr/lib/apache2/modules/mod_mpm_worker.so
+
+LoadModule auth_basic_module ${MODULEDIR}/mod_auth_basic.so
+LoadModule authn_core_module ${MODULEDIR}/mod_authn_core.so
+LoadModule authz_core_module ${MODULEDIR}/mod_authz_core.so
+LoadModule authz_user_module ${MODULEDIR}/mod_authz_user.so
+
+LoadModule sso_module ${TESTROOT}/../.libs/mod_sso.so
+LoadModule cgi_module /usr/lib/apache2/modules/mod_cgi.so
+
+Listen 127.0.0.1:33000
+ServerName test
+PidFile ${TESTROOT}/test-httpd.pid
+ErrorLog /dev/fd/2
+LogLevel debug
+
+SSOLoginServer login.example.com
+SSODomain example.com
+SSOPublicKeyFile ${TESTROOT}/public.key
+SSOGroups group1,group2,group3
+
+DocumentRoot ${TESTROOT}/htdocs
+<Directory "${TESTROOT}/htdocs">
+	AuthType SSO
+	AuthName test
+	SSOService service.example.com/
+	require valid-user
+</Directory>
+
+<Location "/other-service">
+	SSOService /other-service/
+</Location>
+
+<Directory "${TESTROOT}/htdocs/protected-group">
+	require group group1
+</Directory>
+
+<Directory "${TESTROOT}/htdocs/protected-user">
+	require user testuser
+</Directory>
+
+<Directory "${TESTROOT}/htdocs/cgi">
+	Options ExecCGI
+	SetHandler cgi-script
+</Directory>
+