openmeetings-web/src/test/java/org/apache/openmeetings/ldap/TestLdap.java - openmeetings - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License") +  you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *   http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */
 package org.apache.openmeetings.ldap;

 import static org.apache.directory.server.constants.ServerDNConstants.ADMIN_SYSTEM_DN;
 import static org.apache.directory.server.core.api.partition.PartitionNexus.ADMIN_PASSWORD_BYTES;
 import static org.apache.openmeetings.core.ldap.LdapLoginManager.CONFIGKEY_LDAP_KEY_PICTURE;
 import static org.apache.openmeetings.core.ldap.LdapOptions.CONFIGKEY_LDAP_ADMIN_DN;
 import static org.apache.openmeetings.core.ldap.LdapOptions.CONFIGKEY_LDAP_ADMIN_PASSWD;
 import static org.apache.openmeetings.core.ldap.LdapOptions.CONFIGKEY_LDAP_AUTH_TYPE;
 import static org.apache.openmeetings.core.ldap.LdapOptions.CONFIGKEY_LDAP_HOST;
 import static org.apache.openmeetings.core.ldap.LdapOptions.CONFIGKEY_LDAP_PICTURE_URI;
 import static org.apache.openmeetings.core.ldap.LdapOptions.CONFIGKEY_LDAP_PORT;
 import static org.apache.openmeetings.core.ldap.LdapOptions.CONFIGKEY_LDAP_SEARCH_BASE;
 import static org.apache.openmeetings.core.ldap.LdapOptions.CONFIGKEY_LDAP_SEARCH_SCOPE;
 import static org.apache.openmeetings.util.OmFileHelper.getLdapConf;
 import static org.apache.openmeetings.util.OmFileHelper.loadLdapConf;
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertNotNull;
 import static org.junit.jupiter.api.Assertions.assertThrows;
 import static org.junit.jupiter.api.Assertions.assertTrue;

 import java.io.FileNotFoundException;
 import java.io.FileOutputStream;
 import java.io.IOException;
 import java.io.OutputStream;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.Properties;
 import java.util.UUID;

 import org.apache.directory.api.ldap.model.message.SearchScope;
 import org.apache.directory.server.annotations.CreateLdapServer;
 import org.apache.directory.server.annotations.CreateTransport;
 import org.apache.directory.server.core.annotations.ApplyLdifFiles;
 import org.apache.directory.server.core.annotations.CreateDS;
 import org.apache.directory.server.core.annotations.CreatePartition;
 import org.apache.directory.server.protocol.shared.transport.Transport;
 import org.apache.openmeetings.AbstractWicketTesterTest;
 import org.apache.openmeetings.core.ldap.LdapLoginManager;
 import org.apache.openmeetings.db.dao.server.LdapConfigDao;
 import org.apache.openmeetings.db.entity.server.LdapConfig;
 import org.apache.openmeetings.db.entity.user.User;
 import org.apache.openmeetings.util.OmException;
 import org.apache.openmeetings.web.app.WebSession;
 import org.junit.jupiter.api.BeforeAll;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.RegisterExtension;
 import org.springframework.beans.factory.annotation.Autowired;

 @CreateDS(name = "omDS",
 	partitions = {
 		@CreatePartition(name = "test", suffix = "dc=test,dc=openmeetings,dc=apache,dc=org")
 	})
 @CreateLdapServer(transports = { @CreateTransport(protocol = "LDAP", address = "localhost")})
 @ApplyLdifFiles({"schema/users.ldif"})
 class TestLdap extends AbstractWicketTesterTest {
 	private static final String CFG_SEARCH_BIND = UUID.randomUUID().toString();
 	private static final String BAD_PASSWORD = "bad password";
 	private static final String USER1 = "ldaptest1";
 	private static final String USER2 = "ldaptest2";
 	private static final String USER3 = "ldaptest3";
 	private static final Map<String, LdapConfig> CFG_MAP = new HashMap<>();
 	private static final Properties PROPS = new Properties();
 	@Autowired
 	private LdapConfigDao ldapDao;

 	@RegisterExtension
 	public static CreateLdapServerExtension serverExtension = new CreateLdapServerExtension();

 	@BeforeAll
 	public static void prepare() {
 		loadLdapConf("om_ldap.cfg", PROPS);
 		Transport t = serverExtension.getLdapServer().getTransports()[0];
 		PROPS.put(CONFIGKEY_LDAP_HOST, t.getAddress());
 		PROPS.put(CONFIGKEY_LDAP_PORT, String.valueOf(t.getPort()));
 		PROPS.put(CONFIGKEY_LDAP_ADMIN_DN, ADMIN_SYSTEM_DN);
 		PROPS.put(CONFIGKEY_LDAP_ADMIN_PASSWD, new String(ADMIN_PASSWORD_BYTES));
 		PROPS.put(CONFIGKEY_LDAP_SEARCH_BASE, "dc=test,dc=openmeetings,dc=apache,dc=org");
 		PROPS.put(CONFIGKEY_LDAP_SEARCH_SCOPE, SearchScope.SUBTREE.name());
 		PROPS.put(CONFIGKEY_LDAP_KEY_PICTURE, "photo");
 		PROPS.put(CONFIGKEY_LDAP_PICTURE_URI, "profile.png"); // this one is for Jenkins
 	}

 	private void createSbnd() throws FileNotFoundException, IOException {
 		Properties pp = new Properties();
 		pp.putAll(PROPS);
 		pp.put(CONFIGKEY_LDAP_AUTH_TYPE, LdapLoginManager.AuthType.SEARCHANDBIND.name());
 		try (OutputStream out = new FileOutputStream(getLdapConf(CFG_SEARCH_BIND))) {
 			pp.store(out, "");
 		}
 		LdapConfig cfg = new LdapConfig();
 		cfg.setName(CFG_SEARCH_BIND);
 		cfg.setActive(true);
 		cfg.setConfigFileName(CFG_SEARCH_BIND);
 		ldapDao.update(cfg, null);
 		CFG_MAP.put(CFG_SEARCH_BIND, cfg);
 	}

 	@BeforeEach
 	public void clean() throws FileNotFoundException, IOException {
 		if (CFG_MAP.isEmpty()) {
 			createSbnd();
 		}
 		for (LdapConfig cfg : ldapDao.getActive()) {
 			if (!CFG_MAP.containsKey(cfg.getName())) {
 				cfg.setActive(false);
 				ldapDao.update(cfg, null);
 			} else {
 				CFG_MAP.put(cfg.getName(), cfg);
 			}
 		}
 	}

 	@Test
 	void testSbndSessionLogin() throws OmException {
 		LdapConfig cfg = CFG_MAP.get(CFG_SEARCH_BIND);
 		assertTrue(WebSession.get().signIn(USER1, userpass, User.Type.LDAP, cfg.getId()), "Login should be successful");
 		//do login second time
 		WebSession.get().invalidateNow();
 		assertTrue(WebSession.get().signIn(USER1, userpass, User.Type.LDAP, cfg.getId()), "Login should be successful");
 		//check DB
 		assertEquals(1, userDao.count(USER1), "There should be exactly one user after multiple logins");
 	}

 	@Test
 	void testPhoto1() throws OmException {
 		LdapConfig cfg = CFG_MAP.get(CFG_SEARCH_BIND);
 		assertTrue(WebSession.get().signIn(USER2, userpass, User.Type.LDAP, cfg.getId()), "Login should be successful");
 		User u = userDao.getByLogin(USER2, User.Type.LDAP, cfg.getId());
 		assertNotNull(u);
 		assertEquals("profile.png", u.getPictureUri());
 	}

 	@Test
 	void testPhoto2() throws OmException {
 		LdapConfig cfg = CFG_MAP.get(CFG_SEARCH_BIND);
 		assertTrue(WebSession.get().signIn(USER3, userpass, User.Type.LDAP, cfg.getId()), "Login should be successful");
 		User u = userDao.getByLogin(USER3, User.Type.LDAP, cfg.getId());
 		assertNotNull(u);
 		assertEquals("user.jpg", u.getPictureUri());
 	}

 	@Test
 	void testSbndSessionLoginBadPassword() {
 		LdapConfig cfg = CFG_MAP.get(CFG_SEARCH_BIND);
 		assertThrows(OmException.class, () -> WebSession.get().signIn(USER1, BAD_PASSWORD, User.Type.LDAP, cfg.getId()));
 	}
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License") + you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*/
	package org.apache.openmeetings.ldap;

	import static org.apache.directory.server.constants.ServerDNConstants.ADMIN_SYSTEM_DN;
	import static org.apache.directory.server.core.api.partition.PartitionNexus.ADMIN_PASSWORD_BYTES;
	import static org.apache.openmeetings.core.ldap.LdapLoginManager.CONFIGKEY_LDAP_KEY_PICTURE;
	import static org.apache.openmeetings.core.ldap.LdapOptions.CONFIGKEY_LDAP_ADMIN_DN;
	import static org.apache.openmeetings.core.ldap.LdapOptions.CONFIGKEY_LDAP_ADMIN_PASSWD;
	import static org.apache.openmeetings.core.ldap.LdapOptions.CONFIGKEY_LDAP_AUTH_TYPE;
	import static org.apache.openmeetings.core.ldap.LdapOptions.CONFIGKEY_LDAP_HOST;
	import static org.apache.openmeetings.core.ldap.LdapOptions.CONFIGKEY_LDAP_PICTURE_URI;
	import static org.apache.openmeetings.core.ldap.LdapOptions.CONFIGKEY_LDAP_PORT;
	import static org.apache.openmeetings.core.ldap.LdapOptions.CONFIGKEY_LDAP_SEARCH_BASE;
	import static org.apache.openmeetings.core.ldap.LdapOptions.CONFIGKEY_LDAP_SEARCH_SCOPE;
	import static org.apache.openmeetings.util.OmFileHelper.getLdapConf;
	import static org.apache.openmeetings.util.OmFileHelper.loadLdapConf;
	import static org.junit.jupiter.api.Assertions.assertEquals;
	import static org.junit.jupiter.api.Assertions.assertNotNull;
	import static org.junit.jupiter.api.Assertions.assertThrows;
	import static org.junit.jupiter.api.Assertions.assertTrue;

	import java.io.FileNotFoundException;
	import java.io.FileOutputStream;
	import java.io.IOException;
	import java.io.OutputStream;
	import java.util.HashMap;
	import java.util.Map;
	import java.util.Properties;
	import java.util.UUID;

	import org.apache.directory.api.ldap.model.message.SearchScope;
	import org.apache.directory.server.annotations.CreateLdapServer;
	import org.apache.directory.server.annotations.CreateTransport;
	import org.apache.directory.server.core.annotations.ApplyLdifFiles;
	import org.apache.directory.server.core.annotations.CreateDS;
	import org.apache.directory.server.core.annotations.CreatePartition;
	import org.apache.directory.server.protocol.shared.transport.Transport;
	import org.apache.openmeetings.AbstractWicketTesterTest;
	import org.apache.openmeetings.core.ldap.LdapLoginManager;
	import org.apache.openmeetings.db.dao.server.LdapConfigDao;
	import org.apache.openmeetings.db.entity.server.LdapConfig;
	import org.apache.openmeetings.db.entity.user.User;
	import org.apache.openmeetings.util.OmException;
	import org.apache.openmeetings.web.app.WebSession;
	import org.junit.jupiter.api.BeforeAll;
	import org.junit.jupiter.api.BeforeEach;
	import org.junit.jupiter.api.Test;
	import org.junit.jupiter.api.extension.RegisterExtension;
	import org.springframework.beans.factory.annotation.Autowired;

	@CreateDS(name = "omDS",
	partitions = {
	@CreatePartition(name = "test", suffix = "dc=test,dc=openmeetings,dc=apache,dc=org")
	})
	@CreateLdapServer(transports = { @CreateTransport(protocol = "LDAP", address = "localhost")})
	@ApplyLdifFiles({"schema/users.ldif"})
	class TestLdap extends AbstractWicketTesterTest {
	private static final String CFG_SEARCH_BIND = UUID.randomUUID().toString();
	private static final String BAD_PASSWORD = "bad password";
	private static final String USER1 = "ldaptest1";
	private static final String USER2 = "ldaptest2";
	private static final String USER3 = "ldaptest3";
	private static final Map<String, LdapConfig> CFG_MAP = new HashMap<>();
	private static final Properties PROPS = new Properties();
	@Autowired
	private LdapConfigDao ldapDao;

	@RegisterExtension
	public static CreateLdapServerExtension serverExtension = new CreateLdapServerExtension();

	@BeforeAll
	public static void prepare() {
	loadLdapConf("om_ldap.cfg", PROPS);
	Transport t = serverExtension.getLdapServer().getTransports()[0];
	PROPS.put(CONFIGKEY_LDAP_HOST, t.getAddress());
	PROPS.put(CONFIGKEY_LDAP_PORT, String.valueOf(t.getPort()));
	PROPS.put(CONFIGKEY_LDAP_ADMIN_DN, ADMIN_SYSTEM_DN);
	PROPS.put(CONFIGKEY_LDAP_ADMIN_PASSWD, new String(ADMIN_PASSWORD_BYTES));
	PROPS.put(CONFIGKEY_LDAP_SEARCH_BASE, "dc=test,dc=openmeetings,dc=apache,dc=org");
	PROPS.put(CONFIGKEY_LDAP_SEARCH_SCOPE, SearchScope.SUBTREE.name());
	PROPS.put(CONFIGKEY_LDAP_KEY_PICTURE, "photo");
	PROPS.put(CONFIGKEY_LDAP_PICTURE_URI, "profile.png"); // this one is for Jenkins
	}

	private void createSbnd() throws FileNotFoundException, IOException {
	Properties pp = new Properties();
	pp.putAll(PROPS);
	pp.put(CONFIGKEY_LDAP_AUTH_TYPE, LdapLoginManager.AuthType.SEARCHANDBIND.name());
	try (OutputStream out = new FileOutputStream(getLdapConf(CFG_SEARCH_BIND))) {
	pp.store(out, "");
	}
	LdapConfig cfg = new LdapConfig();
	cfg.setName(CFG_SEARCH_BIND);
	cfg.setActive(true);
	cfg.setConfigFileName(CFG_SEARCH_BIND);
	ldapDao.update(cfg, null);
	CFG_MAP.put(CFG_SEARCH_BIND, cfg);
	}

	@BeforeEach
	public void clean() throws FileNotFoundException, IOException {
	if (CFG_MAP.isEmpty()) {
	createSbnd();
	}
	for (LdapConfig cfg : ldapDao.getActive()) {
	if (!CFG_MAP.containsKey(cfg.getName())) {
	cfg.setActive(false);
	ldapDao.update(cfg, null);
	} else {
	CFG_MAP.put(cfg.getName(), cfg);
	}
	}
	}

	@Test
	void testSbndSessionLogin() throws OmException {
	LdapConfig cfg = CFG_MAP.get(CFG_SEARCH_BIND);
	assertTrue(WebSession.get().signIn(USER1, userpass, User.Type.LDAP, cfg.getId()), "Login should be successful");
	//do login second time
	WebSession.get().invalidateNow();
	assertTrue(WebSession.get().signIn(USER1, userpass, User.Type.LDAP, cfg.getId()), "Login should be successful");
	//check DB
	assertEquals(1, userDao.count(USER1), "There should be exactly one user after multiple logins");
	}

	@Test
	void testPhoto1() throws OmException {
	LdapConfig cfg = CFG_MAP.get(CFG_SEARCH_BIND);
	assertTrue(WebSession.get().signIn(USER2, userpass, User.Type.LDAP, cfg.getId()), "Login should be successful");
	User u = userDao.getByLogin(USER2, User.Type.LDAP, cfg.getId());
	assertNotNull(u);
	assertEquals("profile.png", u.getPictureUri());
	}

	@Test
	void testPhoto2() throws OmException {
	LdapConfig cfg = CFG_MAP.get(CFG_SEARCH_BIND);
	assertTrue(WebSession.get().signIn(USER3, userpass, User.Type.LDAP, cfg.getId()), "Login should be successful");
	User u = userDao.getByLogin(USER3, User.Type.LDAP, cfg.getId());
	assertNotNull(u);
	assertEquals("user.jpg", u.getPictureUri());
	}

	@Test
	void testSbndSessionLoginBadPassword() {
	LdapConfig cfg = CFG_MAP.get(CFG_SEARCH_BIND);
	assertThrows(OmException.class, () -> WebSession.get().signIn(USER1, BAD_PASSWORD, User.Type.LDAP, cfg.getId()));
	}
	}