public function SimpleLdapSSOTestCase::testSimpleLdapSSO in Simple LDAP 7.2

Same name and namespace in other branches
7 simple_ldap_sso/simple_ldap_sso.test \SimpleLdapSSOTestCase::testSimpleLdapSSO()
Test Simple LDAP SSO.
File

simple_ldap_sso/simple_ldap_sso.test, line 67: Simple LDAP SSO module tests.
Class

SimpleLdapSSOTestCase: @file Simple LDAP SSO module tests.
Code

public function testSimpleLdapSSO() {

  // Assert module is configured.
  drupal_static_reset('simple_ldap_sso_configured');
  $this
    ->assertTrue(simple_ldap_sso_configured(), t('Simple LDAP SSO is configured.'));

  // Verify that for user 1, no SSO cookie is set.
  $this
    ->drupalUser1Login();
  $this
    ->assertFalse(isset($this->cookies[SIMPLE_LDAP_SSO_COOKIE]['value']), 'No SSO Cookie set for User 1.');
  $this
    ->drupalLogin($this->testUser);

  // Verify for other user, SSO cookie is set.
  $data = $this
    ->getSSOCookieData();
  $this
    ->assertEqual($data['name'], $this->testUser->name, t('SSO Cookie has valid data.'));
  $this
    ->deleteSessions($data['uid']);
  $this
    ->drupalGet('user');
  $sessions = (bool) $this
    ->getSessions($data['uid']);
  $this
    ->assertTrue($sessions, t('The session was recreated from the SSO cookie.'));
  $this
    ->assertText($data['name'], t('The user was logged in from the SSO cookie.'));

  // Verify that session id matches what is stored in LDAP.
  $data = $this
    ->getSSOCookieData();
  $sso = new SimpleLdapSSO($data['name']);
  $sid = $this->cookies[$this->session_name]['value'];
  $this
    ->assertTrue($sso
    ->validateSid($sid), t('Session id was stored in LDAP.'));
  $this
    ->drupalLogout();

  // Assert SSO cookie is deleted.
  $this
    ->assertEqual('deleted', $this->cookies[SIMPLE_LDAP_SSO_COOKIE]['value'], t('The SSO cookie was deleted.'));

  // Assert sid was deleted from LDAP.
  $sso = new SimpleLdapSSO($data['name']);
  $this
    ->assertFalse($sso
    ->validateSid($sid), t('Session id was deleted from LDAP.'));

  // Assert the user is created in Drupal if there is a valid SSO cookie.
  // First, delete the user. We can't user user_delete() as that will delete
  // the account from LDAP as well.
  $this
    ->drupalLogin($this->testUser);
  db_delete('users')
    ->condition('uid', $data['uid'])
    ->execute();
  db_delete('sessions')
    ->condition('uid', $data['uid'])
    ->execute();

  // Ensure the user has been deleted.
  $account = user_load_multiple(array(), array(
    'name' => $data['name'],
  ), TRUE);
  $this
    ->assertFalse((bool) $account, t('The user account was deleted.'));

  // Then access the user page again.
  $this
    ->drupalGet('user');

  // Check for the existence of the user.
  $account = user_load_multiple(array(), array(
    'name' => $data['name'],
  ), TRUE);
  $this
    ->assertTrue((bool) $account, t('The user has been recreated from a valid SSO cookie.'));

  // Check for an existing session. Start by reloading the SSO cookie data.
  $data = $this
    ->getSSOCookieData();
  $sessions = (bool) $this
    ->getSessions($data['uid']);
  $this
    ->assertTrue($sessions, t('The session was created from the SSO cookie.'));
  $this
    ->assertText($data['name'], t('The user was logged in from the SSO cookie.'));

  // Assert that the user can't log in if the session id in the cookie doesn't
  // match what is stored in LDAP.
  $this
    ->deleteSessions($data['uid']);
  $sso = new SimpleLdapSSO($data['name']);
  $sso
    ->saveSid('test');

  // Assert the sid was saved to LDAP.
  $this
    ->assertTrue($sso
    ->validateSid('test'), t('Session ID saved to LDAP successfully.'));

  // Now access the site.
  $this
    ->drupalGet('user');
  $this
    ->assertText(t('A problem was encountered when attempting to sign you in on this site.'), t('The user cannot log in with a mismatching session id.'));

  // Assert that the cookies have been deleted.
  $this
    ->assertEqual('deleted', $this->cookies[SIMPLE_LDAP_SSO_COOKIE]['value'], t('The SSO cookie was deleted.'));
  $this
    ->assertEqual('deleted', $this->cookies[$this->session_name]['value'], t('The session cookie was deleted.'));

  // Assert that the session id was deleted from LDAP also.
  $sso = new SimpleLdapSSO($data['name']);
  $this
    ->assertFalse($sso
    ->validateSid('test'), t('Invalid Session ID was deleted from LDAP.'));

  // Log the user in anew.
  $this
    ->prepareSSO();

  // Assert that if the encryption key changes, SSO will fail.
  variable_set('simple_ldap_sso_encryption_key', 'testkey1');
  $this
    ->drupalGet('user');
  $this
    ->assertEqual('deleted', $this->cookies[SIMPLE_LDAP_SSO_COOKIE]['value'], t('If the SSO cookie cannot be decrypted, it is deleted.'));
  $this
    ->assertText(t('Log in'), t('Single Sign On fails if SSO cookie decryption fails.'));
}
You are here

public function SimpleLdapSSOTestCase::testSimpleLdapSSO in Simple LDAP 7.2

File

Class

Code

API Navigation
