1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82
|
require 'spec_helper'
describe "OmniAuth::LDAP::Adaptor" do
describe 'initialize' do
it 'should throw exception when must have field is not set' do
#[:host, :port, :method, :bind_dn]
expect { OmniAuth::LDAP::Adaptor.new({host: "192.168.1.145", method: 'plain'})}.to raise_error(ArgumentError)
end
it 'should throw exception when method is not supported' do
expect { OmniAuth::LDAP::Adaptor.new({host: "192.168.1.145", method: 'myplain', uid: 'uid', port: 389, base: 'dc=com'})}.to raise_error(OmniAuth::LDAP::Adaptor::ConfigurationError)
end
it 'should setup ldap connection with anonymous' do
adaptor = OmniAuth::LDAP::Adaptor.new({host: "192.168.1.145", method: 'plain', base: 'dc=intridea, dc=com', port: 389, uid: 'sAMAccountName'})
expect(adaptor.connection).not_to eq(nil)
expect(adaptor.connection.host).to eq('192.168.1.145')
expect(adaptor.connection.port).to eq(389)
expect(adaptor.connection.base).to eq('dc=intridea, dc=com')
expect(adaptor.connection.instance_variable_get('@auth')).to eq({:method => :anonymous, :username => nil, :password => nil})
end
it 'should setup ldap connection with simple' do
adaptor = OmniAuth::LDAP::Adaptor.new({host: "192.168.1.145", method: 'plain', base: 'dc=intridea, dc=com', port: 389, uid: 'sAMAccountName', bind_dn: 'bind_dn', password: 'password'})
expect(adaptor.connection).not_to eq(nil)
expect(adaptor.connection.host).to eq('192.168.1.145')
expect(adaptor.connection.port).to eq(389)
expect(adaptor.connection.base).to eq('dc=intridea, dc=com')
expect(adaptor.connection.instance_variable_get('@auth')).to eq({:method => :simple, :username => 'bind_dn', :password => 'password'})
end
it 'should setup ldap connection with sasl-md5' do
adaptor = OmniAuth::LDAP::Adaptor.new({host: "192.168.1.145", method: 'plain', base: 'dc=intridea, dc=com', port: 389, uid: 'sAMAccountName', try_sasl: true, sasl_mechanisms: ["DIGEST-MD5"], bind_dn: 'bind_dn', password: 'password'})
expect(adaptor.connection).not_to eq(nil)
expect(adaptor.connection.host).to eq('192.168.1.145')
expect(adaptor.connection.port).to eq(389)
expect(adaptor.connection.base).to eq('dc=intridea, dc=com')
expect(adaptor.connection.instance_variable_get('@auth')[:method]).to eq(:sasl)
expect(adaptor.connection.instance_variable_get('@auth')[:mechanism]).to eq('DIGEST-MD5')
expect(adaptor.connection.instance_variable_get('@auth')[:initial_credential]).to eq('')
expect(adaptor.connection.instance_variable_get('@auth')[:challenge_response]).not_to be_nil
end
it 'should setup ldap connection with sasl-gss' do
adaptor = OmniAuth::LDAP::Adaptor.new({host: "192.168.1.145", method: 'plain', base: 'dc=intridea, dc=com', port: 389, uid: 'sAMAccountName', try_sasl: true, sasl_mechanisms: ["GSS-SPNEGO"], bind_dn: 'bind_dn', password: 'password'})
expect(adaptor.connection).not_to eq(nil)
expect(adaptor.connection.host).to eq('192.168.1.145')
expect(adaptor.connection.port).to eq(389)
expect(adaptor.connection.base).to eq('dc=intridea, dc=com')
expect(adaptor.connection.instance_variable_get('@auth')[:method]).to eq(:sasl)
expect(adaptor.connection.instance_variable_get('@auth')[:mechanism]).to eq('GSS-SPNEGO')
expect(adaptor.connection.instance_variable_get('@auth')[:initial_credential]).to match(/^NTLMSSP/)
expect(adaptor.connection.instance_variable_get('@auth')[:challenge_response]).not_to be_nil
end
it 'should set the encryption method correctly' do
adaptor = OmniAuth::LDAP::Adaptor.new({host: "192.168.1.145", method: 'tls', base: 'dc=intridea, dc=com', port: 389, uid: 'sAMAccountName'})
adaptor.connection.instance_variable_get('@encryption').should include method: :start_tls
end
end
describe 'bind_as' do
let(:args) { {:filter => Net::LDAP::Filter.eq('sAMAccountName', 'username'), :password => 'password', :size => 1} }
let(:rs) { Struct.new(:dn).new('new dn') }
it 'should bind simple' do
adaptor = OmniAuth::LDAP::Adaptor.new({host: "192.168.1.126", method: 'plain', base: 'dc=score, dc=local', port: 389, uid: 'sAMAccountName', bind_dn: 'bind_dn', password: 'password'})
expect(adaptor.connection).to receive(:open).and_yield(adaptor.connection)
expect(adaptor.connection).to receive(:search).with(args).and_return([rs])
expect(adaptor.connection).to receive(:bind).with({:username => 'new dn', :password => args[:password], :method => :simple}).and_return(true)
expect(adaptor.bind_as(args)).to eq(rs)
end
it 'should bind sasl' do
adaptor = OmniAuth::LDAP::Adaptor.new({host: "192.168.1.145", method: 'plain', base: 'dc=intridea, dc=com', port: 389, uid: 'sAMAccountName', try_sasl: true, sasl_mechanisms: ["GSS-SPNEGO"], bind_dn: 'bind_dn', password: 'password'})
expect(adaptor.connection).to receive(:open).and_yield(adaptor.connection)
expect(adaptor.connection).to receive(:search).with(args).and_return([rs])
expect(adaptor.connection).to receive(:bind).and_return(true)
expect(adaptor.bind_as(args)).to eq(rs)
end
end
end
|