- testing with apache-rex instead
OBS-URL: https://build.opensuse.org/package/show/Apache:Modules/apache2-mod_authn_otp?expand=0&rev=27
This commit is contained in:
@@ -1,3 +1,8 @@
|
||||
-------------------------------------------------------------------
|
||||
Wed Jun 26 09:35:46 UTC 2019 - pgajdos@suse.com
|
||||
|
||||
- testing with apache-rex instead
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Jun 22 18:14:41 UTC 2019 - archie.cobbs@gmail.com
|
||||
|
||||
|
||||
@@ -13,7 +13,7 @@
|
||||
# license that conforms to the Open Source Definition (Version 1.9)
|
||||
# published by the Open Source Initiative.
|
||||
|
||||
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
||||
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
||||
#
|
||||
|
||||
|
||||
@@ -26,9 +26,10 @@ License: Apache-2.0
|
||||
Group: Productivity/Networking/Web/Servers
|
||||
Url: http://mod-authn-otp.googlecode.com/
|
||||
Source: https://s3.amazonaws.com/archie-public/mod-authn-otp/%{mod_name}-%{version}.tar.gz
|
||||
BuildRequires: apache-rex
|
||||
BuildRequires: apache-rpm-macros
|
||||
BuildRequires: apache2-devel
|
||||
BuildRequires: curl
|
||||
%apache_rex_deps
|
||||
Requires: %{apache_mmn}
|
||||
Requires: %{apache_suse_maintenance_mmn}
|
||||
Provides: otptool = %{version}
|
||||
@@ -79,79 +80,7 @@ install -d %{buildroot}%{apache_libexecdir}
|
||||
make DESTDIR=%{buildroot} install %{?_smp_mflags}
|
||||
|
||||
%check
|
||||
# see https://github.com/archiecobbs/mod-authn-otp/blob/master/README.md
|
||||
# for details
|
||||
set +x
|
||||
# secret token
|
||||
test_token='a4d8acbddef654fccc418db4cc2f85cea6339f00'
|
||||
test_user='wilma'
|
||||
mkdir -p %{apache_test_module_dir}/htdocs/protected
|
||||
# create protected document
|
||||
cat << EOF > %{apache_test_module_dir}/htdocs/protected/index.html
|
||||
RESTRICTED AREA BY OTP
|
||||
EOF
|
||||
# create initial UsersFile
|
||||
echo "HOTP $test_user - $test_token" > %{apache_test_module_dir}/users-file
|
||||
# create module configuration
|
||||
cat << EOF > %{apache_test_module_dir}/mod_authn_otp-test.conf
|
||||
<Directory %{apache_test_module_dir}/htdocs/protected>
|
||||
AuthType basic
|
||||
AuthName "Very Secret Area"
|
||||
AuthBasicProvider OTP
|
||||
Require valid-user
|
||||
OTPAuthUsersFile %{apache_test_module_dir}/users-file
|
||||
OTPAuthMaxLinger 2
|
||||
</Directory>
|
||||
EOF
|
||||
exit_code=0
|
||||
%if %{apache_branch} >= 204
|
||||
# 2.4 and up
|
||||
base_authn_module='authn_core'
|
||||
%else
|
||||
base_authn_module='authn_default'
|
||||
%endif
|
||||
# start apache test instance
|
||||
%apache_test_module_start_apache -m $base_authn_module:authz_user:authn_otp -i mod_authn_otp-test.conf
|
||||
echo
|
||||
echo 'Testing protected/index.html output'
|
||||
# figure out password for first access
|
||||
pass=$(./otptool -c 0 a4d8acbddef654fccc418db4cc2f85cea6339f00 | sed 's@.*:[ \t]*\([0-9]*\)[ \t]*.*@\1@')
|
||||
echo 'Test 1: testing first password'
|
||||
%apache_test_module_curl -u $test_user:$pass -d /protected/ -o output.txt
|
||||
grep 'RESTRICTED AREA BY OTP' output.txt || exit_code=1
|
||||
# next access with the same password within the linger time should be allowed
|
||||
echo 'Test 2: testing first password in linger time'
|
||||
%apache_test_module_curl -u $test_user:$pass -d /protected/ -o output.txt
|
||||
grep 'RESTRICTED AREA BY OTP' output.txt || exit_code=2
|
||||
# sleeping to get after linger time
|
||||
sleep 2
|
||||
# next access with the same password after linger time should not be allowed
|
||||
echo 'Test 3: testing first password after linger time'
|
||||
%apache_test_module_curl -u $test_user:$pass -d /protected/ -o output.txt
|
||||
grep '<title>.*401.*</title>' output.txt || exit_code=3
|
||||
# figure out second password (counter increased by one)
|
||||
echo 'Test 4: testing second password'
|
||||
pass=$(./otptool -c 1 a4d8acbddef654fccc418db4cc2f85cea6339f00 | sed 's@.*:[ \t]*\([0-9]*\)[ \t]*.*@\1@')
|
||||
%apache_test_module_curl -u $test_user:$pass -d /protected/ -o output.txt
|
||||
grep 'RESTRICTED AREA BY OTP' output.txt || exit_code=4
|
||||
# increasing counter again, generating new password
|
||||
echo 'Test 5: testing third password in linger time of second password'
|
||||
pass=$(./otptool -c 2 a4d8acbddef654fccc418db4cc2f85cea6339f00 | sed 's@.*:[ \t]*\([0-9]*\)[ \t]*.*@\1@')
|
||||
# access with the third password should be allowed even if linger time
|
||||
# of the previous one have not expired
|
||||
%apache_test_module_curl -u $test_user:$pass -d /protected/ -o output.txt
|
||||
grep 'RESTRICTED AREA BY OTP' output.txt || exit_code=5
|
||||
echo -n 'Result: '
|
||||
if [ $exit_code -eq 0 ]; then
|
||||
echo 'SUCCESS'
|
||||
else
|
||||
echo "FAILED (last failed test: $exit_code), error_log:"
|
||||
cat %{apache_test_module_dir}/error_log
|
||||
fi
|
||||
echo
|
||||
%apache_test_module_stop_apache
|
||||
set -x
|
||||
exit $exit_code
|
||||
%apache_rex_check -m .libs/ -b . mod_authn_otp-basic
|
||||
|
||||
%files
|
||||
%defattr(-,root,root,-)
|
||||
|
||||
Reference in New Issue
Block a user