[Catalyst-commits] r9127 - in trunk/Catalyst-Plugin-Authentication:
. lib/Catalyst/Authentication/Credential t
t0m at dev.catalyst.perl.org
t0m at dev.catalyst.perl.org
Sat Jan 24 23:26:22 GMT 2009
Author: t0m
Date: 2009-01-24 23:26:21 +0000 (Sat, 24 Jan 2009)
New Revision: 9127
Modified:
trunk/Catalyst-Plugin-Authentication/Changes
trunk/Catalyst-Plugin-Authentication/Makefile.PL
trunk/Catalyst-Plugin-Authentication/lib/Catalyst/Authentication/Credential/Password.pm
trunk/Catalyst-Plugin-Authentication/t/05_password.t
Log:
Fix bug with cleartext password_type (bug reported to my email by crackcraft at gmail.com), adding mock tests around that area..
Modified: trunk/Catalyst-Plugin-Authentication/Changes
===================================================================
--- trunk/Catalyst-Plugin-Authentication/Changes 2009-01-24 05:30:09 UTC (rev 9126)
+++ trunk/Catalyst-Plugin-Authentication/Changes 2009-01-24 23:26:21 UTC (rev 9127)
@@ -1,5 +1,10 @@
Revision history for Perl extension Catalyst::Plugin::Authentication
+ - Fix bug in Credential::Password with password_type: clear.
+ - Add test for this.
+ - Add mock object tests for Credential::Password with password_type:
+ clear.
+
0.100092
- Release new version, no changes since dev release.
Modified: trunk/Catalyst-Plugin-Authentication/Makefile.PL
===================================================================
--- trunk/Catalyst-Plugin-Authentication/Makefile.PL 2009-01-24 05:30:09 UTC (rev 9126)
+++ trunk/Catalyst-Plugin-Authentication/Makefile.PL 2009-01-24 23:26:21 UTC (rev 9127)
@@ -15,6 +15,7 @@
test_requires 'Test::More';
test_requires 'Test::Exception';
+test_requires 'Test::MockObject';
auto_install;
WriteAll;
Modified: trunk/Catalyst-Plugin-Authentication/lib/Catalyst/Authentication/Credential/Password.pm
===================================================================
--- trunk/Catalyst-Plugin-Authentication/lib/Catalyst/Authentication/Credential/Password.pm 2009-01-24 05:30:09 UTC (rev 9126)
+++ trunk/Catalyst-Plugin-Authentication/lib/Catalyst/Authentication/Credential/Password.pm 2009-01-24 23:26:21 UTC (rev 9127)
@@ -64,6 +64,9 @@
if ($self->_config->{'password_type'} eq 'none') {
return 1;
} elsif ($self->_config->{'password_type'} eq 'clear') {
+ # FIXME - Should we warn in the $storedpassword undef case,
+ # as the user probably fluffed the config?
+ return unless defined $storedpassword;
return $password eq $storedpassword;
} elsif ($self->_config->{'password_type'} eq 'crypted') {
return $storedpassword eq crypt( $password, $storedpassword );
Modified: trunk/Catalyst-Plugin-Authentication/t/05_password.t
===================================================================
--- trunk/Catalyst-Plugin-Authentication/t/05_password.t 2009-01-24 05:30:09 UTC (rev 9126)
+++ trunk/Catalyst-Plugin-Authentication/t/05_password.t 2009-01-24 23:26:21 UTC (rev 9127)
@@ -1,11 +1,44 @@
use strict;
use warnings;
-use Test::More 'no_plan';
+use Test::More tests => 11;
+use Test::Exception;
+use Test::MockObject;
-
+# 1,2
my $m; BEGIN { use_ok($m = "Catalyst::Authentication::Credential::Password") }
-
can_ok($m, "authenticate");
+my $app = Test::MockObject->new;
+my $realm = Test::MockObject->new;
+my $user = Test::MockObject->new;
+our ($user_get_password_field_name, $user_password );
+$user->mock('get' => sub { $user_get_password_field_name = $_[1]; return $user_password });
+# 3-6 # Test clear passwords if you mess up the password_field
+{
+ local $user_password = undef; # The user returns an undef password,
+ local $user_get_password_field_name; # as there is no field named 'mistyped'
+ my $config = { password_type => 'clear', password_field => 'mistyped' };
+ my $i; lives_ok { $i = $m->new($config, $app, $realm) } 'Construct instance';
+ ok($i, 'Have instance');
+ my $r = $i->check_password($user, { username => 'someuser', password => 'password' });
+ is($user_get_password_field_name, 'mistyped',
+ '(Incorrect) field name from config correctly passed to user');
+ ok(! $r, 'Authentication unsuccessful' );
+}
+
+# 7-11 # Test clear passwords working, and not working
+{
+ local $user_password = 'mypassword';
+ local $user_get_password_field_name;
+ my $config = { password_type => 'clear', password_field => 'the_password_field' };
+ my $i; lives_ok { $i = $m->new($config, $app, $realm) } 'Construct instance';
+ ok($i, 'Have instance');
+ my $r = $i->check_password($user, { username => 'someuser', the_password_field => 'mypassword' });
+ is($user_get_password_field_name, 'the_password_field',
+ 'Correct field name from config correctly passed to user');
+ ok( $r, 'Authentication successful with correct password' );
+ $r = $i->check_password($user, { username => 'someuser', the_password_field => 'adifferentpassword' });
+ ok( ! $r, 'Authentication ussuccessful with incorrect password' );
+}
More information about the Catalyst-commits
mailing list