diff --git a/bin/account-manager-client.pl b/bin/account-manager-client.pl
index f63d022976dd513458c06e0fe7a8e4dfce77d1c9..9e99dee5a55c95ec840e74cad88e08b80f57ba74 100755
--- a/bin/account-manager-client.pl
+++ b/bin/account-manager-client.pl
@@ -16,7 +16,8 @@ use Getopt::Long qw(:config auto_help);
use Pod::Usage;
use Conf;
-use IdPAccountManager::TestAccount;
+use IdPAccountManager::Data::TestAccount;
+use IdPAccountManager::Data::TestAccount::Manager;
use IdPAccountManager::SAMLMetadata;
use IdPAccountManager::ServiceProvider;
use IdPAccountManager::AuthenticationToken;
@@ -58,7 +59,7 @@ if ($action eq 'add_test_account') {
-verbose => 0
) unless $options{'sp_entityid'};
- my $test_account = IdPAccountManager::TestAccount->new(
+ my $test_account = IdPAccountManager::Data::TestAccount->new(
account_profile => $options{'account_profile'},
sp_entityid => $options{'sp_entityid'}
);
@@ -72,7 +73,7 @@ if ($action eq 'add_test_account') {
);
printf "Account created:\n\tuserid: user%d\n\tpassword: %s\n",
- $test_account->get('id'), $test_account->get('user_password');
+ $test_account->id(), $test_account->user_password();
} elsif ($action eq 'list_test_accounts') {
@@ -90,21 +91,22 @@ if ($action eq 'add_test_account') {
push @{ $args{'query'} }, 'expiration_date' => { lt => time };
}
- my $all = IdPAccountManager::TestAccount::list_test_accounts(%args);
+ my $accounts =
+ IdPAccountManager::Data::TestAccount::Manager->get_testaccounts(%args);
- if ($#{$all} < 0) {
+ if (! @$accounts) {
printf "No matching test account in DB\n";
}
- foreach my $test_account (@$all) {
- $test_account->print();
+ foreach my $account (@$accounts) {
+ $account->print();
next unless $options{'delete'};
die "failed to delete test account\n"
- unless $test_account->delete();
+ unless $account->delete();
}
if ($options{'delete'}) {
- printf "%d accounts removed\n", $#{$all} + 1;
+ printf "%d accounts removed\n", @$accounts;
die "failed to update simpleSAMLphp configuration file\n"
unless IdPAccountManager::Tools::update_ssp_authsources(
diff --git a/bin/account-manager-web.pl b/bin/account-manager-web.pl
index a6e37d4cd4348a346a9b018592d2ba2fc2d19660..2b7201a05bfb4759ecdb9cab49fc9039e9a60d1b 100755
--- a/bin/account-manager-web.pl
+++ b/bin/account-manager-web.pl
@@ -19,7 +19,6 @@ use Template;
use Template::Constants qw( :debug );
use Conf;
-use IdPAccountManager::TestAccount;
use IdPAccountManager::SAMLMetadata;
use IdPAccountManager::ServiceProvider;
diff --git a/lib/IdPAccountManager/Data/TestAccount.pm b/lib/IdPAccountManager/Data/TestAccount.pm
index 222552308c9988d1f1d92b120634d9f38d175037..93e286d7a6eaedfdc1e5ee388030b9b7aa5de28e 100644
--- a/lib/IdPAccountManager/Data/TestAccount.pm
+++ b/lib/IdPAccountManager/Data/TestAccount.pm
@@ -5,6 +5,8 @@ use warnings;
use base 'IdPAccountManager::DB::Object';
+use POSIX qw(strftime);
+
__PACKAGE__->meta->setup(
table => 'testaccounts',
@@ -20,5 +22,39 @@ __PACKAGE__->meta->setup(
primary_key_columns => [ 'id' ],
);
-1;
+sub print {
+ my ($self, $fd) = @_;
+ $fd = \*STDOUT unless $fd;
+
+ printf $fd
+"Account ID=%s; password_hash=%s; sp_entityid=%s; account_profile=%s; creation_date=%s; expiration_date=%s\n",
+ $self->id(), $self->user_password_hash(),
+ $self->sp_entityid(), $self->account_profile(),
+ POSIX::strftime('%Y:%m:%d', localtime($self->creation_date())),
+ POSIX::strftime('%Y:%m:%d', localtime($self->expiration_date()));
+}
+
+sub user_password {
+ my ($self) = @_;
+
+ return $self->{user_password};
+}
+sub save {
+ my ($self, %args) = @_;
+
+ # If no ID is defined, it is a new account
+ if (! defined $self->id()) {
+ $self->{user_password} =
+ IdPAccountManager::Tools::generate_password();
+ $self->user_password_hash(
+ IdPAccountManager::Tools::sha256_hash($self->{user_password}));
+ $self->creation_date(time);
+ $self->expiration_date(
+ time + ($args{'accounts_validity_period'} * 3600 * 24));
+ }
+
+ $self->SUPER::save();
+}
+
+1;
diff --git a/lib/IdPAccountManager/TestAccount.pm b/lib/IdPAccountManager/TestAccount.pm
deleted file mode 100644
index 70dbf102e5e194fc4c03d7d1e91a82649ad6a569..0000000000000000000000000000000000000000
--- a/lib/IdPAccountManager/TestAccount.pm
+++ /dev/null
@@ -1,249 +0,0 @@
-package IdPAccountManager::TestAccount;
-
-## Copyright (c) GEANT
-## This software was developed by RENATER. The research leading to these results has received funding
-## from the European Community¹s Seventh Framework Programme (FP7/2007-2013) under grant agreement nº 238875 (GÉANT).
-
-use strict;
-use warnings;
-
-use IdPAccountManager::Data::TestAccount;
-use IdPAccountManager::Data::TestAccount::Manager;
-
-use IdPAccountManager::Tools;
-use POSIX qw(strftime);
-
-use Carp;
-
-INIT {
- ## Set error mode to non fatal
- IdPAccountManager::Data::TestAccount::Manager->error_mode('return');
-}
-
-sub new {
- my ($pkg, %args) = @_;
-
- my $self = {};
-
- bless $self, $pkg;
-
- ## Object may be created either with a hashref as argument or an IdPAccountManager::Data::TestAccount object
- ## Second case is usefull when fetching a set of IdPAccountManager::Data::TestAccount via IdPAccountManager::Data::TestAccount::Manager
- if (ref($_[0]) eq 'IdPAccountManager::Data::TestAccount') {
- $self->{'persistent'} = $_[0];
- } else {
- $self->{'persistent'} =
- IdPAccountManager::Data::TestAccount->new(%args);
- }
-
- return $self;
-}
-
-sub get {
- my ($self, $attribute) = @_;
-
- ## User password is not stored in DB
- if ($attribute eq 'user_password') {
- return $self->{$attribute};
- } else {
- return $self->{'persistent'}->$attribute;
-
- }
-}
-
-sub save {
- my ($self, %args) = @_;
-
- ## If no id is defined, it is a new account
- unless (defined $self->{'persistent'}->id) {
- $self->{'persistent'}->creation_date(time);
- $self->{'persistent'}->expiration_date(
- time + ($args{'accounts_validity_period'} * 3600 * 24));
- $self->{'user_password'} =
- IdPAccountManager::Tools::generate_password();
- $self->{'persistent'}->user_password_hash(
- IdPAccountManager::Tools::sha256_hash($self->{'user_password'}));
- }
-
- unless ($self->{'persistent'}->save()) {
- return undef;
- }
-}
-
-## Delete a test account
-sub delete {
- my ($self) = @_;
-
- unless ($self->{'persistent'}->delete()) {
- return undef;
- }
-}
-
-## Print the content of a test account
-sub print {
- my ($self, $fd) = @_;
- $fd = \*STDOUT unless $fd;
-
- printf $fd
-"Account ID=%s; password_hash=%s; sp_entityid=%s; account_profile=%s; creation_date=%s; expiration_date=%s\n",
- $self->get('id'), $self->get('user_password_hash'),
- $self->get('sp_entityid'), $self->get('account_profile'),
- POSIX::strftime('%Y:%m:%d', localtime($self->get('creation_date'))),
- POSIX::strftime('%Y:%m:%d', localtime($self->get('expiration_date')));
-}
-
-## list all test accounts
-## Class method
-sub list_test_accounts {
- my (%args) = @_;
-
- my $persistent_accounts =
- IdPAccountManager::Data::TestAccount::Manager->get_testaccounts(%args);
- my $accounts;
- foreach my $persistent_account (@{$persistent_accounts}) {
- my $account = IdPAccountManager::TestAccount->new($persistent_account);
- push @$accounts, $account;
- }
-
- return $accounts;
-}
-
-## create test accounts for all active account profiles
-sub create_test_accounts_for_sp {
- my (%args) = @_;
- my @test_accounts;
-
- unless ($args{'sp_entityid'}) {
- return undef;
- }
-
- foreach my $profile (@{ $args{'account_profiles'} }) {
- my $test_account = IdPAccountManager::TestAccount->new(
- account_profile => $profile,
- sp_entityid => $args{'sp_entityid'}
- );
- unless (defined $test_account) {
- return undef;
- }
-
- unless ($test_account->save()) {
- return undef;
- }
-
- push @test_accounts, $test_account;
- }
-
- return @test_accounts;
-}
-
-1;
-__END__
-
-=head1 NAME
-
-IdPAccountManager::TestAccount - Manage test user accounts for the Test Identity Provider
-
-=head1 SYNOPSIS
-
- my $test_account = IdPAccountManager::TestAccount->new(account_profile => 'student1',
- sp_entityid => 'https://test.federation.renater.fr/test/ressource');
- unless (defined $test_account) {
- die "Failed to create test account";
- }
-
- unless ($test_account->save()) {
- die "Failed to create test account";
- }
-
- printf "Account created:\n\tuserid: user%d\n\tpassword: %s\n", $test_account->get('id'), $test_account->get('user_password');
-
-=head1 DESCRIPTION
-
-The Test Account manager instanciates test accounts associated to a SAML Identity Provider.
-This module allows to manage the test accounts.
-
-=head1 SUBROUTINES/METHODS
-
-=over 8
-
-=item C<new ARGS>
-
-Class method. Create a new IdPAccountManager::TestAccount object.
-Example:
-
- my $test_account = IdPAccountManager::TestAccount->new(account_profile => 'student1',
- sp_entityid => 'https://test.federation.renater.fr/test/ressource');
-
-Supported arguments include:
-
-=over 12
-
-=item C<account_profile>
-
-ID of the account profile to be used.
-
-=item C<sp_entityid>
-
-EntityID (SAML ID) of the Service Provider associated to the test account.
-
-=back
-
-=item C<create_test_accounts_for_sp ARGS>
-
-Class method. Create test accounts for supported account profiles.
-
-Supported arguments include:
-
-=over 12
-
-=item C<sp_entityid>
-
-EntityID (SAML ID) of the Service Provider associated to the test account.
-
-=back
-
-=item C<delete>
-
-Deletes the test account in the database.
-
-=item C<get> ATTR_NAME
-
-Returns the value of the specified ATTR_NAME attribute of the test account.
-
-=item C<list_test_accounts ARGS>
-
-Class method. List all test accounts in database.
-
-Supported arguments include:
-
-=over 12
-
-=item C<sp_entityid>
-
-Entityid of a SAML Service Provider to list only test accounts linked to this Service Provider.
-
-=item C<account_profile>
-
-Test account profile to list only test accounts linked based on this profile.
-
-=back
-
-=item C<print FD>
-
-Dumps the content of the test account to the specified FD file handler (default to STDOUT)
-
-=item C<save>
-
-Save the test account in the database.
-
-=back
-
-=head1 AUTHOR
-
-Olivier Salaün (olivier.salaun@renater.fr)
-
-=head1 LICENSE
-
-Copyright (c) GEANT
-This software was developed by RENATER. The research leading to these results has received funding
-from the European Community¹s Seventh Framework Programme (FP7/2007-2013) under grant agreement nº 238875 (GÉANT).
diff --git a/lib/IdPAccountManager/Tools.pm b/lib/IdPAccountManager/Tools.pm
index 8209c2310b95d7cac943bb42188a663a6bad38cc..e46be5d0c6c9c8d7cf866d76d5d5e6ac443715e0 100644
--- a/lib/IdPAccountManager/Tools.pm
+++ b/lib/IdPAccountManager/Tools.pm
@@ -91,7 +91,7 @@ sub update_ssp_authsources {
$root_manager_dir . '/templates/accountProfiles'
});
my %args = (
- 'accounts' => IdPAccountManager::TestAccount::list_test_accounts(),
+ 'accounts' => IdPAccountManager::TestAccount::Data::Manager->get_testaccounts(),
'conf' => $conf,
);
diff --git a/lib/IdPAccountManager/WebRequest.pm b/lib/IdPAccountManager/WebRequest.pm
index 71237b446d95470b4391735b8021df1aacac610a..0899649f1fbd4763546a9147a3af67a6954acde4 100755
--- a/lib/IdPAccountManager/WebRequest.pm
+++ b/lib/IdPAccountManager/WebRequest.pm
@@ -5,6 +5,7 @@ use warnings;
use English qw(-no_match_vars);
use IdPAccountManager::Logger;
+use IdPAccountManager::Data::TestAccount;
use Conf;
## New web request
@@ -558,11 +559,17 @@ sub req_validate_token {
}
## create test accounts
- my @test_accounts =
- IdPAccountManager::TestAccount::create_test_accounts_for_sp(
- sp_entityid => $self->{'param_in'}{'sp_entityid'},
- account_profiles => $Conf::global{'account_profiles'}
- );
+ my @test_accounts;
+
+ foreach my $profile ($Conf::global{'account_profiles'}) {
+ my $test_account = IdPAccountManager::Data::TestAccount->new(
+ account_profile => $profile,
+ sp_entityid => $self->{'param_in'}{'sp_entityid'}
+ );
+ next unless $test_account;
+ next unless $test_account->save();
+ push @test_accounts, $test_account;
+ }
unless (@test_accounts) {
push @{ $self->{'param_out'}{'errors'} }, "accounts_creation_failed";