From ecb1dcc58ec3e31f689abdf8dce29f54d0fb7b9a Mon Sep 17 00:00:00 2001
From: Jeff Davis <jeff.davis@bc.libraries.coop>
Date: Mon, 27 May 2019 12:03:00 -0700
Subject: [PATCH] LP#1830642: add tests for authenticating users when password
 contains percent sign

Signed-off-by: Jeff Davis <jeff.davis@bc.libraries.coop>
Signed-off-by: Galen Charlton <gmc@equinoxinitiative.org>
---
 .../src/perlmods/live_t/24-lp1710949-login-api.t   | 67 +++++++++++++++++++++-
 1 file changed, 66 insertions(+), 1 deletion(-)

diff --git a/Open-ILS/src/perlmods/live_t/24-lp1710949-login-api.t b/Open-ILS/src/perlmods/live_t/24-lp1710949-login-api.t
index e32ec619c9..600e7de83a 100644
--- a/Open-ILS/src/perlmods/live_t/24-lp1710949-login-api.t
+++ b/Open-ILS/src/perlmods/live_t/24-lp1710949-login-api.t
@@ -1,6 +1,6 @@
 #!perl
 
-use Test::More tests => 22;
+use Test::More tests => 27;
 
 diag("Tests open-ils.auth.login");
 
@@ -8,6 +8,7 @@ use strict; use warnings;
 use OpenILS::Utils::TestUtils;
 use OpenILS::Application::AppUtils;
 use OpenSRF::Utils::Cache;
+use Digest::MD5 qw/md5_hex/;
 our $U = "OpenILS::Application::AppUtils";
 
 OpenILS::Utils::TestUtils->new->bootstrap;
@@ -93,3 +94,67 @@ isnt($resp->{textcode}, 'SUCCESS', '... and consequently multiple failed attempt
 # and clean up
 my $cache = OpenSRF::Utils::Cache->new("global", 0);
 $cache->delete_cache('oils_auth_br1mclark_count');
+
+# test for LP#1830642
+my $new_pwd = 'password%';
+
+my $user = $U->simplereq(
+    'open-ils.actor',
+    'open-ils.actor.user.fleshed.retrieve_by_barcode',
+    $authtoken,
+    '99999381970'
+);
+$user->passwd($new_pwd);
+$resp = $U->simplereq(
+    'open-ils.actor',
+    'open-ils.actor.patron.update',
+    $authtoken,
+    $user
+);
+isa_ok($resp, 'Fieldmapper::actor::user', 'test password updated');
+
+my $seed = $U->simplereq(
+    'open-ils.auth',
+    'open-ils.auth.authenticate.init',
+    'br1mclark'
+);
+ok(defined $seed, 'Got an auth seed');
+
+my $hashed_pwd = md5_hex($seed . md5_hex($new_pwd));
+$resp = $U->simplereq(
+    'open-ils.auth',
+    'open-ils.auth.authenticate.complete',
+    {
+        username => 'br1mclark',
+        password => $hashed_pwd,
+        type => 'staff'
+    }
+);
+is($resp->{textcode}, 'SUCCESS', '.complete succeeds when password contains %');
+
+$resp = $U->simplereq(
+    'open-ils.auth',
+    'open-ils.auth.login', {
+        identifier => 'br1mclark',
+        password => $new_pwd,
+        type => 'staff'
+    }
+);
+is($resp->{textcode}, 'SUCCESS', '.login succeeds when password contains %');
+
+# cleanup
+my $restored_user = $U->simplereq(
+    'open-ils.actor',
+    'open-ils.actor.user.fleshed.retrieve_by_barcode',
+    $authtoken,
+    '99999381970'
+);
+$restored_user->passwd('montyc1234');
+$resp = $U->simplereq(
+    'open-ils.actor',
+    'open-ils.actor.patron.update',
+    $authtoken,
+    $restored_user
+);
+isa_ok($resp, 'Fieldmapper::actor::user', 'test password reverted');
+
-- 
2.11.0