1
0

ClientTest.php 16 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620
  1. <?php
  2. declare(strict_types=1);
  3. /**
  4. * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
  5. * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
  6. * SPDX-License-Identifier: AGPL-3.0-or-later
  7. */
  8. namespace Test\Http\Client;
  9. use GuzzleHttp\Psr7\Response;
  10. use OC\Http\Client\Client;
  11. use OC\Security\CertificateManager;
  12. use OCP\Http\Client\LocalServerException;
  13. use OCP\ICertificateManager;
  14. use OCP\IConfig;
  15. use OCP\Security\IRemoteHostValidator;
  16. use PHPUnit\Framework\MockObject\MockObject;
  17. use Psr\Log\LoggerInterface;
  18. use function parse_url;
  19. /**
  20. * Class ClientTest
  21. */
  22. class ClientTest extends \Test\TestCase {
  23. /** @var \GuzzleHttp\Client|MockObject */
  24. private $guzzleClient;
  25. /** @var CertificateManager|MockObject */
  26. private $certificateManager;
  27. /** @var Client */
  28. private $client;
  29. /** @var IConfig|MockObject */
  30. private $config;
  31. /** @var IRemoteHostValidator|MockObject */
  32. private IRemoteHostValidator $remoteHostValidator;
  33. private LoggerInterface $logger;
  34. /** @var array */
  35. private $defaultRequestOptions;
  36. protected function setUp(): void {
  37. parent::setUp();
  38. $this->config = $this->createMock(IConfig::class);
  39. $this->guzzleClient = $this->createMock(\GuzzleHttp\Client::class);
  40. $this->certificateManager = $this->createMock(ICertificateManager::class);
  41. $this->remoteHostValidator = $this->createMock(IRemoteHostValidator::class);
  42. $this->logger = $this->createMock(LoggerInterface::class);
  43. $this->client = new Client(
  44. $this->config,
  45. $this->certificateManager,
  46. $this->guzzleClient,
  47. $this->remoteHostValidator,
  48. $this->logger,
  49. );
  50. }
  51. public function testGetProxyUri(): void {
  52. $this->config
  53. ->method('getSystemValueString')
  54. ->with('proxy', '')
  55. ->willReturn('');
  56. $this->assertNull(self::invokePrivate($this->client, 'getProxyUri'));
  57. }
  58. public function testGetProxyUriProxyHostEmptyPassword(): void {
  59. $this->config
  60. ->method('getSystemValue')
  61. ->will($this->returnValueMap([
  62. ['proxyexclude', [], []],
  63. ]));
  64. $this->config
  65. ->method('getSystemValueString')
  66. ->will($this->returnValueMap([
  67. ['proxy', '', 'foo'],
  68. ['proxyuserpwd', '', ''],
  69. ]));
  70. $this->assertEquals([
  71. 'http' => 'foo',
  72. 'https' => 'foo'
  73. ], self::invokePrivate($this->client, 'getProxyUri'));
  74. }
  75. public function testGetProxyUriProxyHostWithPassword(): void {
  76. $this->config
  77. ->expects($this->once())
  78. ->method('getSystemValue')
  79. ->with('proxyexclude', [])
  80. ->willReturn([]);
  81. $this->config
  82. ->expects($this->exactly(2))
  83. ->method('getSystemValueString')
  84. ->withConsecutive(
  85. ['proxy', ''],
  86. ['proxyuserpwd', ''],
  87. )
  88. ->willReturnOnConsecutiveCalls(
  89. 'foo',
  90. 'username:password',
  91. );
  92. $this->assertEquals([
  93. 'http' => 'username:password@foo',
  94. 'https' => 'username:password@foo'
  95. ], self::invokePrivate($this->client, 'getProxyUri'));
  96. }
  97. public function testGetProxyUriProxyHostWithPasswordAndExclude(): void {
  98. $this->config
  99. ->expects($this->once())
  100. ->method('getSystemValue')
  101. ->with('proxyexclude', [])
  102. ->willReturn(['bar']);
  103. $this->config
  104. ->expects($this->exactly(2))
  105. ->method('getSystemValueString')
  106. ->withConsecutive(
  107. ['proxy', ''],
  108. ['proxyuserpwd', ''],
  109. )
  110. ->willReturnOnConsecutiveCalls(
  111. 'foo',
  112. 'username:password',
  113. );
  114. $this->assertEquals([
  115. 'http' => 'username:password@foo',
  116. 'https' => 'username:password@foo',
  117. 'no' => ['bar']
  118. ], self::invokePrivate($this->client, 'getProxyUri'));
  119. }
  120. public function testPreventLocalAddressThrowOnInvalidUri(): void {
  121. $this->expectException(LocalServerException::class);
  122. $this->expectExceptionMessage('Could not detect any host');
  123. self::invokePrivate($this->client, 'preventLocalAddress', ['!@#$', []]);
  124. }
  125. public function dataPreventLocalAddress():array {
  126. return [
  127. ['https://localhost/foo.bar'],
  128. ['https://localHost/foo.bar'],
  129. ['https://random-host/foo.bar'],
  130. ['https://[::1]/bla.blub'],
  131. ['https://[::]/bla.blub'],
  132. ['https://192.168.0.1'],
  133. ['https://172.16.42.1'],
  134. ['https://[fdf8:f53b:82e4::53]/secret.ics'],
  135. ['https://[fe80::200:5aee:feaa:20a2]/secret.ics'],
  136. ['https://[0:0:0:0:0:0:10.0.0.1]/secret.ics'],
  137. ['https://[0:0:0:0:0:ffff:127.0.0.0]/secret.ics'],
  138. ['https://10.0.0.1'],
  139. ['https://another-host.local'],
  140. ['https://service.localhost'],
  141. ['https://normal.host.com'],
  142. ['https://com.one-.nextcloud-one.com'],
  143. ];
  144. }
  145. /**
  146. * @dataProvider dataPreventLocalAddress
  147. * @param string $uri
  148. */
  149. public function testPreventLocalAddressDisabledByGlobalConfig(string $uri): void {
  150. $this->config->expects($this->once())
  151. ->method('getSystemValueBool')
  152. ->with('allow_local_remote_servers', false)
  153. ->willReturn(true);
  154. self::invokePrivate($this->client, 'preventLocalAddress', [$uri, []]);
  155. }
  156. /**
  157. * @dataProvider dataPreventLocalAddress
  158. * @param string $uri
  159. */
  160. public function testPreventLocalAddressDisabledByOption(string $uri): void {
  161. $this->config->expects($this->never())
  162. ->method('getSystemValueBool');
  163. self::invokePrivate($this->client, 'preventLocalAddress', [$uri, [
  164. 'nextcloud' => ['allow_local_address' => true],
  165. ]]);
  166. }
  167. /**
  168. * @dataProvider dataPreventLocalAddress
  169. * @param string $uri
  170. */
  171. public function testPreventLocalAddressOnGet(string $uri): void {
  172. $host = parse_url($uri, PHP_URL_HOST);
  173. $this->expectException(LocalServerException::class);
  174. $this->remoteHostValidator
  175. ->method('isValid')
  176. ->with($host)
  177. ->willReturn(false);
  178. $this->client->get($uri);
  179. }
  180. /**
  181. * @dataProvider dataPreventLocalAddress
  182. * @param string $uri
  183. */
  184. public function testPreventLocalAddressOnHead(string $uri): void {
  185. $host = parse_url($uri, PHP_URL_HOST);
  186. $this->expectException(LocalServerException::class);
  187. $this->remoteHostValidator
  188. ->method('isValid')
  189. ->with($host)
  190. ->willReturn(false);
  191. $this->client->head($uri);
  192. }
  193. /**
  194. * @dataProvider dataPreventLocalAddress
  195. * @param string $uri
  196. */
  197. public function testPreventLocalAddressOnPost(string $uri): void {
  198. $host = parse_url($uri, PHP_URL_HOST);
  199. $this->expectException(LocalServerException::class);
  200. $this->remoteHostValidator
  201. ->method('isValid')
  202. ->with($host)
  203. ->willReturn(false);
  204. $this->client->post($uri);
  205. }
  206. /**
  207. * @dataProvider dataPreventLocalAddress
  208. * @param string $uri
  209. */
  210. public function testPreventLocalAddressOnPut(string $uri): void {
  211. $host = parse_url($uri, PHP_URL_HOST);
  212. $this->expectException(LocalServerException::class);
  213. $this->remoteHostValidator
  214. ->method('isValid')
  215. ->with($host)
  216. ->willReturn(false);
  217. $this->client->put($uri);
  218. }
  219. /**
  220. * @dataProvider dataPreventLocalAddress
  221. * @param string $uri
  222. */
  223. public function testPreventLocalAddressOnDelete(string $uri): void {
  224. $host = parse_url($uri, PHP_URL_HOST);
  225. $this->expectException(LocalServerException::class);
  226. $this->remoteHostValidator
  227. ->method('isValid')
  228. ->with($host)
  229. ->willReturn(false);
  230. $this->client->delete($uri);
  231. }
  232. private function setUpDefaultRequestOptions(): void {
  233. $this->config
  234. ->method('getSystemValue')
  235. ->will($this->returnValueMap([
  236. ['proxyexclude', [], []],
  237. ]));
  238. $this->config
  239. ->method('getSystemValueString')
  240. ->will($this->returnValueMap([
  241. ['proxy', '', 'foo'],
  242. ['proxyuserpwd', '', ''],
  243. ]));
  244. $this->config
  245. ->method('getSystemValueBool')
  246. ->will($this->returnValueMap([
  247. ['installed', false, true],
  248. ['allow_local_remote_servers', false, true],
  249. ]));
  250. $this->certificateManager
  251. ->expects($this->once())
  252. ->method('getAbsoluteBundlePath')
  253. ->with()
  254. ->willReturn('/my/path.crt');
  255. $this->defaultRequestOptions = [
  256. 'verify' => '/my/path.crt',
  257. 'proxy' => [
  258. 'http' => 'foo',
  259. 'https' => 'foo'
  260. ],
  261. 'headers' => [
  262. 'User-Agent' => 'Nextcloud Server Crawler',
  263. 'Accept-Encoding' => 'gzip',
  264. ],
  265. 'timeout' => 30,
  266. 'nextcloud' => [
  267. 'allow_local_address' => true,
  268. ],
  269. ];
  270. }
  271. public function testGet(): void {
  272. $this->setUpDefaultRequestOptions();
  273. $this->guzzleClient->method('request')
  274. ->with('get', 'http://localhost/', $this->defaultRequestOptions)
  275. ->willReturn(new Response(418));
  276. $this->assertEquals(418, $this->client->get('http://localhost/', [])->getStatusCode());
  277. }
  278. public function testGetWithOptions(): void {
  279. $this->setUpDefaultRequestOptions();
  280. $options = array_merge($this->defaultRequestOptions, [
  281. 'verify' => false,
  282. 'proxy' => [
  283. 'http' => 'bar',
  284. 'https' => 'bar'
  285. ],
  286. ]);
  287. $this->guzzleClient->method('request')
  288. ->with('get', 'http://localhost/', $options)
  289. ->willReturn(new Response(418));
  290. $this->assertEquals(418, $this->client->get('http://localhost/', $options)->getStatusCode());
  291. }
  292. public function testPost(): void {
  293. $this->setUpDefaultRequestOptions();
  294. $this->guzzleClient->method('request')
  295. ->with('post', 'http://localhost/', $this->defaultRequestOptions)
  296. ->willReturn(new Response(418));
  297. $this->assertEquals(418, $this->client->post('http://localhost/', [])->getStatusCode());
  298. }
  299. public function testPostWithOptions(): void {
  300. $this->setUpDefaultRequestOptions();
  301. $options = array_merge($this->defaultRequestOptions, [
  302. 'verify' => false,
  303. 'proxy' => [
  304. 'http' => 'bar',
  305. 'https' => 'bar'
  306. ],
  307. ]);
  308. $this->guzzleClient->method('request')
  309. ->with('post', 'http://localhost/', $options)
  310. ->willReturn(new Response(418));
  311. $this->assertEquals(418, $this->client->post('http://localhost/', $options)->getStatusCode());
  312. }
  313. public function testPut(): void {
  314. $this->setUpDefaultRequestOptions();
  315. $this->guzzleClient->method('request')
  316. ->with('put', 'http://localhost/', $this->defaultRequestOptions)
  317. ->willReturn(new Response(418));
  318. $this->assertEquals(418, $this->client->put('http://localhost/', [])->getStatusCode());
  319. }
  320. public function testPutWithOptions(): void {
  321. $this->setUpDefaultRequestOptions();
  322. $options = array_merge($this->defaultRequestOptions, [
  323. 'verify' => false,
  324. 'proxy' => [
  325. 'http' => 'bar',
  326. 'https' => 'bar'
  327. ],
  328. ]);
  329. $this->guzzleClient->method('request')
  330. ->with('put', 'http://localhost/', $options)
  331. ->willReturn(new Response(418));
  332. $this->assertEquals(418, $this->client->put('http://localhost/', $options)->getStatusCode());
  333. }
  334. public function testDelete(): void {
  335. $this->setUpDefaultRequestOptions();
  336. $this->guzzleClient->method('request')
  337. ->with('delete', 'http://localhost/', $this->defaultRequestOptions)
  338. ->willReturn(new Response(418));
  339. $this->assertEquals(418, $this->client->delete('http://localhost/', [])->getStatusCode());
  340. }
  341. public function testDeleteWithOptions(): void {
  342. $this->setUpDefaultRequestOptions();
  343. $options = array_merge($this->defaultRequestOptions, [
  344. 'verify' => false,
  345. 'proxy' => [
  346. 'http' => 'bar',
  347. 'https' => 'bar'
  348. ],
  349. ]);
  350. $this->guzzleClient->method('request')
  351. ->with('delete', 'http://localhost/', $options)
  352. ->willReturn(new Response(418));
  353. $this->assertEquals(418, $this->client->delete('http://localhost/', $options)->getStatusCode());
  354. }
  355. public function testOptions(): void {
  356. $this->setUpDefaultRequestOptions();
  357. $this->guzzleClient->method('request')
  358. ->with('options', 'http://localhost/', $this->defaultRequestOptions)
  359. ->willReturn(new Response(418));
  360. $this->assertEquals(418, $this->client->options('http://localhost/', [])->getStatusCode());
  361. }
  362. public function testOptionsWithOptions(): void {
  363. $this->setUpDefaultRequestOptions();
  364. $options = array_merge($this->defaultRequestOptions, [
  365. 'verify' => false,
  366. 'proxy' => [
  367. 'http' => 'bar',
  368. 'https' => 'bar'
  369. ],
  370. ]);
  371. $this->guzzleClient->method('request')
  372. ->with('options', 'http://localhost/', $options)
  373. ->willReturn(new Response(418));
  374. $this->assertEquals(418, $this->client->options('http://localhost/', $options)->getStatusCode());
  375. }
  376. public function testHead(): void {
  377. $this->setUpDefaultRequestOptions();
  378. $this->guzzleClient->method('request')
  379. ->with('head', 'http://localhost/', $this->defaultRequestOptions)
  380. ->willReturn(new Response(418));
  381. $this->assertEquals(418, $this->client->head('http://localhost/', [])->getStatusCode());
  382. }
  383. public function testHeadWithOptions(): void {
  384. $this->setUpDefaultRequestOptions();
  385. $options = array_merge($this->defaultRequestOptions, [
  386. 'verify' => false,
  387. 'proxy' => [
  388. 'http' => 'bar',
  389. 'https' => 'bar'
  390. ],
  391. ]);
  392. $this->guzzleClient->method('request')
  393. ->with('head', 'http://localhost/', $options)
  394. ->willReturn(new Response(418));
  395. $this->assertEquals(418, $this->client->head('http://localhost/', $options)->getStatusCode());
  396. }
  397. public function testSetDefaultOptionsWithNotInstalled(): void {
  398. $this->config
  399. ->expects($this->exactly(2))
  400. ->method('getSystemValueBool')
  401. ->withConsecutive(
  402. ['installed', false],
  403. ['allow_local_remote_servers', false],
  404. )
  405. ->willReturnOnConsecutiveCalls(
  406. false,
  407. false,
  408. );
  409. $this->config
  410. ->expects($this->once())
  411. ->method('getSystemValueString')
  412. ->with('proxy', '')
  413. ->willReturn('');
  414. $this->certificateManager
  415. ->expects($this->never())
  416. ->method('listCertificates');
  417. $this->assertEquals([
  418. 'verify' => \OC::$SERVERROOT . '/resources/config/ca-bundle.crt',
  419. 'headers' => [
  420. 'User-Agent' => 'Nextcloud Server Crawler',
  421. 'Accept-Encoding' => 'gzip',
  422. ],
  423. 'timeout' => 30,
  424. 'nextcloud' => [
  425. 'allow_local_address' => false,
  426. ],
  427. 'allow_redirects' => [
  428. 'on_redirect' => function (
  429. \Psr\Http\Message\RequestInterface $request,
  430. \Psr\Http\Message\ResponseInterface $response,
  431. \Psr\Http\Message\UriInterface $uri,
  432. ) {
  433. },
  434. ],
  435. ], self::invokePrivate($this->client, 'buildRequestOptions', [[]]));
  436. }
  437. public function testSetDefaultOptionsWithProxy(): void {
  438. $this->config
  439. ->expects($this->exactly(2))
  440. ->method('getSystemValueBool')
  441. ->withConsecutive(
  442. ['installed', false],
  443. ['allow_local_remote_servers', false],
  444. )
  445. ->willReturnOnConsecutiveCalls(
  446. true,
  447. false,
  448. );
  449. $this->config
  450. ->expects($this->once())
  451. ->method('getSystemValue')
  452. ->with('proxyexclude', [])
  453. ->willReturn([]);
  454. $this->config
  455. ->expects($this->exactly(2))
  456. ->method('getSystemValueString')
  457. ->withConsecutive(
  458. ['proxy', ''],
  459. ['proxyuserpwd', ''],
  460. )
  461. ->willReturnOnConsecutiveCalls(
  462. 'foo',
  463. '',
  464. );
  465. $this->certificateManager
  466. ->expects($this->once())
  467. ->method('getAbsoluteBundlePath')
  468. ->with()
  469. ->willReturn('/my/path.crt');
  470. $this->assertEquals([
  471. 'verify' => '/my/path.crt',
  472. 'proxy' => [
  473. 'http' => 'foo',
  474. 'https' => 'foo'
  475. ],
  476. 'headers' => [
  477. 'User-Agent' => 'Nextcloud Server Crawler',
  478. 'Accept-Encoding' => 'gzip',
  479. ],
  480. 'timeout' => 30,
  481. 'nextcloud' => [
  482. 'allow_local_address' => false,
  483. ],
  484. 'allow_redirects' => [
  485. 'on_redirect' => function (
  486. \Psr\Http\Message\RequestInterface $request,
  487. \Psr\Http\Message\ResponseInterface $response,
  488. \Psr\Http\Message\UriInterface $uri,
  489. ) {
  490. },
  491. ],
  492. ], self::invokePrivate($this->client, 'buildRequestOptions', [[]]));
  493. }
  494. public function testSetDefaultOptionsWithProxyAndExclude(): void {
  495. $this->config
  496. ->expects($this->exactly(2))
  497. ->method('getSystemValueBool')
  498. ->withConsecutive(
  499. ['installed', false],
  500. ['allow_local_remote_servers', false],
  501. )
  502. ->willReturnOnConsecutiveCalls(
  503. true,
  504. false,
  505. );
  506. $this->config
  507. ->expects($this->once())
  508. ->method('getSystemValue')
  509. ->with('proxyexclude', [])
  510. ->willReturn(['bar']);
  511. $this->config
  512. ->expects($this->exactly(2))
  513. ->method('getSystemValueString')
  514. ->withConsecutive(
  515. ['proxy', ''],
  516. ['proxyuserpwd', ''],
  517. )
  518. ->willReturnOnConsecutiveCalls(
  519. 'foo',
  520. '',
  521. );
  522. $this->certificateManager
  523. ->expects($this->once())
  524. ->method('getAbsoluteBundlePath')
  525. ->with()
  526. ->willReturn('/my/path.crt');
  527. $this->assertEquals([
  528. 'verify' => '/my/path.crt',
  529. 'proxy' => [
  530. 'http' => 'foo',
  531. 'https' => 'foo',
  532. 'no' => ['bar']
  533. ],
  534. 'headers' => [
  535. 'User-Agent' => 'Nextcloud Server Crawler',
  536. 'Accept-Encoding' => 'gzip',
  537. ],
  538. 'timeout' => 30,
  539. 'nextcloud' => [
  540. 'allow_local_address' => false,
  541. ],
  542. 'allow_redirects' => [
  543. 'on_redirect' => function (
  544. \Psr\Http\Message\RequestInterface $request,
  545. \Psr\Http\Message\ResponseInterface $response,
  546. \Psr\Http\Message\UriInterface $uri,
  547. ) {
  548. },
  549. ],
  550. ], self::invokePrivate($this->client, 'buildRequestOptions', [[]]));
  551. }
  552. }