1
0

AuthSettingsControllerTest.php 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481
  1. <?php
  2. /**
  3. * @copyright Copyright (c) 2016, ownCloud, Inc.
  4. *
  5. * @author Christoph Wurst <christoph@winzerhof-wurst.at>
  6. * @author Daniel Kesselberg <mail@danielkesselberg.de>
  7. * @author Fabrizio Steiner <fabrizio.steiner@gmail.com>
  8. * @author Greta Doci <gretadoci@gmail.com>
  9. * @author Joas Schilling <coding@schilljs.com>
  10. * @author Morris Jobke <hey@morrisjobke.de>
  11. * @author Robin Appelman <robin@icewind.nl>
  12. * @author Roeland Jago Douma <roeland@famdouma.nl>
  13. * @author Sergej Nikolaev <kinolaev@gmail.com>
  14. *
  15. * @license AGPL-3.0
  16. *
  17. * This code is free software: you can redistribute it and/or modify
  18. * it under the terms of the GNU Affero General Public License, version 3,
  19. * as published by the Free Software Foundation.
  20. *
  21. * This program is distributed in the hope that it will be useful,
  22. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  23. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  24. * GNU Affero General Public License for more details.
  25. *
  26. * You should have received a copy of the GNU Affero General Public License, version 3,
  27. * along with this program. If not, see <http://www.gnu.org/licenses/>
  28. *
  29. */
  30. namespace Test\Settings\Controller;
  31. use OC\AppFramework\Http;
  32. use OC\Authentication\Exceptions\ExpiredTokenException;
  33. use OC\Authentication\Exceptions\InvalidTokenException;
  34. use OC\Authentication\Token\IProvider;
  35. use OC\Authentication\Token\IToken;
  36. use OC\Authentication\Token\IWipeableToken;
  37. use OC\Authentication\Token\PublicKeyToken;
  38. use OC\Authentication\Token\RemoteWipe;
  39. use OCA\Settings\Controller\AuthSettingsController;
  40. use OCP\Activity\IEvent;
  41. use OCP\Activity\IManager;
  42. use OCP\AppFramework\Http\JSONResponse;
  43. use OCP\IRequest;
  44. use OCP\ISession;
  45. use OCP\IUserSession;
  46. use OCP\Security\ISecureRandom;
  47. use OCP\Session\Exceptions\SessionNotAvailableException;
  48. use PHPUnit\Framework\MockObject\MockObject;
  49. use Psr\Log\LoggerInterface;
  50. use Test\TestCase;
  51. class AuthSettingsControllerTest extends TestCase {
  52. /** @var AuthSettingsController */
  53. private $controller;
  54. /** @var IRequest|MockObject */
  55. private $request;
  56. /** @var IProvider|MockObject */
  57. private $tokenProvider;
  58. /** @var ISession|MockObject */
  59. private $session;
  60. /**@var IUserSession|MockObject */
  61. private $userSession;
  62. /** @var ISecureRandom|MockObject */
  63. private $secureRandom;
  64. /** @var IManager|MockObject */
  65. private $activityManager;
  66. /** @var RemoteWipe|MockObject */
  67. private $remoteWipe;
  68. private $uid = 'jane';
  69. protected function setUp(): void {
  70. parent::setUp();
  71. $this->request = $this->createMock(IRequest::class);
  72. $this->tokenProvider = $this->createMock(IProvider::class);
  73. $this->session = $this->createMock(ISession::class);
  74. $this->userSession = $this->createMock(IUserSession::class);
  75. $this->secureRandom = $this->createMock(ISecureRandom::class);
  76. $this->activityManager = $this->createMock(IManager::class);
  77. $this->remoteWipe = $this->createMock(RemoteWipe::class);
  78. /** @var LoggerInterface|MockObject $logger */
  79. $logger = $this->createMock(LoggerInterface::class);
  80. $this->controller = new AuthSettingsController(
  81. 'core',
  82. $this->request,
  83. $this->tokenProvider,
  84. $this->session,
  85. $this->secureRandom,
  86. $this->uid,
  87. $this->userSession,
  88. $this->activityManager,
  89. $this->remoteWipe,
  90. $logger
  91. );
  92. }
  93. public function testCreate() {
  94. $name = 'Nexus 4';
  95. $sessionToken = $this->createMock(IToken::class);
  96. $deviceToken = $this->createMock(IToken::class);
  97. $password = '123456';
  98. $this->session->expects($this->once())
  99. ->method('getId')
  100. ->willReturn('sessionid');
  101. $this->tokenProvider->expects($this->once())
  102. ->method('getToken')
  103. ->with('sessionid')
  104. ->willReturn($sessionToken);
  105. $this->tokenProvider->expects($this->once())
  106. ->method('getPassword')
  107. ->with($sessionToken, 'sessionid')
  108. ->willReturn($password);
  109. $sessionToken->expects($this->once())
  110. ->method('getLoginName')
  111. ->willReturn('User13');
  112. $this->secureRandom->expects($this->exactly(5))
  113. ->method('generate')
  114. ->with(5, ISecureRandom::CHAR_HUMAN_READABLE)
  115. ->willReturn('XXXXX');
  116. $newToken = 'XXXXX-XXXXX-XXXXX-XXXXX-XXXXX';
  117. $this->tokenProvider->expects($this->once())
  118. ->method('generateToken')
  119. ->with($newToken, $this->uid, 'User13', $password, $name, IToken::PERMANENT_TOKEN)
  120. ->willReturn($deviceToken);
  121. $deviceToken->expects($this->once())
  122. ->method('jsonSerialize')
  123. ->willReturn(['dummy' => 'dummy', 'canDelete' => true]);
  124. $this->mockActivityManager();
  125. $expected = [
  126. 'token' => $newToken,
  127. 'deviceToken' => ['dummy' => 'dummy', 'canDelete' => true, 'canRename' => true],
  128. 'loginName' => 'User13',
  129. ];
  130. $response = $this->controller->create($name);
  131. $this->assertInstanceOf(JSONResponse::class, $response);
  132. $this->assertEquals($expected, $response->getData());
  133. }
  134. public function testCreateSessionNotAvailable() {
  135. $name = 'personal phone';
  136. $this->session->expects($this->once())
  137. ->method('getId')
  138. ->will($this->throwException(new SessionNotAvailableException()));
  139. $expected = new JSONResponse();
  140. $expected->setStatus(Http::STATUS_SERVICE_UNAVAILABLE);
  141. $this->assertEquals($expected, $this->controller->create($name));
  142. }
  143. public function testCreateInvalidToken() {
  144. $name = 'Company IPhone';
  145. $this->session->expects($this->once())
  146. ->method('getId')
  147. ->willReturn('sessionid');
  148. $this->tokenProvider->expects($this->once())
  149. ->method('getToken')
  150. ->with('sessionid')
  151. ->will($this->throwException(new InvalidTokenException()));
  152. $expected = new JSONResponse();
  153. $expected->setStatus(Http::STATUS_SERVICE_UNAVAILABLE);
  154. $this->assertEquals($expected, $this->controller->create($name));
  155. }
  156. public function testDestroy() {
  157. $tokenId = 124;
  158. $token = $this->createMock(PublicKeyToken::class);
  159. $this->mockGetTokenById($tokenId, $token);
  160. $this->mockActivityManager();
  161. $token->expects($this->exactly(2))
  162. ->method('getId')
  163. ->willReturn($tokenId);
  164. $token->expects($this->once())
  165. ->method('getUID')
  166. ->willReturn('jane');
  167. $this->tokenProvider->expects($this->once())
  168. ->method('invalidateTokenById')
  169. ->with($this->uid, $tokenId);
  170. $this->assertEquals([], $this->controller->destroy($tokenId));
  171. }
  172. public function testDestroyExpired() {
  173. $tokenId = 124;
  174. $token = $this->createMock(PublicKeyToken::class);
  175. $token->expects($this->exactly(2))
  176. ->method('getId')
  177. ->willReturn($tokenId);
  178. $token->expects($this->once())
  179. ->method('getUID')
  180. ->willReturn($this->uid);
  181. $this->tokenProvider->expects($this->once())
  182. ->method('getTokenById')
  183. ->with($this->equalTo($tokenId))
  184. ->willThrowException(new ExpiredTokenException($token));
  185. $this->tokenProvider->expects($this->once())
  186. ->method('invalidateTokenById')
  187. ->with($this->uid, $tokenId);
  188. $this->assertSame([], $this->controller->destroy($tokenId));
  189. }
  190. public function testDestroyWrongUser() {
  191. $tokenId = 124;
  192. $token = $this->createMock(PublicKeyToken::class);
  193. $this->mockGetTokenById($tokenId, $token);
  194. $token->expects($this->once())
  195. ->method('getUID')
  196. ->willReturn('foobar');
  197. $response = $this->controller->destroy($tokenId);
  198. $this->assertSame([], $response->getData());
  199. $this->assertSame(\OCP\AppFramework\Http::STATUS_NOT_FOUND, $response->getStatus());
  200. }
  201. public function dataRenameToken(): array {
  202. return [
  203. 'App password => Other token name' => ['App password', 'Other token name'],
  204. 'Other token name => App password' => ['Other token name', 'App password'],
  205. ];
  206. }
  207. /**
  208. * @dataProvider dataRenameToken
  209. *
  210. * @param string $name
  211. * @param string $newName
  212. */
  213. public function testUpdateRename(string $name, string $newName): void {
  214. $tokenId = 42;
  215. $token = $this->createMock(PublicKeyToken::class);
  216. $this->mockGetTokenById($tokenId, $token);
  217. $this->mockActivityManager();
  218. $token->expects($this->once())
  219. ->method('getUID')
  220. ->willReturn('jane');
  221. $token->expects($this->once())
  222. ->method('getName')
  223. ->willReturn($name);
  224. $token->expects($this->once())
  225. ->method('getScopeAsArray')
  226. ->willReturn(['filesystem' => true]);
  227. $token->expects($this->once())
  228. ->method('setName')
  229. ->with($this->equalTo($newName));
  230. $this->tokenProvider->expects($this->once())
  231. ->method('updateToken')
  232. ->with($this->equalTo($token));
  233. $this->assertSame([], $this->controller->update($tokenId, ['filesystem' => true], $newName));
  234. }
  235. public function dataUpdateFilesystemScope(): array {
  236. return [
  237. 'Grant filesystem access' => [false, true],
  238. 'Revoke filesystem access' => [true, false],
  239. ];
  240. }
  241. /**
  242. * @dataProvider dataUpdateFilesystemScope
  243. *
  244. * @param bool $filesystem
  245. * @param bool $newFilesystem
  246. */
  247. public function testUpdateFilesystemScope(bool $filesystem, bool $newFilesystem): void {
  248. $tokenId = 42;
  249. $token = $this->createMock(PublicKeyToken::class);
  250. $this->mockGetTokenById($tokenId, $token);
  251. $this->mockActivityManager();
  252. $token->expects($this->once())
  253. ->method('getUID')
  254. ->willReturn('jane');
  255. $token->expects($this->once())
  256. ->method('getName')
  257. ->willReturn('App password');
  258. $token->expects($this->once())
  259. ->method('getScopeAsArray')
  260. ->willReturn(['filesystem' => $filesystem]);
  261. $token->expects($this->once())
  262. ->method('setScope')
  263. ->with($this->equalTo(['filesystem' => $newFilesystem]));
  264. $this->tokenProvider->expects($this->once())
  265. ->method('updateToken')
  266. ->with($this->equalTo($token));
  267. $this->assertSame([], $this->controller->update($tokenId, ['filesystem' => $newFilesystem], 'App password'));
  268. }
  269. public function testUpdateNoChange(): void {
  270. $tokenId = 42;
  271. $token = $this->createMock(PublicKeyToken::class);
  272. $this->mockGetTokenById($tokenId, $token);
  273. $token->expects($this->once())
  274. ->method('getUID')
  275. ->willReturn('jane');
  276. $token->expects($this->once())
  277. ->method('getName')
  278. ->willReturn('App password');
  279. $token->expects($this->once())
  280. ->method('getScopeAsArray')
  281. ->willReturn(['filesystem' => true]);
  282. $token->expects($this->never())
  283. ->method('setName');
  284. $token->expects($this->never())
  285. ->method('setScope');
  286. $this->tokenProvider->expects($this->once())
  287. ->method('updateToken')
  288. ->with($this->equalTo($token));
  289. $this->assertSame([], $this->controller->update($tokenId, ['filesystem' => true], 'App password'));
  290. }
  291. public function testUpdateExpired() {
  292. $tokenId = 42;
  293. $token = $this->createMock(PublicKeyToken::class);
  294. $token->expects($this->once())
  295. ->method('getUID')
  296. ->willReturn($this->uid);
  297. $this->tokenProvider->expects($this->once())
  298. ->method('getTokenById')
  299. ->with($this->equalTo($tokenId))
  300. ->willThrowException(new ExpiredTokenException($token));
  301. $this->tokenProvider->expects($this->once())
  302. ->method('updateToken')
  303. ->with($this->equalTo($token));
  304. $this->assertSame([], $this->controller->update($tokenId, ['filesystem' => true], 'App password'));
  305. }
  306. public function testUpdateTokenWrongUser() {
  307. $tokenId = 42;
  308. $token = $this->createMock(PublicKeyToken::class);
  309. $this->mockGetTokenById($tokenId, $token);
  310. $token->expects($this->once())
  311. ->method('getUID')
  312. ->willReturn('foobar');
  313. $token->expects($this->never())
  314. ->method('setScope');
  315. $this->tokenProvider->expects($this->never())
  316. ->method('updateToken');
  317. $response = $this->controller->update($tokenId, ['filesystem' => true], 'App password');
  318. $this->assertSame([], $response->getData());
  319. $this->assertSame(\OCP\AppFramework\Http::STATUS_NOT_FOUND, $response->getStatus());
  320. }
  321. public function testUpdateTokenNonExisting() {
  322. $this->tokenProvider->expects($this->once())
  323. ->method('getTokenById')
  324. ->with($this->equalTo(42))
  325. ->willThrowException(new InvalidTokenException('Token does not exist'));
  326. $this->tokenProvider->expects($this->never())
  327. ->method('updateToken');
  328. $response = $this->controller->update(42, ['filesystem' => true], 'App password');
  329. $this->assertSame([], $response->getData());
  330. $this->assertSame(\OCP\AppFramework\Http::STATUS_NOT_FOUND, $response->getStatus());
  331. }
  332. private function mockActivityManager(): void {
  333. $this->activityManager->expects($this->once())
  334. ->method('generateEvent')
  335. ->willReturn($this->createMock(IEvent::class));
  336. $this->activityManager->expects($this->once())
  337. ->method('publish');
  338. }
  339. /**
  340. * @param int $tokenId
  341. * @param $token
  342. */
  343. private function mockGetTokenById(int $tokenId, $token): void {
  344. $this->tokenProvider->expects($this->once())
  345. ->method('getTokenById')
  346. ->with($this->equalTo($tokenId))
  347. ->willReturn($token);
  348. }
  349. public function testRemoteWipeNotSuccessful(): void {
  350. $token = $this->createMock(IToken::class);
  351. $token->expects($this->once())
  352. ->method('getUID')
  353. ->willReturn($this->uid);
  354. $this->mockGetTokenById(123, $token);
  355. $this->remoteWipe->expects($this->once())
  356. ->method('markTokenForWipe')
  357. ->with($token)
  358. ->willReturn(false);
  359. $response = $this->controller->wipe(123);
  360. $expected = new JSONResponse([], Http::STATUS_BAD_REQUEST);
  361. $this->assertEquals($expected, $response);
  362. }
  363. public function testRemoteWipeWrongUser(): void {
  364. $token = $this->createMock(IToken::class);
  365. $token->expects($this->once())
  366. ->method('getUID')
  367. ->willReturn('definetly-not-' . $this->uid);
  368. $this->mockGetTokenById(123, $token);
  369. $this->remoteWipe->expects($this->never())
  370. ->method('markTokenForWipe');
  371. $response = $this->controller->wipe(123);
  372. $expected = new JSONResponse([], Http::STATUS_NOT_FOUND);
  373. $this->assertEquals($expected, $response);
  374. }
  375. public function testRemoteWipeSuccessful(): void {
  376. $token = $this->createMock(IWipeableToken::class);
  377. $token->expects($this->once())
  378. ->method('getUID')
  379. ->willReturn($this->uid);
  380. $this->mockGetTokenById(123, $token);
  381. $this->remoteWipe->expects($this->once())
  382. ->method('markTokenForWipe')
  383. ->with($token)
  384. ->willReturn(true);
  385. $response = $this->controller->wipe(123);
  386. $expected = new JSONResponse([]);
  387. $this->assertEquals($expected, $response);
  388. }
  389. }