AppPasswordControllerTest.php 6.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248
  1. <?php
  2. declare(strict_types=1);
  3. /**
  4. * @copyright Copyright (c) 2018, Roeland Jago Douma <roeland@famdouma.nl>
  5. *
  6. * @author Roeland Jago Douma <roeland@famdouma.nl>
  7. *
  8. * @license GNU AGPL version 3 or any later version
  9. *
  10. * This program is free software: you can redistribute it and/or modify
  11. * it under the terms of the GNU Affero General Public License as
  12. * published by the Free Software Foundation, either version 3 of the
  13. * License, or (at your option) any later version.
  14. *
  15. * This program is distributed in the hope that it will be useful,
  16. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  17. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  18. * GNU Affero General Public License for more details.
  19. *
  20. * You should have received a copy of the GNU Affero General Public License
  21. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  22. *
  23. */
  24. namespace Tests\Core\Controller;
  25. use OC\Authentication\Exceptions\InvalidTokenException;
  26. use OC\Authentication\Token\IProvider;
  27. use OC\Authentication\Token\IToken;
  28. use OC\Core\Controller\AppPasswordController;
  29. use OCP\AppFramework\Http\DataResponse;
  30. use OCP\AppFramework\OCS\OCSForbiddenException;
  31. use OCP\Authentication\Exceptions\CredentialsUnavailableException;
  32. use OCP\Authentication\Exceptions\PasswordUnavailableException;
  33. use OCP\Authentication\LoginCredentials\ICredentials;
  34. use OCP\Authentication\LoginCredentials\IStore;
  35. use OCP\EventDispatcher\IEventDispatcher;
  36. use OCP\IRequest;
  37. use OCP\ISession;
  38. use OCP\Security\ISecureRandom;
  39. use PHPUnit\Framework\MockObject\MockObject;
  40. use Test\TestCase;
  41. class AppPasswordControllerTest extends TestCase {
  42. /** @var ISession|MockObject */
  43. private $session;
  44. /** @var ISecureRandom|MockObject */
  45. private $random;
  46. /** @var IProvider|MockObject */
  47. private $tokenProvider;
  48. /** @var IStore|MockObject */
  49. private $credentialStore;
  50. /** @var IRequest|MockObject */
  51. private $request;
  52. /** @var IEventDispatcher|\PHPUnit\Framework\MockObject\MockObject */
  53. private $eventDispatcher;
  54. /** @var AppPasswordController */
  55. private $controller;
  56. protected function setUp(): void {
  57. parent::setUp();
  58. $this->session = $this->createMock(ISession::class);
  59. $this->random = $this->createMock(ISecureRandom::class);
  60. $this->tokenProvider = $this->createMock(IProvider::class);
  61. $this->credentialStore = $this->createMock(IStore::class);
  62. $this->request = $this->createMock(IRequest::class);
  63. $this->eventDispatcher = $this->createMock(IEventDispatcher::class);
  64. $this->controller = new AppPasswordController(
  65. 'core',
  66. $this->request,
  67. $this->session,
  68. $this->random,
  69. $this->tokenProvider,
  70. $this->credentialStore,
  71. $this->eventDispatcher
  72. );
  73. }
  74. public function testGetAppPasswordWithAppPassword() {
  75. $this->session->method('exists')
  76. ->with('app_password')
  77. ->willReturn(true);
  78. $this->expectException(OCSForbiddenException::class);
  79. $this->controller->getAppPassword();
  80. }
  81. public function testGetAppPasswordNoLoginCreds() {
  82. $this->session->method('exists')
  83. ->with('app_password')
  84. ->willReturn(false);
  85. $this->credentialStore->method('getLoginCredentials')
  86. ->willThrowException(new CredentialsUnavailableException());
  87. $this->expectException(OCSForbiddenException::class);
  88. $this->controller->getAppPassword();
  89. }
  90. public function testGetAppPassword() {
  91. $credentials = $this->createMock(ICredentials::class);
  92. $this->session->method('exists')
  93. ->with('app_password')
  94. ->willReturn(false);
  95. $this->credentialStore->method('getLoginCredentials')
  96. ->willReturn($credentials);
  97. $credentials->method('getUid')
  98. ->willReturn('myUID');
  99. $credentials->method('getPassword')
  100. ->willReturn('myPassword');
  101. $credentials->method('getLoginName')
  102. ->willReturn('myLoginName');
  103. $this->request->method('getHeader')
  104. ->with('USER_AGENT')
  105. ->willReturn('myUA');
  106. $this->random->method('generate')
  107. ->with(
  108. 72,
  109. ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS
  110. )->willReturn('myToken');
  111. $this->tokenProvider->expects($this->once())
  112. ->method('generateToken')
  113. ->with(
  114. 'myToken',
  115. 'myUID',
  116. 'myLoginName',
  117. 'myPassword',
  118. 'myUA',
  119. IToken::PERMANENT_TOKEN,
  120. IToken::DO_NOT_REMEMBER
  121. );
  122. $this->eventDispatcher->expects($this->once())
  123. ->method('dispatchTyped');
  124. $this->controller->getAppPassword();
  125. }
  126. public function testGetAppPasswordNoPassword() {
  127. $credentials = $this->createMock(ICredentials::class);
  128. $this->session->method('exists')
  129. ->with('app_password')
  130. ->willReturn(false);
  131. $this->credentialStore->method('getLoginCredentials')
  132. ->willReturn($credentials);
  133. $credentials->method('getUid')
  134. ->willReturn('myUID');
  135. $credentials->method('getPassword')
  136. ->willThrowException(new PasswordUnavailableException());
  137. $credentials->method('getLoginName')
  138. ->willReturn('myLoginName');
  139. $this->request->method('getHeader')
  140. ->with('USER_AGENT')
  141. ->willReturn('myUA');
  142. $this->random->method('generate')
  143. ->with(
  144. 72,
  145. ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS
  146. )->willReturn('myToken');
  147. $this->tokenProvider->expects($this->once())
  148. ->method('generateToken')
  149. ->with(
  150. 'myToken',
  151. 'myUID',
  152. 'myLoginName',
  153. null,
  154. 'myUA',
  155. IToken::PERMANENT_TOKEN,
  156. IToken::DO_NOT_REMEMBER
  157. );
  158. $this->eventDispatcher->expects($this->once())
  159. ->method('dispatchTyped');
  160. $this->controller->getAppPassword();
  161. }
  162. public function testDeleteAppPasswordNoAppPassword() {
  163. $this->session->method('exists')
  164. ->with('app_password')
  165. ->willReturn(false);
  166. $this->expectException(OCSForbiddenException::class);
  167. $this->controller->deleteAppPassword();
  168. }
  169. public function testDeleteAppPasswordFails() {
  170. $this->session->method('exists')
  171. ->with('app_password')
  172. ->willReturn(true);
  173. $this->session->method('get')
  174. ->with('app_password')
  175. ->willReturn('myAppPassword');
  176. $this->tokenProvider->method('getToken')
  177. ->with('myAppPassword')
  178. ->willThrowException(new InvalidTokenException());
  179. $this->expectException(OCSForbiddenException::class);
  180. $this->controller->deleteAppPassword();
  181. }
  182. public function testDeleteAppPasswordSuccess() {
  183. $this->session->method('exists')
  184. ->with('app_password')
  185. ->willReturn(true);
  186. $this->session->method('get')
  187. ->with('app_password')
  188. ->willReturn('myAppPassword');
  189. $token = $this->createMock(IToken::class);
  190. $this->tokenProvider->method('getToken')
  191. ->with('myAppPassword')
  192. ->willReturn($token);
  193. $token->method('getUID')
  194. ->willReturn('myUID');
  195. $token->method('getId')
  196. ->willReturn(42);
  197. $this->tokenProvider->expects($this->once())
  198. ->method('invalidateTokenById')
  199. ->with(
  200. 'myUID',
  201. 42
  202. );
  203. $result = $this->controller->deleteAppPassword();
  204. $this->assertEquals(new DataResponse(), $result);
  205. }
  206. }