PasswordConfirmationMiddlewareTest.php 5.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203
  1. <?php
  2. /**
  3. * SPDX-FileCopyrightText: 2018 Nextcloud GmbH and Nextcloud contributors
  4. * SPDX-License-Identifier: AGPL-3.0-or-later
  5. */
  6. namespace Test\AppFramework\Middleware\Security;
  7. use OC\AppFramework\Middleware\Security\Exceptions\NotConfirmedException;
  8. use OC\AppFramework\Middleware\Security\PasswordConfirmationMiddleware;
  9. use OC\AppFramework\Utility\ControllerMethodReflector;
  10. use OC\Authentication\Token\IProvider;
  11. use OCP\AppFramework\Utility\ITimeFactory;
  12. use OCP\Authentication\Token\IToken;
  13. use OCP\IRequest;
  14. use OCP\ISession;
  15. use OCP\IUser;
  16. use OCP\IUserSession;
  17. use Psr\Log\LoggerInterface;
  18. use Test\AppFramework\Middleware\Security\Mock\PasswordConfirmationMiddlewareController;
  19. use Test\TestCase;
  20. class PasswordConfirmationMiddlewareTest extends TestCase {
  21. /** @var ControllerMethodReflector */
  22. private $reflector;
  23. /** @var ISession|\PHPUnit\Framework\MockObject\MockObject */
  24. private $session;
  25. /** @var IUserSession|\PHPUnit\Framework\MockObject\MockObject */
  26. private $userSession;
  27. /** @var IUser|\PHPUnit\Framework\MockObject\MockObject */
  28. private $user;
  29. /** @var PasswordConfirmationMiddleware */
  30. private $middleware;
  31. /** @var PasswordConfirmationMiddlewareController */
  32. private $controller;
  33. /** @var ITimeFactory|\PHPUnit\Framework\MockObject\MockObject */
  34. private $timeFactory;
  35. private IProvider|\PHPUnit\Framework\MockObject\MockObject $tokenProvider;
  36. private LoggerInterface $logger;
  37. protected function setUp(): void {
  38. $this->reflector = new ControllerMethodReflector();
  39. $this->session = $this->createMock(ISession::class);
  40. $this->userSession = $this->createMock(IUserSession::class);
  41. $this->user = $this->createMock(IUser::class);
  42. $this->timeFactory = $this->createMock(ITimeFactory::class);
  43. $this->tokenProvider = $this->createMock(IProvider::class);
  44. $this->logger = $this->createMock(LoggerInterface::class);
  45. $this->controller = new PasswordConfirmationMiddlewareController(
  46. 'test',
  47. $this->createMock(IRequest::class)
  48. );
  49. $this->middleware = new PasswordConfirmationMiddleware(
  50. $this->reflector,
  51. $this->session,
  52. $this->userSession,
  53. $this->timeFactory,
  54. $this->tokenProvider,
  55. $this->logger,
  56. );
  57. }
  58. public function testNoAnnotationNorAttribute() {
  59. $this->reflector->reflect($this->controller, __FUNCTION__);
  60. $this->session->expects($this->never())
  61. ->method($this->anything());
  62. $this->userSession->expects($this->never())
  63. ->method($this->anything());
  64. $this->middleware->beforeController($this->controller, __FUNCTION__);
  65. }
  66. public function testDifferentAnnotation() {
  67. $this->reflector->reflect($this->controller, __FUNCTION__);
  68. $this->session->expects($this->never())
  69. ->method($this->anything());
  70. $this->userSession->expects($this->never())
  71. ->method($this->anything());
  72. $this->middleware->beforeController($this->controller, __FUNCTION__);
  73. }
  74. /**
  75. * @dataProvider dataProvider
  76. */
  77. public function testAnnotation($backend, $lastConfirm, $currentTime, $exception) {
  78. $this->reflector->reflect($this->controller, __FUNCTION__);
  79. $this->user->method('getBackendClassName')
  80. ->willReturn($backend);
  81. $this->userSession->method('getUser')
  82. ->willReturn($this->user);
  83. $this->session->method('get')
  84. ->with('last-password-confirm')
  85. ->willReturn($lastConfirm);
  86. $this->timeFactory->method('getTime')
  87. ->willReturn($currentTime);
  88. $token = $this->createMock(IToken::class);
  89. $token->method('getScopeAsArray')
  90. ->willReturn([]);
  91. $this->tokenProvider->expects($this->once())
  92. ->method('getToken')
  93. ->willReturn($token);
  94. $thrown = false;
  95. try {
  96. $this->middleware->beforeController($this->controller, __FUNCTION__);
  97. } catch (NotConfirmedException $e) {
  98. $thrown = true;
  99. }
  100. $this->assertSame($exception, $thrown);
  101. }
  102. /**
  103. * @dataProvider dataProvider
  104. */
  105. public function testAttribute($backend, $lastConfirm, $currentTime, $exception) {
  106. $this->reflector->reflect($this->controller, __FUNCTION__);
  107. $this->user->method('getBackendClassName')
  108. ->willReturn($backend);
  109. $this->userSession->method('getUser')
  110. ->willReturn($this->user);
  111. $this->session->method('get')
  112. ->with('last-password-confirm')
  113. ->willReturn($lastConfirm);
  114. $this->timeFactory->method('getTime')
  115. ->willReturn($currentTime);
  116. $token = $this->createMock(IToken::class);
  117. $token->method('getScopeAsArray')
  118. ->willReturn([]);
  119. $this->tokenProvider->expects($this->once())
  120. ->method('getToken')
  121. ->willReturn($token);
  122. $thrown = false;
  123. try {
  124. $this->middleware->beforeController($this->controller, __FUNCTION__);
  125. } catch (NotConfirmedException $e) {
  126. $thrown = true;
  127. }
  128. $this->assertSame($exception, $thrown);
  129. }
  130. public function dataProvider() {
  131. return [
  132. ['foo', 2000, 4000, true],
  133. ['foo', 2000, 3000, false],
  134. ['user_saml', 2000, 4000, false],
  135. ['user_saml', 2000, 3000, false],
  136. ['foo', 2000, 3815, false],
  137. ['foo', 2000, 3816, true],
  138. ];
  139. }
  140. public function testSSO() {
  141. static $sessionId = 'mySession1d';
  142. $this->reflector->reflect($this->controller, __FUNCTION__);
  143. $this->user->method('getBackendClassName')
  144. ->willReturn('fictional_backend');
  145. $this->userSession->method('getUser')
  146. ->willReturn($this->user);
  147. $this->session->method('get')
  148. ->with('last-password-confirm')
  149. ->willReturn(0);
  150. $this->session->method('getId')
  151. ->willReturn($sessionId);
  152. $this->timeFactory->method('getTime')
  153. ->willReturn(9876);
  154. $token = $this->createMock(IToken::class);
  155. $token->method('getScopeAsArray')
  156. ->willReturn([IToken::SCOPE_SKIP_PASSWORD_VALIDATION => true]);
  157. $this->tokenProvider->expects($this->once())
  158. ->method('getToken')
  159. ->with($sessionId)
  160. ->willReturn($token);
  161. $thrown = false;
  162. try {
  163. $this->middleware->beforeController($this->controller, __FUNCTION__);
  164. } catch (NotConfirmedException) {
  165. $thrown = true;
  166. }
  167. $this->assertSame(false, $thrown);
  168. }
  169. }