TwoFactorMiddlewareTest.php 7.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243
  1. <?php
  2. /**
  3. * @author Christoph Wurst <christoph@owncloud.com>
  4. *
  5. * @copyright Copyright (c) 2016, ownCloud, Inc.
  6. * @license AGPL-3.0
  7. *
  8. * This code is free software: you can redistribute it and/or modify
  9. * it under the terms of the GNU Affero General Public License, version 3,
  10. * as published by the Free Software Foundation.
  11. *
  12. * This program is distributed in the hope that it will be useful,
  13. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  15. * GNU Affero General Public License for more details.
  16. *
  17. * You should have received a copy of the GNU Affero General Public License, version 3,
  18. * along with this program. If not, see <http://www.gnu.org/licenses/>
  19. *
  20. */
  21. namespace Test\Core\Middleware;
  22. use OC\Authentication\TwoFactorAuth\Manager;
  23. use OC\Core\Middleware\TwoFactorMiddleware;
  24. use OC\AppFramework\Http\Request;
  25. use OC\User\Session;
  26. use OCP\AppFramework\Controller;
  27. use OCP\AppFramework\Utility\IControllerMethodReflector;
  28. use OCP\Authentication\TwoFactorAuth\ALoginSetupController;
  29. use OCP\IConfig;
  30. use OCP\IRequest;
  31. use OCP\ISession;
  32. use OCP\IURLGenerator;
  33. use OCP\IUser;
  34. use OCP\IUserSession;
  35. use OCP\Security\ISecureRandom;
  36. use PHPUnit\Framework\MockObject\MockObject;
  37. use Test\TestCase;
  38. class TwoFactorMiddlewareTest extends TestCase {
  39. /** @var Manager|MockObject */
  40. private $twoFactorManager;
  41. /** @var IUserSession|MockObject */
  42. private $userSession;
  43. /** @var ISession|MockObject */
  44. private $session;
  45. /** @var IURLGenerator|MockObject */
  46. private $urlGenerator;
  47. /** @var IControllerMethodReflector|MockObject */
  48. private $reflector;
  49. /** @var IRequest|MockObject */
  50. private $request;
  51. /** @var TwoFactorMiddleware */
  52. private $middleware;
  53. /** @var Controller */
  54. private $controller;
  55. protected function setUp() {
  56. parent::setUp();
  57. $this->twoFactorManager = $this->getMockBuilder(Manager::class)
  58. ->disableOriginalConstructor()
  59. ->getMock();
  60. $this->userSession = $this->getMockBuilder(Session::class)
  61. ->disableOriginalConstructor()
  62. ->getMock();
  63. $this->session = $this->createMock(ISession::class);
  64. $this->urlGenerator = $this->createMock(IURLGenerator::class);
  65. $this->reflector = $this->createMock(IControllerMethodReflector::class);
  66. $this->request = new Request(
  67. [
  68. 'server' => [
  69. 'REQUEST_URI' => 'test/url'
  70. ]
  71. ],
  72. $this->createMock(ISecureRandom::class),
  73. $this->createMock(IConfig::class)
  74. );
  75. $this->middleware = new TwoFactorMiddleware($this->twoFactorManager, $this->userSession, $this->session, $this->urlGenerator, $this->reflector, $this->request);
  76. $this->controller = $this->createMock(Controller::class);
  77. }
  78. public function testBeforeControllerNotLoggedIn() {
  79. $this->reflector->expects($this->once())
  80. ->method('hasAnnotation')
  81. ->with('PublicPage')
  82. ->will($this->returnValue(false));
  83. $this->userSession->expects($this->once())
  84. ->method('isLoggedIn')
  85. ->will($this->returnValue(false));
  86. $this->userSession->expects($this->never())
  87. ->method('getUser');
  88. $this->middleware->beforeController($this->controller, 'index');
  89. }
  90. public function testBeforeControllerPublicPage() {
  91. $this->reflector->expects($this->once())
  92. ->method('hasAnnotation')
  93. ->with('PublicPage')
  94. ->will($this->returnValue(true));
  95. $this->userSession->expects($this->never())
  96. ->method('isLoggedIn');
  97. $this->middleware->beforeController($this->controller, 'create');
  98. }
  99. public function testBeforeSetupController() {
  100. $user = $this->createMock(IUser::class);
  101. $controller = $this->createMock(ALoginSetupController::class);
  102. $this->reflector->expects($this->once())
  103. ->method('hasAnnotation')
  104. ->with('PublicPage')
  105. ->willReturn(false);
  106. $this->userSession->expects($this->any())
  107. ->method('getUser')
  108. ->willReturn($user);
  109. $this->twoFactorManager->expects($this->once())
  110. ->method('needsSecondFactor')
  111. ->willReturn(true);
  112. $this->userSession->expects($this->never())
  113. ->method('isLoggedIn');
  114. $this->middleware->beforeController($controller, 'create');
  115. }
  116. public function testBeforeControllerNoTwoFactorCheckNeeded() {
  117. $user = $this->createMock(IUser::class);
  118. $this->reflector->expects($this->once())
  119. ->method('hasAnnotation')
  120. ->with('PublicPage')
  121. ->will($this->returnValue(false));
  122. $this->userSession->expects($this->once())
  123. ->method('isLoggedIn')
  124. ->will($this->returnValue(true));
  125. $this->userSession->expects($this->once())
  126. ->method('getUser')
  127. ->will($this->returnValue($user));
  128. $this->twoFactorManager->expects($this->once())
  129. ->method('isTwoFactorAuthenticated')
  130. ->with($user)
  131. ->will($this->returnValue(false));
  132. $this->middleware->beforeController($this->controller, 'index');
  133. }
  134. /**
  135. * @expectedException \OC\Authentication\Exceptions\TwoFactorAuthRequiredException
  136. */
  137. public function testBeforeControllerTwoFactorAuthRequired() {
  138. $user = $this->createMock(IUser::class);
  139. $this->reflector->expects($this->once())
  140. ->method('hasAnnotation')
  141. ->with('PublicPage')
  142. ->will($this->returnValue(false));
  143. $this->userSession->expects($this->once())
  144. ->method('isLoggedIn')
  145. ->will($this->returnValue(true));
  146. $this->userSession->expects($this->once())
  147. ->method('getUser')
  148. ->will($this->returnValue($user));
  149. $this->twoFactorManager->expects($this->once())
  150. ->method('isTwoFactorAuthenticated')
  151. ->with($user)
  152. ->will($this->returnValue(true));
  153. $this->twoFactorManager->expects($this->once())
  154. ->method('needsSecondFactor')
  155. ->with($user)
  156. ->will($this->returnValue(true));
  157. $this->middleware->beforeController($this->controller, 'index');
  158. }
  159. /**
  160. * @expectedException \OC\Authentication\Exceptions\UserAlreadyLoggedInException
  161. */
  162. public function testBeforeControllerUserAlreadyLoggedIn() {
  163. $user = $this->createMock(IUser::class);
  164. $this->reflector->expects($this->once())
  165. ->method('hasAnnotation')
  166. ->with('PublicPage')
  167. ->will($this->returnValue(false));
  168. $this->userSession->expects($this->once())
  169. ->method('isLoggedIn')
  170. ->will($this->returnValue(true));
  171. $this->userSession->expects($this->once())
  172. ->method('getUser')
  173. ->will($this->returnValue($user));
  174. $this->twoFactorManager->expects($this->once())
  175. ->method('isTwoFactorAuthenticated')
  176. ->with($user)
  177. ->will($this->returnValue(true));
  178. $this->twoFactorManager->expects($this->once())
  179. ->method('needsSecondFactor')
  180. ->with($user)
  181. ->will($this->returnValue(false));
  182. $twoFactorChallengeController = $this->getMockBuilder('\OC\Core\Controller\TwoFactorChallengeController')
  183. ->disableOriginalConstructor()
  184. ->getMock();
  185. $this->middleware->beforeController($twoFactorChallengeController, 'index');
  186. }
  187. public function testAfterExceptionTwoFactorAuthRequired() {
  188. $ex = new \OC\Authentication\Exceptions\TwoFactorAuthRequiredException();
  189. $this->urlGenerator->expects($this->once())
  190. ->method('linkToRoute')
  191. ->with('core.TwoFactorChallenge.selectChallenge')
  192. ->will($this->returnValue('test/url'));
  193. $expected = new \OCP\AppFramework\Http\RedirectResponse('test/url');
  194. $this->assertEquals($expected, $this->middleware->afterException($this->controller, 'index', $ex));
  195. }
  196. public function testAfterException() {
  197. $ex = new \OC\Authentication\Exceptions\UserAlreadyLoggedInException();
  198. $this->urlGenerator->expects($this->once())
  199. ->method('linkToRoute')
  200. ->with('files.view.index')
  201. ->will($this->returnValue('redirect/url'));
  202. $expected = new \OCP\AppFramework\Http\RedirectResponse('redirect/url');
  203. $this->assertEquals($expected, $this->middleware->afterException($this->controller, 'index', $ex));
  204. }
  205. }