ManagerTest.php 10 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410
  1. <?php
  2. declare(strict_types=1);
  3. /**
  4. * @copyright Copyright (c) 2018 Roeland Jago Douma <roeland@famdouma.nl>
  5. *
  6. * @author Roeland Jago Douma <roeland@famdouma.nl>
  7. *
  8. * @license GNU AGPL version 3 or any later version
  9. *
  10. * This program is free software: you can redistribute it and/or modify
  11. * it under the terms of the GNU Affero General Public License as
  12. * published by the Free Software Foundation, either version 3 of the
  13. * License, or (at your option) any later version.
  14. *
  15. * This program is distributed in the hope that it will be useful,
  16. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  17. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  18. * GNU Affero General Public License for more details.
  19. *
  20. * You should have received a copy of the GNU Affero General Public License
  21. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  22. *
  23. */
  24. namespace Test\Authentication\Token;
  25. use Doctrine\DBAL\Exception\UniqueConstraintViolationException;
  26. use OC\Authentication\Exceptions\InvalidTokenException;
  27. use OC\Authentication\Token\IToken;
  28. use OC\Authentication\Token\Manager;
  29. use OC\Authentication\Token\PublicKeyToken;
  30. use OC\Authentication\Token\PublicKeyTokenProvider;
  31. use PHPUnit\Framework\MockObject\MockObject;
  32. use Test\TestCase;
  33. class ManagerTest extends TestCase {
  34. /** @var PublicKeyTokenProvider|MockObject */
  35. private $publicKeyTokenProvider;
  36. /** @var Manager */
  37. private $manager;
  38. protected function setUp(): void {
  39. parent::setUp();
  40. $this->publicKeyTokenProvider = $this->createMock(PublicKeyTokenProvider::class);
  41. $this->manager = new Manager(
  42. $this->publicKeyTokenProvider
  43. );
  44. }
  45. public function testGenerateToken() {
  46. $token = new PublicKeyToken();
  47. $this->publicKeyTokenProvider->expects($this->once())
  48. ->method('generateToken')
  49. ->with(
  50. 'token',
  51. 'uid',
  52. 'loginName',
  53. 'password',
  54. 'name',
  55. IToken::TEMPORARY_TOKEN,
  56. IToken::REMEMBER
  57. )->willReturn($token);
  58. $actual = $this->manager->generateToken(
  59. 'token',
  60. 'uid',
  61. 'loginName',
  62. 'password',
  63. 'name',
  64. IToken::TEMPORARY_TOKEN,
  65. IToken::REMEMBER
  66. );
  67. $this->assertSame($token, $actual);
  68. }
  69. public function testGenerateConflictingToken() {
  70. /** @var MockObject|UniqueConstraintViolationException $exception */
  71. $exception = $this->createMock(UniqueConstraintViolationException::class);
  72. $token = new PublicKeyToken();
  73. $token->setUid('uid');
  74. $this->publicKeyTokenProvider->expects($this->once())
  75. ->method('generateToken')
  76. ->with(
  77. 'token',
  78. 'uid',
  79. 'loginName',
  80. 'password',
  81. 'name',
  82. IToken::TEMPORARY_TOKEN,
  83. IToken::REMEMBER
  84. )->willThrowException($exception);
  85. $this->publicKeyTokenProvider->expects($this->once())
  86. ->method('getToken')
  87. ->with('token')
  88. ->willReturn($token);
  89. $actual = $this->manager->generateToken(
  90. 'token',
  91. 'uid',
  92. 'loginName',
  93. 'password',
  94. 'name',
  95. IToken::TEMPORARY_TOKEN,
  96. IToken::REMEMBER
  97. );
  98. $this->assertSame($token, $actual);
  99. }
  100. public function testGenerateTokenTooLongName() {
  101. $token = $this->createMock(IToken::class);
  102. $token->method('getName')
  103. ->willReturn(str_repeat('a', 120) . '…');
  104. $this->publicKeyTokenProvider->expects($this->once())
  105. ->method('generateToken')
  106. ->with(
  107. 'token',
  108. 'uid',
  109. 'loginName',
  110. 'password',
  111. str_repeat('a', 120) . '…',
  112. IToken::TEMPORARY_TOKEN,
  113. IToken::REMEMBER
  114. )->willReturn($token);
  115. $actual = $this->manager->generateToken(
  116. 'token',
  117. 'uid',
  118. 'loginName',
  119. 'password',
  120. str_repeat('a', 200),
  121. IToken::TEMPORARY_TOKEN,
  122. IToken::REMEMBER
  123. );
  124. $this->assertSame(121, mb_strlen($actual->getName()));
  125. }
  126. public function tokenData(): array {
  127. return [
  128. [new PublicKeyToken()],
  129. [$this->createMock(IToken::class)],
  130. ];
  131. }
  132. protected function setNoCall(IToken $token) {
  133. if (!($token instanceof PublicKeyToken)) {
  134. $this->publicKeyTokenProvider->expects($this->never())
  135. ->method($this->anything());
  136. }
  137. }
  138. protected function setCall(IToken $token, string $function, $return = null) {
  139. if ($token instanceof PublicKeyToken) {
  140. $this->publicKeyTokenProvider->expects($this->once())
  141. ->method($function)
  142. ->with($token)
  143. ->willReturn($return);
  144. }
  145. }
  146. protected function setException(IToken $token) {
  147. if (!($token instanceof PublicKeyToken)) {
  148. $this->expectException(InvalidTokenException::class);
  149. }
  150. }
  151. /**
  152. * @dataProvider tokenData
  153. */
  154. public function testUpdateToken(IToken $token) {
  155. $this->setNoCall($token);
  156. $this->setCall($token, 'updateToken');
  157. $this->setException($token);
  158. $this->manager->updateToken($token);
  159. }
  160. /**
  161. * @dataProvider tokenData
  162. */
  163. public function testUpdateTokenActivity(IToken $token) {
  164. $this->setNoCall($token);
  165. $this->setCall($token, 'updateTokenActivity');
  166. $this->setException($token);
  167. $this->manager->updateTokenActivity($token);
  168. }
  169. /**
  170. * @dataProvider tokenData
  171. */
  172. public function testGetPassword(IToken $token) {
  173. $this->setNoCall($token);
  174. $this->setCall($token, 'getPassword', 'password');
  175. $this->setException($token);
  176. $result = $this->manager->getPassword($token, 'tokenId', 'password');
  177. $this->assertSame('password', $result);
  178. }
  179. /**
  180. * @dataProvider tokenData
  181. */
  182. public function testSetPassword(IToken $token) {
  183. $this->setNoCall($token);
  184. $this->setCall($token, 'setPassword');
  185. $this->setException($token);
  186. $this->manager->setPassword($token, 'tokenId', 'password');
  187. }
  188. public function testInvalidateTokens() {
  189. $this->publicKeyTokenProvider->expects($this->once())
  190. ->method('invalidateToken')
  191. ->with('token');
  192. $this->manager->invalidateToken('token');
  193. }
  194. public function testInvalidateTokenById() {
  195. $this->publicKeyTokenProvider->expects($this->once())
  196. ->method('invalidateTokenById')
  197. ->with('uid', 42);
  198. $this->manager->invalidateTokenById('uid', 42);
  199. }
  200. public function testInvalidateOldTokens() {
  201. $this->publicKeyTokenProvider->expects($this->once())
  202. ->method('invalidateOldTokens');
  203. $this->manager->invalidateOldTokens();
  204. }
  205. public function testInvalidateLastUsedBefore() {
  206. $this->publicKeyTokenProvider->expects($this->once())
  207. ->method('invalidateLastUsedBefore')
  208. ->with('user', 946684800);
  209. $this->manager->invalidateLastUsedBefore('user', 946684800);
  210. }
  211. public function testGetTokenByUser() {
  212. $t1 = new PublicKeyToken();
  213. $t2 = new PublicKeyToken();
  214. $this->publicKeyTokenProvider
  215. ->method('getTokenByUser')
  216. ->willReturn([$t1, $t2]);
  217. $result = $this->manager->getTokenByUser('uid');
  218. $this->assertEquals([$t1, $t2], $result);
  219. }
  220. public function testRenewSessionTokenPublicKey() {
  221. $this->publicKeyTokenProvider->expects($this->once())
  222. ->method('renewSessionToken')
  223. ->with('oldId', 'newId');
  224. $this->manager->renewSessionToken('oldId', 'newId');
  225. }
  226. public function testRenewSessionInvalid() {
  227. $this->publicKeyTokenProvider->expects($this->once())
  228. ->method('renewSessionToken')
  229. ->with('oldId', 'newId')
  230. ->willThrowException(new InvalidTokenException());
  231. $this->expectException(InvalidTokenException::class);
  232. $this->manager->renewSessionToken('oldId', 'newId');
  233. }
  234. public function testGetTokenByIdPublicKey() {
  235. $token = $this->createMock(IToken::class);
  236. $this->publicKeyTokenProvider->expects($this->once())
  237. ->method('getTokenById')
  238. ->with(42)
  239. ->willReturn($token);
  240. $this->assertSame($token, $this->manager->getTokenById(42));
  241. }
  242. public function testGetTokenByIdInvalid() {
  243. $this->publicKeyTokenProvider->expects($this->once())
  244. ->method('getTokenById')
  245. ->with(42)
  246. ->willThrowException(new InvalidTokenException());
  247. $this->expectException(InvalidTokenException::class);
  248. $this->manager->getTokenById(42);
  249. }
  250. public function testGetTokenPublicKey() {
  251. $token = new PublicKeyToken();
  252. $this->publicKeyTokenProvider
  253. ->method('getToken')
  254. ->with('tokenId')
  255. ->willReturn($token);
  256. $this->assertSame($token, $this->manager->getToken('tokenId'));
  257. }
  258. public function testGetTokenInvalid() {
  259. $this->publicKeyTokenProvider
  260. ->method('getToken')
  261. ->with('tokenId')
  262. ->willThrowException(new InvalidTokenException());
  263. $this->expectException(InvalidTokenException::class);
  264. $this->manager->getToken('tokenId');
  265. }
  266. public function testRotateInvalid() {
  267. $this->expectException(InvalidTokenException::class);
  268. $this->manager->rotate($this->createMock(IToken::class), 'oldId', 'newId');
  269. }
  270. public function testRotatePublicKey() {
  271. $token = new PublicKeyToken();
  272. $this->publicKeyTokenProvider
  273. ->method('rotate')
  274. ->with($token, 'oldId', 'newId')
  275. ->willReturn($token);
  276. $this->assertSame($token, $this->manager->rotate($token, 'oldId', 'newId'));
  277. }
  278. public function testMarkPasswordInvalidPublicKey() {
  279. $token = $this->createMock(PublicKeyToken::class);
  280. $this->publicKeyTokenProvider->expects($this->once())
  281. ->method('markPasswordInvalid')
  282. ->with($token, 'tokenId');
  283. $this->manager->markPasswordInvalid($token, 'tokenId');
  284. }
  285. public function testMarkPasswordInvalidInvalidToken() {
  286. $this->expectException(InvalidTokenException::class);
  287. $this->manager->markPasswordInvalid($this->createMock(IToken::class), 'tokenId');
  288. }
  289. public function testUpdatePasswords() {
  290. $this->publicKeyTokenProvider->expects($this->once())
  291. ->method('updatePasswords')
  292. ->with('uid', 'pass');
  293. $this->manager->updatePasswords('uid', 'pass');
  294. }
  295. public function testInvalidateTokensOfUserNoClientName() {
  296. $t1 = new PublicKeyToken();
  297. $t2 = new PublicKeyToken();
  298. $t1->setId(123);
  299. $t2->setId(456);
  300. $this->publicKeyTokenProvider
  301. ->expects($this->once())
  302. ->method('getTokenByUser')
  303. ->with('theUser')
  304. ->willReturn([$t1, $t2]);
  305. $this->publicKeyTokenProvider
  306. ->expects($this->exactly(2))
  307. ->method('invalidateTokenById')
  308. ->withConsecutive(
  309. ['theUser', 123],
  310. ['theUser', 456],
  311. );
  312. $this->manager->invalidateTokensOfUser('theUser', null);
  313. }
  314. public function testInvalidateTokensOfUserClientNameGiven() {
  315. $t1 = new PublicKeyToken();
  316. $t2 = new PublicKeyToken();
  317. $t3 = new PublicKeyToken();
  318. $t1->setId(123);
  319. $t1->setName('Firefox session');
  320. $t2->setId(456);
  321. $t2->setName('My Client Name');
  322. $t3->setId(789);
  323. $t3->setName('mobile client');
  324. $this->publicKeyTokenProvider
  325. ->expects($this->once())
  326. ->method('getTokenByUser')
  327. ->with('theUser')
  328. ->willReturn([$t1, $t2, $t3]);
  329. $this->publicKeyTokenProvider
  330. ->expects($this->once())
  331. ->method('invalidateTokenById')
  332. ->with('theUser', 456);
  333. $this->manager->invalidateTokensOfUser('theUser', 'My Client Name');
  334. }
  335. }