ManagerTest.php 20 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709
  1. <?php
  2. /**
  3. * @author Christoph Wurst <christoph@owncloud.com>
  4. *
  5. * @copyright Copyright (c) 2016, ownCloud, Inc.
  6. * @license AGPL-3.0
  7. *
  8. * This code is free software: you can redistribute it and/or modify
  9. * it under the terms of the GNU Affero General Public License, version 3,
  10. * as published by the Free Software Foundation.
  11. *
  12. * This program is distributed in the hope that it will be useful,
  13. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  15. * GNU Affero General Public License for more details.
  16. *
  17. * You should have received a copy of the GNU Affero General Public License, version 3,
  18. * along with this program. If not, see <http://www.gnu.org/licenses/>
  19. *
  20. */
  21. namespace Test\Authentication\TwoFactorAuth;
  22. use Exception;
  23. use OC;
  24. use OC\Authentication\Token\IProvider as TokenProvider;
  25. use OC\Authentication\TwoFactorAuth\Manager;
  26. use OC\Authentication\TwoFactorAuth\MandatoryTwoFactor;
  27. use OC\Authentication\TwoFactorAuth\ProviderLoader;
  28. use OCP\Activity\IEvent;
  29. use OCP\Activity\IManager;
  30. use OCP\AppFramework\Utility\ITimeFactory;
  31. use OCP\Authentication\TwoFactorAuth\IActivatableAtLogin;
  32. use OCP\Authentication\TwoFactorAuth\IProvider;
  33. use OCP\Authentication\TwoFactorAuth\IRegistry;
  34. use OCP\IConfig;
  35. use OCP\ILogger;
  36. use OCP\ISession;
  37. use OCP\IUser;
  38. use PHPUnit\Framework\MockObject\MockObject;
  39. use function reset;
  40. use Symfony\Component\EventDispatcher\EventDispatcherInterface;
  41. use Test\TestCase;
  42. class ManagerTest extends TestCase {
  43. /** @var IUser|MockObject */
  44. private $user;
  45. /** @var ProviderLoader|MockObject */
  46. private $providerLoader;
  47. /** @var IRegistry|MockObject */
  48. private $providerRegistry;
  49. /** @var MandatoryTwoFactor|MockObject */
  50. private $mandatoryTwoFactor;
  51. /** @var ISession|MockObject */
  52. private $session;
  53. /** @var Manager */
  54. private $manager;
  55. /** @var IConfig|MockObject */
  56. private $config;
  57. /** @var IManager|MockObject */
  58. private $activityManager;
  59. /** @var ILogger|MockObject */
  60. private $logger;
  61. /** @var IProvider|MockObject */
  62. private $fakeProvider;
  63. /** @var IProvider|MockObject */
  64. private $backupProvider;
  65. /** @var TokenProvider|MockObject */
  66. private $tokenProvider;
  67. /** @var ITimeFactory|MockObject */
  68. private $timeFactory;
  69. /** @var EventDispatcherInterface|MockObject */
  70. private $eventDispatcher;
  71. protected function setUp() {
  72. parent::setUp();
  73. $this->user = $this->createMock(IUser::class);
  74. $this->providerLoader = $this->createMock(ProviderLoader::class);
  75. $this->providerRegistry = $this->createMock(IRegistry::class);
  76. $this->mandatoryTwoFactor = $this->createMock(MandatoryTwoFactor::class);
  77. $this->session = $this->createMock(ISession::class);
  78. $this->config = $this->createMock(IConfig::class);
  79. $this->activityManager = $this->createMock(IManager::class);
  80. $this->logger = $this->createMock(ILogger::class);
  81. $this->tokenProvider = $this->createMock(TokenProvider::class);
  82. $this->timeFactory = $this->createMock(ITimeFactory::class);
  83. $this->eventDispatcher = $this->createMock(EventDispatcherInterface::class);
  84. $this->manager = new Manager(
  85. $this->providerLoader,
  86. $this->providerRegistry,
  87. $this->mandatoryTwoFactor,
  88. $this->session,
  89. $this->config,
  90. $this->activityManager,
  91. $this->logger,
  92. $this->tokenProvider,
  93. $this->timeFactory,
  94. $this->eventDispatcher
  95. );
  96. $this->fakeProvider = $this->createMock(IProvider::class);
  97. $this->fakeProvider->method('getId')->willReturn('email');
  98. $this->backupProvider = $this->getMockBuilder('\OCP\Authentication\TwoFactorAuth\IProvider')->getMock();
  99. $this->backupProvider->method('getId')->willReturn('backup_codes');
  100. $this->backupProvider->method('isTwoFactorAuthEnabledForUser')->willReturn(true);
  101. }
  102. private function prepareNoProviders() {
  103. $this->providerLoader->method('getProviders')
  104. ->with($this->user)
  105. ->will($this->returnValue([]));
  106. }
  107. private function prepareProviders() {
  108. $this->providerRegistry->expects($this->once())
  109. ->method('getProviderStates')
  110. ->with($this->user)
  111. ->willReturn([
  112. $this->fakeProvider->getId() => true,
  113. ]);
  114. $this->providerLoader->expects($this->once())
  115. ->method('getProviders')
  116. ->with($this->user)
  117. ->willReturn([$this->fakeProvider]);
  118. }
  119. private function prepareProvidersWitBackupProvider() {
  120. $this->providerLoader->method('getProviders')
  121. ->with($this->user)
  122. ->willReturn([
  123. $this->fakeProvider,
  124. $this->backupProvider,
  125. ]);
  126. }
  127. public function testIsTwoFactorAuthenticatedEnforced() {
  128. $this->mandatoryTwoFactor->expects($this->once())
  129. ->method('isEnforcedFor')
  130. ->with($this->user)
  131. ->willReturn(true);
  132. $enabled = $this->manager->isTwoFactorAuthenticated($this->user);
  133. $this->assertTrue($enabled);
  134. }
  135. public function testIsTwoFactorAuthenticatedNoProviders() {
  136. $this->mandatoryTwoFactor->expects($this->once())
  137. ->method('isEnforcedFor')
  138. ->with($this->user)
  139. ->willReturn(false);
  140. $this->providerRegistry->expects($this->once())
  141. ->method('getProviderStates')
  142. ->willReturn([]); // No providers registered
  143. $this->providerLoader->expects($this->once())
  144. ->method('getProviders')
  145. ->willReturn([]); // No providers loadable
  146. $this->assertFalse($this->manager->isTwoFactorAuthenticated($this->user));
  147. }
  148. public function testIsTwoFactorAuthenticatedOnlyBackupCodes() {
  149. $this->mandatoryTwoFactor->expects($this->once())
  150. ->method('isEnforcedFor')
  151. ->with($this->user)
  152. ->willReturn(false);
  153. $this->providerRegistry->expects($this->once())
  154. ->method('getProviderStates')
  155. ->willReturn([
  156. 'backup_codes' => true,
  157. ]);
  158. $backupCodesProvider = $this->createMock(IProvider::class);
  159. $backupCodesProvider
  160. ->method('getId')
  161. ->willReturn('backup_codes');
  162. $this->providerLoader->expects($this->once())
  163. ->method('getProviders')
  164. ->willReturn([
  165. $backupCodesProvider,
  166. ]);
  167. $this->assertFalse($this->manager->isTwoFactorAuthenticated($this->user));
  168. }
  169. public function testIsTwoFactorAuthenticatedFailingProviders() {
  170. $this->mandatoryTwoFactor->expects($this->once())
  171. ->method('isEnforcedFor')
  172. ->with($this->user)
  173. ->willReturn(false);
  174. $this->providerRegistry->expects($this->once())
  175. ->method('getProviderStates')
  176. ->willReturn([
  177. 'twofactor_totp' => true,
  178. 'twofactor_u2f' => false,
  179. ]); // Two providers registered, but …
  180. $this->providerLoader->expects($this->once())
  181. ->method('getProviders')
  182. ->willReturn([]); // … none of them is able to load, however …
  183. // … 2FA is still enforced
  184. $this->assertTrue($this->manager->isTwoFactorAuthenticated($this->user));
  185. }
  186. public function providerStatesFixData(): array {
  187. return [
  188. [false, false],
  189. [true, true],
  190. ];
  191. }
  192. /**
  193. * If the 2FA registry has not been populated when a user logs in,
  194. * the 2FA manager has to first fix the state before it checks for
  195. * enabled providers.
  196. *
  197. * If any of these providers is active, 2FA is enabled
  198. *
  199. * @dataProvider providerStatesFixData
  200. */
  201. public function testIsTwoFactorAuthenticatedFixesProviderStates(bool $providerEnabled, bool $expected) {
  202. $this->providerRegistry->expects($this->once())
  203. ->method('getProviderStates')
  204. ->willReturn([]); // Nothing registered yet
  205. $this->providerLoader->expects($this->once())
  206. ->method('getProviders')
  207. ->willReturn([
  208. $this->fakeProvider
  209. ]);
  210. $this->fakeProvider->expects($this->once())
  211. ->method('isTwoFactorAuthEnabledForUser')
  212. ->with($this->user)
  213. ->willReturn($providerEnabled);
  214. if ($providerEnabled) {
  215. $this->providerRegistry->expects($this->once())
  216. ->method('enableProviderFor')
  217. ->with(
  218. $this->fakeProvider,
  219. $this->user
  220. );
  221. } else {
  222. $this->providerRegistry->expects($this->once())
  223. ->method('disableProviderFor')
  224. ->with(
  225. $this->fakeProvider,
  226. $this->user
  227. );
  228. }
  229. $this->assertEquals($expected, $this->manager->isTwoFactorAuthenticated($this->user));
  230. }
  231. public function testGetProvider() {
  232. $this->providerRegistry->expects($this->once())
  233. ->method('getProviderStates')
  234. ->with($this->user)
  235. ->willReturn([
  236. $this->fakeProvider->getId() => true,
  237. ]);
  238. $this->providerLoader->expects($this->once())
  239. ->method('getProviders')
  240. ->with($this->user)
  241. ->willReturn([$this->fakeProvider]);
  242. $provider = $this->manager->getProvider($this->user, $this->fakeProvider->getId());
  243. $this->assertSame($this->fakeProvider, $provider);
  244. }
  245. public function testGetInvalidProvider() {
  246. $this->providerRegistry->expects($this->once())
  247. ->method('getProviderStates')
  248. ->with($this->user)
  249. ->willReturn([]);
  250. $this->providerLoader->expects($this->once())
  251. ->method('getProviders')
  252. ->with($this->user)
  253. ->willReturn([]);
  254. $provider = $this->manager->getProvider($this->user, 'nonexistent');
  255. $this->assertNull($provider);
  256. }
  257. public function testGetLoginSetupProviders() {
  258. $provider1 = $this->createMock(IProvider::class);
  259. $provider2 = $this->createMock(IActivatableAtLogin::class);
  260. $this->providerLoader->expects($this->once())
  261. ->method('getProviders')
  262. ->with($this->user)
  263. ->willReturn([
  264. $provider1,
  265. $provider2,
  266. ]);
  267. $providers = $this->manager->getLoginSetupProviders($this->user);
  268. $this->assertCount(1, $providers);
  269. $this->assertSame($provider2, reset($providers));
  270. }
  271. public function testGetProviders() {
  272. $this->providerRegistry->expects($this->once())
  273. ->method('getProviderStates')
  274. ->with($this->user)
  275. ->willReturn([
  276. $this->fakeProvider->getId() => true,
  277. ]);
  278. $this->providerLoader->expects($this->once())
  279. ->method('getProviders')
  280. ->with($this->user)
  281. ->willReturn([$this->fakeProvider]);
  282. $expectedProviders = [
  283. 'email' => $this->fakeProvider,
  284. ];
  285. $providerSet = $this->manager->getProviderSet($this->user);
  286. $providers = $providerSet->getProviders();
  287. $this->assertEquals($expectedProviders, $providers);
  288. $this->assertFalse($providerSet->isProviderMissing());
  289. }
  290. public function testGetProvidersOneMissing() {
  291. $this->providerRegistry->expects($this->once())
  292. ->method('getProviderStates')
  293. ->with($this->user)
  294. ->willReturn([
  295. $this->fakeProvider->getId() => true,
  296. ]);
  297. $this->providerLoader->expects($this->once())
  298. ->method('getProviders')
  299. ->with($this->user)
  300. ->willReturn([]);
  301. $expectedProviders = [
  302. 'email' => $this->fakeProvider,
  303. ];
  304. $providerSet = $this->manager->getProviderSet($this->user);
  305. $this->assertTrue($providerSet->isProviderMissing());
  306. }
  307. public function testVerifyChallenge() {
  308. $this->prepareProviders();
  309. $challenge = 'passme';
  310. $event = $this->createMock(IEvent::class);
  311. $this->fakeProvider->expects($this->once())
  312. ->method('verifyChallenge')
  313. ->with($this->user, $challenge)
  314. ->will($this->returnValue(true));
  315. $this->session->expects($this->once())
  316. ->method('get')
  317. ->with('two_factor_remember_login')
  318. ->will($this->returnValue(false));
  319. $this->session->expects($this->at(1))
  320. ->method('remove')
  321. ->with('two_factor_auth_uid');
  322. $this->session->expects($this->at(2))
  323. ->method('remove')
  324. ->with('two_factor_remember_login');
  325. $this->session->expects($this->at(3))
  326. ->method('set')
  327. ->with(Manager::SESSION_UID_DONE, 'jos');
  328. $this->session->method('getId')
  329. ->willReturn('mysessionid');
  330. $this->activityManager->expects($this->once())
  331. ->method('generateEvent')
  332. ->willReturn($event);
  333. $this->user->expects($this->any())
  334. ->method('getUID')
  335. ->willReturn('jos');
  336. $event->expects($this->once())
  337. ->method('setApp')
  338. ->with($this->equalTo('core'))
  339. ->willReturnSelf();
  340. $event->expects($this->once())
  341. ->method('setType')
  342. ->with($this->equalTo('security'))
  343. ->willReturnSelf();
  344. $event->expects($this->once())
  345. ->method('setAuthor')
  346. ->with($this->equalTo('jos'))
  347. ->willReturnSelf();
  348. $event->expects($this->once())
  349. ->method('setAffectedUser')
  350. ->with($this->equalTo('jos'))
  351. ->willReturnSelf();
  352. $this->fakeProvider
  353. ->method('getDisplayName')
  354. ->willReturn('Fake 2FA');
  355. $event->expects($this->once())
  356. ->method('setSubject')
  357. ->with($this->equalTo('twofactor_success'), $this->equalTo([
  358. 'provider' => 'Fake 2FA',
  359. ]))
  360. ->willReturnSelf();
  361. $token = $this->createMock(OC\Authentication\Token\IToken::class);
  362. $this->tokenProvider->method('getToken')
  363. ->with('mysessionid')
  364. ->willReturn($token);
  365. $token->method('getId')
  366. ->willReturn(42);
  367. $this->config->expects($this->once())
  368. ->method('deleteUserValue')
  369. ->with('jos', 'login_token_2fa', 42);
  370. $result = $this->manager->verifyChallenge('email', $this->user, $challenge);
  371. $this->assertTrue($result);
  372. }
  373. public function testVerifyChallengeInvalidProviderId() {
  374. $this->prepareProviders();
  375. $challenge = 'passme';
  376. $this->fakeProvider->expects($this->never())
  377. ->method('verifyChallenge')
  378. ->with($this->user, $challenge);
  379. $this->session->expects($this->never())
  380. ->method('remove');
  381. $this->assertFalse($this->manager->verifyChallenge('dontexist', $this->user, $challenge));
  382. }
  383. public function testVerifyInvalidChallenge() {
  384. $this->prepareProviders();
  385. $challenge = 'dontpassme';
  386. $event = $this->createMock(IEvent::class);
  387. $this->fakeProvider->expects($this->once())
  388. ->method('verifyChallenge')
  389. ->with($this->user, $challenge)
  390. ->will($this->returnValue(false));
  391. $this->session->expects($this->never())
  392. ->method('remove');
  393. $this->activityManager->expects($this->once())
  394. ->method('generateEvent')
  395. ->willReturn($event);
  396. $this->user->expects($this->any())
  397. ->method('getUID')
  398. ->willReturn('jos');
  399. $event->expects($this->once())
  400. ->method('setApp')
  401. ->with($this->equalTo('core'))
  402. ->willReturnSelf();
  403. $event->expects($this->once())
  404. ->method('setType')
  405. ->with($this->equalTo('security'))
  406. ->willReturnSelf();
  407. $event->expects($this->once())
  408. ->method('setAuthor')
  409. ->with($this->equalTo('jos'))
  410. ->willReturnSelf();
  411. $event->expects($this->once())
  412. ->method('setAffectedUser')
  413. ->with($this->equalTo('jos'))
  414. ->willReturnSelf();
  415. $this->fakeProvider
  416. ->method('getDisplayName')
  417. ->willReturn('Fake 2FA');
  418. $event->expects($this->once())
  419. ->method('setSubject')
  420. ->with($this->equalTo('twofactor_failed'), $this->equalTo([
  421. 'provider' => 'Fake 2FA',
  422. ]))
  423. ->willReturnSelf();
  424. $this->assertFalse($this->manager->verifyChallenge('email', $this->user, $challenge));
  425. }
  426. public function testNeedsSecondFactor() {
  427. $user = $this->createMock(IUser::class);
  428. $this->session->expects($this->at(0))
  429. ->method('exists')
  430. ->with('app_password')
  431. ->willReturn(false);
  432. $this->session->expects($this->at(1))
  433. ->method('exists')
  434. ->with('two_factor_auth_uid')
  435. ->will($this->returnValue(false));
  436. $this->session->expects($this->at(2))
  437. ->method('exists')
  438. ->with(Manager::SESSION_UID_DONE)
  439. ->willReturn(false);
  440. $this->session->method('getId')
  441. ->willReturn('mysessionid');
  442. $token = $this->createMock(OC\Authentication\Token\IToken::class);
  443. $this->tokenProvider->method('getToken')
  444. ->with('mysessionid')
  445. ->willReturn($token);
  446. $token->method('getId')
  447. ->willReturn(42);
  448. $user->method('getUID')
  449. ->willReturn('user');
  450. $this->config->method('getUserKeys')
  451. ->with('user', 'login_token_2fa')
  452. ->willReturn([
  453. 42
  454. ]);
  455. $manager = $this->getMockBuilder(Manager::class)
  456. ->setConstructorArgs([
  457. $this->providerLoader,
  458. $this->providerRegistry,
  459. $this->mandatoryTwoFactor,
  460. $this->session,
  461. $this->config,
  462. $this->activityManager,
  463. $this->logger,
  464. $this->tokenProvider,
  465. $this->timeFactory,
  466. $this->eventDispatcher
  467. ])
  468. ->setMethods(['loadTwoFactorApp', 'isTwoFactorAuthenticated'])// Do not actually load the apps
  469. ->getMock();
  470. $manager->method('isTwoFactorAuthenticated')
  471. ->with($user)
  472. ->willReturn(true);
  473. $this->assertTrue($manager->needsSecondFactor($user));
  474. }
  475. public function testNeedsSecondFactorUserIsNull() {
  476. $user = null;
  477. $this->session->expects($this->never())
  478. ->method('exists');
  479. $this->assertFalse($this->manager->needsSecondFactor($user));
  480. }
  481. public function testNeedsSecondFactorWithNoProviderAvailableAnymore() {
  482. $this->prepareNoProviders();
  483. $user = null;
  484. $this->session->expects($this->never())
  485. ->method('exists')
  486. ->with('two_factor_auth_uid')
  487. ->will($this->returnValue(true));
  488. $this->session->expects($this->never())
  489. ->method('remove')
  490. ->with('two_factor_auth_uid');
  491. $this->assertFalse($this->manager->needsSecondFactor($user));
  492. }
  493. public function testPrepareTwoFactorLogin() {
  494. $this->user->method('getUID')
  495. ->will($this->returnValue('ferdinand'));
  496. $this->session->expects($this->at(0))
  497. ->method('set')
  498. ->with('two_factor_auth_uid', 'ferdinand');
  499. $this->session->expects($this->at(1))
  500. ->method('set')
  501. ->with('two_factor_remember_login', true);
  502. $this->session->method('getId')
  503. ->willReturn('mysessionid');
  504. $token = $this->createMock(OC\Authentication\Token\IToken::class);
  505. $this->tokenProvider->method('getToken')
  506. ->with('mysessionid')
  507. ->willReturn($token);
  508. $token->method('getId')
  509. ->willReturn(42);
  510. $this->timeFactory->method('getTime')
  511. ->willReturn(1337);
  512. $this->config->method('setUserValue')
  513. ->with('ferdinand', 'login_token_2fa', 42, 1337);
  514. $this->manager->prepareTwoFactorLogin($this->user, true);
  515. }
  516. public function testPrepareTwoFactorLoginDontRemember() {
  517. $this->user->method('getUID')
  518. ->will($this->returnValue('ferdinand'));
  519. $this->session->expects($this->at(0))
  520. ->method('set')
  521. ->with('two_factor_auth_uid', 'ferdinand');
  522. $this->session->expects($this->at(1))
  523. ->method('set')
  524. ->with('two_factor_remember_login', false);
  525. $this->session->method('getId')
  526. ->willReturn('mysessionid');
  527. $token = $this->createMock(OC\Authentication\Token\IToken::class);
  528. $this->tokenProvider->method('getToken')
  529. ->with('mysessionid')
  530. ->willReturn($token);
  531. $token->method('getId')
  532. ->willReturn(42);
  533. $this->timeFactory->method('getTime')
  534. ->willReturn(1337);
  535. $this->config->method('setUserValue')
  536. ->with('ferdinand', 'login_token_2fa', 42, 1337);
  537. $this->manager->prepareTwoFactorLogin($this->user, false);
  538. }
  539. public function testNeedsSecondFactorSessionAuth() {
  540. $user = $this->createMock(IUser::class);
  541. $user->method('getUID')
  542. ->willReturn('user');
  543. $this->session->method('exists')
  544. ->will($this->returnCallback(function ($var) {
  545. if ($var === Manager::SESSION_UID_KEY) {
  546. return false;
  547. } else if ($var === 'app_password') {
  548. return false;
  549. }
  550. return true;
  551. }));
  552. $this->session->expects($this->once())
  553. ->method('get')
  554. ->with(Manager::SESSION_UID_DONE)
  555. ->willReturn('user');
  556. $this->assertFalse($this->manager->needsSecondFactor($user));
  557. }
  558. public function testNeedsSecondFactorSessionAuthFailDBPass() {
  559. $user = $this->createMock(IUser::class);
  560. $user->method('getUID')
  561. ->willReturn('user');
  562. $this->session->method('exists')
  563. ->willReturn(false);
  564. $this->session->method('getId')
  565. ->willReturn('mysessionid');
  566. $token = $this->createMock(OC\Authentication\Token\IToken::class);
  567. $token->method('getId')
  568. ->willReturn(40);
  569. $this->tokenProvider->method('getToken')
  570. ->with('mysessionid')
  571. ->willReturn($token);
  572. $this->config->method('getUserKeys')
  573. ->with('user', 'login_token_2fa')
  574. ->willReturn([
  575. 42, 43, 44
  576. ]);
  577. $this->session->expects($this->once())
  578. ->method('set')
  579. ->with(Manager::SESSION_UID_DONE, 'user');
  580. $this->assertFalse($this->manager->needsSecondFactor($user));
  581. }
  582. public function testNeedsSecondFactorInvalidToken() {
  583. $this->prepareNoProviders();
  584. $user = $this->createMock(IUser::class);
  585. $user->method('getUID')
  586. ->willReturn('user');
  587. $this->session->method('exists')
  588. ->willReturn(false);
  589. $this->session->method('getId')
  590. ->willReturn('mysessionid');
  591. $this->tokenProvider->method('getToken')
  592. ->with('mysessionid')
  593. ->willThrowException(new OC\Authentication\Exceptions\InvalidTokenException());
  594. $this->config->method('getUserKeys')->willReturn([]);
  595. $this->assertFalse($this->manager->needsSecondFactor($user));
  596. }
  597. public function testNeedsSecondFactorAppPassword() {
  598. $user = $this->createMock(IUser::class);
  599. $this->session->method('exists')
  600. ->with('app_password')
  601. ->willReturn(true);
  602. $this->assertFalse($this->manager->needsSecondFactor($user));
  603. }
  604. }