1
0

Auth.php 4.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159
  1. <?php
  2. /**
  3. *
  4. * @author Christoph Wurst <christoph@owncloud.com>
  5. *
  6. * @license GNU AGPL version 3 or any later version
  7. *
  8. * This program is free software: you can redistribute it and/or modify
  9. * it under the terms of the GNU Affero General Public License as
  10. * published by the Free Software Foundation, either version 3 of the
  11. * License, or (at your option) any later version.
  12. *
  13. * This program is distributed in the hope that it will be useful,
  14. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  15. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  16. * GNU Affero General Public License for more details.
  17. *
  18. * You should have received a copy of the GNU Affero General Public License
  19. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  20. *
  21. */
  22. use GuzzleHttp\Client;
  23. use GuzzleHttp\Exception\ClientException;
  24. require __DIR__ . '/../../vendor/autoload.php';
  25. trait Auth {
  26. private $clientToken;
  27. /** @BeforeScenario */
  28. public function setUpScenario() {
  29. $this->client = new Client();
  30. $this->responseXml = '';
  31. }
  32. /**
  33. * @When requesting :url with :method
  34. */
  35. public function requestingWith($url, $method) {
  36. $this->sendRequest($url, $method);
  37. }
  38. private function sendRequest($url, $method, $authHeader = null, $useCookies = false) {
  39. $fullUrl = substr($this->baseUrl, 0, -5) . $url;
  40. try {
  41. if ($useCookies) {
  42. $request = $this->client->createRequest($method, $fullUrl, [
  43. 'cookies' => $this->cookieJar,
  44. ]);
  45. } else {
  46. $request = $this->client->createRequest($method, $fullUrl);
  47. }
  48. if ($authHeader) {
  49. $request->setHeader('Authorization', $authHeader);
  50. }
  51. $request->setHeader('OCS_APIREQUEST', 'true');
  52. $request->setHeader('requesttoken', $this->requestToken);
  53. $this->response = $this->client->send($request);
  54. } catch (ClientException $ex) {
  55. $this->response = $ex->getResponse();
  56. }
  57. }
  58. /**
  59. * @Given a new client token is used
  60. */
  61. public function aNewClientTokenIsUsed() {
  62. $this->loggingInUsingWebAs('user0');
  63. $fullUrl = substr($this->baseUrl, 0, -5) . '/index.php/settings/personal/authtokens';
  64. $client = new Client();
  65. $options = [
  66. 'auth' => ['user0', '123456'],
  67. 'body' => [
  68. 'requesttoken' => $this->requestToken,
  69. 'name' => md5(microtime()),
  70. ],
  71. 'cookies' => $this->cookieJar,
  72. ];
  73. $resp = $client->send($client->createRequest('POST', $fullUrl, $options));
  74. $this->clientToken = json_decode($resp->getBody()->getContents())->token;
  75. }
  76. /**
  77. * @When requesting :url with :method using basic auth
  78. */
  79. public function requestingWithBasicAuth($url, $method) {
  80. $this->sendRequest($url, $method, 'basic ' . base64_encode('user0:123456'));
  81. }
  82. /**
  83. * @When requesting :url with :method using basic token auth
  84. */
  85. public function requestingWithBasicTokenAuth($url, $method) {
  86. $this->sendRequest($url, $method, 'basic ' . base64_encode('user0:' . $this->clientToken));
  87. }
  88. /**
  89. * @When requesting :url with :method using a client token
  90. */
  91. public function requestingWithUsingAClientToken($url, $method) {
  92. $this->sendRequest($url, $method, 'token ' . $this->clientToken);
  93. }
  94. /**
  95. * @When requesting :url with :method using browser session
  96. */
  97. public function requestingWithBrowserSession($url, $method) {
  98. $this->sendRequest($url, $method, null, true);
  99. }
  100. /**
  101. * @Given a new browser session is started
  102. */
  103. public function aNewBrowserSessionIsStarted($remember = false) {
  104. $loginUrl = substr($this->baseUrl, 0, -5) . '/login';
  105. // Request a new session and extract CSRF token
  106. $client = new Client();
  107. $response = $client->get($loginUrl, [
  108. 'cookies' => $this->cookieJar,
  109. ]);
  110. $this->extracRequestTokenFromResponse($response);
  111. // Login and extract new token
  112. $client = new Client();
  113. $response = $client->post(
  114. $loginUrl, [
  115. 'body' => [
  116. 'user' => 'user0',
  117. 'password' => '123456',
  118. 'remember_login' => $remember ? '1' : '0',
  119. 'requesttoken' => $this->requestToken,
  120. ],
  121. 'cookies' => $this->cookieJar,
  122. ]
  123. );
  124. $this->extracRequestTokenFromResponse($response);
  125. }
  126. /**
  127. * @Given a new remembered browser session is started
  128. */
  129. public function aNewRememberedBrowserSessionIsStarted() {
  130. $this->aNewBrowserSessionIsStarted(true);
  131. }
  132. /**
  133. * @When the session cookie expires
  134. */
  135. public function whenTheSessionCookieExpires() {
  136. $this->cookieJar->clearSessionCookies();
  137. }
  138. }