ManagerTest.php 9.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393
  1. <?php
  2. declare(strict_types=1);
  3. /**
  4. * SPDX-FileCopyrightText: 2018 Nextcloud GmbH and Nextcloud contributors
  5. * SPDX-License-Identifier: AGPL-3.0-or-later
  6. */
  7. namespace Test\Authentication\Token;
  8. use Doctrine\DBAL\Exception\UniqueConstraintViolationException;
  9. use OC\Authentication\Exceptions\InvalidTokenException;
  10. use OC\Authentication\Token\IToken;
  11. use OC\Authentication\Token\Manager;
  12. use OC\Authentication\Token\PublicKeyToken;
  13. use OC\Authentication\Token\PublicKeyTokenProvider;
  14. use PHPUnit\Framework\MockObject\MockObject;
  15. use Test\TestCase;
  16. class ManagerTest extends TestCase {
  17. /** @var PublicKeyTokenProvider|MockObject */
  18. private $publicKeyTokenProvider;
  19. /** @var Manager */
  20. private $manager;
  21. protected function setUp(): void {
  22. parent::setUp();
  23. $this->publicKeyTokenProvider = $this->createMock(PublicKeyTokenProvider::class);
  24. $this->manager = new Manager(
  25. $this->publicKeyTokenProvider
  26. );
  27. }
  28. public function testGenerateToken(): void {
  29. $token = new PublicKeyToken();
  30. $this->publicKeyTokenProvider->expects($this->once())
  31. ->method('generateToken')
  32. ->with(
  33. 'token',
  34. 'uid',
  35. 'loginName',
  36. 'password',
  37. 'name',
  38. IToken::TEMPORARY_TOKEN,
  39. IToken::REMEMBER
  40. )->willReturn($token);
  41. $actual = $this->manager->generateToken(
  42. 'token',
  43. 'uid',
  44. 'loginName',
  45. 'password',
  46. 'name',
  47. IToken::TEMPORARY_TOKEN,
  48. IToken::REMEMBER
  49. );
  50. $this->assertSame($token, $actual);
  51. }
  52. public function testGenerateConflictingToken(): void {
  53. /** @var MockObject|UniqueConstraintViolationException $exception */
  54. $exception = $this->createMock(UniqueConstraintViolationException::class);
  55. $token = new PublicKeyToken();
  56. $token->setUid('uid');
  57. $this->publicKeyTokenProvider->expects($this->once())
  58. ->method('generateToken')
  59. ->with(
  60. 'token',
  61. 'uid',
  62. 'loginName',
  63. 'password',
  64. 'name',
  65. IToken::TEMPORARY_TOKEN,
  66. IToken::REMEMBER
  67. )->willThrowException($exception);
  68. $this->publicKeyTokenProvider->expects($this->once())
  69. ->method('getToken')
  70. ->with('token')
  71. ->willReturn($token);
  72. $actual = $this->manager->generateToken(
  73. 'token',
  74. 'uid',
  75. 'loginName',
  76. 'password',
  77. 'name',
  78. IToken::TEMPORARY_TOKEN,
  79. IToken::REMEMBER
  80. );
  81. $this->assertSame($token, $actual);
  82. }
  83. public function testGenerateTokenTooLongName(): void {
  84. $token = $this->createMock(IToken::class);
  85. $token->method('getName')
  86. ->willReturn(str_repeat('a', 120) . '…');
  87. $this->publicKeyTokenProvider->expects($this->once())
  88. ->method('generateToken')
  89. ->with(
  90. 'token',
  91. 'uid',
  92. 'loginName',
  93. 'password',
  94. str_repeat('a', 120) . '…',
  95. IToken::TEMPORARY_TOKEN,
  96. IToken::REMEMBER
  97. )->willReturn($token);
  98. $actual = $this->manager->generateToken(
  99. 'token',
  100. 'uid',
  101. 'loginName',
  102. 'password',
  103. str_repeat('a', 200),
  104. IToken::TEMPORARY_TOKEN,
  105. IToken::REMEMBER
  106. );
  107. $this->assertSame(121, mb_strlen($actual->getName()));
  108. }
  109. public function tokenData(): array {
  110. return [
  111. [new PublicKeyToken()],
  112. [$this->createMock(IToken::class)],
  113. ];
  114. }
  115. protected function setNoCall(IToken $token) {
  116. if (!($token instanceof PublicKeyToken)) {
  117. $this->publicKeyTokenProvider->expects($this->never())
  118. ->method($this->anything());
  119. }
  120. }
  121. protected function setCall(IToken $token, string $function, $return = null) {
  122. if ($token instanceof PublicKeyToken) {
  123. $this->publicKeyTokenProvider->expects($this->once())
  124. ->method($function)
  125. ->with($token)
  126. ->willReturn($return);
  127. }
  128. }
  129. protected function setException(IToken $token) {
  130. if (!($token instanceof PublicKeyToken)) {
  131. $this->expectException(InvalidTokenException::class);
  132. }
  133. }
  134. /**
  135. * @dataProvider tokenData
  136. */
  137. public function testUpdateToken(IToken $token): void {
  138. $this->setNoCall($token);
  139. $this->setCall($token, 'updateToken');
  140. $this->setException($token);
  141. $this->manager->updateToken($token);
  142. }
  143. /**
  144. * @dataProvider tokenData
  145. */
  146. public function testUpdateTokenActivity(IToken $token): void {
  147. $this->setNoCall($token);
  148. $this->setCall($token, 'updateTokenActivity');
  149. $this->setException($token);
  150. $this->manager->updateTokenActivity($token);
  151. }
  152. /**
  153. * @dataProvider tokenData
  154. */
  155. public function testGetPassword(IToken $token): void {
  156. $this->setNoCall($token);
  157. $this->setCall($token, 'getPassword', 'password');
  158. $this->setException($token);
  159. $result = $this->manager->getPassword($token, 'tokenId', 'password');
  160. $this->assertSame('password', $result);
  161. }
  162. /**
  163. * @dataProvider tokenData
  164. */
  165. public function testSetPassword(IToken $token): void {
  166. $this->setNoCall($token);
  167. $this->setCall($token, 'setPassword');
  168. $this->setException($token);
  169. $this->manager->setPassword($token, 'tokenId', 'password');
  170. }
  171. public function testInvalidateTokens(): void {
  172. $this->publicKeyTokenProvider->expects($this->once())
  173. ->method('invalidateToken')
  174. ->with('token');
  175. $this->manager->invalidateToken('token');
  176. }
  177. public function testInvalidateTokenById(): void {
  178. $this->publicKeyTokenProvider->expects($this->once())
  179. ->method('invalidateTokenById')
  180. ->with('uid', 42);
  181. $this->manager->invalidateTokenById('uid', 42);
  182. }
  183. public function testInvalidateOldTokens(): void {
  184. $this->publicKeyTokenProvider->expects($this->once())
  185. ->method('invalidateOldTokens');
  186. $this->manager->invalidateOldTokens();
  187. }
  188. public function testInvalidateLastUsedBefore(): void {
  189. $this->publicKeyTokenProvider->expects($this->once())
  190. ->method('invalidateLastUsedBefore')
  191. ->with('user', 946684800);
  192. $this->manager->invalidateLastUsedBefore('user', 946684800);
  193. }
  194. public function testGetTokenByUser(): void {
  195. $t1 = new PublicKeyToken();
  196. $t2 = new PublicKeyToken();
  197. $this->publicKeyTokenProvider
  198. ->method('getTokenByUser')
  199. ->willReturn([$t1, $t2]);
  200. $result = $this->manager->getTokenByUser('uid');
  201. $this->assertEquals([$t1, $t2], $result);
  202. }
  203. public function testRenewSessionTokenPublicKey(): void {
  204. $this->publicKeyTokenProvider->expects($this->once())
  205. ->method('renewSessionToken')
  206. ->with('oldId', 'newId');
  207. $this->manager->renewSessionToken('oldId', 'newId');
  208. }
  209. public function testRenewSessionInvalid(): void {
  210. $this->publicKeyTokenProvider->expects($this->once())
  211. ->method('renewSessionToken')
  212. ->with('oldId', 'newId')
  213. ->willThrowException(new InvalidTokenException());
  214. $this->expectException(InvalidTokenException::class);
  215. $this->manager->renewSessionToken('oldId', 'newId');
  216. }
  217. public function testGetTokenByIdPublicKey(): void {
  218. $token = $this->createMock(IToken::class);
  219. $this->publicKeyTokenProvider->expects($this->once())
  220. ->method('getTokenById')
  221. ->with(42)
  222. ->willReturn($token);
  223. $this->assertSame($token, $this->manager->getTokenById(42));
  224. }
  225. public function testGetTokenByIdInvalid(): void {
  226. $this->publicKeyTokenProvider->expects($this->once())
  227. ->method('getTokenById')
  228. ->with(42)
  229. ->willThrowException(new InvalidTokenException());
  230. $this->expectException(InvalidTokenException::class);
  231. $this->manager->getTokenById(42);
  232. }
  233. public function testGetTokenPublicKey(): void {
  234. $token = new PublicKeyToken();
  235. $this->publicKeyTokenProvider
  236. ->method('getToken')
  237. ->with('tokenId')
  238. ->willReturn($token);
  239. $this->assertSame($token, $this->manager->getToken('tokenId'));
  240. }
  241. public function testGetTokenInvalid(): void {
  242. $this->publicKeyTokenProvider
  243. ->method('getToken')
  244. ->with('tokenId')
  245. ->willThrowException(new InvalidTokenException());
  246. $this->expectException(InvalidTokenException::class);
  247. $this->manager->getToken('tokenId');
  248. }
  249. public function testRotateInvalid(): void {
  250. $this->expectException(InvalidTokenException::class);
  251. $this->manager->rotate($this->createMock(IToken::class), 'oldId', 'newId');
  252. }
  253. public function testRotatePublicKey(): void {
  254. $token = new PublicKeyToken();
  255. $this->publicKeyTokenProvider
  256. ->method('rotate')
  257. ->with($token, 'oldId', 'newId')
  258. ->willReturn($token);
  259. $this->assertSame($token, $this->manager->rotate($token, 'oldId', 'newId'));
  260. }
  261. public function testMarkPasswordInvalidPublicKey(): void {
  262. $token = $this->createMock(PublicKeyToken::class);
  263. $this->publicKeyTokenProvider->expects($this->once())
  264. ->method('markPasswordInvalid')
  265. ->with($token, 'tokenId');
  266. $this->manager->markPasswordInvalid($token, 'tokenId');
  267. }
  268. public function testMarkPasswordInvalidInvalidToken(): void {
  269. $this->expectException(InvalidTokenException::class);
  270. $this->manager->markPasswordInvalid($this->createMock(IToken::class), 'tokenId');
  271. }
  272. public function testUpdatePasswords(): void {
  273. $this->publicKeyTokenProvider->expects($this->once())
  274. ->method('updatePasswords')
  275. ->with('uid', 'pass');
  276. $this->manager->updatePasswords('uid', 'pass');
  277. }
  278. public function testInvalidateTokensOfUserNoClientName(): void {
  279. $t1 = new PublicKeyToken();
  280. $t2 = new PublicKeyToken();
  281. $t1->setId(123);
  282. $t2->setId(456);
  283. $this->publicKeyTokenProvider
  284. ->expects($this->once())
  285. ->method('getTokenByUser')
  286. ->with('theUser')
  287. ->willReturn([$t1, $t2]);
  288. $this->publicKeyTokenProvider
  289. ->expects($this->exactly(2))
  290. ->method('invalidateTokenById')
  291. ->withConsecutive(
  292. ['theUser', 123],
  293. ['theUser', 456],
  294. );
  295. $this->manager->invalidateTokensOfUser('theUser', null);
  296. }
  297. public function testInvalidateTokensOfUserClientNameGiven(): void {
  298. $t1 = new PublicKeyToken();
  299. $t2 = new PublicKeyToken();
  300. $t3 = new PublicKeyToken();
  301. $t1->setId(123);
  302. $t1->setName('Firefox session');
  303. $t2->setId(456);
  304. $t2->setName('My Client Name');
  305. $t3->setId(789);
  306. $t3->setName('mobile client');
  307. $this->publicKeyTokenProvider
  308. ->expects($this->once())
  309. ->method('getTokenByUser')
  310. ->with('theUser')
  311. ->willReturn([$t1, $t2, $t3]);
  312. $this->publicKeyTokenProvider
  313. ->expects($this->once())
  314. ->method('invalidateTokenById')
  315. ->with('theUser', 456);
  316. $this->manager->invalidateTokensOfUser('theUser', 'My Client Name');
  317. }
  318. }