Home Explore Help
Sign In
RISCI_ATOM
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Files Issues 23 Wiki
Tree: ede0c26b78
Branches Tags
nextcloud-serve...
/
tests
/
lib
/
Security
/
Bruteforce
/
Backend
/
MemoryCacheBackendTest.php

MemoryCacheBackendTest.php 4.5 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139 
  1. <?php
    2. 

  2. 

  3. declare(strict_types=1);
    4. 

  4. 

  5. /**
    6. 

  6.  * SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors
    7. 

  7.  * SPDX-License-Identifier: AGPL-3.0-or-later
    8. 

  8.  */
    9. 

  9. 

  10. namespace Test\Security\Bruteforce\Backend;
    11. 

  11. 

  12. use OC\Security\Bruteforce\Backend\IBackend;
    13. 

  13. use OC\Security\Bruteforce\Backend\MemoryCacheBackend;
    14. 

  14. use OCP\AppFramework\Utility\ITimeFactory;
    15. 

  15. use OCP\ICache;
    16. 

  16. use OCP\ICacheFactory;
    17. 

  17. use PHPUnit\Framework\MockObject\MockObject;
    18. 

  18. use Test\TestCase;
    19. 

  19. 

  20. class MemoryCacheBackendTest extends TestCase {
    21. 

  21. 	/** @var ICacheFactory|MockObject */
    22. 

  22. 	private $cacheFactory;
    23. 

  23. 	/** @var ITimeFactory|MockObject */
    24. 

  24. 	private $timeFactory;
    25. 

  25. 	/** @var ICache|MockObject */
    26. 

  26. 	private $cache;
    27. 

  27. 	private IBackend $backend;
    28. 

  28. 

  29. 	protected function setUp(): void {
    30. 

  30. 		parent::setUp();
    31. 

  31. 

  32. 		$this->cacheFactory = $this->createMock(ICacheFactory::class);
    33. 

  33. 		$this->timeFactory = $this->createMock(ITimeFactory::class);
    34. 

  34. 		$this->cache = $this->createMock(ICache::class);
    35. 

  35. 

  36. 		$this->cacheFactory
    37. 

  37. 			->expects($this->once())
    38. 

  38. 			->method('createDistributed')
    39. 

  39. 			->with('OC\Security\Bruteforce\Backend\MemoryCacheBackend')
    40. 

  40. 			->willReturn($this->cache);
    41. 

  41. 

  42. 		$this->backend = new MemoryCacheBackend(
    43. 

  43. 			$this->cacheFactory,
    44. 

  44. 			$this->timeFactory
    45. 

  45. 		);
    46. 

  46. 	}
    47. 

  47. 

  48. 	public function testGetAttemptsWithNoAttemptsBefore(): void {
    49. 

  49. 		$this->cache
    50. 

  50. 			->expects($this->once())
    51. 

  51. 			->method('get')
    52. 

  52. 			->with('8b9da631d1f7b022bb2c3c489e16092f82b42fd4')
    53. 

  53. 			->willReturn(null);
    54. 

  54. 

  55. 		$this->assertSame(0, $this->backend->getAttempts('10.10.10.10/32', 0));
    56. 

  56. 	}
    57. 

  57. 

  58. 	public function dataGetAttempts(): array {
    59. 

  59. 		return [
    60. 

  60. 			[0, null, null, 4],
    61. 

  61. 			[100, null, null, 2],
    62. 

  62. 			[0, 'action1', null, 2],
    63. 

  63. 			[100, 'action1', null, 1],
    64. 

  64. 			[0, 'action1', ['metadata2'], 1],
    65. 

  65. 			[100, 'action1', ['metadata2'], 1],
    66. 

  66. 			[100, 'action1', ['metadata1'], 0],
    67. 

  67. 		];
    68. 

  68. 	}
    69. 

  69. 

  70. 	/**
    71. 

  71. 	 * @dataProvider dataGetAttempts
    72. 

  72. 	 */
    73. 

  73. 	public function testGetAttempts(int $maxAge, ?string $action, ?array $metadata, int $expected): void {
    74. 

  74. 		$this->cache
    75. 

  75. 			->expects($this->once())
    76. 

  76. 			->method('get')
    77. 

  77. 			->with('8b9da631d1f7b022bb2c3c489e16092f82b42fd4')
    78. 

  78. 			->willReturn(json_encode([
    79. 

  79. 				'1' . '#' . hash('sha1', 'action1') . '#' . hash('sha1', json_encode(['metadata1'])),
    80. 

  80. 				'300' . '#' . hash('sha1', 'action1') . '#' . hash('sha1', json_encode(['metadata2'])),
    81. 

  81. 				'1' . '#' . hash('sha1', 'action2') . '#' . hash('sha1', json_encode(['metadata1'])),
    82. 

  82. 				'300' . '#' . hash('sha1', 'action2') . '#' . hash('sha1', json_encode(['metadata2'])),
    83. 

  83. 			]));
    84. 

  84. 

  85. 		$this->assertSame($expected, $this->backend->getAttempts('10.10.10.10/32', $maxAge, $action, $metadata));
    86. 

  86. 	}
    87. 

  87. 

  88. 	public function testRegisterAttemptWithNoAttemptsBefore(): void {
    89. 

  89. 		$this->cache
    90. 

  90. 			->expects($this->once())
    91. 

  91. 			->method('get')
    92. 

  92. 			->with('8b9da631d1f7b022bb2c3c489e16092f82b42fd4')
    93. 

  93. 			->willReturn(null);
    94. 

  94. 		$this->cache
    95. 

  95. 			->expects($this->once())
    96. 

  96. 			->method('set')
    97. 

  97. 			->with(
    98. 

  98. 				'8b9da631d1f7b022bb2c3c489e16092f82b42fd4',
    99. 

  99. 				json_encode(['223#' . hash('sha1', 'action1') . '#' . hash('sha1', json_encode(['metadata1']))])
    100. 

  100. 			);
    101. 

  101. 

  102. 		$this->backend->registerAttempt('10.10.10.10', '10.10.10.10/32', 223, 'action1', ['metadata1']);
    103. 

  103. 	}
    104. 

  104. 

  105. 	public function testRegisterAttempt(): void {
    106. 

  106. 		$this->timeFactory
    107. 

  107. 			->expects($this->once())
    108. 

  108. 			->method('getTime')
    109. 

  109. 			->willReturn(12 * 3600 + 86);
    110. 

  110. 

  111. 		$this->cache
    112. 

  112. 			->expects($this->once())
    113. 

  113. 			->method('get')
    114. 

  114. 			->with('8b9da631d1f7b022bb2c3c489e16092f82b42fd4')
    115. 

  115. 			->willReturn(json_encode([
    116. 

  116. 				'1#' . hash('sha1', 'action1') . '#' . hash('sha1', json_encode(['metadata1'])),
    117. 

  117. 				'2#' . hash('sha1', 'action2') . '#' . hash('sha1', json_encode(['metadata1'])),
    118. 

  118. 				'87#' . hash('sha1', 'action3') . '#' . hash('sha1', json_encode(['metadata1'])),
    119. 

  119. 				'123#' . hash('sha1', 'action4') . '#' . hash('sha1', json_encode(['metadata1'])),
    120. 

  120. 				'123#' . hash('sha1', 'action5') . '#' . hash('sha1', json_encode(['metadata1'])),
    121. 

  121. 				'124#' . hash('sha1', 'action6') . '#' . hash('sha1', json_encode(['metadata1'])),
    122. 

  122. 			]));
    123. 

  123. 		$this->cache
    124. 

  124. 			->expects($this->once())
    125. 

  125. 			->method('set')
    126. 

  126. 			->with(
    127. 

  127. 				'8b9da631d1f7b022bb2c3c489e16092f82b42fd4',
    128. 

  128. 				json_encode([
    129. 

  129. 					'87#' . hash('sha1', 'action3') . '#' . hash('sha1', json_encode(['metadata1'])),
    130. 

  130. 					'123#' . hash('sha1', 'action4') . '#' . hash('sha1', json_encode(['metadata1'])),
    131. 

  131. 					'123#' . hash('sha1', 'action5') . '#' . hash('sha1', json_encode(['metadata1'])),
    132. 

  132. 					'124#' . hash('sha1', 'action6') . '#' . hash('sha1', json_encode(['metadata1'])),
    133. 

  133. 					'186#' . hash('sha1', 'action7') . '#' . hash('sha1', json_encode(['metadata2'])),
    134. 

  134. 				])
    135. 

  135. 			);
    136. 

  136. 

  137. 		$this->backend->registerAttempt('10.10.10.10', '10.10.10.10/32', 186, 'action7', ['metadata2']);
    138. 

  138. 	}
    139. 

  139. }
    140.