123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249 |
- <?php
- declare(strict_types=1);
- /**
- * SPDX-FileCopyrightText: 2018 Nextcloud GmbH and Nextcloud contributors
- * SPDX-License-Identifier: AGPL-3.0-or-later
- */
- namespace Tests\Core\Controller;
- use OC\Authentication\Exceptions\InvalidTokenException;
- use OC\Authentication\Token\IProvider;
- use OC\Authentication\Token\IToken;
- use OC\Core\Controller\AppPasswordController;
- use OC\User\Session;
- use OCP\AppFramework\Http\DataResponse;
- use OCP\AppFramework\OCS\OCSForbiddenException;
- use OCP\Authentication\Exceptions\CredentialsUnavailableException;
- use OCP\Authentication\Exceptions\PasswordUnavailableException;
- use OCP\Authentication\LoginCredentials\ICredentials;
- use OCP\Authentication\LoginCredentials\IStore;
- use OCP\EventDispatcher\IEventDispatcher;
- use OCP\IRequest;
- use OCP\ISession;
- use OCP\IUserManager;
- use OCP\Security\Bruteforce\IThrottler;
- use OCP\Security\ISecureRandom;
- use PHPUnit\Framework\MockObject\MockObject;
- use Test\TestCase;
- class AppPasswordControllerTest extends TestCase {
- /** @var ISession|MockObject */
- private $session;
- /** @var ISecureRandom|MockObject */
- private $random;
- /** @var IProvider|MockObject */
- private $tokenProvider;
- /** @var IStore|MockObject */
- private $credentialStore;
- /** @var IRequest|MockObject */
- private $request;
- /** @var IEventDispatcher|\PHPUnit\Framework\MockObject\MockObject */
- private $eventDispatcher;
- /** @var Session|MockObject */
- private $userSession;
- /** @var IUserManager|MockObject */
- private $userManager;
- /** @var IThrottler|MockObject */
- private $throttler;
- /** @var AppPasswordController */
- private $controller;
- protected function setUp(): void {
- parent::setUp();
- $this->session = $this->createMock(ISession::class);
- $this->random = $this->createMock(ISecureRandom::class);
- $this->tokenProvider = $this->createMock(IProvider::class);
- $this->credentialStore = $this->createMock(IStore::class);
- $this->request = $this->createMock(IRequest::class);
- $this->eventDispatcher = $this->createMock(IEventDispatcher::class);
- $this->userSession = $this->createMock(Session::class);
- $this->userManager = $this->createMock(IUserManager::class);
- $this->throttler = $this->createMock(IThrottler::class);
- $this->controller = new AppPasswordController(
- 'core',
- $this->request,
- $this->session,
- $this->random,
- $this->tokenProvider,
- $this->credentialStore,
- $this->eventDispatcher,
- $this->userSession,
- $this->userManager,
- $this->throttler
- );
- }
- public function testGetAppPasswordWithAppPassword(): void {
- $this->session->method('exists')
- ->with('app_password')
- ->willReturn(true);
- $this->expectException(OCSForbiddenException::class);
- $this->controller->getAppPassword();
- }
- public function testGetAppPasswordNoLoginCreds(): void {
- $this->session->method('exists')
- ->with('app_password')
- ->willReturn(false);
- $this->credentialStore->method('getLoginCredentials')
- ->willThrowException(new CredentialsUnavailableException());
- $this->expectException(OCSForbiddenException::class);
- $this->controller->getAppPassword();
- }
- public function testGetAppPassword(): void {
- $credentials = $this->createMock(ICredentials::class);
- $this->session->method('exists')
- ->with('app_password')
- ->willReturn(false);
- $this->credentialStore->method('getLoginCredentials')
- ->willReturn($credentials);
- $credentials->method('getUid')
- ->willReturn('myUID');
- $credentials->method('getPassword')
- ->willReturn('myPassword');
- $credentials->method('getLoginName')
- ->willReturn('myLoginName');
- $this->request->method('getHeader')
- ->with('USER_AGENT')
- ->willReturn('myUA');
- $this->random->method('generate')
- ->with(
- 72,
- ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS
- )->willReturn('myToken');
- $this->tokenProvider->expects($this->once())
- ->method('generateToken')
- ->with(
- 'myToken',
- 'myUID',
- 'myLoginName',
- 'myPassword',
- 'myUA',
- IToken::PERMANENT_TOKEN,
- IToken::DO_NOT_REMEMBER
- );
- $this->eventDispatcher->expects($this->once())
- ->method('dispatchTyped');
- $this->controller->getAppPassword();
- }
- public function testGetAppPasswordNoPassword(): void {
- $credentials = $this->createMock(ICredentials::class);
- $this->session->method('exists')
- ->with('app_password')
- ->willReturn(false);
- $this->credentialStore->method('getLoginCredentials')
- ->willReturn($credentials);
- $credentials->method('getUid')
- ->willReturn('myUID');
- $credentials->method('getPassword')
- ->willThrowException(new PasswordUnavailableException());
- $credentials->method('getLoginName')
- ->willReturn('myLoginName');
- $this->request->method('getHeader')
- ->with('USER_AGENT')
- ->willReturn('myUA');
- $this->random->method('generate')
- ->with(
- 72,
- ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS
- )->willReturn('myToken');
- $this->tokenProvider->expects($this->once())
- ->method('generateToken')
- ->with(
- 'myToken',
- 'myUID',
- 'myLoginName',
- null,
- 'myUA',
- IToken::PERMANENT_TOKEN,
- IToken::DO_NOT_REMEMBER
- );
- $this->eventDispatcher->expects($this->once())
- ->method('dispatchTyped');
- $this->controller->getAppPassword();
- }
- public function testDeleteAppPasswordNoAppPassword(): void {
- $this->session->method('exists')
- ->with('app_password')
- ->willReturn(false);
- $this->expectException(OCSForbiddenException::class);
- $this->controller->deleteAppPassword();
- }
- public function testDeleteAppPasswordFails(): void {
- $this->session->method('exists')
- ->with('app_password')
- ->willReturn(true);
- $this->session->method('get')
- ->with('app_password')
- ->willReturn('myAppPassword');
- $this->tokenProvider->method('getToken')
- ->with('myAppPassword')
- ->willThrowException(new InvalidTokenException());
- $this->expectException(OCSForbiddenException::class);
- $this->controller->deleteAppPassword();
- }
- public function testDeleteAppPasswordSuccess(): void {
- $this->session->method('exists')
- ->with('app_password')
- ->willReturn(true);
- $this->session->method('get')
- ->with('app_password')
- ->willReturn('myAppPassword');
- $token = $this->createMock(IToken::class);
- $this->tokenProvider->method('getToken')
- ->with('myAppPassword')
- ->willReturn($token);
- $token->method('getUID')
- ->willReturn('myUID');
- $token->method('getId')
- ->willReturn(42);
- $this->tokenProvider->expects($this->once())
- ->method('invalidateTokenById')
- ->with(
- 'myUID',
- 42
- );
- $result = $this->controller->deleteAppPassword();
- $this->assertEquals(new DataResponse(), $result);
- }
- }
|