2016-08-29 20:19:44 +03:00
|
|
|
<?php
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
|
|
|
|
*
|
|
|
|
* @license GNU AGPL version 3 or any later version
|
|
|
|
*
|
|
|
|
* This program is free software: you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU Affero General Public License as
|
|
|
|
* published by the Free Software Foundation, either version 3 of the
|
|
|
|
* License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU Affero General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU Affero General Public License
|
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
2016-10-03 22:47:33 +03:00
|
|
|
namespace OCA\TwoFactorBackupCodes\Tests\Unit\Service;
|
2016-08-29 20:19:44 +03:00
|
|
|
|
2016-10-03 22:47:33 +03:00
|
|
|
use OCA\TwoFactorBackupCodes\Db\BackupCode;
|
|
|
|
use OCA\TwoFactorBackupCodes\Db\BackupCodeMapper;
|
|
|
|
use OCA\TwoFactorBackupCodes\Service\BackupCodeStorage;
|
2016-12-13 12:47:48 +03:00
|
|
|
use OCP\Activity\IEvent;
|
|
|
|
use OCP\Activity\IManager;
|
2016-12-13 17:15:14 +03:00
|
|
|
use OCP\ILogger;
|
2016-08-29 20:19:44 +03:00
|
|
|
use OCP\IUser;
|
|
|
|
use OCP\Security\IHasher;
|
|
|
|
use OCP\Security\ISecureRandom;
|
2017-01-16 15:14:15 +03:00
|
|
|
use PHPUnit_Framework_MockObject_MockObject;
|
2016-08-29 20:19:44 +03:00
|
|
|
use Test\TestCase;
|
|
|
|
|
|
|
|
class BackupCodeStorageTest extends TestCase {
|
|
|
|
|
2017-01-16 15:14:15 +03:00
|
|
|
/** @var BackupCodeMapper|PHPUnit_Framework_MockObject_MockObject */
|
2016-08-29 20:19:44 +03:00
|
|
|
private $mapper;
|
|
|
|
|
2017-01-16 15:14:15 +03:00
|
|
|
/** @var ISecureRandom|PHPUnit_Framework_MockObject_MockObject */
|
2016-08-29 20:19:44 +03:00
|
|
|
private $random;
|
|
|
|
|
2017-01-16 15:14:15 +03:00
|
|
|
/** @var IHasher|PHPUnit_Framework_MockObject_MockObject */
|
2016-08-29 20:19:44 +03:00
|
|
|
private $hasher;
|
|
|
|
|
2017-01-16 15:14:15 +03:00
|
|
|
/** @var IManager|PHPUnit_Framework_MockObject_MockObject */
|
2016-12-13 12:47:48 +03:00
|
|
|
private $activityManager;
|
|
|
|
|
2017-01-16 15:14:15 +03:00
|
|
|
/** @var ILogger|PHPUnit_Framework_MockObject_MockObject */
|
2016-12-13 17:15:14 +03:00
|
|
|
private $logger;
|
|
|
|
|
2016-08-29 20:19:44 +03:00
|
|
|
/** @var BackupCodeStorage */
|
|
|
|
private $storage;
|
|
|
|
|
|
|
|
protected function setUp() {
|
|
|
|
parent::setUp();
|
|
|
|
|
2017-01-16 15:14:15 +03:00
|
|
|
$this->mapper = $this->createMock(BackupCodeMapper::class);
|
|
|
|
$this->random = $this->createMock(ISecureRandom::class);
|
|
|
|
$this->hasher = $this->createMock(IHasher::class);
|
2016-12-13 12:47:48 +03:00
|
|
|
$this->activityManager = $this->createMock(IManager::class);
|
2016-12-13 17:15:14 +03:00
|
|
|
$this->logger = $this->createMock(ILogger::class);
|
|
|
|
|
|
|
|
$this->storage = new BackupCodeStorage($this->mapper, $this->random, $this->hasher, $this->activityManager, $this->logger);
|
2016-08-29 20:19:44 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
public function testCreateCodes() {
|
2017-01-16 15:14:15 +03:00
|
|
|
$user = $this->createMock(IUser::class);
|
2016-08-29 20:19:44 +03:00
|
|
|
$number = 5;
|
2016-12-13 12:47:48 +03:00
|
|
|
$event = $this->createMock(IEvent::class);
|
2016-08-29 20:19:44 +03:00
|
|
|
|
2016-12-13 12:47:48 +03:00
|
|
|
$user->expects($this->any())
|
2016-08-29 20:19:44 +03:00
|
|
|
->method('getUID')
|
|
|
|
->will($this->returnValue('fritz'));
|
|
|
|
$this->random->expects($this->exactly($number))
|
|
|
|
->method('generate')
|
2017-01-16 13:24:03 +03:00
|
|
|
->with(16, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789')
|
2016-08-29 20:19:44 +03:00
|
|
|
->will($this->returnValue('CODEABCDEF'));
|
|
|
|
$this->hasher->expects($this->exactly($number))
|
|
|
|
->method('hash')
|
|
|
|
->with('CODEABCDEF')
|
|
|
|
->will($this->returnValue('HASHEDCODE'));
|
|
|
|
$row = new BackupCode();
|
|
|
|
$row->setUserId('fritz');
|
|
|
|
$row->setCode('HASHEDCODE');
|
|
|
|
$row->setUsed(0);
|
|
|
|
$this->mapper->expects($this->exactly($number))
|
|
|
|
->method('insert')
|
|
|
|
->with($this->equalTo($row));
|
2016-12-13 12:47:48 +03:00
|
|
|
$this->activityManager->expects($this->once())
|
|
|
|
->method('generateEvent')
|
|
|
|
->will($this->returnValue($event));
|
|
|
|
$event->expects($this->once())
|
|
|
|
->method('setApp')
|
|
|
|
->with('twofactor_backupcodes')
|
|
|
|
->will($this->returnSelf());
|
|
|
|
$event->expects($this->once())
|
|
|
|
->method('setType')
|
2017-05-16 11:30:41 +03:00
|
|
|
->with('security')
|
2016-12-13 12:47:48 +03:00
|
|
|
->will($this->returnSelf());
|
|
|
|
$event->expects($this->once())
|
|
|
|
->method('setAuthor')
|
|
|
|
->with('fritz')
|
|
|
|
->will($this->returnSelf());
|
|
|
|
$event->expects($this->once())
|
|
|
|
->method('setAffectedUser')
|
|
|
|
->with('fritz')
|
|
|
|
->will($this->returnSelf());
|
|
|
|
$this->activityManager->expects($this->once())
|
|
|
|
->method('publish')
|
|
|
|
->will($this->returnValue($event));
|
2016-08-29 20:19:44 +03:00
|
|
|
|
|
|
|
$codes = $this->storage->createCodes($user, $number);
|
|
|
|
$this->assertCount($number, $codes);
|
|
|
|
foreach ($codes as $code) {
|
|
|
|
$this->assertEquals('CODEABCDEF', $code);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testHasBackupCodes() {
|
2017-01-16 15:14:15 +03:00
|
|
|
$user = $this->createMock(IUser::class);
|
2016-08-29 20:19:44 +03:00
|
|
|
$codes = [
|
|
|
|
new BackupCode(),
|
|
|
|
new BackupCode(),
|
|
|
|
];
|
|
|
|
|
|
|
|
$this->mapper->expects($this->once())
|
|
|
|
->method('getBackupCodes')
|
|
|
|
->with($user)
|
|
|
|
->will($this->returnValue($codes));
|
|
|
|
|
|
|
|
$this->assertTrue($this->storage->hasBackupCodes($user));
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testHasBackupCodesNoCodes() {
|
2017-01-16 15:14:15 +03:00
|
|
|
$user = $this->createMock(IUser::class);
|
2016-08-29 20:19:44 +03:00
|
|
|
$codes = [];
|
|
|
|
|
|
|
|
$this->mapper->expects($this->once())
|
|
|
|
->method('getBackupCodes')
|
|
|
|
->with($user)
|
|
|
|
->will($this->returnValue($codes));
|
|
|
|
|
|
|
|
$this->assertFalse($this->storage->hasBackupCodes($user));
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testGetBackupCodeState() {
|
2017-01-16 15:14:15 +03:00
|
|
|
$user = $this->createMock(IUser::class);
|
2016-08-29 20:19:44 +03:00
|
|
|
|
|
|
|
$code1 = new BackupCode();
|
|
|
|
$code1->setUsed(1);
|
|
|
|
$code2 = new BackupCode();
|
|
|
|
$code2->setUsed('0');
|
|
|
|
$codes = [
|
|
|
|
$code1,
|
|
|
|
$code2,
|
|
|
|
];
|
|
|
|
|
|
|
|
$this->mapper->expects($this->once())
|
|
|
|
->method('getBackupCodes')
|
|
|
|
->with($user)
|
|
|
|
->will($this->returnValue($codes));
|
|
|
|
|
|
|
|
$expected = [
|
|
|
|
'enabled' => true,
|
|
|
|
'total' => 2,
|
|
|
|
'used' => 1,
|
|
|
|
];
|
|
|
|
$this->assertEquals($expected, $this->storage->getBackupCodesState($user));
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testGetBackupCodeDisabled() {
|
2017-01-16 15:14:15 +03:00
|
|
|
$user = $this->createMock(IUser::class);
|
2016-08-29 20:19:44 +03:00
|
|
|
|
|
|
|
$codes = [];
|
|
|
|
|
|
|
|
$this->mapper->expects($this->once())
|
|
|
|
->method('getBackupCodes')
|
|
|
|
->with($user)
|
|
|
|
->will($this->returnValue($codes));
|
|
|
|
|
|
|
|
$expected = [
|
|
|
|
'enabled' => false,
|
|
|
|
'total' => 0,
|
|
|
|
'used' => 0,
|
|
|
|
];
|
|
|
|
$this->assertEquals($expected, $this->storage->getBackupCodesState($user));
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testValidateCode() {
|
2017-01-16 15:14:15 +03:00
|
|
|
$user = $this->createMock(IUser::class);
|
2016-08-29 20:19:44 +03:00
|
|
|
$code = new BackupCode();
|
|
|
|
$code->setUsed(0);
|
|
|
|
$code->setCode('HASHEDVALUE');
|
|
|
|
$codes = [
|
|
|
|
$code,
|
|
|
|
];
|
|
|
|
|
|
|
|
$this->mapper->expects($this->once())
|
|
|
|
->method('getBackupCodes')
|
|
|
|
->with($user)
|
|
|
|
->will($this->returnValue($codes));
|
|
|
|
$this->hasher->expects($this->once())
|
|
|
|
->method('verify')
|
2016-09-07 21:34:47 +03:00
|
|
|
->with('CHALLENGE', 'HASHEDVALUE', $this->anything())
|
2016-08-29 20:19:44 +03:00
|
|
|
->will($this->returnValue(true));
|
|
|
|
$this->mapper->expects($this->once())
|
|
|
|
->method('update')
|
|
|
|
->with($code);
|
|
|
|
|
|
|
|
$this->assertTrue($this->storage->validateCode($user, 'CHALLENGE'));
|
|
|
|
|
|
|
|
$this->assertEquals(1, $code->getUsed());
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testValidateUsedCode() {
|
2017-01-16 15:14:15 +03:00
|
|
|
$user = $this->createMock(IUser::class);
|
2016-08-29 20:19:44 +03:00
|
|
|
$code = new BackupCode();
|
|
|
|
$code->setUsed('1');
|
|
|
|
$code->setCode('HASHEDVALUE');
|
|
|
|
$codes = [
|
|
|
|
$code,
|
|
|
|
];
|
|
|
|
|
|
|
|
$this->mapper->expects($this->once())
|
|
|
|
->method('getBackupCodes')
|
|
|
|
->with($user)
|
|
|
|
->will($this->returnValue($codes));
|
|
|
|
$this->hasher->expects($this->never())
|
2016-09-07 21:34:47 +03:00
|
|
|
->method('verify');
|
2016-08-29 20:19:44 +03:00
|
|
|
$this->mapper->expects($this->never())
|
|
|
|
->method('update');
|
|
|
|
|
|
|
|
$this->assertFalse($this->storage->validateCode($user, 'CHALLENGE'));
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testValidateCodeWithWrongHash() {
|
2017-01-16 15:14:15 +03:00
|
|
|
$user = $this->createMock(IUser::class);
|
2016-08-29 20:19:44 +03:00
|
|
|
$code = new BackupCode();
|
|
|
|
$code->setUsed(0);
|
|
|
|
$code->setCode('HASHEDVALUE');
|
|
|
|
$codes = [
|
|
|
|
$code,
|
|
|
|
];
|
|
|
|
|
|
|
|
$this->mapper->expects($this->once())
|
|
|
|
->method('getBackupCodes')
|
|
|
|
->with($user)
|
|
|
|
->will($this->returnValue($codes));
|
|
|
|
$this->hasher->expects($this->once())
|
|
|
|
->method('verify')
|
|
|
|
->with('CHALLENGE', 'HASHEDVALUE')
|
|
|
|
->will($this->returnValue(false));
|
|
|
|
$this->mapper->expects($this->never())
|
|
|
|
->method('update');
|
|
|
|
|
|
|
|
$this->assertFalse($this->storage->validateCode($user, 'CHALLENGE'));
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|