2016-04-11 13:08:00 +03:00
|
|
|
<?php
|
|
|
|
/**
|
|
|
|
* @author Lukas Reschke <lukas@owncloud.com>
|
|
|
|
*
|
|
|
|
* @copyright Copyright (c) 2016, ownCloud, Inc.
|
|
|
|
* @license AGPL-3.0
|
|
|
|
*
|
|
|
|
* This code is free software: you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU Affero General Public License, version 3,
|
|
|
|
* as published by the Free Software Foundation.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU Affero General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU Affero General Public License, version 3,
|
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
2016-05-19 11:43:49 +03:00
|
|
|
namespace Tests\Core\Controller;
|
2016-04-11 13:08:00 +03:00
|
|
|
|
2016-05-11 12:23:25 +03:00
|
|
|
use OC\Authentication\TwoFactorAuth\Manager;
|
2016-05-19 11:43:49 +03:00
|
|
|
use OC\Core\Controller\LoginController;
|
2016-07-20 19:36:15 +03:00
|
|
|
use OC\Security\Bruteforce\Throttler;
|
2016-04-11 13:08:00 +03:00
|
|
|
use OCP\AppFramework\Http\RedirectResponse;
|
|
|
|
use OCP\AppFramework\Http\TemplateResponse;
|
|
|
|
use OCP\IConfig;
|
|
|
|
use OCP\IRequest;
|
|
|
|
use OCP\ISession;
|
2016-04-18 13:14:07 +03:00
|
|
|
use OCP\IURLGenerator;
|
2016-06-09 17:44:31 +03:00
|
|
|
use OCP\IUser;
|
2016-04-11 13:08:00 +03:00
|
|
|
use OCP\IUserManager;
|
|
|
|
use OCP\IUserSession;
|
|
|
|
use Test\TestCase;
|
|
|
|
|
|
|
|
class LoginControllerTest extends TestCase {
|
|
|
|
/** @var LoginController */
|
|
|
|
private $loginController;
|
2016-06-09 17:44:31 +03:00
|
|
|
/** @var IRequest | \PHPUnit_Framework_MockObject_MockObject */
|
2016-04-11 13:08:00 +03:00
|
|
|
private $request;
|
2016-06-09 17:44:31 +03:00
|
|
|
/** @var IUserManager | \PHPUnit_Framework_MockObject_MockObject */
|
2016-04-11 13:08:00 +03:00
|
|
|
private $userManager;
|
2016-06-09 17:44:31 +03:00
|
|
|
/** @var IConfig | \PHPUnit_Framework_MockObject_MockObject */
|
2016-04-11 13:08:00 +03:00
|
|
|
private $config;
|
2016-06-09 17:44:31 +03:00
|
|
|
/** @var ISession | \PHPUnit_Framework_MockObject_MockObject */
|
2016-04-11 13:08:00 +03:00
|
|
|
private $session;
|
2016-06-09 17:44:31 +03:00
|
|
|
/** @var IUserSession | \PHPUnit_Framework_MockObject_MockObject */
|
2016-04-11 13:08:00 +03:00
|
|
|
private $userSession;
|
2016-06-09 17:44:31 +03:00
|
|
|
/** @var IURLGenerator | \PHPUnit_Framework_MockObject_MockObject */
|
2016-04-18 13:14:07 +03:00
|
|
|
private $urlGenerator;
|
2016-06-09 17:44:31 +03:00
|
|
|
/** @var Manager | \PHPUnit_Framework_MockObject_MockObject */
|
2016-05-11 12:23:25 +03:00
|
|
|
private $twoFactorManager;
|
2016-07-20 19:36:15 +03:00
|
|
|
/** @var Throttler */
|
|
|
|
private $throttler;
|
2016-04-11 13:08:00 +03:00
|
|
|
|
|
|
|
public function setUp() {
|
|
|
|
parent::setUp();
|
2016-08-15 18:08:27 +03:00
|
|
|
$this->request = $this->getMockBuilder('\\OCP\\IRequest')->getMock();
|
|
|
|
$this->userManager = $this->getMockBuilder('\\OCP\\IUserManager')->getMock();
|
|
|
|
$this->config = $this->getMockBuilder('\\OCP\\IConfig')->getMock();
|
|
|
|
$this->session = $this->getMockBuilder('\\OCP\\ISession')->getMock();
|
2016-04-27 17:44:51 +03:00
|
|
|
$this->userSession = $this->getMockBuilder('\\OC\\User\\Session')
|
|
|
|
->disableOriginalConstructor()
|
|
|
|
->getMock();
|
2016-08-15 18:08:27 +03:00
|
|
|
$this->urlGenerator = $this->getMockBuilder('\\OCP\\IURLGenerator')->getMock();
|
2016-05-11 12:23:25 +03:00
|
|
|
$this->twoFactorManager = $this->getMockBuilder('\OC\Authentication\TwoFactorAuth\Manager')
|
|
|
|
->disableOriginalConstructor()
|
|
|
|
->getMock();
|
2016-07-20 19:36:15 +03:00
|
|
|
$this->throttler = $this->getMockBuilder('\OC\Security\Bruteforce\Throttler')
|
|
|
|
->disableOriginalConstructor()
|
|
|
|
->getMock();
|
2016-04-11 13:08:00 +03:00
|
|
|
|
|
|
|
$this->loginController = new LoginController(
|
|
|
|
'core',
|
|
|
|
$this->request,
|
|
|
|
$this->userManager,
|
|
|
|
$this->config,
|
|
|
|
$this->session,
|
2016-04-18 13:14:07 +03:00
|
|
|
$this->userSession,
|
2016-05-11 12:23:25 +03:00
|
|
|
$this->urlGenerator,
|
2016-07-20 19:36:15 +03:00
|
|
|
$this->twoFactorManager,
|
|
|
|
$this->throttler
|
2016-04-11 13:08:00 +03:00
|
|
|
);
|
|
|
|
}
|
|
|
|
|
2016-04-18 13:14:07 +03:00
|
|
|
public function testLogoutWithoutToken() {
|
|
|
|
$this->request
|
|
|
|
->expects($this->once())
|
|
|
|
->method('getCookie')
|
|
|
|
->with('oc_token')
|
|
|
|
->willReturn(null);
|
|
|
|
$this->config
|
|
|
|
->expects($this->never())
|
|
|
|
->method('deleteUserValue');
|
|
|
|
$this->urlGenerator
|
|
|
|
->expects($this->once())
|
|
|
|
->method('linkToRouteAbsolute')
|
|
|
|
->with('core.login.showLoginForm')
|
|
|
|
->willReturn('/login');
|
|
|
|
|
|
|
|
$expected = new RedirectResponse('/login');
|
|
|
|
$this->assertEquals($expected, $this->loginController->logout());
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testLogoutWithToken() {
|
|
|
|
$this->request
|
|
|
|
->expects($this->once())
|
|
|
|
->method('getCookie')
|
|
|
|
->with('oc_token')
|
|
|
|
->willReturn('MyLoginToken');
|
2016-08-15 18:08:27 +03:00
|
|
|
$user = $this->getMockBuilder('\\OCP\\IUser')->getMock();
|
2016-04-18 13:14:07 +03:00
|
|
|
$user
|
|
|
|
->expects($this->once())
|
|
|
|
->method('getUID')
|
|
|
|
->willReturn('JohnDoe');
|
|
|
|
$this->userSession
|
|
|
|
->expects($this->once())
|
|
|
|
->method('getUser')
|
|
|
|
->willReturn($user);
|
|
|
|
$this->config
|
|
|
|
->expects($this->once())
|
|
|
|
->method('deleteUserValue')
|
|
|
|
->with('JohnDoe', 'login_token', 'MyLoginToken');
|
|
|
|
$this->urlGenerator
|
|
|
|
->expects($this->once())
|
|
|
|
->method('linkToRouteAbsolute')
|
|
|
|
->with('core.login.showLoginForm')
|
|
|
|
->willReturn('/login');
|
|
|
|
|
|
|
|
$expected = new RedirectResponse('/login');
|
|
|
|
$this->assertEquals($expected, $this->loginController->logout());
|
|
|
|
}
|
|
|
|
|
2016-04-11 13:08:00 +03:00
|
|
|
public function testShowLoginFormForLoggedInUsers() {
|
|
|
|
$this->userSession
|
|
|
|
->expects($this->once())
|
|
|
|
->method('isLoggedIn')
|
|
|
|
->willReturn(true);
|
|
|
|
|
|
|
|
$expectedResponse = new RedirectResponse(\OC_Util::getDefaultPageUrl());
|
|
|
|
$this->assertEquals($expectedResponse, $this->loginController->showLoginForm('', '', ''));
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testShowLoginFormWithErrorsInSession() {
|
|
|
|
$this->userSession
|
|
|
|
->expects($this->once())
|
|
|
|
->method('isLoggedIn')
|
|
|
|
->willReturn(false);
|
|
|
|
$this->session
|
|
|
|
->expects($this->once())
|
|
|
|
->method('get')
|
|
|
|
->with('loginMessages')
|
|
|
|
->willReturn(
|
|
|
|
[
|
|
|
|
[
|
|
|
|
'ErrorArray1',
|
|
|
|
'ErrorArray2',
|
|
|
|
],
|
|
|
|
[
|
|
|
|
'MessageArray1',
|
|
|
|
'MessageArray2',
|
|
|
|
],
|
|
|
|
]
|
|
|
|
);
|
|
|
|
|
|
|
|
$expectedResponse = new TemplateResponse(
|
|
|
|
'core',
|
|
|
|
'login',
|
|
|
|
[
|
|
|
|
'ErrorArray1' => true,
|
|
|
|
'ErrorArray2' => true,
|
|
|
|
'messages' => [
|
|
|
|
'MessageArray1',
|
|
|
|
'MessageArray2',
|
|
|
|
],
|
2016-04-15 20:02:19 +03:00
|
|
|
'loginName' => '',
|
2016-04-11 13:08:00 +03:00
|
|
|
'user_autofocus' => true,
|
|
|
|
'canResetPassword' => true,
|
|
|
|
'alt_login' => [],
|
|
|
|
'rememberLoginAllowed' => \OC_Util::rememberLoginAllowed(),
|
|
|
|
'rememberLoginState' => 0,
|
2016-08-15 18:19:32 +03:00
|
|
|
'resetPasswordLink' => null,
|
2016-04-11 13:08:00 +03:00
|
|
|
],
|
|
|
|
'guest'
|
|
|
|
);
|
|
|
|
$this->assertEquals($expectedResponse, $this->loginController->showLoginForm('', '', ''));
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @return array
|
|
|
|
*/
|
|
|
|
public function passwordResetDataProvider() {
|
|
|
|
return [
|
|
|
|
[
|
|
|
|
true,
|
|
|
|
true,
|
|
|
|
],
|
|
|
|
[
|
|
|
|
false,
|
|
|
|
false,
|
|
|
|
],
|
|
|
|
];
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @dataProvider passwordResetDataProvider
|
|
|
|
*/
|
|
|
|
public function testShowLoginFormWithPasswordResetOption($canChangePassword,
|
|
|
|
$expectedResult) {
|
|
|
|
$this->userSession
|
|
|
|
->expects($this->once())
|
|
|
|
->method('isLoggedIn')
|
|
|
|
->willReturn(false);
|
|
|
|
$this->config
|
|
|
|
->expects($this->once())
|
|
|
|
->method('getSystemValue')
|
|
|
|
->with('lost_password_link')
|
|
|
|
->willReturn(false);
|
2016-08-15 18:08:27 +03:00
|
|
|
$user = $this->getMockBuilder('\\OCP\\IUser')->getMock();
|
2016-04-11 13:08:00 +03:00
|
|
|
$user
|
|
|
|
->expects($this->once())
|
|
|
|
->method('canChangePassword')
|
|
|
|
->willReturn($canChangePassword);
|
|
|
|
$this->userManager
|
|
|
|
->expects($this->once())
|
|
|
|
->method('get')
|
|
|
|
->with('LdapUser')
|
|
|
|
->willReturn($user);
|
|
|
|
|
|
|
|
$expectedResponse = new TemplateResponse(
|
|
|
|
'core',
|
|
|
|
'login',
|
|
|
|
[
|
|
|
|
'messages' => [],
|
2016-04-15 20:02:19 +03:00
|
|
|
'loginName' => 'LdapUser',
|
2016-04-11 13:08:00 +03:00
|
|
|
'user_autofocus' => false,
|
|
|
|
'canResetPassword' => $expectedResult,
|
|
|
|
'alt_login' => [],
|
|
|
|
'rememberLoginAllowed' => \OC_Util::rememberLoginAllowed(),
|
|
|
|
'rememberLoginState' => 0,
|
2016-08-15 18:19:32 +03:00
|
|
|
'resetPasswordLink' => false,
|
2016-04-11 13:08:00 +03:00
|
|
|
],
|
|
|
|
'guest'
|
|
|
|
);
|
|
|
|
$this->assertEquals($expectedResponse, $this->loginController->showLoginForm('LdapUser', '', ''));
|
|
|
|
}
|
2016-04-15 19:57:11 +03:00
|
|
|
|
|
|
|
public function testShowLoginFormForUserNamedNull() {
|
|
|
|
$this->userSession
|
|
|
|
->expects($this->once())
|
|
|
|
->method('isLoggedIn')
|
|
|
|
->willReturn(false);
|
|
|
|
$this->config
|
|
|
|
->expects($this->once())
|
|
|
|
->method('getSystemValue')
|
|
|
|
->with('lost_password_link')
|
|
|
|
->willReturn(false);
|
2016-08-15 18:08:27 +03:00
|
|
|
$user = $this->getMockBuilder('\\OCP\\IUser')->getMock();
|
2016-04-15 19:57:11 +03:00
|
|
|
$user
|
|
|
|
->expects($this->once())
|
|
|
|
->method('canChangePassword')
|
|
|
|
->willReturn(false);
|
|
|
|
$this->userManager
|
|
|
|
->expects($this->once())
|
|
|
|
->method('get')
|
|
|
|
->with('0')
|
|
|
|
->willReturn($user);
|
|
|
|
|
|
|
|
$expectedResponse = new TemplateResponse(
|
|
|
|
'core',
|
|
|
|
'login',
|
|
|
|
[
|
|
|
|
'messages' => [],
|
2016-04-15 20:02:19 +03:00
|
|
|
'loginName' => '0',
|
2016-04-15 19:57:11 +03:00
|
|
|
'user_autofocus' => false,
|
|
|
|
'canResetPassword' => false,
|
|
|
|
'alt_login' => [],
|
|
|
|
'rememberLoginAllowed' => \OC_Util::rememberLoginAllowed(),
|
|
|
|
'rememberLoginState' => 0,
|
2016-08-15 18:19:32 +03:00
|
|
|
'resetPasswordLink' => false,
|
2016-04-15 19:57:11 +03:00
|
|
|
],
|
|
|
|
'guest'
|
|
|
|
);
|
|
|
|
$this->assertEquals($expectedResponse, $this->loginController->showLoginForm('0', '', ''));
|
|
|
|
}
|
2016-04-27 17:44:51 +03:00
|
|
|
|
|
|
|
public function testLoginWithInvalidCredentials() {
|
2016-07-20 19:36:15 +03:00
|
|
|
$user = 'MyUserName';
|
2016-04-27 17:44:51 +03:00
|
|
|
$password = 'secret';
|
|
|
|
$loginPageUrl = 'some url';
|
|
|
|
|
2016-07-20 19:36:15 +03:00
|
|
|
$this->request
|
2016-07-21 00:09:27 +03:00
|
|
|
->expects($this->exactly(4))
|
2016-07-20 19:36:15 +03:00
|
|
|
->method('getRemoteAddress')
|
|
|
|
->willReturn('192.168.0.1');
|
2016-08-09 20:01:50 +03:00
|
|
|
$this->request
|
|
|
|
->expects($this->once())
|
|
|
|
->method('passesCSRFCheck')
|
|
|
|
->willReturn(true);
|
2016-07-20 19:36:15 +03:00
|
|
|
$this->throttler
|
2016-07-21 00:09:27 +03:00
|
|
|
->expects($this->exactly(2))
|
2016-07-20 19:36:15 +03:00
|
|
|
->method('sleepDelay')
|
|
|
|
->with('192.168.0.1');
|
2016-07-21 00:09:27 +03:00
|
|
|
$this->throttler
|
|
|
|
->expects($this->once())
|
|
|
|
->method('getDelay')
|
|
|
|
->with('192.168.0.1')
|
|
|
|
->willReturn(0);
|
2016-07-20 19:36:15 +03:00
|
|
|
$this->throttler
|
|
|
|
->expects($this->once())
|
|
|
|
->method('registerAttempt')
|
|
|
|
->with('login', '192.168.0.1', ['user' => 'MyUserName']);
|
2016-04-27 17:44:51 +03:00
|
|
|
$this->userManager->expects($this->once())
|
|
|
|
->method('checkPassword')
|
|
|
|
->will($this->returnValue(false));
|
|
|
|
$this->urlGenerator->expects($this->once())
|
|
|
|
->method('linkToRoute')
|
2016-04-28 12:59:26 +03:00
|
|
|
->with('core.login.showLoginForm')
|
2016-04-27 17:44:51 +03:00
|
|
|
->will($this->returnValue($loginPageUrl));
|
|
|
|
|
|
|
|
$this->userSession->expects($this->never())
|
|
|
|
->method('createSessionToken');
|
2016-08-23 13:54:45 +03:00
|
|
|
$this->config->expects($this->never())
|
|
|
|
->method('deleteUserValue');
|
2016-04-27 17:44:51 +03:00
|
|
|
|
|
|
|
$expected = new \OCP\AppFramework\Http\RedirectResponse($loginPageUrl);
|
|
|
|
$this->assertEquals($expected, $this->loginController->tryLogin($user, $password, ''));
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testLoginWithValidCredentials() {
|
2016-06-09 17:44:31 +03:00
|
|
|
/** @var IUser | \PHPUnit_Framework_MockObject_MockObject $user */
|
2016-08-15 18:08:27 +03:00
|
|
|
$user = $this->getMockBuilder('\OCP\IUser')->getMock();
|
2016-08-23 13:54:45 +03:00
|
|
|
$user->expects($this->any())
|
|
|
|
->method('getUID')
|
|
|
|
->will($this->returnValue('uid'));
|
2016-04-27 17:44:51 +03:00
|
|
|
$password = 'secret';
|
2016-08-15 18:37:55 +03:00
|
|
|
$indexPageUrl = \OC_Util::getDefaultPageUrl();
|
2016-04-27 17:44:51 +03:00
|
|
|
|
2016-07-20 19:36:15 +03:00
|
|
|
$this->request
|
2016-07-21 00:09:27 +03:00
|
|
|
->expects($this->exactly(2))
|
2016-07-20 19:36:15 +03:00
|
|
|
->method('getRemoteAddress')
|
|
|
|
->willReturn('192.168.0.1');
|
2016-08-09 20:01:50 +03:00
|
|
|
$this->request
|
|
|
|
->expects($this->once())
|
|
|
|
->method('passesCSRFCheck')
|
|
|
|
->willReturn(true);
|
2016-07-20 19:36:15 +03:00
|
|
|
$this->throttler
|
|
|
|
->expects($this->once())
|
|
|
|
->method('sleepDelay')
|
|
|
|
->with('192.168.0.1');
|
2016-07-21 00:09:27 +03:00
|
|
|
$this->throttler
|
|
|
|
->expects($this->once())
|
|
|
|
->method('getDelay')
|
|
|
|
->with('192.168.0.1')
|
|
|
|
->willReturn(200);
|
2016-04-27 17:44:51 +03:00
|
|
|
$this->userManager->expects($this->once())
|
|
|
|
->method('checkPassword')
|
2016-05-09 16:33:56 +03:00
|
|
|
->will($this->returnValue($user));
|
2016-05-24 11:50:18 +03:00
|
|
|
$this->userSession->expects($this->once())
|
|
|
|
->method('login')
|
|
|
|
->with($user, $password);
|
2016-04-27 17:44:51 +03:00
|
|
|
$this->userSession->expects($this->once())
|
|
|
|
->method('createSessionToken')
|
2016-05-24 11:50:18 +03:00
|
|
|
->with($this->request, $user->getUID(), $user, $password);
|
2016-05-11 12:23:25 +03:00
|
|
|
$this->twoFactorManager->expects($this->once())
|
|
|
|
->method('isTwoFactorAuthenticated')
|
|
|
|
->with($user)
|
|
|
|
->will($this->returnValue(false));
|
2016-08-23 13:54:45 +03:00
|
|
|
$this->config->expects($this->once())
|
|
|
|
->method('deleteUserValue')
|
2016-08-23 16:01:38 +03:00
|
|
|
->with('uid', 'core', 'lostpassword');
|
2016-04-27 17:44:51 +03:00
|
|
|
|
|
|
|
$expected = new \OCP\AppFramework\Http\RedirectResponse($indexPageUrl);
|
|
|
|
$this->assertEquals($expected, $this->loginController->tryLogin($user, $password, null));
|
|
|
|
}
|
|
|
|
|
2016-08-09 20:01:50 +03:00
|
|
|
public function testLoginWithoutPassedCsrfCheckAndNotLoggedIn() {
|
|
|
|
/** @var IUser | \PHPUnit_Framework_MockObject_MockObject $user */
|
2016-08-15 18:08:27 +03:00
|
|
|
$user = $this->getMockBuilder('\OCP\IUser')->getMock();
|
2016-08-09 20:01:50 +03:00
|
|
|
$user->expects($this->any())
|
|
|
|
->method('getUID')
|
|
|
|
->will($this->returnValue('jane'));
|
|
|
|
$password = 'secret';
|
|
|
|
$originalUrl = 'another%20url';
|
|
|
|
|
|
|
|
$this->request
|
|
|
|
->expects($this->exactly(2))
|
|
|
|
->method('getRemoteAddress')
|
|
|
|
->willReturn('192.168.0.1');
|
|
|
|
$this->request
|
|
|
|
->expects($this->once())
|
|
|
|
->method('passesCSRFCheck')
|
|
|
|
->willReturn(false);
|
|
|
|
$this->throttler
|
|
|
|
->expects($this->once())
|
|
|
|
->method('sleepDelay')
|
|
|
|
->with('192.168.0.1');
|
|
|
|
$this->throttler
|
|
|
|
->expects($this->once())
|
|
|
|
->method('getDelay')
|
|
|
|
->with('192.168.0.1')
|
|
|
|
->willReturn(200);
|
|
|
|
$this->userSession->expects($this->once())
|
|
|
|
->method('isLoggedIn')
|
|
|
|
->with()
|
|
|
|
->will($this->returnValue(false));
|
2016-08-23 13:54:45 +03:00
|
|
|
$this->config->expects($this->never())
|
|
|
|
->method('deleteUserValue');
|
2016-08-09 20:01:50 +03:00
|
|
|
|
|
|
|
$expected = new \OCP\AppFramework\Http\RedirectResponse(\OC_Util::getDefaultPageUrl());
|
|
|
|
$this->assertEquals($expected, $this->loginController->tryLogin('Jane', $password, $originalUrl));
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testLoginWithoutPassedCsrfCheckAndLoggedIn() {
|
|
|
|
/** @var IUser | \PHPUnit_Framework_MockObject_MockObject $user */
|
2016-08-15 18:08:27 +03:00
|
|
|
$user = $this->getMockBuilder('\OCP\IUser')->getMock();
|
2016-08-09 20:01:50 +03:00
|
|
|
$user->expects($this->any())
|
|
|
|
->method('getUID')
|
|
|
|
->will($this->returnValue('jane'));
|
|
|
|
$password = 'secret';
|
|
|
|
$originalUrl = 'another%20url';
|
|
|
|
$redirectUrl = 'http://localhost/another url';
|
|
|
|
|
|
|
|
$this->request
|
|
|
|
->expects($this->exactly(2))
|
|
|
|
->method('getRemoteAddress')
|
|
|
|
->willReturn('192.168.0.1');
|
|
|
|
$this->request
|
|
|
|
->expects($this->once())
|
|
|
|
->method('passesCSRFCheck')
|
|
|
|
->willReturn(false);
|
|
|
|
$this->throttler
|
|
|
|
->expects($this->once())
|
|
|
|
->method('sleepDelay')
|
|
|
|
->with('192.168.0.1');
|
|
|
|
$this->throttler
|
|
|
|
->expects($this->once())
|
|
|
|
->method('getDelay')
|
|
|
|
->with('192.168.0.1')
|
|
|
|
->willReturn(200);
|
|
|
|
$this->userSession->expects($this->once())
|
|
|
|
->method('isLoggedIn')
|
|
|
|
->with()
|
|
|
|
->will($this->returnValue(true));
|
|
|
|
$this->urlGenerator->expects($this->once())
|
|
|
|
->method('getAbsoluteURL')
|
|
|
|
->with(urldecode($originalUrl))
|
|
|
|
->will($this->returnValue($redirectUrl));
|
2016-08-23 13:54:45 +03:00
|
|
|
$this->config->expects($this->never())
|
|
|
|
->method('deleteUserValue');
|
2016-08-09 20:01:50 +03:00
|
|
|
|
|
|
|
$expected = new \OCP\AppFramework\Http\RedirectResponse($redirectUrl);
|
|
|
|
$this->assertEquals($expected, $this->loginController->tryLogin('Jane', $password, $originalUrl));
|
|
|
|
}
|
|
|
|
|
2016-04-27 17:44:51 +03:00
|
|
|
public function testLoginWithValidCredentialsAndRedirectUrl() {
|
2016-06-09 17:44:31 +03:00
|
|
|
/** @var IUser | \PHPUnit_Framework_MockObject_MockObject $user */
|
2016-08-15 18:08:27 +03:00
|
|
|
$user = $this->getMockBuilder('\OCP\IUser')->getMock();
|
2016-05-09 16:33:56 +03:00
|
|
|
$user->expects($this->any())
|
|
|
|
->method('getUID')
|
|
|
|
->will($this->returnValue('jane'));
|
2016-04-27 17:44:51 +03:00
|
|
|
$password = 'secret';
|
|
|
|
$originalUrl = 'another%20url';
|
|
|
|
$redirectUrl = 'http://localhost/another url';
|
|
|
|
|
2016-07-20 19:36:15 +03:00
|
|
|
$this->request
|
2016-07-21 00:09:27 +03:00
|
|
|
->expects($this->exactly(2))
|
2016-07-20 19:36:15 +03:00
|
|
|
->method('getRemoteAddress')
|
|
|
|
->willReturn('192.168.0.1');
|
2016-08-09 20:01:50 +03:00
|
|
|
$this->request
|
|
|
|
->expects($this->once())
|
|
|
|
->method('passesCSRFCheck')
|
|
|
|
->willReturn(true);
|
2016-07-20 19:36:15 +03:00
|
|
|
$this->throttler
|
|
|
|
->expects($this->once())
|
|
|
|
->method('sleepDelay')
|
|
|
|
->with('192.168.0.1');
|
2016-07-21 00:09:27 +03:00
|
|
|
$this->throttler
|
|
|
|
->expects($this->once())
|
|
|
|
->method('getDelay')
|
|
|
|
->with('192.168.0.1')
|
|
|
|
->willReturn(200);
|
2016-04-27 17:44:51 +03:00
|
|
|
$this->userManager->expects($this->once())
|
|
|
|
->method('checkPassword')
|
2016-05-24 11:50:18 +03:00
|
|
|
->with('Jane', $password)
|
2016-05-09 16:33:56 +03:00
|
|
|
->will($this->returnValue($user));
|
2016-04-27 17:44:51 +03:00
|
|
|
$this->userSession->expects($this->once())
|
|
|
|
->method('createSessionToken')
|
2016-05-24 11:50:18 +03:00
|
|
|
->with($this->request, $user->getUID(), 'Jane', $password);
|
2016-04-27 17:44:51 +03:00
|
|
|
$this->userSession->expects($this->once())
|
|
|
|
->method('isLoggedIn')
|
|
|
|
->with()
|
|
|
|
->will($this->returnValue(true));
|
|
|
|
$this->urlGenerator->expects($this->once())
|
|
|
|
->method('getAbsoluteURL')
|
|
|
|
->with(urldecode($originalUrl))
|
|
|
|
->will($this->returnValue($redirectUrl));
|
2016-08-23 13:54:45 +03:00
|
|
|
$this->config->expects($this->once())
|
|
|
|
->method('deleteUserValue')
|
2016-08-23 16:01:38 +03:00
|
|
|
->with('jane', 'core', 'lostpassword');
|
2016-04-27 17:44:51 +03:00
|
|
|
|
|
|
|
$expected = new \OCP\AppFramework\Http\RedirectResponse(urldecode($redirectUrl));
|
2016-05-24 11:50:18 +03:00
|
|
|
$this->assertEquals($expected, $this->loginController->tryLogin('Jane', $password, $originalUrl));
|
2016-04-27 17:44:51 +03:00
|
|
|
}
|
2016-05-11 12:23:25 +03:00
|
|
|
|
2016-08-29 19:36:39 +03:00
|
|
|
public function testLoginWithOneTwoFactorProvider() {
|
2016-06-09 17:44:31 +03:00
|
|
|
/** @var IUser | \PHPUnit_Framework_MockObject_MockObject $user */
|
2016-08-15 18:08:27 +03:00
|
|
|
$user = $this->getMockBuilder('\OCP\IUser')->getMock();
|
2016-05-24 11:50:18 +03:00
|
|
|
$user->expects($this->any())
|
|
|
|
->method('getUID')
|
|
|
|
->will($this->returnValue('john'));
|
2016-05-11 12:23:25 +03:00
|
|
|
$password = 'secret';
|
|
|
|
$challengeUrl = 'challenge/url';
|
2016-08-29 19:36:39 +03:00
|
|
|
$provider = $this->getMockBuilder('\OCP\Authentication\TwoFactorAuth\IProvider')->getMock();
|
2016-05-11 12:23:25 +03:00
|
|
|
|
2016-07-20 19:36:15 +03:00
|
|
|
$this->request
|
2016-07-21 00:09:27 +03:00
|
|
|
->expects($this->exactly(2))
|
2016-07-20 19:36:15 +03:00
|
|
|
->method('getRemoteAddress')
|
|
|
|
->willReturn('192.168.0.1');
|
2016-08-09 20:01:50 +03:00
|
|
|
$this->request
|
|
|
|
->expects($this->once())
|
|
|
|
->method('passesCSRFCheck')
|
|
|
|
->willReturn(true);
|
2016-07-20 19:36:15 +03:00
|
|
|
$this->throttler
|
|
|
|
->expects($this->once())
|
|
|
|
->method('sleepDelay')
|
|
|
|
->with('192.168.0.1');
|
2016-07-21 00:09:27 +03:00
|
|
|
$this->throttler
|
|
|
|
->expects($this->once())
|
|
|
|
->method('getDelay')
|
|
|
|
->with('192.168.0.1')
|
|
|
|
->willReturn(200);
|
2016-05-11 12:23:25 +03:00
|
|
|
$this->userManager->expects($this->once())
|
|
|
|
->method('checkPassword')
|
|
|
|
->will($this->returnValue($user));
|
2016-05-24 11:50:18 +03:00
|
|
|
$this->userSession->expects($this->once())
|
|
|
|
->method('login')
|
|
|
|
->with('john@doe.com', $password);
|
2016-05-11 12:23:25 +03:00
|
|
|
$this->userSession->expects($this->once())
|
|
|
|
->method('createSessionToken')
|
2016-05-24 11:50:18 +03:00
|
|
|
->with($this->request, $user->getUID(), 'john@doe.com', $password);
|
2016-05-11 12:23:25 +03:00
|
|
|
$this->twoFactorManager->expects($this->once())
|
|
|
|
->method('isTwoFactorAuthenticated')
|
|
|
|
->with($user)
|
|
|
|
->will($this->returnValue(true));
|
|
|
|
$this->twoFactorManager->expects($this->once())
|
|
|
|
->method('prepareTwoFactorLogin')
|
|
|
|
->with($user);
|
2016-08-29 19:36:39 +03:00
|
|
|
$this->twoFactorManager->expects($this->once())
|
|
|
|
->method('getProviders')
|
|
|
|
->with($user)
|
|
|
|
->will($this->returnValue([$provider]));
|
|
|
|
$provider->expects($this->once())
|
|
|
|
->method('getId')
|
|
|
|
->will($this->returnValue('u2f'));
|
|
|
|
$this->urlGenerator->expects($this->once())
|
|
|
|
->method('linkToRoute')
|
|
|
|
->with('core.TwoFactorChallenge.showChallenge', [
|
|
|
|
'challengeProviderId' => 'u2f',
|
|
|
|
])
|
|
|
|
->will($this->returnValue($challengeUrl));
|
|
|
|
$this->config->expects($this->once())
|
|
|
|
->method('deleteUserValue')
|
|
|
|
->with('john', 'core', 'lostpassword');
|
|
|
|
|
|
|
|
$expected = new RedirectResponse($challengeUrl);
|
|
|
|
$this->assertEquals($expected, $this->loginController->tryLogin('john@doe.com', $password, null));
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testLoginWithMultpleTwoFactorProviders() {
|
|
|
|
/** @var IUser | \PHPUnit_Framework_MockObject_MockObject $user */
|
|
|
|
$user = $this->getMockBuilder('\OCP\IUser')->getMock();
|
|
|
|
$user->expects($this->any())
|
|
|
|
->method('getUID')
|
|
|
|
->will($this->returnValue('john'));
|
|
|
|
$password = 'secret';
|
|
|
|
$challengeUrl = 'challenge/url';
|
|
|
|
$provider1 = $this->getMockBuilder('\OCP\Authentication\TwoFactorAuth\IProvider')->getMock();
|
|
|
|
$provider2 = $this->getMockBuilder('\OCP\Authentication\TwoFactorAuth\IProvider')->getMock();
|
|
|
|
|
|
|
|
$this->request
|
|
|
|
->expects($this->exactly(2))
|
|
|
|
->method('getRemoteAddress')
|
|
|
|
->willReturn('192.168.0.1');
|
|
|
|
$this->request
|
|
|
|
->expects($this->once())
|
|
|
|
->method('passesCSRFCheck')
|
|
|
|
->willReturn(true);
|
|
|
|
$this->throttler
|
|
|
|
->expects($this->once())
|
|
|
|
->method('sleepDelay')
|
|
|
|
->with('192.168.0.1');
|
|
|
|
$this->throttler
|
|
|
|
->expects($this->once())
|
|
|
|
->method('getDelay')
|
|
|
|
->with('192.168.0.1')
|
|
|
|
->willReturn(200);
|
|
|
|
$this->userManager->expects($this->once())
|
|
|
|
->method('checkPassword')
|
|
|
|
->will($this->returnValue($user));
|
|
|
|
$this->userSession->expects($this->once())
|
|
|
|
->method('login')
|
|
|
|
->with('john@doe.com', $password);
|
|
|
|
$this->userSession->expects($this->once())
|
|
|
|
->method('createSessionToken')
|
|
|
|
->with($this->request, $user->getUID(), 'john@doe.com', $password);
|
|
|
|
$this->twoFactorManager->expects($this->once())
|
|
|
|
->method('isTwoFactorAuthenticated')
|
|
|
|
->with($user)
|
|
|
|
->will($this->returnValue(true));
|
|
|
|
$this->twoFactorManager->expects($this->once())
|
|
|
|
->method('prepareTwoFactorLogin')
|
|
|
|
->with($user);
|
|
|
|
$this->twoFactorManager->expects($this->once())
|
|
|
|
->method('getProviders')
|
|
|
|
->with($user)
|
|
|
|
->will($this->returnValue([$provider1, $provider2]));
|
|
|
|
$provider1->expects($this->never())
|
|
|
|
->method('getId');
|
|
|
|
$provider2->expects($this->never())
|
|
|
|
->method('getId');
|
2016-05-11 12:23:25 +03:00
|
|
|
$this->urlGenerator->expects($this->once())
|
|
|
|
->method('linkToRoute')
|
|
|
|
->with('core.TwoFactorChallenge.selectChallenge')
|
|
|
|
->will($this->returnValue($challengeUrl));
|
2016-08-23 13:54:45 +03:00
|
|
|
$this->config->expects($this->once())
|
|
|
|
->method('deleteUserValue')
|
2016-08-23 16:01:38 +03:00
|
|
|
->with('john', 'core', 'lostpassword');
|
2016-05-11 12:23:25 +03:00
|
|
|
|
2016-06-09 17:44:31 +03:00
|
|
|
$expected = new RedirectResponse($challengeUrl);
|
2016-05-24 11:50:18 +03:00
|
|
|
$this->assertEquals($expected, $this->loginController->tryLogin('john@doe.com', $password, null));
|
2016-05-11 12:23:25 +03:00
|
|
|
}
|
2016-04-27 17:44:51 +03:00
|
|
|
|
2016-06-09 17:44:31 +03:00
|
|
|
public function testToNotLeakLoginName() {
|
|
|
|
/** @var IUser | \PHPUnit_Framework_MockObject_MockObject $user */
|
2016-08-15 18:08:27 +03:00
|
|
|
$user = $this->getMockBuilder('\OCP\IUser')->getMock();
|
2016-06-09 17:44:31 +03:00
|
|
|
$user->expects($this->any())
|
|
|
|
->method('getUID')
|
|
|
|
->will($this->returnValue('john'));
|
|
|
|
|
|
|
|
$this->userManager->expects($this->exactly(2))
|
|
|
|
->method('checkPassword')
|
|
|
|
->withConsecutive(
|
|
|
|
['john@doe.com', 'just wrong'],
|
|
|
|
['john', 'just wrong']
|
|
|
|
)
|
|
|
|
->willReturn(false);
|
|
|
|
|
|
|
|
$this->userManager->expects($this->once())
|
|
|
|
->method('getByEmail')
|
|
|
|
->with('john@doe.com')
|
|
|
|
->willReturn([$user]);
|
|
|
|
|
|
|
|
$this->urlGenerator->expects($this->once())
|
|
|
|
->method('linkToRoute')
|
|
|
|
->with('core.login.showLoginForm', ['user' => 'john@doe.com'])
|
|
|
|
->will($this->returnValue(''));
|
2016-07-20 19:36:15 +03:00
|
|
|
$this->request
|
2016-07-21 00:09:27 +03:00
|
|
|
->expects($this->exactly(3))
|
2016-07-20 19:36:15 +03:00
|
|
|
->method('getRemoteAddress')
|
|
|
|
->willReturn('192.168.0.1');
|
2016-08-09 20:01:50 +03:00
|
|
|
$this->request
|
|
|
|
->expects($this->once())
|
|
|
|
->method('passesCSRFCheck')
|
|
|
|
->willReturn(true);
|
2016-07-21 00:09:27 +03:00
|
|
|
$this->throttler
|
|
|
|
->expects($this->once())
|
|
|
|
->method('getDelay')
|
|
|
|
->with('192.168.0.1')
|
|
|
|
->willReturn(200);
|
2016-07-20 19:36:15 +03:00
|
|
|
$this->throttler
|
|
|
|
->expects($this->once())
|
|
|
|
->method('sleepDelay')
|
|
|
|
->with('192.168.0.1');
|
|
|
|
$this->throttler
|
|
|
|
->expects($this->once())
|
|
|
|
->method('registerAttempt')
|
|
|
|
->with('login', '192.168.0.1', ['user' => 'john@doe.com']);
|
2016-08-23 13:54:45 +03:00
|
|
|
$this->config->expects($this->never())
|
|
|
|
->method('deleteUserValue');
|
2016-06-09 17:44:31 +03:00
|
|
|
|
|
|
|
$expected = new RedirectResponse('');
|
|
|
|
$this->assertEquals($expected, $this->loginController->tryLogin('john@doe.com', 'just wrong', null));
|
|
|
|
}
|
2016-04-11 13:08:00 +03:00
|
|
|
}
|