nextcloud/build/integration/features/bootstrap/Auth.php

273 lines
7.4 KiB
PHP
Raw Normal View History

2016-05-03 17:21:49 +03:00
<?php
2016-07-21 19:13:36 +03:00
/**
*
2016-07-21 19:13:36 +03:00
*
* @author Christoph Wurst <christoph@owncloud.com>
* @author Joas Schilling <coding@schilljs.com>
* @author Lukas Reschke <lukas@statuscode.ch>
* @author Phil Davis <phil.davis@inf.org>
2016-07-21 19:13:36 +03:00
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
2016-05-03 17:21:49 +03:00
use GuzzleHttp\Client;
use GuzzleHttp\Exception\ClientException;
use GuzzleHttp\Exception\ServerException;
use GuzzleHttp\Cookie\CookieJar;
2016-05-03 17:21:49 +03:00
require __DIR__ . '/../../vendor/autoload.php';
trait Auth {
/** @var string */
private $unrestrictedClientToken;
/** @var string */
private $restrictedClientToken;
/** @var Client */
private $client;
/** @var string */
private $responseXml;
2016-05-03 17:21:49 +03:00
/** @BeforeScenario */
public function setUpScenario() {
2016-05-03 17:21:49 +03:00
$this->client = new Client();
$this->responseXml = '';
$this->cookieJar = new CookieJar();
2016-05-03 17:21:49 +03:00
}
/**
* @When requesting :url with :method
*/
public function requestingWith($url, $method) {
$this->sendRequest($url, $method);
}
private function sendRequest($url, $method, $authHeader = null, $useCookies = false) {
$fullUrl = substr($this->baseUrl, 0, -5) . $url;
try {
if ($useCookies) {
$options = [
'cookies' => $this->cookieJar,
];
2016-05-03 17:21:49 +03:00
} else {
$options = [];
2016-05-03 17:21:49 +03:00
}
if ($authHeader) {
$options['headers'] = [
'Authorization' => $authHeader
];
2016-05-03 17:21:49 +03:00
}
$options['headers']['OCS_APIREQUEST'] = 'true';
$options['headers']['requesttoken'] = $this->requestToken;
$this->response = $this->client->request($method, $fullUrl, $options);
2016-05-03 17:21:49 +03:00
} catch (ClientException $ex) {
$this->response = $ex->getResponse();
} catch (ServerException $ex) {
$this->response = $ex->getResponse();
2016-05-03 17:21:49 +03:00
}
}
/**
* @When the CSRF token is extracted from the previous response
*/
public function theCsrfTokenIsExtractedFromThePreviousResponse() {
$this->requestToken = substr(preg_replace('/(.*)data-requesttoken="(.*)">(.*)/sm', '\2', $this->response->getBody()->getContents()), 0, 89);
}
/**
* @param bool $loginViaWeb
* @return object
2016-05-03 17:21:49 +03:00
*/
private function createClientToken($loginViaWeb = true) {
if ($loginViaWeb) {
$this->loggingInUsingWebAs('user0');
}
$fullUrl = substr($this->baseUrl, 0, -5) . '/index.php/settings/personal/authtokens';
2016-05-03 17:21:49 +03:00
$client = new Client();
$options = [
'auth' => [
'user0',
$loginViaWeb ? '123456' : $this->restrictedClientToken,
],
'form_params' => [
'requesttoken' => $this->requestToken,
'name' => md5(microtime()),
],
'cookies' => $this->cookieJar,
];
try {
$this->response = $client->request('POST', $fullUrl, $options);
} catch (\GuzzleHttp\Exception\ServerException $e) {
$this->response = $e->getResponse();
}
return json_decode($this->response->getBody()->getContents());
}
/**
* @Given a new restricted client token is added
*/
public function aNewRestrictedClientTokenIsAdded() {
$tokenObj = $this->createClientToken();
$newCreatedTokenId = $tokenObj->deviceToken->id;
$fullUrl = substr($this->baseUrl, 0, -5) . '/index.php/settings/personal/authtokens/' . $newCreatedTokenId;
$client = new Client();
$options = [
'auth' => ['user0', '123456'],
'headers' => [
'requesttoken' => $this->requestToken,
],
'json' => [
'name' => md5(microtime()),
'scope' => [
'filesystem' => false,
],
],
'cookies' => $this->cookieJar,
];
$this->response = $client->request('PUT', $fullUrl, $options);
$this->restrictedClientToken = $tokenObj->token;
}
/**
* @Given a new unrestricted client token is added
*/
public function aNewUnrestrictedClientTokenIsAdded() {
$this->unrestrictedClientToken = $this->createClientToken()->token;
}
/**
* @When a new unrestricted client token is added using restricted basic token auth
*/
public function aNewUnrestrictedClientTokenIsAddedUsingRestrictedBasicTokenAuth() {
$this->createClientToken(false);
2016-05-03 17:21:49 +03:00
}
/**
* @When requesting :url with :method using basic auth
*
* @param string $url
* @param string $method
2016-05-03 17:21:49 +03:00
*/
public function requestingWithBasicAuth($url, $method) {
2016-05-06 17:31:40 +03:00
$this->sendRequest($url, $method, 'basic ' . base64_encode('user0:123456'));
2016-05-03 17:21:49 +03:00
}
/**
* @When requesting :url with :method using unrestricted basic token auth
*
* @param string $url
* @param string $method
*/
public function requestingWithUnrestrictedBasicTokenAuth($url, $method) {
$this->sendRequest($url, $method, 'basic ' . base64_encode('user0:' . $this->unrestrictedClientToken), true);
}
/**
* @When requesting :url with :method using restricted basic token auth
*
* @param string $url
* @param string $method
*/
public function requestingWithRestrictedBasicTokenAuth($url, $method) {
$this->sendRequest($url, $method, 'basic ' . base64_encode('user0:' . $this->restrictedClientToken), true);
}
/**
* @When requesting :url with :method using an unrestricted client token
*
* @param string $url
* @param string $method
2016-05-03 17:21:49 +03:00
*/
public function requestingWithUsingAnUnrestrictedClientToken($url, $method) {
$this->sendRequest($url, $method, 'Bearer ' . $this->unrestrictedClientToken);
2016-05-03 17:21:49 +03:00
}
/**
* @When requesting :url with :method using a restricted client token
*
* @param string $url
* @param string $method
2016-05-03 17:21:49 +03:00
*/
public function requestingWithUsingARestrictedClientToken($url, $method) {
$this->sendRequest($url, $method, 'Bearer ' . $this->restrictedClientToken);
2016-05-03 17:21:49 +03:00
}
/**
* @When requesting :url with :method using browser session
*
* @param string $url
* @param string $method
2016-05-03 17:21:49 +03:00
*/
public function requestingWithBrowserSession($url, $method) {
$this->sendRequest($url, $method, null, true);
}
/**
* @Given a new browser session is started
*
* @param bool $remember
2016-05-03 17:21:49 +03:00
*/
public function aNewBrowserSessionIsStarted($remember = false) {
2016-05-03 17:21:49 +03:00
$loginUrl = substr($this->baseUrl, 0, -5) . '/login';
// Request a new session and extract CSRF token
$client = new Client();
$response = $client->get($loginUrl, [
'cookies' => $this->cookieJar,
]);
2016-05-03 17:21:49 +03:00
$this->extracRequestTokenFromResponse($response);
// Login and extract new token
$client = new Client();
$response = $client->post(
$loginUrl, [
'form_params' => [
'user' => 'user0',
'password' => '123456',
'remember_login' => $remember ? '1' : '0',
'requesttoken' => $this->requestToken,
],
'cookies' => $this->cookieJar,
2016-05-03 17:21:49 +03:00
]
);
$this->extracRequestTokenFromResponse($response);
}
/**
* @Given a new remembered browser session is started
*/
public function aNewRememberedBrowserSessionIsStarted() {
$this->aNewBrowserSessionIsStarted(true);
}
/**
* @Given the cookie jar is reset
*/
public function theCookieJarIsReset() {
$this->cookieJar = new CookieJar();
}
/**
* @When the session cookie expires
*/
public function whenTheSessionCookieExpires() {
$this->cookieJar->clearSessionCookies();
}
2016-05-03 17:21:49 +03:00
}