2016-08-29 20:19:44 +03:00
|
|
|
<?php
|
|
|
|
/**
|
2019-12-03 21:57:53 +03:00
|
|
|
*
|
|
|
|
*
|
2016-08-29 20:19:44 +03:00
|
|
|
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
|
2019-12-03 21:57:53 +03:00
|
|
|
* @author Roeland Jago Douma <roeland@famdouma.nl>
|
2016-08-29 20:19:44 +03:00
|
|
|
*
|
|
|
|
* @license GNU AGPL version 3 or any later version
|
|
|
|
*
|
|
|
|
* This program is free software: you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU Affero General Public License as
|
|
|
|
* published by the Free Software Foundation, either version 3 of the
|
|
|
|
* License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU Affero General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU Affero General Public License
|
2019-12-03 21:57:53 +03:00
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
2016-08-29 20:19:44 +03:00
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
2016-10-03 22:47:33 +03:00
|
|
|
namespace OCA\TwoFactorBackupCodes\Tests\Unit\Service;
|
2016-08-29 20:19:44 +03:00
|
|
|
|
2016-10-03 22:47:33 +03:00
|
|
|
use OCA\TwoFactorBackupCodes\Db\BackupCode;
|
|
|
|
use OCA\TwoFactorBackupCodes\Db\BackupCodeMapper;
|
2018-07-31 11:54:00 +03:00
|
|
|
use OCA\TwoFactorBackupCodes\Event\CodesGenerated;
|
2016-10-03 22:47:33 +03:00
|
|
|
use OCA\TwoFactorBackupCodes\Service\BackupCodeStorage;
|
2019-05-28 20:46:36 +03:00
|
|
|
use OCP\EventDispatcher\IEventDispatcher;
|
2016-08-29 20:19:44 +03:00
|
|
|
use OCP\IUser;
|
|
|
|
use OCP\Security\IHasher;
|
|
|
|
use OCP\Security\ISecureRandom;
|
|
|
|
use Test\TestCase;
|
|
|
|
|
|
|
|
class BackupCodeStorageTest extends TestCase {
|
|
|
|
|
2020-08-11 22:32:18 +03:00
|
|
|
/** @var BackupCodeMapper|\PHPUnit\Framework\MockObject\MockObject */
|
2016-08-29 20:19:44 +03:00
|
|
|
private $mapper;
|
|
|
|
|
2020-08-11 22:32:18 +03:00
|
|
|
/** @var ISecureRandom|\PHPUnit\Framework\MockObject\MockObject */
|
2016-08-29 20:19:44 +03:00
|
|
|
private $random;
|
|
|
|
|
2020-08-11 22:32:18 +03:00
|
|
|
/** @var IHasher|\PHPUnit\Framework\MockObject\MockObject */
|
2016-08-29 20:19:44 +03:00
|
|
|
private $hasher;
|
|
|
|
|
2020-08-11 22:32:18 +03:00
|
|
|
/** @var IEventDispatcher|\PHPUnit\Framework\MockObject\MockObject */
|
2018-07-31 11:54:00 +03:00
|
|
|
private $eventDispatcher;
|
2016-12-13 17:15:14 +03:00
|
|
|
|
2016-08-29 20:19:44 +03:00
|
|
|
/** @var BackupCodeStorage */
|
|
|
|
private $storage;
|
|
|
|
|
2019-11-21 18:40:38 +03:00
|
|
|
protected function setUp(): void {
|
2016-08-29 20:19:44 +03:00
|
|
|
parent::setUp();
|
|
|
|
|
2017-01-16 15:14:15 +03:00
|
|
|
$this->mapper = $this->createMock(BackupCodeMapper::class);
|
|
|
|
$this->random = $this->createMock(ISecureRandom::class);
|
|
|
|
$this->hasher = $this->createMock(IHasher::class);
|
2019-05-28 20:46:36 +03:00
|
|
|
$this->eventDispatcher = $this->createMock(IEventDispatcher::class);
|
2016-12-13 17:15:14 +03:00
|
|
|
|
2018-07-31 11:54:00 +03:00
|
|
|
$this->storage = new BackupCodeStorage($this->mapper, $this->random, $this->hasher, $this->eventDispatcher);
|
2016-08-29 20:19:44 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
public function testCreateCodes() {
|
2017-01-16 15:14:15 +03:00
|
|
|
$user = $this->createMock(IUser::class);
|
2016-08-29 20:19:44 +03:00
|
|
|
$number = 5;
|
2018-07-31 11:54:00 +03:00
|
|
|
$user->method('getUID')->willReturn('fritz');
|
2016-08-29 20:19:44 +03:00
|
|
|
$this->random->expects($this->exactly($number))
|
|
|
|
->method('generate')
|
2019-10-21 22:51:17 +03:00
|
|
|
->with(16, ISecureRandom::CHAR_HUMAN_READABLE)
|
2020-03-26 00:21:27 +03:00
|
|
|
->willReturn('CODEABCDEF');
|
2016-08-29 20:19:44 +03:00
|
|
|
$this->hasher->expects($this->exactly($number))
|
|
|
|
->method('hash')
|
|
|
|
->with('CODEABCDEF')
|
2020-03-26 00:21:27 +03:00
|
|
|
->willReturn('HASHEDCODE');
|
2016-08-29 20:19:44 +03:00
|
|
|
$row = new BackupCode();
|
|
|
|
$row->setUserId('fritz');
|
|
|
|
$row->setCode('HASHEDCODE');
|
|
|
|
$row->setUsed(0);
|
|
|
|
$this->mapper->expects($this->exactly($number))
|
|
|
|
->method('insert')
|
|
|
|
->with($this->equalTo($row));
|
2018-07-31 11:54:00 +03:00
|
|
|
$this->eventDispatcher->expects($this->once())
|
|
|
|
->method('dispatch')
|
|
|
|
->with(
|
|
|
|
$this->equalTo(CodesGenerated::class),
|
|
|
|
$this->equalTo(new CodesGenerated($user))
|
|
|
|
);
|
2016-08-29 20:19:44 +03:00
|
|
|
|
|
|
|
$codes = $this->storage->createCodes($user, $number);
|
|
|
|
$this->assertCount($number, $codes);
|
|
|
|
foreach ($codes as $code) {
|
|
|
|
$this->assertEquals('CODEABCDEF', $code);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testHasBackupCodes() {
|
2017-01-16 15:14:15 +03:00
|
|
|
$user = $this->createMock(IUser::class);
|
2016-08-29 20:19:44 +03:00
|
|
|
$codes = [
|
|
|
|
new BackupCode(),
|
|
|
|
new BackupCode(),
|
|
|
|
];
|
|
|
|
|
|
|
|
$this->mapper->expects($this->once())
|
|
|
|
->method('getBackupCodes')
|
|
|
|
->with($user)
|
2020-03-26 00:21:27 +03:00
|
|
|
->willReturn($codes);
|
2016-08-29 20:19:44 +03:00
|
|
|
|
|
|
|
$this->assertTrue($this->storage->hasBackupCodes($user));
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testHasBackupCodesNoCodes() {
|
2017-01-16 15:14:15 +03:00
|
|
|
$user = $this->createMock(IUser::class);
|
2016-08-29 20:19:44 +03:00
|
|
|
$codes = [];
|
|
|
|
|
|
|
|
$this->mapper->expects($this->once())
|
|
|
|
->method('getBackupCodes')
|
|
|
|
->with($user)
|
2020-03-26 00:21:27 +03:00
|
|
|
->willReturn($codes);
|
2016-08-29 20:19:44 +03:00
|
|
|
|
|
|
|
$this->assertFalse($this->storage->hasBackupCodes($user));
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testGetBackupCodeState() {
|
2017-01-16 15:14:15 +03:00
|
|
|
$user = $this->createMock(IUser::class);
|
2016-08-29 20:19:44 +03:00
|
|
|
|
|
|
|
$code1 = new BackupCode();
|
|
|
|
$code1->setUsed(1);
|
|
|
|
$code2 = new BackupCode();
|
|
|
|
$code2->setUsed('0');
|
|
|
|
$codes = [
|
|
|
|
$code1,
|
|
|
|
$code2,
|
|
|
|
];
|
|
|
|
|
|
|
|
$this->mapper->expects($this->once())
|
|
|
|
->method('getBackupCodes')
|
|
|
|
->with($user)
|
2020-03-26 00:21:27 +03:00
|
|
|
->willReturn($codes);
|
2016-08-29 20:19:44 +03:00
|
|
|
|
|
|
|
$expected = [
|
|
|
|
'enabled' => true,
|
|
|
|
'total' => 2,
|
|
|
|
'used' => 1,
|
|
|
|
];
|
|
|
|
$this->assertEquals($expected, $this->storage->getBackupCodesState($user));
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testGetBackupCodeDisabled() {
|
2017-01-16 15:14:15 +03:00
|
|
|
$user = $this->createMock(IUser::class);
|
2016-08-29 20:19:44 +03:00
|
|
|
|
|
|
|
$codes = [];
|
|
|
|
|
|
|
|
$this->mapper->expects($this->once())
|
|
|
|
->method('getBackupCodes')
|
|
|
|
->with($user)
|
2020-03-26 00:21:27 +03:00
|
|
|
->willReturn($codes);
|
2016-08-29 20:19:44 +03:00
|
|
|
|
|
|
|
$expected = [
|
|
|
|
'enabled' => false,
|
|
|
|
'total' => 0,
|
|
|
|
'used' => 0,
|
|
|
|
];
|
|
|
|
$this->assertEquals($expected, $this->storage->getBackupCodesState($user));
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testValidateCode() {
|
2017-01-16 15:14:15 +03:00
|
|
|
$user = $this->createMock(IUser::class);
|
2016-08-29 20:19:44 +03:00
|
|
|
$code = new BackupCode();
|
|
|
|
$code->setUsed(0);
|
|
|
|
$code->setCode('HASHEDVALUE');
|
|
|
|
$codes = [
|
|
|
|
$code,
|
|
|
|
];
|
|
|
|
|
|
|
|
$this->mapper->expects($this->once())
|
|
|
|
->method('getBackupCodes')
|
|
|
|
->with($user)
|
2020-03-26 00:21:27 +03:00
|
|
|
->willReturn($codes);
|
2016-08-29 20:19:44 +03:00
|
|
|
$this->hasher->expects($this->once())
|
|
|
|
->method('verify')
|
2016-09-07 21:34:47 +03:00
|
|
|
->with('CHALLENGE', 'HASHEDVALUE', $this->anything())
|
2020-03-26 00:21:27 +03:00
|
|
|
->willReturn(true);
|
2016-08-29 20:19:44 +03:00
|
|
|
$this->mapper->expects($this->once())
|
|
|
|
->method('update')
|
|
|
|
->with($code);
|
|
|
|
|
|
|
|
$this->assertTrue($this->storage->validateCode($user, 'CHALLENGE'));
|
|
|
|
|
|
|
|
$this->assertEquals(1, $code->getUsed());
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testValidateUsedCode() {
|
2017-01-16 15:14:15 +03:00
|
|
|
$user = $this->createMock(IUser::class);
|
2016-08-29 20:19:44 +03:00
|
|
|
$code = new BackupCode();
|
|
|
|
$code->setUsed('1');
|
|
|
|
$code->setCode('HASHEDVALUE');
|
|
|
|
$codes = [
|
|
|
|
$code,
|
|
|
|
];
|
|
|
|
|
|
|
|
$this->mapper->expects($this->once())
|
|
|
|
->method('getBackupCodes')
|
|
|
|
->with($user)
|
2020-03-26 00:21:27 +03:00
|
|
|
->willReturn($codes);
|
2016-08-29 20:19:44 +03:00
|
|
|
$this->hasher->expects($this->never())
|
2016-09-07 21:34:47 +03:00
|
|
|
->method('verify');
|
2016-08-29 20:19:44 +03:00
|
|
|
$this->mapper->expects($this->never())
|
|
|
|
->method('update');
|
|
|
|
|
|
|
|
$this->assertFalse($this->storage->validateCode($user, 'CHALLENGE'));
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testValidateCodeWithWrongHash() {
|
2017-01-16 15:14:15 +03:00
|
|
|
$user = $this->createMock(IUser::class);
|
2016-08-29 20:19:44 +03:00
|
|
|
$code = new BackupCode();
|
|
|
|
$code->setUsed(0);
|
|
|
|
$code->setCode('HASHEDVALUE');
|
|
|
|
$codes = [
|
|
|
|
$code,
|
|
|
|
];
|
|
|
|
|
|
|
|
$this->mapper->expects($this->once())
|
|
|
|
->method('getBackupCodes')
|
|
|
|
->with($user)
|
2020-03-26 00:21:27 +03:00
|
|
|
->willReturn($codes);
|
2016-08-29 20:19:44 +03:00
|
|
|
$this->hasher->expects($this->once())
|
|
|
|
->method('verify')
|
|
|
|
->with('CHALLENGE', 'HASHEDVALUE')
|
2020-03-26 00:21:27 +03:00
|
|
|
->willReturn(false);
|
2016-08-29 20:19:44 +03:00
|
|
|
$this->mapper->expects($this->never())
|
|
|
|
->method('update');
|
|
|
|
|
|
|
|
$this->assertFalse($this->storage->validateCode($user, 'CHALLENGE'));
|
|
|
|
}
|
|
|
|
}
|