2016-04-29 17:31:27 +03:00
|
|
|
<?php
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @author Christoph Wurst <christoph@owncloud.com>
|
|
|
|
*
|
|
|
|
* @copyright Copyright (c) 2016, ownCloud, Inc.
|
|
|
|
* @license AGPL-3.0
|
|
|
|
*
|
|
|
|
* This code is free software: you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU Affero General Public License, version 3,
|
|
|
|
* as published by the Free Software Foundation.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU Affero General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU Affero General Public License, version 3,
|
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
2016-05-19 11:43:49 +03:00
|
|
|
namespace Tests\Core\Controller;
|
2016-04-29 17:31:27 +03:00
|
|
|
|
|
|
|
use OC\AppFramework\Http;
|
2016-06-06 16:09:42 +03:00
|
|
|
use OC\Authentication\Token\IToken;
|
2016-05-19 11:43:49 +03:00
|
|
|
use OC\Core\Controller\TokenController;
|
2016-06-06 16:09:42 +03:00
|
|
|
use OCP\AppFramework\Http\JSONResponse;
|
2016-04-29 17:31:27 +03:00
|
|
|
use Test\TestCase;
|
|
|
|
|
|
|
|
class TokenControllerTest extends TestCase {
|
|
|
|
|
|
|
|
/** \OC\Core\Controller\TokenController */
|
|
|
|
private $tokenController;
|
|
|
|
private $request;
|
|
|
|
private $userManager;
|
|
|
|
private $tokenProvider;
|
2016-06-06 16:09:42 +03:00
|
|
|
private $twoFactorAuthManager;
|
2016-04-29 17:31:27 +03:00
|
|
|
private $secureRandom;
|
|
|
|
|
|
|
|
protected function setUp() {
|
|
|
|
parent::setUp();
|
|
|
|
|
2016-08-29 22:17:16 +03:00
|
|
|
$this->request = $this->getMockBuilder('\OCP\IRequest')->getMock();
|
2016-05-02 11:58:44 +03:00
|
|
|
$this->userManager = $this->getMockBuilder('\OC\User\Manager')
|
|
|
|
->disableOriginalConstructor()
|
|
|
|
->getMock();
|
2016-08-29 22:17:16 +03:00
|
|
|
$this->tokenProvider = $this->getMockBuilder('\OC\Authentication\Token\IProvider')
|
|
|
|
->getMock();
|
2016-06-06 16:09:42 +03:00
|
|
|
$this->twoFactorAuthManager = $this->getMockBuilder('\OC\Authentication\TwoFactorAuth\Manager')
|
2016-05-02 11:58:44 +03:00
|
|
|
->disableOriginalConstructor()
|
|
|
|
->getMock();
|
2016-08-29 22:17:16 +03:00
|
|
|
$this->secureRandom = $this->getMockBuilder('\OCP\Security\ISecureRandom')
|
|
|
|
->getMock();
|
2016-04-29 17:31:27 +03:00
|
|
|
|
2016-06-06 16:09:42 +03:00
|
|
|
$this->tokenController = new TokenController('core', $this->request, $this->userManager, $this->tokenProvider, $this->twoFactorAuthManager, $this->secureRandom);
|
2016-04-29 17:31:27 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
public function testWithoutCredentials() {
|
2016-06-06 16:09:42 +03:00
|
|
|
$expected = new JSONResponse();
|
2016-04-29 17:31:27 +03:00
|
|
|
$expected->setStatus(Http::STATUS_UNPROCESSABLE_ENTITY);
|
|
|
|
|
|
|
|
$actual = $this->tokenController->generateToken(null, null);
|
|
|
|
|
|
|
|
$this->assertEquals($expected, $actual);
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testWithInvalidCredentials() {
|
|
|
|
$this->userManager->expects($this->once())
|
|
|
|
->method('checkPassword')
|
|
|
|
->with('john', 'passme')
|
|
|
|
->will($this->returnValue(false));
|
2016-06-06 16:09:42 +03:00
|
|
|
$expected = new JSONResponse();
|
2016-04-29 17:31:27 +03:00
|
|
|
$expected->setStatus(Http::STATUS_UNAUTHORIZED);
|
|
|
|
|
|
|
|
$actual = $this->tokenController->generateToken('john', 'passme');
|
|
|
|
|
|
|
|
$this->assertEquals($expected, $actual);
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testWithValidCredentials() {
|
2016-08-29 22:17:16 +03:00
|
|
|
$user = $this->getMockBuilder('\OCP\IUser')->getMock();
|
2016-04-29 17:31:27 +03:00
|
|
|
$this->userManager->expects($this->once())
|
|
|
|
->method('checkPassword')
|
|
|
|
->with('john', '123456')
|
2016-05-24 11:50:18 +03:00
|
|
|
->will($this->returnValue($user));
|
|
|
|
$user->expects($this->once())
|
|
|
|
->method('getUID')
|
|
|
|
->will($this->returnValue('john'));
|
2016-06-06 16:09:42 +03:00
|
|
|
$this->twoFactorAuthManager->expects($this->once())
|
|
|
|
->method('isTwoFactorAuthenticated')
|
|
|
|
->with($user)
|
|
|
|
->will($this->returnValue(false));
|
2016-04-29 17:31:27 +03:00
|
|
|
$this->secureRandom->expects($this->once())
|
|
|
|
->method('generate')
|
|
|
|
->with(128)
|
|
|
|
->will($this->returnValue('verysecurerandomtoken'));
|
2016-05-24 11:50:18 +03:00
|
|
|
$this->tokenProvider->expects($this->once())
|
|
|
|
->method('generateToken')
|
2016-06-06 16:09:42 +03:00
|
|
|
->with('verysecurerandomtoken', 'john', 'john', '123456', 'unknown client', IToken::PERMANENT_TOKEN);
|
2016-08-29 22:17:16 +03:00
|
|
|
$expected = new JSONResponse([
|
2016-04-29 17:31:27 +03:00
|
|
|
'token' => 'verysecurerandomtoken'
|
2016-08-29 22:17:16 +03:00
|
|
|
]);
|
2016-04-29 17:31:27 +03:00
|
|
|
|
|
|
|
$actual = $this->tokenController->generateToken('john', '123456');
|
|
|
|
|
|
|
|
$this->assertEquals($expected, $actual);
|
|
|
|
}
|
|
|
|
|
2016-06-06 16:09:42 +03:00
|
|
|
public function testWithValidCredentialsBut2faEnabled() {
|
2016-08-29 22:17:16 +03:00
|
|
|
$user = $this->getMockBuilder('\OCP\IUser')->getMock();
|
2016-06-06 16:09:42 +03:00
|
|
|
$this->userManager->expects($this->once())
|
|
|
|
->method('checkPassword')
|
|
|
|
->with('john', '123456')
|
|
|
|
->will($this->returnValue($user));
|
|
|
|
$this->twoFactorAuthManager->expects($this->once())
|
|
|
|
->method('isTwoFactorAuthenticated')
|
|
|
|
->with($user)
|
|
|
|
->will($this->returnValue(true));
|
|
|
|
$this->secureRandom->expects($this->never())
|
|
|
|
->method('generate');
|
|
|
|
$expected = new JSONResponse();
|
|
|
|
$expected->setStatus(Http::STATUS_UNAUTHORIZED);
|
|
|
|
|
|
|
|
$actual = $this->tokenController->generateToken('john', '123456');
|
|
|
|
|
|
|
|
$this->assertEquals($expected, $actual);
|
|
|
|
}
|
|
|
|
|
2016-04-29 17:31:27 +03:00
|
|
|
}
|