mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #9481 from nextcloud/techdep/noid/make_token_code_strict 

Make the Token Auth code strict
This commit is contained in:
Roeland Jago Douma 2018-05-15 14:03:20 +02:00 committed by GitHub
parent 497a4facdf 4ea2daf04d
commit 7de6c06c66
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 121 additions and 104 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

91
lib/private/Authentication/Token/DefaultToken.php
View File

@ -1,4 +1,5 @@
<?php <?php
declare(strict_types=1);
/** /**
* @copyright Copyright (c) 2016, ownCloud, Inc. * @copyright Copyright (c) 2016, ownCloud, Inc.
* *
@ -28,82 +29,67 @@ use OCP\AppFramework\Db\Entity;
/** /**
* @method void setId(int $id) * @method void setId(int $id)
* @method void setUid(string $uid); * @method void setUid(string $uid);
* @method void setLoginName(string $loginName) * @method void setLoginName(string $loginname)
* @method void setPassword(string $password) * @method void setPassword(string $password)
* @method void setName(string $name) * @method void setName(string $name)
* @method string getName()
* @method void setToken(string $token) * @method void setToken(string $token)
* @method string getToken() * @method string getToken()
* @method void setType(string $type) * @method void setType(int $type)
* @method int getType() * @method int getType()
* @method void setRemember(int $remember) * @method void setRemember(int $remember)
* @method int getRemember() * @method void setLastActivity(int $lastactivity)
* @method void setLastActivity(int $lastActivity)
* @method int getLastActivity() * @method int getLastActivity()
*/ */
class DefaultToken extends Entity implements IToken { class DefaultToken extends Entity implements IToken {
/** /** @var string user UID */
* @var string user UID
*/
protected $uid; protected $uid;
/** /** @var string login name used for generating the token */
* @var string login name used for generating the token
*/
protected $loginName; protected $loginName;
/** /** @var string encrypted user password */
* @var string encrypted user password
*/
protected $password; protected $password;
/** /** @var string token name (e.g. browser/OS) */
* @var string token name (e.g. browser/OS)
*/
protected $name; protected $name;
/** /** @var string */
* @var string
*/
protected $token; protected $token;
/** /** @var int */
* @var int
*/
protected $type; protected $type;
/** /** @var int */
* @var int
*/
protected $remember; protected $remember;
/** /** @var int */
* @var int
*/
protected $lastActivity; protected $lastActivity;
/** /** @var int */
* @var int
*/
protected $lastCheck; protected $lastCheck;
/** /** @var string */
* @var string
*/
protected $scope; protected $scope;
public function __construct() { public function __construct() {
$this->addType('uid', 'string');
$this->addType('loginName', 'string');
$this->addType('password', 'string');
$this->addType('name', 'string');
$this->addType('token', 'string');
$this->addType('type', 'int'); $this->addType('type', 'int');
$this->addType('remember', 'int');
$this->addType('lastActivity', 'int'); $this->addType('lastActivity', 'int');
$this->addType('lastCheck', 'int'); $this->addType('lastCheck', 'int');
$this->addType('scope', 'string');
} }
public function getId() { public function getId(): int {
return $this->id; return $this->id;
} }
public function getUID() { public function getUID(): string {
return $this->uid; return $this->uid;
} }
@ -112,14 +98,14 @@ class DefaultToken extends Entity implements IToken {
* *
* @return string * @return string
*/ */
public function getLoginName() { public function getLoginName(): string {
return parent::getLoginName(); return parent::getLoginName();
} }
/** /**
* Get the (encrypted) login password * Get the (encrypted) login password
* *
* @return string * @return string|null
*/ */
public function getPassword() { public function getPassword() {
return parent::getPassword(); return parent::getPassword();
@ -140,7 +126,7 @@ class DefaultToken extends Entity implements IToken {
* *
* @return int * @return int
*/ */
public function getLastCheck() { public function getLastCheck(): int {
return parent::getLastCheck(); return parent::getLastCheck();
} }
@ -149,15 +135,20 @@ class DefaultToken extends Entity implements IToken {
* *
* @param int $time * @param int $time
*/ */
public function setLastCheck($time) { public function setLastCheck(int $time) {
return parent::setLastCheck($time); parent::setLastCheck($time);
} }
public function getScope() { public function getScope(): string {
return parent::getScope(); $scope = parent::getScope();
if ($scope === null) {
return '';
} }
public function getScopeAsArray() { return $scope;
}
public function getScopeAsArray(): array {
$scope = json_decode($this->getScope(), true); $scope = json_decode($this->getScope(), true);
if (!$scope) { if (!$scope) {
return [ return [
@ -168,10 +159,18 @@ class DefaultToken extends Entity implements IToken {
} }
public function setScope($scope) { public function setScope($scope) {
if (is_array($scope)) { if (\is_array($scope)) {
parent::setScope(json_encode($scope)); parent::setScope(json_encode($scope));
} else { } else {
parent::setScope((string)$scope); parent::setScope((string)$scope);
} }
} }
public function getName(): string {
return parent::getName();
}
public function getRemember(): int {
return parent::getRemember();
}
} }

18
lib/private/Authentication/Token/DefaultTokenMapper.php
View File

@ -1,4 +1,5 @@
<?php <?php
declare(strict_types=1);
/** /**
* @copyright Copyright (c) 2016, ownCloud, Inc. * @copyright Copyright (c) 2016, ownCloud, Inc.
* *
@ -29,7 +30,6 @@
namespace OC\Authentication\Token; namespace OC\Authentication\Token;
use OCP\AppFramework\Db\DoesNotExistException; use OCP\AppFramework\Db\DoesNotExistException;
use OCP\AppFramework\Db\Mapper;
use OCP\AppFramework\Db\QBMapper; use OCP\AppFramework\Db\QBMapper;
use OCP\DB\QueryBuilder\IQueryBuilder; use OCP\DB\QueryBuilder\IQueryBuilder;
use OCP\IDBConnection; use OCP\IDBConnection;
@ -46,7 +46,7 @@ class DefaultTokenMapper extends QBMapper {
* *
* @param string $token * @param string $token
*/ */
public function invalidate($token) { public function invalidate(string $token) {
/* @var $qb IQueryBuilder */ /* @var $qb IQueryBuilder */
$qb = $this->db->getQueryBuilder(); $qb = $this->db->getQueryBuilder();
$qb->delete('authtoken') $qb->delete('authtoken')
@ -59,7 +59,7 @@ class DefaultTokenMapper extends QBMapper {
* @param int $olderThan * @param int $olderThan
* @param int $remember * @param int $remember
*/ */
public function invalidateOld($olderThan, $remember = IToken::DO_NOT_REMEMBER) { public function invalidateOld(int $olderThan, int $remember = IToken::DO_NOT_REMEMBER) {
/* @var $qb IQueryBuilder */ /* @var $qb IQueryBuilder */
$qb = $this->db->getQueryBuilder(); $qb = $this->db->getQueryBuilder();
$qb->delete('authtoken') $qb->delete('authtoken')
@ -76,7 +76,7 @@ class DefaultTokenMapper extends QBMapper {
* @throws DoesNotExistException * @throws DoesNotExistException
* @return DefaultToken * @return DefaultToken
*/ */
public function getToken($token) { public function getToken(string $token): DefaultToken {
/* @var $qb IQueryBuilder */ /* @var $qb IQueryBuilder */
$qb = $this->db->getQueryBuilder(); $qb = $this->db->getQueryBuilder();
$result = $qb->select('id', 'uid', 'login_name', 'password', 'name', 'type', 'remember', 'token', 'last_activity', 'last_check', 'scope') $result = $qb->select('id', 'uid', 'login_name', 'password', 'name', 'type', 'remember', 'token', 'last_activity', 'last_check', 'scope')
@ -95,11 +95,11 @@ class DefaultTokenMapper extends QBMapper {
/** /**
* Get the token for $id * Get the token for $id
* *
* @param string $id * @param int $id
* @throws DoesNotExistException * @throws DoesNotExistException
* @return DefaultToken * @return DefaultToken
*/ */
public function getTokenById($id) { public function getTokenById(int $id): DefaultToken {
/* @var $qb IQueryBuilder */ /* @var $qb IQueryBuilder */
$qb = $this->db->getQueryBuilder(); $qb = $this->db->getQueryBuilder();
$result = $qb->select('id', 'uid', 'login_name', 'password', 'name', 'type', 'token', 'last_activity', 'last_check', 'scope') $result = $qb->select('id', 'uid', 'login_name', 'password', 'name', 'type', 'token', 'last_activity', 'last_check', 'scope')
@ -124,7 +124,7 @@ class DefaultTokenMapper extends QBMapper {
* @param IUser $user * @param IUser $user
* @return DefaultToken[] * @return DefaultToken[]
*/ */
public function getTokenByUser(IUser $user) { public function getTokenByUser(IUser $user): array {
/* @var $qb IQueryBuilder */ /* @var $qb IQueryBuilder */
$qb = $this->db->getQueryBuilder(); $qb = $this->db->getQueryBuilder();
$qb->select('id', 'uid', 'login_name', 'password', 'name', 'type', 'remember', 'token', 'last_activity', 'last_check', 'scope') $qb->select('id', 'uid', 'login_name', 'password', 'name', 'type', 'remember', 'token', 'last_activity', 'last_check', 'scope')
@ -146,7 +146,7 @@ class DefaultTokenMapper extends QBMapper {
* @param IUser $user * @param IUser $user
* @param int $id * @param int $id
*/ */
public function deleteById(IUser $user, $id) { public function deleteById(IUser $user, int $id) {
/* @var $qb IQueryBuilder */ /* @var $qb IQueryBuilder */
$qb = $this->db->getQueryBuilder(); $qb = $this->db->getQueryBuilder();
$qb->delete('authtoken') $qb->delete('authtoken')
@ -160,7 +160,7 @@ class DefaultTokenMapper extends QBMapper {
* *
* @param string $name * @param string $name
*/ */
public function deleteByName($name) { public function deleteByName(string $name) {
$qb = $this->db->getQueryBuilder(); $qb = $this->db->getQueryBuilder();
$qb->delete('authtoken') $qb->delete('authtoken')
->where($qb->expr()->eq('name', $qb->createNamedParameter($name), IQueryBuilder::PARAM_STR)); ->where($qb->expr()->eq('name', $qb->createNamedParameter($name), IQueryBuilder::PARAM_STR));

37
lib/private/Authentication/Token/DefaultTokenProvider.php
View File

@ -1,4 +1,5 @@
<?php <?php
declare(strict_types=1);
/** /**
* @copyright Copyright (c) 2016, ownCloud, Inc. * @copyright Copyright (c) 2016, ownCloud, Inc.
* @copyright Copyright (c) 2016, Christoph Wurst <christoph@winzerhof-wurst.at> * @copyright Copyright (c) 2016, Christoph Wurst <christoph@winzerhof-wurst.at>
@ -85,7 +86,13 @@ class DefaultTokenProvider implements IProvider {
* @param int $remember whether the session token should be used for remember-me * @param int $remember whether the session token should be used for remember-me
* @return IToken * @return IToken
*/ */
public function generateToken($token, $uid, $loginName, $password, $name, $type = IToken::TEMPORARY_TOKEN, $remember = IToken::DO_NOT_REMEMBER) { public function generateToken(string $token,
string $uid,
string $loginName,
$password,
string $name,
int $type = IToken::TEMPORARY_TOKEN,
int $remember = IToken::DO_NOT_REMEMBER): IToken {
$dbToken = new DefaultToken(); $dbToken = new DefaultToken();
$dbToken->setUid($uid); $dbToken->setUid($uid);
$dbToken->setLoginName($loginName); $dbToken->setLoginName($loginName);
@ -145,7 +152,7 @@ class DefaultTokenProvider implements IProvider {
* @param IUser $user * @param IUser $user
* @return IToken[] * @return IToken[]
*/ */
public function getTokenByUser(IUser $user) { public function getTokenByUser(IUser $user): array {
return $this->mapper->getTokenByUser($user); return $this->mapper->getTokenByUser($user);
} }
@ -154,9 +161,9 @@ class DefaultTokenProvider implements IProvider {
* *
* @param string $tokenId * @param string $tokenId
* @throws InvalidTokenException * @throws InvalidTokenException
* @return DefaultToken * @return IToken
*/ */
public function getToken($tokenId) { public function getToken(string $tokenId): IToken {
try { try {
return $this->mapper->getToken($this->hashToken($tokenId)); return $this->mapper->getToken($this->hashToken($tokenId));
} catch (DoesNotExistException $ex) { } catch (DoesNotExistException $ex) {
@ -167,11 +174,11 @@ class DefaultTokenProvider implements IProvider {
/** /**
* Get a token by token id * Get a token by token id
* *
* @param string $tokenId * @param int $tokenId
* @throws InvalidTokenException * @throws InvalidTokenException
* @return DefaultToken * @return IToken
*/ */
public function getTokenById($tokenId) { public function getTokenById(int $tokenId): IToken {
try { try {
return $this->mapper->getTokenById($tokenId); return $this->mapper->getTokenById($tokenId);
} catch (DoesNotExistException $ex) { } catch (DoesNotExistException $ex) {
@ -184,7 +191,7 @@ class DefaultTokenProvider implements IProvider {
* @param string $sessionId * @param string $sessionId
* @throws InvalidTokenException * @throws InvalidTokenException
*/ */
public function renewSessionToken($oldSessionId, $sessionId) { public function renewSessionToken(string $oldSessionId, string $sessionId) {
$token = $this->getToken($oldSessionId); $token = $this->getToken($oldSessionId);
$newToken = new DefaultToken(); $newToken = new DefaultToken();
@ -210,7 +217,7 @@ class DefaultTokenProvider implements IProvider {
* @throws PasswordlessTokenException * @throws PasswordlessTokenException
* @return string * @return string
*/ */
public function getPassword(IToken $savedToken, $tokenId) { public function getPassword(IToken $savedToken, string $tokenId): string {
$password = $savedToken->getPassword(); $password = $savedToken->getPassword();
if (is_null($password)) { if (is_null($password)) {
throw new PasswordlessTokenException(); throw new PasswordlessTokenException();
@ -226,7 +233,7 @@ class DefaultTokenProvider implements IProvider {
* @param string $password * @param string $password
* @throws InvalidTokenException * @throws InvalidTokenException
*/ */
public function setPassword(IToken $token, $tokenId, $password) { public function setPassword(IToken $token, string $tokenId, string $password) {
if (!($token instanceof DefaultToken)) { if (!($token instanceof DefaultToken)) {
throw new InvalidTokenException(); throw new InvalidTokenException();
} }
@ -240,7 +247,7 @@ class DefaultTokenProvider implements IProvider {
* *
* @param string $token * @param string $token
*/ */
public function invalidateToken($token) { public function invalidateToken(string $token) {
$this->mapper->invalidate($this->hashToken($token)); $this->mapper->invalidate($this->hashToken($token));
} }
@ -250,7 +257,7 @@ class DefaultTokenProvider implements IProvider {
* @param IUser $user * @param IUser $user
* @param int $id * @param int $id
*/ */
public function invalidateTokenById(IUser $user, $id) { public function invalidateTokenById(IUser $user, int $id) {
$this->mapper->deleteById($user, $id); $this->mapper->deleteById($user, $id);
} }
@ -270,7 +277,7 @@ class DefaultTokenProvider implements IProvider {
* @param string $token * @param string $token
* @return string * @return string
*/ */
private function hashToken($token) { private function hashToken(string $token) {
$secret = $this->config->getSystemValue('secret'); $secret = $this->config->getSystemValue('secret');
return hash('sha512', $token . $secret); return hash('sha512', $token . $secret);
} }
@ -284,7 +291,7 @@ class DefaultTokenProvider implements IProvider {
* @param string $token * @param string $token
* @return string encrypted password * @return string encrypted password
*/ */
private function encryptPassword($password, $token) { private function encryptPassword(string $password, string $token): string {
$secret = $this->config->getSystemValue('secret'); $secret = $this->config->getSystemValue('secret');
return $this->crypto->encrypt($password, $token . $secret); return $this->crypto->encrypt($password, $token . $secret);
} }
@ -299,7 +306,7 @@ class DefaultTokenProvider implements IProvider {
* @throws InvalidTokenException * @throws InvalidTokenException
* @return string the decrypted key * @return string the decrypted key
*/ */
private function decryptPassword($password, $token) { private function decryptPassword(string $password, string $token): string {
$secret = $this->config->getSystemValue('secret'); $secret = $this->config->getSystemValue('secret');
try { try {
return $this->crypto->decrypt($password, $token . $secret); return $this->crypto->decrypt($password, $token . $secret);

29
lib/private/Authentication/Token/IProvider.php
View File

@ -1,4 +1,5 @@
<?php <?php
declare(strict_types=1);
/** /**
* @copyright Copyright (c) 2016, ownCloud, Inc. * @copyright Copyright (c) 2016, ownCloud, Inc.
* *
@ -44,7 +45,13 @@ interface IProvider {
* @param int $remember whether the session token should be used for remember-me * @param int $remember whether the session token should be used for remember-me
* @return IToken * @return IToken
*/ */
public function generateToken($token, $uid, $loginName, $password, $name, $type = IToken::TEMPORARY_TOKEN, $remember = IToken::DO_NOT_REMEMBER); public function generateToken(string $token,
string $uid,
string $loginName,
$password,
string $name,
int $type = IToken::TEMPORARY_TOKEN,
int $remember = IToken::DO_NOT_REMEMBER): IToken;
/** /**
* Get a token by token id * Get a token by token id
@ -53,16 +60,16 @@ interface IProvider {
* @throws InvalidTokenException * @throws InvalidTokenException
* @return IToken * @return IToken
*/ */
public function getToken($tokenId); public function getToken(string $tokenId): IToken;
/** /**
* Get a token by token id * Get a token by token id
* *
* @param string $tokenId * @param int $tokenId
* @throws InvalidTokenException * @throws InvalidTokenException
* @return DefaultToken * @return IToken
*/ */
public function getTokenById($tokenId); public function getTokenById(int $tokenId): IToken;
/** /**
* Duplicate an existing session token * Duplicate an existing session token
@ -71,14 +78,14 @@ interface IProvider {
* @param string $sessionId * @param string $sessionId
* @throws InvalidTokenException * @throws InvalidTokenException
*/ */
public function renewSessionToken($oldSessionId, $sessionId); public function renewSessionToken(string $oldSessionId, string $sessionId);
/** /**
* Invalidate (delete) the given session token * Invalidate (delete) the given session token
* *
* @param string $token * @param string $token
*/ */
public function invalidateToken($token); public function invalidateToken(string $token);
/** /**
* Invalidate (delete) the given token * Invalidate (delete) the given token
@ -86,7 +93,7 @@ interface IProvider {
* @param IUser $user * @param IUser $user
* @param int $id * @param int $id
*/ */
public function invalidateTokenById(IUser $user, $id); public function invalidateTokenById(IUser $user, int $id);
/** /**
* Invalidate (delete) old session tokens * Invalidate (delete) old session tokens
@ -116,7 +123,7 @@ interface IProvider {
* @param IUser $user * @param IUser $user
* @return IToken[] * @return IToken[]
*/ */
public function getTokenByUser(IUser $user); public function getTokenByUser(IUser $user): array;
/** /**
* Get the (unencrypted) password of the given token * Get the (unencrypted) password of the given token
@ -127,7 +134,7 @@ interface IProvider {
* @throws PasswordlessTokenException * @throws PasswordlessTokenException
* @return string * @return string
*/ */
public function getPassword(IToken $token, $tokenId); public function getPassword(IToken $token, string $tokenId): string;
/** /**
* Encrypt and set the password of the given token * Encrypt and set the password of the given token
@ -137,5 +144,5 @@ interface IProvider {
* @param string $password * @param string $password
* @throws InvalidTokenException * @throws InvalidTokenException
*/ */
public function setPassword(IToken $token, $tokenId, $password); public function setPassword(IToken $token, string $tokenId, string $password);
} }

21
lib/private/Authentication/Token/IToken.php
View File

@ -1,4 +1,5 @@
<?php <?php
declare(strict_types=1);
/** /**
* @copyright Copyright (c) 2016, ownCloud, Inc. * @copyright Copyright (c) 2016, ownCloud, Inc.
* *
@ -37,26 +38,26 @@ interface IToken extends JsonSerializable {
* *
* @return int * @return int
*/ */
public function getId(); public function getId(): int;
/** /**
* Get the user UID * Get the user UID
* *
* @return string * @return string
*/ */
public function getUID(); public function getUID(): string;
/** /**
* Get the login name used when generating the token * Get the login name used when generating the token
* *
* @return string * @return string
*/ */
public function getLoginName(); public function getLoginName(): string;
/** /**
* Get the (encrypted) login password * Get the (encrypted) login password
* *
* @return string * @return string|null
*/ */
public function getPassword(); public function getPassword();
@ -65,28 +66,28 @@ interface IToken extends JsonSerializable {
* *
* @return int * @return int
*/ */
public function getLastCheck(); public function getLastCheck(): int;
/** /**
* Set the timestamp of the last password check * Set the timestamp of the last password check
* *
* @param int $time * @param int $time
*/ */
public function setLastCheck($time); public function setLastCheck(int $time);
/** /**
* Get the authentication scope for this token * Get the authentication scope for this token
* *
* @return string * @return string
*/ */
public function getScope(); public function getScope(): string;
/** /**
* Get the authentication scope for this token * Get the authentication scope for this token
* *
* @return array * @return array
*/ */
public function getScopeAsArray(); public function getScopeAsArray(): array;
/** /**
* Set the authentication scope for this token * Set the authentication scope for this token
@ -94,4 +95,8 @@ interface IToken extends JsonSerializable {
* @param array $scope * @param array $scope
*/ */
public function setScope($scope); public function setScope($scope);
public function getName(): string;
public function getRemember(): int;
} }

8
tests/lib/Authentication/Token/DefaultTokenProviderTest.php
View File

@ -24,10 +24,10 @@ namespace Test\Authentication\Token;
use OC\Authentication\Exceptions\InvalidTokenException; use OC\Authentication\Exceptions\InvalidTokenException;
use OC\Authentication\Token\DefaultToken; use OC\Authentication\Token\DefaultToken;
use OC\Authentication\Token\DefaultTokenMapper;
use OC\Authentication\Token\DefaultTokenProvider; use OC\Authentication\Token\DefaultTokenProvider;
use OC\Authentication\Token\IToken; use OC\Authentication\Token\IToken;
use OCP\AppFramework\Db\DoesNotExistException; use OCP\AppFramework\Db\DoesNotExistException;
use OCP\AppFramework\Db\Mapper;
use OCP\AppFramework\Utility\ITimeFactory; use OCP\AppFramework\Utility\ITimeFactory;
use OCP\IConfig; use OCP\IConfig;
use OCP\ILogger; use OCP\ILogger;
@ -39,7 +39,7 @@ class DefaultTokenProviderTest extends TestCase {
/** @var DefaultTokenProvider|\PHPUnit_Framework_MockObject_MockObject */ /** @var DefaultTokenProvider|\PHPUnit_Framework_MockObject_MockObject */
private $tokenProvider; private $tokenProvider;
/** @var Mapper|\PHPUnit_Framework_MockObject_MockObject */ /** @var DefaultTokenMapper|\PHPUnit_Framework_MockObject_MockObject */
private $mapper; private $mapper;
/** @var ICrypto|\PHPUnit_Framework_MockObject_MockObject */ /** @var ICrypto|\PHPUnit_Framework_MockObject_MockObject */
private $crypto; private $crypto;
@ -55,9 +55,7 @@ class DefaultTokenProviderTest extends TestCase {
protected function setUp() { protected function setUp() {
parent::setUp(); parent::setUp();
$this->mapper = $this->getMockBuilder('\OC\Authentication\Token\DefaultTokenMapper') $this->mapper = $this->createMock(DefaultTokenMapper::class);
->disableOriginalConstructor()
->getMock();
$this->crypto = $this->createMock(ICrypto::class); $this->crypto = $this->createMock(ICrypto::class);
$this->config = $this->createMock(IConfig::class); $this->config = $this->createMock(IConfig::class);
$this->logger = $this->createMock(ILogger::class); $this->logger = $this->createMock(ILogger::class);

8
tests/lib/Authentication/Token/DefaultTokenTest.php
View File

@ -33,14 +33,6 @@ class DefaultTokenTest extends TestCase {
$this->assertEquals($scope, $token->getScopeAsArray()); $this->assertEquals($scope, $token->getScopeAsArray());
} }
public function testSetScopeAsString() {
$scope = ['filesystem' => false];
$token = new DefaultToken();
$token->setScope(json_encode($scope));
$this->assertEquals(json_encode($scope), $token->getScope());
$this->assertEquals($scope, $token->getScopeAsArray());
}
public function testDefaultScope() { public function testDefaultScope() {
$scope = ['filesystem' => true]; $scope = ['filesystem' => true];
$token = new DefaultToken(); $token = new DefaultToken();

13
tests/lib/User/SessionTest.php
View File

@ -581,6 +581,8 @@ class SessionTest extends \Test\TestCase {
$tokenObject->expects($this->once()) $tokenObject->expects($this->once())
->method('getLoginName') ->method('getLoginName')
->willReturn('foobar'); ->willReturn('foobar');
$tokenObject->method('getId')
->willReturn(42);
$this->tokenProvider->expects($this->once()) $this->tokenProvider->expects($this->once())
->method('getToken') ->method('getToken')
->with($sessionId) ->with($sessionId)
@ -593,15 +595,22 @@ class SessionTest extends \Test\TestCase {
->method('setMagicInCookie'); ->method('setMagicInCookie');
$user->expects($this->once()) $user->expects($this->once())
->method('updateLastLoginTimestamp'); ->method('updateLastLoginTimestamp');
$session->expects($this->once()) $setUID = false;
$session
->method('set') ->method('set')
->with('user_id', 'foo'); ->will($this->returnCallback(function ($k, $v) use (&$setUID) {
if ($k === 'user_id' && $v === 'foo') {
$setUID = true;
}
}));
$userSession->expects($this->once()) $userSession->expects($this->once())
->method('setLoginName') ->method('setLoginName')
->willReturn('foobar'); ->willReturn('foobar');
$granted = $userSession->loginWithCookie('foo', $token, $oldSessionId); $granted = $userSession->loginWithCookie('foo', $token, $oldSessionId);
$this->assertTrue($setUID);
$this->assertTrue($granted); $this->assertTrue($granted);
} }