Merge pull request #2633 from nextcloud/2fa-activities
two-factor activities
This commit is contained in:
commit
bb8b647bd6
|
@ -16,4 +16,17 @@
|
|||
<dependencies>
|
||||
<nextcloud min-version="12" max-version="12" />
|
||||
</dependencies>
|
||||
|
||||
<activity>
|
||||
<filters>
|
||||
<filter>OCA\TwoFactorBackupCodes\Activity\GenericFilter</filter>
|
||||
</filters>
|
||||
<settings>
|
||||
<setting>OCA\TwoFactorBackupCodes\Activity\GenericSetting</setting>
|
||||
</settings>
|
||||
<providers>
|
||||
<provider>OCA\TwoFactorBackupCodes\Activity\GenericProvider</provider>
|
||||
<provider>OCA\TwoFactorBackupCodes\Activity\Provider</provider>
|
||||
</providers>
|
||||
</activity>
|
||||
</info>
|
||||
|
|
|
@ -0,0 +1,66 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
|
||||
*
|
||||
* @license GNU AGPL version 3 or any later version
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
namespace OCA\TwoFactorBackupCodes\Activity;
|
||||
|
||||
use OCP\Activity\IFilter;
|
||||
use OCP\IL10N;
|
||||
use OCP\IURLGenerator;
|
||||
|
||||
class GenericFilter implements IFilter {
|
||||
|
||||
/** @var IURLGenerator */
|
||||
private $urlGenerator;
|
||||
|
||||
/** @var IL10N */
|
||||
private $l10n;
|
||||
|
||||
public function __construct(IURLGenerator $urlGenerator, IL10N $l10n) {
|
||||
$this->urlGenerator = $urlGenerator;
|
||||
$this->l10n = $l10n;
|
||||
}
|
||||
|
||||
public function allowedApps() {
|
||||
return [];
|
||||
}
|
||||
|
||||
public function filterTypes(array $types) {
|
||||
return array_intersect(['twofactor'], $types);
|
||||
}
|
||||
|
||||
public function getIcon() {
|
||||
return $this->urlGenerator->getAbsoluteURL($this->urlGenerator->imagePath('core', 'actions/password.svg'));
|
||||
}
|
||||
|
||||
public function getIdentifier() {
|
||||
return 'twofactor';
|
||||
}
|
||||
|
||||
public function getName() {
|
||||
return $this->l10n->t('Two-factor authentication');
|
||||
}
|
||||
|
||||
public function getPriority() {
|
||||
return 30;
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,77 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
|
||||
* @copyright Copyright (c) 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
|
||||
*
|
||||
* Two-factor backup codes
|
||||
*
|
||||
* This code is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License, version 3,
|
||||
* as published by the Free Software Foundation.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License, version 3,
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
||||
*
|
||||
*/
|
||||
|
||||
namespace OCA\TwoFactorBackupCodes\Activity;
|
||||
|
||||
use InvalidArgumentException;
|
||||
use OCP\Activity\IEvent;
|
||||
use OCP\Activity\IProvider;
|
||||
use OCP\ILogger;
|
||||
use OCP\IURLGenerator;
|
||||
use OCP\L10N\IFactory as L10nFactory;
|
||||
|
||||
class GenericProvider implements IProvider {
|
||||
|
||||
/** @var L10nFactory */
|
||||
private $l10n;
|
||||
|
||||
/** @var IURLGenerator */
|
||||
private $urlGenerator;
|
||||
|
||||
/** @var ILogger */
|
||||
private $logger;
|
||||
|
||||
public function __construct(L10nFactory $l10n, IURLGenerator $urlGenerator, ILogger $logger) {
|
||||
$this->logger = $logger;
|
||||
$this->urlGenerator = $urlGenerator;
|
||||
$this->l10n = $l10n;
|
||||
}
|
||||
|
||||
public function parse($language, IEvent $event, IEvent $previousEvent = null) {
|
||||
if ($event->getType() !== 'twofactor') {
|
||||
throw new InvalidArgumentException();
|
||||
}
|
||||
|
||||
$l = $this->l10n->get('core', $language);
|
||||
|
||||
switch ($event->getSubject()) {
|
||||
case 'twofactor_success':
|
||||
$params = $event->getSubjectParameters();
|
||||
$event->setParsedSubject($l->t('You successfully logged in using two-factor authentication (%1$s)', [
|
||||
$params['provider'],
|
||||
]));
|
||||
$event->setIcon($this->urlGenerator->getAbsoluteURL($this->urlGenerator->imagePath('core', 'actions/password.svg')));
|
||||
break;
|
||||
case 'twofactor_failed':
|
||||
$params = $event->getSubjectParameters();
|
||||
$event->setParsedSubject($l->t('A login attempt using two-factor authentication failed (%1$s)', [
|
||||
$params['provider'],
|
||||
]));
|
||||
$event->setIcon($this->urlGenerator->getAbsoluteURL($this->urlGenerator->imagePath('core', 'actions/password.svg')));
|
||||
break;
|
||||
default:
|
||||
throw new InvalidArgumentException();
|
||||
}
|
||||
return $event;
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,65 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
|
||||
* @copyright Copyright (c) 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
|
||||
*
|
||||
* Two-factor backup codes
|
||||
*
|
||||
* This code is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License, version 3,
|
||||
* as published by the Free Software Foundation.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License, version 3,
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
||||
*
|
||||
*/
|
||||
|
||||
namespace OCA\TwoFactorBackupCodes\Activity;
|
||||
|
||||
use OCP\Activity\ISetting;
|
||||
use OCP\IL10N;
|
||||
|
||||
class GenericSetting implements ISetting {
|
||||
|
||||
/** @var IL10N */
|
||||
private $l10n;
|
||||
|
||||
public function __construct(IL10N $l10n) {
|
||||
$this->l10n = $l10n;
|
||||
}
|
||||
|
||||
public function canChangeMail() {
|
||||
return false;
|
||||
}
|
||||
|
||||
public function canChangeStream() {
|
||||
return false;
|
||||
}
|
||||
|
||||
public function getIdentifier() {
|
||||
return 'twofactor';
|
||||
}
|
||||
|
||||
public function getName() {
|
||||
return $this->l10n->t('Two-factor authentication');
|
||||
}
|
||||
|
||||
public function getPriority() {
|
||||
return 30;
|
||||
}
|
||||
|
||||
public function isDefaultEnabledMail() {
|
||||
return true;
|
||||
}
|
||||
|
||||
public function isDefaultEnabledStream() {
|
||||
return true;
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,67 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
|
||||
* @copyright Copyright (c) 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
|
||||
*
|
||||
* Two-factor backup codes
|
||||
*
|
||||
* This code is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License, version 3,
|
||||
* as published by the Free Software Foundation.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License, version 3,
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
||||
*
|
||||
*/
|
||||
|
||||
namespace OCA\TwoFactorBackupCodes\Activity;
|
||||
|
||||
use InvalidArgumentException;
|
||||
use OCP\Activity\IEvent;
|
||||
use OCP\Activity\IProvider;
|
||||
use OCP\ILogger;
|
||||
use OCP\IURLGenerator;
|
||||
use OCP\L10N\IFactory as L10nFactory;
|
||||
|
||||
class Provider implements IProvider {
|
||||
|
||||
/** @var L10nFactory */
|
||||
private $l10n;
|
||||
|
||||
/** @var IURLGenerator */
|
||||
private $urlGenerator;
|
||||
|
||||
/** @var ILogger */
|
||||
private $logger;
|
||||
|
||||
public function __construct(L10nFactory $l10n, IURLGenerator $urlGenerator, ILogger $logger) {
|
||||
$this->logger = $logger;
|
||||
$this->urlGenerator = $urlGenerator;
|
||||
$this->l10n = $l10n;
|
||||
}
|
||||
|
||||
public function parse($language, IEvent $event, IEvent $previousEvent = null) {
|
||||
if ($event->getApp() !== 'twofactor_backupcodes') {
|
||||
throw new InvalidArgumentException();
|
||||
}
|
||||
|
||||
$l = $this->l10n->get('twofactor_backupcodes', $language);
|
||||
|
||||
switch ($event->getSubject()) {
|
||||
case 'codes_generated':
|
||||
$event->setParsedSubject($l->t('You created two-factor backup codes for your account'));
|
||||
$event->setIcon($this->urlGenerator->getAbsoluteURL($this->urlGenerator->imagePath('core', 'actions/password.svg')));
|
||||
break;
|
||||
default:
|
||||
throw new InvalidArgumentException();
|
||||
}
|
||||
return $event;
|
||||
}
|
||||
|
||||
}
|
|
@ -22,8 +22,11 @@
|
|||
|
||||
namespace OCA\TwoFactorBackupCodes\Service;
|
||||
|
||||
use BadMethodCallException;
|
||||
use OCA\TwoFactorBackupCodes\Db\BackupCode;
|
||||
use OCA\TwoFactorBackupCodes\Db\BackupCodeMapper;
|
||||
use OCP\Activity\IManager;
|
||||
use OCP\ILogger;
|
||||
use OCP\IUser;
|
||||
use OCP\Security\IHasher;
|
||||
use OCP\Security\ISecureRandom;
|
||||
|
@ -39,10 +42,19 @@ class BackupCodeStorage {
|
|||
/** @var ISecureRandom */
|
||||
private $random;
|
||||
|
||||
public function __construct(BackupCodeMapper $mapper, ISecureRandom $random, IHasher $hasher) {
|
||||
/** @var IManager */
|
||||
private $activityManager;
|
||||
|
||||
/** @var ILogger */
|
||||
private $logger;
|
||||
|
||||
public function __construct(BackupCodeMapper $mapper, ISecureRandom $random, IHasher $hasher,
|
||||
IManager $activityManager, ILogger $logger) {
|
||||
$this->mapper = $mapper;
|
||||
$this->hasher = $hasher;
|
||||
$this->random = $random;
|
||||
$this->activityManager = $activityManager;
|
||||
$this->logger = $logger;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -68,9 +80,32 @@ class BackupCodeStorage {
|
|||
array_push($result, $code);
|
||||
}
|
||||
|
||||
$this->publishEvent($user, 'codes_generated');
|
||||
|
||||
return $result;
|
||||
}
|
||||
|
||||
/**
|
||||
* Push an event the user's activity stream
|
||||
*
|
||||
* @param IUser $user
|
||||
* @param string $event
|
||||
*/
|
||||
private function publishEvent(IUser $user, $event) {
|
||||
$activity = $this->activityManager->generateEvent();
|
||||
$activity->setApp('twofactor_backupcodes')
|
||||
->setType('twofactor')
|
||||
->setAuthor($user->getUID())
|
||||
->setAffectedUser($user->getUID())
|
||||
->setSubject($event);
|
||||
try {
|
||||
$this->activityManager->publish($activity);
|
||||
} catch (BadMethodCallException $e) {
|
||||
$this->logger->warning('could not publish backup code creation activity', ['app' => 'twofactor_backupcodes']);
|
||||
$this->logger->logException($e, ['app' => 'twofactor_backupcodes']);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @param IUser $user
|
||||
* @return bool
|
||||
|
|
|
@ -0,0 +1,83 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
|
||||
*
|
||||
* @license GNU AGPL version 3 or any later version
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
*/
|
||||
|
||||
namespace OCA\TwoFactorBackupCodes\Test\Unit\Activity;
|
||||
|
||||
use OCA\TwoFactorBackupCodes\Activity\GenericFilter;
|
||||
use OCP\IL10N;
|
||||
use OCP\IURLGenerator;
|
||||
use Test\TestCase;
|
||||
|
||||
class GenericFilterTest extends TestCase {
|
||||
|
||||
private $urlGenerator;
|
||||
private $l10n;
|
||||
|
||||
/** @var GenericFilter */
|
||||
private $filter;
|
||||
|
||||
protected function setUp() {
|
||||
parent::setUp();
|
||||
|
||||
$this->urlGenerator = $this->createMock(IURLGenerator::class);
|
||||
$this->l10n = $this->createMock(IL10N::class);
|
||||
|
||||
$this->filter = new GenericFilter($this->urlGenerator, $this->l10n);
|
||||
}
|
||||
|
||||
public function testAllowedApps() {
|
||||
$this->assertEquals([], $this->filter->allowedApps());
|
||||
}
|
||||
|
||||
public function testFilterTypes() {
|
||||
$this->assertEquals(['twofactor'], $this->filter->filterTypes(['comments', 'twofactor']));
|
||||
}
|
||||
|
||||
public function testGetIcon() {
|
||||
$this->urlGenerator->expects($this->once())
|
||||
->method('imagePath')
|
||||
->with('core', 'actions/password.svg')
|
||||
->will($this->returnValue('path/to/icon.svg'));
|
||||
$this->urlGenerator->expects($this->once())
|
||||
->method('getAbsoluteURL')
|
||||
->with('path/to/icon.svg')
|
||||
->will($this->returnValue('abs/path/to/icon.svg'));
|
||||
$this->assertEquals('abs/path/to/icon.svg', $this->filter->getIcon());
|
||||
}
|
||||
|
||||
public function testGetIdentifier() {
|
||||
$this->assertEquals('twofactor', $this->filter->getIdentifier());
|
||||
}
|
||||
|
||||
public function testGetName() {
|
||||
$this->l10n->expects($this->once())
|
||||
->method('t')
|
||||
->with('Two-factor authentication')
|
||||
->will($this->returnValue('translated'));
|
||||
$this->assertEquals('translated', $this->filter->getName());
|
||||
}
|
||||
|
||||
public function testGetPriority() {
|
||||
$this->assertEquals(30, $this->filter->getPriority());
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,106 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
|
||||
* @copyright Copyright (c) 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
|
||||
*
|
||||
* Two-factor backup codes
|
||||
*
|
||||
* This code is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License, version 3,
|
||||
* as published by the Free Software Foundation.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License, version 3,
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
||||
*
|
||||
*/
|
||||
|
||||
namespace OCA\TwoFactorBackupCodes\Test\Unit\Activity;
|
||||
|
||||
use InvalidArgumentException;
|
||||
use OCA\TwoFactorBackupCodes\Activity\GenericProvider;
|
||||
use OCP\Activity\IEvent;
|
||||
use OCP\IL10N;
|
||||
use OCP\ILogger;
|
||||
use OCP\IURLGenerator;
|
||||
use OCP\L10N\IFactory;
|
||||
use Test\TestCase;
|
||||
|
||||
class ProviderTest extends TestCase {
|
||||
|
||||
private $l10n;
|
||||
private $urlGenerator;
|
||||
private $logger;
|
||||
|
||||
/** @var GenericProvider */
|
||||
private $provider;
|
||||
|
||||
protected function setUp() {
|
||||
parent::setUp();
|
||||
|
||||
$this->l10n = $this->createMock(IFactory::class);
|
||||
$this->urlGenerator = $this->createMock(IURLGenerator::class);
|
||||
$this->logger = $this->createMock(ILogger::class);
|
||||
|
||||
$this->provider = new GenericProvider($this->l10n, $this->urlGenerator, $this->logger);
|
||||
}
|
||||
|
||||
public function testParseUnrelated() {
|
||||
$lang = 'ru';
|
||||
$event = $this->createMock(IEvent::class);
|
||||
$event->expects($this->once())
|
||||
->method('getType')
|
||||
->will($this->returnValue('comments'));
|
||||
$this->setExpectedException(InvalidArgumentException::class);
|
||||
|
||||
$this->provider->parse($lang, $event);
|
||||
}
|
||||
|
||||
public function subjectData() {
|
||||
return [
|
||||
['twofactor_success'],
|
||||
['twofactor_failed'],
|
||||
];
|
||||
}
|
||||
|
||||
/**
|
||||
* @dataProvider subjectData
|
||||
*/
|
||||
public function testParse($subject) {
|
||||
$lang = 'ru';
|
||||
$event = $this->createMock(IEvent::class);
|
||||
$l = $this->createMock(IL10N::class);
|
||||
|
||||
$event->expects($this->once())
|
||||
->method('getType')
|
||||
->will($this->returnValue('twofactor'));
|
||||
$this->l10n->expects($this->once())
|
||||
->method('get')
|
||||
->with('core', $lang)
|
||||
->will($this->returnValue($l));
|
||||
$this->urlGenerator->expects($this->once())
|
||||
->method('imagePath')
|
||||
->with('core', 'actions/password.svg')
|
||||
->will($this->returnValue('path/to/image'));
|
||||
$this->urlGenerator->expects($this->once())
|
||||
->method('getAbsoluteURL')
|
||||
->with('path/to/image')
|
||||
->will($this->returnValue('absolute/path/to/image'));
|
||||
$event->expects($this->once())
|
||||
->method('setIcon')
|
||||
->with('absolute/path/to/image');
|
||||
$event->expects($this->once())
|
||||
->method('getSubject')
|
||||
->will($this->returnValue($subject));
|
||||
$event->expects($this->once())
|
||||
->method('setParsedSubject');
|
||||
|
||||
$this->provider->parse($lang, $event);
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,73 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
|
||||
* @copyright Copyright (c) 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
|
||||
*
|
||||
* Two-factor backup codes
|
||||
*
|
||||
* This code is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License, version 3,
|
||||
* as published by the Free Software Foundation.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License, version 3,
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
||||
*
|
||||
*/
|
||||
|
||||
namespace OCA\TwoFactorBackupCodes\Test\Unit\Activity;
|
||||
|
||||
use OCA\TwoFactorBackupCodes\Activity\GenericSetting;
|
||||
use OCP\IL10N;
|
||||
use Test\TestCase;
|
||||
|
||||
class SettingTest extends TestCase {
|
||||
|
||||
private $l10n;
|
||||
|
||||
/** @var GenericSetting */
|
||||
private $setting;
|
||||
|
||||
protected function setUp() {
|
||||
parent::setUp();
|
||||
|
||||
$this->l10n = $this->createMock(IL10N::class);
|
||||
|
||||
$this->setting = new GenericSetting($this->l10n);
|
||||
}
|
||||
|
||||
public function testCanChangeMail() {
|
||||
$this->assertFalse($this->setting->canChangeMail());
|
||||
}
|
||||
|
||||
public function testCanChangeStream() {
|
||||
$this->assertFalse($this->setting->canChangeStream());
|
||||
}
|
||||
|
||||
public function testGetIdentifier() {
|
||||
$this->assertEquals('twofactor', $this->setting->getIdentifier());
|
||||
}
|
||||
|
||||
public function testGetName() {
|
||||
$this->l10n->expects($this->once())
|
||||
->method('t')
|
||||
->with('Two-factor authentication')
|
||||
->will($this->returnValue('Zwei-Faktor-Authentifizierung'));
|
||||
$this->assertEquals('Zwei-Faktor-Authentifizierung', $this->setting->getName());
|
||||
}
|
||||
|
||||
public function testGetPriority() {
|
||||
$this->assertEquals(30, $this->setting->getPriority());
|
||||
}
|
||||
|
||||
public function testIsDefaultEnabled() {
|
||||
$this->assertTrue($this->setting->isDefaultEnabledMail());
|
||||
$this->assertTrue($this->setting->isDefaultEnabledStream());
|
||||
}
|
||||
|
||||
}
|
|
@ -25,6 +25,9 @@ namespace OCA\TwoFactorBackupCodes\Tests\Unit\Service;
|
|||
use OCA\TwoFactorBackupCodes\Db\BackupCode;
|
||||
use OCA\TwoFactorBackupCodes\Db\BackupCodeMapper;
|
||||
use OCA\TwoFactorBackupCodes\Service\BackupCodeStorage;
|
||||
use OCP\Activity\IEvent;
|
||||
use OCP\Activity\IManager;
|
||||
use OCP\ILogger;
|
||||
use OCP\IUser;
|
||||
use OCP\Security\IHasher;
|
||||
use OCP\Security\ISecureRandom;
|
||||
|
@ -41,6 +44,12 @@ class BackupCodeStorageTest extends TestCase {
|
|||
/** @var IHasher|\PHPUnit_Framework_MockObject_MockObject */
|
||||
private $hasher;
|
||||
|
||||
/** @var IManager|\PHPUnit_Framework_MockObject_MockObject */
|
||||
private $activityManager;
|
||||
|
||||
/** @var ILogger|\PHPUnit_Framework_MockObject_MockObject */
|
||||
private $logger;
|
||||
|
||||
/** @var BackupCodeStorage */
|
||||
private $storage;
|
||||
|
||||
|
@ -52,14 +61,18 @@ class BackupCodeStorageTest extends TestCase {
|
|||
->getMock();
|
||||
$this->random = $this->getMockBuilder(ISecureRandom::class)->getMock();
|
||||
$this->hasher = $this->getMockBuilder(IHasher::class)->getMock();
|
||||
$this->storage = new BackupCodeStorage($this->mapper, $this->random, $this->hasher);
|
||||
$this->activityManager = $this->createMock(IManager::class);
|
||||
$this->logger = $this->createMock(ILogger::class);
|
||||
|
||||
$this->storage = new BackupCodeStorage($this->mapper, $this->random, $this->hasher, $this->activityManager, $this->logger);
|
||||
}
|
||||
|
||||
public function testCreateCodes() {
|
||||
$user = $this->getMockBuilder(IUser::class)->getMock();
|
||||
$number = 5;
|
||||
$event = $this->createMock(IEvent::class);
|
||||
|
||||
$user->expects($this->once())
|
||||
$user->expects($this->any())
|
||||
->method('getUID')
|
||||
->will($this->returnValue('fritz'));
|
||||
$this->random->expects($this->exactly($number))
|
||||
|
@ -77,6 +90,28 @@ class BackupCodeStorageTest extends TestCase {
|
|||
$this->mapper->expects($this->exactly($number))
|
||||
->method('insert')
|
||||
->with($this->equalTo($row));
|
||||
$this->activityManager->expects($this->once())
|
||||
->method('generateEvent')
|
||||
->will($this->returnValue($event));
|
||||
$event->expects($this->once())
|
||||
->method('setApp')
|
||||
->with('twofactor_backupcodes')
|
||||
->will($this->returnSelf());
|
||||
$event->expects($this->once())
|
||||
->method('setType')
|
||||
->with('twofactor')
|
||||
->will($this->returnSelf());
|
||||
$event->expects($this->once())
|
||||
->method('setAuthor')
|
||||
->with('fritz')
|
||||
->will($this->returnSelf());
|
||||
$event->expects($this->once())
|
||||
->method('setAffectedUser')
|
||||
->with('fritz')
|
||||
->will($this->returnSelf());
|
||||
$this->activityManager->expects($this->once())
|
||||
->method('publish')
|
||||
->will($this->returnValue($event));
|
||||
|
||||
$codes = $this->storage->createCodes($user, $number);
|
||||
$this->assertCount($number, $codes);
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* @copyright Copyright (c) 2016, ownCloud, Inc.
|
||||
*
|
||||
|
@ -26,9 +27,11 @@ use Exception;
|
|||
use OC;
|
||||
use OC\App\AppManager;
|
||||
use OC_App;
|
||||
use OCP\Activity\IManager;
|
||||
use OCP\AppFramework\QueryException;
|
||||
use OCP\Authentication\TwoFactorAuth\IProvider;
|
||||
use OCP\IConfig;
|
||||
use OCP\ILogger;
|
||||
use OCP\ISession;
|
||||
use OCP\IUser;
|
||||
|
||||
|
@ -48,15 +51,26 @@ class Manager {
|
|||
/** @var IConfig */
|
||||
private $config;
|
||||
|
||||
/** @var IManager */
|
||||
private $activityManager;
|
||||
|
||||
/** @var ILogger */
|
||||
private $logger;
|
||||
|
||||
/**
|
||||
* @param AppManager $appManager
|
||||
* @param ISession $session
|
||||
* @param IConfig $config
|
||||
* @param IManager $activityManager
|
||||
* @param ILogger $logger
|
||||
*/
|
||||
public function __construct(AppManager $appManager, ISession $session, IConfig $config) {
|
||||
public function __construct(AppManager $appManager, ISession $session, IConfig $config, IManager $activityManager,
|
||||
ILogger $logger) {
|
||||
$this->appManager = $appManager;
|
||||
$this->session = $session;
|
||||
$this->config = $config;
|
||||
$this->activityManager = $activityManager;
|
||||
$this->logger = $logger;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -184,10 +198,39 @@ class Manager {
|
|||
}
|
||||
$this->session->remove(self::SESSION_UID_KEY);
|
||||
$this->session->remove(self::REMEMBER_LOGIN);
|
||||
|
||||
$this->publishEvent($user, 'twofactor_success', [
|
||||
'provider' => $provider->getDisplayName(),
|
||||
]);
|
||||
} else {
|
||||
$this->publishEvent($user, 'twofactor_failed', [
|
||||
'provider' => $provider->getDisplayName(),
|
||||
]);
|
||||
}
|
||||
return $passed;
|
||||
}
|
||||
|
||||
/**
|
||||
* Push a 2fa event the user's activity stream
|
||||
*
|
||||
* @param IUser $user
|
||||
* @param string $event
|
||||
*/
|
||||
private function publishEvent(IUser $user, $event, array $params) {
|
||||
$activity = $this->activityManager->generateEvent();
|
||||
$activity->setApp('twofactor_generic')
|
||||
->setType('twofactor')
|
||||
->setAuthor($user->getUID())
|
||||
->setAffectedUser($user->getUID())
|
||||
->setSubject($event, $params);
|
||||
try {
|
||||
$this->activityManager->publish($activity);
|
||||
} catch (Exception $e) {
|
||||
$this->logger->warning('could not publish backup code creation activity', ['app' => 'twofactor_backupcodes']);
|
||||
$this->logger->logException($e, ['app' => 'twofactor_backupcodes']);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if the currently logged in user needs to pass 2FA
|
||||
*
|
||||
|
|
|
@ -312,7 +312,7 @@ class Server extends ServerContainer implements IServerContainer {
|
|||
});
|
||||
|
||||
$this->registerService(\OC\Authentication\TwoFactorAuth\Manager::class, function (Server $c) {
|
||||
return new \OC\Authentication\TwoFactorAuth\Manager($c->getAppManager(), $c->getSession(), $c->getConfig());
|
||||
return new \OC\Authentication\TwoFactorAuth\Manager($c->getAppManager(), $c->getSession(), $c->getConfig(), $c->getActivityManager(), $c->getLogger());
|
||||
});
|
||||
|
||||
$this->registerService('NavigationManager', function ($c) {
|
||||
|
|
|
@ -26,8 +26,11 @@ use Exception;
|
|||
use OC;
|
||||
use OC\App\AppManager;
|
||||
use OC\Authentication\TwoFactorAuth\Manager;
|
||||
use OCP\Activity\IEvent;
|
||||
use OCP\Activity\IManager;
|
||||
use OCP\Authentication\TwoFactorAuth\IProvider;
|
||||
use OCP\IConfig;
|
||||
use OCP\ILogger;
|
||||
use OCP\ISession;
|
||||
use OCP\IUser;
|
||||
use Test\TestCase;
|
||||
|
@ -49,6 +52,12 @@ class ManagerTest extends TestCase {
|
|||
/** @var IConfig|PHPUnit_Framework_MockObject_MockObject */
|
||||
private $config;
|
||||
|
||||
/** @var IManager|PHPUnit_Framework_MockObject_MockObject */
|
||||
private $activityManager;
|
||||
|
||||
/** @var ILogger|PHPUnit_Framework_MockObject_MockObject */
|
||||
private $logger;
|
||||
|
||||
/** @var IProvider|PHPUnit_Framework_MockObject_MockObject */
|
||||
private $fakeProvider;
|
||||
|
||||
|
@ -59,14 +68,14 @@ class ManagerTest extends TestCase {
|
|||
parent::setUp();
|
||||
|
||||
$this->user = $this->createMock(IUser::class);
|
||||
$this->appManager = $this->getMockBuilder('\OC\App\AppManager')
|
||||
->disableOriginalConstructor()
|
||||
->getMock();
|
||||
$this->appManager = $this->createMock('\OC\App\AppManager');
|
||||
$this->session = $this->createMock(ISession::class);
|
||||
$this->config = $this->createMock(IConfig::class);
|
||||
$this->activityManager = $this->createMock(IManager::class);
|
||||
$this->logger = $this->createMock(ILogger::class);
|
||||
|
||||
$this->manager = $this->getMockBuilder('\OC\Authentication\TwoFactorAuth\Manager')
|
||||
->setConstructorArgs([$this->appManager, $this->session, $this->config])
|
||||
->setConstructorArgs([$this->appManager, $this->session, $this->config, $this->activityManager, $this->logger])
|
||||
->setMethods(['loadTwoFactorApp']) // Do not actually load the apps
|
||||
->getMock();
|
||||
|
||||
|
@ -228,6 +237,7 @@ class ManagerTest extends TestCase {
|
|||
$this->prepareProviders();
|
||||
|
||||
$challenge = 'passme';
|
||||
$event = $this->createMock(IEvent::class);
|
||||
$this->fakeProvider->expects($this->once())
|
||||
->method('verifyChallenge')
|
||||
->with($this->user, $challenge)
|
||||
|
@ -242,6 +252,37 @@ class ManagerTest extends TestCase {
|
|||
$this->session->expects($this->at(2))
|
||||
->method('remove')
|
||||
->with('two_factor_remember_login');
|
||||
$this->activityManager->expects($this->once())
|
||||
->method('generateEvent')
|
||||
->willReturn($event);
|
||||
$this->user->expects($this->any())
|
||||
->method('getUID')
|
||||
->willReturn('jos');
|
||||
$event->expects($this->once())
|
||||
->method('setApp')
|
||||
->with($this->equalTo('twofactor_generic'))
|
||||
->willReturnSelf();
|
||||
$event->expects($this->once())
|
||||
->method('setType')
|
||||
->with($this->equalTo('twofactor'))
|
||||
->willReturnSelf();
|
||||
$event->expects($this->once())
|
||||
->method('setAuthor')
|
||||
->with($this->equalTo('jos'))
|
||||
->willReturnSelf();
|
||||
$event->expects($this->once())
|
||||
->method('setAffectedUser')
|
||||
->with($this->equalTo('jos'))
|
||||
->willReturnSelf();
|
||||
$this->fakeProvider->expects($this->once())
|
||||
->method('getDisplayName')
|
||||
->willReturn('Fake 2FA');
|
||||
$event->expects($this->once())
|
||||
->method('setSubject')
|
||||
->with($this->equalTo('twofactor_success'), $this->equalTo([
|
||||
'provider' => 'Fake 2FA',
|
||||
]))
|
||||
->willReturnSelf();
|
||||
|
||||
$this->assertTrue($this->manager->verifyChallenge('email', $this->user, $challenge));
|
||||
}
|
||||
|
@ -263,12 +304,44 @@ class ManagerTest extends TestCase {
|
|||
$this->prepareProviders();
|
||||
|
||||
$challenge = 'dontpassme';
|
||||
$event = $this->createMock(IEvent::class);
|
||||
$this->fakeProvider->expects($this->once())
|
||||
->method('verifyChallenge')
|
||||
->with($this->user, $challenge)
|
||||
->will($this->returnValue(false));
|
||||
$this->session->expects($this->never())
|
||||
->method('remove');
|
||||
$this->activityManager->expects($this->once())
|
||||
->method('generateEvent')
|
||||
->willReturn($event);
|
||||
$this->user->expects($this->any())
|
||||
->method('getUID')
|
||||
->willReturn('jos');
|
||||
$event->expects($this->once())
|
||||
->method('setApp')
|
||||
->with($this->equalTo('twofactor_generic'))
|
||||
->willReturnSelf();
|
||||
$event->expects($this->once())
|
||||
->method('setType')
|
||||
->with($this->equalTo('twofactor'))
|
||||
->willReturnSelf();
|
||||
$event->expects($this->once())
|
||||
->method('setAuthor')
|
||||
->with($this->equalTo('jos'))
|
||||
->willReturnSelf();
|
||||
$event->expects($this->once())
|
||||
->method('setAffectedUser')
|
||||
->with($this->equalTo('jos'))
|
||||
->willReturnSelf();
|
||||
$this->fakeProvider->expects($this->once())
|
||||
->method('getDisplayName')
|
||||
->willReturn('Fake 2FA');
|
||||
$event->expects($this->once())
|
||||
->method('setSubject')
|
||||
->with($this->equalTo('twofactor_failed'), $this->equalTo([
|
||||
'provider' => 'Fake 2FA',
|
||||
]))
|
||||
->willReturnSelf();
|
||||
|
||||
$this->assertFalse($this->manager->verifyChallenge('email', $this->user, $challenge));
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue