Merge pull request #2633 from nextcloud/2fa-activities

two-factor activities
This commit is contained in:
Morris Jobke 2016-12-22 14:47:15 +01:00 committed by GitHub
commit bb8b647bd6
13 changed files with 745 additions and 9 deletions

View File

@ -16,4 +16,17 @@
<dependencies> <dependencies>
<nextcloud min-version="12" max-version="12" /> <nextcloud min-version="12" max-version="12" />
</dependencies> </dependencies>
<activity>
<filters>
<filter>OCA\TwoFactorBackupCodes\Activity\GenericFilter</filter>
</filters>
<settings>
<setting>OCA\TwoFactorBackupCodes\Activity\GenericSetting</setting>
</settings>
<providers>
<provider>OCA\TwoFactorBackupCodes\Activity\GenericProvider</provider>
<provider>OCA\TwoFactorBackupCodes\Activity\Provider</provider>
</providers>
</activity>
</info> </info>

View File

@ -0,0 +1,66 @@
<?php
/**
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace OCA\TwoFactorBackupCodes\Activity;
use OCP\Activity\IFilter;
use OCP\IL10N;
use OCP\IURLGenerator;
class GenericFilter implements IFilter {
/** @var IURLGenerator */
private $urlGenerator;
/** @var IL10N */
private $l10n;
public function __construct(IURLGenerator $urlGenerator, IL10N $l10n) {
$this->urlGenerator = $urlGenerator;
$this->l10n = $l10n;
}
public function allowedApps() {
return [];
}
public function filterTypes(array $types) {
return array_intersect(['twofactor'], $types);
}
public function getIcon() {
return $this->urlGenerator->getAbsoluteURL($this->urlGenerator->imagePath('core', 'actions/password.svg'));
}
public function getIdentifier() {
return 'twofactor';
}
public function getName() {
return $this->l10n->t('Two-factor authentication');
}
public function getPriority() {
return 30;
}
}

View File

@ -0,0 +1,77 @@
<?php
/**
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
* @copyright Copyright (c) 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
*
* Two-factor backup codes
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
namespace OCA\TwoFactorBackupCodes\Activity;
use InvalidArgumentException;
use OCP\Activity\IEvent;
use OCP\Activity\IProvider;
use OCP\ILogger;
use OCP\IURLGenerator;
use OCP\L10N\IFactory as L10nFactory;
class GenericProvider implements IProvider {
/** @var L10nFactory */
private $l10n;
/** @var IURLGenerator */
private $urlGenerator;
/** @var ILogger */
private $logger;
public function __construct(L10nFactory $l10n, IURLGenerator $urlGenerator, ILogger $logger) {
$this->logger = $logger;
$this->urlGenerator = $urlGenerator;
$this->l10n = $l10n;
}
public function parse($language, IEvent $event, IEvent $previousEvent = null) {
if ($event->getType() !== 'twofactor') {
throw new InvalidArgumentException();
}
$l = $this->l10n->get('core', $language);
switch ($event->getSubject()) {
case 'twofactor_success':
$params = $event->getSubjectParameters();
$event->setParsedSubject($l->t('You successfully logged in using two-factor authentication (%1$s)', [
$params['provider'],
]));
$event->setIcon($this->urlGenerator->getAbsoluteURL($this->urlGenerator->imagePath('core', 'actions/password.svg')));
break;
case 'twofactor_failed':
$params = $event->getSubjectParameters();
$event->setParsedSubject($l->t('A login attempt using two-factor authentication failed (%1$s)', [
$params['provider'],
]));
$event->setIcon($this->urlGenerator->getAbsoluteURL($this->urlGenerator->imagePath('core', 'actions/password.svg')));
break;
default:
throw new InvalidArgumentException();
}
return $event;
}
}

View File

@ -0,0 +1,65 @@
<?php
/**
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
* @copyright Copyright (c) 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
*
* Two-factor backup codes
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
namespace OCA\TwoFactorBackupCodes\Activity;
use OCP\Activity\ISetting;
use OCP\IL10N;
class GenericSetting implements ISetting {
/** @var IL10N */
private $l10n;
public function __construct(IL10N $l10n) {
$this->l10n = $l10n;
}
public function canChangeMail() {
return false;
}
public function canChangeStream() {
return false;
}
public function getIdentifier() {
return 'twofactor';
}
public function getName() {
return $this->l10n->t('Two-factor authentication');
}
public function getPriority() {
return 30;
}
public function isDefaultEnabledMail() {
return true;
}
public function isDefaultEnabledStream() {
return true;
}
}

View File

@ -0,0 +1,67 @@
<?php
/**
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
* @copyright Copyright (c) 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
*
* Two-factor backup codes
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
namespace OCA\TwoFactorBackupCodes\Activity;
use InvalidArgumentException;
use OCP\Activity\IEvent;
use OCP\Activity\IProvider;
use OCP\ILogger;
use OCP\IURLGenerator;
use OCP\L10N\IFactory as L10nFactory;
class Provider implements IProvider {
/** @var L10nFactory */
private $l10n;
/** @var IURLGenerator */
private $urlGenerator;
/** @var ILogger */
private $logger;
public function __construct(L10nFactory $l10n, IURLGenerator $urlGenerator, ILogger $logger) {
$this->logger = $logger;
$this->urlGenerator = $urlGenerator;
$this->l10n = $l10n;
}
public function parse($language, IEvent $event, IEvent $previousEvent = null) {
if ($event->getApp() !== 'twofactor_backupcodes') {
throw new InvalidArgumentException();
}
$l = $this->l10n->get('twofactor_backupcodes', $language);
switch ($event->getSubject()) {
case 'codes_generated':
$event->setParsedSubject($l->t('You created two-factor backup codes for your account'));
$event->setIcon($this->urlGenerator->getAbsoluteURL($this->urlGenerator->imagePath('core', 'actions/password.svg')));
break;
default:
throw new InvalidArgumentException();
}
return $event;
}
}

View File

@ -22,8 +22,11 @@
namespace OCA\TwoFactorBackupCodes\Service; namespace OCA\TwoFactorBackupCodes\Service;
use BadMethodCallException;
use OCA\TwoFactorBackupCodes\Db\BackupCode; use OCA\TwoFactorBackupCodes\Db\BackupCode;
use OCA\TwoFactorBackupCodes\Db\BackupCodeMapper; use OCA\TwoFactorBackupCodes\Db\BackupCodeMapper;
use OCP\Activity\IManager;
use OCP\ILogger;
use OCP\IUser; use OCP\IUser;
use OCP\Security\IHasher; use OCP\Security\IHasher;
use OCP\Security\ISecureRandom; use OCP\Security\ISecureRandom;
@ -39,10 +42,19 @@ class BackupCodeStorage {
/** @var ISecureRandom */ /** @var ISecureRandom */
private $random; private $random;
public function __construct(BackupCodeMapper $mapper, ISecureRandom $random, IHasher $hasher) { /** @var IManager */
private $activityManager;
/** @var ILogger */
private $logger;
public function __construct(BackupCodeMapper $mapper, ISecureRandom $random, IHasher $hasher,
IManager $activityManager, ILogger $logger) {
$this->mapper = $mapper; $this->mapper = $mapper;
$this->hasher = $hasher; $this->hasher = $hasher;
$this->random = $random; $this->random = $random;
$this->activityManager = $activityManager;
$this->logger = $logger;
} }
/** /**
@ -68,9 +80,32 @@ class BackupCodeStorage {
array_push($result, $code); array_push($result, $code);
} }
$this->publishEvent($user, 'codes_generated');
return $result; return $result;
} }
/**
* Push an event the user's activity stream
*
* @param IUser $user
* @param string $event
*/
private function publishEvent(IUser $user, $event) {
$activity = $this->activityManager->generateEvent();
$activity->setApp('twofactor_backupcodes')
->setType('twofactor')
->setAuthor($user->getUID())
->setAffectedUser($user->getUID())
->setSubject($event);
try {
$this->activityManager->publish($activity);
} catch (BadMethodCallException $e) {
$this->logger->warning('could not publish backup code creation activity', ['app' => 'twofactor_backupcodes']);
$this->logger->logException($e, ['app' => 'twofactor_backupcodes']);
}
}
/** /**
* @param IUser $user * @param IUser $user
* @return bool * @return bool

View File

@ -0,0 +1,83 @@
<?php
/**
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace OCA\TwoFactorBackupCodes\Test\Unit\Activity;
use OCA\TwoFactorBackupCodes\Activity\GenericFilter;
use OCP\IL10N;
use OCP\IURLGenerator;
use Test\TestCase;
class GenericFilterTest extends TestCase {
private $urlGenerator;
private $l10n;
/** @var GenericFilter */
private $filter;
protected function setUp() {
parent::setUp();
$this->urlGenerator = $this->createMock(IURLGenerator::class);
$this->l10n = $this->createMock(IL10N::class);
$this->filter = new GenericFilter($this->urlGenerator, $this->l10n);
}
public function testAllowedApps() {
$this->assertEquals([], $this->filter->allowedApps());
}
public function testFilterTypes() {
$this->assertEquals(['twofactor'], $this->filter->filterTypes(['comments', 'twofactor']));
}
public function testGetIcon() {
$this->urlGenerator->expects($this->once())
->method('imagePath')
->with('core', 'actions/password.svg')
->will($this->returnValue('path/to/icon.svg'));
$this->urlGenerator->expects($this->once())
->method('getAbsoluteURL')
->with('path/to/icon.svg')
->will($this->returnValue('abs/path/to/icon.svg'));
$this->assertEquals('abs/path/to/icon.svg', $this->filter->getIcon());
}
public function testGetIdentifier() {
$this->assertEquals('twofactor', $this->filter->getIdentifier());
}
public function testGetName() {
$this->l10n->expects($this->once())
->method('t')
->with('Two-factor authentication')
->will($this->returnValue('translated'));
$this->assertEquals('translated', $this->filter->getName());
}
public function testGetPriority() {
$this->assertEquals(30, $this->filter->getPriority());
}
}

View File

@ -0,0 +1,106 @@
<?php
/**
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
* @copyright Copyright (c) 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
*
* Two-factor backup codes
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
namespace OCA\TwoFactorBackupCodes\Test\Unit\Activity;
use InvalidArgumentException;
use OCA\TwoFactorBackupCodes\Activity\GenericProvider;
use OCP\Activity\IEvent;
use OCP\IL10N;
use OCP\ILogger;
use OCP\IURLGenerator;
use OCP\L10N\IFactory;
use Test\TestCase;
class ProviderTest extends TestCase {
private $l10n;
private $urlGenerator;
private $logger;
/** @var GenericProvider */
private $provider;
protected function setUp() {
parent::setUp();
$this->l10n = $this->createMock(IFactory::class);
$this->urlGenerator = $this->createMock(IURLGenerator::class);
$this->logger = $this->createMock(ILogger::class);
$this->provider = new GenericProvider($this->l10n, $this->urlGenerator, $this->logger);
}
public function testParseUnrelated() {
$lang = 'ru';
$event = $this->createMock(IEvent::class);
$event->expects($this->once())
->method('getType')
->will($this->returnValue('comments'));
$this->setExpectedException(InvalidArgumentException::class);
$this->provider->parse($lang, $event);
}
public function subjectData() {
return [
['twofactor_success'],
['twofactor_failed'],
];
}
/**
* @dataProvider subjectData
*/
public function testParse($subject) {
$lang = 'ru';
$event = $this->createMock(IEvent::class);
$l = $this->createMock(IL10N::class);
$event->expects($this->once())
->method('getType')
->will($this->returnValue('twofactor'));
$this->l10n->expects($this->once())
->method('get')
->with('core', $lang)
->will($this->returnValue($l));
$this->urlGenerator->expects($this->once())
->method('imagePath')
->with('core', 'actions/password.svg')
->will($this->returnValue('path/to/image'));
$this->urlGenerator->expects($this->once())
->method('getAbsoluteURL')
->with('path/to/image')
->will($this->returnValue('absolute/path/to/image'));
$event->expects($this->once())
->method('setIcon')
->with('absolute/path/to/image');
$event->expects($this->once())
->method('getSubject')
->will($this->returnValue($subject));
$event->expects($this->once())
->method('setParsedSubject');
$this->provider->parse($lang, $event);
}
}

View File

@ -0,0 +1,73 @@
<?php
/**
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
* @copyright Copyright (c) 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
*
* Two-factor backup codes
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
namespace OCA\TwoFactorBackupCodes\Test\Unit\Activity;
use OCA\TwoFactorBackupCodes\Activity\GenericSetting;
use OCP\IL10N;
use Test\TestCase;
class SettingTest extends TestCase {
private $l10n;
/** @var GenericSetting */
private $setting;
protected function setUp() {
parent::setUp();
$this->l10n = $this->createMock(IL10N::class);
$this->setting = new GenericSetting($this->l10n);
}
public function testCanChangeMail() {
$this->assertFalse($this->setting->canChangeMail());
}
public function testCanChangeStream() {
$this->assertFalse($this->setting->canChangeStream());
}
public function testGetIdentifier() {
$this->assertEquals('twofactor', $this->setting->getIdentifier());
}
public function testGetName() {
$this->l10n->expects($this->once())
->method('t')
->with('Two-factor authentication')
->will($this->returnValue('Zwei-Faktor-Authentifizierung'));
$this->assertEquals('Zwei-Faktor-Authentifizierung', $this->setting->getName());
}
public function testGetPriority() {
$this->assertEquals(30, $this->setting->getPriority());
}
public function testIsDefaultEnabled() {
$this->assertTrue($this->setting->isDefaultEnabledMail());
$this->assertTrue($this->setting->isDefaultEnabledStream());
}
}

View File

@ -25,6 +25,9 @@ namespace OCA\TwoFactorBackupCodes\Tests\Unit\Service;
use OCA\TwoFactorBackupCodes\Db\BackupCode; use OCA\TwoFactorBackupCodes\Db\BackupCode;
use OCA\TwoFactorBackupCodes\Db\BackupCodeMapper; use OCA\TwoFactorBackupCodes\Db\BackupCodeMapper;
use OCA\TwoFactorBackupCodes\Service\BackupCodeStorage; use OCA\TwoFactorBackupCodes\Service\BackupCodeStorage;
use OCP\Activity\IEvent;
use OCP\Activity\IManager;
use OCP\ILogger;
use OCP\IUser; use OCP\IUser;
use OCP\Security\IHasher; use OCP\Security\IHasher;
use OCP\Security\ISecureRandom; use OCP\Security\ISecureRandom;
@ -41,6 +44,12 @@ class BackupCodeStorageTest extends TestCase {
/** @var IHasher|\PHPUnit_Framework_MockObject_MockObject */ /** @var IHasher|\PHPUnit_Framework_MockObject_MockObject */
private $hasher; private $hasher;
/** @var IManager|\PHPUnit_Framework_MockObject_MockObject */
private $activityManager;
/** @var ILogger|\PHPUnit_Framework_MockObject_MockObject */
private $logger;
/** @var BackupCodeStorage */ /** @var BackupCodeStorage */
private $storage; private $storage;
@ -52,14 +61,18 @@ class BackupCodeStorageTest extends TestCase {
->getMock(); ->getMock();
$this->random = $this->getMockBuilder(ISecureRandom::class)->getMock(); $this->random = $this->getMockBuilder(ISecureRandom::class)->getMock();
$this->hasher = $this->getMockBuilder(IHasher::class)->getMock(); $this->hasher = $this->getMockBuilder(IHasher::class)->getMock();
$this->storage = new BackupCodeStorage($this->mapper, $this->random, $this->hasher); $this->activityManager = $this->createMock(IManager::class);
$this->logger = $this->createMock(ILogger::class);
$this->storage = new BackupCodeStorage($this->mapper, $this->random, $this->hasher, $this->activityManager, $this->logger);
} }
public function testCreateCodes() { public function testCreateCodes() {
$user = $this->getMockBuilder(IUser::class)->getMock(); $user = $this->getMockBuilder(IUser::class)->getMock();
$number = 5; $number = 5;
$event = $this->createMock(IEvent::class);
$user->expects($this->once()) $user->expects($this->any())
->method('getUID') ->method('getUID')
->will($this->returnValue('fritz')); ->will($this->returnValue('fritz'));
$this->random->expects($this->exactly($number)) $this->random->expects($this->exactly($number))
@ -77,6 +90,28 @@ class BackupCodeStorageTest extends TestCase {
$this->mapper->expects($this->exactly($number)) $this->mapper->expects($this->exactly($number))
->method('insert') ->method('insert')
->with($this->equalTo($row)); ->with($this->equalTo($row));
$this->activityManager->expects($this->once())
->method('generateEvent')
->will($this->returnValue($event));
$event->expects($this->once())
->method('setApp')
->with('twofactor_backupcodes')
->will($this->returnSelf());
$event->expects($this->once())
->method('setType')
->with('twofactor')
->will($this->returnSelf());
$event->expects($this->once())
->method('setAuthor')
->with('fritz')
->will($this->returnSelf());
$event->expects($this->once())
->method('setAffectedUser')
->with('fritz')
->will($this->returnSelf());
$this->activityManager->expects($this->once())
->method('publish')
->will($this->returnValue($event));
$codes = $this->storage->createCodes($user, $number); $codes = $this->storage->createCodes($user, $number);
$this->assertCount($number, $codes); $this->assertCount($number, $codes);

View File

@ -1,4 +1,5 @@
<?php <?php
/** /**
* @copyright Copyright (c) 2016, ownCloud, Inc. * @copyright Copyright (c) 2016, ownCloud, Inc.
* *
@ -26,9 +27,11 @@ use Exception;
use OC; use OC;
use OC\App\AppManager; use OC\App\AppManager;
use OC_App; use OC_App;
use OCP\Activity\IManager;
use OCP\AppFramework\QueryException; use OCP\AppFramework\QueryException;
use OCP\Authentication\TwoFactorAuth\IProvider; use OCP\Authentication\TwoFactorAuth\IProvider;
use OCP\IConfig; use OCP\IConfig;
use OCP\ILogger;
use OCP\ISession; use OCP\ISession;
use OCP\IUser; use OCP\IUser;
@ -48,15 +51,26 @@ class Manager {
/** @var IConfig */ /** @var IConfig */
private $config; private $config;
/** @var IManager */
private $activityManager;
/** @var ILogger */
private $logger;
/** /**
* @param AppManager $appManager * @param AppManager $appManager
* @param ISession $session * @param ISession $session
* @param IConfig $config * @param IConfig $config
* @param IManager $activityManager
* @param ILogger $logger
*/ */
public function __construct(AppManager $appManager, ISession $session, IConfig $config) { public function __construct(AppManager $appManager, ISession $session, IConfig $config, IManager $activityManager,
ILogger $logger) {
$this->appManager = $appManager; $this->appManager = $appManager;
$this->session = $session; $this->session = $session;
$this->config = $config; $this->config = $config;
$this->activityManager = $activityManager;
$this->logger = $logger;
} }
/** /**
@ -184,10 +198,39 @@ class Manager {
} }
$this->session->remove(self::SESSION_UID_KEY); $this->session->remove(self::SESSION_UID_KEY);
$this->session->remove(self::REMEMBER_LOGIN); $this->session->remove(self::REMEMBER_LOGIN);
$this->publishEvent($user, 'twofactor_success', [
'provider' => $provider->getDisplayName(),
]);
} else {
$this->publishEvent($user, 'twofactor_failed', [
'provider' => $provider->getDisplayName(),
]);
} }
return $passed; return $passed;
} }
/**
* Push a 2fa event the user's activity stream
*
* @param IUser $user
* @param string $event
*/
private function publishEvent(IUser $user, $event, array $params) {
$activity = $this->activityManager->generateEvent();
$activity->setApp('twofactor_generic')
->setType('twofactor')
->setAuthor($user->getUID())
->setAffectedUser($user->getUID())
->setSubject($event, $params);
try {
$this->activityManager->publish($activity);
} catch (Exception $e) {
$this->logger->warning('could not publish backup code creation activity', ['app' => 'twofactor_backupcodes']);
$this->logger->logException($e, ['app' => 'twofactor_backupcodes']);
}
}
/** /**
* Check if the currently logged in user needs to pass 2FA * Check if the currently logged in user needs to pass 2FA
* *

View File

@ -312,7 +312,7 @@ class Server extends ServerContainer implements IServerContainer {
}); });
$this->registerService(\OC\Authentication\TwoFactorAuth\Manager::class, function (Server $c) { $this->registerService(\OC\Authentication\TwoFactorAuth\Manager::class, function (Server $c) {
return new \OC\Authentication\TwoFactorAuth\Manager($c->getAppManager(), $c->getSession(), $c->getConfig()); return new \OC\Authentication\TwoFactorAuth\Manager($c->getAppManager(), $c->getSession(), $c->getConfig(), $c->getActivityManager(), $c->getLogger());
}); });
$this->registerService('NavigationManager', function ($c) { $this->registerService('NavigationManager', function ($c) {

View File

@ -26,8 +26,11 @@ use Exception;
use OC; use OC;
use OC\App\AppManager; use OC\App\AppManager;
use OC\Authentication\TwoFactorAuth\Manager; use OC\Authentication\TwoFactorAuth\Manager;
use OCP\Activity\IEvent;
use OCP\Activity\IManager;
use OCP\Authentication\TwoFactorAuth\IProvider; use OCP\Authentication\TwoFactorAuth\IProvider;
use OCP\IConfig; use OCP\IConfig;
use OCP\ILogger;
use OCP\ISession; use OCP\ISession;
use OCP\IUser; use OCP\IUser;
use Test\TestCase; use Test\TestCase;
@ -49,6 +52,12 @@ class ManagerTest extends TestCase {
/** @var IConfig|PHPUnit_Framework_MockObject_MockObject */ /** @var IConfig|PHPUnit_Framework_MockObject_MockObject */
private $config; private $config;
/** @var IManager|PHPUnit_Framework_MockObject_MockObject */
private $activityManager;
/** @var ILogger|PHPUnit_Framework_MockObject_MockObject */
private $logger;
/** @var IProvider|PHPUnit_Framework_MockObject_MockObject */ /** @var IProvider|PHPUnit_Framework_MockObject_MockObject */
private $fakeProvider; private $fakeProvider;
@ -59,14 +68,14 @@ class ManagerTest extends TestCase {
parent::setUp(); parent::setUp();
$this->user = $this->createMock(IUser::class); $this->user = $this->createMock(IUser::class);
$this->appManager = $this->getMockBuilder('\OC\App\AppManager') $this->appManager = $this->createMock('\OC\App\AppManager');
->disableOriginalConstructor()
->getMock();
$this->session = $this->createMock(ISession::class); $this->session = $this->createMock(ISession::class);
$this->config = $this->createMock(IConfig::class); $this->config = $this->createMock(IConfig::class);
$this->activityManager = $this->createMock(IManager::class);
$this->logger = $this->createMock(ILogger::class);
$this->manager = $this->getMockBuilder('\OC\Authentication\TwoFactorAuth\Manager') $this->manager = $this->getMockBuilder('\OC\Authentication\TwoFactorAuth\Manager')
->setConstructorArgs([$this->appManager, $this->session, $this->config]) ->setConstructorArgs([$this->appManager, $this->session, $this->config, $this->activityManager, $this->logger])
->setMethods(['loadTwoFactorApp']) // Do not actually load the apps ->setMethods(['loadTwoFactorApp']) // Do not actually load the apps
->getMock(); ->getMock();
@ -228,6 +237,7 @@ class ManagerTest extends TestCase {
$this->prepareProviders(); $this->prepareProviders();
$challenge = 'passme'; $challenge = 'passme';
$event = $this->createMock(IEvent::class);
$this->fakeProvider->expects($this->once()) $this->fakeProvider->expects($this->once())
->method('verifyChallenge') ->method('verifyChallenge')
->with($this->user, $challenge) ->with($this->user, $challenge)
@ -242,6 +252,37 @@ class ManagerTest extends TestCase {
$this->session->expects($this->at(2)) $this->session->expects($this->at(2))
->method('remove') ->method('remove')
->with('two_factor_remember_login'); ->with('two_factor_remember_login');
$this->activityManager->expects($this->once())
->method('generateEvent')
->willReturn($event);
$this->user->expects($this->any())
->method('getUID')
->willReturn('jos');
$event->expects($this->once())
->method('setApp')
->with($this->equalTo('twofactor_generic'))
->willReturnSelf();
$event->expects($this->once())
->method('setType')
->with($this->equalTo('twofactor'))
->willReturnSelf();
$event->expects($this->once())
->method('setAuthor')
->with($this->equalTo('jos'))
->willReturnSelf();
$event->expects($this->once())
->method('setAffectedUser')
->with($this->equalTo('jos'))
->willReturnSelf();
$this->fakeProvider->expects($this->once())
->method('getDisplayName')
->willReturn('Fake 2FA');
$event->expects($this->once())
->method('setSubject')
->with($this->equalTo('twofactor_success'), $this->equalTo([
'provider' => 'Fake 2FA',
]))
->willReturnSelf();
$this->assertTrue($this->manager->verifyChallenge('email', $this->user, $challenge)); $this->assertTrue($this->manager->verifyChallenge('email', $this->user, $challenge));
} }
@ -263,12 +304,44 @@ class ManagerTest extends TestCase {
$this->prepareProviders(); $this->prepareProviders();
$challenge = 'dontpassme'; $challenge = 'dontpassme';
$event = $this->createMock(IEvent::class);
$this->fakeProvider->expects($this->once()) $this->fakeProvider->expects($this->once())
->method('verifyChallenge') ->method('verifyChallenge')
->with($this->user, $challenge) ->with($this->user, $challenge)
->will($this->returnValue(false)); ->will($this->returnValue(false));
$this->session->expects($this->never()) $this->session->expects($this->never())
->method('remove'); ->method('remove');
$this->activityManager->expects($this->once())
->method('generateEvent')
->willReturn($event);
$this->user->expects($this->any())
->method('getUID')
->willReturn('jos');
$event->expects($this->once())
->method('setApp')
->with($this->equalTo('twofactor_generic'))
->willReturnSelf();
$event->expects($this->once())
->method('setType')
->with($this->equalTo('twofactor'))
->willReturnSelf();
$event->expects($this->once())
->method('setAuthor')
->with($this->equalTo('jos'))
->willReturnSelf();
$event->expects($this->once())
->method('setAffectedUser')
->with($this->equalTo('jos'))
->willReturnSelf();
$this->fakeProvider->expects($this->once())
->method('getDisplayName')
->willReturn('Fake 2FA');
$event->expects($this->once())
->method('setSubject')
->with($this->equalTo('twofactor_failed'), $this->equalTo([
'provider' => 'Fake 2FA',
]))
->willReturnSelf();
$this->assertFalse($this->manager->verifyChallenge('email', $this->user, $challenge)); $this->assertFalse($this->manager->verifyChallenge('email', $this->user, $challenge));
} }