* * @copyright Copyright (c) 2015, ownCloud, Inc. * @license AGPL-3.0 * * This code is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License, version 3, * as published by the Free Software Foundation. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License, version 3, * along with this program. If not, see * */ namespace OCA\DAV\Tests\Unit\Connector\Sabre; use Test\TestCase; use OCP\ISession; use OCP\IUserSession; /** * Class Auth * * @package OCA\DAV\Connector\Sabre */ class Auth extends TestCase { /** @var ISession */ private $session; /** @var \OCA\DAV\Connector\Sabre\Auth */ private $auth; /** @var IUserSession */ private $userSession; public function setUp() { parent::setUp(); $this->session = $this->getMockBuilder('\OCP\ISession') ->disableOriginalConstructor()->getMock(); $this->userSession = $this->getMockBuilder('\OCP\IUserSession') ->disableOriginalConstructor()->getMock(); $this->auth = new \OCA\DAV\Connector\Sabre\Auth($this->session, $this->userSession); } public function testIsDavAuthenticatedWithoutDavSession() { $this->session ->expects($this->once()) ->method('get') ->with('AUTHENTICATED_TO_DAV_BACKEND') ->will($this->returnValue(null)); $this->assertFalse($this->invokePrivate($this->auth, 'isDavAuthenticated', ['MyTestUser'])); } public function testIsDavAuthenticatedWithWrongDavSession() { $this->session ->expects($this->exactly(2)) ->method('get') ->with('AUTHENTICATED_TO_DAV_BACKEND') ->will($this->returnValue('AnotherUser')); $this->assertFalse($this->invokePrivate($this->auth, 'isDavAuthenticated', ['MyTestUser'])); } public function testIsDavAuthenticatedWithCorrectDavSession() { $this->session ->expects($this->exactly(2)) ->method('get') ->with('AUTHENTICATED_TO_DAV_BACKEND') ->will($this->returnValue('MyTestUser')); $this->assertTrue($this->invokePrivate($this->auth, 'isDavAuthenticated', ['MyTestUser'])); } public function testValidateUserPassOfAlreadyDAVAuthenticatedUser() { $user = $this->getMockBuilder('\OCP\IUser') ->disableOriginalConstructor() ->getMock(); $user->expects($this->exactly(2)) ->method('getUID') ->will($this->returnValue('MyTestUser')); $this->userSession ->expects($this->once()) ->method('isLoggedIn') ->will($this->returnValue(true)); $this->userSession ->expects($this->exactly(2)) ->method('getUser') ->will($this->returnValue($user)); $this->session ->expects($this->exactly(2)) ->method('get') ->with('AUTHENTICATED_TO_DAV_BACKEND') ->will($this->returnValue('MyTestUser')); $this->session ->expects($this->once()) ->method('close'); $this->assertTrue($this->invokePrivate($this->auth, 'validateUserPass', ['MyTestUser', 'MyTestPassword'])); } public function testValidateUserPassOfInvalidDAVAuthenticatedUser() { $user = $this->getMockBuilder('\OCP\IUser') ->disableOriginalConstructor() ->getMock(); $user->expects($this->once()) ->method('getUID') ->will($this->returnValue('MyTestUser')); $this->userSession ->expects($this->once()) ->method('isLoggedIn') ->will($this->returnValue(true)); $this->userSession ->expects($this->once()) ->method('getUser') ->will($this->returnValue($user)); $this->session ->expects($this->exactly(2)) ->method('get') ->with('AUTHENTICATED_TO_DAV_BACKEND') ->will($this->returnValue('AnotherUser')); $this->session ->expects($this->once()) ->method('close'); $this->assertFalse($this->invokePrivate($this->auth, 'validateUserPass', ['MyTestUser', 'MyTestPassword'])); } public function testValidateUserPassOfInvalidDAVAuthenticatedUserWithValidPassword() { $user = $this->getMockBuilder('\OCP\IUser') ->disableOriginalConstructor() ->getMock(); $user->expects($this->exactly(3)) ->method('getUID') ->will($this->returnValue('MyTestUser')); $this->userSession ->expects($this->once()) ->method('isLoggedIn') ->will($this->returnValue(true)); $this->userSession ->expects($this->exactly(3)) ->method('getUser') ->will($this->returnValue($user)); $this->session ->expects($this->exactly(2)) ->method('get') ->with('AUTHENTICATED_TO_DAV_BACKEND') ->will($this->returnValue('AnotherUser')); $this->userSession ->expects($this->once()) ->method('login') ->with('MyTestUser', 'MyTestPassword') ->will($this->returnValue(true)); $this->session ->expects($this->once()) ->method('set') ->with('AUTHENTICATED_TO_DAV_BACKEND', 'MyTestUser'); $this->session ->expects($this->once()) ->method('close'); $this->assertTrue($this->invokePrivate($this->auth, 'validateUserPass', ['MyTestUser', 'MyTestPassword'])); } public function testValidateUserPassWithInvalidPassword() { $this->userSession ->expects($this->once()) ->method('isLoggedIn') ->will($this->returnValue(false)); $this->userSession ->expects($this->once()) ->method('login') ->with('MyTestUser', 'MyTestPassword') ->will($this->returnValue(false)); $this->session ->expects($this->once()) ->method('close'); $this->assertFalse($this->invokePrivate($this->auth, 'validateUserPass', ['MyTestUser', 'MyTestPassword'])); } public function testGetCurrentUserWithoutBeingLoggedIn() { $this->assertSame(null, $this->auth->getCurrentUser()); } public function testGetCurrentUserWithValidDAVLogin() { $user = $this->getMockBuilder('\OCP\IUser') ->disableOriginalConstructor() ->getMock(); $user->expects($this->once()) ->method('getUID') ->will($this->returnValue('MyTestUser')); $this->userSession ->expects($this->exactly(2)) ->method('getUser') ->will($this->returnValue($user)); $this->session ->expects($this->exactly(2)) ->method('get') ->with('AUTHENTICATED_TO_DAV_BACKEND') ->will($this->returnValue('MyTestUser')); $this->assertSame('MyTestUser', $this->auth->getCurrentUser()); } public function testGetCurrentUserWithoutAnyDAVLogin() { $user = $this->getMockBuilder('\OCP\IUser') ->disableOriginalConstructor() ->getMock(); $user->expects($this->once()) ->method('getUID') ->will($this->returnValue('MyTestUser')); $this->userSession ->expects($this->exactly(2)) ->method('getUser') ->will($this->returnValue($user)); $this->session ->expects($this->exactly(2)) ->method('get') ->with('AUTHENTICATED_TO_DAV_BACKEND') ->will($this->returnValue(null)); $this->assertSame('MyTestUser', $this->auth->getCurrentUser()); } public function testGetCurrentUserWithWrongDAVUser() { $user = $this->getMockBuilder('\OCP\IUser') ->disableOriginalConstructor() ->getMock(); $user->expects($this->once()) ->method('getUID') ->will($this->returnValue('MyWrongDavUser')); $this->userSession ->expects($this->exactly(2)) ->method('getUser') ->will($this->returnValue($user)); $this->session ->expects($this->exactly(3)) ->method('get') ->with('AUTHENTICATED_TO_DAV_BACKEND') ->will($this->returnValue('AnotherUser')); $this->assertSame(null, $this->auth->getCurrentUser()); } public function testAuthenticateAlreadyLoggedIn() { $request = $this->getMockBuilder('Sabre\HTTP\RequestInterface') ->disableOriginalConstructor() ->getMock(); $response = $this->getMockBuilder('Sabre\HTTP\ResponseInterface') ->disableOriginalConstructor() ->getMock(); $this->userSession ->expects($this->once()) ->method('isLoggedIn') ->will($this->returnValue(true)); $this->session ->expects($this->once()) ->method('get') ->with('AUTHENTICATED_TO_DAV_BACKEND') ->will($this->returnValue(null)); $user = $this->getMockBuilder('\OCP\IUser') ->disableOriginalConstructor() ->getMock(); $user->expects($this->once()) ->method('getUID') ->will($this->returnValue('MyWrongDavUser')); $this->userSession ->expects($this->once()) ->method('getUser') ->will($this->returnValue($user)); $this->session ->expects($this->once()) ->method('close'); $response = $this->auth->check($request, $response); $this->assertEquals([true, 'principals/users/MyWrongDavUser'], $response); } public function testAuthenticateNoBasicAuthenticateHeadersProvided() { $server = $this->getMockBuilder('\Sabre\DAV\Server') ->disableOriginalConstructor() ->getMock(); $server->httpRequest = $this->getMockBuilder('\Sabre\HTTP\RequestInterface') ->disableOriginalConstructor() ->getMock(); $server->httpResponse = $this->getMockBuilder('\Sabre\HTTP\ResponseInterface') ->disableOriginalConstructor() ->getMock(); $response = $this->auth->check($server->httpRequest, $server->httpResponse); $this->assertEquals([false, 'No \'Authorization: Basic\' header found. Either the client didn\'t send one, or the server is mis-configured'], $response); } /** * @expectedException \Sabre\DAV\Exception\NotAuthenticated * @expectedExceptionMessage Cannot authenticate over ajax calls */ public function testAuthenticateNoBasicAuthenticateHeadersProvidedWithAjax() { /** @var \Sabre\HTTP\RequestInterface $httpRequest */ $httpRequest = $this->getMockBuilder('\Sabre\HTTP\RequestInterface') ->disableOriginalConstructor() ->getMock(); /** @var \Sabre\HTTP\ResponseInterface $httpResponse */ $httpResponse = $this->getMockBuilder('\Sabre\HTTP\ResponseInterface') ->disableOriginalConstructor() ->getMock(); $this->userSession ->expects($this->any()) ->method('isLoggedIn') ->will($this->returnValue(false)); $httpRequest ->expects($this->once()) ->method('getHeader') ->with('X-Requested-With') ->will($this->returnValue('XMLHttpRequest')); $this->auth->check($httpRequest, $httpResponse); } public function testAuthenticateNoBasicAuthenticateHeadersProvidedWithAjaxButUserIsStillLoggedIn() { /** @var \Sabre\HTTP\RequestInterface $httpRequest */ $httpRequest = $this->getMockBuilder('\Sabre\HTTP\RequestInterface') ->disableOriginalConstructor() ->getMock(); /** @var \Sabre\HTTP\ResponseInterface $httpResponse */ $httpResponse = $this->getMockBuilder('\Sabre\HTTP\ResponseInterface') ->disableOriginalConstructor() ->getMock(); $this->userSession ->expects($this->any()) ->method('isLoggedIn') ->will($this->returnValue(true)); $this->session ->expects($this->once()) ->method('get') ->with('AUTHENTICATED_TO_DAV_BACKEND') ->will($this->returnValue('MyTestUser')); $httpRequest ->expects($this->once()) ->method('getHeader') ->with('Authorization') ->will($this->returnValue(null)); $this->auth->check($httpRequest, $httpResponse); } public function testAuthenticateValidCredentials() { $server = $this->getMockBuilder('\Sabre\DAV\Server') ->disableOriginalConstructor() ->getMock(); $server->httpRequest = $this->getMockBuilder('\Sabre\HTTP\RequestInterface') ->disableOriginalConstructor() ->getMock(); $server->httpRequest ->expects($this->at(0)) ->method('getHeader') ->with('X-Requested-With') ->will($this->returnValue(null)); $server->httpRequest ->expects($this->at(1)) ->method('getHeader') ->with('Authorization') ->will($this->returnValue('basic dXNlcm5hbWU6cGFzc3dvcmQ=')); $server->httpResponse = $this->getMockBuilder('\Sabre\HTTP\ResponseInterface') ->disableOriginalConstructor() ->getMock(); $this->userSession ->expects($this->once()) ->method('login') ->with('username', 'password') ->will($this->returnValue(true)); $user = $this->getMockBuilder('\OCP\IUser') ->disableOriginalConstructor() ->getMock(); $user->expects($this->exactly(2)) ->method('getUID') ->will($this->returnValue('MyTestUser')); $this->userSession ->expects($this->exactly(2)) ->method('getUser') ->will($this->returnValue($user)); $response = $this->auth->check($server->httpRequest, $server->httpResponse); $this->assertEquals([true, 'principals/users/username'], $response); } public function testAuthenticateInvalidCredentials() { $server = $this->getMockBuilder('\Sabre\DAV\Server') ->disableOriginalConstructor() ->getMock(); $server->httpRequest = $this->getMockBuilder('\Sabre\HTTP\RequestInterface') ->disableOriginalConstructor() ->getMock(); $server->httpRequest ->expects($this->at(0)) ->method('getHeader') ->with('X-Requested-With') ->will($this->returnValue(null)); $server->httpRequest ->expects($this->at(1)) ->method('getHeader') ->with('Authorization') ->will($this->returnValue('basic dXNlcm5hbWU6cGFzc3dvcmQ=')); $server->httpResponse = $this->getMockBuilder('\Sabre\HTTP\ResponseInterface') ->disableOriginalConstructor() ->getMock(); $this->userSession ->expects($this->once()) ->method('login') ->with('username', 'password') ->will($this->returnValue(false)); $response = $this->auth->check($server->httpRequest, $server->httpResponse); $this->assertEquals([false, 'Username or password was incorrect'], $response); } }