* * @copyright Copyright (c) 2016, ownCloud, Inc. * @license AGPL-3.0 * * This code is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License, version 3, * as published by the Free Software Foundation. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License, version 3, * along with this program. If not, see * */ namespace Test\Authentication\Token; use OC\Authentication\Token\DefaultToken; use OC\Authentication\Token\DefaultTokenProvider; use OC\Authentication\Token\IToken; use OCP\AppFramework\Db\DoesNotExistException; use Test\TestCase; class DefaultTokenProviderTest extends TestCase { /** @var DefaultTokenProvider */ private $tokenProvider; private $mapper; private $crypto; private $config; private $logger; protected function setUp() { parent::setUp(); $this->mapper = $this->getMockWithoutInvokingTheOriginalConstructor('\OC\Authentication\Token\DefaultTokenMapper'); $this->crypto = $this->getMock('\OCP\Security\ICrypto'); $this->config = $this->getMock('\OCP\IConfig'); $this->logger = $this->getMock('\OCP\ILogger'); $this->tokenProvider = new DefaultTokenProvider($this->mapper, $this->crypto, $this->config, $this->logger); } public function testGenerateToken() { $token = 'token'; $uid = 'user'; $password = 'passme'; $name = 'Some browser'; $type = IToken::PERMANENT_TOKEN; $toInsert = new DefaultToken(); $toInsert->setUid($uid); $toInsert->setPassword('encryptedpassword'); $toInsert->setName($name); $toInsert->setToken(hash('sha512', $token)); $toInsert->setType($type); $toInsert->setLastActivity(time()); $this->config->expects($this->once()) ->method('getSystemValue') ->with('secret') ->will($this->returnValue('1f4h9s')); $this->crypto->expects($this->once()) ->method('encrypt') ->with($password, $token . '1f4h9s') ->will($this->returnValue('encryptedpassword')); $this->mapper->expects($this->once()) ->method('insert') ->with($this->equalTo($toInsert)); $actual = $this->tokenProvider->generateToken($token, $uid, $password, $name, $type); $this->assertEquals($toInsert, $actual); } public function testUpdateToken() { $tk = $this->getMockWithoutInvokingTheOriginalConstructor('\OC\Authentication\Token\DefaultTokenProvider'); $tk->expects($this->once()) ->method('setLastActivity') ->with(time()); $this->mapper->expects($this->once()) ->method('update') ->with($tk); $this->tokenProvider->updateToken($tk); } public function testGetPassword() { $token = 'token1234'; $tk = $this->getMockWithoutInvokingTheOriginalConstructor('\OC\Authentication\Token\DefaultToken'); $tk->expects($this->once()) ->method('getPassword') ->will($this->returnValue('someencryptedvalue')); $this->config->expects($this->once()) ->method('getSystemValue') ->with('secret') ->will($this->returnValue('1f4h9s')); $this->crypto->expects($this->once()) ->method('decrypt') ->with('someencryptedvalue', $token . '1f4h9s') ->will($this->returnValue('passme')); $actual = $this->tokenProvider->getPassword($tk, $token); $this->assertEquals('passme', $actual); } public function testInvalidateToken() { $this->mapper->expects($this->once()) ->method('invalidate') ->with(hash('sha512', 'token7')); $this->tokenProvider->invalidateToken('token7'); } public function testInvalidateOldTokens() { $defaultSessionLifetime = 60 * 60 * 24; $this->config->expects($this->once()) ->method('getSystemValue') ->with('session_lifetime', $defaultSessionLifetime) ->will($this->returnValue(150)); $this->mapper->expects($this->once()) ->method('invalidateOld') ->with(time() - 150); $this->tokenProvider->invalidateOldTokens(); } public function testValidateToken() { $token = 'sometoken'; $dbToken = new DefaultToken(); $this->mapper->expects($this->once()) ->method('getToken') ->with(hash('sha512', $token)) ->will($this->returnValue($dbToken)); $actual = $this->tokenProvider->validateToken($token); $this->assertEquals($dbToken, $actual); } /** * @expectedException \OC\Authentication\Exceptions\InvalidTokenException */ public function testValidateInvalidToken() { $token = 'sometoken'; $this->mapper->expects($this->once()) ->method('getToken') ->with(hash('sha512', $token)) ->will($this->throwException(new DoesNotExistException(''))); $this->tokenProvider->validateToken($token); } }