nextcloud/build/integration/features/bootstrap/Auth.php

270 lines
7.4 KiB
PHP

<?php
/**
*
*
* @author Christoph Wurst <christoph@owncloud.com>
* @author Joas Schilling <coding@schilljs.com>
* @author Lukas Reschke <lukas@statuscode.ch>
* @author Phil Davis <phil.davis@inf.org>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
use GuzzleHttp\Client;
use GuzzleHttp\Exception\ClientException;
use GuzzleHttp\Exception\ServerException;
use GuzzleHttp\Cookie\CookieJar;
require __DIR__ . '/../../vendor/autoload.php';
trait Auth {
/** @var string */
private $unrestrictedClientToken;
/** @var string */
private $restrictedClientToken;
/** @var Client */
private $client;
/** @var string */
private $responseXml;
/** @BeforeScenario */
public function setUpScenario() {
$this->client = new Client();
$this->responseXml = '';
$this->cookieJar = new CookieJar();
}
/**
* @When requesting :url with :method
*/
public function requestingWith($url, $method) {
$this->sendRequest($url, $method);
}
private function sendRequest($url, $method, $authHeader = null, $useCookies = false) {
$fullUrl = substr($this->baseUrl, 0, -5) . $url;
try {
if ($useCookies) {
$request = $this->client->createRequest($method, $fullUrl, [
'cookies' => $this->cookieJar,
]);
} else {
$request = $this->client->createRequest($method, $fullUrl);
}
if ($authHeader) {
$request->setHeader('Authorization', $authHeader);
}
$request->setHeader('OCS_APIREQUEST', 'true');
$request->setHeader('requesttoken', $this->requestToken);
$this->response = $this->client->send($request);
} catch (ClientException $ex) {
$this->response = $ex->getResponse();
} catch (ServerException $ex) {
$this->response = $ex->getResponse();
}
}
/**
* @When the CSRF token is extracted from the previous response
*/
public function theCsrfTokenIsExtractedFromThePreviousResponse() {
$this->requestToken = substr(preg_replace('/(.*)data-requesttoken="(.*)">(.*)/sm', '\2', $this->response->getBody()->getContents()), 0, 89);
}
/**
* @param bool $loginViaWeb
* @return object
*/
private function createClientToken($loginViaWeb = true) {
if($loginViaWeb) {
$this->loggingInUsingWebAs('user0');
}
$fullUrl = substr($this->baseUrl, 0, -5) . '/index.php/settings/personal/authtokens';
$client = new Client();
$options = [
'auth' => [
'user0',
$loginViaWeb ? '123456' : $this->restrictedClientToken,
],
'body' => [
'requesttoken' => $this->requestToken,
'name' => md5(microtime()),
],
'cookies' => $this->cookieJar,
];
try {
$this->response = $client->send($client->createRequest('POST', $fullUrl, $options));
} catch (\GuzzleHttp\Exception\ServerException $e) {
$this->response = $e->getResponse();
}
return json_decode($this->response->getBody()->getContents());
}
/**
* @Given a new restricted client token is added
*/
public function aNewRestrictedClientTokenIsAdded() {
$tokenObj = $this->createClientToken();
$newCreatedTokenId = $tokenObj->deviceToken->id;
$fullUrl = substr($this->baseUrl, 0, -5) . '/index.php/settings/personal/authtokens/' . $newCreatedTokenId;
$client = new Client();
$options = [
'auth' => ['user0', '123456'],
'headers' => [
'requesttoken' => $this->requestToken,
],
'json' => [
'scope' => [
'filesystem' => false,
],
],
'cookies' => $this->cookieJar,
];
$this->response = $client->send($client->createRequest('PUT', $fullUrl, $options));
$this->restrictedClientToken = $tokenObj->token;
}
/**
* @Given a new unrestricted client token is added
*/
public function aNewUnrestrictedClientTokenIsAdded() {
$this->unrestrictedClientToken = $this->createClientToken()->token;
}
/**
* @When a new unrestricted client token is added using restricted basic token auth
*/
public function aNewUnrestrictedClientTokenIsAddedUsingRestrictedBasicTokenAuth() {
$this->createClientToken(false);
}
/**
* @When requesting :url with :method using basic auth
*
* @param string $url
* @param string $method
*/
public function requestingWithBasicAuth($url, $method) {
$this->sendRequest($url, $method, 'basic ' . base64_encode('user0:123456'));
}
/**
* @When requesting :url with :method using unrestricted basic token auth
*
* @param string $url
* @param string $method
*/
public function requestingWithUnrestrictedBasicTokenAuth($url, $method) {
$this->sendRequest($url, $method, 'basic ' . base64_encode('user0:' . $this->unrestrictedClientToken), true);
}
/**
* @When requesting :url with :method using restricted basic token auth
*
* @param string $url
* @param string $method
*/
public function requestingWithRestrictedBasicTokenAuth($url, $method) {
$this->sendRequest($url, $method, 'basic ' . base64_encode('user0:' . $this->restrictedClientToken), true);
}
/**
* @When requesting :url with :method using an unrestricted client token
*
* @param string $url
* @param string $method
*/
public function requestingWithUsingAnUnrestrictedClientToken($url, $method) {
$this->sendRequest($url, $method, 'Bearer ' . $this->unrestrictedClientToken);
}
/**
* @When requesting :url with :method using a restricted client token
*
* @param string $url
* @param string $method
*/
public function requestingWithUsingARestrictedClientToken($url, $method) {
$this->sendRequest($url, $method, 'Bearer ' . $this->restrictedClientToken);
}
/**
* @When requesting :url with :method using browser session
*
* @param string $url
* @param string $method
*/
public function requestingWithBrowserSession($url, $method) {
$this->sendRequest($url, $method, null, true);
}
/**
* @Given a new browser session is started
*
* @param bool $remember
*/
public function aNewBrowserSessionIsStarted($remember = false) {
$loginUrl = substr($this->baseUrl, 0, -5) . '/login';
// Request a new session and extract CSRF token
$client = new Client();
$response = $client->get($loginUrl, [
'cookies' => $this->cookieJar,
]);
$this->extracRequestTokenFromResponse($response);
// Login and extract new token
$client = new Client();
$response = $client->post(
$loginUrl, [
'body' => [
'user' => 'user0',
'password' => '123456',
'remember_login' => $remember ? '1' : '0',
'requesttoken' => $this->requestToken,
],
'cookies' => $this->cookieJar,
]
);
$this->extracRequestTokenFromResponse($response);
}
/**
* @Given a new remembered browser session is started
*/
public function aNewRememberedBrowserSessionIsStarted() {
$this->aNewBrowserSessionIsStarted(true);
}
/**
* @Given the cookie jar is reset
*/
public function theCookieJarIsReset() {
$this->cookieJar = new CookieJar();
}
/**
* @When the session cookie expires
*/
public function whenTheSessionCookieExpires() {
$this->cookieJar->clearSessionCookies();
}
}