Kaynağa Gözat
fix(session): Do not update authtoken last_check for passwordless
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>undefined
Christoph Wurst
1 ay önce
2 değiştirilmiş dosya ile 78 ekleme ve 2 silme
+ 0
- 2
lib/private/User/Session.php
Dosyayı Görüntüle
| return false; | return false; | ||||
| } | } | ||||
| $dbToken->setLastCheck($now); | |||||
| $this->tokenProvider->updateToken($dbToken); | |||||
| return true; | return true; | ||||
| } | } | ||||
+ 78
- 0
tests/lib/User/SessionTest.php
Dosyayı Görüntüle
| use OC\AppFramework\Http\Request; | use OC\AppFramework\Http\Request; | ||||
| use OC\Authentication\Events\LoginFailed; | use OC\Authentication\Events\LoginFailed; | ||||
| use OC\Authentication\Exceptions\InvalidTokenException; | use OC\Authentication\Exceptions\InvalidTokenException; | ||||
| use OC\Authentication\Exceptions\PasswordlessTokenException; | |||||
| use OC\Authentication\Exceptions\PasswordLoginForbiddenException; | use OC\Authentication\Exceptions\PasswordLoginForbiddenException; | ||||
| use OC\Authentication\Token\IProvider; | use OC\Authentication\Token\IProvider; | ||||
| use OC\Authentication\Token\IToken; | use OC\Authentication\Token\IToken; | ||||
| use OC\Authentication\Token\PublicKeyToken; | |||||
| use OC\Security\CSRF\CsrfTokenManager; | use OC\Security\CSRF\CsrfTokenManager; | ||||
| use OC\Session\Memory; | use OC\Session\Memory; | ||||
| use OC\User\LoginException; | use OC\User\LoginException; | ||||
| use OCP\User\Events\PostLoginEvent; | use OCP\User\Events\PostLoginEvent; | ||||
| use PHPUnit\Framework\MockObject\MockObject; | use PHPUnit\Framework\MockObject\MockObject; | ||||
| use Psr\Log\LoggerInterface; | use Psr\Log\LoggerInterface; | ||||
| use function array_diff; | |||||
| use function get_class_methods; | |||||
| /** | /** | ||||
| * @group DB | * @group DB | ||||
| $userSession->login('foo', 'bar'); | $userSession->login('foo', 'bar'); | ||||
| } | } | ||||
| public function testPasswordlessLoginNoLastCheckUpdate(): void { | |||||
| $session = $this->getMockBuilder(Memory::class)->setConstructorArgs([''])->getMock(); | |||||
| $managerMethods = get_class_methods(Manager::class); | |||||
| // Keep following methods intact in order to ensure hooks are working | |||||
| $mockedManagerMethods = array_diff($managerMethods, ['__construct', 'emit', 'listen']); | |||||
| $manager = $this->getMockBuilder(Manager::class) | |||||
| ->setMethods($mockedManagerMethods) | |||||
| ->setConstructorArgs([ | |||||
| $this->config, | |||||
| $this->createMock(ICacheFactory::class), | |||||
| $this->createMock(IEventDispatcher::class), | |||||
| ]) | |||||
| ->getMock(); | |||||
| $userSession = new Session($manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random, $this->lockdownManager, $this->logger, $this->dispatcher); | |||||
| $session->expects($this->never()) | |||||
| ->method('set'); | |||||
| $session->expects($this->once()) | |||||
| ->method('regenerateId'); | |||||
| $token = new PublicKeyToken(); | |||||
| $token->setLoginName('foo'); | |||||
| $token->setLastCheck(0); // Never | |||||
| $token->setUid('foo'); | |||||
| $this->tokenProvider | |||||
| ->method('getPassword') | |||||
| ->with($token) | |||||
| ->willThrowException(new PasswordlessTokenException()); | |||||
| $this->tokenProvider | |||||
| ->method('getToken') | |||||
| ->with('app-password') | |||||
| ->willReturn($token); | |||||
| $this->tokenProvider->expects(self::never()) | |||||
| ->method('updateToken'); | |||||
| $userSession->login('foo', 'app-password'); | |||||
| } | |||||
| public function testLoginLastCheckUpdate(): void { | |||||
| $session = $this->getMockBuilder(Memory::class)->setConstructorArgs([''])->getMock(); | |||||
| $managerMethods = get_class_methods(Manager::class); | |||||
| // Keep following methods intact in order to ensure hooks are working | |||||
| $mockedManagerMethods = array_diff($managerMethods, ['__construct', 'emit', 'listen']); | |||||
| $manager = $this->getMockBuilder(Manager::class) | |||||
| ->setMethods($mockedManagerMethods) | |||||
| ->setConstructorArgs([ | |||||
| $this->config, | |||||
| $this->createMock(ICacheFactory::class), | |||||
| $this->createMock(IEventDispatcher::class), | |||||
| ]) | |||||
| ->getMock(); | |||||
| $userSession = new Session($manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random, $this->lockdownManager, $this->logger, $this->dispatcher); | |||||
| $session->expects($this->never()) | |||||
| ->method('set'); | |||||
| $session->expects($this->once()) | |||||
| ->method('regenerateId'); | |||||
| $token = new PublicKeyToken(); | |||||
| $token->setLoginName('foo'); | |||||
| $token->setLastCheck(0); // Never | |||||
| $token->setUid('foo'); | |||||
| $this->tokenProvider | |||||
| ->method('getPassword') | |||||
| ->with($token) | |||||
| ->willReturn('secret'); | |||||
| $this->tokenProvider | |||||
| ->method('getToken') | |||||
| ->with('app-password') | |||||
| ->willReturn($token); | |||||
| $this->tokenProvider->expects(self::once()) | |||||
| ->method('updateToken'); | |||||
| $userSession->login('foo', 'app-password'); | |||||
| } | |||||
| public function testLoginNonExisting() { | public function testLoginNonExisting() { | ||||
| $session = $this->getMockBuilder(Memory::class)->setConstructorArgs([''])->getMock(); | $session = $this->getMockBuilder(Memory::class)->setConstructorArgs([''])->getMock(); | ||||
| $manager = $this->createMock(Manager::class); | $manager = $this->createMock(Manager::class); |
Loading…