use OCP\IUser;
use OCP\IUserManager;
use OCP\IUserSession;
+use OCP\Security\ISecureRandom;
use OCP\Session\Exceptions\SessionNotAvailableException;
use OCP\Util;
/** @var User $activeUser */
protected $activeUser;
+ /** @var ISecureRandom */
+ private $random;
+
/**
* @param IUserManager $manager
* @param ISession $session
* @param ITimeFactory $timeFacory
* @param IProvider $tokenProvider
* @param IConfig $config
+ * @param ISecureRandom $random
*/
public function __construct(IUserManager $manager,
ISession $session,
ITimeFactory $timeFacory,
$tokenProvider,
- IConfig $config) {
+ IConfig $config,
+ ISecureRandom $random) {
$this->manager = $manager;
$this->session = $session;
$this->timeFacory = $timeFacory;
$this->tokenProvider = $tokenProvider;
$this->config = $config;
+ $this->random = $random;
}
/**
}
// replace successfully used token with a new one
$this->config->deleteUserValue($uid, 'login_token', $currentToken);
- $newToken = OC::$server->getSecureRandom()->generate(32);
+ $newToken = $this->random->generate(32);
$this->config->setUserValue($uid, 'login_token', $newToken, $this->timeFacory->getTime());
try {
* @param IUser $user
*/
public function createRememberMeToken(IUser $user) {
- $token = OC::$server->getSecureRandom()->generate(32);
- $this->config->setUserValue($user->getUID(), 'login_token', $token, time());
+ $token = $this->random->generate(32);
+ $this->config->setUserValue($user->getUID(), 'login_token', $token, $this->timeFacory->getTime());
$this->setMagicInCookie($user->getUID(), $token);
}
$webRoot = '/';
}
- $expires = $this->timeFacory->getTime() + OC::$server->getConfig()->getSystemValue('remember_login_cookie_lifetime', 60 * 60 * 24 * 15);
+ $expires = $this->timeFacory->getTime() + $this->config->getSystemValue('remember_login_cookie_lifetime', 60 * 60 * 24 * 15);
setcookie('nc_username', $username, $expires, $webRoot, '', $secureCookie, true);
setcookie('nc_token', $token, $expires, $webRoot, '', $secureCookie, true);
try {
unset($_COOKIE['nc_username']); //TODO: DI
unset($_COOKIE['nc_token']);
unset($_COOKIE['nc_session_id']);
- setcookie('nc_username', '', time() - 3600, OC::$WEBROOT, '', $secureCookie, true);
- setcookie('nc_token', '', time() - 3600, OC::$WEBROOT, '', $secureCookie, true);
- setcookie('nc_session_id', '', time() - 3600, OC::$WEBROOT, '', $secureCookie, true);
+ setcookie('nc_username', '', $this->timeFacory->getTime() - 3600, OC::$WEBROOT, '', $secureCookie, true);
+ setcookie('nc_token', '', $this->timeFacory->getTime() - 3600, OC::$WEBROOT, '', $secureCookie, true);
+ setcookie('nc_session_id', '', $this->timeFacory->getTime() - 3600, OC::$WEBROOT, '', $secureCookie, true);
// old cookies might be stored under /webroot/ instead of /webroot
// and Firefox doesn't like it!
- setcookie('nc_username', '', time() - 3600, OC::$WEBROOT . '/', '', $secureCookie, true);
- setcookie('nc_token', '', time() - 3600, OC::$WEBROOT . '/', '', $secureCookie, true);
- setcookie('nc_session_id', '', time() - 3600, OC::$WEBROOT . '/', '', $secureCookie, true);
+ setcookie('nc_username', '', $this->timeFacory->getTime() - 3600, OC::$WEBROOT . '/', '', $secureCookie, true);
+ setcookie('nc_token', '', $this->timeFacory->getTime() - 3600, OC::$WEBROOT . '/', '', $secureCookie, true);
+ setcookie('nc_session_id', '', $this->timeFacory->getTime() - 3600, OC::$WEBROOT . '/', '', $secureCookie, true);
}
/**
protected $tokenProvider;
/** @var IConfig|\PHPUnit_Framework_MockObject_MockObject */
private $config;
- /** @var Throttler */
+ /** @var Throttler|\PHPUnit_Framework_MockObject_MockObject */
private $throttler;
+ /** @var ISecureRandom|\PHPUnit_Framework_MockObject_MockObject */
+ private $random;
protected function setUp() {
parent::setUp();
$this->tokenProvider = $this->createMock(IProvider::class);
$this->config = $this->createMock(IConfig::class);
$this->throttler = $this->createMock(Throttler::class);
+ $this->random = $this->createMock(ISecureRandom::class);
\OC_User::setIncognitoMode(false);
}
->with($expectedUser->getUID())
->will($this->returnValue($expectedUser));
- $userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->tokenProvider, $this->config);
+ $userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random);
$user = $userSession->getUser();
$this->assertSame($expectedUser, $user);
$this->assertSame(10000, $token->getLastCheck());
$manager = $this->createMock(Manager::class);
$userSession = $this->getMockBuilder(Session::class)
- ->setConstructorArgs([$manager, $session, $this->timeFactory, $this->tokenProvider, $this->config])
+ ->setConstructorArgs([$manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random])
->setMethods([
'getUser'
])
->method('getUID')
->will($this->returnValue('foo'));
- $userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->tokenProvider, $this->config);
+ $userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random);
$userSession->setUser($user);
}
$managerMethods = get_class_methods(Manager::class);
//keep following methods intact in order to ensure hooks are working
$mockedManagerMethods = array_diff($managerMethods, ['__construct', 'emit', 'listen']);
- $manager = $this->getMockBuilder(Manager::class)->setMethods($mockedManagerMethods)->getMock();
- ->setMethods($managerMethods)
+ $manager = $this->getMockBuilder(Manager::class)
+ ->setMethods($mockedManagerMethods)
->setConstructorArgs([$this->config])
->getMock();
->will($this->returnValue($user));
$userSession = $this->getMockBuilder(Session::class)
- ->setConstructorArgs([$manager, $session, $this->timeFactory, $this->tokenProvider, $this->config])
+ ->setConstructorArgs([$manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random])
->setMethods([
'prepareUserLogin'
])
$managerMethods = get_class_methods(\OC\User\Manager::class);
//keep following methods intact in order to ensure hooks are working
$mockedManagerMethods = array_diff($managerMethods, ['__construct', 'emit', 'listen']);
- $manager = $this->getMockBuilder(Manager::class)->setMethods($mockedManagerMethods)->getMock();
- ->setMethods($managerMethods)
+ $manager = $this->getMockBuilder(Manager::class)
+ ->setMethods($mockedManagerMethods)
->setConstructorArgs([$this->config])
->getMock();
->with('foo', 'bar')
->will($this->returnValue($user));
- $userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->tokenProvider, $this->config);
+ $userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random);
$userSession->login('foo', 'bar');
}
$managerMethods = get_class_methods(\OC\User\Manager::class);
//keep following methods intact in order to ensure hooks are working
$mockedManagerMethods = array_diff($managerMethods, ['__construct', 'emit', 'listen']);
- $manager = $this->getMockBuilder(Manager::class)->setMethods($mockedManagerMethods)->getMock();
- ->setMethods($managerMethods)
+ $manager = $this->getMockBuilder(Manager::class)
+ ->setMethods($mockedManagerMethods)
->setConstructorArgs([$this->config])
->getMock();
$backend = $this->createMock(\Test\Util\User\Dummy::class);
- $userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->tokenProvider, $this->config);
+ $userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random);
$user = $this->getMockBuilder(User::class)->setConstructorArgs(['foo', $backend])->getMock();
public function testLoginNonExisting() {
$session = $this->getMockBuilder(Memory::class)->setConstructorArgs([''])->getMock();
$manager = $this->createMock(Manager::class);
- $userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->tokenProvider, $this->config);
+ $userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random);
$session->expects($this->never())
->method('set');
public function testLoginWithDifferentTokenLoginName() {
$session = $this->getMockBuilder(Memory::class)->setConstructorArgs([''])->getMock();
$manager = $this->createMock(Manager::class);
- $userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->tokenProvider, $this->config);
+ $userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random);
$username = 'user123';
$token = new \OC\Authentication\Token\DefaultToken();
$token->setLoginName($username);
/** @var \OC\User\Session $userSession */
$userSession = $this->getMockBuilder(Session::class)
- ->setConstructorArgs([$manager, $session, $this->timeFactory, $this->tokenProvider, $this->config])
+ ->setConstructorArgs([$manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random])
->setMethods(['login', 'supportsCookies', 'createSessionToken', 'getUser'])
->getMock();
/** @var Session $userSession */
$userSession = $this->getMockBuilder(Session::class)
- ->setConstructorArgs([$manager, $session, $this->timeFactory, $this->tokenProvider, $this->config])
+ ->setConstructorArgs([$manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random])
->setMethods(['login', 'supportsCookies', 'createSessionToken', 'getUser'])
->getMock();
/** @var \OC\User\Session $userSession */
$userSession = $this->getMockBuilder(Session::class)
- ->setConstructorArgs([$manager, $session, $this->timeFactory, $this->tokenProvider, $this->config])
+ ->setConstructorArgs([$manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random])
->setMethods(['isTokenPassword', 'login', 'supportsCookies', 'createSessionToken', 'getUser'])
->getMock();
/** @var \OC\User\Session $userSession */
$userSession = $this->getMockBuilder(Session::class)
- ->setConstructorArgs([$manager, $session, $this->timeFactory, $this->tokenProvider, $this->config])
+ ->setConstructorArgs([$manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random])
->setMethods(['login', 'isTwoFactorEnforced'])
->getMock();
$managerMethods = get_class_methods(\OC\User\Manager::class);
//keep following methods intact in order to ensure hooks are working
$mockedManagerMethods = array_diff($managerMethods, ['__construct', 'emit', 'listen']);
- $manager = $this->getMockBuilder(Manager::class)->setMethods($mockedManagerMethods)->getMock();
+ $manager = $this->getMockBuilder(Manager::class)
+ ->setMethods($mockedManagerMethods)
+ ->setConstructorArgs([$this->config])
+ ->getMock();
$userSession = $this->getMockBuilder(Session::class)
//override, otherwise tests will fail because of setcookie()
->setMethods(['setMagicInCookie'])
- ->setConstructorArgs([$manager, $session, $this->timeFactory, $this->tokenProvider, $this->config])
+ ->setConstructorArgs([$manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random])
->getMock();
$user = $this->createMock(IUser::class);
$token = 'goodToken';
$oldSessionId = 'sess321';
$sessionId = 'sess123';
- ->setMethods($managerMethods)
- ->setConstructorArgs([$this->config])
- ->getMock();
$session->expects($this->once())
->method('regenerateId');
$this->config->expects($this->once())
->method('deleteUserValue')
->with('foo', 'login_token', $token);
+ $this->random->expects($this->once())
+ ->method('generate')
+ ->with(32)
+ ->will($this->returnValue('abcdefg123456'));
$this->config->expects($this->once())
- ->method('setUserValue'); // TODO: mock new random value
+ ->method('setUserValue')
+ ->with('foo', 'login_token', 'abcdefg123456', 10000);
$session->expects($this->once())
->method('getId')
$managerMethods = get_class_methods(\OC\User\Manager::class);
//keep following methods intact in order to ensure hooks are working
$mockedManagerMethods = array_diff($managerMethods, ['__construct', 'emit', 'listen']);
- $manager = $this->getMockBuilder(Manager::class)->setMethods($mockedManagerMethods)->getMock();
+ $manager = $this->getMockBuilder(Manager::class)
+ ->setMethods($mockedManagerMethods)
+ ->setConstructorArgs([$this->config])
+ ->getMock();
$userSession = $this->getMockBuilder(Session::class)
//override, otherwise tests will fail because of setcookie()
->setMethods(['setMagicInCookie'])
- ->setConstructorArgs([$manager, $session, $this->timeFactory, $this->tokenProvider, $this->config])
+ ->setConstructorArgs([$manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random])
->getMock();
$user = $this->createMock(IUser::class);
->method('renewSessionToken')
->with($oldSessionId, $sessionId)
->will($this->throwException(new \OC\Authentication\Exceptions\InvalidTokenException()));
- ->setMethods($managerMethods)
- ->setConstructorArgs([$this->config])
- ->getMock();
$user->expects($this->never())
->method('getUID')
$managerMethods = get_class_methods(\OC\User\Manager::class);
//keep following methods intact in order to ensure hooks are working
$mockedManagerMethods = array_diff($managerMethods, ['__construct', 'emit', 'listen']);
- $manager = $this->getMockBuilder(Manager::class)->setMethods($mockedManagerMethods)->getMock();
+ $manager = $this->getMockBuilder(Manager::class)
+ ->setMethods($mockedManagerMethods)
+ ->setConstructorArgs([$this->config])
+ ->getMock();
$userSession = $this->getMockBuilder(Session::class)
//override, otherwise tests will fail because of setcookie()
->setMethods(['setMagicInCookie'])
- ->setConstructorArgs([$manager, $session, $this->timeFactory, $this->tokenProvider, $this->config])
+ ->setConstructorArgs([$manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random])
->getMock();
$user = $this->createMock(IUser::class);
$managerMethods = get_class_methods(\OC\User\Manager::class);
//keep following methods intact in order to ensure hooks are working
$mockedManagerMethods = array_diff($managerMethods, ['__construct', 'emit', 'listen']);
- $manager = $this->getMockBuilder(Manager::class)->setMethods($mockedManagerMethods)->getMock();
+ $manager = $this->getMockBuilder(Manager::class)
+ ->setMethods($mockedManagerMethods)
+ ->setConstructorArgs([$this->config])
+ ->getMock();
$userSession = $this->getMockBuilder(Session::class)
//override, otherwise tests will fail because of setcookie()
->setMethods(['setMagicInCookie'])
- ->setConstructorArgs([$manager, $session, $this->timeFactory, $this->tokenProvider, $this->config])
+ ->setConstructorArgs([$manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random])
->getMock();
$token = 'goodToken';
$oldSessionId = 'sess321';
$session->expects($this->once())
->method('regenerateId');
- ->setMethods($managerMethods)
- ->setConstructorArgs([$this->config])
- ->getMock();
$manager->expects($this->once())
->method('get')
->with('foo')
$session = new Memory('');
$session->set('user_id', 'foo');
$userSession = $this->getMockBuilder('\OC\User\Session')
- ->setConstructorArgs([$manager, $session, $this->timeFactory, $this->tokenProvider, $this->config])
+ ->setConstructorArgs([$manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random])
->setMethods([
'validateSession'
])
$session = $this->createMock(ISession::class);
$token = $this->createMock(IToken::class);
$user = $this->createMock(IUser::class);
- $userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->tokenProvider, $this->config);
+ $userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random);
$random = $this->createMock(ISecureRandom::class);
$config = $this->createMock(IConfig::class);
$session = $this->createMock(ISession::class);
$token = $this->createMock(IToken::class);
$user = $this->createMock(IUser::class);
- $userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->tokenProvider, $this->config);
+ $userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random);
$random = $this->createMock(ISecureRandom::class);
$config = $this->createMock(IConfig::class);
->disableOriginalConstructor()
->getMock();
$session = $this->createMock(ISession::class);
- $userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->tokenProvider, $this->config);
+ $userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random);
$request = $this->createMock(IRequest::class);
$uid = 'user123';
$user = $this->createMock(IUser::class);
$userSession = $this->getMockBuilder('\OC\User\Session')
->setMethods(['logout'])
- ->setConstructorArgs([$manager, $session, $this->timeFactory, $this->tokenProvider, $this->config])
+ ->setConstructorArgs([$manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random])
->getMock();
$request = $this->createMock(IRequest::class);
$timeFactory = $this->createMock(ITimeFactory::class);
$tokenProvider = $this->createMock(IProvider::class);
$userSession = $this->getMockBuilder('\OC\User\Session')
- ->setConstructorArgs([$userManager, $session, $timeFactory, $tokenProvider, $this->config])
+ ->setConstructorArgs([$userManager, $session, $timeFactory, $tokenProvider, $this->config, $this->random])
->setMethods(['logout'])
->getMock();
$timeFactory = $this->createMock(ITimeFactory::class);
$tokenProvider = $this->createMock(IProvider::class);
$userSession = $this->getMockBuilder('\OC\User\Session')
- ->setConstructorArgs([$userManager, $session, $timeFactory, $tokenProvider, $this->config])
+ ->setConstructorArgs([$userManager, $session, $timeFactory, $tokenProvider, $this->config, $this->random])
->setMethods(['logout'])
->getMock();
$session = $this->createMock(ISession::class);
$timeFactory = $this->createMock(ITimeFactory::class);
$tokenProvider = $this->createMock(IProvider::class);
- $userSession = new \OC\User\Session($userManager, $session, $timeFactory, $tokenProvider, $this->config);
+ $userSession = new \OC\User\Session($userManager, $session, $timeFactory, $tokenProvider, $this->config, $this->random);
$password = '123456';
$sessionId = 'session1234';
$session = $this->createMock(ISession::class);
$timeFactory = $this->createMock(ITimeFactory::class);
$tokenProvider = $this->createMock(IProvider::class);
- $userSession = new \OC\User\Session($userManager, $session, $timeFactory, $tokenProvider, $this->config);
+ $userSession = new \OC\User\Session($userManager, $session, $timeFactory, $tokenProvider, $this->config, $this->random);
$session->expects($this->once())
->method('getId')
$session = $this->createMock(ISession::class);
$timeFactory = $this->createMock(ITimeFactory::class);
$tokenProvider = $this->createMock(IProvider::class);
- $userSession = new \OC\User\Session($userManager, $session, $timeFactory, $tokenProvider, $this->config);
+ $userSession = new \OC\User\Session($userManager, $session, $timeFactory, $tokenProvider, $this->config, $this->random);
$password = '123456';
$sessionId = 'session1234';
$tokenProvider = new DefaultTokenProvider($mapper, $crypto, $this->config, $logger, $this->timeFactory);
/** @var \OC\User\Session $userSession */
- $userSession = new Session($manager, $session, $this->timeFactory, $tokenProvider, $this->config);
+ $userSession = new Session($manager, $session, $this->timeFactory, $tokenProvider, $this->config, $this->random);
$mapper->expects($this->any())
->method('getToken')
$tokenProvider = new DefaultTokenProvider($mapper, $crypto, $this->config, $logger, $this->timeFactory);
/** @var \OC\User\Session $userSession */
- $userSession = new Session($manager, $session, $this->timeFactory, $tokenProvider, $this->config);
+ $userSession = new Session($manager, $session, $this->timeFactory, $tokenProvider, $this->config, $this->random);
$mapper->expects($this->any())
->method('getToken')
projects / nextcloud-server.git / commitdiff