mirrors
/
nextcloud
mirror of https://github.com/nextcloud/server.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 1008 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
36881 Commits
434 Branches
Tree: 202509251c
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '202509251c'
${ noResults }
nextcloud/tests/Core/Controller/LoginControllerTest.php

LoginControllerTest.php 23KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764 
  1. <?php

  2. /**

  3.  * @author Lukas Reschke <lukas@owncloud.com>

  4.  *

  5.  * @copyright Copyright (c) 2016, ownCloud, Inc.

  6.  * @license AGPL-3.0

  7.  *

  8.  * This code is free software: you can redistribute it and/or modify

  9.  * it under the terms of the GNU Affero General Public License, version 3,

  10.  * as published by the Free Software Foundation.

  11.  *

  12.  * This program is distributed in the hope that it will be useful,

  13.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  14.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

  15.  * GNU Affero General Public License for more details.

  16.  *

  17.  * You should have received a copy of the GNU Affero General Public License, version 3,

  18.  * along with this program.  If not, see <http://www.gnu.org/licenses/>

  19.  *

  20.  */

  21. 

  22. namespace Tests\Core\Controller;

  23. 

  24. use OC\Authentication\TwoFactorAuth\Manager;

  25. use OC\Core\Controller\LoginController;

  26. use OC\Security\Bruteforce\Throttler;

  27. use OCP\AppFramework\Http\RedirectResponse;

  28. use OCP\AppFramework\Http\TemplateResponse;

  29. use OCP\IConfig;

  30. use OCP\IRequest;

  31. use OCP\ISession;

  32. use OCP\IURLGenerator;

  33. use OCP\IUser;

  34. use OCP\IUserManager;

  35. use OCP\IUserSession;

  36. use Test\TestCase;

  37. 

  38. class LoginControllerTest extends TestCase {

  39. 	/** @var LoginController */

  40. 	private $loginController;

  41. 	/** @var IRequest | \PHPUnit_Framework_MockObject_MockObject */

  42. 	private $request;

  43. 	/** @var IUserManager | \PHPUnit_Framework_MockObject_MockObject */

  44. 	private $userManager;

  45. 	/** @var IConfig | \PHPUnit_Framework_MockObject_MockObject */

  46. 	private $config;

  47. 	/** @var ISession | \PHPUnit_Framework_MockObject_MockObject */

  48. 	private $session;

  49. 	/** @var IUserSession | \PHPUnit_Framework_MockObject_MockObject */

  50. 	private $userSession;

  51. 	/** @var IURLGenerator | \PHPUnit_Framework_MockObject_MockObject */

  52. 	private $urlGenerator;

  53. 	/** @var Manager | \PHPUnit_Framework_MockObject_MockObject */

  54. 	private $twoFactorManager;

  55. 	/** @var Throttler */

  56. 	private $throttler;

  57. 

  58. 	public function setUp() {

  59. 		parent::setUp();

  60. 		$this->request = $this->getMockBuilder('\\OCP\\IRequest')->getMock();

  61. 		$this->userManager = $this->getMockBuilder('\\OCP\\IUserManager')->getMock();

  62. 		$this->config = $this->getMockBuilder('\\OCP\\IConfig')->getMock();

  63. 		$this->session = $this->getMockBuilder('\\OCP\\ISession')->getMock();

  64. 		$this->userSession = $this->getMockBuilder('\\OC\\User\\Session')

  65. 			->disableOriginalConstructor()

  66. 			->getMock();

  67. 		$this->urlGenerator = $this->getMockBuilder('\\OCP\\IURLGenerator')->getMock();

  68. 		$this->twoFactorManager = $this->getMockBuilder('\OC\Authentication\TwoFactorAuth\Manager')

  69. 			->disableOriginalConstructor()

  70. 			->getMock();

  71. 		$this->throttler = $this->getMockBuilder('\OC\Security\Bruteforce\Throttler')

  72. 			->disableOriginalConstructor()

  73. 			->getMock();

  74. 

  75. 		$this->loginController = new LoginController(

  76. 			'core',

  77. 			$this->request,

  78. 			$this->userManager,

  79. 			$this->config,

  80. 			$this->session,

  81. 			$this->userSession,

  82. 			$this->urlGenerator,

  83. 			$this->twoFactorManager,

  84. 			$this->throttler

  85. 		);

  86. 	}

  87. 

  88. 	public function testLogoutWithoutToken() {

  89. 		$this->request

  90. 			->expects($this->once())

  91. 			->method('getCookie')

  92. 			->with('oc_token')

  93. 			->willReturn(null);

  94. 		$this->config

  95. 			->expects($this->never())

  96. 			->method('deleteUserValue');

  97. 		$this->urlGenerator

  98. 			->expects($this->once())

  99. 			->method('linkToRouteAbsolute')

  100. 			->with('core.login.showLoginForm')

  101. 			->willReturn('/login');

  102. 

  103. 		$expected = new RedirectResponse('/login');

  104. 		$this->assertEquals($expected, $this->loginController->logout());

  105. 	}

  106. 

  107. 	public function testLogoutWithToken() {

  108. 		$this->request

  109. 			->expects($this->once())

  110. 			->method('getCookie')

  111. 			->with('oc_token')

  112. 			->willReturn('MyLoginToken');

  113. 		$user = $this->getMockBuilder('\\OCP\\IUser')->getMock();

  114. 		$user

  115. 			->expects($this->once())

  116. 			->method('getUID')

  117. 			->willReturn('JohnDoe');

  118. 		$this->userSession

  119. 			->expects($this->once())

  120. 			->method('getUser')

  121. 			->willReturn($user);

  122. 		$this->config

  123. 			->expects($this->once())

  124. 			->method('deleteUserValue')

  125. 			->with('JohnDoe', 'login_token', 'MyLoginToken');

  126. 		$this->urlGenerator

  127. 			->expects($this->once())

  128. 			->method('linkToRouteAbsolute')

  129. 			->with('core.login.showLoginForm')

  130. 			->willReturn('/login');

  131. 

  132. 		$expected = new RedirectResponse('/login');

  133. 		$this->assertEquals($expected, $this->loginController->logout());

  134. 	}

  135. 

  136. 	public function testShowLoginFormForLoggedInUsers() {

  137. 		$this->userSession

  138. 			->expects($this->once())

  139. 			->method('isLoggedIn')

  140. 			->willReturn(true);

  141. 

  142. 		$expectedResponse = new RedirectResponse(\OC_Util::getDefaultPageUrl());

  143. 		$this->assertEquals($expectedResponse, $this->loginController->showLoginForm('', '', ''));

  144. 	}

  145. 

  146. 	public function testShowLoginFormWithErrorsInSession() {

  147. 		$this->userSession

  148. 			->expects($this->once())

  149. 			->method('isLoggedIn')

  150. 			->willReturn(false);

  151. 		$this->session

  152. 			->expects($this->once())

  153. 			->method('get')

  154. 			->with('loginMessages')

  155. 			->willReturn(

  156. 				[

  157. 					[

  158. 						'ErrorArray1',

  159. 						'ErrorArray2',

  160. 					],

  161. 					[

  162. 						'MessageArray1',

  163. 						'MessageArray2',

  164. 					],

  165. 				]

  166. 			);

  167. 

  168. 		$expectedResponse = new TemplateResponse(

  169. 			'core',

  170. 			'login',

  171. 			[

  172. 				'ErrorArray1' => true,

  173. 				'ErrorArray2' => true,

  174. 				'messages' => [

  175. 					'MessageArray1',

  176. 					'MessageArray2',

  177. 				],

  178. 				'loginName' => '',

  179. 				'user_autofocus' => true,

  180. 				'canResetPassword' => true,

  181. 				'alt_login' => [],

  182. 				'rememberLoginAllowed' => \OC_Util::rememberLoginAllowed(),

  183. 				'rememberLoginState' => 0,

  184. 				'resetPasswordLink' => null,

  185. 			],

  186. 			'guest'

  187. 		);

  188. 		$this->assertEquals($expectedResponse, $this->loginController->showLoginForm('', '', ''));

  189. 	}

  190. 

  191. 	/**

  192. 	 * @return array

  193. 	 */

  194. 	public function passwordResetDataProvider() {

  195. 		return [

  196. 			[

  197. 				true,

  198. 				true,

  199. 			],

  200. 			[

  201. 				false,

  202. 				false,

  203. 			],

  204. 		];

  205. 	}

  206. 

  207. 	/**

  208. 	 * @dataProvider passwordResetDataProvider

  209. 	 */

  210. 	public function testShowLoginFormWithPasswordResetOption($canChangePassword,

  211. 															 $expectedResult) {

  212. 		$this->userSession

  213. 			->expects($this->once())

  214. 			->method('isLoggedIn')

  215. 			->willReturn(false);

  216. 		$this->config

  217. 			->expects($this->once())

  218. 			->method('getSystemValue')

  219. 			->with('lost_password_link')

  220. 			->willReturn(false);

  221. 		$user = $this->getMockBuilder('\\OCP\\IUser')->getMock();

  222. 		$user

  223. 			->expects($this->once())

  224. 			->method('canChangePassword')

  225. 			->willReturn($canChangePassword);

  226. 		$this->userManager

  227. 			->expects($this->once())

  228. 			->method('get')

  229. 			->with('LdapUser')

  230. 			->willReturn($user);

  231. 

  232. 		$expectedResponse = new TemplateResponse(

  233. 			'core',

  234. 			'login',

  235. 			[

  236. 				'messages' => [],

  237. 				'loginName' => 'LdapUser',

  238. 				'user_autofocus' => false,

  239. 				'canResetPassword' => $expectedResult,

  240. 				'alt_login' => [],

  241. 				'rememberLoginAllowed' => \OC_Util::rememberLoginAllowed(),

  242. 				'rememberLoginState' => 0,

  243. 				'resetPasswordLink' => false,

  244. 			],

  245. 			'guest'

  246. 		);

  247. 		$this->assertEquals($expectedResponse, $this->loginController->showLoginForm('LdapUser', '', ''));

  248. 	}

  249. 

  250. 	public function testShowLoginFormForUserNamedNull() {

  251. 		$this->userSession

  252. 			->expects($this->once())

  253. 			->method('isLoggedIn')

  254. 			->willReturn(false);

  255. 		$this->config

  256. 			->expects($this->once())

  257. 			->method('getSystemValue')

  258. 			->with('lost_password_link')

  259. 			->willReturn(false);

  260. 		$user = $this->getMockBuilder('\\OCP\\IUser')->getMock();

  261. 		$user

  262. 			->expects($this->once())

  263. 			->method('canChangePassword')

  264. 			->willReturn(false);

  265. 		$this->userManager

  266. 			->expects($this->once())

  267. 			->method('get')

  268. 			->with('0')

  269. 			->willReturn($user);

  270. 

  271. 		$expectedResponse = new TemplateResponse(

  272. 			'core',

  273. 			'login',

  274. 			[

  275. 				'messages' => [],

  276. 				'loginName' => '0',

  277. 				'user_autofocus' => false,

  278. 				'canResetPassword' => false,

  279. 				'alt_login' => [],

  280. 				'rememberLoginAllowed' => \OC_Util::rememberLoginAllowed(),

  281. 				'rememberLoginState' => 0,

  282. 				'resetPasswordLink' => false,

  283. 			],

  284. 			'guest'

  285. 		);

  286. 		$this->assertEquals($expectedResponse, $this->loginController->showLoginForm('0', '', ''));

  287. 	}

  288. 

  289. 	public function testLoginWithInvalidCredentials() {

  290. 		$user = 'MyUserName';

  291. 		$password = 'secret';

  292. 		$loginPageUrl = 'some url';

  293. 

  294. 		$this->request

  295. 			->expects($this->exactly(4))

  296. 			->method('getRemoteAddress')

  297. 			->willReturn('192.168.0.1');

  298. 		$this->request

  299. 			->expects($this->once())

  300. 			->method('passesCSRFCheck')

  301. 			->willReturn(true);

  302. 		$this->throttler

  303. 			->expects($this->exactly(2))

  304. 			->method('sleepDelay')

  305. 			->with('192.168.0.1');

  306. 		$this->throttler

  307. 			->expects($this->once())

  308. 			->method('getDelay')

  309. 			->with('192.168.0.1')

  310. 			->willReturn(0);

  311. 		$this->throttler

  312. 			->expects($this->once())

  313. 			->method('registerAttempt')

  314. 			->with('login', '192.168.0.1', ['user' => 'MyUserName']);

  315. 		$this->userManager->expects($this->once())

  316. 			->method('checkPassword')

  317. 			->will($this->returnValue(false));

  318. 		$this->urlGenerator->expects($this->once())

  319. 			->method('linkToRoute')

  320. 			->with('core.login.showLoginForm')

  321. 			->will($this->returnValue($loginPageUrl));

  322. 

  323. 		$this->userSession->expects($this->never())

  324. 			->method('createSessionToken');

  325. 		$this->userSession->expects($this->never())

  326. 			->method('createRememberMeToken');

  327. 		$this->config->expects($this->never())

  328. 			->method('deleteUserValue');

  329. 

  330. 		$expected = new \OCP\AppFramework\Http\RedirectResponse($loginPageUrl);

  331. 		$this->assertEquals($expected, $this->loginController->tryLogin($user, $password, ''));

  332. 	}

  333. 

  334. 	public function testLoginWithValidCredentials() {

  335. 		/** @var IUser | \PHPUnit_Framework_MockObject_MockObject $user */

  336. 		$user = $this->getMockBuilder('\OCP\IUser')->getMock();

  337. 		$user->expects($this->any())

  338. 			->method('getUID')

  339. 			->will($this->returnValue('uid'));

  340. 		$user->expects($this->any())

  341. 			->method('getLastLogin')

  342. 			->willReturn(123456);

  343. 		$password = 'secret';

  344. 		$indexPageUrl = \OC_Util::getDefaultPageUrl();

  345. 

  346. 		$this->request

  347. 			->expects($this->exactly(2))

  348. 			->method('getRemoteAddress')

  349. 			->willReturn('192.168.0.1');

  350. 		$this->request

  351. 			->expects($this->once())

  352. 			->method('passesCSRFCheck')

  353. 			->willReturn(true);

  354. 		$this->throttler

  355. 			->expects($this->once())

  356. 			->method('sleepDelay')

  357. 			->with('192.168.0.1');

  358. 		$this->throttler

  359. 			->expects($this->once())

  360. 			->method('getDelay')

  361. 			->with('192.168.0.1')

  362. 			->willReturn(200);

  363. 		$this->userManager->expects($this->once())

  364. 			->method('checkPassword')

  365. 			->will($this->returnValue($user));

  366. 		$this->userSession->expects($this->once())

  367. 			->method('login')

  368. 			->with($user, $password);

  369. 		$this->userSession->expects($this->once())

  370. 			->method('createSessionToken')

  371. 			->with($this->request, $user->getUID(), $user, $password, false);

  372. 		$this->twoFactorManager->expects($this->once())

  373. 			->method('isTwoFactorAuthenticated')

  374. 			->with($user)

  375. 			->will($this->returnValue(false));

  376. 		$this->config->expects($this->once())

  377. 			->method('deleteUserValue')

  378. 			->with('uid', 'core', 'lostpassword');

  379. 		$this->config->expects($this->once())

  380. 			->method('setUserValue')

  381. 			->with('uid', 'core', 'timezone', 'Europe/Berlin');

  382. 		$this->userSession->expects($this->never())

  383. 			->method('createRememberMeToken');

  384. 

  385. 		$this->session->expects($this->exactly(2))

  386. 			->method('set')

  387. 			->withConsecutive(

  388. 				['last-password-confirm', 123456],

  389. 				['timezone', '1']

  390. 			);

  391. 

  392. 		$expected = new \OCP\AppFramework\Http\RedirectResponse($indexPageUrl);

  393. 		$this->assertEquals($expected, $this->loginController->tryLogin($user, $password, null, false, 'Europe/Berlin', '1'));

  394. 	}

  395. 

  396. 	public function testLoginWithValidCredentialsAndRememberMe() {

  397. 		/** @var IUser | \PHPUnit_Framework_MockObject_MockObject $user */

  398. 		$user = $this->getMockBuilder('\OCP\IUser')->getMock();

  399. 		$user->expects($this->any())

  400. 			->method('getUID')

  401. 			->will($this->returnValue('uid'));

  402. 		$password = 'secret';

  403. 		$indexPageUrl = \OC_Util::getDefaultPageUrl();

  404. 

  405. 		$this->request

  406. 			->expects($this->exactly(2))

  407. 			->method('getRemoteAddress')

  408. 			->willReturn('192.168.0.1');

  409. 		$this->request

  410. 			->expects($this->once())

  411. 			->method('passesCSRFCheck')

  412. 			->willReturn(true);

  413. 		$this->throttler

  414. 			->expects($this->once())

  415. 			->method('sleepDelay')

  416. 			->with('192.168.0.1');

  417. 		$this->throttler

  418. 			->expects($this->once())

  419. 			->method('getDelay')

  420. 			->with('192.168.0.1')

  421. 			->willReturn(200);

  422. 		$this->userManager->expects($this->once())

  423. 			->method('checkPassword')

  424. 			->will($this->returnValue($user));

  425. 		$this->userSession->expects($this->once())

  426. 			->method('login')

  427. 			->with($user, $password);

  428. 		$this->userSession->expects($this->once())

  429. 			->method('createSessionToken')

  430. 			->with($this->request, $user->getUID(), $user, $password, true);

  431. 		$this->twoFactorManager->expects($this->once())

  432. 			->method('isTwoFactorAuthenticated')

  433. 			->with($user)

  434. 			->will($this->returnValue(false));

  435. 		$this->config->expects($this->once())

  436. 			->method('deleteUserValue')

  437. 			->with('uid', 'core', 'lostpassword');

  438. 		$this->userSession->expects($this->once())

  439. 			->method('createRememberMeToken')

  440. 			->with($user);

  441. 

  442. 		$expected = new \OCP\AppFramework\Http\RedirectResponse($indexPageUrl);

  443. 		$this->assertEquals($expected, $this->loginController->tryLogin($user, $password, null, true));

  444. 	}

  445. 

  446. 	public function testLoginWithoutPassedCsrfCheckAndNotLoggedIn() {

  447. 		/** @var IUser | \PHPUnit_Framework_MockObject_MockObject $user */

  448. 		$user = $this->getMockBuilder('\OCP\IUser')->getMock();

  449. 		$user->expects($this->any())

  450. 			->method('getUID')

  451. 			->will($this->returnValue('jane'));

  452. 		$password = 'secret';

  453. 		$originalUrl = 'another%20url';

  454. 

  455. 		$this->request

  456. 			->expects($this->exactly(2))

  457. 			->method('getRemoteAddress')

  458. 			->willReturn('192.168.0.1');

  459. 		$this->request

  460. 			->expects($this->once())

  461. 			->method('passesCSRFCheck')

  462. 			->willReturn(false);

  463. 		$this->throttler

  464. 			->expects($this->once())

  465. 			->method('sleepDelay')

  466. 			->with('192.168.0.1');

  467. 		$this->throttler

  468. 			->expects($this->once())

  469. 			->method('getDelay')

  470. 			->with('192.168.0.1')

  471. 			->willReturn(200);

  472. 		$this->userSession->expects($this->once())

  473. 			->method('isLoggedIn')

  474. 			->with()

  475. 			->will($this->returnValue(false));

  476. 		$this->config->expects($this->never())

  477. 			->method('deleteUserValue');

  478. 		$this->userSession->expects($this->never())

  479. 			->method('createRememberMeToken');

  480. 

  481. 		$expected = new \OCP\AppFramework\Http\RedirectResponse(\OC_Util::getDefaultPageUrl());

  482. 		$this->assertEquals($expected, $this->loginController->tryLogin('Jane', $password, $originalUrl));

  483. 	}

  484. 

  485. 	public function testLoginWithoutPassedCsrfCheckAndLoggedIn() {

  486. 		/** @var IUser | \PHPUnit_Framework_MockObject_MockObject $user */

  487. 		$user = $this->getMockBuilder('\OCP\IUser')->getMock();

  488. 		$user->expects($this->any())

  489. 			->method('getUID')

  490. 			->will($this->returnValue('jane'));

  491. 		$password = 'secret';

  492. 		$originalUrl = 'another%20url';

  493. 		$redirectUrl = 'http://localhost/another url';

  494. 

  495. 		$this->request

  496. 			->expects($this->exactly(2))

  497. 			->method('getRemoteAddress')

  498. 			->willReturn('192.168.0.1');

  499. 		$this->request

  500. 			->expects($this->once())

  501. 			->method('passesCSRFCheck')

  502. 			->willReturn(false);

  503. 		$this->throttler

  504. 			->expects($this->once())

  505. 			->method('sleepDelay')

  506. 			->with('192.168.0.1');

  507. 		$this->throttler

  508. 			->expects($this->once())

  509. 			->method('getDelay')

  510. 			->with('192.168.0.1')

  511. 			->willReturn(200);

  512. 		$this->userSession->expects($this->once())

  513. 			->method('isLoggedIn')

  514. 			->with()

  515. 			->will($this->returnValue(true));

  516. 		$this->urlGenerator->expects($this->once())

  517. 			->method('getAbsoluteURL')

  518. 			->with(urldecode($originalUrl))

  519. 			->will($this->returnValue($redirectUrl));

  520. 		$this->config->expects($this->never())

  521. 			->method('deleteUserValue');

  522. 		$this->userSession->expects($this->never())

  523. 			->method('createRememberMeToken');

  524. 

  525. 		$expected = new \OCP\AppFramework\Http\RedirectResponse($redirectUrl);

  526. 		$this->assertEquals($expected, $this->loginController->tryLogin('Jane', $password, $originalUrl));

  527. 	}

  528. 

  529. 	public function testLoginWithValidCredentialsAndRedirectUrl() {

  530. 		/** @var IUser | \PHPUnit_Framework_MockObject_MockObject $user */

  531. 		$user = $this->getMockBuilder('\OCP\IUser')->getMock();

  532. 		$user->expects($this->any())

  533. 			->method('getUID')

  534. 			->will($this->returnValue('jane'));

  535. 		$password = 'secret';

  536. 		$originalUrl = 'another%20url';

  537. 		$redirectUrl = 'http://localhost/another url';

  538. 

  539. 		$this->request

  540. 			->expects($this->exactly(2))

  541. 			->method('getRemoteAddress')

  542. 			->willReturn('192.168.0.1');

  543. 		$this->request

  544. 			->expects($this->once())

  545. 			->method('passesCSRFCheck')

  546. 			->willReturn(true);

  547. 		$this->throttler

  548. 			->expects($this->once())

  549. 			->method('sleepDelay')

  550. 			->with('192.168.0.1');

  551. 		$this->throttler

  552. 			->expects($this->once())

  553. 			->method('getDelay')

  554. 			->with('192.168.0.1')

  555. 			->willReturn(200);

  556. 		$this->userManager->expects($this->once())

  557. 			->method('checkPassword')

  558. 			->with('Jane', $password)

  559. 			->will($this->returnValue($user));

  560. 		$this->userSession->expects($this->once())

  561. 			->method('createSessionToken')

  562. 			->with($this->request, $user->getUID(), 'Jane', $password, false);

  563. 		$this->userSession->expects($this->once())

  564. 			->method('isLoggedIn')

  565. 			->with()

  566. 			->will($this->returnValue(true));

  567. 		$this->urlGenerator->expects($this->once())

  568. 			->method('getAbsoluteURL')

  569. 			->with(urldecode($originalUrl))

  570. 			->will($this->returnValue($redirectUrl));

  571. 		$this->config->expects($this->once())

  572. 			->method('deleteUserValue')

  573. 			->with('jane', 'core', 'lostpassword');

  574. 

  575. 		$expected = new \OCP\AppFramework\Http\RedirectResponse(urldecode($redirectUrl));

  576. 		$this->assertEquals($expected, $this->loginController->tryLogin('Jane', $password, $originalUrl));

  577. 	}

  578. 	

  579. 	public function testLoginWithOneTwoFactorProvider() {

  580. 		/** @var IUser | \PHPUnit_Framework_MockObject_MockObject $user */

  581. 		$user = $this->getMockBuilder('\OCP\IUser')->getMock();

  582. 		$user->expects($this->any())

  583. 			->method('getUID')

  584. 			->will($this->returnValue('john'));

  585. 		$password = 'secret';

  586. 		$challengeUrl = 'challenge/url';

  587. 		$provider = $this->getMockBuilder('\OCP\Authentication\TwoFactorAuth\IProvider')->getMock();

  588. 

  589. 		$this->request

  590. 			->expects($this->exactly(2))

  591. 			->method('getRemoteAddress')

  592. 			->willReturn('192.168.0.1');

  593. 		$this->request

  594. 			->expects($this->once())

  595. 			->method('passesCSRFCheck')

  596. 			->willReturn(true);

  597. 		$this->throttler

  598. 			->expects($this->once())

  599. 			->method('sleepDelay')

  600. 			->with('192.168.0.1');

  601. 		$this->throttler

  602. 			->expects($this->once())

  603. 			->method('getDelay')

  604. 			->with('192.168.0.1')

  605. 			->willReturn(200);

  606. 		$this->userManager->expects($this->once())

  607. 			->method('checkPassword')

  608. 			->will($this->returnValue($user));

  609. 		$this->userSession->expects($this->once())

  610. 			->method('login')

  611. 			->with('john@doe.com', $password);

  612. 		$this->userSession->expects($this->once())

  613. 			->method('createSessionToken')

  614. 			->with($this->request, $user->getUID(), 'john@doe.com', $password, false);

  615. 		$this->twoFactorManager->expects($this->once())

  616. 			->method('isTwoFactorAuthenticated')

  617. 			->with($user)

  618. 			->will($this->returnValue(true));

  619. 		$this->twoFactorManager->expects($this->once())

  620. 			->method('prepareTwoFactorLogin')

  621. 			->with($user);

  622. 		$this->twoFactorManager->expects($this->once())

  623. 			->method('getProviders')

  624. 			->with($user)

  625. 			->will($this->returnValue([$provider]));

  626. 		$provider->expects($this->once())

  627. 			->method('getId')

  628. 			->will($this->returnValue('u2f'));

  629. 		$this->urlGenerator->expects($this->once())

  630. 			->method('linkToRoute')

  631. 			->with('core.TwoFactorChallenge.showChallenge', [

  632. 				'challengeProviderId' => 'u2f',

  633. 			])

  634. 			->will($this->returnValue($challengeUrl));

  635. 		$this->config->expects($this->once())

  636. 			->method('deleteUserValue')

  637. 			->with('john', 'core', 'lostpassword');

  638. 		$this->userSession->expects($this->never())

  639. 			->method('createRememberMeToken');

  640. 

  641. 		$expected = new RedirectResponse($challengeUrl);

  642. 		$this->assertEquals($expected, $this->loginController->tryLogin('john@doe.com', $password, null));

  643. 	}

  644. 

  645. 	public function testLoginWithMultpleTwoFactorProviders() {

  646. 		/** @var IUser | \PHPUnit_Framework_MockObject_MockObject $user */

  647. 		$user = $this->getMockBuilder('\OCP\IUser')->getMock();

  648. 		$user->expects($this->any())

  649. 			->method('getUID')

  650. 			->will($this->returnValue('john'));

  651. 		$password = 'secret';

  652. 		$challengeUrl = 'challenge/url';

  653. 		$provider1 = $this->getMockBuilder('\OCP\Authentication\TwoFactorAuth\IProvider')->getMock();

  654. 		$provider2 = $this->getMockBuilder('\OCP\Authentication\TwoFactorAuth\IProvider')->getMock();

  655. 

  656. 		$this->request

  657. 			->expects($this->exactly(2))

  658. 			->method('getRemoteAddress')

  659. 			->willReturn('192.168.0.1');

  660. 		$this->request

  661. 			->expects($this->once())

  662. 			->method('passesCSRFCheck')

  663. 			->willReturn(true);

  664. 		$this->throttler

  665. 			->expects($this->once())

  666. 			->method('sleepDelay')

  667. 			->with('192.168.0.1');

  668. 		$this->throttler

  669. 			->expects($this->once())

  670. 			->method('getDelay')

  671. 			->with('192.168.0.1')

  672. 			->willReturn(200);

  673. 		$this->userManager->expects($this->once())

  674. 			->method('checkPassword')

  675. 			->will($this->returnValue($user));

  676. 		$this->userSession->expects($this->once())

  677. 			->method('login')

  678. 			->with('john@doe.com', $password);

  679. 		$this->userSession->expects($this->once())

  680. 			->method('createSessionToken')

  681. 			->with($this->request, $user->getUID(), 'john@doe.com', $password, false);

  682. 		$this->twoFactorManager->expects($this->once())

  683. 			->method('isTwoFactorAuthenticated')

  684. 			->with($user)

  685. 			->will($this->returnValue(true));

  686. 		$this->twoFactorManager->expects($this->once())

  687. 			->method('prepareTwoFactorLogin')

  688. 			->with($user);

  689. 		$this->twoFactorManager->expects($this->once())

  690. 			->method('getProviders')

  691. 			->with($user)

  692. 			->will($this->returnValue([$provider1, $provider2]));

  693. 		$provider1->expects($this->never())

  694. 			->method('getId');

  695. 		$provider2->expects($this->never())

  696. 			->method('getId');

  697. 		$this->urlGenerator->expects($this->once())

  698. 			->method('linkToRoute')

  699. 			->with('core.TwoFactorChallenge.selectChallenge')

  700. 			->will($this->returnValue($challengeUrl));

  701. 		$this->config->expects($this->once())

  702. 			->method('deleteUserValue')

  703. 			->with('john', 'core', 'lostpassword');

  704. 		$this->userSession->expects($this->never())

  705. 			->method('createRememberMeToken');

  706. 

  707. 		$expected = new RedirectResponse($challengeUrl);

  708. 		$this->assertEquals($expected, $this->loginController->tryLogin('john@doe.com', $password, null));

  709. 	}

  710. 

  711. 	public function testToNotLeakLoginName() {

  712. 		/** @var IUser | \PHPUnit_Framework_MockObject_MockObject $user */

  713. 		$user = $this->getMockBuilder('\OCP\IUser')->getMock();

  714. 		$user->expects($this->any())

  715. 			->method('getUID')

  716. 			->will($this->returnValue('john'));

  717. 

  718. 		$this->userManager->expects($this->exactly(2))

  719. 			->method('checkPassword')

  720. 			->withConsecutive(

  721. 				['john@doe.com', 'just wrong'],

  722. 				['john', 'just wrong']

  723. 				)

  724. 			->willReturn(false);

  725. 		

  726. 		$this->userManager->expects($this->once())

  727. 			->method('getByEmail')

  728. 			->with('john@doe.com')

  729. 			->willReturn([$user]);

  730. 

  731. 		$this->urlGenerator->expects($this->once())

  732. 			->method('linkToRoute')

  733. 			->with('core.login.showLoginForm', ['user' => 'john@doe.com'])

  734. 			->will($this->returnValue(''));

  735. 		$this->request

  736. 			->expects($this->exactly(3))

  737. 			->method('getRemoteAddress')

  738. 			->willReturn('192.168.0.1');

  739. 		$this->request

  740. 			->expects($this->once())

  741. 			->method('passesCSRFCheck')

  742. 			->willReturn(true);

  743. 		$this->throttler

  744. 			->expects($this->once())

  745. 			->method('getDelay')

  746. 			->with('192.168.0.1')

  747. 			->willReturn(200);

  748. 		$this->throttler

  749. 			->expects($this->once())

  750. 			->method('sleepDelay')

  751. 			->with('192.168.0.1');

  752. 		$this->throttler

  753. 			->expects($this->once())

  754. 			->method('registerAttempt')

  755. 			->with('login', '192.168.0.1', ['user' => 'john@doe.com']);

  756. 		$this->config->expects($this->never())

  757. 			->method('deleteUserValue');

  758. 		$this->userSession->expects($this->never())

  759. 			->method('createRememberMeToken');

  760. 

  761. 		$expected = new RedirectResponse('');

  762. 		$this->assertEquals($expected, $this->loginController->tryLogin('john@doe.com', 'just wrong', null));

  763. 	}

  764. }