mirrors
/
nextcloud
mirror of https://github.com/nextcloud/server.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 994 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
50321 Commits
371 Branches
Tree: 6d20876eb2
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '6d20876eb2'
${ noResults }
nextcloud/tests/Core/Controller/ClientFlowLoginControllerTe...

ClientFlowLoginControllerTest.php 19KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692 
  1. <?php

  2. /**

  3.  * @copyright Copyright (c) 2017 Lukas Reschke <lukas@statuscode.ch>

  4.  *

  5.  * @license GNU AGPL version 3 or any later version

  6.  *

  7.  * This program is free software: you can redistribute it and/or modify

  8.  * it under the terms of the GNU Affero General Public License as

  9.  * published by the Free Software Foundation, either version 3 of the

  10.  * License, or (at your option) any later version.

  11.  *

  12.  * This program is distributed in the hope that it will be useful,

  13.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  14.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  15.  * GNU Affero General Public License for more details.

  16.  *

  17.  * You should have received a copy of the GNU Affero General Public License

  18.  * along with this program.  If not, see <http://www.gnu.org/licenses/>.

  19.  *

  20.  */

  21. 

  22. namespace Tests\Core\Controller;

  23. 

  24. use OC\Authentication\Exceptions\InvalidTokenException;

  25. use OC\Authentication\Exceptions\PasswordlessTokenException;

  26. use OC\Authentication\Token\IProvider;

  27. use OC\Authentication\Token\IToken;

  28. use OC\Core\Controller\ClientFlowLoginController;

  29. use OCA\OAuth2\Db\AccessTokenMapper;

  30. use OCA\OAuth2\Db\Client;

  31. use OCA\OAuth2\Db\ClientMapper;

  32. use OCP\AppFramework\Http;

  33. use OCP\AppFramework\Http\StandaloneTemplateResponse;

  34. use OCP\Defaults;

  35. use OCP\IL10N;

  36. use OCP\IRequest;

  37. use OCP\ISession;

  38. use OCP\IURLGenerator;

  39. use OCP\IUser;

  40. use OCP\IUserSession;

  41. use OCP\Security\ICrypto;

  42. use OCP\Security\ISecureRandom;

  43. use OCP\Session\Exceptions\SessionNotAvailableException;

  44. use Symfony\Component\EventDispatcher\EventDispatcherInterface;

  45. use Test\TestCase;

  46. 

  47. class ClientFlowLoginControllerTest extends TestCase {

  48. 	/** @var IRequest|\PHPUnit_Framework_MockObject_MockObject */

  49. 	private $request;

  50. 	/** @var IUserSession|\PHPUnit_Framework_MockObject_MockObject */

  51. 	private $userSession;

  52. 	/** @var IL10N|\PHPUnit_Framework_MockObject_MockObject */

  53. 	private $l10n;

  54. 	/** @var Defaults|\PHPUnit_Framework_MockObject_MockObject */

  55. 	private $defaults;

  56. 	/** @var ISession|\PHPUnit_Framework_MockObject_MockObject */

  57. 	private $session;

  58. 	/** @var IProvider|\PHPUnit_Framework_MockObject_MockObject */

  59. 	private $tokenProvider;

  60. 	/** @var ISecureRandom|\PHPUnit_Framework_MockObject_MockObject */

  61. 	private $random;

  62. 	/** @var IURLGenerator|\PHPUnit_Framework_MockObject_MockObject */

  63. 	private $urlGenerator;

  64. 	/** @var ClientMapper|\PHPUnit_Framework_MockObject_MockObject */

  65. 	private $clientMapper;

  66. 	/** @var AccessTokenMapper|\PHPUnit_Framework_MockObject_MockObject */

  67. 	private $accessTokenMapper;

  68. 	/** @var ICrypto|\PHPUnit_Framework_MockObject_MockObject */

  69. 	private $crypto;

  70. 	/** @var EventDispatcherInterface|\PHPUnit_Framework_MockObject_MockObject */

  71. 	private $eventDispatcher;

  72. 

  73. 

  74. 	/** @var ClientFlowLoginController */

  75. 	private $clientFlowLoginController;

  76. 

  77. 	public function setUp() {

  78. 		parent::setUp();

  79. 

  80. 		$this->request = $this->createMock(IRequest::class);

  81. 		$this->userSession = $this->createMock(IUserSession::class);

  82. 		$this->l10n = $this->createMock(IL10N::class);

  83. 		$this->l10n

  84. 			->expects($this->any())

  85. 			->method('t')

  86. 			->will($this->returnCallback(function($text, $parameters = array()) {

  87. 				return vsprintf($text, $parameters);

  88. 			}));

  89. 		$this->defaults = $this->createMock(Defaults::class);

  90. 		$this->session = $this->createMock(ISession::class);

  91. 		$this->tokenProvider = $this->createMock(IProvider::class);

  92. 		$this->random = $this->createMock(ISecureRandom::class);

  93. 		$this->urlGenerator = $this->createMock(IURLGenerator::class);

  94. 		$this->clientMapper = $this->createMock(ClientMapper::class);

  95. 		$this->accessTokenMapper = $this->createMock(AccessTokenMapper::class);

  96. 		$this->crypto = $this->createMock(ICrypto::class);

  97. 		$this->eventDispatcher = $this->createMock(EventDispatcherInterface::class);

  98. 

  99. 		$this->clientFlowLoginController = new ClientFlowLoginController(

  100. 			'core',

  101. 			$this->request,

  102. 			$this->userSession,

  103. 			$this->l10n,

  104. 			$this->defaults,

  105. 			$this->session,

  106. 			$this->tokenProvider,

  107. 			$this->random,

  108. 			$this->urlGenerator,

  109. 			$this->clientMapper,

  110. 			$this->accessTokenMapper,

  111. 			$this->crypto,

  112. 			$this->eventDispatcher

  113. 		);

  114. 	}

  115. 

  116. 	public function testShowAuthPickerPageNoClientOrOauthRequest() {

  117. 		$expected = new StandaloneTemplateResponse(

  118. 			'core',

  119. 			'error',

  120. 			[

  121. 				'errors' =>

  122. 					[

  123. 						[

  124. 							'error' => 'Access Forbidden',

  125. 							'hint' => 'Invalid request',

  126. 						],

  127. 					],

  128. 			],

  129. 			'guest'

  130. 		);

  131. 

  132. 		$this->assertEquals($expected, $this->clientFlowLoginController->showAuthPickerPage());

  133. 	}

  134. 

  135. 	public function testShowAuthPickerPageWithOcsHeader() {

  136. 		$this->request

  137. 			->expects($this->at(0))

  138. 			->method('getHeader')

  139. 			->with('USER_AGENT')

  140. 			->willReturn('Mac OS X Sync Client');

  141. 		$this->request

  142. 			->expects($this->at(1))

  143. 			->method('getHeader')

  144. 			->with('OCS-APIREQUEST')

  145. 			->willReturn('true');

  146. 		$this->random

  147. 			->expects($this->once())

  148. 			->method('generate')

  149. 			->with(

  150. 				64,

  151. 				ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_DIGITS

  152. 			)

  153. 			->willReturn('StateToken');

  154. 		$this->session

  155. 			->expects($this->once())

  156. 			->method('set')

  157. 			->with('client.flow.state.token', 'StateToken');

  158. 		$this->session

  159. 			->expects($this->once())

  160. 			->method('get')

  161. 			->with('oauth.state')

  162. 			->willReturn('OauthStateToken');

  163. 		$this->defaults

  164. 			->expects($this->once())

  165. 			->method('getName')

  166. 			->willReturn('ExampleCloud');

  167. 		$this->request

  168. 			->expects($this->once())

  169. 			->method('getServerHost')

  170. 			->willReturn('example.com');

  171. 		$this->request

  172. 			->method('getServerProtocol')

  173. 			->willReturn('https');

  174. 

  175. 		$expected = new StandaloneTemplateResponse(

  176. 			'core',

  177. 			'loginflow/authpicker',

  178. 			[

  179. 				'client' => 'Mac OS X Sync Client',

  180. 				'clientIdentifier' => '',

  181. 				'instanceName' => 'ExampleCloud',

  182. 				'urlGenerator' => $this->urlGenerator,

  183. 				'stateToken' => 'StateToken',

  184. 				'serverHost' => 'https://example.com',

  185. 				'oauthState' => 'OauthStateToken',

  186. 			],

  187. 			'guest'

  188. 		);

  189. 		$csp = new Http\ContentSecurityPolicy();

  190. 		$csp->addAllowedFormActionDomain('nc://*');

  191. 		$expected->setContentSecurityPolicy($csp);

  192. 		$this->assertEquals($expected, $this->clientFlowLoginController->showAuthPickerPage());

  193. 	}

  194. 

  195. 	public function testShowAuthPickerPageWithOauth() {

  196. 		$this->request

  197. 			->expects($this->at(0))

  198. 			->method('getHeader')

  199. 			->with('USER_AGENT')

  200. 			->willReturn('Mac OS X Sync Client');

  201. 		$client = new Client();

  202. 		$client->setName('My external service');

  203. 		$this->clientMapper

  204. 			->expects($this->once())

  205. 			->method('getByIdentifier')

  206. 			->with('MyClientIdentifier')

  207. 			->willReturn($client);

  208. 		$this->random

  209. 			->expects($this->once())

  210. 			->method('generate')

  211. 			->with(

  212. 				64,

  213. 				ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_DIGITS

  214. 			)

  215. 			->willReturn('StateToken');

  216. 		$this->session

  217. 			->expects($this->once())

  218. 			->method('set')

  219. 			->with('client.flow.state.token', 'StateToken');

  220. 		$this->session

  221. 			->expects($this->once())

  222. 			->method('get')

  223. 			->with('oauth.state')

  224. 			->willReturn('OauthStateToken');

  225. 		$this->defaults

  226. 			->expects($this->once())

  227. 			->method('getName')

  228. 			->willReturn('ExampleCloud');

  229. 		$this->request

  230. 			->expects($this->once())

  231. 			->method('getServerHost')

  232. 			->willReturn('example.com');

  233. 		$this->request

  234. 			->method('getServerProtocol')

  235. 			->willReturn('https');

  236. 

  237. 		$expected = new StandaloneTemplateResponse(

  238. 			'core',

  239. 			'loginflow/authpicker',

  240. 			[

  241. 				'client' => 'My external service',

  242. 				'clientIdentifier' => 'MyClientIdentifier',

  243. 				'instanceName' => 'ExampleCloud',

  244. 				'urlGenerator' => $this->urlGenerator,

  245. 				'stateToken' => 'StateToken',

  246. 				'serverHost' => 'https://example.com',

  247. 				'oauthState' => 'OauthStateToken',

  248. 			],

  249. 			'guest'

  250. 		);

  251. 		$csp = new Http\ContentSecurityPolicy();

  252. 		$csp->addAllowedFormActionDomain('nc://*');

  253. 		$expected->setContentSecurityPolicy($csp);

  254. 		$this->assertEquals($expected, $this->clientFlowLoginController->showAuthPickerPage('MyClientIdentifier'));

  255. 	}

  256. 

  257. 	public function testGenerateAppPasswordWithInvalidToken() {

  258. 		$this->session

  259. 			->expects($this->once())

  260. 			->method('get')

  261. 			->with('client.flow.state.token')

  262. 			->willReturn('OtherToken');

  263. 		$this->session

  264. 			->expects($this->once())

  265. 			->method('remove')

  266. 			->with('client.flow.state.token');

  267. 

  268. 		$expected = new StandaloneTemplateResponse(

  269. 			'core',

  270. 			'403',

  271. 			[

  272. 				'message' => 'State token does not match',

  273. 			],

  274. 			'guest'

  275. 		);

  276. 		$expected->setStatus(Http::STATUS_FORBIDDEN);

  277. 		$this->assertEquals($expected, $this->clientFlowLoginController->generateAppPassword('MyStateToken'));

  278. 	}

  279. 

  280. 	public function testGenerateAppPasswordWithSessionNotAvailableException() {

  281. 		$this->session

  282. 			->expects($this->once())

  283. 			->method('get')

  284. 			->with('client.flow.state.token')

  285. 			->willReturn('MyStateToken');

  286. 		$this->session

  287. 			->expects($this->once())

  288. 			->method('remove')

  289. 			->with('client.flow.state.token');

  290. 		$this->session

  291. 			->expects($this->once())

  292. 			->method('getId')

  293. 			->willThrowException(new SessionNotAvailableException());

  294. 

  295. 		$expected = new Http\Response();

  296. 		$expected->setStatus(Http::STATUS_FORBIDDEN);

  297. 		$this->assertEquals($expected, $this->clientFlowLoginController->generateAppPassword('MyStateToken'));

  298. 	}

  299. 

  300. 	public function testGenerateAppPasswordWithInvalidTokenException() {

  301. 		$this->session

  302. 			->expects($this->once())

  303. 			->method('get')

  304. 			->with('client.flow.state.token')

  305. 			->willReturn('MyStateToken');

  306. 		$this->session

  307. 			->expects($this->once())

  308. 			->method('remove')

  309. 			->with('client.flow.state.token');

  310. 		$this->session

  311. 			->expects($this->once())

  312. 			->method('getId')

  313. 			->willReturn('SessionId');

  314. 		$this->tokenProvider

  315. 			->expects($this->once())

  316. 			->method('getToken')

  317. 			->with('SessionId')

  318. 			->willThrowException(new InvalidTokenException());

  319. 

  320. 		$expected = new Http\Response();

  321. 		$expected->setStatus(Http::STATUS_FORBIDDEN);

  322. 		$this->assertEquals($expected, $this->clientFlowLoginController->generateAppPassword('MyStateToken'));

  323. 	}

  324. 

  325. 	public function testGeneratePasswordWithPassword() {

  326. 		$this->session

  327. 			->expects($this->once())

  328. 			->method('get')

  329. 			->with('client.flow.state.token')

  330. 			->willReturn('MyStateToken');

  331. 		$this->session

  332. 			->expects($this->once())

  333. 			->method('remove')

  334. 			->with('client.flow.state.token');

  335. 		$this->session

  336. 			->expects($this->once())

  337. 			->method('getId')

  338. 			->willReturn('SessionId');

  339. 		$myToken = $this->createMock(IToken::class);

  340. 		$myToken

  341. 			->expects($this->once())

  342. 			->method('getLoginName')

  343. 			->willReturn('MyLoginName');

  344. 		$this->tokenProvider

  345. 			->expects($this->once())

  346. 			->method('getToken')

  347. 			->with('SessionId')

  348. 			->willReturn($myToken);

  349. 		$this->tokenProvider

  350. 			->expects($this->once())

  351. 			->method('getPassword')

  352. 			->with($myToken, 'SessionId')

  353. 			->willReturn('MyPassword');

  354. 		$this->random

  355. 			->expects($this->once())

  356. 			->method('generate')

  357. 			->with(72)

  358. 			->willReturn('MyGeneratedToken');

  359. 		$user = $this->createMock(IUser::class);

  360. 		$user

  361. 			->expects($this->once())

  362. 			->method('getUID')

  363. 			->willReturn('MyUid');

  364. 		$this->userSession

  365. 			->expects($this->once())

  366. 			->method('getUser')

  367. 			->willReturn($user);

  368. 		$this->tokenProvider

  369. 			->expects($this->once())

  370. 			->method('generateToken')

  371. 			->with(

  372. 				'MyGeneratedToken',

  373. 				'MyUid',

  374. 				'MyLoginName',

  375. 				'MyPassword',

  376. 				'unknown',

  377. 				IToken::PERMANENT_TOKEN,

  378. 				IToken::DO_NOT_REMEMBER

  379. 			);

  380. 		$this->request

  381. 			->expects($this->once())

  382. 			->method('getServerProtocol')

  383. 			->willReturn('http');

  384. 		$this->request

  385. 			->expects($this->once())

  386. 			->method('getServerHost')

  387. 			->willReturn('example.com');

  388. 		$this->request

  389. 			->expects($this->any())

  390. 			->method('getHeader')

  391. 			->willReturn('');

  392. 

  393. 		$this->eventDispatcher->expects($this->once())

  394. 			->method('dispatch');

  395. 

  396. 		$expected = new Http\RedirectResponse('nc://login/server:http://example.com&user:MyLoginName&password:MyGeneratedToken');

  397. 		$this->assertEquals($expected, $this->clientFlowLoginController->generateAppPassword('MyStateToken'));

  398. 	}

  399. 

  400. 	public function testGeneratePasswordWithPasswordForOauthClient() {

  401. 		$this->session

  402. 			->expects($this->at(0))

  403. 			->method('get')

  404. 			->with('client.flow.state.token')

  405. 			->willReturn('MyStateToken');

  406. 		$this->session

  407. 			->expects($this->at(1))

  408. 			->method('remove')

  409. 			->with('client.flow.state.token');

  410. 		$this->session

  411. 			->expects($this->at(3))

  412. 			->method('get')

  413. 			->with('oauth.state')

  414. 			->willReturn('MyOauthState');

  415. 		$this->session

  416. 			->expects($this->at(4))

  417. 			->method('remove')

  418. 			->with('oauth.state');

  419. 		$this->session

  420. 			->expects($this->once())

  421. 			->method('getId')

  422. 			->willReturn('SessionId');

  423. 		$myToken = $this->createMock(IToken::class);

  424. 		$myToken

  425. 			->expects($this->once())

  426. 			->method('getLoginName')

  427. 			->willReturn('MyLoginName');

  428. 		$this->tokenProvider

  429. 			->expects($this->once())

  430. 			->method('getToken')

  431. 			->with('SessionId')

  432. 			->willReturn($myToken);

  433. 		$this->tokenProvider

  434. 			->expects($this->once())

  435. 			->method('getPassword')

  436. 			->with($myToken, 'SessionId')

  437. 			->willReturn('MyPassword');

  438. 		$this->random

  439. 			->expects($this->at(0))

  440. 			->method('generate')

  441. 			->with(72)

  442. 			->willReturn('MyGeneratedToken');

  443. 		$this->random

  444. 			->expects($this->at(1))

  445. 			->method('generate')

  446. 			->with(128)

  447. 			->willReturn('MyAccessCode');

  448. 		$user = $this->createMock(IUser::class);

  449. 		$user

  450. 			->expects($this->once())

  451. 			->method('getUID')

  452. 			->willReturn('MyUid');

  453. 		$this->userSession

  454. 			->expects($this->once())

  455. 			->method('getUser')

  456. 			->willReturn($user);

  457. 		$token = $this->createMock(IToken::class);

  458. 		$this->tokenProvider

  459. 			->expects($this->once())

  460. 			->method('generateToken')

  461. 			->with(

  462. 				'MyGeneratedToken',

  463. 				'MyUid',

  464. 				'MyLoginName',

  465. 				'MyPassword',

  466. 				'My OAuth client',

  467. 				IToken::PERMANENT_TOKEN,

  468. 				IToken::DO_NOT_REMEMBER

  469. 			)

  470. 			->willReturn($token);

  471. 		$client = new Client();

  472. 		$client->setName('My OAuth client');

  473. 		$client->setRedirectUri('https://example.com/redirect.php');

  474. 		$this->clientMapper

  475. 			->expects($this->once())

  476. 			->method('getByIdentifier')

  477. 			->with('MyClientIdentifier')

  478. 			->willReturn($client);

  479. 

  480. 		$this->eventDispatcher->expects($this->once())

  481. 			->method('dispatch');

  482. 

  483. 		$expected = new Http\RedirectResponse('https://example.com/redirect.php?state=MyOauthState&code=MyAccessCode');

  484. 		$this->assertEquals($expected, $this->clientFlowLoginController->generateAppPassword('MyStateToken', 'MyClientIdentifier'));

  485. 	}

  486. 

  487. 	public function testGeneratePasswordWithoutPassword() {

  488. 		$this->session

  489. 			->expects($this->once())

  490. 			->method('get')

  491. 			->with('client.flow.state.token')

  492. 			->willReturn('MyStateToken');

  493. 		$this->session

  494. 			->expects($this->once())

  495. 			->method('remove')

  496. 			->with('client.flow.state.token');

  497. 		$this->session

  498. 			->expects($this->once())

  499. 			->method('getId')

  500. 			->willReturn('SessionId');

  501. 		$myToken = $this->createMock(IToken::class);

  502. 		$myToken

  503. 			->expects($this->once())

  504. 			->method('getLoginName')

  505. 			->willReturn('MyLoginName');

  506. 		$this->tokenProvider

  507. 			->expects($this->once())

  508. 			->method('getToken')

  509. 			->with('SessionId')

  510. 			->willReturn($myToken);

  511. 		$this->tokenProvider

  512. 			->expects($this->once())

  513. 			->method('getPassword')

  514. 			->with($myToken, 'SessionId')

  515. 			->willThrowException(new PasswordlessTokenException());

  516. 		$this->random

  517. 			->expects($this->once())

  518. 			->method('generate')

  519. 			->with(72)

  520. 			->willReturn('MyGeneratedToken');

  521. 		$user = $this->createMock(IUser::class);

  522. 		$user

  523. 			->expects($this->once())

  524. 			->method('getUID')

  525. 			->willReturn('MyUid');

  526. 		$this->userSession

  527. 			->expects($this->once())

  528. 			->method('getUser')

  529. 			->willReturn($user);

  530. 		$this->tokenProvider

  531. 			->expects($this->once())

  532. 			->method('generateToken')

  533. 			->with(

  534. 				'MyGeneratedToken',

  535. 				'MyUid',

  536. 				'MyLoginName',

  537. 				null,

  538. 				'unknown',

  539. 				IToken::PERMANENT_TOKEN,

  540. 				IToken::DO_NOT_REMEMBER

  541. 			);

  542. 		$this->request

  543. 			->expects($this->once())

  544. 			->method('getServerProtocol')

  545. 			->willReturn('http');

  546. 		$this->request

  547. 			->expects($this->once())

  548. 			->method('getServerHost')

  549. 			->willReturn('example.com');

  550. 		$this->request

  551. 			->expects($this->any())

  552. 			->method('getHeader')

  553. 			->willReturn('');

  554. 

  555. 		$this->eventDispatcher->expects($this->once())

  556. 			->method('dispatch');

  557. 

  558. 		$expected = new Http\RedirectResponse('nc://login/server:http://example.com&user:MyLoginName&password:MyGeneratedToken');

  559. 		$this->assertEquals($expected, $this->clientFlowLoginController->generateAppPassword('MyStateToken'));

  560. 	}

  561. 

  562. 	public function dataGeneratePasswordWithHttpsProxy() {

  563. 		return [

  564. 			[

  565. 				[

  566. 					['X-Forwarded-Proto', 'http'],

  567. 					['X-Forwarded-Ssl', 'off'],

  568. 					['USER_AGENT', ''],

  569. 				],

  570. 				'http',

  571. 				'http',

  572. 			],

  573. 			[

  574. 				[

  575. 					['X-Forwarded-Proto', 'http'],

  576. 					['X-Forwarded-Ssl', 'off'],

  577. 					['USER_AGENT', ''],

  578. 				],

  579. 				'https',

  580. 				'https',

  581. 			],

  582. 			[

  583. 				[

  584. 					['X-Forwarded-Proto', 'https'],

  585. 					['X-Forwarded-Ssl', 'off'],

  586. 					['USER_AGENT', ''],

  587. 				],

  588. 				'http',

  589. 				'https',

  590. 			],

  591. 			[

  592. 				[

  593. 					['X-Forwarded-Proto', 'https'],

  594. 					['X-Forwarded-Ssl', 'on'],

  595. 					['USER_AGENT', ''],

  596. 				],

  597. 				'http',

  598. 				'https',

  599. 			],

  600. 			[

  601. 				[

  602. 					['X-Forwarded-Proto', 'http'],

  603. 					['X-Forwarded-Ssl', 'on'],

  604. 					['USER_AGENT', ''],

  605. 				],

  606. 				'http',

  607. 				'https',

  608. 			],

  609. 		];

  610. 	}

  611. 

  612. 	/**

  613. 	 * @dataProvider dataGeneratePasswordWithHttpsProxy

  614. 	 * @param array $headers

  615. 	 * @param string $protocol

  616. 	 * @param string $expected

  617. 	 */

  618. 	public function testGeneratePasswordWithHttpsProxy(array $headers, $protocol, $expected) {

  619. 		$this->session

  620. 			->expects($this->once())

  621. 			->method('get')

  622. 			->with('client.flow.state.token')

  623. 			->willReturn('MyStateToken');

  624. 		$this->session

  625. 			->expects($this->once())

  626. 			->method('remove')

  627. 			->with('client.flow.state.token');

  628. 		$this->session

  629. 			->expects($this->once())

  630. 			->method('getId')

  631. 			->willReturn('SessionId');

  632. 		$myToken = $this->createMock(IToken::class);

  633. 		$myToken

  634. 			->expects($this->once())

  635. 			->method('getLoginName')

  636. 			->willReturn('MyLoginName');

  637. 		$this->tokenProvider

  638. 			->expects($this->once())

  639. 			->method('getToken')

  640. 			->with('SessionId')

  641. 			->willReturn($myToken);

  642. 		$this->tokenProvider

  643. 			->expects($this->once())

  644. 			->method('getPassword')

  645. 			->with($myToken, 'SessionId')

  646. 			->willReturn('MyPassword');

  647. 		$this->random

  648. 			->expects($this->once())

  649. 			->method('generate')

  650. 			->with(72)

  651. 			->willReturn('MyGeneratedToken');

  652. 		$user = $this->createMock(IUser::class);

  653. 		$user

  654. 			->expects($this->once())

  655. 			->method('getUID')

  656. 			->willReturn('MyUid');

  657. 		$this->userSession

  658. 			->expects($this->once())

  659. 			->method('getUser')

  660. 			->willReturn($user);

  661. 		$this->tokenProvider

  662. 			->expects($this->once())

  663. 			->method('generateToken')

  664. 			->with(

  665. 				'MyGeneratedToken',

  666. 				'MyUid',

  667. 				'MyLoginName',

  668. 				'MyPassword',

  669. 				'unknown',

  670. 				IToken::PERMANENT_TOKEN,

  671. 				IToken::DO_NOT_REMEMBER

  672. 			);

  673. 		$this->request

  674. 			->expects($this->once())

  675. 			->method('getServerProtocol')

  676. 			->willReturn($protocol);

  677. 		$this->request

  678. 			->expects($this->once())

  679. 			->method('getServerHost')

  680. 			->willReturn('example.com');

  681. 		$this->request

  682. 			->expects($this->atLeastOnce())

  683. 			->method('getHeader')

  684. 			->willReturnMap($headers);

  685. 

  686. 		$this->eventDispatcher->expects($this->once())

  687. 			->method('dispatch');

  688. 

  689. 		$expected = new Http\RedirectResponse('nc://login/server:' . $expected . '://example.com&user:MyLoginName&password:MyGeneratedToken');

  690. 		$this->assertEquals($expected, $this->clientFlowLoginController->generateAppPassword('MyStateToken'));

  691. 	}

  692. }