mirrors
/
nextcloud
mirror of https://github.com/nextcloud/server.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 1008 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
32048 Commits
414 Branches
Tree: c28e462583
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'c28e462583'
${ noResults }
nextcloud/tests/lib/user/session.php

session.php 15KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480 
  1. <?php

  2. 

  3. /**

  4.  * Copyright (c) 2013 Robin Appelman <icewind@owncloud.com>

  5.  * This file is licensed under the Affero General Public License version 3 or

  6.  * later.

  7.  * See the COPYING-README file.

  8.  */

  9. 

  10. namespace Test\User;

  11. 

  12. use OC\Session\Memory;

  13. use OC\User\User;

  14. 

  15. /**

  16.  * @group DB

  17.  * @package Test\User

  18.  */

  19. class Session extends \Test\TestCase {

  20. 

  21. 	/** @var \OCP\AppFramework\Utility\ITimeFactory */

  22. 	private $timeFactory;

  23. 

  24. 	/** @var \OC\Authentication\Token\DefaultTokenProvider */

  25. 	protected $defaultProvider;

  26. 

  27. 	protected function setUp() {

  28. 		parent::setUp();

  29. 

  30. 		$this->timeFactory = $this->getMock('\OCP\AppFramework\Utility\ITimeFactory');

  31. 		$this->timeFactory->expects($this->any())

  32. 			->method('getTime')

  33. 			->will($this->returnValue(10000));

  34. 		$this->defaultProvider = $this->getMockBuilder('\OC\Authentication\Token\DefaultTokenProvider')

  35. 			->disableOriginalConstructor()

  36. 			->getMock();

  37. 	}

  38. 

  39. 	public function testGetUser() {

  40. 		$token = new \OC\Authentication\Token\DefaultToken();

  41. 

  42. 		$expectedUser = new User('foo', null);

  43. 		$session = $this->getMock('\OC\Session\Memory', array(), array(''));

  44. 		$session->expects($this->at(0))

  45. 			->method('get')

  46. 			->with('user_id')

  47. 			->will($this->returnValue($expectedUser->getUID()));

  48. 		$sessionId = 'abcdef12345';

  49. 

  50. 		$manager = $this->getMockBuilder('\OC\User\Manager')

  51. 			->disableOriginalConstructor()

  52. 			->getMock();

  53. 		$session->expects($this->once())

  54. 			->method('getId')

  55. 			->will($this->returnValue($sessionId));

  56. 		$this->defaultProvider->expects($this->once())

  57. 			->method('getToken')

  58. 			->will($this->returnValue($token));

  59. 		$session->expects($this->at(2))

  60. 			->method('get')

  61. 			->with('last_login_check')

  62. 			->will($this->returnValue(null)); // No check has been run yet

  63. 		$this->defaultProvider->expects($this->once())

  64. 			->method('getPassword')

  65. 			->with($token, $sessionId)

  66. 			->will($this->returnValue('password123'));

  67. 		$manager->expects($this->once())

  68. 			->method('checkPassword')

  69. 			->with($expectedUser->getUID(), 'password123')

  70. 			->will($this->returnValue(true));

  71. 		$session->expects($this->at(3))

  72. 			->method('set')

  73. 			->with('last_login_check', 10000);

  74. 

  75. 		$session->expects($this->at(4))

  76. 			->method('get')

  77. 			->with('last_token_update')

  78. 			->will($this->returnValue(null)); // No check run so far

  79. 		$this->defaultProvider->expects($this->once())

  80. 			->method('updateToken')

  81. 			->with($token);

  82. 		$session->expects($this->at(5))

  83. 			->method('set')

  84. 			->with('last_token_update', $this->equalTo(10000));

  85. 

  86. 		$manager->expects($this->any())

  87. 			->method('get')

  88. 			->with($expectedUser->getUID())

  89. 			->will($this->returnValue($expectedUser));

  90. 

  91. 		$userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->defaultProvider, [$this->defaultProvider]);

  92. 		$user = $userSession->getUser();

  93. 		$this->assertSame($expectedUser, $user);

  94. 	}

  95. 

  96. 	public function isLoggedInData() {

  97. 		return [

  98. 			[true],

  99. 			[false],

  100. 		];

  101. 	}

  102. 

  103. 	/**

  104. 	 * @dataProvider isLoggedInData

  105. 	 */

  106. 	public function testIsLoggedIn($isLoggedIn) {

  107. 		$session = $this->getMock('\OC\Session\Memory', array(), array(''));

  108. 

  109. 		$manager = $this->getMockBuilder('\OC\User\Manager')

  110. 			->disableOriginalConstructor()

  111. 			->getMock();

  112. 

  113. 		$userSession = $this->getMockBuilder('\OC\User\Session')

  114. 			->setConstructorArgs([$manager, $session, $this->timeFactory, $this->defaultProvider, [$this->defaultProvider]])

  115. 			->setMethods([

  116. 				'getUser'

  117. 			])

  118. 			->getMock();

  119. 		$user = new User('sepp', null);

  120. 		$userSession->expects($this->once())

  121. 			->method('getUser')

  122. 			->will($this->returnValue($isLoggedIn ? $user : null));

  123. 		$this->assertEquals($isLoggedIn, $userSession->isLoggedIn());

  124. 	}

  125. 

  126. 	public function testSetUser() {

  127. 		$session = $this->getMock('\OC\Session\Memory', array(), array(''));

  128. 		$session->expects($this->once())

  129. 			->method('set')

  130. 			->with('user_id', 'foo');

  131. 

  132. 		$manager = $this->getMock('\OC\User\Manager');

  133. 

  134. 		$backend = $this->getMock('\Test\Util\User\Dummy');

  135. 

  136. 		$user = $this->getMock('\OC\User\User', array(), array('foo', $backend));

  137. 		$user->expects($this->once())

  138. 			->method('getUID')

  139. 			->will($this->returnValue('foo'));

  140. 

  141. 		$userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->defaultProvider, [$this->defaultProvider]);

  142. 		$userSession->setUser($user);

  143. 	}

  144. 

  145. 	public function testLoginValidPasswordEnabled() {

  146. 		$session = $this->getMock('\OC\Session\Memory', array(), array(''));

  147. 		$session->expects($this->once())

  148. 			->method('regenerateId');

  149. 		$session->expects($this->exactly(2))

  150. 			->method('set')

  151. 			->with($this->callback(function ($key) {

  152. 					switch ($key) {

  153. 						case 'user_id':

  154. 						case 'loginname':

  155. 							return true;

  156. 							break;

  157. 						default:

  158. 							return false;

  159. 							break;

  160. 					}

  161. 				}, 'foo'));

  162. 

  163. 		$managerMethods = get_class_methods('\OC\User\Manager');

  164. 		//keep following methods intact in order to ensure hooks are

  165. 		//working

  166. 		$doNotMock = array('__construct', 'emit', 'listen');

  167. 		foreach ($doNotMock as $methodName) {

  168. 			$i = array_search($methodName, $managerMethods, true);

  169. 			if ($i !== false) {

  170. 				unset($managerMethods[$i]);

  171. 			}

  172. 		}

  173. 		$manager = $this->getMock('\OC\User\Manager', $managerMethods, array());

  174. 

  175. 		$backend = $this->getMock('\Test\Util\User\Dummy');

  176. 

  177. 		$user = $this->getMock('\OC\User\User', array(), array('foo', $backend));

  178. 		$user->expects($this->any())

  179. 			->method('isEnabled')

  180. 			->will($this->returnValue(true));

  181. 		$user->expects($this->any())

  182. 			->method('getUID')

  183. 			->will($this->returnValue('foo'));

  184. 		$user->expects($this->once())

  185. 			->method('updateLastLoginTimestamp');

  186. 

  187. 		$manager->expects($this->once())

  188. 			->method('checkPassword')

  189. 			->with('foo', 'bar')

  190. 			->will($this->returnValue($user));

  191. 

  192. 		$userSession = $this->getMockBuilder('\OC\User\Session')

  193. 			->setConstructorArgs([$manager, $session, $this->timeFactory, $this->defaultProvider, [$this->defaultProvider]])

  194. 			->setMethods([

  195. 				'prepareUserLogin'

  196. 			])

  197. 			->getMock();

  198. 		$userSession->expects($this->once())

  199. 			->method('prepareUserLogin');

  200. 		$userSession->login('foo', 'bar');

  201. 		$this->assertEquals($user, $userSession->getUser());

  202. 	}

  203. 

  204. 	/**

  205. 	 * @expectedException \OC\User\LoginException

  206. 	 */

  207. 	public function testLoginValidPasswordDisabled() {

  208. 		$session = $this->getMock('\OC\Session\Memory', array(), array(''));

  209. 		$session->expects($this->never())

  210. 			->method('set');

  211. 		$session->expects($this->once())

  212. 			->method('regenerateId');

  213. 

  214. 		$managerMethods = get_class_methods('\OC\User\Manager');

  215. 		//keep following methods intact in order to ensure hooks are

  216. 		//working

  217. 		$doNotMock = array('__construct', 'emit', 'listen');

  218. 		foreach ($doNotMock as $methodName) {

  219. 			$i = array_search($methodName, $managerMethods, true);

  220. 			if ($i !== false) {

  221. 				unset($managerMethods[$i]);

  222. 			}

  223. 		}

  224. 		$manager = $this->getMock('\OC\User\Manager', $managerMethods, array());

  225. 

  226. 		$backend = $this->getMock('\Test\Util\User\Dummy');

  227. 

  228. 		$user = $this->getMock('\OC\User\User', array(), array('foo', $backend));

  229. 		$user->expects($this->any())

  230. 			->method('isEnabled')

  231. 			->will($this->returnValue(false));

  232. 		$user->expects($this->never())

  233. 			->method('updateLastLoginTimestamp');

  234. 

  235. 		$manager->expects($this->once())

  236. 			->method('checkPassword')

  237. 			->with('foo', 'bar')

  238. 			->will($this->returnValue($user));

  239. 

  240. 		$userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->defaultProvider, [$this->defaultProvider]);

  241. 		$userSession->login('foo', 'bar');

  242. 	}

  243. 

  244. 	public function testLoginInvalidPassword() {

  245. 		$session = $this->getMock('\OC\Session\Memory', array(), array(''));

  246. 		$session->expects($this->never())

  247. 			->method('set');

  248. 		$session->expects($this->once())

  249. 			->method('regenerateId');

  250. 

  251. 		$managerMethods = get_class_methods('\OC\User\Manager');

  252. 		//keep following methods intact in order to ensure hooks are

  253. 		//working

  254. 		$doNotMock = array('__construct', 'emit', 'listen');

  255. 		foreach ($doNotMock as $methodName) {

  256. 			$i = array_search($methodName, $managerMethods, true);

  257. 			if ($i !== false) {

  258. 				unset($managerMethods[$i]);

  259. 			}

  260. 		}

  261. 		$manager = $this->getMock('\OC\User\Manager', $managerMethods, array());

  262. 

  263. 		$backend = $this->getMock('\Test\Util\User\Dummy');

  264. 

  265. 		$user = $this->getMock('\OC\User\User', array(), array('foo', $backend));

  266. 		$user->expects($this->never())

  267. 			->method('isEnabled');

  268. 		$user->expects($this->never())

  269. 			->method('updateLastLoginTimestamp');

  270. 

  271. 		$manager->expects($this->once())

  272. 			->method('checkPassword')

  273. 			->with('foo', 'bar')

  274. 			->will($this->returnValue(false));

  275. 

  276. 		$userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->defaultProvider, [$this->defaultProvider]);

  277. 		$userSession->login('foo', 'bar');

  278. 	}

  279. 

  280. 	public function testLoginNonExisting() {

  281. 		$session = $this->getMock('\OC\Session\Memory', array(), array(''));

  282. 		$session->expects($this->never())

  283. 			->method('set');

  284. 		$session->expects($this->once())

  285. 			->method('regenerateId');

  286. 

  287. 		$manager = $this->getMock('\OC\User\Manager');

  288. 

  289. 		$backend = $this->getMock('\Test\Util\User\Dummy');

  290. 

  291. 		$manager->expects($this->once())

  292. 			->method('checkPassword')

  293. 			->with('foo', 'bar')

  294. 			->will($this->returnValue(false));

  295. 

  296. 		$userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->defaultProvider, [$this->defaultProvider]);

  297. 		$userSession->login('foo', 'bar');

  298. 	}

  299. 

  300. 	public function testRememberLoginValidToken() {

  301. 		$session = $this->getMock('\OC\Session\Memory', array(), array(''));

  302. 		$session->expects($this->exactly(1))

  303. 			->method('set')

  304. 			->with($this->callback(function ($key) {

  305. 					switch ($key) {

  306. 						case 'user_id':

  307. 							return true;

  308. 						default:

  309. 							return false;

  310. 					}

  311. 				}, 'foo'));

  312. 		$session->expects($this->once())

  313. 			->method('regenerateId');

  314. 

  315. 		$managerMethods = get_class_methods('\OC\User\Manager');

  316. 		//keep following methods intact in order to ensure hooks are

  317. 		//working

  318. 		$doNotMock = array('__construct', 'emit', 'listen');

  319. 		foreach ($doNotMock as $methodName) {

  320. 			$i = array_search($methodName, $managerMethods, true);

  321. 			if ($i !== false) {

  322. 				unset($managerMethods[$i]);

  323. 			}

  324. 		}

  325. 		$manager = $this->getMock('\OC\User\Manager', $managerMethods, array());

  326. 

  327. 		$backend = $this->getMock('\Test\Util\User\Dummy');

  328. 

  329. 		$user = $this->getMock('\OC\User\User', array(), array('foo', $backend));

  330. 

  331. 		$user->expects($this->any())

  332. 			->method('getUID')

  333. 			->will($this->returnValue('foo'));

  334. 		$user->expects($this->once())

  335. 			->method('updateLastLoginTimestamp');

  336. 

  337. 		$manager->expects($this->once())

  338. 			->method('get')

  339. 			->with('foo')

  340. 			->will($this->returnValue($user));

  341. 

  342. 		//prepare login token

  343. 		$token = 'goodToken';

  344. 		\OC::$server->getConfig()->setUserValue('foo', 'login_token', $token, time());

  345. 

  346. 		$userSession = $this->getMock(

  347. 			'\OC\User\Session',

  348. 			//override, otherwise tests will fail because of setcookie()

  349. 			array('setMagicInCookie'),

  350. 			//there  are passed as parameters to the constructor

  351. 			array($manager, $session, $this->timeFactory, $this->defaultProvider, [$this->defaultProvider]));

  352. 

  353. 		$granted = $userSession->loginWithCookie('foo', $token);

  354. 

  355. 		$this->assertSame($granted, true);

  356. 	}

  357. 

  358. 	public function testRememberLoginInvalidToken() {

  359. 		$session = $this->getMock('\OC\Session\Memory', array(), array(''));

  360. 		$session->expects($this->never())

  361. 			->method('set');

  362. 		$session->expects($this->once())

  363. 			->method('regenerateId');

  364. 

  365. 		$managerMethods = get_class_methods('\OC\User\Manager');

  366. 		//keep following methods intact in order to ensure hooks are

  367. 		//working

  368. 		$doNotMock = array('__construct', 'emit', 'listen');

  369. 		foreach ($doNotMock as $methodName) {

  370. 			$i = array_search($methodName, $managerMethods, true);

  371. 			if ($i !== false) {

  372. 				unset($managerMethods[$i]);

  373. 			}

  374. 		}

  375. 		$manager = $this->getMock('\OC\User\Manager', $managerMethods, array());

  376. 

  377. 		$backend = $this->getMock('\Test\Util\User\Dummy');

  378. 

  379. 		$user = $this->getMock('\OC\User\User', array(), array('foo', $backend));

  380. 

  381. 		$user->expects($this->any())

  382. 			->method('getUID')

  383. 			->will($this->returnValue('foo'));

  384. 		$user->expects($this->never())

  385. 			->method('updateLastLoginTimestamp');

  386. 

  387. 		$manager->expects($this->once())

  388. 			->method('get')

  389. 			->with('foo')

  390. 			->will($this->returnValue($user));

  391. 

  392. 		//prepare login token

  393. 		$token = 'goodToken';

  394. 		\OC::$server->getConfig()->setUserValue('foo', 'login_token', $token, time());

  395. 

  396. 		$userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->defaultProvider, [$this->defaultProvider]);

  397. 		$granted = $userSession->loginWithCookie('foo', 'badToken');

  398. 

  399. 		$this->assertSame($granted, false);

  400. 	}

  401. 

  402. 	public function testRememberLoginInvalidUser() {

  403. 		$session = $this->getMock('\OC\Session\Memory', array(), array(''));

  404. 		$session->expects($this->never())

  405. 			->method('set');

  406. 		$session->expects($this->once())

  407. 			->method('regenerateId');

  408. 

  409. 		$managerMethods = get_class_methods('\OC\User\Manager');

  410. 		//keep following methods intact in order to ensure hooks are

  411. 		//working

  412. 		$doNotMock = array('__construct', 'emit', 'listen');

  413. 		foreach ($doNotMock as $methodName) {

  414. 			$i = array_search($methodName, $managerMethods, true);

  415. 			if ($i !== false) {

  416. 				unset($managerMethods[$i]);

  417. 			}

  418. 		}

  419. 		$manager = $this->getMock('\OC\User\Manager', $managerMethods, array());

  420. 

  421. 		$backend = $this->getMock('\Test\Util\User\Dummy');

  422. 

  423. 		$user = $this->getMock('\OC\User\User', array(), array('foo', $backend));

  424. 

  425. 		$user->expects($this->never())

  426. 			->method('getUID');

  427. 		$user->expects($this->never())

  428. 			->method('updateLastLoginTimestamp');

  429. 

  430. 		$manager->expects($this->once())

  431. 			->method('get')

  432. 			->with('foo')

  433. 			->will($this->returnValue(null));

  434. 

  435. 		//prepare login token

  436. 		$token = 'goodToken';

  437. 		\OC::$server->getConfig()->setUserValue('foo', 'login_token', $token, time());

  438. 

  439. 		$userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->defaultProvider, [$this->defaultProvider]);

  440. 		$granted = $userSession->loginWithCookie('foo', $token);

  441. 

  442. 		$this->assertSame($granted, false);

  443. 	}

  444. 

  445. 	public function testActiveUserAfterSetSession() {

  446. 		$users = array(

  447. 			'foo' => new User('foo', null),

  448. 			'bar' => new User('bar', null)

  449. 		);

  450. 

  451. 		$manager = $this->getMockBuilder('\OC\User\Manager')

  452. 			->disableOriginalConstructor()

  453. 			->getMock();

  454. 

  455. 		$manager->expects($this->any())

  456. 			->method('get')

  457. 			->will($this->returnCallback(function ($uid) use ($users) {

  458. 					return $users[$uid];

  459. 				}));

  460. 

  461. 		$session = new Memory('');

  462. 		$session->set('user_id', 'foo');

  463. 		$userSession = $this->getMockBuilder('\OC\User\Session')

  464. 			->setConstructorArgs([$manager, $session, $this->timeFactory, $this->defaultProvider, [$this->defaultProvider]])

  465. 			->setMethods([

  466. 				'validateSession'

  467. 			])

  468. 			->getMock();

  469. 		$userSession->expects($this->any())

  470. 			->method('validateSession');

  471. 

  472. 		$this->assertEquals($users['foo'], $userSession->getUser());

  473. 

  474. 		$session2 = new Memory('');

  475. 		$session2->set('user_id', 'bar');

  476. 		$userSession->setSession($session2);

  477. 		$this->assertEquals($users['bar'], $userSession->getUser());

  478. 	}

  479. 

  480. }