add auth integration tests

3 files changed, 198 insertions, 0 deletions

diff --git a/build/integration/features/auth.feature b/build/integration/features/auth.feature
new file mode 100644
index 00000000000..43aa618bd00
--- /dev/null
+++ b/build/integration/features/auth.feature
@@ -0,0 +1,78 @@
+Feature: auth
+
+	Background:
+		Given user "user0" exists
+		Given a new client token is used
+
+
+	# FILES APP
+
+	Scenario: access files app anonymously
+		When requesting "/index.php/apps/files" with "GET"
+		Then the HTTP status code should be "401"
+
+	Scenario: access files app with basic auth
+		When requesting "/index.php/apps/files" with "GET" using basic auth
+		Then the HTTP status code should be "200"
+
+	Scenario: access files app with basic token auth
+		When requesting "/index.php/apps/files" with "GET" using basic token auth
+		Then the HTTP status code should be "200"
+
+	Scenario: access files app with a client token
+		When requesting "/index.php/apps/files" with "GET" using a client token
+		Then the HTTP status code should be "200"
+
+	Scenario: access files app with browser session
+		Given a new browser session is started
+		When requesting "/index.php/apps/files" with "GET" using browser session
+		Then the HTTP status code should be "200"
+
+
+	# WebDAV
+
+	Scenario: using WebDAV anonymously
+		When requesting "/remote.php/webdav" with "PROPFIND"
+		Then the HTTP status code should be "401"
+
+	Scenario: using WebDAV with basic auth
+		When requesting "/remote.php/webdav" with "PROPFIND" using basic auth
+		Then the HTTP status code should be "207"
+
+	Scenario: using WebDAV with token auth
+		When requesting "/remote.php/webdav" with "PROPFIND" using basic token auth
+		Then the HTTP status code should be "207"
+
+	# DAV token auth is not possible yet
+	#Scenario: using WebDAV with a client token
+	#	When requesting "/remote.php/webdav" with "PROPFIND" using a client token
+	#	Then the HTTP status code should be "207"
+
+	Scenario: using WebDAV with browser session
+		Given a new browser session is started
+		When requesting "/remote.php/webdav" with "PROPFIND" using browser session
+		Then the HTTP status code should be "207"
+
+
+	# OCS
+
+	Scenario: using OCS anonymously
+		When requesting "/ocs/v1.php/apps/files_sharing/api/v1/remote_shares" with "GET"
+		Then the OCS status code should be "997"
+
+	Scenario: using OCS with basic auth
+		When requesting "/ocs/v1.php/apps/files_sharing/api/v1/remote_shares" with "GET" using basic auth
+		Then the OCS status code should be "100"
+
+	Scenario: using OCS with token auth
+		When requesting "/ocs/v1.php/apps/files_sharing/api/v1/remote_shares" with "GET" using basic token auth
+		Then the OCS status code should be "100"
+
+	Scenario: using OCS with client token
+		When requesting "/ocs/v1.php/apps/files_sharing/api/v1/remote_shares" with "GET" using a client token
+		Then the OCS status code should be "100"
+
+	Scenario: using OCS with browser session
+		Given a new browser session is started
+		When requesting "/ocs/v1.php/apps/files_sharing/api/v1/remote_shares" with "GET" using browser session
+		Then the OCS status code should be "100"
\ No newline at end of file
diff --git a/build/integration/features/bootstrap/Auth.php b/build/integration/features/bootstrap/Auth.php
new file mode 100644
index 00000000000..88edcd49a5b
--- /dev/null
+++ b/build/integration/features/bootstrap/Auth.php
@@ -0,0 +1,117 @@
+<?php
+
+use GuzzleHttp\Client;
+use GuzzleHttp\Exception\ClientException;
+
+require __DIR__ . '/../../vendor/autoload.php';
+
+trait Auth {
+
+	private $clientToken;
+
+	/** @BeforeScenario */
+	public function tearUpScenario() {
+		$this->client = new Client();
+		$this->responseXml = '';
+	}
+
+	/**
+	 * @When requesting :url with :method
+	 */
+	public function requestingWith($url, $method) {
+		$this->sendRequest($url, $method);
+	}
+
+	private function sendRequest($url, $method, $authHeader = null, $useCookies = false) {
+		$fullUrl = substr($this->baseUrl, 0, -5) . $url;
+		try {
+			if ($useCookies) {
+				$request = $this->client->createRequest($method, $fullUrl, [
+				    'cookies' => $this->cookieJar,
+				]);
+			} else {
+				$request = $this->client->createRequest($method, $fullUrl);
+			}
+			if ($authHeader) {
+				$request->setHeader('Authorization', $authHeader);
+			}
+			$request->setHeader('OCS_APIREQUEST', 'true');
+			$request->setHeader('requesttoken', $this->requestToken);
+			$this->response = $this->client->send($request);
+		} catch (ClientException $ex) {
+			$this->response = $ex->getResponse();
+		}
+	}
+
+	/**
+	 * @Given a new client token is used
+	 */
+	public function aNewClientTokenIsUsed() {
+		$client = new Client();
+		$resp = $client->post(substr($this->baseUrl, 0, -5) . '/token/generate', [
+		    'json' => [
+			'user' => 'user0',
+			'password' => '123456',
+		    ]
+		]);
+		$this->clientToken = json_decode($resp->getBody()->getContents())->token;
+	}
+
+	/**
+	 * @When requesting :url with :method using basic auth
+	 */
+	public function requestingWithBasicAuth($url, $method) {
+		$this->sendRequest($url, $method, 'basic ' . base64_encode('user:user'));
+	}
+
+	/**
+	 * @When requesting :url with :method using basic token auth
+	 */
+	public function requestingWithBasicTokenAuth($url, $method) {
+		$this->sendRequest($url, $method, 'basic ' . base64_encode('user:' . $this->clientToken));
+	}
+
+	/**
+	 * @When requesting :url with :method using a client token
+	 */
+	public function requestingWithUsingAClientToken($url, $method) {
+		$this->sendRequest($url, $method, 'token ' . $this->clientToken);
+	}
+
+	/**
+	 * @When requesting :url with :method using browser session
+	 */
+	public function requestingWithBrowserSession($url, $method) {
+		$this->sendRequest($url, $method, null, true);
+	}
+
+	/**
+	 * @Given a new browser session is started
+	 */
+	public function aNewBrowserSessionIsStarted() {
+		$loginUrl = substr($this->baseUrl, 0, -5) . '/login';
+		// Request a new session and extract CSRF token
+		$client = new Client();
+		$response = $client->get(
+			$loginUrl, [
+		    'cookies' => $this->cookieJar,
+			]
+		);
+		$this->extracRequestTokenFromResponse($response);
+
+		// Login and extract new token
+		$client = new Client();
+		$response = $client->post(
+			$loginUrl, [
+		    'body' => [
+			'user' => 'user0',
+			'password' => '123456',
+			'requesttoken' => $this->requestToken,
+		    ],
+		    'cookies' => $this->cookieJar,
+			]
+		);
+		$this->extracRequestTokenFromResponse($response);
+	}
+
+}
diff --git a/build/integration/features/bootstrap/BasicStructure.php b/build/integration/features/bootstrap/BasicStructure.php
index 60ae51dbdf0..b8fb516fada 100644
--- a/build/integration/features/bootstrap/BasicStructure.php
+++ b/build/integration/features/bootstrap/BasicStructure.php
@@ -6,6 +6,9 @@ use GuzzleHttp\Message\ResponseInterface;
 require __DIR__ . '/../../vendor/autoload.php';
 
 trait BasicStructure {
+
+	use Auth;
+
 	/** @var string */
 	private $currentUser = '';