summaryrefslogtreecommitdiffstats
path: root/tests/Core/Controller
diff options
context:
space:
mode:
authorRoeland Jago Douma <roeland@famdouma.nl>2018-10-03 11:48:02 +0200
committerRoeland Jago Douma <roeland@famdouma.nl>2018-10-03 19:05:20 +0200
commit78273cb1e61870782d36e7b045abdfcee0cb647b (patch)
treea7d3ba3eddf649923743648d7faf2e13456b3d3c /tests/Core/Controller
parent893d2daeced67bddb2a277f8d126b3b27d78fcb0 (diff)
downloadnextcloud-server-78273cb1e61870782d36e7b045abdfcee0cb647b.tar.gz
nextcloud-server-78273cb1e61870782d36e7b045abdfcee0cb647b.zip
Add an endppoint for clients to request an app password
Now that we allow enforcing 2 factor auth it make sense if we also allow and endpoint where the clients can in the background fetch an apppassword if they were configured before the login flow was present. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Diffstat (limited to 'tests/Core/Controller')
-rw-r--r--tests/Core/Controller/AppPasswordControllerTest.php179
1 files changed, 179 insertions, 0 deletions
diff --git a/tests/Core/Controller/AppPasswordControllerTest.php b/tests/Core/Controller/AppPasswordControllerTest.php
new file mode 100644
index 00000000000..f0c223ccc1d
--- /dev/null
+++ b/tests/Core/Controller/AppPasswordControllerTest.php
@@ -0,0 +1,179 @@
+<?php
+declare(strict_types=1);
+/**
+ * @copyright Copyright (c) 2018, Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @author Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace Tests\Core\Controller;
+
+use OC\Authentication\Token\IProvider;
+use OC\Authentication\Token\IToken;
+use OC\Core\Controller\AppPasswordController;
+use OCP\AppFramework\OCS\OCSForbiddenException;
+use OCP\Authentication\Exceptions\CredentialsUnavailableException;
+use OCP\Authentication\Exceptions\PasswordUnavailableException;
+use OCP\Authentication\LoginCredentials\ICredentials;
+use OCP\Authentication\LoginCredentials\IStore;
+use OCP\IRequest;
+use OCP\ISession;
+use OCP\Security\ISecureRandom;
+use PHPUnit\Framework\MockObject\MockObject;
+use Test\TestCase;
+
+class AppPasswordControllerTest extends TestCase {
+
+ /** @var ISession|MockObject */
+ private $session;
+
+ /** @var ISecureRandom|MockObject */
+ private $random;
+
+ /** @var IProvider|MockObject */
+ private $tokenProvider;
+
+ /** @var IStore|MockObject */
+ private $credentialStore;
+
+ /** @var IRequest|MockObject */
+ private $request;
+
+ /** @var AppPasswordController */
+ private $controller;
+
+ public function setUp() {
+ parent::setUp();
+
+ $this->session = $this->createMock(ISession::class);
+ $this->random = $this->createMock(ISecureRandom::class);
+ $this->tokenProvider = $this->createMock(IProvider::class);
+ $this->credentialStore = $this->createMock(IStore::class);
+ $this->request = $this->createMock(IRequest::class);
+
+ $this->controller = new AppPasswordController(
+ 'core',
+ $this->request,
+ $this->session,
+ $this->random,
+ $this->tokenProvider,
+ $this->credentialStore
+ );
+ }
+
+ public function testGetAppPasswordWithAppPassword() {
+ $this->session->method('exists')
+ ->with('app_password')
+ ->willReturn(true);
+
+ $this->expectException(OCSForbiddenException::class);
+
+ $this->controller->getAppPassword();
+ }
+
+ public function testGetAppPasswordNoLoginCreds() {
+ $this->session->method('exists')
+ ->with('app_password')
+ ->willReturn(false);
+ $this->credentialStore->method('getLoginCredentials')
+ ->willThrowException(new CredentialsUnavailableException());
+
+ $this->expectException(OCSForbiddenException::class);
+
+ $this->controller->getAppPassword();
+ }
+
+ public function testGetAppPassword() {
+ $credentials = $this->createMock(ICredentials::class);
+
+ $this->session->method('exists')
+ ->with('app_password')
+ ->willReturn(false);
+ $this->credentialStore->method('getLoginCredentials')
+ ->willReturn($credentials);
+ $credentials->method('getUid')
+ ->willReturn('myUID');
+ $credentials->method('getPassword')
+ ->willReturn('myPassword');
+ $credentials->method('getLoginName')
+ ->willReturn('myLoginName');
+ $this->request->method('getHeader')
+ ->with('USER_AGENT')
+ ->willReturn('myUA');
+ $this->random->method('generate')
+ ->with(
+ 72,
+ ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS
+ )->willReturn('myToken');
+
+ $this->tokenProvider->expects($this->once())
+ ->method('generateToken')
+ ->with(
+ 'myToken',
+ 'myUID',
+ 'myLoginName',
+ 'myPassword',
+ 'myUA',
+ IToken::PERMANENT_TOKEN,
+ IToken::DO_NOT_REMEMBER
+ );
+
+ $this->controller->getAppPassword();
+ }
+
+ public function testGetAppPasswordNoPassword() {
+ $credentials = $this->createMock(ICredentials::class);
+
+ $this->session->method('exists')
+ ->with('app_password')
+ ->willReturn(false);
+ $this->credentialStore->method('getLoginCredentials')
+ ->willReturn($credentials);
+ $credentials->method('getUid')
+ ->willReturn('myUID');
+ $credentials->method('getPassword')
+ ->willThrowException(new PasswordUnavailableException());
+ $credentials->method('getLoginName')
+ ->willReturn('myLoginName');
+ $this->request->method('getHeader')
+ ->with('USER_AGENT')
+ ->willReturn('myUA');
+ $this->random->method('generate')
+ ->with(
+ 72,
+ ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS
+ )->willReturn('myToken');
+
+ $this->tokenProvider->expects($this->once())
+ ->method('generateToken')
+ ->with(
+ 'myToken',
+ 'myUID',
+ 'myLoginName',
+ null,
+ 'myUA',
+ IToken::PERMANENT_TOKEN,
+ IToken::DO_NOT_REMEMBER
+ );
+
+ $this->controller->getAppPassword();
+ }
+
+
+}