diff options
author | Christoph Wurst <christoph@winzerhof-wurst.at> | 2022-10-02 14:11:41 +0200 |
---|---|---|
committer | Christoph Wurst <christoph@winzerhof-wurst.at> | 2022-10-18 08:28:22 +0200 |
commit | c5922e67d37f3bcf7748a36b4c7ab10d1d10f2b8 (patch) | |
tree | bf00de8c823c15886571e8fe7b2066e03be8dddd /tests/lib/Authentication | |
parent | 495d49a1324d5047ab122a20d1900e0239d4de59 (diff) | |
download | nextcloud-server-c5922e67d37f3bcf7748a36b4c7ab10d1d10f2b8.tar.gz nextcloud-server-c5922e67d37f3bcf7748a36b4c7ab10d1d10f2b8.zip |
Run session token renewals in a database transaction
The session token renewal does
1) Read the old token
2) Write a new token
3) Delete the old token
If two processes succeed to read the old token there can be two new tokens because
the queries were not run in a transaction. This is particularly problematic on
clustered DBs where 1) would go to a read node and 2) and 3) go to a write node.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Diffstat (limited to 'tests/lib/Authentication')
-rw-r--r-- | tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php | 20 |
1 files changed, 18 insertions, 2 deletions
diff --git a/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php b/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php index ad0a13937ae..ce739a74bb8 100644 --- a/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php +++ b/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php @@ -1,4 +1,7 @@ <?php + +declare(strict_types=1); + /** * @copyright Copyright (c) 2018 Roeland Jago Douma <roeland@famdouma.nl> * @@ -34,6 +37,7 @@ use OCP\AppFramework\Db\DoesNotExistException; use OCP\AppFramework\Utility\ITimeFactory; use OCP\IConfig; use OCP\Security\ICrypto; +use PHPUnit\Framework\MockObject\MockObject; use Psr\Log\LoggerInterface; use Test\TestCase; @@ -46,6 +50,8 @@ class PublicKeyTokenProviderTest extends TestCase { private $crypto; /** @var IConfig|\PHPUnit\Framework\MockObject\MockObject */ private $config; + /** @var IDBConnection|IDBConnection|MockObject */ + private IDBConnection $db; /** @var LoggerInterface|\PHPUnit\Framework\MockObject\MockObject */ private $logger; /** @var ITimeFactory|\PHPUnit\Framework\MockObject\MockObject */ @@ -66,14 +72,24 @@ class PublicKeyTokenProviderTest extends TestCase { ['secret', '', '1f4h9s'], ['openssl', [], []], ]); + $this->db = $this->createMock(IDBConnection::class); + $this->db->method('atomic')->willReturnCallback(function ($cb) { + return $cb(); + }); $this->logger = $this->createMock(LoggerInterface::class); $this->timeFactory = $this->createMock(ITimeFactory::class); $this->time = 1313131; $this->timeFactory->method('getTime') ->willReturn($this->time); - $this->tokenProvider = new PublicKeyTokenProvider($this->mapper, $this->crypto, $this->config, $this->logger, - $this->timeFactory); + $this->tokenProvider = new PublicKeyTokenProvider( + $this->mapper, + $this->crypto, + $this->config, + $this->db, + $this->logger, + $this->timeFactory, + ); } public function testGenerateToken() { |