fix(session): Avoid two useless authtoken DB queries for every anonymous request

Co-Authored-By: Christoph Wurst <christoph@winzerhof-wurst.at> Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com> Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
author: Git'Fellow <12234510+solracsf@users.noreply.github.com> 2024-01-06 09:03:59 +0100
committer: backportbot-nextcloud[bot] <backportbot-nextcloud[bot]@users.noreply.github.com> 2024-01-17 09:27:17 +0000
commit: 27af03c92d1eea2c7c8e19b1f0b3646633173642 (patch)
tree: 5747723f3dd3a6740a5113d3785478ae900d5eb8 /tests/lib
parent: e2056a1de95dda2d7d1824e6b050e9369a048ca6 (diff)
download: nextcloud-server-27af03c92d1eea2c7c8e19b1f0b3646633173642.tar.gz
nextcloud-server-27af03c92d1eea2c7c8e19b1f0b3646633173642.zip
1 files changed, 50 insertions, 0 deletions
diff --git a/tests/lib/User/SessionTest.php b/tests/lib/User/SessionTest.php
index 7bf93e68518..b8eab55beab 100644
--- a/tests/lib/User/SessionTest.php
+++ b/tests/lib/User/SessionTest.php
@@ -483,6 +483,56 @@ class SessionTest extends \Test\TestCase {
 		$userSession->logClientIn('john', 'doe', $request, $this->throttler);
 	}
 
+	public function testTryTokenLoginNoHeaderNoSessionCookie(): void {
+		$request = $this->createMock(IRequest::class);
+		$this->config->expects(self::once())
+			->method('getSystemValueString')
+			->with('instanceid')
+			->willReturn('abc123');
+		$request->method('getHeader')->with('Authorization')->willReturn('');
+		$request->method('getCookie')->with('abc123')->willReturn(null);
+		$this->tokenProvider->expects(self::never())
+			->method('getToken');
+
+		$loginResult = $this->userSession->tryTokenLogin($request);
+
+		self::assertFalse($loginResult);
+	}
+
+	public function testTryTokenLoginAuthorizationHeaderTokenNotFound(): void {
+		$request = $this->createMock(IRequest::class);
+		$request->method('getHeader')->with('Authorization')->willReturn('Bearer abcde-12345');
+		$this->tokenProvider->expects(self::once())
+			->method('getToken')
+			->with('abcde-12345')
+			->willThrowException(new InvalidTokenException());
+
+		$loginResult = $this->userSession->tryTokenLogin($request);
+
+		self::assertFalse($loginResult);
+	}
+
+	public function testTryTokenLoginSessionIdTokenNotFound(): void {
+		$request = $this->createMock(IRequest::class);
+		$this->config->expects(self::once())
+			->method('getSystemValueString')
+			->with('instanceid')
+			->willReturn('abc123');
+		$request->method('getHeader')->with('Authorization')->willReturn('');
+		$request->method('getCookie')->with('abc123')->willReturn('abcde12345');
+		$this->session->expects(self::once())
+			->method('getId')
+			->willReturn('abcde12345');
+		$this->tokenProvider->expects(self::once())
+			->method('getToken')
+			->with('abcde12345')
+			->willThrowException(new InvalidTokenException());
+
+		$loginResult = $this->userSession->tryTokenLogin($request);
+
+		self::assertFalse($loginResult);
+	}
+
 	public function testRememberLoginValidToken() {
 		$session = $this->getMockBuilder(Memory::class)->setConstructorArgs([''])->getMock();
 		$managerMethods = get_class_methods(Manager::class);
author	Git'Fellow <12234510+solracsf@users.noreply.github.com>	2024-01-06 09:03:59 +0100
committer	backportbot-nextcloud[bot] <backportbot-nextcloud[bot]@users.noreply.github.com>	2024-01-17 09:27:17 +0000
commit	27af03c92d1eea2c7c8e19b1f0b3646633173642 (patch)
tree	5747723f3dd3a6740a5113d3785478ae900d5eb8 /tests/lib
parent	e2056a1de95dda2d7d1824e6b050e9369a048ca6 (diff)
download	nextcloud-server-27af03c92d1eea2c7c8e19b1f0b3646633173642.tar.gz nextcloud-server-27af03c92d1eea2c7c8e19b1f0b3646633173642.zip