aboutsummaryrefslogtreecommitdiffstats
path: root/tests
diff options
context:
space:
mode:
authorChristoph Wurst <christoph@winzerhof-wurst.at>2024-04-05 13:07:23 +0200
committerChristoph Wurst <ChristophWurst@users.noreply.github.com>2024-05-29 13:23:05 +0200
commit3534f3dd7a8210575d87e537308426b2c14471d5 (patch)
tree3aa750fa92724b864afba9825f47850a10df89f9 /tests
parentd125aa32cd4b9c4cc4691e10269619c692ba8557 (diff)
downloadnextcloud-server-3534f3dd7a8210575d87e537308426b2c14471d5.tar.gz
nextcloud-server-3534f3dd7a8210575d87e537308426b2c14471d5.zip
fix(session): Do not update authtoken last_check for passwordless
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Diffstat (limited to 'tests')
-rw-r--r--tests/lib/User/SessionTest.php78
1 files changed, 78 insertions, 0 deletions
diff --git a/tests/lib/User/SessionTest.php b/tests/lib/User/SessionTest.php
index 50adda64afd..619f6b3b874 100644
--- a/tests/lib/User/SessionTest.php
+++ b/tests/lib/User/SessionTest.php
@@ -11,9 +11,11 @@ namespace Test\User;
use OC\AppFramework\Http\Request;
use OC\Authentication\Events\LoginFailed;
use OC\Authentication\Exceptions\InvalidTokenException;
+use OC\Authentication\Exceptions\PasswordlessTokenException;
use OC\Authentication\Exceptions\PasswordLoginForbiddenException;
use OC\Authentication\Token\IProvider;
use OC\Authentication\Token\IToken;
+use OC\Authentication\Token\PublicKeyToken;
use OC\Security\CSRF\CsrfTokenManager;
use OC\Session\Memory;
use OC\User\LoginException;
@@ -35,6 +37,8 @@ use OCP\Security\ISecureRandom;
use OCP\User\Events\PostLoginEvent;
use PHPUnit\Framework\MockObject\MockObject;
use Psr\Log\LoggerInterface;
+use function array_diff;
+use function get_class_methods;
/**
* @group DB
@@ -309,6 +313,80 @@ class SessionTest extends \Test\TestCase {
$userSession->login('foo', 'bar');
}
+ public function testPasswordlessLoginNoLastCheckUpdate(): void {
+ $session = $this->getMockBuilder(Memory::class)->setConstructorArgs([''])->getMock();
+ $managerMethods = get_class_methods(Manager::class);
+ // Keep following methods intact in order to ensure hooks are working
+ $mockedManagerMethods = array_diff($managerMethods, ['__construct', 'emit', 'listen']);
+ $manager = $this->getMockBuilder(Manager::class)
+ ->setMethods($mockedManagerMethods)
+ ->setConstructorArgs([
+ $this->config,
+ $this->createMock(ICacheFactory::class),
+ $this->createMock(IEventDispatcher::class),
+ ])
+ ->getMock();
+ $userSession = new Session($manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random, $this->lockdownManager, $this->logger, $this->dispatcher);
+
+ $session->expects($this->never())
+ ->method('set');
+ $session->expects($this->once())
+ ->method('regenerateId');
+ $token = new PublicKeyToken();
+ $token->setLoginName('foo');
+ $token->setLastCheck(0); // Never
+ $token->setUid('foo');
+ $this->tokenProvider
+ ->method('getPassword')
+ ->with($token)
+ ->willThrowException(new PasswordlessTokenException());
+ $this->tokenProvider
+ ->method('getToken')
+ ->with('app-password')
+ ->willReturn($token);
+ $this->tokenProvider->expects(self::never())
+ ->method('updateToken');
+
+ $userSession->login('foo', 'app-password');
+ }
+
+ public function testLoginLastCheckUpdate(): void {
+ $session = $this->getMockBuilder(Memory::class)->setConstructorArgs([''])->getMock();
+ $managerMethods = get_class_methods(Manager::class);
+ // Keep following methods intact in order to ensure hooks are working
+ $mockedManagerMethods = array_diff($managerMethods, ['__construct', 'emit', 'listen']);
+ $manager = $this->getMockBuilder(Manager::class)
+ ->setMethods($mockedManagerMethods)
+ ->setConstructorArgs([
+ $this->config,
+ $this->createMock(ICacheFactory::class),
+ $this->createMock(IEventDispatcher::class),
+ ])
+ ->getMock();
+ $userSession = new Session($manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random, $this->lockdownManager, $this->logger, $this->dispatcher);
+
+ $session->expects($this->never())
+ ->method('set');
+ $session->expects($this->once())
+ ->method('regenerateId');
+ $token = new PublicKeyToken();
+ $token->setLoginName('foo');
+ $token->setLastCheck(0); // Never
+ $token->setUid('foo');
+ $this->tokenProvider
+ ->method('getPassword')
+ ->with($token)
+ ->willReturn('secret');
+ $this->tokenProvider
+ ->method('getToken')
+ ->with('app-password')
+ ->willReturn($token);
+ $this->tokenProvider->expects(self::once())
+ ->method('updateToken');
+
+ $userSession->login('foo', 'app-password');
+ }
+
public function testLoginNonExisting() {
$session = $this->getMockBuilder(Memory::class)->setConstructorArgs([''])->getMock();
$manager = $this->createMock(Manager::class);