diff options
| author | Christoph Wurst <christoph@winzerhof-wurst.at> | 2024-04-05 13:07:23 +0200 |
|---|---|---|
| committer | Daniel <mail@danielkesselberg.de> | 2024-06-03 22:54:50 +0200 |
| commit | 8f9a0f8fdc265e17a5941dbb863800ec9ae61278 (patch) | |
| tree | 3e1dcff87343ddee89de46b8d3bfedbb21c44e54 /tests | |
| parent | 806e390d14123f0bdf9e805bd55553339a0b5d3b (diff) | |
| download | nextcloud-server-8f9a0f8fdc265e17a5941dbb863800ec9ae61278.tar.gz nextcloud-server-8f9a0f8fdc265e17a5941dbb863800ec9ae61278.zip | |
fix(session): Do not update authtoken last_check for passwordless
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/lib/User/SessionTest.php | 78 |
1 files changed, 78 insertions, 0 deletions
diff --git a/tests/lib/User/SessionTest.php b/tests/lib/User/SessionTest.php index 50adda64afd..619f6b3b874 100644 --- a/tests/lib/User/SessionTest.php +++ b/tests/lib/User/SessionTest.php @@ -11,9 +11,11 @@ namespace Test\User; use OC\AppFramework\Http\Request; use OC\Authentication\Events\LoginFailed; use OC\Authentication\Exceptions\InvalidTokenException; +use OC\Authentication\Exceptions\PasswordlessTokenException; use OC\Authentication\Exceptions\PasswordLoginForbiddenException; use OC\Authentication\Token\IProvider; use OC\Authentication\Token\IToken; +use OC\Authentication\Token\PublicKeyToken; use OC\Security\CSRF\CsrfTokenManager; use OC\Session\Memory; use OC\User\LoginException; @@ -35,6 +37,8 @@ use OCP\Security\ISecureRandom; use OCP\User\Events\PostLoginEvent; use PHPUnit\Framework\MockObject\MockObject; use Psr\Log\LoggerInterface; +use function array_diff; +use function get_class_methods; /** * @group DB @@ -309,6 +313,80 @@ class SessionTest extends \Test\TestCase { $userSession->login('foo', 'bar'); } + public function testPasswordlessLoginNoLastCheckUpdate(): void { + $session = $this->getMockBuilder(Memory::class)->setConstructorArgs([''])->getMock(); + $managerMethods = get_class_methods(Manager::class); + // Keep following methods intact in order to ensure hooks are working + $mockedManagerMethods = array_diff($managerMethods, ['__construct', 'emit', 'listen']); + $manager = $this->getMockBuilder(Manager::class) + ->setMethods($mockedManagerMethods) + ->setConstructorArgs([ + $this->config, + $this->createMock(ICacheFactory::class), + $this->createMock(IEventDispatcher::class), + ]) + ->getMock(); + $userSession = new Session($manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random, $this->lockdownManager, $this->logger, $this->dispatcher); + + $session->expects($this->never()) + ->method('set'); + $session->expects($this->once()) + ->method('regenerateId'); + $token = new PublicKeyToken(); + $token->setLoginName('foo'); + $token->setLastCheck(0); // Never + $token->setUid('foo'); + $this->tokenProvider + ->method('getPassword') + ->with($token) + ->willThrowException(new PasswordlessTokenException()); + $this->tokenProvider + ->method('getToken') + ->with('app-password') + ->willReturn($token); + $this->tokenProvider->expects(self::never()) + ->method('updateToken'); + + $userSession->login('foo', 'app-password'); + } + + public function testLoginLastCheckUpdate(): void { + $session = $this->getMockBuilder(Memory::class)->setConstructorArgs([''])->getMock(); + $managerMethods = get_class_methods(Manager::class); + // Keep following methods intact in order to ensure hooks are working + $mockedManagerMethods = array_diff($managerMethods, ['__construct', 'emit', 'listen']); + $manager = $this->getMockBuilder(Manager::class) + ->setMethods($mockedManagerMethods) + ->setConstructorArgs([ + $this->config, + $this->createMock(ICacheFactory::class), + $this->createMock(IEventDispatcher::class), + ]) + ->getMock(); + $userSession = new Session($manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random, $this->lockdownManager, $this->logger, $this->dispatcher); + + $session->expects($this->never()) + ->method('set'); + $session->expects($this->once()) + ->method('regenerateId'); + $token = new PublicKeyToken(); + $token->setLoginName('foo'); + $token->setLastCheck(0); // Never + $token->setUid('foo'); + $this->tokenProvider + ->method('getPassword') + ->with($token) + ->willReturn('secret'); + $this->tokenProvider + ->method('getToken') + ->with('app-password') + ->willReturn($token); + $this->tokenProvider->expects(self::once()) + ->method('updateToken'); + + $userSession->login('foo', 'app-password'); + } + public function testLoginNonExisting() { $session = $this->getMockBuilder(Memory::class)->setConstructorArgs([''])->getMock(); $manager = $this->createMock(Manager::class); |