summaryrefslogtreecommitdiffstats
path: root/tests
diff options
context:
space:
mode:
authorChristoph Wurst <christoph@winzerhof-wurst.at>2018-09-10 17:02:37 +0200
committerRoeland Jago Douma <roeland@famdouma.nl>2018-09-25 09:54:20 +0200
commit7586b19e524761c1e8aab5170375a0d6c9e8f7a2 (patch)
treee2a0fc5fa9754c12cfd226bf7aa48964fce18237 /tests
parent92fa373314e77dc905036812253f6b776a9e1aaf (diff)
downloadnextcloud-server-7586b19e524761c1e8aab5170375a0d6c9e8f7a2.tar.gz
nextcloud-server-7586b19e524761c1e8aab5170375a0d6c9e8f7a2.zip
Only allow 2FA state changs if providers support the operation
Ref https://github.com/nextcloud/server/issues/11019. Add `twofactorauth:cleanup` command Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Diffstat (limited to 'tests')
-rw-r--r--tests/Core/Command/TwoFactorAuth/CleanupTest.php66
-rw-r--r--tests/Core/Command/TwoFactorAuth/DisableTest.php113
-rw-r--r--tests/Core/Command/TwoFactorAuth/EnableTest.php114
-rw-r--r--tests/Core/Command/TwoFactorAuth/StateTest.php113
-rw-r--r--tests/lib/Authentication/TwoFactorAuth/Db/ProviderUserAssignmentDaoTest.php14
-rw-r--r--tests/lib/Authentication/TwoFactorAuth/ManagerTest.php28
-rw-r--r--tests/lib/Authentication/TwoFactorAuth/ProviderManagerTest.php154
-rw-r--r--tests/lib/Authentication/TwoFactorAuth/RegistryTest.php8
8 files changed, 482 insertions, 128 deletions
diff --git a/tests/Core/Command/TwoFactorAuth/CleanupTest.php b/tests/Core/Command/TwoFactorAuth/CleanupTest.php
new file mode 100644
index 00000000000..227283decf6
--- /dev/null
+++ b/tests/Core/Command/TwoFactorAuth/CleanupTest.php
@@ -0,0 +1,66 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * @copyright 2018 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @author 2018 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace Core\Command\TwoFactorAuth;
+
+use OC\Core\Command\TwoFactorAuth\Cleanup;
+use OCP\Authentication\TwoFactorAuth\IRegistry;
+use PHPUnit\Framework\MockObject\MockObject;
+use Symfony\Component\Console\Tester\CommandTester;
+use Test\TestCase;
+
+class CleanupTest extends TestCase {
+
+ /** @var IRegistry|MockObject */
+ private $registry;
+
+ /** @var CommandTester */
+ private $cmd;
+
+ protected function setUp() {
+ parent::setUp();
+
+ $this->registry = $this->createMock(IRegistry::class);
+
+ $cmd = new Cleanup($this->registry);
+ $this->cmd = new CommandTester($cmd);
+ }
+
+ public function testCleanup() {
+ $this->registry->expects($this->once())
+ ->method('cleanUp')
+ ->with('u2f');
+
+ $rc = $this->cmd->execute([
+ 'provider-id' => 'u2f',
+ ]);
+
+ $this->assertEquals(0, $rc);
+ $output = $this->cmd->getDisplay();
+ $this->assertContains("All user-provider associations for provider u2f have been removed", $output);
+ }
+
+}
diff --git a/tests/Core/Command/TwoFactorAuth/DisableTest.php b/tests/Core/Command/TwoFactorAuth/DisableTest.php
index 1a0bbc6c3d3..30ebc007dc1 100644
--- a/tests/Core/Command/TwoFactorAuth/DisableTest.php
+++ b/tests/Core/Command/TwoFactorAuth/DisableTest.php
@@ -1,8 +1,11 @@
<?php
+
+declare(strict_types=1);
+
/**
- * @copyright 2016, Roeland Jago Douma <roeland@famdouma.nl>
+ * @copyright 2018 Christoph Wurst <christoph@winzerhof-wurst.at>
*
- * @author Roeland Jago Douma <roeland@famdouma.nl>
+ * @author 2018 Christoph Wurst <christoph@winzerhof-wurst.at>
*
* @license GNU AGPL version 3 or any later version
*
@@ -20,80 +23,90 @@
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
+
namespace Test\Core\Command\TwoFactorAuth;
-use OC\Authentication\TwoFactorAuth\Manager;
+use OC\Authentication\TwoFactorAuth\ProviderManager;
use OC\Core\Command\TwoFactorAuth\Disable;
use OCP\IUser;
use OCP\IUserManager;
-use Symfony\Component\Console\Input\InputInterface;
-use Symfony\Component\Console\Output\OutputInterface;
+use PHPUnit\Framework\MockObject\MockObject;
+use Symfony\Component\Console\Tester\CommandTester;
use Test\TestCase;
class DisableTest extends TestCase {
- /** @var Manager|\PHPUnit_Framework_MockObject_MockObject */
- private $manager;
+ /** @var ProviderManager|MockObject */
+ private $providerManager;
- /** @var IUserManager|\PHPUnit_Framework_MockObject_MockObject */
+ /** @var IUserManager|MockObject */
private $userManager;
- /** @var Disable */
+ /** @var CommandTester */
private $command;
public function setUp() {
parent::setUp();
- $this->manager = $this->createMock(Manager::class);
+ $this->providerManager = $this->createMock(ProviderManager::class);
$this->userManager = $this->createMock(IUserManager::class);
- $this->command = new Disable($this->manager, $this->userManager);
+ $cmd = new Disable($this->providerManager, $this->userManager);
+ $this->command = new CommandTester($cmd);
}
- public function testDisableSuccess() {
- $user = $this->createMock(IUser::class);
+ public function testInvalidUID() {
+ $this->userManager->expects($this->once())
+ ->method('get')
+ ->with('nope')
+ ->willReturn(null);
- $input = $this->createMock(InputInterface::class);
- $output = $this->createMock(OutputInterface::class);
+ $rc = $this->command->execute([
+ 'uid' => 'nope',
+ 'provider_id' => 'nope',
+ ]);
- $input->method('getArgument')
- ->with($this->equalTo('uid'))
- ->willReturn('user');
+ $this->assertEquals(1, $rc);
+ $this->assertContains("Invalid UID", $this->command->getDisplay());
+ }
- $this->userManager->method('get')
- ->with('user')
+ public function testEnableNotSupported() {
+ $user = $this->createMock(IUser::class);
+ $this->userManager->expects($this->once())
+ ->method('get')
+ ->with('ricky')
->willReturn($user);
-
- $this->manager->expects($this->once())
- ->method('disableTwoFactorAuthentication')
- ->with($this->equalTo($user));
-
- $output->expects($this->once())
- ->method('writeln')
- ->with('Two-factor authentication disabled for user user');
-
- $this->invokePrivate($this->command, 'execute', [$input, $output]);
+ $this->providerManager->expects($this->once())
+ ->method('tryDisableProviderFor')
+ ->with('totp', $user)
+ ->willReturn(false);
+
+ $rc = $this->command->execute([
+ 'uid' => 'ricky',
+ 'provider_id' => 'totp',
+ ]);
+
+ $this->assertEquals(2, $rc);
+ $this->assertContains("The provider does not support this operation", $this->command->getDisplay());
}
- public function testEnableFail() {
- $input = $this->createMock(InputInterface::class);
- $output = $this->createMock(OutputInterface::class);
-
- $input->method('getArgument')
- ->with($this->equalTo('uid'))
- ->willReturn('user');
-
- $this->userManager->method('get')
- ->with('user')
- ->willReturn(null);
-
- $this->manager->expects($this->never())
- ->method($this->anything());
-
- $output->expects($this->once())
- ->method('writeln')
- ->with('<error>Invalid UID</error>');
-
- $this->invokePrivate($this->command, 'execute', [$input, $output]);
+ public function testEnabled() {
+ $user = $this->createMock(IUser::class);
+ $this->userManager->expects($this->once())
+ ->method('get')
+ ->with('ricky')
+ ->willReturn($user);
+ $this->providerManager->expects($this->once())
+ ->method('tryDisableProviderFor')
+ ->with('totp', $user)
+ ->willReturn(true);
+
+ $rc = $this->command->execute([
+ 'uid' => 'ricky',
+ 'provider_id' => 'totp',
+ ]);
+
+ $this->assertEquals(0, $rc);
+ $this->assertContains("Two-factor provider totp disabled for user ricky", $this->command->getDisplay());
}
}
diff --git a/tests/Core/Command/TwoFactorAuth/EnableTest.php b/tests/Core/Command/TwoFactorAuth/EnableTest.php
index ebca40df9a5..f31f92da4a5 100644
--- a/tests/Core/Command/TwoFactorAuth/EnableTest.php
+++ b/tests/Core/Command/TwoFactorAuth/EnableTest.php
@@ -1,8 +1,11 @@
<?php
+
+declare(strict_types=1);
+
/**
- * @copyright 2016, Roeland Jago Douma <roeland@famdouma.nl>
+ * @copyright 2018 Christoph Wurst <christoph@winzerhof-wurst.at>
*
- * @author Roeland Jago Douma <roeland@famdouma.nl>
+ * @author 2018 Christoph Wurst <christoph@winzerhof-wurst.at>
*
* @license GNU AGPL version 3 or any later version
*
@@ -20,80 +23,91 @@
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
+
namespace Test\Core\Command\TwoFactorAuth;
-use OC\Authentication\TwoFactorAuth\Manager;
+use OC\Authentication\TwoFactorAuth\ProviderManager;
use OC\Core\Command\TwoFactorAuth\Enable;
use OCP\IUser;
use OCP\IUserManager;
-use Symfony\Component\Console\Input\InputInterface;
-use Symfony\Component\Console\Output\OutputInterface;
+use PHPUnit\Framework\MockObject\MockObject;
+use Symfony\Component\Console\Tester\CommandTester;
use Test\TestCase;
class EnableTest extends TestCase {
- /** @var Manager|\PHPUnit_Framework_MockObject_MockObject */
- private $manager;
+ /** @var ProviderManager|MockObject */
+ private $providerManager;
- /** @var IUserManager|\PHPUnit_Framework_MockObject_MockObject */
+ /** @var IUserManager|MockObject */
private $userManager;
- /** @var Enable */
+ /** @var CommandTester */
private $command;
public function setUp() {
parent::setUp();
- $this->manager = $this->createMock(Manager::class);
+ $this->providerManager = $this->createMock(ProviderManager::class);
$this->userManager = $this->createMock(IUserManager::class);
- $this->command = new Enable($this->manager, $this->userManager);
+ $cmd = new Enable($this->providerManager, $this->userManager);
+ $this->command = new CommandTester($cmd);
}
- public function testEnableSuccess() {
- $user = $this->createMock(IUser::class);
+ public function testInvalidUID() {
+ $this->userManager->expects($this->once())
+ ->method('get')
+ ->with('nope')
+ ->willReturn(null);
- $input = $this->createMock(InputInterface::class);
- $output = $this->createMock(OutputInterface::class);
+ $rc = $this->command->execute([
+ 'uid' => 'nope',
+ 'provider_id' => 'nope',
+ ]);
- $input->method('getArgument')
- ->with($this->equalTo('uid'))
- ->willReturn('user');
+ $this->assertEquals(1, $rc);
+ $this->assertContains("Invalid UID", $this->command->getDisplay());
+ }
- $this->userManager->method('get')
- ->with('user')
+ public function testEnableNotSupported() {
+ $user = $this->createMock(IUser::class);
+ $this->userManager->expects($this->once())
+ ->method('get')
+ ->with('belle')
->willReturn($user);
-
- $this->manager->expects($this->once())
- ->method('enableTwoFactorAuthentication')
- ->with($this->equalTo($user));
-
- $output->expects($this->once())
- ->method('writeln')
- ->with('Two-factor authentication enabled for user user');
-
- $this->invokePrivate($this->command, 'execute', [$input, $output]);
+ $this->providerManager->expects($this->once())
+ ->method('tryEnableProviderFor')
+ ->with('totp', $user)
+ ->willReturn(false);
+
+ $rc = $this->command->execute([
+ 'uid' => 'belle',
+ 'provider_id' => 'totp',
+ ]);
+
+ $this->assertEquals(2, $rc);
+ $this->assertContains("The provider does not support this operation", $this->command->getDisplay());
}
- public function testEnableFail() {
- $input = $this->createMock(InputInterface::class);
- $output = $this->createMock(OutputInterface::class);
-
- $input->method('getArgument')
- ->with($this->equalTo('uid'))
- ->willReturn('user');
-
- $this->userManager->method('get')
- ->with('user')
- ->willReturn(null);
-
- $this->manager->expects($this->never())
- ->method($this->anything());
-
- $output->expects($this->once())
- ->method('writeln')
- ->with('<error>Invalid UID</error>');
-
- $this->invokePrivate($this->command, 'execute', [$input, $output]);
+ public function testEnabled() {
+ $user = $this->createMock(IUser::class);
+ $this->userManager->expects($this->once())
+ ->method('get')
+ ->with('belle')
+ ->willReturn($user);
+ $this->providerManager->expects($this->once())
+ ->method('tryEnableProviderFor')
+ ->with('totp', $user)
+ ->willReturn(true);
+
+ $rc = $this->command->execute([
+ 'uid' => 'belle',
+ 'provider_id' => 'totp',
+ ]);
+
+ $this->assertEquals(0, $rc);
+ $this->assertContains("Two-factor provider totp enabled for user belle", $this->command->getDisplay());
}
+
}
diff --git a/tests/Core/Command/TwoFactorAuth/StateTest.php b/tests/Core/Command/TwoFactorAuth/StateTest.php
new file mode 100644
index 00000000000..580e137fe32
--- /dev/null
+++ b/tests/Core/Command/TwoFactorAuth/StateTest.php
@@ -0,0 +1,113 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * @copyright 2018 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @author 2018 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace Core\Command\TwoFactorAuth;
+
+use OC\Core\Command\TwoFactorAuth\State;
+use OCP\Authentication\TwoFactorAuth\IRegistry;
+use OCP\IUser;
+use OCP\IUserManager;
+use PHPUnit\Framework\MockObject\MockObject;
+use Symfony\Component\Console\Tester\CommandTester;
+use Test\TestCase;
+
+class StateTest extends TestCase {
+
+ /** @var IRegistry|MockObject */
+ private $registry;
+
+ /** @var IUserManager|MockObject */
+ private $userManager;
+
+ /** @var CommandTester|MockObject */
+ private $cmd;
+
+ protected function setUp() {
+ parent::setUp();
+
+ $this->registry = $this->createMock(IRegistry::class);
+ $this->userManager = $this->createMock(IUserManager::class);
+
+ $cmd = new State($this->registry, $this->userManager);
+ $this->cmd = new CommandTester($cmd);
+ }
+
+ public function testWrongUID() {
+ $this->cmd->execute([
+ 'uid' => 'nope',
+ ]);
+
+ $output = $this->cmd->getDisplay();
+ $this->assertContains("Invalid UID", $output);
+ }
+
+ public function testStateNoProvidersActive() {
+ $user = $this->createMock(IUser::class);
+ $this->userManager->expects($this->once())
+ ->method('get')
+ ->with('eldora')
+ ->willReturn($user);
+ $states = [
+ 'u2f' => false,
+ 'totp' => false,
+ ];
+ $this->registry->expects($this->once())
+ ->method('getProviderStates')
+ ->with($user)
+ ->willReturn($states);
+
+ $this->cmd->execute([
+ 'uid' => 'eldora',
+ ]);
+
+ $output = $this->cmd->getDisplay();
+ $this->assertContains("Two-factor authentication is not enabled for user eldora", $output);
+ }
+
+ public function testStateOneProviderActive() {
+ $user = $this->createMock(IUser::class);
+ $this->userManager->expects($this->once())
+ ->method('get')
+ ->with('mohamed')
+ ->willReturn($user);
+ $states = [
+ 'u2f' => true,
+ 'totp' => false,
+ ];
+ $this->registry->expects($this->once())
+ ->method('getProviderStates')
+ ->with($user)
+ ->willReturn($states);
+
+ $this->cmd->execute([
+ 'uid' => 'mohamed',
+ ]);
+
+ $output = $this->cmd->getDisplay();
+ $this->assertContains("Two-factor authentication is enabled for user mohamed", $output);
+ }
+
+}
diff --git a/tests/lib/Authentication/TwoFactorAuth/Db/ProviderUserAssignmentDaoTest.php b/tests/lib/Authentication/TwoFactorAuth/Db/ProviderUserAssignmentDaoTest.php
index b46bce719fa..2402fcf9f7b 100644
--- a/tests/lib/Authentication/TwoFactorAuth/Db/ProviderUserAssignmentDaoTest.php
+++ b/tests/lib/Authentication/TwoFactorAuth/Db/ProviderUserAssignmentDaoTest.php
@@ -131,4 +131,18 @@ class ProviderUserAssignmentDaoTest extends TestCase {
$this->assertCount(1, $data);
}
+ public function testDeleteAll() {
+ $this->dao->persist('twofactor_fail', 'user1', 1);
+ $this->dao->persist('twofactor_u2f', 'user1', 1);
+ $this->dao->persist('twofactor_fail', 'user2', 0);
+ $this->dao->persist('twofactor_u2f', 'user1', 0);
+
+ $this->dao->deleteAll('twofactor_fail');
+
+ $statesUser1 = $this->dao->getState('user1');
+ $statesUser2 = $this->dao->getState('user2');
+ $this->assertCount(1, $statesUser1);
+ $this->assertCount(0, $statesUser2);
+ }
+
}
diff --git a/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php b/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php
index 1d7c147d9ce..301b4cc09db 100644
--- a/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php
+++ b/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php
@@ -143,13 +143,6 @@ class ManagerTest extends TestCase {
}
public function testIsTwoFactorAuthenticatedNoProviders() {
- $this->user->expects($this->once())
- ->method('getUID')
- ->will($this->returnValue('user123'));
- $this->config->expects($this->once())
- ->method('getUserValue')
- ->with('user123', 'core', 'two_factor_auth_disabled', 0)
- ->willReturn(0);
$this->providerRegistry->expects($this->once())
->method('getProviderStates')
->willReturn([]); // No providers registered
@@ -161,13 +154,6 @@ class ManagerTest extends TestCase {
}
public function testIsTwoFactorAuthenticatedOnlyBackupCodes() {
- $this->user->expects($this->once())
- ->method('getUID')
- ->will($this->returnValue('user123'));
- $this->config->expects($this->once())
- ->method('getUserValue')
- ->with('user123', 'core', 'two_factor_auth_disabled', 0)
- ->willReturn(0);
$this->providerRegistry->expects($this->once())
->method('getProviderStates')
->willReturn([
@@ -187,13 +173,6 @@ class ManagerTest extends TestCase {
}
public function testIsTwoFactorAuthenticatedFailingProviders() {
- $this->user->expects($this->once())
- ->method('getUID')
- ->will($this->returnValue('user123'));
- $this->config->expects($this->once())
- ->method('getUserValue')
- ->with('user123', 'core', 'two_factor_auth_disabled', 0)
- ->willReturn(0);
$this->providerRegistry->expects($this->once())
->method('getProviderStates')
->willReturn([
@@ -225,13 +204,6 @@ class ManagerTest extends TestCase {
* @dataProvider providerStatesFixData
*/
public function testIsTwoFactorAuthenticatedFixesProviderStates(bool $providerEnabled, bool $expected) {
- $this->user->expects($this->once())
- ->method('getUID')
- ->will($this->returnValue('user123'));
- $this->config->expects($this->once())
- ->method('getUserValue')
- ->with('user123', 'core', 'two_factor_auth_disabled', 0)
- ->willReturn(0);
$this->providerRegistry->expects($this->once())
->method('getProviderStates')
->willReturn([]); // Nothing registered yet
diff --git a/tests/lib/Authentication/TwoFactorAuth/ProviderManagerTest.php b/tests/lib/Authentication/TwoFactorAuth/ProviderManagerTest.php
new file mode 100644
index 00000000000..736dfdb913b
--- /dev/null
+++ b/tests/lib/Authentication/TwoFactorAuth/ProviderManagerTest.php
@@ -0,0 +1,154 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * @copyright 2018 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @author 2018 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace lib\Authentication\TwoFactorAuth;
+
+use OC\Authentication\TwoFactorAuth\ProviderLoader;
+use OC\Authentication\TwoFactorAuth\ProviderManager;
+use OCP\Authentication\TwoFactorAuth\IActivatableByAdmin;
+use OCP\Authentication\TwoFactorAuth\IDeactivatableByAdmin;
+use OCP\Authentication\TwoFactorAuth\IProvider;
+use OCP\Authentication\TwoFactorAuth\IRegistry;
+use OCP\IUser;
+use PHPUnit\Framework\MockObject\MockObject;
+use Test\TestCase;
+
+class ProviderManagerTest extends TestCase {
+
+ /** @var ProviderLoader|MockObject */
+ private $providerLoader;
+
+ /** @var IRegistry|MockObject */
+ private $registry;
+
+ /** @var ProviderManager */
+ private $providerManager;
+
+ protected function setUp() {
+ parent::setUp();
+
+ $this->providerLoader = $this->createMock(ProviderLoader::class);
+ $this->registry = $this->createMock(IRegistry::class);
+
+ $this->providerManager = new ProviderManager(
+ $this->providerLoader,
+ $this->registry
+ );
+ }
+
+ /**
+ * @expectedException \OC\Authentication\Exceptions\InvalidProviderException
+ */
+ public function testTryEnableInvalidProvider() {
+ $user = $this->createMock(IUser::class);
+ $this->providerManager->tryEnableProviderFor('none', $user);
+ }
+
+ public function testTryEnableUnsupportedProvider() {
+ $user = $this->createMock(IUser::class);
+ $provider = $this->createMock(IProvider::class);
+ $this->providerLoader->expects($this->once())
+ ->method('getProviders')
+ ->with($user)
+ ->willReturn([
+ 'u2f' => $provider,
+ ]);
+ $this->registry->expects($this->never())
+ ->method('enableProviderFor');
+
+ $res = $this->providerManager->tryEnableProviderFor('u2f', $user);
+
+ $this->assertFalse($res);
+ }
+
+ public function testTryEnableProvider() {
+ $user = $this->createMock(IUser::class);
+ $provider = $this->createMock(IActivatableByAdmin::class);
+ $this->providerLoader->expects($this->once())
+ ->method('getProviders')
+ ->with($user)
+ ->willReturn([
+ 'u2f' => $provider,
+ ]);
+ $provider->expects($this->once())
+ ->method('enableFor')
+ ->with($user);
+ $this->registry->expects($this->once())
+ ->method('enableProviderFor')
+ ->with($provider, $user);
+
+ $res = $this->providerManager->tryEnableProviderFor('u2f', $user);
+
+ $this->assertTrue($res);
+ }
+
+ /**
+ * @expectedException \OC\Authentication\Exceptions\InvalidProviderException
+ */
+ public function testTryDisableInvalidProvider() {
+ $user = $this->createMock(IUser::class);
+ $this->providerManager->tryDisableProviderFor('none', $user);
+ }
+
+ public function testTryDisableUnsupportedProvider() {
+ $user = $this->createMock(IUser::class);
+ $provider = $this->createMock(IProvider::class);
+ $this->providerLoader->expects($this->once())
+ ->method('getProviders')
+ ->with($user)
+ ->willReturn([
+ 'u2f' => $provider,
+ ]);
+ $this->registry->expects($this->never())
+ ->method('disableProviderFor');
+
+ $res = $this->providerManager->tryDisableProviderFor('u2f', $user);
+
+ $this->assertFalse($res);
+ }
+
+ public function testTryDisableProvider() {
+ $user = $this->createMock(IUser::class);
+ $provider = $this->createMock(IDeactivatableByAdmin::class);
+ $this->providerLoader->expects($this->once())
+ ->method('getProviders')
+ ->with($user)
+ ->willReturn([
+ 'u2f' => $provider,
+ ]);
+ $provider->expects($this->once())
+ ->method('disableFor')
+ ->with($user);
+ $this->registry->expects($this->once())
+ ->method('disableProviderFor')
+ ->with($provider, $user);
+
+ $res = $this->providerManager->tryDisableProviderFor('u2f', $user);
+
+ $this->assertTrue($res);
+ }
+
+}
diff --git a/tests/lib/Authentication/TwoFactorAuth/RegistryTest.php b/tests/lib/Authentication/TwoFactorAuth/RegistryTest.php
index 71f104ca429..3d2941e009a 100644
--- a/tests/lib/Authentication/TwoFactorAuth/RegistryTest.php
+++ b/tests/lib/Authentication/TwoFactorAuth/RegistryTest.php
@@ -82,4 +82,12 @@ class RegistryTest extends TestCase {
$this->registry->disableProviderFor($provider, $user);
}
+ public function testCleanUp() {
+ $this->dao->expects($this->once())
+ ->method('deleteAll')
+ ->with('twofactor_u2f');
+
+ $this->registry->cleanUp('twofactor_u2f');
+ }
+
}