diff options
Diffstat (limited to 'apps/oauth2/tests/Controller/SettingsControllerTest.php')
| -rw-r--r-- | apps/oauth2/tests/Controller/SettingsControllerTest.php | 183 |
1 files changed, 116 insertions, 67 deletions
diff --git a/apps/oauth2/tests/Controller/SettingsControllerTest.php b/apps/oauth2/tests/Controller/SettingsControllerTest.php index a6c036949ed..030a220e3d7 100644 --- a/apps/oauth2/tests/Controller/SettingsControllerTest.php +++ b/apps/oauth2/tests/Controller/SettingsControllerTest.php @@ -1,116 +1,153 @@ <?php + /** - * @copyright Copyright (c) 2017 Lukas Reschke <lukas@statuscode.ch> - * - * @license GNU AGPL version 3 or any later version - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * + * SPDX-FileCopyrightText: 2017 Nextcloud GmbH and Nextcloud contributors + * SPDX-License-Identifier: AGPL-3.0-or-later */ - namespace OCA\OAuth2\Tests\Controller; -use OC\Authentication\Token\DefaultTokenMapper; use OCA\OAuth2\Controller\SettingsController; use OCA\OAuth2\Db\AccessTokenMapper; use OCA\OAuth2\Db\Client; use OCA\OAuth2\Db\ClientMapper; -use OCP\AppFramework\Http\RedirectResponse; +use OCP\AppFramework\Http; +use OCP\AppFramework\Http\JSONResponse; +use OCP\Authentication\Token\IProvider as IAuthTokenProvider; +use OCP\IL10N; use OCP\IRequest; -use OCP\IURLGenerator; +use OCP\IUser; +use OCP\IUserManager; +use OCP\Security\ICrypto; use OCP\Security\ISecureRandom; +use OCP\Server; use Test\TestCase; +/** + * @group DB + */ class SettingsControllerTest extends TestCase { - /** @var IRequest|\PHPUnit_Framework_MockObject_MockObject */ + /** @var IRequest|\PHPUnit\Framework\MockObject\MockObject */ private $request; - /** @var IURLGenerator|\PHPUnit_Framework_MockObject_MockObject */ - private $urlGenerator; - /** @var ClientMapper|\PHPUnit_Framework_MockObject_MockObject */ + /** @var ClientMapper|\PHPUnit\Framework\MockObject\MockObject */ private $clientMapper; - /** @var ISecureRandom|\PHPUnit_Framework_MockObject_MockObject */ + /** @var ISecureRandom|\PHPUnit\Framework\MockObject\MockObject */ private $secureRandom; - /** @var AccessTokenMapper|\PHPUnit_Framework_MockObject_MockObject */ + /** @var AccessTokenMapper|\PHPUnit\Framework\MockObject\MockObject */ private $accessTokenMapper; - /** @var DefaultTokenMapper|\PHPUnit_Framework_MockObject_MockObject */ - private $defaultTokenMapper; + /** @var IAuthTokenProvider|\PHPUnit\Framework\MockObject\MockObject */ + private $authTokenProvider; + /** @var IUserManager|\PHPUnit\Framework\MockObject\MockObject */ + private $userManager; /** @var SettingsController */ private $settingsController; + /** @var IL10N|\PHPUnit\Framework\MockObject\MockObject */ + private $l; + /** @var ICrypto|\PHPUnit\Framework\MockObject\MockObject */ + private $crypto; - public function setUp() { + protected function setUp(): void { parent::setUp(); $this->request = $this->createMock(IRequest::class); - $this->urlGenerator = $this->createMock(IURLGenerator::class); $this->clientMapper = $this->createMock(ClientMapper::class); $this->secureRandom = $this->createMock(ISecureRandom::class); $this->accessTokenMapper = $this->createMock(AccessTokenMapper::class); - $this->defaultTokenMapper = $this->createMock(DefaultTokenMapper::class); - + $this->authTokenProvider = $this->createMock(IAuthTokenProvider::class); + $this->userManager = $this->createMock(IUserManager::class); + $this->crypto = $this->createMock(ICrypto::class); + $this->l = $this->createMock(IL10N::class); + $this->l->method('t') + ->willReturnArgument(0); $this->settingsController = new SettingsController( 'oauth2', $this->request, - $this->urlGenerator, $this->clientMapper, $this->secureRandom, $this->accessTokenMapper, - $this->defaultTokenMapper + $this->l, + $this->authTokenProvider, + $this->userManager, + $this->crypto ); + } - public function testAddClient() { + public function testAddClient(): void { $this->secureRandom - ->expects($this->at(0)) + ->expects($this->exactly(2)) ->method('generate') ->with(64, 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789') - ->willReturn('MySecret'); - $this->secureRandom - ->expects($this->at(1)) - ->method('generate') - ->with(64, 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789') - ->willReturn('MyClientIdentifier'); + ->willReturnOnConsecutiveCalls( + 'MySecret', + 'MyClientIdentifier'); + + $this->crypto + ->expects($this->once()) + ->method('calculateHMAC') + ->willReturn('MyHashedSecret'); $client = new Client(); $client->setName('My Client Name'); $client->setRedirectUri('https://example.com/'); - $client->setSecret('MySecret'); + $client->setSecret(bin2hex('MyHashedSecret')); $client->setClientIdentifier('MyClientIdentifier'); $this->clientMapper ->expects($this->once()) ->method('insert') - ->with($client); + ->with($this->callback(function (Client $c) { + return $c->getName() === 'My Client Name' + && $c->getRedirectUri() === 'https://example.com/' + && $c->getSecret() === bin2hex('MyHashedSecret') + && $c->getClientIdentifier() === 'MyClientIdentifier'; + }))->willReturnCallback(function (Client $c) { + $c->setId(42); + return $c; + }); - $this->urlGenerator - ->expects($this->once()) - ->method('getAbsoluteURL') - ->with('/index.php/settings/admin/security') - ->willReturn('https://example.com/index.php/settings/admin/security'); + $result = $this->settingsController->addClient('My Client Name', 'https://example.com/'); + $this->assertInstanceOf(JSONResponse::class, $result); + + $data = $result->getData(); - $expected = new RedirectResponse('https://example.com/index.php/settings/admin/security'); - $this->assertEquals($expected, $this->settingsController->addClient('My Client Name', 'https://example.com/')); + $this->assertEquals([ + 'id' => 42, + 'name' => 'My Client Name', + 'redirectUri' => 'https://example.com/', + 'clientId' => 'MyClientIdentifier', + 'clientSecret' => 'MySecret', + ], $data); } - public function testDeleteClient() { + public function testDeleteClient(): void { + + $userManager = Server::get(IUserManager::class); + // count other users in the db before adding our own + $count = 0; + $function = function (IUser $user) use (&$count): void { + if ($user->getLastLogin() > 0) { + $count++; + } + }; + $userManager->callForAllUsers($function); + $user1 = $userManager->createUser('test101', 'test101'); + $user1->updateLastLoginTimestamp(); + $tokenProviderMock = $this->getMockBuilder(IAuthTokenProvider::class)->getMock(); + + // expect one call per user and ensure the correct client name + $tokenProviderMock + ->expects($this->exactly($count + 1)) + ->method('invalidateTokensOfUser') + ->with($this->isType('string'), 'My Client Name'); + $client = new Client(); + $client->setId(123); $client->setName('My Client Name'); $client->setRedirectUri('https://example.com/'); - $client->setSecret('MySecret'); + $client->setSecret(bin2hex('MyHashedSecret')); $client->setClientIdentifier('MyClientIdentifier'); $this->clientMapper - ->expects($this->at(0)) ->method('getByUid') ->with(123) ->willReturn($client); @@ -118,22 +155,34 @@ class SettingsControllerTest extends TestCase { ->expects($this->once()) ->method('deleteByClientId') ->with(123); - $this->defaultTokenMapper - ->expects($this->once()) - ->method('deleteByName') - ->with('My Client Name'); $this->clientMapper - ->expects($this->at(1)) + ->expects($this->once()) ->method('delete') ->with($client); - $this->urlGenerator - ->expects($this->once()) - ->method('getAbsoluteURL') - ->with('/index.php/settings/admin/security') - ->willReturn('https://example.com/index.php/settings/admin/security'); + $settingsController = new SettingsController( + 'oauth2', + $this->request, + $this->clientMapper, + $this->secureRandom, + $this->accessTokenMapper, + $this->l, + $tokenProviderMock, + $userManager, + $this->crypto + ); + + $result = $settingsController->deleteClient(123); + $this->assertInstanceOf(JSONResponse::class, $result); + $this->assertEquals([], $result->getData()); + + $user1->delete(); + } + + public function testInvalidRedirectUri(): void { + $result = $this->settingsController->addClient('test', 'invalidurl'); - $expected = new RedirectResponse('https://example.com/index.php/settings/admin/security'); - $this->assertEquals($expected, $this->settingsController->deleteClient(123)); + $this->assertEquals(Http::STATUS_BAD_REQUEST, $result->getStatus()); + $this->assertSame(['message' => 'Your redirect URL needs to be a full URL for example: https://yourdomain.com/path'], $result->getData()); } } |