diff options
Diffstat (limited to 'tests/lib/Authentication/TwoFactorAuth')
8 files changed, 254 insertions, 269 deletions
diff --git a/tests/lib/Authentication/TwoFactorAuth/Db/ProviderUserAssignmentDaoTest.php b/tests/lib/Authentication/TwoFactorAuth/Db/ProviderUserAssignmentDaoTest.php index 7975108c59b..b59ef876ffd 100644 --- a/tests/lib/Authentication/TwoFactorAuth/Db/ProviderUserAssignmentDaoTest.php +++ b/tests/lib/Authentication/TwoFactorAuth/Db/ProviderUserAssignmentDaoTest.php @@ -3,39 +3,21 @@ declare(strict_types=1); /** - * @copyright 2018 Christoph Wurst <christoph@winzerhof-wurst.at> - * - * @author 2018 Christoph Wurst <christoph@winzerhof-wurst.at> - * - * @license GNU AGPL version 3 or any later version - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * + * SPDX-FileCopyrightText: 2018 Nextcloud GmbH and Nextcloud contributors + * SPDX-License-Identifier: AGPL-3.0-or-later */ namespace Test\Authentication\TwoFactorAuth\Db; -use OC; use OC\Authentication\TwoFactorAuth\Db\ProviderUserAssignmentDao; use OCP\IDBConnection; +use OCP\Server; use Test\TestCase; /** * @group DB */ class ProviderUserAssignmentDaoTest extends TestCase { - /** @var IDBConnection */ private $dbConn; @@ -45,7 +27,7 @@ class ProviderUserAssignmentDaoTest extends TestCase { protected function setUp(): void { parent::setUp(); - $this->dbConn = OC::$server->getDatabaseConnection(); + $this->dbConn = Server::get(IDBConnection::class); $qb = $this->dbConn->getQueryBuilder(); $q = $qb->delete(ProviderUserAssignmentDao::TABLE_NAME); $q->execute(); @@ -53,7 +35,7 @@ class ProviderUserAssignmentDaoTest extends TestCase { $this->dao = new ProviderUserAssignmentDao($this->dbConn); } - public function testGetState() { + public function testGetState(): void { $qb = $this->dbConn->getQueryBuilder(); $q1 = $qb->insert(ProviderUserAssignmentDao::TABLE_NAME)->values([ 'provider_id' => $qb->createNamedParameter('twofactor_u2f'), @@ -77,7 +59,7 @@ class ProviderUserAssignmentDaoTest extends TestCase { $this->assertEquals($expected, $state); } - public function testPersist() { + public function testPersist(): void { $qb = $this->dbConn->getQueryBuilder(); $this->dao->persist('twofactor_totp', 'user123', 0); @@ -94,7 +76,7 @@ class ProviderUserAssignmentDaoTest extends TestCase { $this->assertCount(1, $data); } - public function testPersistTwice() { + public function testPersistTwice(): void { $qb = $this->dbConn->getQueryBuilder(); $this->dao->persist('twofactor_totp', 'user123', 0); @@ -113,7 +95,7 @@ class ProviderUserAssignmentDaoTest extends TestCase { $this->assertCount(1, $data); } - public function testPersistSameStateTwice() { + public function testPersistSameStateTwice(): void { $qb = $this->dbConn->getQueryBuilder(); $this->dao->persist('twofactor_totp', 'user123', 1); @@ -132,7 +114,7 @@ class ProviderUserAssignmentDaoTest extends TestCase { $this->assertCount(1, $data); } - public function testDeleteByUser() { + public function testDeleteByUser(): void { $this->dao->persist('twofactor_fail', 'user1', 1); $this->dao->persist('twofactor_u2f', 'user1', 1); $this->dao->persist('twofactor_fail', 'user2', 0); @@ -161,7 +143,7 @@ class ProviderUserAssignmentDaoTest extends TestCase { $this->assertCount(2, $statesUser2); } - public function testDeleteAll() { + public function testDeleteAll(): void { $this->dao->persist('twofactor_fail', 'user1', 1); $this->dao->persist('twofactor_u2f', 'user1', 1); $this->dao->persist('twofactor_fail', 'user2', 0); diff --git a/tests/lib/Authentication/TwoFactorAuth/EnforcementStateTest.php b/tests/lib/Authentication/TwoFactorAuth/EnforcementStateTest.php index f8c4be09a6f..f1d38c10801 100644 --- a/tests/lib/Authentication/TwoFactorAuth/EnforcementStateTest.php +++ b/tests/lib/Authentication/TwoFactorAuth/EnforcementStateTest.php @@ -1,23 +1,8 @@ <?php + /** - * @copyright 2018 Christoph Wurst <christoph@winzerhof-wurst.at> - * - * @author 2018 Christoph Wurst <christoph@winzerhof-wurst.at> - * - * @license GNU AGPL version 3 or any later version - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. + * SPDX-FileCopyrightText: 2018 Nextcloud GmbH and Nextcloud contributors + * SPDX-License-Identifier: AGPL-3.0-or-later */ /** @@ -33,25 +18,25 @@ use OC\Authentication\TwoFactorAuth\EnforcementState; use Test\TestCase; class EnforcementStateTest extends TestCase { - public function testIsEnforced() { + public function testIsEnforced(): void { $state = new EnforcementState(true); $this->assertTrue($state->isEnforced()); } - public function testGetEnforcedGroups() { + public function testGetEnforcedGroups(): void { $state = new EnforcementState(true, ['twofactorers']); $this->assertEquals(['twofactorers'], $state->getEnforcedGroups()); } - public function testGetExcludedGroups() { + public function testGetExcludedGroups(): void { $state = new EnforcementState(true, [], ['yoloers']); $this->assertEquals(['yoloers'], $state->getExcludedGroups()); } - public function testJsonSerialize() { + public function testJsonSerialize(): void { $state = new EnforcementState(true, ['twofactorers'], ['yoloers']); $expected = [ 'enforced' => true, diff --git a/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php b/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php index ae6fadc790c..a2bed8a3652 100644 --- a/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php +++ b/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php @@ -1,34 +1,22 @@ <?php /** - * @author Christoph Wurst <christoph@owncloud.com> - * - * @copyright Copyright (c) 2016, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * + * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors + * SPDX-FileCopyrightText: 2016 ownCloud, Inc. + * SPDX-License-Identifier: AGPL-3.0-only */ namespace Test\Authentication\TwoFactorAuth; -use OC; +use OC\Authentication\Exceptions\InvalidTokenException; use OC\Authentication\Token\IProvider as TokenProvider; +use OC\Authentication\Token\IToken; use OC\Authentication\TwoFactorAuth\Manager; use OC\Authentication\TwoFactorAuth\MandatoryTwoFactor; use OC\Authentication\TwoFactorAuth\ProviderLoader; use OCP\Activity\IEvent; use OCP\Activity\IManager; +use OCP\AppFramework\Db\DoesNotExistException; use OCP\AppFramework\Utility\ITimeFactory; use OCP\Authentication\TwoFactorAuth\IActivatableAtLogin; use OCP\Authentication\TwoFactorAuth\IProvider; @@ -39,12 +27,10 @@ use OCP\ISession; use OCP\IUser; use PHPUnit\Framework\MockObject\MockObject; use Psr\Log\LoggerInterface; -use function reset; -use Symfony\Component\EventDispatcher\EventDispatcherInterface; use Test\TestCase; +use function reset; class ManagerTest extends TestCase { - /** @var IUser|MockObject */ private $user; @@ -85,10 +71,7 @@ class ManagerTest extends TestCase { private $timeFactory; /** @var IEventDispatcher|MockObject */ - private $newDispatcher; - - /** @var EventDispatcherInterface|MockObject */ - private $eventDispatcher; + private $dispatcher; protected function setUp(): void { parent::setUp(); @@ -103,8 +86,7 @@ class ManagerTest extends TestCase { $this->logger = $this->createMock(LoggerInterface::class); $this->tokenProvider = $this->createMock(TokenProvider::class); $this->timeFactory = $this->createMock(ITimeFactory::class); - $this->newDispatcher = $this->createMock(IEventDispatcher::class); - $this->eventDispatcher = $this->createMock(EventDispatcherInterface::class); + $this->dispatcher = $this->createMock(IEventDispatcher::class); $this->manager = new Manager( $this->providerLoader, @@ -116,8 +98,7 @@ class ManagerTest extends TestCase { $this->logger, $this->tokenProvider, $this->timeFactory, - $this->newDispatcher, - $this->eventDispatcher + $this->dispatcher, ); $this->fakeProvider = $this->createMock(IProvider::class); @@ -156,7 +137,7 @@ class ManagerTest extends TestCase { ]); } - public function testIsTwoFactorAuthenticatedEnforced() { + public function testIsTwoFactorAuthenticatedEnforced(): void { $this->mandatoryTwoFactor->expects($this->once()) ->method('isEnforcedFor') ->with($this->user) @@ -167,7 +148,7 @@ class ManagerTest extends TestCase { $this->assertTrue($enabled); } - public function testIsTwoFactorAuthenticatedNoProviders() { + public function testIsTwoFactorAuthenticatedNoProviders(): void { $this->mandatoryTwoFactor->expects($this->once()) ->method('isEnforcedFor') ->with($this->user) @@ -182,7 +163,7 @@ class ManagerTest extends TestCase { $this->assertFalse($this->manager->isTwoFactorAuthenticated($this->user)); } - public function testIsTwoFactorAuthenticatedOnlyBackupCodes() { + public function testIsTwoFactorAuthenticatedOnlyBackupCodes(): void { $this->mandatoryTwoFactor->expects($this->once()) ->method('isEnforcedFor') ->with($this->user) @@ -205,7 +186,7 @@ class ManagerTest extends TestCase { $this->assertFalse($this->manager->isTwoFactorAuthenticated($this->user)); } - public function testIsTwoFactorAuthenticatedFailingProviders() { + public function testIsTwoFactorAuthenticatedFailingProviders(): void { $this->mandatoryTwoFactor->expects($this->once()) ->method('isEnforcedFor') ->with($this->user) @@ -224,7 +205,7 @@ class ManagerTest extends TestCase { $this->assertTrue($this->manager->isTwoFactorAuthenticated($this->user)); } - public function providerStatesFixData(): array { + public static function providerStatesFixData(): array { return [ [false, false], [true, true], @@ -237,10 +218,9 @@ class ManagerTest extends TestCase { * enabled providers. * * If any of these providers is active, 2FA is enabled - * - * @dataProvider providerStatesFixData */ - public function testIsTwoFactorAuthenticatedFixesProviderStates(bool $providerEnabled, bool $expected) { + #[\PHPUnit\Framework\Attributes\DataProvider('providerStatesFixData')] + public function testIsTwoFactorAuthenticatedFixesProviderStates(bool $providerEnabled, bool $expected): void { $this->providerRegistry->expects($this->once()) ->method('getProviderStates') ->willReturn([]); // Nothing registered yet @@ -272,7 +252,7 @@ class ManagerTest extends TestCase { $this->assertEquals($expected, $this->manager->isTwoFactorAuthenticated($this->user)); } - public function testGetProvider() { + public function testGetProvider(): void { $this->providerRegistry->expects($this->once()) ->method('getProviderStates') ->with($this->user) @@ -289,7 +269,7 @@ class ManagerTest extends TestCase { $this->assertSame($this->fakeProvider, $provider); } - public function testGetInvalidProvider() { + public function testGetInvalidProvider(): void { $this->providerRegistry->expects($this->once()) ->method('getProviderStates') ->with($this->user) @@ -304,7 +284,7 @@ class ManagerTest extends TestCase { $this->assertNull($provider); } - public function testGetLoginSetupProviders() { + public function testGetLoginSetupProviders(): void { $provider1 = $this->createMock(IProvider::class); $provider2 = $this->createMock(IActivatableAtLogin::class); $this->providerLoader->expects($this->once()) @@ -321,7 +301,7 @@ class ManagerTest extends TestCase { $this->assertSame($provider2, reset($providers)); } - public function testGetProviders() { + public function testGetProviders(): void { $this->providerRegistry->expects($this->once()) ->method('getProviderStates') ->with($this->user) @@ -343,7 +323,7 @@ class ManagerTest extends TestCase { $this->assertFalse($providerSet->isProviderMissing()); } - public function testGetProvidersOneMissing() { + public function testGetProvidersOneMissing(): void { $this->providerRegistry->expects($this->once()) ->method('getProviderStates') ->with($this->user) @@ -363,7 +343,7 @@ class ManagerTest extends TestCase { $this->assertTrue($providerSet->isProviderMissing()); } - public function testVerifyChallenge() { + public function testVerifyChallenge(): void { $this->prepareProviders(); $challenge = 'passme'; @@ -376,12 +356,18 @@ class ManagerTest extends TestCase { ->method('get') ->with('two_factor_remember_login') ->willReturn(false); + + $calls = [ + ['two_factor_auth_uid'], + ['two_factor_remember_login'], + ]; $this->session->expects($this->exactly(2)) ->method('remove') - ->withConsecutive( - ['two_factor_auth_uid'], - ['two_factor_remember_login'] - ); + ->willReturnCallback(function () use (&$calls): void { + $expected = array_shift($calls); + $this->assertEquals($expected, func_get_args()); + }); + $this->session->expects($this->once()) ->method('set') ->with(Manager::SESSION_UID_DONE, 'jos'); @@ -418,7 +404,7 @@ class ManagerTest extends TestCase { 'provider' => 'Fake 2FA', ])) ->willReturnSelf(); - $token = $this->createMock(OC\Authentication\Token\IToken::class); + $token = $this->createMock(IToken::class); $this->tokenProvider->method('getToken') ->with('mysessionid') ->willReturn($token); @@ -433,7 +419,7 @@ class ManagerTest extends TestCase { $this->assertTrue($result); } - public function testVerifyChallengeInvalidProviderId() { + public function testVerifyChallengeInvalidProviderId(): void { $this->prepareProviders(); $challenge = 'passme'; @@ -446,7 +432,7 @@ class ManagerTest extends TestCase { $this->assertFalse($this->manager->verifyChallenge('dontexist', $this->user, $challenge)); } - public function testVerifyInvalidChallenge() { + public function testVerifyInvalidChallenge(): void { $this->prepareProviders(); $challenge = 'dontpassme'; @@ -492,20 +478,25 @@ class ManagerTest extends TestCase { $this->assertFalse($this->manager->verifyChallenge('email', $this->user, $challenge)); } - public function testNeedsSecondFactor() { + public function testNeedsSecondFactor(): void { $user = $this->createMock(IUser::class); + + $calls = [ + ['app_password'], + ['two_factor_auth_uid'], + [Manager::SESSION_UID_DONE], + ]; $this->session->expects($this->exactly(3)) ->method('exists') - ->withConsecutive( - ['app_password'], - ['two_factor_auth_uid'], - [Manager::SESSION_UID_DONE], - ) - ->willReturn(false); + ->willReturnCallback(function () use (&$calls) { + $expected = array_shift($calls); + $this->assertEquals($expected, func_get_args()); + return false; + }); $this->session->method('getId') ->willReturn('mysessionid'); - $token = $this->createMock(OC\Authentication\Token\IToken::class); + $token = $this->createMock(IToken::class); $this->tokenProvider->method('getToken') ->with('mysessionid') ->willReturn($token); @@ -531,10 +522,9 @@ class ManagerTest extends TestCase { $this->logger, $this->tokenProvider, $this->timeFactory, - $this->newDispatcher, - $this->eventDispatcher + $this->dispatcher, ]) - ->setMethods(['loadTwoFactorApp', 'isTwoFactorAuthenticated'])// Do not actually load the apps + ->onlyMethods(['isTwoFactorAuthenticated'])// Do not actually load the apps ->getMock(); $manager->method('isTwoFactorAuthenticated') @@ -544,7 +534,7 @@ class ManagerTest extends TestCase { $this->assertTrue($manager->needsSecondFactor($user)); } - public function testNeedsSecondFactorUserIsNull() { + public function testNeedsSecondFactorUserIsNull(): void { $user = null; $this->session->expects($this->never()) ->method('exists'); @@ -552,7 +542,7 @@ class ManagerTest extends TestCase { $this->assertFalse($this->manager->needsSecondFactor($user)); } - public function testNeedsSecondFactorWithNoProviderAvailableAnymore() { + public function testNeedsSecondFactorWithNoProviderAvailableAnymore(): void { $this->prepareNoProviders(); $user = null; @@ -567,20 +557,24 @@ class ManagerTest extends TestCase { $this->assertFalse($this->manager->needsSecondFactor($user)); } - public function testPrepareTwoFactorLogin() { + public function testPrepareTwoFactorLogin(): void { $this->user->method('getUID') ->willReturn('ferdinand'); + $calls = [ + ['two_factor_auth_uid', 'ferdinand'], + ['two_factor_remember_login', true], + ]; $this->session->expects($this->exactly(2)) ->method('set') - ->withConsecutive( - ['two_factor_auth_uid', 'ferdinand'], - ['two_factor_remember_login', true] - ); + ->willReturnCallback(function () use (&$calls): void { + $expected = array_shift($calls); + $this->assertEquals($expected, func_get_args()); + }); $this->session->method('getId') ->willReturn('mysessionid'); - $token = $this->createMock(OC\Authentication\Token\IToken::class); + $token = $this->createMock(IToken::class); $this->tokenProvider->method('getToken') ->with('mysessionid') ->willReturn($token); @@ -597,20 +591,24 @@ class ManagerTest extends TestCase { $this->manager->prepareTwoFactorLogin($this->user, true); } - public function testPrepareTwoFactorLoginDontRemember() { + public function testPrepareTwoFactorLoginDontRemember(): void { $this->user->method('getUID') ->willReturn('ferdinand'); + $calls = [ + ['two_factor_auth_uid', 'ferdinand'], + ['two_factor_remember_login', false], + ]; $this->session->expects($this->exactly(2)) ->method('set') - ->withConsecutive( - ['two_factor_auth_uid', 'ferdinand'], - ['two_factor_remember_login', false] - ); + ->willReturnCallback(function () use (&$calls): void { + $expected = array_shift($calls); + $this->assertEquals($expected, func_get_args()); + }); $this->session->method('getId') ->willReturn('mysessionid'); - $token = $this->createMock(OC\Authentication\Token\IToken::class); + $token = $this->createMock(IToken::class); $this->tokenProvider->method('getToken') ->with('mysessionid') ->willReturn($token); @@ -626,7 +624,7 @@ class ManagerTest extends TestCase { $this->manager->prepareTwoFactorLogin($this->user, false); } - public function testNeedsSecondFactorSessionAuth() { + public function testNeedsSecondFactorSessionAuth(): void { $user = $this->createMock(IUser::class); $user->method('getUID') ->willReturn('user'); @@ -637,18 +635,31 @@ class ManagerTest extends TestCase { return false; } elseif ($var === 'app_password') { return false; + } elseif ($var === 'app_api') { + return false; } return true; }); + $this->session->method('get') + ->willReturnCallback(function ($var) { + if ($var === Manager::SESSION_UID_KEY) { + return 'user'; + } elseif ($var === 'app_api') { + return true; + } + return null; + }); $this->session->expects($this->once()) ->method('get') - ->with(Manager::SESSION_UID_DONE) - ->willReturn('user'); + ->willReturnMap([ + [Manager::SESSION_UID_DONE, 'user'], + ['app_api', true] + ]); $this->assertFalse($this->manager->needsSecondFactor($user)); } - public function testNeedsSecondFactorSessionAuthFailDBPass() { + public function testNeedsSecondFactorSessionAuthFailDBPass(): void { $user = $this->createMock(IUser::class); $user->method('getUID') ->willReturn('user'); @@ -658,7 +669,7 @@ class ManagerTest extends TestCase { $this->session->method('getId') ->willReturn('mysessionid'); - $token = $this->createMock(OC\Authentication\Token\IToken::class); + $token = $this->createMock(IToken::class); $token->method('getId') ->willReturn(40); @@ -679,7 +690,7 @@ class ManagerTest extends TestCase { $this->assertFalse($this->manager->needsSecondFactor($user)); } - public function testNeedsSecondFactorInvalidToken() { + public function testNeedsSecondFactorInvalidToken(): void { $this->prepareNoProviders(); $user = $this->createMock(IUser::class); @@ -693,19 +704,92 @@ class ManagerTest extends TestCase { $this->tokenProvider->method('getToken') ->with('mysessionid') - ->willThrowException(new OC\Authentication\Exceptions\InvalidTokenException()); + ->willThrowException(new InvalidTokenException()); $this->config->method('getUserKeys')->willReturn([]); $this->assertFalse($this->manager->needsSecondFactor($user)); } - public function testNeedsSecondFactorAppPassword() { + public function testNeedsSecondFactorAppPassword(): void { $user = $this->createMock(IUser::class); $this->session->method('exists') - ->with('app_password') - ->willReturn(true); + ->willReturnMap([ + ['app_password', true], + ['app_api', true] + ]); $this->assertFalse($this->manager->needsSecondFactor($user)); } + + public function testClearTwoFactorPending() { + $this->config->method('getUserKeys') + ->with('theUserId', 'login_token_2fa') + ->willReturn([ + '42', '43', '44' + ]); + + $deleteUserValueCalls = [ + ['theUserId', 'login_token_2fa', '42'], + ['theUserId', 'login_token_2fa', '43'], + ['theUserId', 'login_token_2fa', '44'], + ]; + $this->config->expects($this->exactly(3)) + ->method('deleteUserValue') + ->willReturnCallback(function () use (&$deleteUserValueCalls): void { + $expected = array_shift($deleteUserValueCalls); + $this->assertEquals($expected, func_get_args()); + }); + + $invalidateCalls = [ + ['theUserId', 42], + ['theUserId', 43], + ['theUserId', 44], + ]; + $this->tokenProvider->expects($this->exactly(3)) + ->method('invalidateTokenById') + ->willReturnCallback(function () use (&$invalidateCalls): void { + $expected = array_shift($invalidateCalls); + $this->assertEquals($expected, func_get_args()); + }); + + $this->manager->clearTwoFactorPending('theUserId'); + } + + public function testClearTwoFactorPendingTokenDoesNotExist() { + $this->config->method('getUserKeys') + ->with('theUserId', 'login_token_2fa') + ->willReturn([ + '42', '43', '44' + ]); + + $deleteUserValueCalls = [ + ['theUserId', 'login_token_2fa', '42'], + ['theUserId', 'login_token_2fa', '43'], + ['theUserId', 'login_token_2fa', '44'], + ]; + $this->config->expects($this->exactly(3)) + ->method('deleteUserValue') + ->willReturnCallback(function () use (&$deleteUserValueCalls): void { + $expected = array_shift($deleteUserValueCalls); + $this->assertEquals($expected, func_get_args()); + }); + + $invalidateCalls = [ + ['theUserId', 42], + ['theUserId', 43], + ['theUserId', 44], + ]; + $this->tokenProvider->expects($this->exactly(3)) + ->method('invalidateTokenById') + ->willReturnCallback(function ($user, $tokenId) use (&$invalidateCalls): void { + $expected = array_shift($invalidateCalls); + $this->assertEquals($expected, func_get_args()); + if ($tokenId === 43) { + throw new DoesNotExistException('token does not exist'); + } + }); + + $this->manager->clearTwoFactorPending('theUserId'); + } } diff --git a/tests/lib/Authentication/TwoFactorAuth/MandatoryTwoFactorTest.php b/tests/lib/Authentication/TwoFactorAuth/MandatoryTwoFactorTest.php index 525defd671b..d2ecd3c509c 100644 --- a/tests/lib/Authentication/TwoFactorAuth/MandatoryTwoFactorTest.php +++ b/tests/lib/Authentication/TwoFactorAuth/MandatoryTwoFactorTest.php @@ -3,25 +3,8 @@ declare(strict_types=1); /** - * @copyright 2018 Christoph Wurst <christoph@winzerhof-wurst.at> - * - * @author 2018 Christoph Wurst <christoph@winzerhof-wurst.at> - * - * @license GNU AGPL version 3 or any later version - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * + * SPDX-FileCopyrightText: 2018 Nextcloud GmbH and Nextcloud contributors + * SPDX-License-Identifier: AGPL-3.0-or-later */ namespace Tests\Authentication\TwoFactorAuth; @@ -35,7 +18,6 @@ use PHPUnit\Framework\MockObject\MockObject; use Test\TestCase; class MandatoryTwoFactorTest extends TestCase { - /** @var IConfig|MockObject */ private $config; @@ -54,7 +36,7 @@ class MandatoryTwoFactorTest extends TestCase { $this->mandatoryTwoFactor = new MandatoryTwoFactor($this->config, $this->groupManager); } - public function testIsNotEnforced() { + public function testIsNotEnforced(): void { $this->config ->method('getSystemValue') ->willReturnMap([ @@ -68,7 +50,7 @@ class MandatoryTwoFactorTest extends TestCase { $this->assertFalse($state->isEnforced()); } - public function testIsEnforced() { + public function testIsEnforced(): void { $this->config ->method('getSystemValue') ->willReturnMap([ @@ -82,7 +64,7 @@ class MandatoryTwoFactorTest extends TestCase { $this->assertTrue($state->isEnforced()); } - public function testIsNotEnforcedForAnybody() { + public function testIsNotEnforcedForAnybody(): void { $user = $this->createMock(IUser::class); $user->method('getUID')->willReturn('user123'); $this->config @@ -98,7 +80,7 @@ class MandatoryTwoFactorTest extends TestCase { $this->assertFalse($isEnforced); } - public function testIsEnforcedForAGroupMember() { + public function testIsEnforcedForAGroupMember(): void { $user = $this->createMock(IUser::class); $user->method('getUID')->willReturn('user123'); $this->config @@ -118,7 +100,7 @@ class MandatoryTwoFactorTest extends TestCase { $this->assertTrue($isEnforced); } - public function testIsEnforcedForOtherGroups() { + public function testIsEnforcedForOtherGroups(): void { $user = $this->createMock(IUser::class); $user->method('getUID')->willReturn('user123'); $this->config @@ -136,7 +118,7 @@ class MandatoryTwoFactorTest extends TestCase { $this->assertFalse($isEnforced); } - public function testIsEnforcedButMemberOfExcludedGroup() { + public function testIsEnforcedButMemberOfExcludedGroup(): void { $user = $this->createMock(IUser::class); $user->method('getUID')->willReturn('user123'); $this->config @@ -156,7 +138,7 @@ class MandatoryTwoFactorTest extends TestCase { $this->assertFalse($isEnforced); } - public function testSetEnforced() { + public function testSetEnforced(): void { $this->config ->expects($this->exactly(3)) ->method('setSystemValue') @@ -169,7 +151,7 @@ class MandatoryTwoFactorTest extends TestCase { $this->mandatoryTwoFactor->setState(new EnforcementState(true)); } - public function testSetEnforcedForGroups() { + public function testSetEnforcedForGroups(): void { $this->config ->expects($this->exactly(3)) ->method('setSystemValue') @@ -182,7 +164,7 @@ class MandatoryTwoFactorTest extends TestCase { $this->mandatoryTwoFactor->setState(new EnforcementState(true, ['twofactorers'], ['yoloers'])); } - public function testSetNotEnforced() { + public function testSetNotEnforced(): void { $this->config ->expects($this->exactly(3)) ->method('setSystemValue') diff --git a/tests/lib/Authentication/TwoFactorAuth/ProviderLoaderTest.php b/tests/lib/Authentication/TwoFactorAuth/ProviderLoaderTest.php index d9c565a3f6d..6eb3b7dfb26 100644 --- a/tests/lib/Authentication/TwoFactorAuth/ProviderLoaderTest.php +++ b/tests/lib/Authentication/TwoFactorAuth/ProviderLoaderTest.php @@ -3,25 +3,8 @@ declare(strict_types=1); /** - * @copyright 2018 Christoph Wurst <christoph@winzerhof-wurst.at> - * - * @author 2018 Christoph Wurst <christoph@winzerhof-wurst.at> - * - * @license GNU AGPL version 3 or any later version - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * + * SPDX-FileCopyrightText: 2018 Nextcloud GmbH and Nextcloud contributors + * SPDX-License-Identifier: AGPL-3.0-or-later */ namespace lib\Authentication\TwoFactorAuth; @@ -37,7 +20,6 @@ use PHPUnit\Framework\MockObject\MockObject; use Test\TestCase; class ProviderLoaderTest extends TestCase { - /** @var IAppManager|MockObject */ private $appManager; @@ -65,7 +47,7 @@ class ProviderLoaderTest extends TestCase { } - public function testFailHardIfProviderCanNotBeLoaded() { + public function testFailHardIfProviderCanNotBeLoaded(): void { $this->expectException(\Exception::class); $this->expectExceptionMessage('Could not load two-factor auth provider \\OCA\\MyFaulty2faApp\\DoesNotExist'); @@ -87,7 +69,7 @@ class ProviderLoaderTest extends TestCase { $this->loader->getProviders($this->user); } - public function testGetProviders() { + public function testGetProviders(): void { $provider = $this->createMock(IProvider::class); $provider->method('getId')->willReturn('test'); \OC::$server->registerService('\\OCA\\TwoFactorTest\\Provider', function () use ($provider) { @@ -111,7 +93,7 @@ class ProviderLoaderTest extends TestCase { $this->assertSame($provider, $providers['test']); } - public function testGetProvidersBootstrap() { + public function testGetProvidersBootstrap(): void { $provider = $this->createMock(IProvider::class); $provider->method('getId')->willReturn('test'); diff --git a/tests/lib/Authentication/TwoFactorAuth/ProviderManagerTest.php b/tests/lib/Authentication/TwoFactorAuth/ProviderManagerTest.php index 0c85d0cf1ba..a1f2a6fa69a 100644 --- a/tests/lib/Authentication/TwoFactorAuth/ProviderManagerTest.php +++ b/tests/lib/Authentication/TwoFactorAuth/ProviderManagerTest.php @@ -3,29 +3,13 @@ declare(strict_types=1); /** - * @copyright 2018 Christoph Wurst <christoph@winzerhof-wurst.at> - * - * @author 2018 Christoph Wurst <christoph@winzerhof-wurst.at> - * - * @license GNU AGPL version 3 or any later version - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * + * SPDX-FileCopyrightText: 2018 Nextcloud GmbH and Nextcloud contributors + * SPDX-License-Identifier: AGPL-3.0-or-later */ namespace lib\Authentication\TwoFactorAuth; +use OC\Authentication\Exceptions\InvalidProviderException; use OC\Authentication\TwoFactorAuth\ProviderLoader; use OC\Authentication\TwoFactorAuth\ProviderManager; use OCP\Authentication\TwoFactorAuth\IActivatableByAdmin; @@ -37,7 +21,6 @@ use PHPUnit\Framework\MockObject\MockObject; use Test\TestCase; class ProviderManagerTest extends TestCase { - /** @var ProviderLoader|MockObject */ private $providerLoader; @@ -59,15 +42,15 @@ class ProviderManagerTest extends TestCase { ); } - - public function testTryEnableInvalidProvider() { - $this->expectException(\OC\Authentication\Exceptions\InvalidProviderException::class); + + public function testTryEnableInvalidProvider(): void { + $this->expectException(InvalidProviderException::class); $user = $this->createMock(IUser::class); $this->providerManager->tryEnableProviderFor('none', $user); } - public function testTryEnableUnsupportedProvider() { + public function testTryEnableUnsupportedProvider(): void { $user = $this->createMock(IUser::class); $provider = $this->createMock(IProvider::class); $this->providerLoader->expects($this->once()) @@ -84,7 +67,7 @@ class ProviderManagerTest extends TestCase { $this->assertFalse($res); } - public function testTryEnableProvider() { + public function testTryEnableProvider(): void { $user = $this->createMock(IUser::class); $provider = $this->createMock(IActivatableByAdmin::class); $this->providerLoader->expects($this->once()) @@ -105,15 +88,15 @@ class ProviderManagerTest extends TestCase { $this->assertTrue($res); } - - public function testTryDisableInvalidProvider() { - $this->expectException(\OC\Authentication\Exceptions\InvalidProviderException::class); + + public function testTryDisableInvalidProvider(): void { + $this->expectException(InvalidProviderException::class); $user = $this->createMock(IUser::class); $this->providerManager->tryDisableProviderFor('none', $user); } - public function testTryDisableUnsupportedProvider() { + public function testTryDisableUnsupportedProvider(): void { $user = $this->createMock(IUser::class); $provider = $this->createMock(IProvider::class); $this->providerLoader->expects($this->once()) @@ -130,7 +113,7 @@ class ProviderManagerTest extends TestCase { $this->assertFalse($res); } - public function testTryDisableProvider() { + public function testTryDisableProvider(): void { $user = $this->createMock(IUser::class); $provider = $this->createMock(IDeactivatableByAdmin::class); $this->providerLoader->expects($this->once()) diff --git a/tests/lib/Authentication/TwoFactorAuth/ProviderSetTest.php b/tests/lib/Authentication/TwoFactorAuth/ProviderSetTest.php index ef221851894..568b83567f8 100644 --- a/tests/lib/Authentication/TwoFactorAuth/ProviderSetTest.php +++ b/tests/lib/Authentication/TwoFactorAuth/ProviderSetTest.php @@ -3,25 +3,8 @@ declare(strict_types=1); /** - * @copyright 2018 Christoph Wurst <christoph@winzerhof-wurst.at> - * - * @author 2018 Christoph Wurst <christoph@winzerhof-wurst.at> - * - * @license GNU AGPL version 3 or any later version - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * + * SPDX-FileCopyrightText: 2018 Nextcloud GmbH and Nextcloud contributors + * SPDX-License-Identifier: AGPL-3.0-or-later */ namespace Test\Authentication\TwoFactorAuth; @@ -32,11 +15,10 @@ use OCP\Authentication\TwoFactorAuth\IProvider; use Test\TestCase; class ProviderSetTest extends TestCase { - /** @var ProviderSet */ private $providerSet; - public function testIndexesProviders() { + public function testIndexesProviders(): void { $p1 = $this->createMock(IProvider::class); $p1->method('getId')->willReturn('p1'); $p2 = $this->createMock(IProvider::class); @@ -51,7 +33,7 @@ class ProviderSetTest extends TestCase { $this->assertEquals($expected, $set->getProviders()); } - public function testGet3rdPartyProviders() { + public function testGet3rdPartyProviders(): void { $p1 = $this->createMock(IProvider::class); $p1->method('getId')->willReturn('p1'); $p2 = $this->createMock(IProvider::class); @@ -68,7 +50,7 @@ class ProviderSetTest extends TestCase { $this->assertEquals($expected, $set->getPrimaryProviders()); } - public function testGetProvider() { + public function testGetProvider(): void { $p1 = $this->createMock(IProvider::class); $p1->method('getId')->willReturn('p1'); @@ -78,14 +60,14 @@ class ProviderSetTest extends TestCase { $this->assertEquals($p1, $provider); } - public function testGetProviderNotFound() { + public function testGetProviderNotFound(): void { $set = new ProviderSet([], false); $provider = $set->getProvider('p1'); $this->assertNull($provider); } - public function testIsProviderMissing() { + public function testIsProviderMissing(): void { $set = new ProviderSet([], true); $this->assertTrue($set->isProviderMissing()); diff --git a/tests/lib/Authentication/TwoFactorAuth/RegistryTest.php b/tests/lib/Authentication/TwoFactorAuth/RegistryTest.php index b0d0ef8efef..2018dc1a634 100644 --- a/tests/lib/Authentication/TwoFactorAuth/RegistryTest.php +++ b/tests/lib/Authentication/TwoFactorAuth/RegistryTest.php @@ -3,25 +3,8 @@ declare(strict_types=1); /** - * @copyright 2018 Christoph Wurst <christoph@winzerhof-wurst.at> - * - * @author 2018 Christoph Wurst <christoph@winzerhof-wurst.at> - * - * @license GNU AGPL version 3 or any later version - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * + * SPDX-FileCopyrightText: 2018 Nextcloud GmbH and Nextcloud contributors + * SPDX-License-Identifier: AGPL-3.0-or-later */ namespace Test\Authentication\TwoFactorAuth; @@ -32,13 +15,15 @@ use OCP\Authentication\TwoFactorAuth\IProvider; use OCP\Authentication\TwoFactorAuth\IRegistry; use OCP\Authentication\TwoFactorAuth\RegistryEvent; use OCP\Authentication\TwoFactorAuth\TwoFactorProviderDisabled; +use OCP\Authentication\TwoFactorAuth\TwoFactorProviderForUserRegistered; +use OCP\Authentication\TwoFactorAuth\TwoFactorProviderForUserUnregistered; +use OCP\Authentication\TwoFactorAuth\TwoFactorProviderUserDeleted; use OCP\EventDispatcher\IEventDispatcher; use OCP\IUser; use PHPUnit\Framework\MockObject\MockObject; use Test\TestCase; class RegistryTest extends TestCase { - /** @var ProviderUserAssignmentDao|MockObject */ private $dao; @@ -57,7 +42,7 @@ class RegistryTest extends TestCase { $this->registry = new Registry($this->dao, $this->dispatcher); } - public function testGetProviderStates() { + public function testGetProviderStates(): void { $user = $this->createMock(IUser::class); $user->expects($this->once())->method('getUID')->willReturn('user123'); $state = [ @@ -70,7 +55,7 @@ class RegistryTest extends TestCase { $this->assertEquals($state, $actual); } - public function testEnableProvider() { + public function testEnableProvider(): void { $user = $this->createMock(IUser::class); $provider = $this->createMock(IProvider::class); $user->expects($this->once())->method('getUID')->willReturn('user123'); @@ -86,11 +71,17 @@ class RegistryTest extends TestCase { return $e->getUser() === $user && $e->getProvider() === $provider; }) ); + $this->dispatcher->expects($this->once()) + ->method('dispatchTyped') + ->with(new TwoFactorProviderForUserRegistered( + $user, + $provider, + )); $this->registry->enableProviderFor($provider, $user); } - public function testDisableProvider() { + public function testDisableProvider(): void { $user = $this->createMock(IUser::class); $provider = $this->createMock(IProvider::class); $user->expects($this->once())->method('getUID')->willReturn('user123'); @@ -107,11 +98,17 @@ class RegistryTest extends TestCase { return $e->getUser() === $user && $e->getProvider() === $provider; }) ); + $this->dispatcher->expects($this->once()) + ->method('dispatchTyped') + ->with(new TwoFactorProviderForUserUnregistered( + $user, + $provider, + )); $this->registry->disableProviderFor($provider, $user); } - public function testDeleteUserData() { + public function testDeleteUserData(): void { $user = $this->createMock(IUser::class); $user->expects($this->once())->method('getUID')->willReturn('user123'); $this->dao->expects($this->once()) @@ -122,14 +119,22 @@ class RegistryTest extends TestCase { 'provider_id' => 'twofactor_u2f', ] ]); - $this->dispatcher->expects($this->once()) + + $calls = [ + [new TwoFactorProviderDisabled('twofactor_u2f')], + [new TwoFactorProviderUserDeleted($user, 'twofactor_u2f')], + ]; + $this->dispatcher->expects($this->exactly(2)) ->method('dispatchTyped') - ->with(new TwoFactorProviderDisabled('twofactor_u2f')); + ->willReturnCallback(function () use (&$calls): void { + $expected = array_shift($calls); + $this->assertEquals($expected, func_get_args()); + }); $this->registry->deleteUserData($user); } - public function testCleanUp() { + public function testCleanUp(): void { $this->dao->expects($this->once()) ->method('deleteAll') ->with('twofactor_u2f'); |