diff options
Diffstat (limited to 'tests/lib/Security/CSRF/CsrfTokenManagerTest.php')
| -rw-r--r-- | tests/lib/Security/CSRF/CsrfTokenManagerTest.php | 148 |
1 files changed, 148 insertions, 0 deletions
diff --git a/tests/lib/Security/CSRF/CsrfTokenManagerTest.php b/tests/lib/Security/CSRF/CsrfTokenManagerTest.php new file mode 100644 index 00000000000..66ee18475a4 --- /dev/null +++ b/tests/lib/Security/CSRF/CsrfTokenManagerTest.php @@ -0,0 +1,148 @@ +<?php + +declare(strict_types=1); + +/** + * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors + * SPDX-FileCopyrightText: 2016 ownCloud, Inc. + * SPDX-License-Identifier: AGPL-3.0-only + */ + +namespace Test\Security\CSRF; + +use OC\Security\CSRF\CsrfToken; +use OC\Security\CSRF\CsrfTokenManager; + +class CsrfTokenManagerTest extends \Test\TestCase { + /** @var \OC\Security\CSRF\CsrfTokenManager */ + private $csrfTokenManager; + /** @var \OC\Security\CSRF\CsrfTokenGenerator */ + private $tokenGenerator; + /** @var \OC\Security\CSRF\TokenStorage\SessionStorage */ + private $storageInterface; + + protected function setUp(): void { + parent::setUp(); + $this->tokenGenerator = $this->getMockBuilder('\OC\Security\CSRF\CsrfTokenGenerator') + ->disableOriginalConstructor()->getMock(); + $this->storageInterface = $this->getMockBuilder('\OC\Security\CSRF\TokenStorage\SessionStorage') + ->disableOriginalConstructor()->getMock(); + + $this->csrfTokenManager = new CsrfTokenManager( + $this->tokenGenerator, + $this->storageInterface + ); + } + + public function testGetTokenWithExistingToken(): void { + $this->storageInterface + ->expects($this->once()) + ->method('hasToken') + ->willReturn(true); + $this->storageInterface + ->expects($this->once()) + ->method('getToken') + ->willReturn('MyExistingToken'); + + $expected = new CsrfToken('MyExistingToken'); + $this->assertEquals($expected, $this->csrfTokenManager->getToken()); + } + + public function testGetTokenWithExistingTokenKeepsOnSecondRequest(): void { + $this->storageInterface + ->expects($this->once()) + ->method('hasToken') + ->willReturn(true); + $this->storageInterface + ->expects($this->once()) + ->method('getToken') + ->willReturn('MyExistingToken'); + + $expected = new CsrfToken('MyExistingToken'); + $token = $this->csrfTokenManager->getToken(); + $this->assertSame($token, $this->csrfTokenManager->getToken()); + $this->assertSame($token, $this->csrfTokenManager->getToken()); + } + + public function testGetTokenWithoutExistingToken(): void { + $this->storageInterface + ->expects($this->once()) + ->method('hasToken') + ->willReturn(false); + $this->tokenGenerator + ->expects($this->once()) + ->method('generateToken') + ->willReturn('MyNewToken'); + $this->storageInterface + ->expects($this->once()) + ->method('setToken') + ->with('MyNewToken'); + + $expected = new CsrfToken('MyNewToken'); + $this->assertEquals($expected, $this->csrfTokenManager->getToken()); + } + + public function testRefreshToken(): void { + $this->tokenGenerator + ->expects($this->once()) + ->method('generateToken') + ->willReturn('MyNewToken'); + $this->storageInterface + ->expects($this->once()) + ->method('setToken') + ->with('MyNewToken'); + + $expected = new CsrfToken('MyNewToken'); + $this->assertEquals($expected, $this->csrfTokenManager->refreshToken()); + } + + public function testRemoveToken(): void { + $this->storageInterface + ->expects($this->once()) + ->method('removeToken'); + + $this->csrfTokenManager->removeToken(); + } + + public function testIsTokenValidWithoutToken(): void { + $this->storageInterface + ->expects($this->once()) + ->method('hasToken') + ->willReturn(false); + $token = new CsrfToken('Token'); + + $this->assertSame(false, $this->csrfTokenManager->isTokenValid($token)); + } + + public function testIsTokenValidWithWrongToken(): void { + $this->storageInterface + ->expects($this->once()) + ->method('hasToken') + ->willReturn(true); + $token = new CsrfToken('Token'); + $this->storageInterface + ->expects($this->once()) + ->method('getToken') + ->willReturn('MyToken'); + + $this->assertSame(false, $this->csrfTokenManager->isTokenValid($token)); + } + + public function testIsTokenValidWithValidToken(): void { + $a = 'abc'; + $b = 'def'; + $xorB64 = 'BQcF'; + $tokenVal = sprintf('%s:%s', $xorB64, base64_encode($a)); + $this->storageInterface + ->expects($this->once()) + ->method('hasToken') + ->willReturn(true); + $token = new CsrfToken($tokenVal); + $this->storageInterface + ->expects($this->once()) + ->method('getToken') + ->willReturn($b); + + $this->assertSame(true, $this->csrfTokenManager->isTokenValid($token)); + } +} |