aboutsummaryrefslogtreecommitdiffstats
path: root/tests/lib/User/SessionTest.php
diff options
context:
space:
mode:
Diffstat (limited to 'tests/lib/User/SessionTest.php')
-rw-r--r--tests/lib/User/SessionTest.php54
1 files changed, 52 insertions, 2 deletions
diff --git a/tests/lib/User/SessionTest.php b/tests/lib/User/SessionTest.php
index b6ac7a69fed..50adda64afd 100644
--- a/tests/lib/User/SessionTest.php
+++ b/tests/lib/User/SessionTest.php
@@ -14,6 +14,7 @@ use OC\Authentication\Exceptions\InvalidTokenException;
use OC\Authentication\Exceptions\PasswordLoginForbiddenException;
use OC\Authentication\Token\IProvider;
use OC\Authentication\Token\IToken;
+use OC\Security\CSRF\CsrfTokenManager;
use OC\Session\Memory;
use OC\User\LoginException;
use OC\User\Manager;
@@ -34,7 +35,6 @@ use OCP\Security\ISecureRandom;
use OCP\User\Events\PostLoginEvent;
use PHPUnit\Framework\MockObject\MockObject;
use Psr\Log\LoggerInterface;
-use OC\Security\CSRF\CsrfTokenManager;
/**
* @group DB
@@ -479,6 +479,56 @@ class SessionTest extends \Test\TestCase {
$userSession->logClientIn('john', 'doe', $request, $this->throttler);
}
+ public function testTryTokenLoginNoHeaderNoSessionCookie(): void {
+ $request = $this->createMock(IRequest::class);
+ $this->config->expects(self::once())
+ ->method('getSystemValueString')
+ ->with('instanceid')
+ ->willReturn('abc123');
+ $request->method('getHeader')->with('Authorization')->willReturn('');
+ $request->method('getCookie')->with('abc123')->willReturn(null);
+ $this->tokenProvider->expects(self::never())
+ ->method('getToken');
+
+ $loginResult = $this->userSession->tryTokenLogin($request);
+
+ self::assertFalse($loginResult);
+ }
+
+ public function testTryTokenLoginAuthorizationHeaderTokenNotFound(): void {
+ $request = $this->createMock(IRequest::class);
+ $request->method('getHeader')->with('Authorization')->willReturn('Bearer abcde-12345');
+ $this->tokenProvider->expects(self::once())
+ ->method('getToken')
+ ->with('abcde-12345')
+ ->willThrowException(new InvalidTokenException());
+
+ $loginResult = $this->userSession->tryTokenLogin($request);
+
+ self::assertFalse($loginResult);
+ }
+
+ public function testTryTokenLoginSessionIdTokenNotFound(): void {
+ $request = $this->createMock(IRequest::class);
+ $this->config->expects(self::once())
+ ->method('getSystemValueString')
+ ->with('instanceid')
+ ->willReturn('abc123');
+ $request->method('getHeader')->with('Authorization')->willReturn('');
+ $request->method('getCookie')->with('abc123')->willReturn('abcde12345');
+ $this->session->expects(self::once())
+ ->method('getId')
+ ->willReturn('abcde12345');
+ $this->tokenProvider->expects(self::once())
+ ->method('getToken')
+ ->with('abcde12345')
+ ->willThrowException(new InvalidTokenException());
+
+ $loginResult = $this->userSession->tryTokenLogin($request);
+
+ self::assertFalse($loginResult);
+ }
+
public function testRememberLoginValidToken() {
$session = $this->getMockBuilder(Memory::class)->setConstructorArgs([''])->getMock();
$managerMethods = get_class_methods(Manager::class);
@@ -1110,7 +1160,7 @@ class SessionTest extends \Test\TestCase {
$userSession->expects($this->once())
->method('isTokenPassword')
- ->willReturn(true);
+ ->willReturn(false);
$userSession->expects($this->once())
->method('login')
->with('john@foo.bar', 'I-AM-AN-PASSWORD')