summaryrefslogtreecommitdiffstats
path: root/tests/lib/User/SessionTest.php
diff options
context:
space:
mode:
Diffstat (limited to 'tests/lib/User/SessionTest.php')
-rw-r--r--tests/lib/User/SessionTest.php420
1 files changed, 0 insertions, 420 deletions
diff --git a/tests/lib/User/SessionTest.php b/tests/lib/User/SessionTest.php
index 334c3d9065f..bed83cf0e31 100644
--- a/tests/lib/User/SessionTest.php
+++ b/tests/lib/User/SessionTest.php
@@ -9,8 +9,6 @@
namespace Test\User;
use OC\AppFramework\Http\Request;
-use OC\Authentication\Token\DefaultTokenMapper;
-use OC\Authentication\Token\DefaultTokenProvider;
use OC\Authentication\Token\IProvider;
use OC\Authentication\Token\IToken;
use OC\Security\Bruteforce\Throttler;
@@ -42,8 +40,6 @@ use Symfony\Component\EventDispatcher\EventDispatcherInterface;
class SessionTest extends \Test\TestCase {
/** @var ITimeFactory|MockObject */
private $timeFactory;
- /** @var DefaultTokenProvider|MockObject */
- protected $tokenProvider;
/** @var IConfig|MockObject */
private $config;
/** @var Throttler|MockObject */
@@ -99,63 +95,6 @@ class SessionTest extends \Test\TestCase {
\OC_User::setIncognitoMode(false);
}
- public function testGetUser() {
- $token = new \OC\Authentication\Token\DefaultToken();
- $token->setLoginName('User123');
- $token->setLastCheck(200);
-
- $expectedUser = $this->createMock(IUser::class);
- $expectedUser->expects($this->any())
- ->method('getUID')
- ->willReturn('user123');
- $session = $this->getMockBuilder(Memory::class)->setConstructorArgs([''])->getMock();
- $session->expects($this->at(0))
- ->method('get')
- ->with('user_id')
- ->willReturn($expectedUser->getUID());
- $sessionId = 'abcdef12345';
-
- $manager = $this->getMockBuilder('\OC\User\Manager')
- ->disableOriginalConstructor()
- ->getMock();
- $session->expects($this->at(1))
- ->method('get')
- ->with('app_password')
- ->willReturn(null); // No password set -> browser session
- $session->expects($this->once())
- ->method('getId')
- ->willReturn($sessionId);
- $this->tokenProvider->expects($this->once())
- ->method('getToken')
- ->with($sessionId)
- ->willReturn($token);
- $this->tokenProvider->expects($this->once())
- ->method('getPassword')
- ->with($token, $sessionId)
- ->willReturn('passme');
- $manager->expects($this->once())
- ->method('checkPassword')
- ->with('User123', 'passme')
- ->willReturn(true);
- $expectedUser->expects($this->once())
- ->method('isEnabled')
- ->willReturn(true);
-
- $this->tokenProvider->expects($this->once())
- ->method('updateTokenActivity')
- ->with($token);
-
- $manager->expects($this->once())
- ->method('get')
- ->with($expectedUser->getUID())
- ->willReturn($expectedUser);
-
- $userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random, $this->lockdownManager, $this->logger, $this->dispatcher);
- $user = $userSession->getUser();
- $this->assertSame($expectedUser, $user);
- $this->assertSame(10000, $token->getLastCheck());
- }
-
public function isLoggedInData() {
return [
[true],
@@ -390,36 +329,6 @@ class SessionTest extends \Test\TestCase {
$userSession->login('foo', 'bar');
}
- /**
- * When using a device token, the loginname must match the one that was used
- * when generating the token on the browser.
- */
- public function testLoginWithDifferentTokenLoginName() {
- $session = $this->getMockBuilder(Memory::class)->setConstructorArgs([''])->getMock();
- $manager = $this->createMock(Manager::class);
- $userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random, $this->lockdownManager, $this->logger, $this->dispatcher);
- $username = 'user123';
- $token = new \OC\Authentication\Token\DefaultToken();
- $token->setLoginName($username);
-
- $session->expects($this->never())
- ->method('set');
- $session->expects($this->once())
- ->method('regenerateId');
- $this->tokenProvider->expects($this->once())
- ->method('getToken')
- ->with('bar')
- ->willReturn($token);
-
- $manager->expects($this->once())
- ->method('checkPasswordNoLogging')
- ->with('foo', 'bar')
- ->willReturn(false);
-
- $userSession->login('foo', 'bar');
- }
-
-
public function testLogClientInNoTokenPasswordWith2fa() {
$this->expectException(\OC\Authentication\Exceptions\PasswordLoginForbiddenException::class);
@@ -1008,335 +917,6 @@ class SessionTest extends \Test\TestCase {
$this->assertFalse($userSession->createSessionToken($request, $uid, $loginName, $password));
}
-
- public function testTryTokenLoginWithDisabledUser() {
- $this->expectException(\OC\User\LoginException::class);
-
- $manager = $this->getMockBuilder('\OC\User\Manager')
- ->disableOriginalConstructor()
- ->getMock();
- $session = new Memory('');
- $token = new \OC\Authentication\Token\DefaultToken();
- $token->setLoginName('fritz');
- $token->setUid('fritz0');
- $token->setLastCheck(100); // Needs check
- $user = $this->createMock(IUser::class);
- $userSession = $this->getMockBuilder(Session::class)
- ->setMethods(['logout'])
- ->setConstructorArgs([$manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random, $this->lockdownManager, $this->logger, $this->dispatcher])
- ->getMock();
- $request = $this->createMock(IRequest::class);
-
- $request->expects($this->once())
- ->method('getHeader')
- ->with('Authorization')
- ->willReturn('Bearer xxxxx');
- $this->tokenProvider->expects($this->once())
- ->method('getToken')
- ->with('xxxxx')
- ->willReturn($token);
- $manager->expects($this->once())
- ->method('get')
- ->with('fritz0')
- ->willReturn($user);
- $user->expects($this->once())
- ->method('isEnabled')
- ->willReturn(false);
-
- $userSession->tryTokenLogin($request);
- }
-
- public function testValidateSessionDisabledUser() {
- $userManager = $this->createMock(Manager::class);
- $session = $this->createMock(ISession::class);
- $timeFactory = $this->createMock(ITimeFactory::class);
- $tokenProvider = $this->createMock(IProvider::class);
- $userSession = $this->getMockBuilder(Session::class)
- ->setConstructorArgs([$userManager, $session, $timeFactory, $tokenProvider, $this->config, $this->random, $this->lockdownManager, $this->logger, $this->dispatcher])
- ->setMethods(['logout'])
- ->getMock();
-
- $user = $this->createMock(IUser::class);
- $token = new \OC\Authentication\Token\DefaultToken();
- $token->setLoginName('susan');
- $token->setLastCheck(20);
-
- $session->expects($this->once())
- ->method('get')
- ->with('app_password')
- ->willReturn('APP-PASSWORD');
- $tokenProvider->expects($this->once())
- ->method('getToken')
- ->with('APP-PASSWORD')
- ->willReturn($token);
- $timeFactory->expects($this->once())
- ->method('getTime')
- ->willReturn(1000); // more than 5min since last check
- $tokenProvider->expects($this->once())
- ->method('getPassword')
- ->with($token, 'APP-PASSWORD')
- ->willReturn('123456');
- $userManager->expects($this->never())
- ->method('checkPassword');
- $user->expects($this->once())
- ->method('isEnabled')
- ->willReturn(false);
- $tokenProvider->expects($this->once())
- ->method('invalidateToken')
- ->with('APP-PASSWORD');
- $userSession->expects($this->once())
- ->method('logout');
-
- $userSession->setUser($user);
- $this->invokePrivate($userSession, 'validateSession');
- }
-
- public function testValidateSessionNoPassword() {
- $userManager = $this->createMock(Manager::class);
- $session = $this->createMock(ISession::class);
- $timeFactory = $this->createMock(ITimeFactory::class);
- $tokenProvider = $this->createMock(IProvider::class);
- $userSession = $this->getMockBuilder(Session::class)
- ->setConstructorArgs([$userManager, $session, $timeFactory, $tokenProvider, $this->config, $this->random, $this->lockdownManager, $this->logger, $this->dispatcher])
- ->setMethods(['logout'])
- ->getMock();
-
- $user = $this->createMock(IUser::class);
- $token = new \OC\Authentication\Token\DefaultToken();
- $token->setLastCheck(20);
-
- $session->expects($this->once())
- ->method('get')
- ->with('app_password')
- ->willReturn('APP-PASSWORD');
- $tokenProvider->expects($this->once())
- ->method('getToken')
- ->with('APP-PASSWORD')
- ->willReturn($token);
- $timeFactory->expects($this->once())
- ->method('getTime')
- ->willReturn(1000); // more than 5min since last check
- $tokenProvider->expects($this->once())
- ->method('getPassword')
- ->with($token, 'APP-PASSWORD')
- ->will($this->throwException(new \OC\Authentication\Exceptions\PasswordlessTokenException()));
-
- $this->invokePrivate($userSession, 'validateSession', [$user]);
-
- $this->assertEquals(1000, $token->getLastCheck());
- }
-
- public function testValidateSessionInvalidPassword() {
- $userManager = $this->createMock(Manager::class);
- $session = $this->createMock(ISession::class);
- $timeFactory = $this->createMock(ITimeFactory::class);
- $tokenProvider = $this->createMock(IProvider::class);
- $userSession = $this->getMockBuilder(Session::class)
- ->setConstructorArgs([$userManager, $session, $timeFactory, $tokenProvider, $this->config, $this->random, $this->lockdownManager, $this->logger, $this->dispatcher])
- ->setMethods(['logout'])
- ->getMock();
-
- $user = $this->createMock(IUser::class);
- $token = new \OC\Authentication\Token\DefaultToken();
- $token->setLoginName('susan');
- $token->setLastCheck(20);
-
- $session->expects($this->once())
- ->method('get')
- ->with('app_password')
- ->willReturn('APP-PASSWORD');
- $tokenProvider->expects($this->once())
- ->method('getToken')
- ->with('APP-PASSWORD')
- ->willReturn($token);
- $timeFactory->expects($this->once())
- ->method('getTime')
- ->willReturn(1000); // more than 5min since last check
- $tokenProvider->expects($this->once())
- ->method('getPassword')
- ->with($token, 'APP-PASSWORD')
- ->willReturn('123456');
- $userManager->expects($this->once())
- ->method('checkPassword')
- ->with('susan', '123456')
- ->willReturn(false);
- $user->expects($this->once())
- ->method('isEnabled')
- ->willReturn(true);
- $tokenProvider->expects($this->never())
- ->method('invalidateToken');
- $tokenProvider->expects($this->once())
- ->method('markPasswordInvalid')
- ->with($token, 'APP-PASSWORD');
- $userSession->expects($this->once())
- ->method('logout');
-
- $userSession->setUser($user);
- $this->invokePrivate($userSession, 'validateSession');
- }
-
- public function testUpdateSessionTokenPassword() {
- $userManager = $this->createMock(Manager::class);
- $session = $this->createMock(ISession::class);
- $timeFactory = $this->createMock(ITimeFactory::class);
- $tokenProvider = $this->createMock(IProvider::class);
- $userSession = new \OC\User\Session($userManager, $session, $timeFactory, $tokenProvider, $this->config, $this->random, $this->lockdownManager, $this->logger, $this->dispatcher);
-
- $password = '123456';
- $sessionId = 'session1234';
- $token = new \OC\Authentication\Token\DefaultToken();
-
- $session->expects($this->once())
- ->method('getId')
- ->willReturn($sessionId);
- $tokenProvider->expects($this->once())
- ->method('getToken')
- ->with($sessionId)
- ->willReturn($token);
- $tokenProvider->expects($this->once())
- ->method('setPassword')
- ->with($token, $sessionId, $password);
-
- $userSession->updateSessionTokenPassword($password);
- }
-
- public function testUpdateSessionTokenPasswordNoSessionAvailable() {
- $userManager = $this->createMock(Manager::class);
- $session = $this->createMock(ISession::class);
- $timeFactory = $this->createMock(ITimeFactory::class);
- $tokenProvider = $this->createMock(IProvider::class);
- $userSession = new \OC\User\Session($userManager, $session, $timeFactory, $tokenProvider, $this->config, $this->random, $this->lockdownManager, $this->logger, $this->dispatcher);
-
- $session->expects($this->once())
- ->method('getId')
- ->will($this->throwException(new \OCP\Session\Exceptions\SessionNotAvailableException()));
-
- $userSession->updateSessionTokenPassword('1234');
- }
-
- public function testUpdateSessionTokenPasswordInvalidTokenException() {
- $userManager = $this->createMock(Manager::class);
- $session = $this->createMock(ISession::class);
- $timeFactory = $this->createMock(ITimeFactory::class);
- $tokenProvider = $this->createMock(IProvider::class);
- $userSession = new \OC\User\Session($userManager, $session, $timeFactory, $tokenProvider, $this->config, $this->random, $this->lockdownManager, $this->logger, $this->dispatcher);
-
- $password = '123456';
- $sessionId = 'session1234';
- $token = new \OC\Authentication\Token\DefaultToken();
-
- $session->expects($this->once())
- ->method('getId')
- ->willReturn($sessionId);
- $tokenProvider->expects($this->once())
- ->method('getToken')
- ->with($sessionId)
- ->willReturn($token);
- $tokenProvider->expects($this->once())
- ->method('setPassword')
- ->with($token, $sessionId, $password)
- ->will($this->throwException(new \OC\Authentication\Exceptions\InvalidTokenException()));
-
- $userSession->updateSessionTokenPassword($password);
- }
-
- public function testUpdateAuthTokenLastCheck() {
- $manager = $this->createMock(Manager::class);
- $session = $this->createMock(ISession::class);
- $request = $this->createMock(IRequest::class);
-
- $token = new \OC\Authentication\Token\DefaultToken();
- $token->setUid('john');
- $token->setLoginName('john');
- $token->setLastActivity(100);
- $token->setLastCheck(100);
-
- $mapper = $this->getMockBuilder(DefaultTokenMapper::class)
- ->disableOriginalConstructor()
- ->getMock();
- $crypto = $this->createMock(ICrypto::class);
- $logger = $this->createMock(LoggerInterface::class);
- $tokenProvider = new DefaultTokenProvider($mapper, $crypto, $this->config, $logger, $this->timeFactory);
-
- /** @var \OC\User\Session $userSession */
- $userSession = new Session($manager, $session, $this->timeFactory, $tokenProvider, $this->config, $this->random, $this->lockdownManager, $this->logger, $this->dispatcher);
-
- $mapper->expects($this->any())
- ->method('getToken')
- ->willReturn($token);
- $mapper->expects($this->exactly(2))
- ->method('update');
- $request
- ->expects($this->any())
- ->method('getRemoteAddress')
- ->willReturn('192.168.0.1');
- $this->throttler
- ->expects($this->once())
- ->method('sleepDelay')
- ->with('192.168.0.1')
- ->willReturn(5);
- $this->timeFactory
- ->expects($this->any())
- ->method('getTime')
- ->willReturn(100);
-
- $manager->method('getByEmail')
- ->with('john')
- ->willReturn([]);
-
- $userSession->logClientIn('john', 'doe', $request, $this->throttler);
-
- $this->assertEquals(10000, $token->getLastActivity());
- $this->assertEquals(10000, $token->getLastCheck());
- }
-
- public function testNoUpdateAuthTokenLastCheckRecent() {
- $manager = $this->createMock(Manager::class);
- $session = $this->createMock(ISession::class);
- $request = $this->createMock(IRequest::class);
-
- $token = new \OC\Authentication\Token\DefaultToken();
- $token->setUid('john');
- $token->setLoginName('john');
- $token->setLastActivity(10000);
- $token->setLastCheck(100);
-
- $mapper = $this->getMockBuilder(DefaultTokenMapper::class)
- ->disableOriginalConstructor()
- ->getMock();
- $crypto = $this->createMock(ICrypto::class);
- $logger = $this->createMock(LoggerInterface::class);
- $tokenProvider = new DefaultTokenProvider($mapper, $crypto, $this->config, $logger, $this->timeFactory);
-
- /** @var \OC\User\Session $userSession */
- $userSession = new Session($manager, $session, $this->timeFactory, $tokenProvider, $this->config, $this->random, $this->lockdownManager, $this->logger, $this->dispatcher);
-
- $mapper->expects($this->any())
- ->method('getToken')
- ->willReturn($token);
- $mapper->expects($this->once())
- ->method('update');
- $request
- ->expects($this->any())
- ->method('getRemoteAddress')
- ->willReturn('192.168.0.1');
- $this->throttler
- ->expects($this->once())
- ->method('sleepDelay')
- ->with('192.168.0.1')
- ->willReturn(5);
- $this->timeFactory
- ->expects($this->any())
- ->method('getTime')
- ->willReturn(100);
-
- $manager->method('getByEmail')
- ->with('john')
- ->willReturn([]);
-
- $userSession->logClientIn('john', 'doe', $request, $this->throttler);
- }
-
public function testCreateRememberMeToken() {
$user = $this->createMock(IUser::class);
$user