aboutsummaryrefslogtreecommitdiffstats
path: root/tests
diff options
context:
space:
mode:
Diffstat (limited to 'tests')
-rw-r--r--tests/lib/appframework/http/RequestTest.php90
-rw-r--r--tests/lib/avatarmanagertest.php2
-rw-r--r--tests/lib/avatartest.php31
-rw-r--r--tests/lib/security/csrf/CsrfTokenGeneratorTest.php54
-rw-r--r--tests/lib/security/csrf/CsrfTokenManagerTest.php134
-rw-r--r--tests/lib/security/csrf/CsrfTokenTest.php33
-rw-r--r--tests/lib/security/csrf/tokenstorage/SessionStorageTest.php107
-rw-r--r--tests/lib/util.php5
8 files changed, 441 insertions, 15 deletions
diff --git a/tests/lib/appframework/http/RequestTest.php b/tests/lib/appframework/http/RequestTest.php
index ab79eb498fa..3f1d09c2a93 100644
--- a/tests/lib/appframework/http/RequestTest.php
+++ b/tests/lib/appframework/http/RequestTest.php
@@ -10,6 +10,8 @@
namespace OC\AppFramework\Http;
+use OC\Security\CSRF\CsrfToken;
+use OC\Security\CSRF\CsrfTokenManager;
use OCP\Security\ISecureRandom;
use OCP\IConfig;
@@ -25,6 +27,8 @@ class RequestTest extends \Test\TestCase {
protected $secureRandom;
/** @var IConfig */
protected $config;
+ /** @var CsrfTokenManager */
+ protected $csrfTokenManager;
protected function setUp() {
parent::setUp();
@@ -37,6 +41,8 @@ class RequestTest extends \Test\TestCase {
$this->secureRandom = $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock();
$this->config = $this->getMockBuilder('\OCP\IConfig')->getMock();
+ $this->csrfTokenManager = $this->getMockBuilder('\OC\Security\CSRF\CsrfTokenManager')
+ ->disableOriginalConstructor()->getMock();
}
protected function tearDown() {
@@ -54,6 +60,7 @@ class RequestTest extends \Test\TestCase {
$vars,
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -86,6 +93,7 @@ class RequestTest extends \Test\TestCase {
$vars,
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -108,6 +116,7 @@ class RequestTest extends \Test\TestCase {
$vars,
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -127,6 +136,7 @@ class RequestTest extends \Test\TestCase {
$vars,
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -146,6 +156,7 @@ class RequestTest extends \Test\TestCase {
$vars,
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -162,6 +173,7 @@ class RequestTest extends \Test\TestCase {
$vars,
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -183,6 +195,7 @@ class RequestTest extends \Test\TestCase {
$vars,
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -206,6 +219,7 @@ class RequestTest extends \Test\TestCase {
$vars,
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -227,6 +241,7 @@ class RequestTest extends \Test\TestCase {
$vars,
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -251,6 +266,7 @@ class RequestTest extends \Test\TestCase {
$vars,
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -271,6 +287,7 @@ class RequestTest extends \Test\TestCase {
$vars,
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -295,6 +312,7 @@ class RequestTest extends \Test\TestCase {
$vars,
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -324,6 +342,7 @@ class RequestTest extends \Test\TestCase {
$vars,
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -345,6 +364,7 @@ class RequestTest extends \Test\TestCase {
$vars,
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -361,6 +381,7 @@ class RequestTest extends \Test\TestCase {
[],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -372,6 +393,7 @@ class RequestTest extends \Test\TestCase {
[],
\OC::$server->getSecureRandom(),
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
$firstId = $request->getId();
@@ -396,6 +418,7 @@ class RequestTest extends \Test\TestCase {
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -424,6 +447,7 @@ class RequestTest extends \Test\TestCase {
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -452,6 +476,7 @@ class RequestTest extends \Test\TestCase {
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -484,6 +509,7 @@ class RequestTest extends \Test\TestCase {
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -534,6 +560,7 @@ class RequestTest extends \Test\TestCase {
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -561,6 +588,7 @@ class RequestTest extends \Test\TestCase {
[],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -582,6 +610,7 @@ class RequestTest extends \Test\TestCase {
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
$requestHttp = new Request(
@@ -592,6 +621,7 @@ class RequestTest extends \Test\TestCase {
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -615,6 +645,7 @@ class RequestTest extends \Test\TestCase {
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
$this->assertSame('https', $request->getServerProtocol());
@@ -635,6 +666,7 @@ class RequestTest extends \Test\TestCase {
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
$this->assertSame('http', $request->getServerProtocol());
@@ -655,6 +687,7 @@ class RequestTest extends \Test\TestCase {
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
$this->assertSame('http', $request->getServerProtocol());
@@ -671,6 +704,7 @@ class RequestTest extends \Test\TestCase {
[],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
$this->assertSame('http', $request->getServerProtocol());
@@ -691,6 +725,7 @@ class RequestTest extends \Test\TestCase {
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -712,6 +747,7 @@ class RequestTest extends \Test\TestCase {
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -729,6 +765,7 @@ class RequestTest extends \Test\TestCase {
[],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -817,6 +854,7 @@ class RequestTest extends \Test\TestCase {
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -833,6 +871,7 @@ class RequestTest extends \Test\TestCase {
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -850,6 +889,7 @@ class RequestTest extends \Test\TestCase {
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -867,6 +907,7 @@ class RequestTest extends \Test\TestCase {
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -894,6 +935,7 @@ class RequestTest extends \Test\TestCase {
[],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -915,6 +957,7 @@ class RequestTest extends \Test\TestCase {
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -941,6 +984,7 @@ class RequestTest extends \Test\TestCase {
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -967,6 +1011,7 @@ class RequestTest extends \Test\TestCase {
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -983,6 +1028,7 @@ class RequestTest extends \Test\TestCase {
[],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -1010,6 +1056,7 @@ class RequestTest extends \Test\TestCase {
[],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -1025,6 +1072,7 @@ class RequestTest extends \Test\TestCase {
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -1045,6 +1093,7 @@ class RequestTest extends \Test\TestCase {
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -1065,6 +1114,7 @@ class RequestTest extends \Test\TestCase {
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -1087,6 +1137,7 @@ class RequestTest extends \Test\TestCase {
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -1109,6 +1160,7 @@ class RequestTest extends \Test\TestCase {
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -1131,6 +1183,7 @@ class RequestTest extends \Test\TestCase {
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -1153,6 +1206,7 @@ class RequestTest extends \Test\TestCase {
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -1207,6 +1261,7 @@ class RequestTest extends \Test\TestCase {
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
);
@@ -1246,6 +1301,7 @@ class RequestTest extends \Test\TestCase {
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
])
->getMock();
@@ -1266,13 +1322,19 @@ class RequestTest extends \Test\TestCase {
'get' => [
'requesttoken' => 'AAAHGxsTCTc3BgMQESAcNR0OAR0=:MyTotalSecretShareds',
],
- 'requesttoken' => 'MyStoredRequestToken',
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
])
->getMock();
+ $token = new CsrfToken('AAAHGxsTCTc3BgMQESAcNR0OAR0=:MyTotalSecretShareds');
+ $this->csrfTokenManager
+ ->expects($this->once())
+ ->method('isTokenValid')
+ ->with($token)
+ ->willReturn(true);
$this->assertTrue($request->passesCSRFCheck());
}
@@ -1286,13 +1348,19 @@ class RequestTest extends \Test\TestCase {
'post' => [
'requesttoken' => 'AAAHGxsTCTc3BgMQESAcNR0OAR0=:MyTotalSecretShareds',
],
- 'requesttoken' => 'MyStoredRequestToken',
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
])
->getMock();
+ $token = new CsrfToken('AAAHGxsTCTc3BgMQESAcNR0OAR0=:MyTotalSecretShareds');
+ $this->csrfTokenManager
+ ->expects($this->once())
+ ->method('isTokenValid')
+ ->with($token)
+ ->willReturn(true);
$this->assertTrue($request->passesCSRFCheck());
}
@@ -1306,13 +1374,19 @@ class RequestTest extends \Test\TestCase {
'server' => [
'HTTP_REQUESTTOKEN' => 'AAAHGxsTCTc3BgMQESAcNR0OAR0=:MyTotalSecretShareds',
],
- 'requesttoken' => 'MyStoredRequestToken',
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
])
->getMock();
+ $token = new CsrfToken('AAAHGxsTCTc3BgMQESAcNR0OAR0=:MyTotalSecretShareds');
+ $this->csrfTokenManager
+ ->expects($this->once())
+ ->method('isTokenValid')
+ ->with($token)
+ ->willReturn(true);
$this->assertTrue($request->passesCSRFCheck());
}
@@ -1342,14 +1416,21 @@ class RequestTest extends \Test\TestCase {
'server' => [
'HTTP_REQUESTTOKEN' => $invalidToken,
],
- 'requesttoken' => 'MyStoredRequestToken',
],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
])
->getMock();
+ $token = new CsrfToken($invalidToken);
+ $this->csrfTokenManager
+ ->expects($this->any())
+ ->method('isTokenValid')
+ ->with($token)
+ ->willReturn(false);
+
$this->assertFalse($request->passesCSRFCheck());
}
@@ -1361,6 +1442,7 @@ class RequestTest extends \Test\TestCase {
[],
$this->secureRandom,
$this->config,
+ $this->csrfTokenManager,
$this->stream
])
->getMock();
diff --git a/tests/lib/avatarmanagertest.php b/tests/lib/avatarmanagertest.php
index 40d07bb49ae..cb9068c46a6 100644
--- a/tests/lib/avatarmanagertest.php
+++ b/tests/lib/avatarmanagertest.php
@@ -55,7 +55,7 @@ class AvatarManagerTest extends \Test\TestCase {
public function testGetAvatarValidUser() {
$this->userManager->expects($this->once())
- ->method('userExists')
+ ->method('get')
->with('validUser')
->willReturn(true);
diff --git a/tests/lib/avatartest.php b/tests/lib/avatartest.php
index d3e615977cb..e7d78311085 100644
--- a/tests/lib/avatartest.php
+++ b/tests/lib/avatartest.php
@@ -7,24 +7,27 @@
* See the COPYING-README file.
*/
-use OC\Avatar;
use OCP\Files\Folder;
class AvatarTest extends \Test\TestCase {
- /** @var Folder */
+ /** @var Folder | PHPUnit_Framework_MockObject_MockObject */
private $folder;
- /** @var \OC\Avatar */
+ /** @var \OC\Avatar */
private $avatar;
+ /** @var \OC\User\User | PHPUnit_Framework_MockObject_MockObject $user */
+ private $user;
+
public function setUp() {
parent::setUp();
$this->folder = $this->getMock('\OCP\Files\Folder');
+ /** @var \OCP\IL10N | PHPUnit_Framework_MockObject_MockObject $l */
$l = $this->getMock('\OCP\IL10N');
$l->method('t')->will($this->returnArgument(0));
- $this->avatar = new \OC\Avatar($this->folder, $l);
-
+ $this->user = $this->getMockBuilder('\OC\User\User')->disableOriginalConstructor()->getMock();
+ $this->avatar = new \OC\Avatar($this->folder, $l, $this->user);
}
public function testGetNoAvatar() {
@@ -47,6 +50,21 @@ class AvatarTest extends \Test\TestCase {
$this->assertEquals($expected->data(), $this->avatar->get(128)->data());
}
+ public function testGetAvatarSizeMinusOne() {
+ $this->folder->method('nodeExists')
+ ->will($this->returnValueMap([
+ ['avatar.jpg', true],
+ ]));
+
+ $expected = new OC_Image(\OC::$SERVERROOT . '/tests/data/testavatar.png');
+
+ $file = $this->getMock('\OCP\Files\File');
+ $file->method('getContent')->willReturn($expected->data());
+ $this->folder->method('get')->with('avatar.jpg')->willReturn($file);
+
+ $this->assertEquals($expected->data(), $this->avatar->get(-1)->data());
+ }
+
public function testGetAvatarNoSizeMatch() {
$this->folder->method('nodeExists')
->will($this->returnValueMap([
@@ -145,6 +163,9 @@ class AvatarTest extends \Test\TestCase {
->method('putContent')
->with($image->data());
+ // One on remove and once on setting the new avatar
+ $this->user->expects($this->exactly(2))->method('triggerChange');
+
$this->avatar->set($image->data());
}
diff --git a/tests/lib/security/csrf/CsrfTokenGeneratorTest.php b/tests/lib/security/csrf/CsrfTokenGeneratorTest.php
new file mode 100644
index 00000000000..be7434f514f
--- /dev/null
+++ b/tests/lib/security/csrf/CsrfTokenGeneratorTest.php
@@ -0,0 +1,54 @@
+<?php
+/**
+ * @author Lukas Reschke <lukas@owncloud.com>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+class CsrfTokenGeneratorTest extends \Test\TestCase {
+ /** @var \OCP\Security\ISecureRandom */
+ private $random;
+ /** @var \OC\Security\CSRF\CsrfTokenGenerator */
+ private $csrfTokenGenerator;
+
+ public function setUp() {
+ parent::setUp();
+ $this->random = $this->getMockBuilder('\OCP\Security\ISecureRandom')
+ ->disableOriginalConstructor()->getMock();
+ $this->csrfTokenGenerator = new \OC\Security\CSRF\CsrfTokenGenerator($this->random);
+
+ }
+
+ public function testGenerateTokenWithCustomNumber() {
+ $this->random
+ ->expects($this->once())
+ ->method('generate')
+ ->with(3)
+ ->willReturn('abc');
+ $this->assertSame('abc', $this->csrfTokenGenerator->generateToken(3));
+ }
+
+ public function testGenerateTokenWithDefault() {
+ $this->random
+ ->expects($this->once())
+ ->method('generate')
+ ->with(32)
+ ->willReturn('12345678901234567890123456789012');
+ $this->assertSame('12345678901234567890123456789012', $this->csrfTokenGenerator->generateToken(32));
+ }
+}
+
diff --git a/tests/lib/security/csrf/CsrfTokenManagerTest.php b/tests/lib/security/csrf/CsrfTokenManagerTest.php
new file mode 100644
index 00000000000..145fc03c51e
--- /dev/null
+++ b/tests/lib/security/csrf/CsrfTokenManagerTest.php
@@ -0,0 +1,134 @@
+<?php
+/**
+ * @author Lukas Reschke <lukas@owncloud.com>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+class CsrfTokenManagerTest extends \Test\TestCase {
+ /** @var \OC\Security\CSRF\CsrfTokenManager */
+ private $csrfTokenManager;
+ /** @var \OC\Security\CSRF\CsrfTokenGenerator */
+ private $tokenGenerator;
+ /** @var \OC\Security\CSRF\TokenStorage\SessionStorage */
+ private $storageInterface;
+
+ public function setUp() {
+ parent::setUp();
+ $this->tokenGenerator = $this->getMockBuilder('\OC\Security\CSRF\CsrfTokenGenerator')
+ ->disableOriginalConstructor()->getMock();
+ $this->storageInterface = $this->getMockBuilder('\OC\Security\CSRF\TokenStorage\SessionStorage')
+ ->disableOriginalConstructor()->getMock();
+
+ $this->csrfTokenManager = new \OC\Security\CSRF\CsrfTokenManager(
+ $this->tokenGenerator,
+ $this->storageInterface
+ );
+ }
+
+ public function testGetTokenWithExistingToken() {
+ $this->storageInterface
+ ->expects($this->once())
+ ->method('hasToken')
+ ->willReturn(true);
+ $this->storageInterface
+ ->expects($this->once())
+ ->method('getToken')
+ ->willReturn('MyExistingToken');
+
+ $expected = new \OC\Security\CSRF\CsrfToken('MyExistingToken');
+ $this->assertEquals($expected, $this->csrfTokenManager->getToken());
+ }
+
+ public function testGetTokenWithoutExistingToken() {
+ $this->storageInterface
+ ->expects($this->once())
+ ->method('hasToken')
+ ->willReturn(false);
+ $this->tokenGenerator
+ ->expects($this->once())
+ ->method('generateToken')
+ ->willReturn('MyNewToken');
+ $this->storageInterface
+ ->expects($this->once())
+ ->method('setToken')
+ ->with('MyNewToken');
+
+ $expected = new \OC\Security\CSRF\CsrfToken('MyNewToken');
+ $this->assertEquals($expected, $this->csrfTokenManager->getToken());
+ }
+
+ public function testRefreshToken() {
+ $this->tokenGenerator
+ ->expects($this->once())
+ ->method('generateToken')
+ ->willReturn('MyNewToken');
+ $this->storageInterface
+ ->expects($this->once())
+ ->method('setToken')
+ ->with('MyNewToken');
+
+ $expected = new \OC\Security\CSRF\CsrfToken('MyNewToken');
+ $this->assertEquals($expected, $this->csrfTokenManager->refreshToken());
+ }
+
+ public function testRemoveToken() {
+ $this->storageInterface
+ ->expects($this->once())
+ ->method('removeToken');
+
+ $this->csrfTokenManager->removeToken();
+ }
+
+ public function testIsTokenValidWithoutToken() {
+ $this->storageInterface
+ ->expects($this->once())
+ ->method('hasToken')
+ ->willReturn(false);
+ $token = new \OC\Security\CSRF\CsrfToken('Token');
+
+ $this->assertSame(false, $this->csrfTokenManager->isTokenValid($token));
+ }
+
+ public function testIsTokenValidWithWrongToken() {
+ $this->storageInterface
+ ->expects($this->once())
+ ->method('hasToken')
+ ->willReturn(true);
+ $token = new \OC\Security\CSRF\CsrfToken('Token');
+ $this->storageInterface
+ ->expects($this->once())
+ ->method('getToken')
+ ->willReturn('MyToken');
+
+ $this->assertSame(false, $this->csrfTokenManager->isTokenValid($token));
+ }
+
+ public function testIsTokenValidWithValidToken() {
+ $this->storageInterface
+ ->expects($this->once())
+ ->method('hasToken')
+ ->willReturn(true);
+ $token = new \OC\Security\CSRF\CsrfToken('XlQhHjgWCgBXAEI0Khl+IQEiCXN2LUcDHAQTQAc1HQs=:qgkUlg8l3m8WnkOG4XM9Az33pAt1vSVMx4hcJFsxdqc=');
+ $this->storageInterface
+ ->expects($this->once())
+ ->method('getToken')
+ ->willReturn('/3JKTq2ldmzcDr1f5zDJ7Wt0lEgqqfKF');
+
+ $this->assertSame(true, $this->csrfTokenManager->isTokenValid($token));
+ }
+}
diff --git a/tests/lib/security/csrf/CsrfTokenTest.php b/tests/lib/security/csrf/CsrfTokenTest.php
new file mode 100644
index 00000000000..62e6ad112e7
--- /dev/null
+++ b/tests/lib/security/csrf/CsrfTokenTest.php
@@ -0,0 +1,33 @@
+<?php
+/**
+ * @author Lukas Reschke <lukas@owncloud.com>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+class CsrfTokenTest extends \Test\TestCase {
+ public function testGetEncryptedValue() {
+ $csrfToken = new \OC\Security\CSRF\CsrfToken('MyCsrfToken');
+ $this->assertSame(33, strlen($csrfToken->getEncryptedValue()));
+ $this->assertSame(':', $csrfToken->getEncryptedValue()[16]);
+ }
+
+ public function testGetDecryptedValue() {
+ $csrfToken = new \OC\Security\CSRF\CsrfToken('XlQhHjgWCgBXAEI0Khl+IQEiCXN2LUcDHAQTQAc1HQs=:qgkUlg8l3m8WnkOG4XM9Az33pAt1vSVMx4hcJFsxdqc=');
+ $this->assertSame('/3JKTq2ldmzcDr1f5zDJ7Wt0lEgqqfKF', $csrfToken->getDecryptedValue());
+ }
+}
diff --git a/tests/lib/security/csrf/tokenstorage/SessionStorageTest.php b/tests/lib/security/csrf/tokenstorage/SessionStorageTest.php
new file mode 100644
index 00000000000..3a83f6a8c00
--- /dev/null
+++ b/tests/lib/security/csrf/tokenstorage/SessionStorageTest.php
@@ -0,0 +1,107 @@
+<?php
+/**
+ * @author Lukas Reschke <lukas@owncloud.com>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+class SessionStorageTest extends \Test\TestCase {
+ /** @var \OCP\ISession */
+ private $session;
+ /** @var \OC\Security\CSRF\TokenStorage\SessionStorage */
+ private $sessionStorage;
+
+ public function setUp() {
+ parent::setUp();
+ $this->session = $this->getMockBuilder('\OCP\ISession')
+ ->disableOriginalConstructor()->getMock();
+ $this->sessionStorage = new \OC\Security\CSRF\TokenStorage\SessionStorage($this->session);
+ }
+
+ /**
+ * @return array
+ */
+ public function getTokenDataProvider() {
+ return [
+ [
+ '',
+ ],
+ [
+ null,
+ ],
+ ];
+ }
+
+ /**
+ * @param string $token
+ * @dataProvider getTokenDataProvider
+ *
+ * @expectedException \Exception
+ * @expectedExceptionMessage Session does not contain a requesttoken
+ */
+ public function testGetTokenWithEmptyToken($token) {
+ $this->session
+ ->expects($this->once())
+ ->method('get')
+ ->with('requesttoken')
+ ->willReturn($token);
+ $this->sessionStorage->getToken();
+ }
+
+ public function testGetTokenWithValidToken() {
+ $this->session
+ ->expects($this->once())
+ ->method('get')
+ ->with('requesttoken')
+ ->willReturn('MyFancyCsrfToken');
+ $this->assertSame('MyFancyCsrfToken', $this->sessionStorage->getToken());
+ }
+
+ public function testSetToken() {
+ $this->session
+ ->expects($this->once())
+ ->method('set')
+ ->with('requesttoken', 'TokenToSet');
+ $this->sessionStorage->setToken('TokenToSet');
+ }
+
+ public function testRemoveToken() {
+ $this->session
+ ->expects($this->once())
+ ->method('remove')
+ ->with('requesttoken');
+ $this->sessionStorage->removeToken();
+ }
+
+ public function testHasTokenWithExistingToken() {
+ $this->session
+ ->expects($this->once())
+ ->method('exists')
+ ->with('requesttoken')
+ ->willReturn(true);
+ $this->assertSame(true, $this->sessionStorage->hasToken());
+ }
+
+ public function testHasTokenWithoutExistingToken() {
+ $this->session
+ ->expects($this->once())
+ ->method('exists')
+ ->with('requesttoken')
+ ->willReturn(false);
+ $this->assertSame(false, $this->sessionStorage->hasToken());
+ }
+}
diff --git a/tests/lib/util.php b/tests/lib/util.php
index f05a33766b7..7880d56f63b 100644
--- a/tests/lib/util.php
+++ b/tests/lib/util.php
@@ -89,11 +89,6 @@ class Test_Util extends \Test\TestCase {
});
}
- function testCallRegister() {
- $result = strlen(OC_Util::callRegister());
- $this->assertEquals(71, $result);
- }
-
function testSanitizeHTML() {
$badArray = [
'While it is unusual to pass an array',
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-06 15:00:21 +0000