From 3c4feff028ab87b57a29e5771cde8ba6c5b7e4b0 Mon Sep 17 00:00:00 2001
From: Ferdinand Thiessen <opensource@fthiessen.de>
Date: Sat, 18 Jan 2025 16:28:23 +0100
Subject: fix: Move login via email logic to local backend
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Backends can decide which names they accept for login,
e.g. with user_ldap you can configure arbitrary login fields.
This was a hacky approach to allow login via email,
so instead this is now only handled by the local user backend.

This also fixes some other related problems:
Other logic relys on `backend::get()` which was not handling email,
so e.g. password policy could not block users logged in via email
if they use out-dated passwords.
Similar for other integrations, as the user backend was not consistent with
what is a login name and what not.

Co-authored-by: Ferdinand Thiessen <opensource@fthiessen.de>
Co-authored-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
---
 .../Authentication/Login/EmailLoginCommandTest.php | 148 ---------------------
 1 file changed, 148 deletions(-)
 delete mode 100644 tests/lib/Authentication/Login/EmailLoginCommandTest.php

(limited to 'tests')

diff --git a/tests/lib/Authentication/Login/EmailLoginCommandTest.php b/tests/lib/Authentication/Login/EmailLoginCommandTest.php
deleted file mode 100644
index b34d0d95f4f..00000000000
--- a/tests/lib/Authentication/Login/EmailLoginCommandTest.php
+++ /dev/null
@@ -1,148 +0,0 @@
-<?php
-
-/**
- * SPDX-FileCopyrightText: 2019 Nextcloud GmbH and Nextcloud contributors
- * SPDX-License-Identifier: AGPL-3.0-or-later
- */
-
-declare(strict_types=1);
-
-namespace Test\Authentication\Login;
-
-use OC\Authentication\Login\EmailLoginCommand;
-use OCP\IUser;
-use OCP\IUserManager;
-use PHPUnit\Framework\MockObject\MockObject;
-
-class EmailLoginCommandTest extends ALoginCommandTest {
-	/** @var IUserManager|MockObject */
-	private $userManager;
-
-	protected function setUp(): void {
-		parent::setUp();
-
-		$this->userManager = $this->createMock(IUserManager::class);
-
-		$this->cmd = new EmailLoginCommand(
-			$this->userManager
-		);
-	}
-
-	public function testProcessAlreadyLoggedIn(): void {
-		$data = $this->getLoggedInLoginData();
-
-		$result = $this->cmd->process($data);
-
-		$this->assertTrue($result->isSuccess());
-	}
-
-	public function testProcessNotAnEmailLogin(): void {
-		$data = $this->getFailedLoginData();
-		$this->userManager->expects($this->never())
-			->method('getByEmail')
-			->with($this->username)
-			->willReturn([]);
-
-		$result = $this->cmd->process($data);
-
-		$this->assertTrue($result->isSuccess());
-	}
-
-	public function testProcessDuplicateEmailLogin(): void {
-		$data = $this->getFailedLoginData();
-		$data->setUsername('user@example.com');
-		$this->userManager->expects($this->once())
-			->method('getByEmail')
-			->with('user@example.com')
-			->willReturn([
-				$this->createMock(IUser::class),
-				$this->createMock(IUser::class),
-			]);
-
-		$result = $this->cmd->process($data);
-
-		$this->assertTrue($result->isSuccess());
-	}
-
-	public function testProcessUidIsEmail(): void {
-		$email = 'user@domain.com';
-		$data = $this->getFailedLoginData();
-		$data->setUsername($email);
-		$emailUser = $this->createMock(IUser::class);
-		$emailUser->expects($this->any())
-			->method('getUID')
-			->willReturn($email);
-		$this->userManager->expects($this->once())
-			->method('getByEmail')
-			->with($email)
-			->willReturn([
-				$emailUser,
-			]);
-		$this->userManager->expects($this->never())
-			->method('checkPassword');
-
-		$result = $this->cmd->process($data);
-
-		$this->assertTrue($result->isSuccess());
-		$this->assertFalse($data->getUser());
-		$this->assertEquals($email, $data->getUsername());
-	}
-
-	public function testProcessWrongPassword(): void {
-		$email = 'user@domain.com';
-		$data = $this->getFailedLoginData();
-		$data->setUsername($email);
-		$emailUser = $this->createMock(IUser::class);
-		$emailUser->expects($this->any())
-			->method('getUID')
-			->willReturn('user2');
-		$this->userManager->expects($this->once())
-			->method('getByEmail')
-			->with($email)
-			->willReturn([
-				$emailUser,
-			]);
-		$this->userManager->expects($this->once())
-			->method('checkPassword')
-			->with(
-				'user2',
-				$this->password
-			)
-			->willReturn(false);
-
-		$result = $this->cmd->process($data);
-
-		$this->assertTrue($result->isSuccess());
-		$this->assertFalse($data->getUser());
-		$this->assertEquals($email, $data->getUsername());
-	}
-
-	public function testProcess(): void {
-		$email = 'user@domain.com';
-		$data = $this->getFailedLoginData();
-		$data->setUsername($email);
-		$emailUser = $this->createMock(IUser::class);
-		$emailUser->expects($this->any())
-			->method('getUID')
-			->willReturn('user2');
-		$this->userManager->expects($this->once())
-			->method('getByEmail')
-			->with($email)
-			->willReturn([
-				$emailUser,
-			]);
-		$this->userManager->expects($this->once())
-			->method('checkPassword')
-			->with(
-				'user2',
-				$this->password
-			)
-			->willReturn($emailUser);
-
-		$result = $this->cmd->process($data);
-
-		$this->assertTrue($result->isSuccess());
-		$this->assertEquals($emailUser, $data->getUser());
-		$this->assertEquals('user2', $data->getUsername());
-	}
-}
-- 
cgit v1.2.3