From a20de15b4388e4d57b0fb26eaeca98cd6ba817f8 Mon Sep 17 00:00:00 2001
From: Arthur Schiwon <blizzz@arthur-schiwon.de>
Date: Wed, 25 Aug 2021 12:44:38 +0200
Subject: add a job to clean up expired verification tokens

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
---
 .../VerificationToken/VerificationTokenTest.php    | 41 ++++++++++++++++++++--
 1 file changed, 39 insertions(+), 2 deletions(-)

(limited to 'tests')

diff --git a/tests/lib/Security/VerificationToken/VerificationTokenTest.php b/tests/lib/Security/VerificationToken/VerificationTokenTest.php
index d1faf18dd8f..4d90e304ab7 100644
--- a/tests/lib/Security/VerificationToken/VerificationTokenTest.php
+++ b/tests/lib/Security/VerificationToken/VerificationTokenTest.php
@@ -28,6 +28,7 @@ namespace Test\Security\VerificationToken;
 
 use OC\Security\VerificationToken\VerificationToken;
 use OCP\AppFramework\Utility\ITimeFactory;
+use OCP\BackgroundJob\IJobList;
 use OCP\IConfig;
 use OCP\IUser;
 use OCP\Security\ICrypto;
@@ -54,12 +55,14 @@ class VerificationTokenTest extends TestCase {
 		$this->crypto = $this->createMock(ICrypto::class);
 		$this->timeFactory = $this->createMock(ITimeFactory::class);
 		$this->secureRandom = $this->createMock(ISecureRandom::class);
+		$this->jobList = $this->createMock(IJobList::class);
 
 		$this->token = new VerificationToken(
 			$this->config,
 			$this->crypto,
 			$this->timeFactory,
-			$this->secureRandom
+			$this->secureRandom,
+			$this->jobList
 		);
 	}
 
@@ -177,13 +180,47 @@ class VerificationTokenTest extends TestCase {
 
 		$this->timeFactory->expects($this->any())
 			->method('getTime')
-			->willReturn(604801);
+			->willReturn(604800 * 3);
 
 		$this->expectException(InvalidTokenException::class);
 		$this->expectExceptionCode(InvalidTokenException::TOKEN_EXPIRED);
 		$this->token->check('encryptedToken', $user, 'fingerprintToken', 'foobar');
 	}
 
+	public function testTokenExpiredByLogin() {
+		$user = $this->createMock(IUser::class);
+		$user->expects($this->atLeastOnce())
+			->method('isEnabled')
+			->willReturn(true);
+		$user->expects($this->atLeastOnce())
+			->method('getUID')
+			->willReturn('alice');
+		$user->expects($this->any())
+			->method('getLastLogin')
+			->willReturn(604803);
+
+		$this->config->expects($this->atLeastOnce())
+			->method('getUserValue')
+			->with('alice', 'core', 'fingerprintToken', null)
+			->willReturn('encryptedToken');
+		$this->config->expects($this->any())
+			->method('getSystemValue')
+			->with('secret')
+			->willReturn('357111317');
+
+		$this->crypto->method('decrypt')
+			->with('encryptedToken', 'foobar' . '357111317')
+			->willReturn('604800:mY70K3n');
+
+		$this->timeFactory->expects($this->any())
+			->method('getTime')
+			->willReturn(604801);
+
+		$this->expectException(InvalidTokenException::class);
+		$this->expectExceptionCode(InvalidTokenException::TOKEN_EXPIRED);
+		$this->token->check('encryptedToken', $user, 'fingerprintToken', 'foobar', true);
+	}
+
 	public function testTokenMismatch() {
 		$user = $this->createMock(IUser::class);
 		$user->expects($this->atLeastOnce())
-- 
cgit v1.2.3