* This file is licensed under the Affero General Public License version 3 or * later. * See the COPYING-README file. */ /** * Class for abstraction of filesystem functions * This class won't call any filesystem functions for itself but but will pass them to the correct OC_Filestorage object * this class should also handle all the file permission related stuff * * Hooks provided: * read(path) * write(path, &run) * post_write(path) * create(path, &run) (when a file is created, both create and write will be emitted in that order) * post_create(path) * delete(path, &run) * post_delete(path) * rename(oldpath,newpath, &run) * post_rename(oldpath,newpath) * copy(oldpath,newpath, &run) (if the newpath doesn't exists yes, copy, create and write will be emitted in that order) * post_rename(oldpath,newpath) * * the &run parameter can be set to false to prevent the operation from occurring */ /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ class OC_Filesystem { /** * get the mountpoint of the storage object for a path * ( note: because a storage is not always mounted inside the fakeroot, the * returned mountpoint is relative to the absolute root of the filesystem * and doesn't take the chroot into account ) * * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem * @param string $path * @return string */ static public function getMountPoint($path) { return \OC\Files\Filesystem::getMountPoint($path); } /** * resolve a path to a storage and internal path * * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem * @param string $path * @return array consisting of the storage and the internal path */ static public function resolvePath($path) { return \OC\Files\Filesystem::resolvePath($path); } /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function init($user, $root) { return \OC\Files\Filesystem::init($user, $root); } /** * get the default filesystem view * * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem * @return \OC\Files\View */ static public function getView() { return \OC\Files\Filesystem::getView(); } /** * tear down the filesystem, removing all storage providers * * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function tearDown() { \OC\Files\Filesystem::tearDown(); } /** * @brief get the relative path of the root data directory for the current user * @return string * * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem * Returns path like /admin/files */ static public function getRoot() { return \OC\Files\Filesystem::getRoot(); } /** * clear all mounts and storage backends * * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ public static function clearMounts() { \OC\Files\Filesystem::clearMounts(); } /** * mount an \OC\Files\Storage\Storage in our virtual filesystem * * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem * @param \OC\Files\Storage\Storage $class * @param array $arguments * @param string $mountpoint */ static public function mount($class, $arguments, $mountpoint) { \OC\Files\Filesystem::mount($class, $arguments, $mountpoint); } /** * return the path to a local version of the file * we need this because we can't know if a file is stored local or not from * outside the filestorage and for some purposes a local file is needed * * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem * @param string $path * @return string */ static public function getLocalFile($path) { return \OC\Files\Filesystem::getLocalFile($path); } /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem * @param string $path * @return string */ static public function getLocalFolder($path) { return \OC\Files\Filesystem::getLocalFolder($path); } /** * return path to file which reflects one visible in browser * * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem * @param string $path * @return string */ static public function getLocalPath($path) { return \OC\Files\Filesystem::getLocalPath($path); } /** * check if the requested path is valid * * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem * @param string $path * @return bool */ static public function isValidPath($path) { return \OC\Files\Filesystem::isValidPath($path); } /** * checks if a file is blacklisted for storage in the filesystem * Listens to write and rename hooks * * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem * @param array $data from hook */ static public function isBlacklisted($data) { \OC\Files\Filesystem::isBlacklisted($data); } /** * following functions are equivalent to their php builtin equivalents for arguments/return values. * * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function mkdir($path) { return \OC\Files\Filesystem::mkdir($path); } /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function rmdir($path) { return \OC\Files\Filesystem::rmdir($path); } /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function opendir($path) { return \OC\Files\Filesystem::opendir($path); } /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function readdir($path) { return \OC\Files\Filesystem::readdir($path); } /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function is_dir($path) { return \OC\Files\Filesystem::is_dir($path); } /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function is_file($path) { return \OC\Files\Filesystem::is_file($path); } /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function stat($path) { return \OC\Files\Filesystem::stat($path); } /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function filetype($path) { return \OC\Files\Filesystem::filetype($path); } /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function filesize($path) { return \OC\Files\Filesystem::filesize($path); } /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function readfile($path) { return \OC\Files\Filesystem::readfile($path); } /** * @deprecated Replaced by isReadable() as part of CRUDS */ static public function is_readable($path) { return \OC\Files\Filesystem::isReadable($path); } /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function isCreatable($path) { return \OC\Files\Filesystem::isCreatable($path); } /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function isReadable($path) { return \OC\Files\Filesystem::isReadable($path); } /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function isUpdatable($path) { return \OC\Files\Filesystem::isUpdatable($path); } /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function isDeletable($path) { return \OC\Files\Filesystem::isDeletable($path); } /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function isSharable($path) { return \OC\Files\Filesystem::isSharable($path); } /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function file_exists($path) { return \OC\Files\Filesystem::file_exists($path); } /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function filemtime($path) { return \OC\Files\Filesystem::filemtime($path); } /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function touch($path, $mtime = null) { return \OC\Files\Filesystem::touch($path, $mtime); } /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function file_get_contents($path) { return \OC\Files\Filesystem::file_get_contents($path); } /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function file_put_contents($path, $data) { return \OC\Files\Filesystem::file_put_contents($path, $data); } /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function unlink($path) { return \OC\Files\Filesystem::unlink($path); } /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function rename($path1, $path2) { return \OC\Files\Filesystem::rename($path1, $path2); } /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function copy($path1, $path2) { return \OC\Files\Filesystem::copy($path1, $path2); } /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function fopen($path, $mode) { return \OC\Files\Filesystem::fopen($path, $mode); } /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function toTmpFile($path) { return \OC\Files\Filesystem::toTmpFile($path); } /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function fromTmpFile($tmpFile, $path) { return \OC\Files\Filesystem::fromTmpFile($tmpFile, $path); } /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function getMimeType($path) { return \OC\Files\Filesystem::getMimeType($path); } /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function hash($type, $path, $raw = false) { return \OC\Files\Filesystem::hash($type, $path, $raw); } /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function free_space($path = '/') { return \OC\Files\Filesystem::free_space($path); } /** * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem */ static public function search($query) { return \OC\Files\Filesystem::search($query); } /** * check if a file or folder has been updated since $time * * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem * @param string $path * @param int $time * @return bool */ static public function hasUpdated($path, $time) { return \OC\Files\Filesystem::hasUpdated($path, $time); } /** * normalize a path * * @deprecated OC_Filesystem is replaced by \OC\Files\Filesystem * @param string $path * @param bool $stripTrailingSlash * @return string */ public static function normalizePath($path, $stripTrailingSlash = true) { return \OC\Files\Filesystem::normalizePath($path, $stripTrailingSlash); } } n_before_s3_upload'>artonge/optim/close_connection_before_s3_upload Nextcloud server, a safe home for all your data: https://github.com/nextcloud/serverwww-data
aboutsummaryrefslogtreecommitdiffstats
path: root/tests/lib/Security/CSRF/CsrfTokenManagerTest.php
blob: 66ee18475a488c85a67d7ebf2e97e273b1a1d117 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148

<?php

declare(strict_types=1);

/**
 * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
 * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
 * SPDX-License-Identifier: AGPL-3.0-only
 */

namespace Test\Security\CSRF;

use OC\Security\CSRF\CsrfToken;
use OC\Security\CSRF\CsrfTokenManager;

class CsrfTokenManagerTest extends \Test\TestCase {
	/** @var \OC\Security\CSRF\CsrfTokenManager */
	private $csrfTokenManager;
	/** @var \OC\Security\CSRF\CsrfTokenGenerator */
	private $tokenGenerator;
	/** @var \OC\Security\CSRF\TokenStorage\SessionStorage */
	private $storageInterface;

	protected function setUp(): void {
		parent::setUp();
		$this->tokenGenerator = $this->getMockBuilder('\OC\Security\CSRF\CsrfTokenGenerator')
			->disableOriginalConstructor()->getMock();
		$this->storageInterface = $this->getMockBuilder('\OC\Security\CSRF\TokenStorage\SessionStorage')
			->disableOriginalConstructor()->getMock();

		$this->csrfTokenManager = new CsrfTokenManager(
			$this->tokenGenerator,
			$this->storageInterface
		);
	}

	public function testGetTokenWithExistingToken(): void {
		$this->storageInterface
			->expects($this->once())
			->method('hasToken')
			->willReturn(true);
		$this->storageInterface
			->expects($this->once())
			->method('getToken')
			->willReturn('MyExistingToken');

		$expected = new CsrfToken('MyExistingToken');
		$this->assertEquals($expected, $this->csrfTokenManager->getToken());
	}

	public function testGetTokenWithExistingTokenKeepsOnSecondRequest(): void {
		$this->storageInterface
			->expects($this->once())
			->method('hasToken')
			->willReturn(true);
		$this->storageInterface
			->expects($this->once())
			->method('getToken')
			->willReturn('MyExistingToken');

		$expected = new CsrfToken('MyExistingToken');
		$token = $this->csrfTokenManager->getToken();
		$this->assertSame($token, $this->csrfTokenManager->getToken());
		$this->assertSame($token, $this->csrfTokenManager->getToken());
	}

	public function testGetTokenWithoutExistingToken(): void {
		$this->storageInterface
			->expects($this->once())
			->method('hasToken')
			->willReturn(false);
		$this->tokenGenerator
			->expects($this->once())
			->method('generateToken')
			->willReturn('MyNewToken');
		$this->storageInterface
			->expects($this->once())
			->method('setToken')
			->with('MyNewToken');

		$expected = new CsrfToken('MyNewToken');
		$this->assertEquals($expected, $this->csrfTokenManager->getToken());
	}

	public function testRefreshToken(): void {
		$this->tokenGenerator
			->expects($this->once())
			->method('generateToken')
			->willReturn('MyNewToken');
		$this->storageInterface
			->expects($this->once())
			->method('setToken')
			->with('MyNewToken');

		$expected = new CsrfToken('MyNewToken');
		$this->assertEquals($expected, $this->csrfTokenManager->refreshToken());
	}

	public function testRemoveToken(): void {
		$this->storageInterface
			->expects($this->once())
			->method('removeToken');

		$this->csrfTokenManager->removeToken();
	}

	public function testIsTokenValidWithoutToken(): void {
		$this->storageInterface
			->expects($this->once())
			->method('hasToken')
			->willReturn(false);
		$token = new CsrfToken('Token');

		$this->assertSame(false, $this->csrfTokenManager->isTokenValid($token));
	}

	public function testIsTokenValidWithWrongToken(): void {
		$this->storageInterface
			->expects($this->once())
			->method('hasToken')
			->willReturn(true);
		$token = new CsrfToken('Token');
		$this->storageInterface
			->expects($this->once())
			->method('getToken')
			->willReturn('MyToken');

		$this->assertSame(false, $this->csrfTokenManager->isTokenValid($token));
	}

	public function testIsTokenValidWithValidToken(): void {
		$a = 'abc';
		$b = 'def';
		$xorB64 = 'BQcF';
		$tokenVal = sprintf('%s:%s', $xorB64, base64_encode($a));
		$this->storageInterface
			->expects($this->once())
			->method('hasToken')
			->willReturn(true);
		$token = new CsrfToken($tokenVal);
		$this->storageInterface
			->expects($this->once())
			->method('getToken')
			->willReturn($b);

		$this->assertSame(true, $this->csrfTokenManager->isTokenValid($token));
	}
}