2015-11-10 09:50:59 +00:00
|
|
|
<?php
|
|
|
|
/**
|
2016-07-21 14:49:16 +00:00
|
|
|
* @copyright Copyright (c) 2016, ownCloud, Inc.
|
|
|
|
*
|
2017-11-06 14:56:42 +00:00
|
|
|
* @author Bjoern Schiessle <bjoern@schiessle.org>
|
2016-05-26 17:56:05 +00:00
|
|
|
* @author Björn Schießle <bjoern@schiessle.org>
|
2016-07-21 16:13:36 +00:00
|
|
|
* @author Robin Appelman <robin@icewind.nl>
|
2017-11-06 14:56:42 +00:00
|
|
|
* @author Roeland Jago Douma <roeland@famdouma.nl>
|
2015-11-10 09:50:59 +00:00
|
|
|
*
|
|
|
|
* @license AGPL-3.0
|
|
|
|
*
|
|
|
|
* This code is free software: you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU Affero General Public License, version 3,
|
|
|
|
* as published by the Free Software Foundation.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU Affero General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU Affero General Public License, version 3,
|
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
2016-08-19 12:25:59 +00:00
|
|
|
namespace OCA\Federation\Tests\Controller;
|
2015-11-10 09:50:59 +00:00
|
|
|
|
|
|
|
|
|
|
|
use OC\BackgroundJob\JobList;
|
2016-08-19 12:25:59 +00:00
|
|
|
use OCA\Federation\Controller\OCSAuthAPIController;
|
2015-11-10 09:50:59 +00:00
|
|
|
use OCA\Federation\DbHandler;
|
|
|
|
use OCA\Federation\TrustedServers;
|
2016-08-19 12:25:59 +00:00
|
|
|
use OCP\AppFramework\OCS\OCSForbiddenException;
|
2017-08-01 09:23:40 +00:00
|
|
|
use OCP\AppFramework\Utility\ITimeFactory;
|
2015-12-21 14:48:02 +00:00
|
|
|
use OCP\ILogger;
|
2015-11-10 09:50:59 +00:00
|
|
|
use OCP\IRequest;
|
|
|
|
use OCP\Security\ISecureRandom;
|
|
|
|
use Test\TestCase;
|
|
|
|
|
2016-08-19 12:25:59 +00:00
|
|
|
class OCSAuthAPIControllerTest extends TestCase {
|
2015-11-10 09:50:59 +00:00
|
|
|
|
2017-08-01 09:23:40 +00:00
|
|
|
/** @var \PHPUnit_Framework_MockObject_MockObject|IRequest */
|
2015-11-10 09:50:59 +00:00
|
|
|
private $request;
|
|
|
|
|
2017-08-01 09:23:40 +00:00
|
|
|
/** @var \PHPUnit_Framework_MockObject_MockObject|ISecureRandom */
|
2015-11-10 09:50:59 +00:00
|
|
|
private $secureRandom;
|
|
|
|
|
2017-08-01 09:23:40 +00:00
|
|
|
/** @var \PHPUnit_Framework_MockObject_MockObject|JobList */
|
2015-11-10 09:50:59 +00:00
|
|
|
private $jobList;
|
|
|
|
|
2017-08-01 09:23:40 +00:00
|
|
|
/** @var \PHPUnit_Framework_MockObject_MockObject|TrustedServers */
|
2015-11-10 09:50:59 +00:00
|
|
|
private $trustedServers;
|
|
|
|
|
2017-08-01 09:23:40 +00:00
|
|
|
/** @var \PHPUnit_Framework_MockObject_MockObject|DbHandler */
|
2015-11-10 09:50:59 +00:00
|
|
|
private $dbHandler;
|
|
|
|
|
2017-08-01 09:23:40 +00:00
|
|
|
/** @var \PHPUnit_Framework_MockObject_MockObject|ILogger */
|
2015-12-21 14:48:02 +00:00
|
|
|
private $logger;
|
|
|
|
|
2017-08-01 09:23:40 +00:00
|
|
|
/** @var \PHPUnit_Framework_MockObject_MockObject|ITimeFactory */
|
|
|
|
private $timeFactory;
|
|
|
|
|
|
|
|
|
2016-08-19 12:25:59 +00:00
|
|
|
/** @var OCSAuthAPIController */
|
2015-11-10 09:50:59 +00:00
|
|
|
private $ocsAuthApi;
|
|
|
|
|
2017-07-28 12:43:35 +00:00
|
|
|
/** @var int simulated timestamp */
|
|
|
|
private $currentTime = 1234567;
|
|
|
|
|
2015-11-10 09:50:59 +00:00
|
|
|
public function setUp() {
|
|
|
|
parent::setUp();
|
|
|
|
|
2017-08-01 09:23:40 +00:00
|
|
|
$this->request = $this->createMock(IRequest::class);
|
|
|
|
$this->secureRandom = $this->createMock(ISecureRandom::class);
|
|
|
|
$this->trustedServers = $this->createMock(TrustedServers::class);
|
|
|
|
$this->dbHandler = $this->createMock(DbHandler::class);
|
|
|
|
$this->jobList = $this->createMock(JobList::class);
|
|
|
|
$this->logger = $this->createMock(ILogger::class);
|
|
|
|
$this->timeFactory = $this->createMock(ITimeFactory::class);
|
|
|
|
|
|
|
|
|
|
|
|
$this->ocsAuthApi = new OCSAuthAPIController(
|
|
|
|
'federation',
|
|
|
|
$this->request,
|
|
|
|
$this->secureRandom,
|
|
|
|
$this->jobList,
|
|
|
|
$this->trustedServers,
|
|
|
|
$this->dbHandler,
|
|
|
|
$this->logger,
|
|
|
|
$this->timeFactory
|
|
|
|
);
|
|
|
|
|
|
|
|
$this->timeFactory->method('getTime')
|
|
|
|
->willReturn($this->currentTime);
|
2015-11-10 09:50:59 +00:00
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @dataProvider dataTestRequestSharedSecret
|
|
|
|
*
|
|
|
|
* @param string $token
|
|
|
|
* @param string $localToken
|
|
|
|
* @param bool $isTrustedServer
|
2016-08-19 12:25:59 +00:00
|
|
|
* @param bool $ok
|
2015-11-10 09:50:59 +00:00
|
|
|
*/
|
2016-08-19 12:25:59 +00:00
|
|
|
public function testRequestSharedSecret($token, $localToken, $isTrustedServer, $ok) {
|
2015-11-10 09:50:59 +00:00
|
|
|
|
|
|
|
$url = 'url';
|
|
|
|
|
|
|
|
$this->trustedServers
|
|
|
|
->expects($this->once())
|
|
|
|
->method('isTrustedServer')->with($url)->willReturn($isTrustedServer);
|
|
|
|
$this->dbHandler->expects($this->any())
|
|
|
|
->method('getToken')->with($url)->willReturn($localToken);
|
|
|
|
|
2016-08-19 12:25:59 +00:00
|
|
|
if ($ok) {
|
2015-11-10 09:50:59 +00:00
|
|
|
$this->jobList->expects($this->once())->method('add')
|
2017-07-28 12:43:35 +00:00
|
|
|
->with('OCA\Federation\BackgroundJob\GetSharedSecret', ['url' => $url, 'token' => $token, 'created' => $this->currentTime]);
|
2015-11-10 09:50:59 +00:00
|
|
|
} else {
|
|
|
|
$this->jobList->expects($this->never())->method('add');
|
2016-02-15 15:24:21 +00:00
|
|
|
$this->jobList->expects($this->never())->method('remove');
|
2015-11-10 09:50:59 +00:00
|
|
|
}
|
|
|
|
|
2016-08-19 12:25:59 +00:00
|
|
|
try {
|
2016-08-19 19:41:55 +00:00
|
|
|
$this->ocsAuthApi->requestSharedSecret($url, $token);
|
2016-08-19 12:25:59 +00:00
|
|
|
$this->assertTrue($ok);
|
|
|
|
} catch (OCSForbiddenException $e) {
|
|
|
|
$this->assertFalse($ok);
|
|
|
|
}
|
2015-11-10 09:50:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
public function dataTestRequestSharedSecret() {
|
|
|
|
return [
|
2016-08-19 12:25:59 +00:00
|
|
|
['token2', 'token1', true, true],
|
|
|
|
['token1', 'token2', false, false],
|
|
|
|
['token1', 'token2', true, false],
|
2015-11-10 09:50:59 +00:00
|
|
|
];
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @dataProvider dataTestGetSharedSecret
|
|
|
|
*
|
|
|
|
* @param bool $isTrustedServer
|
|
|
|
* @param bool $isValidToken
|
2016-08-19 12:25:59 +00:00
|
|
|
* @param bool $ok
|
2015-11-10 09:50:59 +00:00
|
|
|
*/
|
2016-08-19 12:25:59 +00:00
|
|
|
public function testGetSharedSecret($isTrustedServer, $isValidToken, $ok) {
|
2015-11-10 09:50:59 +00:00
|
|
|
|
|
|
|
$url = 'url';
|
|
|
|
$token = 'token';
|
|
|
|
|
2016-08-19 12:25:59 +00:00
|
|
|
/** @var OCSAuthAPIController | \PHPUnit_Framework_MockObject_MockObject $ocsAuthApi */
|
|
|
|
$ocsAuthApi = $this->getMockBuilder('OCA\Federation\Controller\OCSAuthAPIController')
|
2015-11-10 09:50:59 +00:00
|
|
|
->setConstructorArgs(
|
|
|
|
[
|
2016-08-19 12:25:59 +00:00
|
|
|
'federation',
|
2015-11-10 09:50:59 +00:00
|
|
|
$this->request,
|
|
|
|
$this->secureRandom,
|
|
|
|
$this->jobList,
|
|
|
|
$this->trustedServers,
|
2015-12-21 14:48:02 +00:00
|
|
|
$this->dbHandler,
|
2017-08-01 09:23:40 +00:00
|
|
|
$this->logger,
|
|
|
|
$this->timeFactory
|
2015-11-10 09:50:59 +00:00
|
|
|
]
|
|
|
|
)->setMethods(['isValidToken'])->getMock();
|
|
|
|
|
|
|
|
$this->trustedServers
|
|
|
|
->expects($this->any())
|
|
|
|
->method('isTrustedServer')->with($url)->willReturn($isTrustedServer);
|
|
|
|
$ocsAuthApi->expects($this->any())
|
|
|
|
->method('isValidToken')->with($url, $token)->willReturn($isValidToken);
|
|
|
|
|
2016-08-19 12:25:59 +00:00
|
|
|
if($ok) {
|
2015-11-10 09:50:59 +00:00
|
|
|
$this->secureRandom->expects($this->once())->method('generate')->with(32)
|
|
|
|
->willReturn('secret');
|
|
|
|
$this->trustedServers->expects($this->once())
|
|
|
|
->method('addSharedSecret')->willReturn($url, 'secret');
|
|
|
|
$this->dbHandler->expects($this->once())
|
|
|
|
->method('addToken')->with($url, '');
|
|
|
|
} else {
|
|
|
|
$this->secureRandom->expects($this->never())->method('getMediumStrengthGenerator');
|
|
|
|
$this->secureRandom->expects($this->never())->method('generate');
|
|
|
|
$this->trustedServers->expects($this->never())->method('addSharedSecret');
|
|
|
|
$this->dbHandler->expects($this->never())->method('addToken');
|
|
|
|
}
|
|
|
|
|
2016-08-19 12:25:59 +00:00
|
|
|
try {
|
2016-08-19 19:41:55 +00:00
|
|
|
$result = $ocsAuthApi->getSharedSecret($url, $token);
|
2016-08-19 12:25:59 +00:00
|
|
|
$this->assertTrue($ok);
|
2015-11-10 09:50:59 +00:00
|
|
|
$data = $result->getData();
|
|
|
|
$this->assertSame('secret', $data['sharedSecret']);
|
2016-08-19 12:25:59 +00:00
|
|
|
} catch (OCSForbiddenException $e) {
|
|
|
|
$this->assertFalse($ok);
|
2015-11-10 09:50:59 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
public function dataTestGetSharedSecret() {
|
|
|
|
return [
|
2016-08-19 12:25:59 +00:00
|
|
|
[true, true, true],
|
|
|
|
[false, true, false],
|
|
|
|
[true, false, false],
|
|
|
|
[false, false, false],
|
2015-11-10 09:50:59 +00:00
|
|
|
];
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|