2016-05-03 14:21:49 +00:00
|
|
|
<?php
|
2017-01-02 10:20:22 +00:00
|
|
|
|
2016-07-21 16:13:36 +00:00
|
|
|
/**
|
2016-05-03 14:21:49 +00:00
|
|
|
|
2016-07-21 16:13:36 +00:00
|
|
|
*
|
|
|
|
* @author Christoph Wurst <christoph@owncloud.com>
|
|
|
|
*
|
|
|
|
* @license GNU AGPL version 3 or any later version
|
|
|
|
*
|
|
|
|
* This program is free software: you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU Affero General Public License as
|
|
|
|
* published by the Free Software Foundation, either version 3 of the
|
|
|
|
* License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU Affero General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU Affero General Public License
|
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
*
|
|
|
|
*/
|
2016-05-03 14:21:49 +00:00
|
|
|
use GuzzleHttp\Client;
|
|
|
|
use GuzzleHttp\Exception\ClientException;
|
|
|
|
|
|
|
|
require __DIR__ . '/../../vendor/autoload.php';
|
|
|
|
|
|
|
|
trait Auth {
|
|
|
|
|
|
|
|
private $clientToken;
|
|
|
|
|
|
|
|
/** @BeforeScenario */
|
|
|
|
public function tearUpScenario() {
|
|
|
|
$this->client = new Client();
|
|
|
|
$this->responseXml = '';
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @When requesting :url with :method
|
|
|
|
*/
|
|
|
|
public function requestingWith($url, $method) {
|
|
|
|
$this->sendRequest($url, $method);
|
|
|
|
}
|
|
|
|
|
|
|
|
private function sendRequest($url, $method, $authHeader = null, $useCookies = false) {
|
|
|
|
$fullUrl = substr($this->baseUrl, 0, -5) . $url;
|
|
|
|
try {
|
|
|
|
if ($useCookies) {
|
|
|
|
$request = $this->client->createRequest($method, $fullUrl, [
|
2017-01-02 10:20:22 +00:00
|
|
|
'cookies' => $this->cookieJar,
|
2016-05-03 14:21:49 +00:00
|
|
|
]);
|
|
|
|
} else {
|
|
|
|
$request = $this->client->createRequest($method, $fullUrl);
|
|
|
|
}
|
|
|
|
if ($authHeader) {
|
|
|
|
$request->setHeader('Authorization', $authHeader);
|
|
|
|
}
|
|
|
|
$request->setHeader('OCS_APIREQUEST', 'true');
|
|
|
|
$request->setHeader('requesttoken', $this->requestToken);
|
|
|
|
$this->response = $this->client->send($request);
|
|
|
|
} catch (ClientException $ex) {
|
|
|
|
$this->response = $ex->getResponse();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @Given a new client token is used
|
|
|
|
*/
|
|
|
|
public function aNewClientTokenIsUsed() {
|
2016-09-30 07:58:02 +00:00
|
|
|
$this->loggingInUsingWebAs('user0');
|
|
|
|
|
|
|
|
$fullUrl = substr($this->baseUrl, 0, -5) . '/index.php/settings/personal/authtokens';
|
2016-05-03 14:21:49 +00:00
|
|
|
$client = new Client();
|
2016-09-30 07:58:02 +00:00
|
|
|
$options = [
|
|
|
|
'auth' => ['user0', '123456'],
|
|
|
|
'body' => [
|
|
|
|
'requesttoken' => $this->requestToken,
|
|
|
|
'name' => md5(microtime()),
|
|
|
|
],
|
|
|
|
'cookies' => $this->cookieJar,
|
|
|
|
];
|
|
|
|
|
|
|
|
$resp = $client->send($client->createRequest('POST', $fullUrl, $options));
|
|
|
|
|
2016-05-03 14:21:49 +00:00
|
|
|
$this->clientToken = json_decode($resp->getBody()->getContents())->token;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @When requesting :url with :method using basic auth
|
|
|
|
*/
|
|
|
|
public function requestingWithBasicAuth($url, $method) {
|
2016-05-06 14:31:40 +00:00
|
|
|
$this->sendRequest($url, $method, 'basic ' . base64_encode('user0:123456'));
|
2016-05-03 14:21:49 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @When requesting :url with :method using basic token auth
|
|
|
|
*/
|
|
|
|
public function requestingWithBasicTokenAuth($url, $method) {
|
2016-05-06 14:31:40 +00:00
|
|
|
$this->sendRequest($url, $method, 'basic ' . base64_encode('user0:' . $this->clientToken));
|
2016-05-03 14:21:49 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @When requesting :url with :method using a client token
|
|
|
|
*/
|
|
|
|
public function requestingWithUsingAClientToken($url, $method) {
|
|
|
|
$this->sendRequest($url, $method, 'token ' . $this->clientToken);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @When requesting :url with :method using browser session
|
|
|
|
*/
|
|
|
|
public function requestingWithBrowserSession($url, $method) {
|
|
|
|
$this->sendRequest($url, $method, null, true);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @Given a new browser session is started
|
|
|
|
*/
|
2017-01-02 10:20:22 +00:00
|
|
|
public function aNewBrowserSessionIsStarted($remember = false) {
|
2016-05-03 14:21:49 +00:00
|
|
|
$loginUrl = substr($this->baseUrl, 0, -5) . '/login';
|
|
|
|
// Request a new session and extract CSRF token
|
|
|
|
$client = new Client();
|
2017-01-02 10:20:22 +00:00
|
|
|
$response = $client->get($loginUrl, [
|
|
|
|
'cookies' => $this->cookieJar,
|
|
|
|
]);
|
2016-05-03 14:21:49 +00:00
|
|
|
$this->extracRequestTokenFromResponse($response);
|
|
|
|
|
|
|
|
// Login and extract new token
|
|
|
|
$client = new Client();
|
|
|
|
$response = $client->post(
|
|
|
|
$loginUrl, [
|
2017-01-02 10:20:22 +00:00
|
|
|
'body' => [
|
|
|
|
'user' => 'user0',
|
|
|
|
'password' => '123456',
|
|
|
|
'remember_login' => $remember ? '1' : '0',
|
|
|
|
'requesttoken' => $this->requestToken,
|
|
|
|
],
|
|
|
|
'cookies' => $this->cookieJar,
|
2016-05-03 14:21:49 +00:00
|
|
|
]
|
|
|
|
);
|
|
|
|
$this->extracRequestTokenFromResponse($response);
|
|
|
|
}
|
|
|
|
|
2017-01-02 10:20:22 +00:00
|
|
|
/**
|
|
|
|
* @Given a new remembered browser session is started
|
|
|
|
*/
|
|
|
|
public function aNewRememberedBrowserSessionIsStarted() {
|
|
|
|
$this->aNewBrowserSessionIsStarted(true);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @When the session cookie expires
|
|
|
|
*/
|
|
|
|
public function whenTheSessionCookieExpires() {
|
|
|
|
$this->cookieJar->clearSessionCookies();
|
|
|
|
}
|
|
|
|
|
2016-05-03 14:21:49 +00:00
|
|
|
}
|