wbrawner/server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request #24703 from owncloud/personal-settings-auth-tokens

Browse source 
Personal settings auth tokens
This commit is contained in:
Vincent Petry 2016-05-23 14:17:01 +02:00
commit 57525a02f8
19 changed files with 826 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
lib/private/Authentication/Token/DefaultToken.php
View file

@ -28,7 +28,6 @@ use OCP\AppFramework\Db\Entity;
* @method void setId(int $id)
* @method void setUid(string $uid);
* @method void setPassword(string $password)
* @method string getPassword()
* @method void setName(string $name)
* @method string getName()
* @method void setToken(string $token)
@ -87,4 +86,13 @@ class DefaultToken extends Entity implements IToken {
return parent::getPassword();
}
public function jsonSerialize() {
return [
'id' => $this->id,
'name' => $this->name,
'lastActivity' => $this->lastActivity,
'type' => $this->type,
];
}
}

13
lib/private/Authentication/Token/DefaultTokenMapper.php
View file

@ -111,4 +111,17 @@ class DefaultTokenMapper extends Mapper {
return $entities;
}
/**
* @param IUser $user
* @param int $id
*/
public function deleteById(IUser $user, $id) {
/* @var $qb IQueryBuilder */
$qb = $this->db->getQueryBuilder();
$qb->delete('authtoken')
->where($qb->expr()->eq('id', $qb->createNamedParameter($id)))
->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())));
$qb->execute();
}
}

12
lib/private/Authentication/Token/DefaultTokenProvider.php
View file

@ -134,6 +134,7 @@ class DefaultTokenProvider implements IProvider {
/**
* @param IToken $savedToken
* @param string $tokenId session token
* @throws InvalidTokenException
* @return string
*/
public function getPassword(IToken $savedToken, $tokenId) {
@ -149,6 +150,16 @@ class DefaultTokenProvider implements IProvider {
$this->mapper->invalidate($this->hashToken($token));
}
/**
* Invalidate (delete) the given token
*
* @param IUser $user
* @param int $id
*/
public function invalidateTokenById(IUser $user, $id) {
$this->mapper->deleteById($user, $id);
}
/**
* Invalidate (delete) old session tokens
*/
@ -203,6 +214,7 @@ class DefaultTokenProvider implements IProvider {
*
* @param string $password
* @param string $token
* @throws InvalidTokenException
* @return string the decrypted key
*/
private function decryptPassword($password, $token) {

13
lib/private/Authentication/Token/IProvider.php
View file

@ -35,7 +35,7 @@ interface IProvider {
* @param string $password
* @param string $name
* @param int $type token type
* @return DefaultToken
* @return IToken
*/
public function generateToken($token, $uid, $password, $name, $type = IToken::TEMPORARY_TOKEN);
@ -47,7 +47,7 @@ interface IProvider {
* @return IToken
*/
public function getToken($tokenId) ;
/**
* @param string $token
* @throws InvalidTokenException
@ -62,6 +62,14 @@ interface IProvider {
*/
public function invalidateToken($token);
/**
* Invalidate (delete) the given token
*
* @param IUser $user
* @param int $id
*/
public function invalidateTokenById(IUser $user, $id);
/**
* Update token activity timestamp
*
@ -85,6 +93,7 @@ interface IProvider {
*
* @param IToken $token
* @param string $tokenId
* @throws InvalidTokenException
* @return string
*/
public function getPassword(IToken $token, $tokenId);

6
lib/private/Authentication/Token/IToken.php
View file

@ -22,7 +22,9 @@
namespace OC\Authentication\Token;
interface IToken {
use JsonSerializable;
interface IToken extends JsonSerializable {
const TEMPORARY_TOKEN = 0;
const PERMANENT_TOKEN = 1;
@ -30,7 +32,7 @@ interface IToken {
/**
* Get the token ID
*
* @return string
* @return int
*/
public function getId();

3
lib/private/Server.php
View file

@ -223,6 +223,7 @@ class Server extends ServerContainer implements IServerContainer {
$timeFactory = new TimeFactory();
return new \OC\Authentication\Token\DefaultTokenProvider($mapper, $crypto, $config, $logger, $timeFactory);
});
$this->registerAlias('OC\Authentication\Token\IProvider', 'OC\Authentication\Token\DefaultTokenProvider');
$this->registerService('UserSession', function (Server $c) {
$manager = $c->getUserManager();
$session = new \OC\Session\Memory('');
@ -230,7 +231,7 @@ class Server extends ServerContainer implements IServerContainer {
// Token providers might require a working database. This code
// might however be called when ownCloud is not yet setup.
if (\OC::$server->getSystemConfig()->getValue('installed', false)) {
$defaultTokenProvider = $c->query('OC\Authentication\Token\DefaultTokenProvider');
$defaultTokenProvider = $c->query('OC\Authentication\Token\IProvider');
} else {
$defaultTokenProvider = null;
}

18
settings/Application.php
View file

@ -29,7 +29,9 @@
namespace OC\Settings;
use OC\Files\View;
use OC\Server;
use OC\Settings\Controller\AppSettingsController;
use OC\Settings\Controller\AuthSettingsController;
use OC\Settings\Controller\CertificateController;
use OC\Settings\Controller\CheckSetupController;
use OC\Settings\Controller\EncryptionController;
@ -39,10 +41,9 @@ use OC\Settings\Controller\MailSettingsController;
use OC\Settings\Controller\SecuritySettingsController;
use OC\Settings\Controller\UsersController;
use OC\Settings\Middleware\SubadminMiddleware;
use \OCP\AppFramework\App;
use OCP\AppFramework\App;
use OCP\IContainer;
use \OCP\Util;
use OC\Server;
use OCP\Util;
/**
* @package OC\Settings
@ -97,6 +98,17 @@ class Application extends App {
$c->query('OcsClient')
);
});
$container->registerService('AuthSettingsController', function(IContainer $c) {
return new AuthSettingsController(
$c->query('AppName'),
$c->query('Request'),
$c->query('ServerContainer')->query('OC\Authentication\Token\IProvider'),
$c->query('UserManager'),
$c->query('ServerContainer')->getSession(),
$c->query('ServerContainer')->getSecureRandom(),
$c->query('UserId')
);
});
$container->registerService('SecuritySettingsController', function(IContainer $c) {
return new SecuritySettingsController(
$c->query('AppName'),

151
settings/Controller/AuthSettingsController.php Normal file
View file

@ -0,0 +1,151 @@
<?php
/**
* @author Christoph Wurst <christoph@owncloud.com>
*
* @copyright Copyright (c) 2016, ownCloud, Inc.
* @license AGPL-3.0
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
namespace OC\Settings\Controller;
use OC\AppFramework\Http;
use OC\Authentication\Exceptions\InvalidTokenException;
use OC\Authentication\Token\IProvider;
use OC\Authentication\Token\IToken;
use OCP\AppFramework\Controller;
use OCP\AppFramework\Http\JSONResponse;
use OCP\IRequest;
use OCP\ISession;
use OCP\IUserManager;
use OCP\Security\ISecureRandom;
use OCP\Session\Exceptions\SessionNotAvailableException;
class AuthSettingsController extends Controller {
/** @var IProvider */
private $tokenProvider;
/** @var IUserManager */
private $userManager;
/** @var ISession */
private $session;
/** @var string */
private $uid;
/** @var ISecureRandom */
private $random;
/**
* @param string $appName
* @param IRequest $request
* @param IProvider $tokenProvider
* @param IUserManager $userManager
* @param ISession $session
* @param ISecureRandom $random
* @param string $uid
*/
public function __construct($appName, IRequest $request, IProvider $tokenProvider, IUserManager $userManager,
ISession $session, ISecureRandom $random, $uid) {
parent::__construct($appName, $request);
$this->tokenProvider = $tokenProvider;
$this->userManager = $userManager;
$this->uid = $uid;
$this->session = $session;
$this->random = $random;
}
/**
* @NoAdminRequired
* @NoSubadminRequired
*
* @return JSONResponse
*/
public function index() {
$user = $this->userManager->get($this->uid);
if (is_null($user)) {
return [];
}
return $this->tokenProvider->getTokenByUser($user);
}
/**
* @NoAdminRequired
* @NoSubadminRequired
*
* @return JSONResponse
*/
public function create($name) {
try {
$sessionId = $this->session->getId();
} catch (SessionNotAvailableException $ex) {
$resp = new JSONResponse();
$resp->setStatus(Http::STATUS_SERVICE_UNAVAILABLE);
return $resp;
}
try {
$sessionToken = $this->tokenProvider->getToken($sessionId);
$password = $this->tokenProvider->getPassword($sessionToken, $sessionId);
} catch (InvalidTokenException $ex) {
$resp = new JSONResponse();
$resp->setStatus(Http::STATUS_SERVICE_UNAVAILABLE);
return $resp;
}
$token = $this->generateRandomDeviceToken();
$deviceToken = $this->tokenProvider->generateToken($token, $this->uid, $password, $name, IToken::PERMANENT_TOKEN);
return [
'token' => $token,
'deviceToken' => $deviceToken
];
}
/**
* Return a 20 digit device password
*
* Example: ABCDE-FGHIJ-KLMNO-PQRST
*
* @return string
*/
private function generateRandomDeviceToken() {
$groups = [];
for ($i = 0; $i < 4; $i++) {
$groups[] = $this->random->generate(5, implode('', range('A', 'Z')));
}
return implode('-', $groups);
}
/**
* @NoAdminRequired
* @NoSubadminRequired
*
* @return JSONResponse
*/
public function destroy($id) {
$user = $this->userManager->get($this->uid);
if (is_null($user)) {
return [];
}
$this->tokenProvider->invalidateTokenById($user, $id);
return [];
}
}

33
settings/css/settings.css
View file

@ -100,6 +100,39 @@ input#identity {
table.nostyle label { margin-right: 2em; }
table.nostyle td { padding: 0.2em 0; }
#sessions table,
#devices table {
width: 100%;
min-height: 150px;
padding-top: 25px;
}
#sessions table th,
#devices table th {
font-weight: 800;
}
#sessions table th,
#sessions table td,
#devices table th,
#devices table td {
padding: 10px;
}
#sessions .token-list td,
#devices .token-list td {
border-top: 1px solid #DDD;
}
#sessions .token-list td a.icon-delete,
#devices .token-list td a.icon-delete {
display: block;
opacity: 0.6;
}
#device-new-token {
width: 186px;
font-family: monospace;
background-color: lightyellow;
}
/* USERS */
#newgroup-init a span { margin-left: 20px; }
#newgroup-init a span:before {

33
settings/js/authtoken.js Normal file
View file

@ -0,0 +1,33 @@
/* global Backbone */
/**
* @author Christoph Wurst <christoph@owncloud.com>
*
* @copyright Copyright (c) 2016, ownCloud, Inc.
* @license AGPL-3.0
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
(function(OC, Backbone) {
'use strict';
OC.Settings = OC.Settings || {};
var AuthToken = Backbone.Model.extend({
});
OC.Settings.AuthToken = AuthToken;
})(OC, Backbone);

52
settings/js/authtoken_collection.js Normal file
View file

@ -0,0 +1,52 @@
/* global Backbone */
/**
* @author Christoph Wurst <christoph@owncloud.com>
*
* @copyright Copyright (c) 2016, ownCloud, Inc.
* @license AGPL-3.0
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
(function(OC, Backbone) {
'use strict';
OC.Settings = OC.Settings || {};
var AuthTokenCollection = Backbone.Collection.extend({
model: OC.Settings.AuthToken,
/**
* Show recently used sessions/devices first
*
* @param {OC.Settigns.AuthToken} t1
* @param {OC.Settigns.AuthToken} t2
* @returns {Boolean}
*/
comparator: function (t1, t2) {
var ts1 = parseInt(t1.get('lastActivity'), 10);
var ts2 = parseInt(t2.get('lastActivity'), 10);
return ts1 < ts2;
},
tokenType: null,
url: OC.generateUrl('/settings/personal/authtokens')
});
OC.Settings.AuthTokenCollection = AuthTokenCollection;
})(OC, Backbone);

242
settings/js/authtoken_view.js Normal file
View file

@ -0,0 +1,242 @@
/* global Backbone, Handlebars, moment */
/**
* @author Christoph Wurst <christoph@owncloud.com>
*
* @copyright Copyright (c) 2016, ownCloud, Inc.
* @license AGPL-3.0
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
(function(OC, _, Backbone, $, Handlebars, moment) {
'use strict';
OC.Settings = OC.Settings || {};
var TEMPLATE_TOKEN =
'<tr data-id="{{id}}">'
+ '<td>{{name}}</td>'
+ '<td><span class="last-activity" title="{{lastActivityTime}}">{{lastActivity}}</span></td>'
+ '<td><a class="icon-delete" title="' + t('core', 'Disconnect') + '"></a></td>'
+ '<tr>';
var SubView = Backbone.View.extend({
collection: null,
/**
* token type
* - 0: browser
* - 1: device
*
* @see OC\Authentication\Token\IToken
*/
type: 0,
_template: undefined,
template: function(data) {
if (_.isUndefined(this._template)) {
this._template = Handlebars.compile(TEMPLATE_TOKEN);
}
return this._template(data);
},
initialize: function(options) {
this.type = options.type;
this.collection = options.collection;
this.on(this.collection, 'change', this.render);
},
render: function() {
var _this = this;
var list = this.$('.token-list');
var tokens = this.collection.filter(function(token) {
return parseInt(token.get('type'), 10) === _this.type;
});
list.html('');
// Show header only if there are tokens to show
console.log(tokens.length > 0);
this._toggleHeader(tokens.length > 0);
tokens.forEach(function(token) {
var viewData = token.toJSON();
var ts = viewData.lastActivity * 1000;
viewData.lastActivity = OC.Util.relativeModifiedDate(ts);
viewData.lastActivityTime = OC.Util.formatDate(ts, 'LLL');
var html = _this.template(viewData);
var $html = $(html);
$html.find('.last-activity').tooltip();
$html.find('.icon-delete').tooltip();
list.append($html);
});
},
toggleLoading: function(state) {
this.$('.token-list').toggleClass('icon-loading', state);
},
_toggleHeader: function(show) {
this.$('.hidden-when-empty').toggleClass('hidden', !show);
}
});
var AuthTokenView = Backbone.View.extend({
collection: null,
_views: [],
_form: undefined,
_tokenName: undefined,
_addTokenBtn: undefined,
_result: undefined,
_newToken: undefined,
_hideTokenBtn: undefined,
_addingToken: false,
initialize: function(options) {
this.collection = options.collection;
var tokenTypes = [0, 1];
var _this = this;
_.each(tokenTypes, function(type) {
var el = type === 0 ? '#sessions' : '#devices';
_this._views.push(new SubView({
el: el,
type: type,
collection: _this.collection
}));
var $el = $(el);
$el.on('click', 'a.icon-delete', _.bind(_this._onDeleteToken, _this));
});
this._form = $('#device-token-form');
this._tokenName = $('#device-token-name');
this._addTokenBtn = $('#device-add-token');
this._addTokenBtn.click(_.bind(this._addDeviceToken, this));
this._result = $('#device-token-result');
this._newToken = $('#device-new-token');
this._newToken.on('focus', _.bind(this._onNewTokenFocus, this));
this._hideTokenBtn = $('#device-token-hide');
this._hideTokenBtn.click(_.bind(this._hideToken, this));
},
render: function() {
_.each(this._views, function(view) {
view.render();
view.toggleLoading(false);
});
},
reload: function() {
var _this = this;
_.each(this._views, function(view) {
view.toggleLoading(true);
});
var loadingTokens = this.collection.fetch();
$.when(loadingTokens).done(function() {
_this.render();
});
$.when(loadingTokens).fail(function() {
OC.Notification.showTemporary(t('core', 'Error while loading browser sessions and device tokens'));
});
},
_addDeviceToken: function() {
var _this = this;
this._toggleAddingToken(true);
var deviceName = this._tokenName.val();
var creatingToken = $.ajax(OC.generateUrl('/settings/personal/authtokens'), {
method: 'POST',
data: {
name: deviceName
}
});
$.when(creatingToken).done(function(resp) {
_this.collection.add(resp.deviceToken);
_this.render();
_this._newToken.val(resp.token);
_this._toggleFormResult(false);
_this._newToken.select();
_this._tokenName.val('');
});
$.when(creatingToken).fail(function() {
OC.Notification.showTemporary(t('core', 'Error while creating device token'));
});
$.when(creatingToken).always(function() {
_this._toggleAddingToken(false);
});
},
_onNewTokenFocus: function() {
this._newToken.select();
},
_hideToken: function() {
this._toggleFormResult(true);
},
_toggleAddingToken: function(state) {
this._addingToken = state;
this._addTokenBtn.toggleClass('icon-loading-small', state);
},
_onDeleteToken: function(event) {
var $target = $(event.target);
var $row = $target.closest('tr');
var id = $row.data('id');
var token = this.collection.get(id);
if (_.isUndefined(token)) {
// Ignore event
return;
}
var destroyingToken = token.destroy();
var _this = this;
$.when(destroyingToken).fail(function() {
OC.Notification.showTemporary(t('core', 'Error while deleting the token'));
});
$.when(destroyingToken).always(function() {
_this.render();
});
},
_toggleFormResult: function(showForm) {
this._form.toggleClass('hidden', !showForm);
this._result.toggleClass('hidden', showForm);
}
});
OC.Settings.AuthTokenView = AuthTokenView;
})(OC, _, Backbone, $, Handlebars, moment);

7
settings/js/personal.js
View file

@ -361,6 +361,13 @@ $(document).ready(function () {
if (oc_config.enable_avatars) {
$('#avatar .avatardiv').avatar(OC.currentUser, 145);
}
// Show token views
var collection = new OC.Settings.AuthTokenCollection();
var view = new OC.Settings.AuthTokenView({
collection: collection
});
view.reload();
});
if (!OC.Encryption) {

5
settings/personal.php
View file

@ -42,6 +42,9 @@ $config = \OC::$server->getConfig();
$urlGenerator = \OC::$server->getURLGenerator();
// Highlight navigation entry
OC_Util::addScript('settings', 'authtoken');
OC_Util::addScript('settings', 'authtoken_collection');
OC_Util::addScript('settings', 'authtoken_view');
OC_Util::addScript( 'settings', 'personal' );
OC_Util::addScript('settings', 'certificates');
OC_Util::addStyle( 'settings', 'settings' );
@ -171,6 +174,8 @@ $tmpl->assign('groups', $groups2);
// add hardcoded forms from the template
$formsAndMore = [];
$formsAndMore[]= ['anchor' => 'avatar', 'section-name' => $l->t('Personal info')];
$formsAndMore[]= ['anchor' => 'sessions', 'section-name' => $l->t('Sessions')];
$formsAndMore[]= ['anchor' => 'devices', 'section-name' => $l->t('Devices')];
$formsAndMore[]= ['anchor' => 'clientsbox', 'section-name' => $l->t('Sync clients')];
$forms=OC_App::getForms('personal');

3
settings/routes.php
View file

@ -36,7 +36,8 @@ $application = new Application();
$application->registerRoutes($this, [
'resources' => [
'groups' => ['url' => '/settings/users/groups'],
'users' => ['url' => '/settings/users/users']
'users' => ['url' => '/settings/users/users'],
'AuthSettings' => ['url' => '/settings/personal/authtokens'],
],
'routes' => [
['name' => 'MailSettings#setMailSettings', 'url' => '/settings/admin/mailsettings', 'verb' => 'POST'],

41
settings/templates/personal.php
View file

@ -139,6 +139,47 @@ if($_['passwordChangeSupported']) {
}
?>
<div id="sessions" class="section">
<h2><?php p($l->t('Sessions'));?></h2>
<span class="hidden-when-empty"><?php p($l->t('These are the web browsers currently logged in to your ownCloud.'));?></span>
<table>
<thead class="token-list-header">
<tr>
<th><?php p($l->t('Browser'));?></th>
<th><?php p($l->t('Most recent activity'));?></th>
<th></th>
</tr>
</thead>
<tbody class="token-list icon-loading">
</tbody>
</table>
</div>
<div id="devices" class="section">
<h2><?php p($l->t('Devices'));?></h2>
<span class="hidden-when-empty"><?php p($l->t("You've linked these devices."));?></span>
<table>
<thead class="hidden-when-empty">
<tr>
<th><?php p($l->t('Name'));?></th>
<th><?php p($l->t('Most recent activity'));?></th>
<th></th>
</tr>
</thead>
<tbody class="token-list icon-loading">
</tbody>
</table>
<p><?php p($l->t('A device password is a passcode that gives an app or device permissions to access your ownCloud account.'));?></p>
<div id="device-token-form">
<input id="device-token-name" type="text" placeholder="Device name">
<button id="device-add-token" class="button">Create new device password</button>
</div>
<div id="device-token-result" class="hidden">
<input id="device-new-token" type="text" readonly="readonly"/>
<button id="device-token-hide" class="button">Done</button>
</div>
</div>
<form id="language" class="section">
<h2>
<label for="languageinput"><?php p($l->t('Language'));?></label>

27
tests/lib/Authentication/Token/DefaultTokenMapperTest.php
View file

@ -159,4 +159,31 @@ class DefaultTokenMapperTest extends TestCase {
$this->assertCount(0, $this->mapper->getTokenByUser($user));
}
public function testDeleteById() {
$user = $this->getMock('\OCP\IUser');
$qb = $this->dbConnection->getQueryBuilder();
$qb->select('id')
->from('authtoken')
->where($qb->expr()->eq('token', $qb->createNamedParameter('9c5a2e661482b65597408a6bb6c4a3d1af36337381872ac56e445a06cdb7fea2b1039db707545c11027a4966919918b19d875a8b774840b18c6cbb7ae56fe206')));
$result = $qb->execute();
$id = $result->fetch()['id'];
$user->expects($this->once())
->method('getUID')
->will($this->returnValue('user1'));
$this->mapper->deleteById($user, $id);
$this->assertEquals(2, $this->getNumberOfTokens());
}
public function testDeleteByIdWrongUser() {
$user = $this->getMock('\OCP\IUser');
$id = 33;
$user->expects($this->once())
->method('getUID')
->will($this->returnValue('user10000'));
$this->mapper->deleteById($user, $id);
$this->assertEquals(3, $this->getNumberOfTokens());
}
}

11
tests/lib/Authentication/Token/DefaultTokenProviderTest.php
View file

@ -170,6 +170,17 @@ class DefaultTokenProviderTest extends TestCase {
$this->tokenProvider->invalidateToken('token7');
}
public function testInvaildateTokenById() {
$id = 123;
$user = $this->getMock('\OCP\IUser');
$this->mapper->expects($this->once())
->method('deleteById')
->with($user, $id);
$this->tokenProvider->invalidateTokenById($user, $id);
}
public function testInvalidateOldTokens() {
$defaultSessionLifetime = 60 * 60 * 24;
$this->config->expects($this->once())

156
tests/settings/controller/AuthSettingsControllerTest.php Normal file
View file

@ -0,0 +1,156 @@
<?php
/**
* @author Christoph Wurst <christoph@owncloud.com>
*
* @copyright Copyright (c) 2016, ownCloud, Inc.
* @license AGPL-3.0
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
namespace Test\Settings\Controller;
use OC\AppFramework\Http;
use OC\Authentication\Exceptions\InvalidTokenException;
use OC\Authentication\Token\IToken;
use OC\Settings\Controller\AuthSettingsController;
use OCP\AppFramework\Http\JSONResponse;
use OCP\Session\Exceptions\SessionNotAvailableException;
use Test\TestCase;
class AuthSettingsControllerTest extends TestCase {
/** @var AuthSettingsController */
private $controller;
private $request;
private $tokenProvider;
private $userManager;
private $session;
private $secureRandom;
private $uid;
protected function setUp() {
parent::setUp();
$this->request = $this->getMock('\OCP\IRequest');
$this->tokenProvider = $this->getMock('\OC\Authentication\Token\IProvider');
$this->userManager = $this->getMock('\OCP\IUserManager');
$this->session = $this->getMock('\OCP\ISession');
$this->secureRandom = $this->getMock('\OCP\Security\ISecureRandom');
$this->uid = 'jane';
$this->user = $this->getMock('\OCP\IUser');
$this->controller = new AuthSettingsController('core', $this->request, $this->tokenProvider, $this->userManager, $this->session, $this->secureRandom, $this->uid);
}
public function testIndex() {
$result = [
'token1',
'token2',
];
$this->userManager->expects($this->once())
->method('get')
->with($this->uid)
->will($this->returnValue($this->user));
$this->tokenProvider->expects($this->once())
->method('getTokenByUser')
->with($this->user)
->will($this->returnValue($result));
$this->assertEquals($result, $this->controller->index());
}
public function testCreate() {
$name = 'Nexus 4';
$sessionToken = $this->getMock('\OC\Authentication\Token\IToken');
$deviceToken = $this->getMock('\OC\Authentication\Token\IToken');
$password = '123456';
$this->session->expects($this->once())
->method('getId')
->will($this->returnValue('sessionid'));
$this->tokenProvider->expects($this->once())
->method('getToken')
->with('sessionid')
->will($this->returnValue($sessionToken));
$this->tokenProvider->expects($this->once())
->method('getPassword')
->with($sessionToken, 'sessionid')
->will($this->returnValue($password));
$this->secureRandom->expects($this->exactly(4))
->method('generate')
->with(5, implode('', range('A', 'Z')))
->will($this->returnValue('XXXXX'));
$newToken = 'XXXXX-XXXXX-XXXXX-XXXXX';
$this->tokenProvider->expects($this->once())
->method('generateToken')
->with($newToken, $this->uid, $password, $name, IToken::PERMANENT_TOKEN)
->will($this->returnValue($deviceToken));
$expected = [
'token' => $newToken,
'deviceToken' => $deviceToken,
];
$this->assertEquals($expected, $this->controller->create($name));
}
public function testCreateSessionNotAvailable() {
$name = 'personal phone';
$this->session->expects($this->once())
->method('getId')
->will($this->throwException(new SessionNotAvailableException()));
$expected = new JSONResponse();
$expected->setStatus(Http::STATUS_SERVICE_UNAVAILABLE);
$this->assertEquals($expected, $this->controller->create($name));
}
public function testCreateInvalidToken() {
$name = 'Company IPhone';
$this->session->expects($this->once())
->method('getId')
->will($this->returnValue('sessionid'));
$this->tokenProvider->expects($this->once())
->method('getToken')
->with('sessionid')
->will($this->throwException(new InvalidTokenException()));
$expected = new JSONResponse();
$expected->setStatus(Http::STATUS_SERVICE_UNAVAILABLE);
$this->assertEquals($expected, $this->controller->create($name));
}
public function testDestroy() {
$id = 123;
$user = $this->getMock('\OCP\IUser');
$this->userManager->expects($this->once())
->method('get')
->with($this->uid)
->will($this->returnValue($user));
$this->tokenProvider->expects($this->once())
->method('invalidateTokenById')
->with($user, $id);
$this->assertEquals([], $this->controller->destroy($id));
}
}