server/apps/federation/tests/Controller/OCSAuthAPIControllerTest.php
Bjoern Schiessle 51d85eb2f8
expire getShareadSecret job after 30 days
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-08-01 10:07:51 +02:00

205 lines
6.1 KiB
PHP

<?php
/**
* @copyright Copyright (c) 2016, ownCloud, Inc.
*
* @author Björn Schießle <bjoern@schiessle.org>
* @author Robin Appelman <robin@icewind.nl>
*
* @license AGPL-3.0
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
namespace OCA\Federation\Tests\Controller;
use OC\BackgroundJob\JobList;
use OCA\Federation\Controller\OCSAuthAPIController;
use OCA\Federation\DbHandler;
use OCA\Federation\TrustedServers;
use OCP\AppFramework\Http;
use OCP\AppFramework\OCS\OCSForbiddenException;
use OCP\ILogger;
use OCP\IRequest;
use OCP\Security\ISecureRandom;
use Test\TestCase;
class OCSAuthAPIControllerTest extends TestCase {
/** @var \PHPUnit_Framework_MockObject_MockObject | IRequest */
private $request;
/** @var \PHPUnit_Framework_MockObject_MockObject | ISecureRandom */
private $secureRandom;
/** @var \PHPUnit_Framework_MockObject_MockObject | JobList */
private $jobList;
/** @var \PHPUnit_Framework_MockObject_MockObject | TrustedServers */
private $trustedServers;
/** @var \PHPUnit_Framework_MockObject_MockObject | DbHandler */
private $dbHandler;
/** @var \PHPUnit_Framework_MockObject_MockObject | ILogger */
private $logger;
/** @var OCSAuthAPIController */
private $ocsAuthApi;
/** @var int simulated timestamp */
private $currentTime = 1234567;
public function setUp() {
parent::setUp();
$this->request = $this->getMockBuilder('OCP\IRequest')->getMock();
$this->secureRandom = $this->getMockBuilder('OCP\Security\ISecureRandom')->getMock();
$this->trustedServers = $this->getMockBuilder('OCA\Federation\TrustedServers')
->disableOriginalConstructor()->getMock();
$this->dbHandler = $this->getMockBuilder('OCA\Federation\DbHandler')
->disableOriginalConstructor()->getMock();
$this->jobList = $this->getMockBuilder('OC\BackgroundJob\JobList')
->disableOriginalConstructor()->getMock();
$this->logger = $this->getMockBuilder('OCP\ILogger')
->disableOriginalConstructor()->getMock();
$this->ocsAuthApi = $this->getMockBuilder(OCSAuthAPIController::class)
->setConstructorArgs(
[
'federation',
$this->request,
$this->secureRandom,
$this->jobList,
$this->trustedServers,
$this->dbHandler,
$this->logger
]
)->setMethods(['getTimestamp'])->getMock();
$this->ocsAuthApi->expects($this->any())->method('getTimestamp')->willReturn($this->currentTime);
}
/**
* @dataProvider dataTestRequestSharedSecret
*
* @param string $token
* @param string $localToken
* @param bool $isTrustedServer
* @param bool $ok
*/
public function testRequestSharedSecret($token, $localToken, $isTrustedServer, $ok) {
$url = 'url';
$this->trustedServers
->expects($this->once())
->method('isTrustedServer')->with($url)->willReturn($isTrustedServer);
$this->dbHandler->expects($this->any())
->method('getToken')->with($url)->willReturn($localToken);
if ($ok) {
$this->jobList->expects($this->once())->method('add')
->with('OCA\Federation\BackgroundJob\GetSharedSecret', ['url' => $url, 'token' => $token, 'created' => $this->currentTime]);
$this->jobList->expects($this->once())->method('remove')
->with('OCA\Federation\BackgroundJob\RequestSharedSecret', ['url' => $url, 'token' => $localToken]);
} else {
$this->jobList->expects($this->never())->method('add');
$this->jobList->expects($this->never())->method('remove');
}
try {
$this->ocsAuthApi->requestSharedSecret($url, $token);
$this->assertTrue($ok);
} catch (OCSForbiddenException $e) {
$this->assertFalse($ok);
}
}
public function dataTestRequestSharedSecret() {
return [
['token2', 'token1', true, true],
['token1', 'token2', false, false],
['token1', 'token2', true, false],
];
}
/**
* @dataProvider dataTestGetSharedSecret
*
* @param bool $isTrustedServer
* @param bool $isValidToken
* @param bool $ok
*/
public function testGetSharedSecret($isTrustedServer, $isValidToken, $ok) {
$url = 'url';
$token = 'token';
/** @var OCSAuthAPIController | \PHPUnit_Framework_MockObject_MockObject $ocsAuthApi */
$ocsAuthApi = $this->getMockBuilder('OCA\Federation\Controller\OCSAuthAPIController')
->setConstructorArgs(
[
'federation',
$this->request,
$this->secureRandom,
$this->jobList,
$this->trustedServers,
$this->dbHandler,
$this->logger
]
)->setMethods(['isValidToken'])->getMock();
$this->trustedServers
->expects($this->any())
->method('isTrustedServer')->with($url)->willReturn($isTrustedServer);
$ocsAuthApi->expects($this->any())
->method('isValidToken')->with($url, $token)->willReturn($isValidToken);
if($ok) {
$this->secureRandom->expects($this->once())->method('generate')->with(32)
->willReturn('secret');
$this->trustedServers->expects($this->once())
->method('addSharedSecret')->willReturn($url, 'secret');
$this->dbHandler->expects($this->once())
->method('addToken')->with($url, '');
} else {
$this->secureRandom->expects($this->never())->method('getMediumStrengthGenerator');
$this->secureRandom->expects($this->never())->method('generate');
$this->trustedServers->expects($this->never())->method('addSharedSecret');
$this->dbHandler->expects($this->never())->method('addToken');
}
try {
$result = $ocsAuthApi->getSharedSecret($url, $token);
$this->assertTrue($ok);
$data = $result->getData();
$this->assertSame('secret', $data['sharedSecret']);
} catch (OCSForbiddenException $e) {
$this->assertFalse($ok);
}
}
public function dataTestGetSharedSecret() {
return [
[true, true, true],
[false, true, false],
[true, false, false],
[false, false, false],
];
}
}