1d3e391ad8
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
262 lines
7.2 KiB
PHP
262 lines
7.2 KiB
PHP
<?php
|
|
/**
|
|
*
|
|
* @author Christoph Wurst <christoph@owncloud.com>
|
|
*
|
|
* @license GNU AGPL version 3 or any later version
|
|
*
|
|
* This program is free software: you can redistribute it and/or modify
|
|
* it under the terms of the GNU Affero General Public License as
|
|
* published by the Free Software Foundation, either version 3 of the
|
|
* License, or (at your option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU Affero General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Affero General Public License
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
*
|
|
*/
|
|
|
|
use GuzzleHttp\Client;
|
|
use GuzzleHttp\Exception\ClientException;
|
|
use GuzzleHttp\Cookie\CookieJar;
|
|
|
|
require __DIR__ . '/../../vendor/autoload.php';
|
|
|
|
trait Auth {
|
|
/** @var string */
|
|
private $unrestrictedClientToken;
|
|
/** @var string */
|
|
private $restrictedClientToken;
|
|
/** @var Client */
|
|
private $client;
|
|
/** @var string */
|
|
private $responseXml;
|
|
|
|
/** @BeforeScenario */
|
|
public function setUpScenario() {
|
|
$this->client = new Client();
|
|
$this->responseXml = '';
|
|
$this->cookieJar = new CookieJar();
|
|
}
|
|
|
|
/**
|
|
* @When requesting :url with :method
|
|
*/
|
|
public function requestingWith($url, $method) {
|
|
$this->sendRequest($url, $method);
|
|
}
|
|
|
|
private function sendRequest($url, $method, $authHeader = null, $useCookies = false) {
|
|
$fullUrl = substr($this->baseUrl, 0, -5) . $url;
|
|
try {
|
|
if ($useCookies) {
|
|
$request = $this->client->createRequest($method, $fullUrl, [
|
|
'cookies' => $this->cookieJar,
|
|
]);
|
|
} else {
|
|
$request = $this->client->createRequest($method, $fullUrl);
|
|
}
|
|
if ($authHeader) {
|
|
$request->setHeader('Authorization', $authHeader);
|
|
}
|
|
$request->setHeader('OCS_APIREQUEST', 'true');
|
|
$request->setHeader('requesttoken', $this->requestToken);
|
|
$this->response = $this->client->send($request);
|
|
} catch (ClientException $ex) {
|
|
$this->response = $ex->getResponse();
|
|
}
|
|
}
|
|
|
|
/**
|
|
* @When the CSRF token is extracted from the previous response
|
|
*/
|
|
public function theCsrfTokenIsExtractedFromThePreviousResponse() {
|
|
$this->requestToken = substr(preg_replace('/(.*)data-requesttoken="(.*)">(.*)/sm', '\2', $this->response->getBody()->getContents()), 0, 89);
|
|
}
|
|
|
|
/**
|
|
* @param bool $loginViaWeb
|
|
* @return object
|
|
*/
|
|
private function createClientToken($loginViaWeb = true) {
|
|
if($loginViaWeb) {
|
|
$this->loggingInUsingWebAs('user0');
|
|
}
|
|
|
|
$fullUrl = substr($this->baseUrl, 0, -5) . '/index.php/settings/personal/authtokens';
|
|
$client = new Client();
|
|
$options = [
|
|
'auth' => [
|
|
'user0',
|
|
$loginViaWeb ? '123456' : $this->restrictedClientToken,
|
|
],
|
|
'body' => [
|
|
'requesttoken' => $this->requestToken,
|
|
'name' => md5(microtime()),
|
|
],
|
|
'cookies' => $this->cookieJar,
|
|
];
|
|
|
|
try {
|
|
$this->response = $client->send($client->createRequest('POST', $fullUrl, $options));
|
|
} catch (\GuzzleHttp\Exception\ServerException $e) {
|
|
$this->response = $e->getResponse();
|
|
}
|
|
return json_decode($this->response->getBody()->getContents());
|
|
}
|
|
|
|
/**
|
|
* @Given a new restricted client token is added
|
|
*/
|
|
public function aNewRestrictedClientTokenIsAdded() {
|
|
$tokenObj = $this->createClientToken();
|
|
$newCreatedTokenId = $tokenObj->deviceToken->id;
|
|
$fullUrl = substr($this->baseUrl, 0, -5) . '/index.php/settings/personal/authtokens/' . $newCreatedTokenId;
|
|
$client = new Client();
|
|
$options = [
|
|
'auth' => ['user0', '123456'],
|
|
'headers' => [
|
|
'requesttoken' => $this->requestToken,
|
|
],
|
|
'json' => [
|
|
'scope' => [
|
|
'filesystem' => false,
|
|
],
|
|
],
|
|
'cookies' => $this->cookieJar,
|
|
];
|
|
$this->response = $client->send($client->createRequest('PUT', $fullUrl, $options));
|
|
$this->restrictedClientToken = $tokenObj->token;
|
|
}
|
|
|
|
/**
|
|
* @Given a new unrestricted client token is added
|
|
*/
|
|
public function aNewUnrestrictedClientTokenIsAdded() {
|
|
$this->unrestrictedClientToken = $this->createClientToken()->token;
|
|
}
|
|
|
|
/**
|
|
* @When a new unrestricted client token is added using restricted basic token auth
|
|
*/
|
|
public function aNewUnrestrictedClientTokenIsAddedUsingRestrictedBasicTokenAuth() {
|
|
$this->createClientToken(false);
|
|
}
|
|
|
|
/**
|
|
* @When requesting :url with :method using basic auth
|
|
*
|
|
* @param string $url
|
|
* @param string $method
|
|
*/
|
|
public function requestingWithBasicAuth($url, $method) {
|
|
$this->sendRequest($url, $method, 'basic ' . base64_encode('user0:123456'));
|
|
}
|
|
|
|
/**
|
|
* @When requesting :url with :method using unrestricted basic token auth
|
|
*
|
|
* @param string $url
|
|
* @param string $method
|
|
*/
|
|
public function requestingWithUnrestrictedBasicTokenAuth($url, $method) {
|
|
$this->sendRequest($url, $method, 'basic ' . base64_encode('user0:' . $this->unrestrictedClientToken), true);
|
|
}
|
|
|
|
/**
|
|
* @When requesting :url with :method using restricted basic token auth
|
|
*
|
|
* @param string $url
|
|
* @param string $method
|
|
*/
|
|
public function requestingWithRestrictedBasicTokenAuth($url, $method) {
|
|
$this->sendRequest($url, $method, 'basic ' . base64_encode('user0:' . $this->restrictedClientToken), true);
|
|
}
|
|
|
|
/**
|
|
* @When requesting :url with :method using an unrestricted client token
|
|
*
|
|
* @param string $url
|
|
* @param string $method
|
|
*/
|
|
public function requestingWithUsingAnUnrestrictedClientToken($url, $method) {
|
|
$this->sendRequest($url, $method, 'token ' . $this->unrestrictedClientToken);
|
|
}
|
|
|
|
/**
|
|
* @When requesting :url with :method using a restricted client token
|
|
*
|
|
* @param string $url
|
|
* @param string $method
|
|
*/
|
|
public function requestingWithUsingARestrictedClientToken($url, $method) {
|
|
$this->sendRequest($url, $method, 'token ' . $this->restrictedClientToken);
|
|
}
|
|
|
|
/**
|
|
* @When requesting :url with :method using browser session
|
|
*
|
|
* @param string $url
|
|
* @param string $method
|
|
*/
|
|
public function requestingWithBrowserSession($url, $method) {
|
|
$this->sendRequest($url, $method, null, true);
|
|
}
|
|
|
|
/**
|
|
* @Given a new browser session is started
|
|
*
|
|
* @param bool $remember
|
|
*/
|
|
public function aNewBrowserSessionIsStarted($remember = false) {
|
|
$loginUrl = substr($this->baseUrl, 0, -5) . '/login';
|
|
// Request a new session and extract CSRF token
|
|
$client = new Client();
|
|
$response = $client->get($loginUrl, [
|
|
'cookies' => $this->cookieJar,
|
|
]);
|
|
$this->extracRequestTokenFromResponse($response);
|
|
|
|
// Login and extract new token
|
|
$client = new Client();
|
|
$response = $client->post(
|
|
$loginUrl, [
|
|
'body' => [
|
|
'user' => 'user0',
|
|
'password' => '123456',
|
|
'remember_login' => $remember ? '1' : '0',
|
|
'requesttoken' => $this->requestToken,
|
|
],
|
|
'cookies' => $this->cookieJar,
|
|
]
|
|
);
|
|
$this->extracRequestTokenFromResponse($response);
|
|
}
|
|
|
|
/**
|
|
* @Given a new remembered browser session is started
|
|
*/
|
|
public function aNewRememberedBrowserSessionIsStarted() {
|
|
$this->aNewBrowserSessionIsStarted(true);
|
|
}
|
|
|
|
|
|
/**
|
|
* @Given the cookie jar is reset
|
|
*/
|
|
public function theCookieJarIsReset() {
|
|
$this->cookieJar = new CookieJar();
|
|
}
|
|
|
|
/**
|
|
* @When the session cookie expires
|
|
*/
|
|
public function whenTheSessionCookieExpires() {
|
|
$this->cookieJar->clearSessionCookies();
|
|
}
|
|
|
|
}
|