TwoFactorMiddlewareTest.php 6.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203
  1. <?php
  2. /**
  3. * @author Christoph Wurst <christoph@owncloud.com>
  4. *
  5. * @copyright Copyright (c) 2016, ownCloud, Inc.
  6. * @license AGPL-3.0
  7. *
  8. * This code is free software: you can redistribute it and/or modify
  9. * it under the terms of the GNU Affero General Public License, version 3,
  10. * as published by the Free Software Foundation.
  11. *
  12. * This program is distributed in the hope that it will be useful,
  13. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  15. * GNU Affero General Public License for more details.
  16. *
  17. * You should have received a copy of the GNU Affero General Public License, version 3,
  18. * along with this program. If not, see <http://www.gnu.org/licenses/>
  19. *
  20. */
  21. namespace Test\Core\Middleware;
  22. use OC\Core\Middleware\TwoFactorMiddleware;
  23. use OC\AppFramework\Http\Request;
  24. use OCP\AppFramework\Utility\IControllerMethodReflector;
  25. use OCP\IConfig;
  26. use OCP\ISession;
  27. use OCP\IURLGenerator;
  28. use OCP\IUser;
  29. use OCP\Security\ISecureRandom;
  30. use Test\TestCase;
  31. class TwoFactorMiddlewareTest extends TestCase {
  32. private $twoFactorManager;
  33. private $userSession;
  34. private $session;
  35. private $urlGenerator;
  36. private $reflector;
  37. private $request;
  38. /** @var TwoFactorMiddleware */
  39. private $middleware;
  40. protected function setUp() {
  41. parent::setUp();
  42. $this->twoFactorManager = $this->getMockBuilder('\OC\Authentication\TwoFactorAuth\Manager')
  43. ->disableOriginalConstructor()
  44. ->getMock();
  45. $this->userSession = $this->getMockBuilder('\OC\User\Session')
  46. ->disableOriginalConstructor()
  47. ->getMock();
  48. $this->session = $this->createMock(ISession::class);
  49. $this->urlGenerator = $this->createMock(IURLGenerator::class);
  50. $this->reflector = $this->createMock(IControllerMethodReflector::class);
  51. $this->request = new Request(
  52. [
  53. 'server' => [
  54. 'REQUEST_URI' => 'test/url'
  55. ]
  56. ],
  57. $this->createMock(ISecureRandom::class),
  58. $this->createMock(IConfig::class)
  59. );
  60. $this->middleware = new TwoFactorMiddleware($this->twoFactorManager, $this->userSession, $this->session, $this->urlGenerator, $this->reflector, $this->request);
  61. }
  62. public function testBeforeControllerNotLoggedIn() {
  63. $this->reflector->expects($this->once())
  64. ->method('hasAnnotation')
  65. ->with('PublicPage')
  66. ->will($this->returnValue(false));
  67. $this->userSession->expects($this->once())
  68. ->method('isLoggedIn')
  69. ->will($this->returnValue(false));
  70. $this->userSession->expects($this->never())
  71. ->method('getUser');
  72. $this->middleware->beforeController(null, 'index');
  73. }
  74. public function testBeforeControllerPublicPage() {
  75. $this->reflector->expects($this->once())
  76. ->method('hasAnnotation')
  77. ->with('PublicPage')
  78. ->will($this->returnValue(true));
  79. $this->userSession->expects($this->never())
  80. ->method('isLoggedIn');
  81. $this->middleware->beforeController(null, 'create');
  82. }
  83. public function testBeforeControllerNoTwoFactorCheckNeeded() {
  84. $user = $this->createMock(IUser::class);
  85. $this->reflector->expects($this->once())
  86. ->method('hasAnnotation')
  87. ->with('PublicPage')
  88. ->will($this->returnValue(false));
  89. $this->userSession->expects($this->once())
  90. ->method('isLoggedIn')
  91. ->will($this->returnValue(true));
  92. $this->userSession->expects($this->once())
  93. ->method('getUser')
  94. ->will($this->returnValue($user));
  95. $this->twoFactorManager->expects($this->once())
  96. ->method('isTwoFactorAuthenticated')
  97. ->with($user)
  98. ->will($this->returnValue(false));
  99. $this->middleware->beforeController(null, 'index');
  100. }
  101. /**
  102. * @expectedException \OC\Authentication\Exceptions\TwoFactorAuthRequiredException
  103. */
  104. public function testBeforeControllerTwoFactorAuthRequired() {
  105. $user = $this->createMock(IUser::class);
  106. $this->reflector->expects($this->once())
  107. ->method('hasAnnotation')
  108. ->with('PublicPage')
  109. ->will($this->returnValue(false));
  110. $this->userSession->expects($this->once())
  111. ->method('isLoggedIn')
  112. ->will($this->returnValue(true));
  113. $this->userSession->expects($this->once())
  114. ->method('getUser')
  115. ->will($this->returnValue($user));
  116. $this->twoFactorManager->expects($this->once())
  117. ->method('isTwoFactorAuthenticated')
  118. ->with($user)
  119. ->will($this->returnValue(true));
  120. $this->twoFactorManager->expects($this->once())
  121. ->method('needsSecondFactor')
  122. ->with($user)
  123. ->will($this->returnValue(true));
  124. $this->middleware->beforeController(null, 'index');
  125. }
  126. /**
  127. * @expectedException \OC\Authentication\Exceptions\UserAlreadyLoggedInException
  128. */
  129. public function testBeforeControllerUserAlreadyLoggedIn() {
  130. $user = $this->createMock(IUser::class);
  131. $this->reflector->expects($this->once())
  132. ->method('hasAnnotation')
  133. ->with('PublicPage')
  134. ->will($this->returnValue(false));
  135. $this->userSession->expects($this->once())
  136. ->method('isLoggedIn')
  137. ->will($this->returnValue(true));
  138. $this->userSession->expects($this->once())
  139. ->method('getUser')
  140. ->will($this->returnValue($user));
  141. $this->twoFactorManager->expects($this->once())
  142. ->method('isTwoFactorAuthenticated')
  143. ->with($user)
  144. ->will($this->returnValue(true));
  145. $this->twoFactorManager->expects($this->once())
  146. ->method('needsSecondFactor')
  147. ->with($user)
  148. ->will($this->returnValue(false));
  149. $twoFactorChallengeController = $this->getMockBuilder('\OC\Core\Controller\TwoFactorChallengeController')
  150. ->disableOriginalConstructor()
  151. ->getMock();
  152. $this->middleware->beforeController($twoFactorChallengeController, 'index');
  153. }
  154. public function testAfterExceptionTwoFactorAuthRequired() {
  155. $ex = new \OC\Authentication\Exceptions\TwoFactorAuthRequiredException();
  156. $this->urlGenerator->expects($this->once())
  157. ->method('linkToRoute')
  158. ->with('core.TwoFactorChallenge.selectChallenge')
  159. ->will($this->returnValue('test/url'));
  160. $expected = new \OCP\AppFramework\Http\RedirectResponse('test/url');
  161. $this->assertEquals($expected, $this->middleware->afterException(null, 'index', $ex));
  162. }
  163. public function testAfterException() {
  164. $ex = new \OC\Authentication\Exceptions\UserAlreadyLoggedInException();
  165. $this->urlGenerator->expects($this->once())
  166. ->method('linkToRoute')
  167. ->with('files.view.index')
  168. ->will($this->returnValue('redirect/url'));
  169. $expected = new \OCP\AppFramework\Http\RedirectResponse('redirect/url');
  170. $this->assertEquals($expected, $this->middleware->afterException(null, 'index', $ex));
  171. }
  172. }