NB-Public
/
user_saml
mirror of https://github.com/netzbegruenung/user_saml.git
14
0
Fork 0
Code Issues Projects Releases Wiki Activity
user_saml/tests/unit/Controller/SAMLControllerTest.php

368 lines
10 KiB
PHP
Raw Blame History

<?php
/**
* @copyright Copyright (c) 2016 Lukas Reschke <lukas@statuscode.ch>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace OCA\User_SAML\Tests\Controller;
use OCA\User_SAML\Controller\SAMLController;
use OCA\User_SAML\Exceptions\NoUserFoundException;
use OCA\User_SAML\SAMLSettings;
use OCA\User_SAML\UserBackend;
use OCA\User_SAML\UserData;
use OCA\User_SAML\UserResolver;
use OCP\AppFramework\Http\RedirectResponse;
use OCP\AppFramework\Http\TemplateResponse;
use OCP\IConfig;
use OCP\IL10N;
use OCP\ILogger;
use OCP\IRequest;
use OCP\ISession;
use OCP\IURLGenerator;
use OCP\IUser;
use OCP\IUserSession;
use PHPUnit\Framework\MockObject\MockObject;
use OCP\Security\ICrypto;
use Test\TestCase;
class SAMLControllerTest extends TestCase {
/** @var UserResolver|\PHPUnit\Framework\MockObject\MockObject */
protected $userResolver;
/** @var UserData|\PHPUnit\Framework\MockObject\MockObject */
private $userData;
/** @var IRequest|\PHPUnit_Framework_MockObject_MockObject */
private $request;
/** @var ISession|\PHPUnit_Framework_MockObject_MockObject */
private $session;
/** @var IUserSession|\PHPUnit_Framework_MockObject_MockObject */
private $userSession;
/** @var SAMLSettings|\PHPUnit_Framework_MockObject_MockObject*/
private $samlSettings;
/** @var UserBackend|\PHPUnit_Framework_MockObject_MockObject */
private $userBackend;
/** @var IConfig|\PHPUnit_Framework_MockObject_MockObject */
private $config;
/** @var IURLGenerator|\PHPUnit_Framework_MockObject_MockObject */
private $urlGenerator;
/** @var ILogger|\PHPUnit_Framework_MockObject_MockObject */
private $logger;
/** @var IL10N|\PHPUnit_Framework_MockObject_MockObject */
private $l;
/** @var ICrypto|MockObject */
private $crypto;
/** @var SAMLController */
private $samlController;
protected function setUp(): void {
parent::setUp();
$this->request = $this->createMock(IRequest::class);
$this->session = $this->createMock(ISession::class);
$this->userSession = $this->createMock(IUserSession::class);
$this->samlSettings = $this->createMock(SAMLSettings::class);
$this->userBackend = $this->createMock(UserBackend::class);
$this->config = $this->createMock(IConfig::class);
$this->urlGenerator = $this->createMock(IURLGenerator::class);
$this->logger = $this->createMock(ILogger::class);
$this->l = $this->createMock(IL10N::class);
$this->userResolver = $this->createMock(UserResolver::class);
$this->userData = $this->createMock(UserData::class);
$this->crypto = $this->createMock(ICrypto::class);
$this->l->expects($this->any())->method('t')->willReturnCallback(
function($param) {
return $param;
}
);
$this->config->expects($this->any())->method('getSystemValue')
->willReturnCallback(function($key, $default) {
return $default;
});
$this->samlController = new SAMLController(
'user_saml',
$this->request,
$this->session,
$this->userSession,
$this->samlSettings,
$this->userBackend,
$this->config,
$this->urlGenerator,
$this->logger,
$this->l,
$this->userResolver,
$this->userData,
$this->crypto
);
}
/**
* @expectedExceptionMessage Type of "UnknownValue" is not supported for user_saml
* @expectedException \Exception
*/
public function testLoginWithInvalidAppValue() {
$this->config
->expects($this->once())
->method('getAppValue')
->with('user_saml', 'type')
->willReturn('UnknownValue');
$this->samlController->login(1);
}
public function samlUserDataProvider() {
$userNotExisting = 0;
$userExisting = 1;
$userLazyExisting = 2;
$apDisabled = 0;
$apEnabled = 1;
$apEnabledUnsuccessful = 2;
return [
[ # 0 - Not existing uid in settings array
[
'foo' => 'bar',
'bar' => 'foo',
],
'https://nextcloud.com/notProvisioned/',
$userNotExisting,
$apDisabled
],
[ # 1 - existing user
[
'foo' => 'bar',
'bar' => 'foo',
'uid' => 'MyUid',
],
'https://nextcloud.com/absolute/',
$userExisting,
$apDisabled
],
[ # 2 - existing user and uid attribute in array
[
'foo' => 'bar',
'bar' => 'foo',
'uid' => ['MyUid'],
],
'https://nextcloud.com/absolute/',
$userExisting,
$apDisabled
],
[ # 3 - Not existing user with provisioning
[
'foo' => 'bar',
'bar' => 'foo',
'uid' => 'MyUid',
],
'https://nextcloud.com/absolute/',
$userNotExisting,
$apEnabled
],
[ # 4 - Not existing user with malfunctioning backend
[
'foo' => 'bar',
'bar' => 'foo',
'uid' => 'MyUid',
],
'https://nextcloud.com/notProvisioned/',
$userNotExisting,
$apEnabledUnsuccessful
],
[ # 5 - Not existing user without provisioning
[
'foo' => 'bar',
'bar' => 'foo',
'uid' => 'MyUid',
],
'https://nextcloud.com/notProvisioned/',
$userNotExisting,
$apDisabled
],
[ # 6 - Not yet mapped user without provisioning
[
'foo' => 'bar',
'bar' => 'foo',
'uid' => 'MyUid',
],
'https://nextcloud.com/absolute/',
$userLazyExisting,
$apDisabled
],
];
}
/**
* @dataProvider samlUserDataProvider
*/
public function testLoginWithEnvVariable(array $samlUserData, string $redirect, int $userState, int $autoProvision) {
$this->config->expects($this->any())
->method('getAppValue')
->willReturnCallback(function (string $app, string $key) {
if($app === 'user_saml') {
if($key === 'type') {
return 'environment-variable';
}
if($key === 'general-uid_mapping') {
return 'uid';
}
}
return null;
});
$this->session
->expects($this->once())
->method('get')
->with('user_saml.samlUserData')
->willReturn($samlUserData);
$this->userData
->expects($this->once())
->method('setAttributes')
->with($samlUserData);
$this->userData
->expects($this->any())
->method('getAttributes')
->willReturn($samlUserData);
$this->userData
->expects($this->any())
->method('hasUidMappingAttribute')
->willReturn(isset($samlUserData['uid']));
$this->userData
->expects(isset($samlUserData['uid']) ? $this->any() : $this->never())
->method('getOriginalUid')
->willReturn('MyUid');
$this->userData
->expects($this->any())
->method('getEffectiveUid')
->willReturn($userState > 0 ? 'MyUid' : '');
if(strpos($redirect, 'notProvisioned') !== false) {
$this->urlGenerator
->expects($this->once())
->method('linkToRouteAbsolute')
->with('user_saml.SAML.notProvisioned')
->willReturn($redirect);
} else {
$this->urlGenerator
->expects($this->once())
->method('getAbsoluteURL')
->willReturn($redirect);
}
$this->userResolver
->expects($this->any())
->method('userExists')
->with('MyUid')
->willReturn($userState === 1);
if(isset($samlUserData['uid']) && !($userState === 0 && $autoProvision === 0)) {
/** @var IUser|MockObject $user */
$user = $this->createMock(IUser::class);
$im = $this->userResolver
->expects($this->once())
->method('findExistingUser')
->with('MyUid');
if($autoProvision < 2) {
$im->willReturn($user);
} else {
$im->willThrowException(new NoUserFoundException());
}
$user
->expects($this->exactly((int)($autoProvision < 2)))
->method('updateLastLoginTimestamp');
if($userState === 0) {
$this->userResolver
->expects($this->any())
->method('findExistingUserId')
->with('MyUid', true)
->willThrowException(new NoUserFoundException());
} else if($userState === 2) {
$this->userResolver
->expects($this->any())
->method('findExistingUserId')
->with('MyUid', true)
->willReturn('MyUid');
}
}
$this->userBackend
->expects($this->any())
->method('getCurrentUserId')
->willReturn(isset($samlUserData['uid']) ? 'MyUid' : '');
$this->userBackend
->expects($autoProvision > 0 ? $this->once() : $this->any())
->method('autoprovisionAllowed')
->willReturn($autoProvision > 0);
$this->userBackend
->expects($this->exactly(min(1, $autoProvision)))
->method('createUserIfNotExists')
->with('MyUid');
$expected = new RedirectResponse($redirect);
$result = $this->samlController->login(1);
$this->assertEquals($expected, $result);
}
public function testNotProvisioned() {
$expected = new TemplateResponse('user_saml', 'notProvisioned', [], 'guest');
$this->assertEquals($expected, $this->samlController->notProvisioned());
}
/**
* @dataProvider dataTestGenericError
*
* @param string $messageSend
* @param string $messageExpected
*/
public function testGenericError($messageSend, $messageExpected) {
$expected = new TemplateResponse('user_saml', 'error', ['message' => $messageExpected], 'guest');
$this->assertEquals($expected, $this->samlController->genericError($messageSend));
}
public function dataTestGenericError() {
return [
['messageSend' => '', 'messageExpected' => 'Unknown error, please check the log file for more details.'],
['messageSend' => 'test message', 'messageExpected' => 'test message'],
];
}
/**
* @dataProvider dataTestGetSSODisplayName
*
* @param string $configuredDisplayName
* @param string $expected
*/
public function testGetSSODisplayName($configuredDisplayName, $expected) {
$result = $this->invokePrivate($this->samlController, 'getSSODisplayName', [$configuredDisplayName]);
$this->assertSame($expected, $result);
}
public function dataTestGetSSODisplayName() {
return [
['My identity provider', 'My identity provider'],
['', 'SSO & SAML log in']
];
}
}
Reference in New Issue View Git Blame Copy Permalink