[github/shaarli/Shaarli.git] / tests / front / controller / visitor / LoginControllerTest.php

<?php

declare(strict_types=1);

namespace Shaarli\Front\Controller\Visitor;

use Shaarli\Config\ConfigManager;
use Shaarli\Front\Exception\LoginBannedException;
use Shaarli\Front\Exception\WrongTokenException;
use Shaarli\Render\TemplatePage;
use Shaarli\Security\CookieManager;
use Shaarli\Security\SessionManager;
use Shaarli\TestCase;
use Slim\Http\Request;
use Slim\Http\Response;

class LoginControllerTest extends TestCase
{
    use FrontControllerMockHelper;

    /** @var LoginController */
    protected $controller;

    public function setUp(): void
    {
        $this->createContainer();

        $this->container->cookieManager = $this->createMock(CookieManager::class);
        $this->container->sessionManager->method('checkToken')->willReturn(true);

        $this->controller = new LoginController($this->container);
    }

    /**
     * Test displaying login form with valid parameters.
     */
    public function testValidControllerInvoke(): void
    {
        $request = $this->createMock(Request::class);
        $request
            ->expects(static::atLeastOnce())
            ->method('getParam')
            ->willReturnCallback(function (string $key) {
                return 'returnurl' === $key ? '> referer' : null;
            })
        ;
        $response = new Response();

        $assignedVariables = [];
        $this->container->pageBuilder
            ->method('assign')
            ->willReturnCallback(function ($key, $value) use (&$assignedVariables) {
                $assignedVariables[$key] = $value;

                return $this;
            })
        ;

        $this->container->loginManager->method('canLogin')->willReturn(true);

        $result = $this->controller->index($request, $response);

        static::assertInstanceOf(Response::class, $result);
        static::assertSame(200, $result->getStatusCode());
        static::assertSame(TemplatePage::LOGIN, (string) $result->getBody());

        static::assertSame('&gt; referer', $assignedVariables['returnurl']);
        static::assertSame(true, $assignedVariables['remember_user_default']);
        static::assertSame('Login - Shaarli', $assignedVariables['pagetitle']);
    }

    /**
     * Test displaying login form with username defined in the request.
     */
    public function testValidControllerInvokeWithUserName(): void
    {
        $this->container->environment = ['HTTP_REFERER' => '> referer'];

        $request = $this->createMock(Request::class);
        $request
            ->expects(static::atLeastOnce())
            ->method('getParam')
            ->willReturnCallback(function (string $key, $default) {
                if ('login' === $key) {
                    return 'myUser>';
                }

                return $default;
            })
        ;
        $response = new Response();

        $assignedVariables = [];
        $this->container->pageBuilder
            ->method('assign')
            ->willReturnCallback(function ($key, $value) use (&$assignedVariables) {
                $assignedVariables[$key] = $value;

                return $this;
            })
        ;

        $this->container->loginManager->expects(static::once())->method('canLogin')->willReturn(true);

        $result = $this->controller->index($request, $response);

        static::assertInstanceOf(Response::class, $result);
        static::assertSame(200, $result->getStatusCode());
        static::assertSame('loginform', (string) $result->getBody());

        static::assertSame('myUser&gt;', $assignedVariables['username']);
        static::assertSame('&gt; referer', $assignedVariables['returnurl']);
        static::assertSame(true, $assignedVariables['remember_user_default']);
        static::assertSame('Login - Shaarli', $assignedVariables['pagetitle']);
    }

    /**
     * Test displaying login page while being logged in.
     */
    public function testLoginControllerWhileLoggedIn(): void
    {
        $request = $this->createMock(Request::class);
        $response = new Response();

        $this->container->loginManager->expects(static::once())->method('isLoggedIn')->willReturn(true);

        $result = $this->controller->index($request, $response);

        static::assertInstanceOf(Response::class, $result);
        static::assertSame(302, $result->getStatusCode());
        static::assertSame(['/subfolder/'], $result->getHeader('Location'));
    }

    /**
     * Test displaying login page with open shaarli configured: redirect to homepage.
     */
    public function testLoginControllerOpenShaarli(): void
    {
        $request = $this->createMock(Request::class);
        $response = new Response();

        $conf = $this->createMock(ConfigManager::class);
        $conf->method('get')->willReturnCallback(function (string $parameter, $default) {
            if ($parameter === 'security.open_shaarli') {
                return true;
            }
            return $default;
        });
        $this->container->conf = $conf;

        $result = $this->controller->index($request, $response);

        static::assertInstanceOf(Response::class, $result);
        static::assertSame(302, $result->getStatusCode());
        static::assertSame(['/subfolder/'], $result->getHeader('Location'));
    }

    /**
     * Test displaying login page while being banned.
     */
    public function testLoginControllerWhileBanned(): void
    {
        $request = $this->createMock(Request::class);
        $response = new Response();

        $this->container->loginManager->method('isLoggedIn')->willReturn(false);
        $this->container->loginManager->method('canLogin')->willReturn(false);

        $this->expectException(LoginBannedException::class);

        $this->controller->index($request, $response);
    }

    /**
     * Test processing login with valid parameters.
     */
    public function testProcessLoginWithValidParameters(): void
    {
        $parameters = [
            'login' => 'bob',
            'password' => 'pass',
        ];
        $request = $this->createMock(Request::class);
        $request
            ->expects(static::atLeastOnce())
            ->method('getParam')
            ->willReturnCallback(function (string $key) use ($parameters) {
                return $parameters[$key] ?? null;
            })
        ;
        $response = new Response();

        $this->container->loginManager->method('canLogin')->willReturn(true);
        $this->container->loginManager->expects(static::once())->method('handleSuccessfulLogin');
        $this->container->loginManager
            ->expects(static::once())
            ->method('checkCredentials')
            ->with('1.2.3.4', '1.2.3.4', 'bob', 'pass')
            ->willReturn(true)
        ;
        $this->container->loginManager->method('getStaySignedInToken')->willReturn(bin2hex(random_bytes(8)));

        $this->container->sessionManager->expects(static::never())->method('extendSession');
        $this->container->sessionManager->expects(static::once())->method('destroy');
        $this->container->sessionManager
            ->expects(static::once())
            ->method('cookieParameters')
            ->with(0, '/subfolder/', 'shaarli')
        ;
        $this->container->sessionManager->expects(static::once())->method('start');
        $this->container->sessionManager->expects(static::once())->method('regenerateId')->with(true);

        $result = $this->controller->login($request, $response);

        static::assertSame(302, $result->getStatusCode());
        static::assertSame('/subfolder/', $result->getHeader('location')[0]);
    }

    /**
     * Test processing login with return URL.
     */
    public function testProcessLoginWithReturnUrl(): void
    {
        $parameters = [
            'returnurl' => 'http://shaarli/subfolder/admin/shaare',
        ];
        $request = $this->createMock(Request::class);
        $request
            ->expects(static::atLeastOnce())
            ->method('getParam')
            ->willReturnCallback(function (string $key) use ($parameters) {
                return $parameters[$key] ?? null;
            })
        ;
        $response = new Response();

        $this->container->loginManager->method('canLogin')->willReturn(true);
        $this->container->loginManager->expects(static::once())->method('handleSuccessfulLogin');
        $this->container->loginManager->expects(static::once())->method('checkCredentials')->willReturn(true);
        $this->container->loginManager->method('getStaySignedInToken')->willReturn(bin2hex(random_bytes(8)));

        $result = $this->controller->login($request, $response);

        static::assertSame(302, $result->getStatusCode());
        static::assertSame('/subfolder/admin/shaare', $result->getHeader('location')[0]);
    }

    /**
     * Test processing login with remember me session enabled.
     */
    public function testProcessLoginLongLastingSession(): void
    {
        $parameters = [
            'longlastingsession' => true,
        ];
        $request = $this->createMock(Request::class);
        $request
            ->expects(static::atLeastOnce())
            ->method('getParam')
            ->willReturnCallback(function (string $key) use ($parameters) {
                return $parameters[$key] ?? null;
            })
        ;
        $response = new Response();

        $this->container->loginManager->method('canLogin')->willReturn(true);
        $this->container->loginManager->expects(static::once())->method('handleSuccessfulLogin');
        $this->container->loginManager->expects(static::once())->method('checkCredentials')->willReturn(true);
        $this->container->loginManager->method('getStaySignedInToken')->willReturn(bin2hex(random_bytes(8)));

        $this->container->sessionManager->expects(static::once())->method('destroy');
        $this->container->sessionManager
            ->expects(static::once())
            ->method('cookieParameters')
            ->with(42, '/subfolder/', 'shaarli')
        ;
        $this->container->sessionManager->expects(static::once())->method('start');
        $this->container->sessionManager->expects(static::once())->method('regenerateId')->with(true);
        $this->container->sessionManager->expects(static::once())->method('extendSession')->willReturn(42);

        $this->container->cookieManager = $this->createMock(CookieManager::class);
        $this->container->cookieManager
            ->expects(static::once())
            ->method('setCookieParameter')
            ->willReturnCallback(function (string $name): CookieManager {
                static::assertSame(CookieManager::STAY_SIGNED_IN, $name);

                return $this->container->cookieManager;
            })
        ;

        $result = $this->controller->login($request, $response);

        static::assertSame(302, $result->getStatusCode());
        static::assertSame('/subfolder/', $result->getHeader('location')[0]);
    }

    /**
     * Test processing login with invalid credentials
     */
    public function testProcessLoginWrongCredentials(): void
    {
        $parameters = [
            'returnurl' => 'http://shaarli/subfolder/admin/shaare',
        ];
        $request = $this->createMock(Request::class);
        $request
            ->expects(static::atLeastOnce())
            ->method('getParam')
            ->willReturnCallback(function (string $key) use ($parameters) {
                return $parameters[$key] ?? null;
            })
        ;
        $response = new Response();

        $this->container->loginManager->method('canLogin')->willReturn(true);
        $this->container->loginManager->expects(static::once())->method('handleFailedLogin');
        $this->container->loginManager->expects(static::once())->method('checkCredentials')->willReturn(false);

        $this->container->sessionManager
            ->expects(static::once())
            ->method('setSessionParameter')
            ->with(SessionManager::KEY_ERROR_MESSAGES, ['Wrong login/password.'])
        ;

        $result = $this->controller->login($request, $response);

        static::assertSame(200, $result->getStatusCode());
        static::assertSame(TemplatePage::LOGIN, (string) $result->getBody());
    }

    /**
     * Test processing login with wrong token
     */
    public function testProcessLoginWrongToken(): void
    {
        $request = $this->createMock(Request::class);
        $response = new Response();

        $this->container->sessionManager = $this->createMock(SessionManager::class);
        $this->container->sessionManager->method('checkToken')->willReturn(false);

        $this->expectException(WrongTokenException::class);

        $this->controller->login($request, $response);
    }

    /**
     * Test processing login with wrong token
     */
    public function testProcessLoginAlreadyLoggedIn(): void
    {
        $request = $this->createMock(Request::class);
        $response = new Response();

        $this->container->loginManager->method('isLoggedIn')->willReturn(true);
        $this->container->loginManager->expects(static::never())->method('handleSuccessfulLogin');
        $this->container->loginManager->expects(static::never())->method('handleFailedLogin');

        $result = $this->controller->login($request, $response);

        static::assertSame(302, $result->getStatusCode());
        static::assertSame('/subfolder/', $result->getHeader('location')[0]);
    }

    /**
     * Test processing login with wrong token
     */
    public function testProcessLoginInOpenShaarli(): void
    {
        $request = $this->createMock(Request::class);
        $response = new Response();

        $this->container->conf = $this->createMock(ConfigManager::class);
        $this->container->conf->method('get')->willReturnCallback(function (string $key, $value) {
            return 'security.open_shaarli' === $key ? true : $value;
        });

        $this->container->loginManager->expects(static::never())->method('handleSuccessfulLogin');
        $this->container->loginManager->expects(static::never())->method('handleFailedLogin');

        $result = $this->controller->login($request, $response);

        static::assertSame(302, $result->getStatusCode());
        static::assertSame('/subfolder/', $result->getHeader('location')[0]);
    }

    /**
     * Test processing login while being banned
     */
    public function testProcessLoginWhileBanned(): void
    {
        $request = $this->createMock(Request::class);
        $response = new Response();

        $this->container->loginManager->method('canLogin')->willReturn(false);
        $this->container->loginManager->expects(static::never())->method('handleSuccessfulLogin');
        $this->container->loginManager->expects(static::never())->method('handleFailedLogin');

        $this->expectException(LoginBannedException::class);

        $this->controller->login($request, $response);
    }
}
Commit	Line	Data
6c50a6cc A	1	<?php
	2
	3	declare(strict_types=1);
	4
2899ebb5	5	namespace Shaarli\Front\Controller\Visitor;
6c50a6cc	6
6c50a6cc	7	use Shaarli\Config\ConfigManager;
6c50a6cc	8	use Shaarli\Front\Exception\LoginBannedException;
a8c11451 A	9	use Shaarli\Front\Exception\WrongTokenException;
	10	use Shaarli\Render\TemplatePage;
	11	use Shaarli\Security\CookieManager;
	12	use Shaarli\Security\SessionManager;
a5a9cf23	13	use Shaarli\TestCase;
6c50a6cc A	14	use Slim\Http\Request;
	15	use Slim\Http\Response;
	16
	17	class LoginControllerTest extends TestCase
	18	{
dd09ec52	19	use FrontControllerMockHelper;
6c50a6cc A	20
	21	/** @var LoginController */
	22	protected $controller;
	23
	24	public function setUp(): void
	25	{
dd09ec52 A	26	$this->createContainer();
dd09ec52 A	27
a8c11451 A	28	$this->container->cookieManager = $this->createMock(CookieManager::class);
	29	$this->container->sessionManager->method('checkToken')->willReturn(true);
	30
6c50a6cc A	31	$this->controller = new LoginController($this->container);
	32	}
	33
a8c11451 A	34	/**
	35	* Test displaying login form with valid parameters.
	36	*/
6c50a6cc A	37	public function testValidControllerInvoke(): void
6c50a6cc A	38	{
6c50a6cc	39	$request = $this->createMock(Request::class);
a8c11451 A	40	$request
	41	->expects(static::atLeastOnce())
	42	->method('getParam')
	43	->willReturnCallback(function (string $key) {
	44	return 'returnurl' === $key ? '> referer' : null;
	45	})
	46	;
6c50a6cc A	47	$response = new Response();
	48
	49	$assignedVariables = [];
	50	$this->container->pageBuilder
6c50a6cc A	51	->method('assign')
	52	->willReturnCallback(function ($key, $value) use (&$assignedVariables) {
	53	$assignedVariables[$key] = $value;
	54
	55	return $this;
	56	})
	57	;
	58
dd09ec52 A	59	$this->container->loginManager->method('canLogin')->willReturn(true);
dd09ec52 A	60
6c50a6cc A	61	$result = $this->controller->index($request, $response);
	62
	63	static::assertInstanceOf(Response::class, $result);
	64	static::assertSame(200, $result->getStatusCode());
a8c11451	65	static::assertSame(TemplatePage::LOGIN, (string) $result->getBody());
6c50a6cc A	66
	67	static::assertSame('> referer', $assignedVariables['returnurl']);
	68	static::assertSame(true, $assignedVariables['remember_user_default']);
	69	static::assertSame('Login - Shaarli', $assignedVariables['pagetitle']);
	70	}
	71
a8c11451 A	72	/**
	73	* Test displaying login form with username defined in the request.
	74	*/
6c50a6cc A	75	public function testValidControllerInvokeWithUserName(): void
6c50a6cc A	76	{
a8c11451 A	77	$this->container->environment = ['HTTP_REFERER' => '> referer'];
a8c11451 A	78
6c50a6cc	79	$request = $this->createMock(Request::class);
a8c11451 A	80	$request
	81	->expects(static::atLeastOnce())
	82	->method('getParam')
	83	->willReturnCallback(function (string $key, $default) {
	84	if ('login' === $key) {
	85	return 'myUser>';
	86	}
	87
	88	return $default;
	89	})
	90	;
6c50a6cc A	91	$response = new Response();
	92
	93	$assignedVariables = [];
	94	$this->container->pageBuilder
6c50a6cc A	95	->method('assign')
	96	->willReturnCallback(function ($key, $value) use (&$assignedVariables) {
	97	$assignedVariables[$key] = $value;
	98
	99	return $this;
	100	})
	101	;
	102
dd09ec52 A	103	$this->container->loginManager->expects(static::once())->method('canLogin')->willReturn(true);
dd09ec52 A	104
6c50a6cc A	105	$result = $this->controller->index($request, $response);
	106
	107	static::assertInstanceOf(Response::class, $result);
	108	static::assertSame(200, $result->getStatusCode());
	109	static::assertSame('loginform', (string) $result->getBody());
	110
	111	static::assertSame('myUser>', $assignedVariables['username']);
	112	static::assertSame('> referer', $assignedVariables['returnurl']);
	113	static::assertSame(true, $assignedVariables['remember_user_default']);
	114	static::assertSame('Login - Shaarli', $assignedVariables['pagetitle']);
	115	}
	116
a8c11451 A	117	/**
	118	* Test displaying login page while being logged in.
	119	*/
6c50a6cc A	120	public function testLoginControllerWhileLoggedIn(): void
	121	{
	122	$request = $this->createMock(Request::class);
	123	$response = new Response();
	124
dd09ec52	125	$this->container->loginManager->expects(static::once())->method('isLoggedIn')->willReturn(true);
6c50a6cc A	126
	127	$result = $this->controller->index($request, $response);
	128
	129	static::assertInstanceOf(Response::class, $result);
	130	static::assertSame(302, $result->getStatusCode());
9c75f877	131	static::assertSame(['/subfolder/'], $result->getHeader('Location'));
6c50a6cc A	132	}
6c50a6cc A	133
a8c11451 A	134	/**
	135	* Test displaying login page with open shaarli configured: redirect to homepage.
	136	*/
6c50a6cc A	137	public function testLoginControllerOpenShaarli(): void
6c50a6cc A	138	{
6c50a6cc A	139	$request = $this->createMock(Request::class);
	140	$response = new Response();
	141
	142	$conf = $this->createMock(ConfigManager::class);
	143	$conf->method('get')->willReturnCallback(function (string $parameter, $default) {
	144	if ($parameter === 'security.open_shaarli') {
	145	return true;
	146	}
	147	return $default;
	148	});
	149	$this->container->conf = $conf;
	150
	151	$result = $this->controller->index($request, $response);
	152
	153	static::assertInstanceOf(Response::class, $result);
	154	static::assertSame(302, $result->getStatusCode());
9c75f877	155	static::assertSame(['/subfolder/'], $result->getHeader('Location'));
6c50a6cc A	156	}
6c50a6cc A	157
a8c11451 A	158	/**
	159	* Test displaying login page while being banned.
	160	*/
6c50a6cc A	161	public function testLoginControllerWhileBanned(): void
6c50a6cc A	162	{
6c50a6cc A	163	$request = $this->createMock(Request::class);
	164	$response = new Response();
	165
dd09ec52 A	166	$this->container->loginManager->method('isLoggedIn')->willReturn(false);
dd09ec52 A	167	$this->container->loginManager->method('canLogin')->willReturn(false);
6c50a6cc A	168
	169	$this->expectException(LoginBannedException::class);
	170
	171	$this->controller->index($request, $response);
	172	}
a8c11451 A	173
	174	/**
	175	* Test processing login with valid parameters.
	176	*/
	177	public function testProcessLoginWithValidParameters(): void
	178	{
	179	$parameters = [
	180	'login' => 'bob',
	181	'password' => 'pass',
	182	];
	183	$request = $this->createMock(Request::class);
	184	$request
	185	->expects(static::atLeastOnce())
	186	->method('getParam')
	187	->willReturnCallback(function (string $key) use ($parameters) {
	188	return $parameters[$key] ?? null;
	189	})
	190	;
	191	$response = new Response();
	192
	193	$this->container->loginManager->method('canLogin')->willReturn(true);
	194	$this->container->loginManager->expects(static::once())->method('handleSuccessfulLogin');
	195	$this->container->loginManager
	196	->expects(static::once())
	197	->method('checkCredentials')
	198	->with('1.2.3.4', '1.2.3.4', 'bob', 'pass')
	199	->willReturn(true)
	200	;
	201	$this->container->loginManager->method('getStaySignedInToken')->willReturn(bin2hex(random_bytes(8)));
	202
	203	$this->container->sessionManager->expects(static::never())->method('extendSession');
	204	$this->container->sessionManager->expects(static::once())->method('destroy');
	205	$this->container->sessionManager
	206	->expects(static::once())
	207	->method('cookieParameters')
	208	->with(0, '/subfolder/', 'shaarli')
	209	;
	210	$this->container->sessionManager->expects(static::once())->method('start');
	211	$this->container->sessionManager->expects(static::once())->method('regenerateId')->with(true);
	212
	213	$result = $this->controller->login($request, $response);
	214
	215	static::assertSame(302, $result->getStatusCode());
	216	static::assertSame('/subfolder/', $result->getHeader('location')[0]);
	217	}
	218
	219	/**
	220	* Test processing login with return URL.
	221	*/
	222	public function testProcessLoginWithReturnUrl(): void
	223	{
	224	$parameters = [
	225	'returnurl' => 'http://shaarli/subfolder/admin/shaare',
	226	];
	227	$request = $this->createMock(Request::class);
	228	$request
	229	->expects(static::atLeastOnce())
	230	->method('getParam')
	231	->willReturnCallback(function (string $key) use ($parameters) {
	232	return $parameters[$key] ?? null;
	233	})
	234	;
	235	$response = new Response();
	236
237	$this->container->loginManager->method('canLogin')->willReturn(true);
238	$this->container->loginManager->expects(static::once())->method('handleSuccessfulLogin');
239	$this->container->loginManager->expects(static::once())->method('checkCredentials')->willReturn(true);
240	$this->container->loginManager->method('getStaySignedInToken')->willReturn(bin2hex(random_bytes(8)));
241
242	$result = $this->controller->login($request, $response);
243
244	static::assertSame(302, $result->getStatusCode());
245	static::assertSame('/subfolder/admin/shaare', $result->getHeader('location')[0]);
246	}
247
248	/**
249	* Test processing login with remember me session enabled.
250	*/
251	public function testProcessLoginLongLastingSession(): void
252	{
253	$parameters = [
254	'longlastingsession' => true,
255	];
256	$request = $this->createMock(Request::class);
257	$request
258	->expects(static::atLeastOnce())
259	->method('getParam')
260	->willReturnCallback(function (string $key) use ($parameters) {
261	return $parameters[$key] ?? null;
262	})
263	;
264	$response = new Response();
265
266	$this->container->loginManager->method('canLogin')->willReturn(true);
267	$this->container->loginManager->expects(static::once())->method('handleSuccessfulLogin');
268	$this->container->loginManager->expects(static::once())->method('checkCredentials')->willReturn(true);
269	$this->container->loginManager->method('getStaySignedInToken')->willReturn(bin2hex(random_bytes(8)));
270
271	$this->container->sessionManager->expects(static::once())->method('destroy');
272	$this->container->sessionManager
273	->expects(static::once())
274	->method('cookieParameters')
275	->with(42, '/subfolder/', 'shaarli')
276	;
277	$this->container->sessionManager->expects(static::once())->method('start');
278	$this->container->sessionManager->expects(static::once())->method('regenerateId')->with(true);
279	$this->container->sessionManager->expects(static::once())->method('extendSession')->willReturn(42);
280
281	$this->container->cookieManager = $this->createMock(CookieManager::class);
282	$this->container->cookieManager
283	->expects(static::once())
284	->method('setCookieParameter')
285	->willReturnCallback(function (string $name): CookieManager {
286	static::assertSame(CookieManager::STAY_SIGNED_IN, $name);
287
288	return $this->container->cookieManager;
289	})
290	;
291
292	$result = $this->controller->login($request, $response);
293
294	static::assertSame(302, $result->getStatusCode());
295	static::assertSame('/subfolder/', $result->getHeader('location')[0]);
296	}
297
298	/**
299	* Test processing login with invalid credentials
300	*/
301	public function testProcessLoginWrongCredentials(): void
302	{
303	$parameters = [
304	'returnurl' => 'http://shaarli/subfolder/admin/shaare',
305	];
306	$request = $this->createMock(Request::class);
307	$request
308	->expects(static::atLeastOnce())
309	->method('getParam')
310	->willReturnCallback(function (string $key) use ($parameters) {
311	return $parameters[$key] ?? null;
312	})
313	;
314	$response = new Response();
315
316	$this->container->loginManager->method('canLogin')->willReturn(true);
317	$this->container->loginManager->expects(static::once())->method('handleFailedLogin');
318	$this->container->loginManager->expects(static::once())->method('checkCredentials')->willReturn(false);
319
320	$this->container->sessionManager
321	->expects(static::once())
322	->method('setSessionParameter')
323	->with(SessionManager::KEY_ERROR_MESSAGES, ['Wrong login/password.'])
324	;
325
326	$result = $this->controller->login($request, $response);
327
328	static::assertSame(200, $result->getStatusCode());
329	static::assertSame(TemplatePage::LOGIN, (string) $result->getBody());
330	}
331
332	/**
333	* Test processing login with wrong token
334	*/
335	public function testProcessLoginWrongToken(): void
336	{
337	$request = $this->createMock(Request::class);
338	$response = new Response();
339
340	$this->container->sessionManager = $this->createMock(SessionManager::class);
341	$this->container->sessionManager->method('checkToken')->willReturn(false);
342
343	$this->expectException(WrongTokenException::class);
344
345	$this->controller->login($request, $response);
346	}
347
348	/**
349	* Test processing login with wrong token
350	*/
351	public function testProcessLoginAlreadyLoggedIn(): void
352	{
353	$request = $this->createMock(Request::class);
354	$response = new Response();
355
356	$this->container->loginManager->method('isLoggedIn')->willReturn(true);
357	$this->container->loginManager->expects(static::never())->method('handleSuccessfulLogin');
358	$this->container->loginManager->expects(static::never())->method('handleFailedLogin');
359
360	$result = $this->controller->login($request, $response);
361
362	static::assertSame(302, $result->getStatusCode());
363	static::assertSame('/subfolder/', $result->getHeader('location')[0]);
364	}
365
366	/**
367	* Test processing login with wrong token
368	*/
369	public function testProcessLoginInOpenShaarli(): void
370	{
371	$request = $this->createMock(Request::class);
372	$response = new Response();
373
374	$this->container->conf = $this->createMock(ConfigManager::class);
375	$this->container->conf->method('get')->willReturnCallback(function (string $key, $value) {
376	return 'security.open_shaarli' === $key ? true : $value;
377	});
378
379	$this->container->loginManager->expects(static::never())->method('handleSuccessfulLogin');
380	$this->container->loginManager->expects(static::never())->method('handleFailedLogin');
381
382	$result = $this->controller->login($request, $response);
383
384	static::assertSame(302, $result->getStatusCode());
385	static::assertSame('/subfolder/', $result->getHeader('location')[0]);
386	}
387
388	/**
389	* Test processing login while being banned
390	*/
391	public function testProcessLoginWhileBanned(): void
392	{
393	$request = $this->createMock(Request::class);
394	$response = new Response();
395
396	$this->container->loginManager->method('canLogin')->willReturn(false);
397	$this->container->loginManager->expects(static::never())->method('handleSuccessfulLogin');
398	$this->container->loginManager->expects(static::never())->method('handleFailedLogin');
399
400	$this->expectException(LoginBannedException::class);
401
402	$this->controller->login($request, $response);
403	}
6c50a6cc	404	}