diff options
Diffstat (limited to 'tests/security')
-rw-r--r-- | tests/security/BanManagerTest.php | 5 | ||||
-rw-r--r-- | tests/security/LoginManagerTest.php | 51 | ||||
-rw-r--r-- | tests/security/SessionManagerTest.php | 5 |
3 files changed, 45 insertions, 16 deletions
diff --git a/tests/security/BanManagerTest.php b/tests/security/BanManagerTest.php index 698d3d10..29d2791b 100644 --- a/tests/security/BanManagerTest.php +++ b/tests/security/BanManagerTest.php | |||
@@ -3,7 +3,8 @@ | |||
3 | 3 | ||
4 | namespace Shaarli\Security; | 4 | namespace Shaarli\Security; |
5 | 5 | ||
6 | use Shaarli\FileUtils; | 6 | use Psr\Log\LoggerInterface; |
7 | use Shaarli\Helper\FileUtils; | ||
7 | use Shaarli\TestCase; | 8 | use Shaarli\TestCase; |
8 | 9 | ||
9 | /** | 10 | /** |
@@ -387,7 +388,7 @@ class BanManagerTest extends TestCase | |||
387 | 3, | 388 | 3, |
388 | 1800, | 389 | 1800, |
389 | $this->banFile, | 390 | $this->banFile, |
390 | $this->logFile | 391 | $this->createMock(LoggerInterface::class) |
391 | ); | 392 | ); |
392 | } | 393 | } |
393 | } | 394 | } |
diff --git a/tests/security/LoginManagerTest.php b/tests/security/LoginManagerTest.php index d302983d..f7609fc6 100644 --- a/tests/security/LoginManagerTest.php +++ b/tests/security/LoginManagerTest.php | |||
@@ -2,6 +2,8 @@ | |||
2 | 2 | ||
3 | namespace Shaarli\Security; | 3 | namespace Shaarli\Security; |
4 | 4 | ||
5 | use Psr\Log\LoggerInterface; | ||
6 | use Shaarli\FakeConfigManager; | ||
5 | use Shaarli\TestCase; | 7 | use Shaarli\TestCase; |
6 | 8 | ||
7 | /** | 9 | /** |
@@ -9,7 +11,7 @@ use Shaarli\TestCase; | |||
9 | */ | 11 | */ |
10 | class LoginManagerTest extends TestCase | 12 | class LoginManagerTest extends TestCase |
11 | { | 13 | { |
12 | /** @var \FakeConfigManager Configuration Manager instance */ | 14 | /** @var FakeConfigManager Configuration Manager instance */ |
13 | protected $configManager = null; | 15 | protected $configManager = null; |
14 | 16 | ||
15 | /** @var LoginManager Login Manager instance */ | 17 | /** @var LoginManager Login Manager instance */ |
@@ -60,6 +62,9 @@ class LoginManagerTest extends TestCase | |||
60 | /** @var CookieManager */ | 62 | /** @var CookieManager */ |
61 | protected $cookieManager; | 63 | protected $cookieManager; |
62 | 64 | ||
65 | /** @var BanManager */ | ||
66 | protected $banManager; | ||
67 | |||
63 | /** | 68 | /** |
64 | * Prepare or reset test resources | 69 | * Prepare or reset test resources |
65 | */ | 70 | */ |
@@ -71,7 +76,7 @@ class LoginManagerTest extends TestCase | |||
71 | 76 | ||
72 | $this->passwordHash = sha1($this->password . $this->login . $this->salt); | 77 | $this->passwordHash = sha1($this->password . $this->login . $this->salt); |
73 | 78 | ||
74 | $this->configManager = new \FakeConfigManager([ | 79 | $this->configManager = new FakeConfigManager([ |
75 | 'credentials.login' => $this->login, | 80 | 'credentials.login' => $this->login, |
76 | 'credentials.hash' => $this->passwordHash, | 81 | 'credentials.hash' => $this->passwordHash, |
77 | 'credentials.salt' => $this->salt, | 82 | 'credentials.salt' => $this->salt, |
@@ -91,18 +96,29 @@ class LoginManagerTest extends TestCase | |||
91 | return $this->cookie[$key] ?? null; | 96 | return $this->cookie[$key] ?? null; |
92 | }); | 97 | }); |
93 | $this->sessionManager = new SessionManager($this->session, $this->configManager, 'session_path'); | 98 | $this->sessionManager = new SessionManager($this->session, $this->configManager, 'session_path'); |
94 | $this->loginManager = new LoginManager($this->configManager, $this->sessionManager, $this->cookieManager); | 99 | $this->banManager = $this->createMock(BanManager::class); |
100 | $this->loginManager = new LoginManager( | ||
101 | $this->configManager, | ||
102 | $this->sessionManager, | ||
103 | $this->cookieManager, | ||
104 | $this->banManager, | ||
105 | $this->createMock(LoggerInterface::class) | ||
106 | ); | ||
95 | $this->server['REMOTE_ADDR'] = $this->ipAddr; | 107 | $this->server['REMOTE_ADDR'] = $this->ipAddr; |
96 | } | 108 | } |
97 | 109 | ||
98 | /** | 110 | /** |
99 | * Record a failed login attempt | 111 | * Record a failed login attempt |
100 | */ | 112 | */ |
101 | public function testHandleFailedLogin() | 113 | public function testHandleFailedLogin(): void |
102 | { | 114 | { |
115 | $this->banManager->expects(static::exactly(2))->method('handleFailedAttempt'); | ||
116 | $this->banManager->method('isBanned')->willReturn(true); | ||
117 | |||
103 | $this->loginManager->handleFailedLogin($this->server); | 118 | $this->loginManager->handleFailedLogin($this->server); |
104 | $this->loginManager->handleFailedLogin($this->server); | 119 | $this->loginManager->handleFailedLogin($this->server); |
105 | $this->assertFalse($this->loginManager->canLogin($this->server)); | 120 | |
121 | static::assertFalse($this->loginManager->canLogin($this->server)); | ||
106 | } | 122 | } |
107 | 123 | ||
108 | /** | 124 | /** |
@@ -114,8 +130,13 @@ class LoginManagerTest extends TestCase | |||
114 | 'REMOTE_ADDR' => $this->trustedProxy, | 130 | 'REMOTE_ADDR' => $this->trustedProxy, |
115 | 'HTTP_X_FORWARDED_FOR' => $this->ipAddr, | 131 | 'HTTP_X_FORWARDED_FOR' => $this->ipAddr, |
116 | ]; | 132 | ]; |
133 | |||
134 | $this->banManager->expects(static::exactly(2))->method('handleFailedAttempt'); | ||
135 | $this->banManager->method('isBanned')->willReturn(true); | ||
136 | |||
117 | $this->loginManager->handleFailedLogin($server); | 137 | $this->loginManager->handleFailedLogin($server); |
118 | $this->loginManager->handleFailedLogin($server); | 138 | $this->loginManager->handleFailedLogin($server); |
139 | |||
119 | $this->assertFalse($this->loginManager->canLogin($server)); | 140 | $this->assertFalse($this->loginManager->canLogin($server)); |
120 | } | 141 | } |
121 | 142 | ||
@@ -196,10 +217,16 @@ class LoginManagerTest extends TestCase | |||
196 | */ | 217 | */ |
197 | public function testCheckLoginStateNotConfigured() | 218 | public function testCheckLoginStateNotConfigured() |
198 | { | 219 | { |
199 | $configManager = new \FakeConfigManager([ | 220 | $configManager = new FakeConfigManager([ |
200 | 'resource.ban_file' => $this->banFile, | 221 | 'resource.ban_file' => $this->banFile, |
201 | ]); | 222 | ]); |
202 | $loginManager = new LoginManager($configManager, null, $this->cookieManager); | 223 | $loginManager = new LoginManager( |
224 | $configManager, | ||
225 | $this->sessionManager, | ||
226 | $this->cookieManager, | ||
227 | $this->banManager, | ||
228 | $this->createMock(LoggerInterface::class) | ||
229 | ); | ||
203 | $loginManager->checkLoginState(''); | 230 | $loginManager->checkLoginState(''); |
204 | 231 | ||
205 | $this->assertFalse($loginManager->isLoggedIn()); | 232 | $this->assertFalse($loginManager->isLoggedIn()); |
@@ -270,7 +297,7 @@ class LoginManagerTest extends TestCase | |||
270 | public function testCheckCredentialsWrongLogin() | 297 | public function testCheckCredentialsWrongLogin() |
271 | { | 298 | { |
272 | $this->assertFalse( | 299 | $this->assertFalse( |
273 | $this->loginManager->checkCredentials('', '', 'b4dl0g1n', $this->password) | 300 | $this->loginManager->checkCredentials('', 'b4dl0g1n', $this->password) |
274 | ); | 301 | ); |
275 | } | 302 | } |
276 | 303 | ||
@@ -280,7 +307,7 @@ class LoginManagerTest extends TestCase | |||
280 | public function testCheckCredentialsWrongPassword() | 307 | public function testCheckCredentialsWrongPassword() |
281 | { | 308 | { |
282 | $this->assertFalse( | 309 | $this->assertFalse( |
283 | $this->loginManager->checkCredentials('', '', $this->login, 'b4dp455wd') | 310 | $this->loginManager->checkCredentials('', $this->login, 'b4dp455wd') |
284 | ); | 311 | ); |
285 | } | 312 | } |
286 | 313 | ||
@@ -290,7 +317,7 @@ class LoginManagerTest extends TestCase | |||
290 | public function testCheckCredentialsWrongLoginAndPassword() | 317 | public function testCheckCredentialsWrongLoginAndPassword() |
291 | { | 318 | { |
292 | $this->assertFalse( | 319 | $this->assertFalse( |
293 | $this->loginManager->checkCredentials('', '', 'b4dl0g1n', 'b4dp455wd') | 320 | $this->loginManager->checkCredentials('', 'b4dl0g1n', 'b4dp455wd') |
294 | ); | 321 | ); |
295 | } | 322 | } |
296 | 323 | ||
@@ -300,7 +327,7 @@ class LoginManagerTest extends TestCase | |||
300 | public function testCheckCredentialsGoodLoginAndPassword() | 327 | public function testCheckCredentialsGoodLoginAndPassword() |
301 | { | 328 | { |
302 | $this->assertTrue( | 329 | $this->assertTrue( |
303 | $this->loginManager->checkCredentials('', '', $this->login, $this->password) | 330 | $this->loginManager->checkCredentials('', $this->login, $this->password) |
304 | ); | 331 | ); |
305 | } | 332 | } |
306 | 333 | ||
@@ -311,7 +338,7 @@ class LoginManagerTest extends TestCase | |||
311 | { | 338 | { |
312 | $this->configManager->set('ldap.host', 'dummy'); | 339 | $this->configManager->set('ldap.host', 'dummy'); |
313 | $this->assertFalse( | 340 | $this->assertFalse( |
314 | $this->loginManager->checkCredentials('', '', $this->login, $this->password) | 341 | $this->loginManager->checkCredentials('', $this->login, $this->password) |
315 | ); | 342 | ); |
316 | } | 343 | } |
317 | 344 | ||
diff --git a/tests/security/SessionManagerTest.php b/tests/security/SessionManagerTest.php index 3f9c3ef5..6830d714 100644 --- a/tests/security/SessionManagerTest.php +++ b/tests/security/SessionManagerTest.php | |||
@@ -2,6 +2,7 @@ | |||
2 | 2 | ||
3 | namespace Shaarli\Security; | 3 | namespace Shaarli\Security; |
4 | 4 | ||
5 | use Shaarli\FakeConfigManager; | ||
5 | use Shaarli\TestCase; | 6 | use Shaarli\TestCase; |
6 | 7 | ||
7 | /** | 8 | /** |
@@ -12,7 +13,7 @@ class SessionManagerTest extends TestCase | |||
12 | /** @var array Session ID hashes */ | 13 | /** @var array Session ID hashes */ |
13 | protected static $sidHashes = null; | 14 | protected static $sidHashes = null; |
14 | 15 | ||
15 | /** @var \FakeConfigManager ConfigManager substitute for testing */ | 16 | /** @var FakeConfigManager ConfigManager substitute for testing */ |
16 | protected $conf = null; | 17 | protected $conf = null; |
17 | 18 | ||
18 | /** @var array $_SESSION array for testing */ | 19 | /** @var array $_SESSION array for testing */ |
@@ -34,7 +35,7 @@ class SessionManagerTest extends TestCase | |||
34 | */ | 35 | */ |
35 | protected function setUp(): void | 36 | protected function setUp(): void |
36 | { | 37 | { |
37 | $this->conf = new \FakeConfigManager([ | 38 | $this->conf = new FakeConfigManager([ |
38 | 'credentials.login' => 'johndoe', | 39 | 'credentials.login' => 'johndoe', |
39 | 'credentials.salt' => 'salt', | 40 | 'credentials.salt' => 'salt', |
40 | 'security.session_protection_disabled' => false, | 41 | 'security.session_protection_disabled' => false, |