engelsystem/tests/Unit/Helpers/AuthenticatorTest.php

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

287 lines
9.3 KiB
PHP
Raw Normal View History

<?php
namespace Engelsystem\Test\Unit\Helpers;
use Engelsystem\Helpers\Authenticator;
use Engelsystem\Models\Group;
use Engelsystem\Models\Privilege;
use Engelsystem\Models\User\User;
use Engelsystem\Test\Unit\HasDatabase;
use Engelsystem\Test\Unit\Helpers\Stub\UserModelImplementation;
use Engelsystem\Test\Unit\ServiceProviderTest;
use PHPUnit\Framework\MockObject\MockObject;
use Psr\Http\Message\ServerRequestInterface;
use Symfony\Component\HttpFoundation\Session\Session;
class AuthenticatorTest extends ServiceProviderTest
{
use HasDatabase;
/**
2020-01-02 15:08:08 +01:00
* @covers \Engelsystem\Helpers\Authenticator::__construct
* @covers \Engelsystem\Helpers\Authenticator::user
*/
public function testUser(): void
{
/** @var ServerRequestInterface|MockObject $request */
$request = $this->getMockForAbstractClass(ServerRequestInterface::class);
/** @var Session|MockObject $session */
$session = $this->createMock(Session::class);
/** @var UserModelImplementation|MockObject $userRepository */
$userRepository = new UserModelImplementation();
/** @var User|MockObject $user */
$user = $this->createMock(User::class);
$session->expects($this->exactly(3))
->method('get')
->with('user_id')
->willReturnOnConsecutiveCalls(
null,
42,
1337
);
$auth = new Authenticator($request, $session, $userRepository);
// Not in session
$this->assertNull($auth->user());
// Unknown user
UserModelImplementation::$id = 42;
$this->assertNull($auth->user());
// User found
UserModelImplementation::$id = 1337;
UserModelImplementation::$user = $user;
$this->assertEquals($user, $auth->user());
// User cached
UserModelImplementation::$id = null;
UserModelImplementation::$user = null;
$this->assertEquals($user, $auth->user());
}
/**
* @covers \Engelsystem\Helpers\Authenticator::apiUser
*/
public function testApiUser(): void
{
/** @var ServerRequestInterface|MockObject $request */
$request = $this->getMockForAbstractClass(ServerRequestInterface::class);
/** @var Session|MockObject $session */
$session = $this->createMock(Session::class);
/** @var UserModelImplementation|MockObject $userRepository */
$userRepository = new UserModelImplementation();
/** @var User|MockObject $user */
$user = $this->createMock(User::class);
$request->expects($this->exactly(3))
->method('getQueryParams')
->with()
->willReturnOnConsecutiveCalls(
[],
['api_key' => 'iMaNot3xiSt1nGAp1Key!'],
['foo_key' => 'SomeSecretApiKey']
);
/** @var Authenticator|MockObject $auth */
$auth = new Authenticator($request, $session, $userRepository);
// No key
$this->assertNull($auth->apiUser());
// Unknown user
UserModelImplementation::$apiKey = 'iMaNot3xiSt1nGAp1Key!';
$this->assertNull($auth->apiUser());
// User found
UserModelImplementation::$apiKey = 'SomeSecretApiKey';
UserModelImplementation::$user = $user;
$this->assertEquals($user, $auth->apiUser('foo_key'));
// User cached
UserModelImplementation::$apiKey = null;
UserModelImplementation::$user = null;
$this->assertEquals($user, $auth->apiUser());
}
/**
* @covers \Engelsystem\Helpers\Authenticator::can
*/
public function testCan(): void
{
$this->initDatabase();
/** @var ServerRequestInterface|MockObject $request */
$request = $this->getMockForAbstractClass(ServerRequestInterface::class);
/** @var Session|MockObject $session */
$session = $this->createMock(Session::class);
/** @var UserModelImplementation|MockObject $userRepository */
$userRepository = new UserModelImplementation();
/** @var User $user */
$user = User::factory()->create();
/** @var Group $group */
$group = Group::factory()->create();
/** @var Privilege $privilege */
$privilege = Privilege::factory()->create(['name' => 'bar']);
$user->groups()->attach($group);
$group->privileges()->attach($privilege);
$session->expects($this->once())
->method('get')
->with('user_id')
->willReturn(42);
$session->expects($this->once())
->method('remove')
->with('user_id');
/** @var Authenticator|MockObject $auth */
$auth = $this->getMockBuilder(Authenticator::class)
->setConstructorArgs([$request, $session, $userRepository])
->onlyMethods(['user'])
->getMock();
$auth->expects($this->exactly(2))
->method('user')
->willReturnOnConsecutiveCalls(null, $user);
Group::factory()->create(['id' => $auth->getGuestRole()]);
// No user, no permissions
$this->assertFalse($auth->can('foo'));
// User exists, has permissions
$this->assertTrue($auth->can('bar'));
// Permissions cached
$this->assertTrue($auth->can('bar'));
}
/**
* @covers \Engelsystem\Helpers\Authenticator::authenticate
*/
public function testAuthenticate(): void
{
$this->initDatabase();
/** @var ServerRequestInterface|MockObject $request */
$request = $this->getMockForAbstractClass(ServerRequestInterface::class);
/** @var Session|MockObject $session */
$session = $this->createMock(Session::class);
$userRepository = new User();
2021-06-29 00:27:57 +02:00
User::factory([
'name' => 'lorem',
'password' => password_hash('testing', PASSWORD_DEFAULT),
'email' => 'lorem@foo.bar',
2021-06-29 00:27:57 +02:00
])->create();
User::factory([
'name' => 'ipsum',
'password' => '',
2021-06-29 00:27:57 +02:00
])->create();
$auth = new Authenticator($request, $session, $userRepository);
$this->assertNull($auth->authenticate('not-existing', 'foo'));
$this->assertNull($auth->authenticate('ipsum', 'wrong-password'));
$this->assertInstanceOf(User::class, $auth->authenticate('lorem', 'testing'));
$this->assertInstanceOf(User::class, $auth->authenticate('lorem@foo.bar', 'testing'));
}
/**
* @covers \Engelsystem\Helpers\Authenticator::verifyPassword
*/
public function testVerifyPassword(): void
{
$this->initDatabase();
$password = password_hash('testing', PASSWORD_ARGON2I);
2021-06-29 00:27:57 +02:00
/** @var User $user */
$user = User::factory([
'name' => 'lorem',
'password' => $password,
2021-06-29 00:27:57 +02:00
])->create();
/** @var Authenticator|MockObject $auth */
$auth = $this->getMockBuilder(Authenticator::class)
->disableOriginalConstructor()
->onlyMethods(['setPassword'])
->getMock();
$auth->expects($this->once())
->method('setPassword')
->with($user, 'testing');
$auth->setPasswordAlgorithm(PASSWORD_BCRYPT);
$this->assertFalse($auth->verifyPassword($user, 'randomStuff'));
$this->assertTrue($auth->verifyPassword($user, 'testing'));
}
/**
* @covers \Engelsystem\Helpers\Authenticator::setPassword
*/
public function testSetPassword(): void
{
$this->initDatabase();
2021-06-29 00:27:57 +02:00
/** @var User $user */
$user = User::factory([
'name' => 'ipsum',
'password' => '',
2021-06-29 00:27:57 +02:00
])->create();
$user->save();
$auth = $this->getAuthenticator();
$auth->setPasswordAlgorithm(PASSWORD_ARGON2I);
$auth->setPassword($user, 'FooBar');
$this->assertTrue($user->isClean());
$this->assertTrue(password_verify('FooBar', $user->password));
$this->assertFalse(password_needs_rehash($user->password, PASSWORD_ARGON2I));
}
/**
* @covers \Engelsystem\Helpers\Authenticator::setPasswordAlgorithm
* @covers \Engelsystem\Helpers\Authenticator::getPasswordAlgorithm
*/
public function testPasswordAlgorithm(): void
{
$auth = $this->getAuthenticator();
$auth->setPasswordAlgorithm(PASSWORD_ARGON2I);
$this->assertEquals(PASSWORD_ARGON2I, $auth->getPasswordAlgorithm());
}
/**
* @covers \Engelsystem\Helpers\Authenticator::setDefaultRole
* @covers \Engelsystem\Helpers\Authenticator::getDefaultRole
*/
public function testDefaultRole(): void
{
$auth = $this->getAuthenticator();
$auth->setDefaultRole(1337);
$this->assertEquals(1337, $auth->getDefaultRole());
}
2019-07-28 15:33:01 +02:00
/**
* @covers \Engelsystem\Helpers\Authenticator::setGuestRole
* @covers \Engelsystem\Helpers\Authenticator::getGuestRole
*/
public function testGuestRole(): void
{
$auth = $this->getAuthenticator();
$auth->setGuestRole(42);
$this->assertEquals(42, $auth->getGuestRole());
}
protected function getAuthenticator(): Authenticator
{
return new class extends Authenticator {
/** @noinspection PhpMissingParentConstructorInspection */
2019-11-10 23:26:23 +01:00
public function __construct()
{
}
};
}
}