engelsystem/tests/Unit/Controllers/AuthControllerTest.php

<?php

namespace Engelsystem\Test\Unit\Controllers;

use DMS\PHPUnitExtensions\ArraySubset\ArraySubsetAsserts;
use Engelsystem\Config\Config;
use Engelsystem\Controllers\AuthController;
use Engelsystem\Helpers\Authenticator;
use Engelsystem\Http\Exceptions\ValidationException;
use Engelsystem\Http\Redirector;
use Engelsystem\Http\Request;
use Engelsystem\Http\Response;
use Engelsystem\Http\Validation\Validator;
use Engelsystem\Models\User\Settings;
use Engelsystem\Models\User\User;
use Engelsystem\Test\Unit\HasDatabase;
use Engelsystem\Test\Unit\TestCase;
use PHPUnit\Framework\MockObject\MockObject;
use Symfony\Component\HttpFoundation\Session\Session;
use Symfony\Component\HttpFoundation\Session\SessionInterface;
use Symfony\Component\HttpFoundation\Session\Storage\MockArraySessionStorage;

class AuthControllerTest extends TestCase
{
    use ArraySubsetAsserts;
    use HasDatabase;

    /**
     * @covers \Engelsystem\Controllers\AuthController::__construct
     * @covers \Engelsystem\Controllers\AuthController::login
     * @covers \Engelsystem\Controllers\AuthController::showLogin
     */
    public function testLogin()
    {
        /** @var Response|MockObject $response */
        $response = $this->createMock(Response::class);
        /** @var SessionInterface|MockObject $session */
        /** @var Redirector|MockObject $redirect */
        /** @var Config $config */
        /** @var Authenticator|MockObject $auth */
        list(, $session, $redirect, $config, $auth) = $this->getMocks();

        $session->expects($this->atLeastOnce())
            ->method('get')
            ->willReturnCallback(function ($type) {
                return $type == 'errors' ? ['foo' => 'bar'] : [];
            });
        $response->expects($this->once())
            ->method('withView')
            ->with('pages/login')
            ->willReturn($response);

        $controller = new AuthController($response, $session, $redirect, $config, $auth);
        $controller->login();
    }

    /**
     * @covers \Engelsystem\Controllers\AuthController::postLogin
     */
    public function testPostLogin()
    {
        $this->initDatabase();

        $request = new Request();
        /** @var Response|MockObject $response */
        $response = $this->createMock(Response::class);
        /** @var Redirector|MockObject $redirect */
        /** @var Config $config */
        /** @var Authenticator|MockObject $auth */
        list(, , $redirect, $config, $auth) = $this->getMocks();
        $session = new Session(new MockArraySessionStorage());
        /** @var Validator|MockObject $validator */
        $validator = new Validator();
        $session->set('errors', [['bar' => 'some.bar.error']]);
        $this->app->instance('session', $session);
        $user = $this->createUser();

        $auth->expects($this->exactly(2))
            ->method('authenticate')
            ->with('foo', 'bar')
            ->willReturnOnConsecutiveCalls(null, $user);

        $response->expects($this->once())
            ->method('withView')
            ->willReturnCallback(function ($view, $data = []) use ($response) {
                $this->assertEquals('pages/login', $view);
                $this->assertArraySubset(['errors' => collect(['some.bar.error', 'auth.not-found'])], $data);
                return $response;
            });

        /** @var AuthController|MockObject $controller */
        $controller = $this->getMockBuilder(AuthController::class)
            ->setConstructorArgs([$response, $session, $redirect, $config, $auth])
            ->onlyMethods(['loginUser'])
            ->getMock();
        $controller->setValidator($validator);

        $controller->expects($this->once())
            ->method('loginUser')
            ->with($user)
            ->willReturn($response);

        // No credentials
        try {
            $controller->postLogin($request);
            $this->fail('Login without credentials possible');
        } catch (ValidationException $e) {
        }

        // Missing password
        $request = new Request([], ['login' => 'foo']);
        try {
            $controller->postLogin($request);
            $this->fail('Login without password possible');
        } catch (ValidationException $e) {
        }

        // No user found
        $request = new Request([], ['login' => 'foo', 'password' => 'bar']);
        $controller->postLogin($request);
        $this->assertEquals([], $session->all());

        // Authenticated user
        $controller->postLogin($request);
    }

    /**
     * @covers \Engelsystem\Controllers\AuthController::loginUser
     */
    public function testLoginUser()
    {
        $this->initDatabase();

        /** @var Response|MockObject $response */
        $response = $this->createMock(Response::class);
        /** @var Redirector|MockObject $redirect */
        /** @var Config $config */
        /** @var Authenticator|MockObject $auth */
        list(, , $redirect, $config, $auth) = $this->getMocks();
        $session = new Session(new MockArraySessionStorage());
        $session->set('foo', 'bar');
        $user = $this->createUser();

        $redirect->expects($this->exactly(2))
            ->method('to')
            ->withConsecutive(['news'], ['/test'])
            ->willReturn($response);

        $controller = new AuthController($response, $session, $redirect, $config, $auth);
        $controller->loginUser($user);

        $this->assertFalse($session->has('foo'));
        $this->assertNotNull($user->last_login_at);
        $this->assertEquals(['user_id' => 42, 'locale' => 'de_DE'], $session->all());

        // Redirect to previous page
        $session->set('previous_page', '/test');
        $controller->loginUser($user);
    }

    /**
     * @covers \Engelsystem\Controllers\AuthController::logout
     */
    public function testLogout()
    {
        /** @var Response $response */
        /** @var SessionInterface|MockObject $session */
        /** @var Redirector|MockObject $redirect */
        /** @var Config $config */
        /** @var Authenticator|MockObject $auth */
        list($response, $session, $redirect, $config, $auth) = $this->getMocks();

        $session->expects($this->once())
            ->method('invalidate');

        $redirect->expects($this->once())
            ->method('to')
            ->with('/')
            ->willReturn($response);

        $controller = new AuthController($response, $session, $redirect, $config, $auth);
        $return = $controller->logout();

        $this->assertEquals($response, $return);
    }

    /**
     * @return User
     */
    protected function createUser(): User
    {
        return User::factory(['id' => 42])
            ->has(Settings::factory(['language' => 'de_DE']))
            ->create();
    }

    /**
     * @return array
     */
    protected function getMocks()
    {
        $response = new Response();
        /** @var SessionInterface|MockObject $session */
        $session = $this->getMockForAbstractClass(SessionInterface::class);
        /** @var Redirector|MockObject $redirect */
        $redirect = $this->createMock(Redirector::class);
        $config = new Config(['home_site' => 'news']);
        /** @var Authenticator|MockObject $auth */
        $auth = $this->createMock(Authenticator::class);

        $this->app->instance('session', $session);

        return [$response, $session, $redirect, $config, $auth];
    }
}
Added logout via AuthController 2018-10-25 18:53:05 +02:00			`<?php`

			`namespace Engelsystem\Test\Unit\Controllers;`

Added HasUserNotifications trait to show messages to the user 2020-03-01 18:21:16 +01:00			`use DMS\PHPUnitExtensions\ArraySubset\ArraySubsetAsserts;`
AuthController: Use configured home_site 2020-03-01 03:22:52 +01:00			`use Engelsystem\Config\Config;`
Added logout via AuthController 2018-10-25 18:53:05 +02:00			`use Engelsystem\Controllers\AuthController;`
Implemented AuthController for login * Moved /login functionality to AuthController * Refactored password handling logic to use the Authenticator 2018-11-27 12:01:36 +01:00			`use Engelsystem\Helpers\Authenticator;`
Added validation to AuthController 2019-07-09 22:02:07 +02:00			`use Engelsystem\Http\Exceptions\ValidationException;`
Added application base url: Redirector now uses URLs instead of relative paths 2020-04-07 15:08:49 +02:00			`use Engelsystem\Http\Redirector;`
Implemented AuthController for login * Moved /login functionality to AuthController * Refactored password handling logic to use the Authenticator 2018-11-27 12:01:36 +01:00			`use Engelsystem\Http\Request;`
Added logout via AuthController 2018-10-25 18:53:05 +02:00			`use Engelsystem\Http\Response;`
Added validation to AuthController 2019-07-09 22:02:07 +02:00			`use Engelsystem\Http\Validation\Validator;`
Implemented AuthController for login * Moved /login functionality to AuthController * Refactored password handling logic to use the Authenticator 2018-11-27 12:01:36 +01:00			`use Engelsystem\Models\User\Settings;`
			`use Engelsystem\Models\User\User;`
			`use Engelsystem\Test\Unit\HasDatabase;`
Tests: TestCase: Initialize $this->app on every run 2019-10-08 13:57:50 +02:00			`use Engelsystem\Test\Unit\TestCase;`
Added logout via AuthController 2018-10-25 18:53:05 +02:00			`use PHPUnit\Framework\MockObject\MockObject;`
Added validation to AuthController 2019-07-09 22:02:07 +02:00			`use Symfony\Component\HttpFoundation\Session\Session;`
Added logout via AuthController 2018-10-25 18:53:05 +02:00			`use Symfony\Component\HttpFoundation\Session\SessionInterface;`
Added validation to AuthController 2019-07-09 22:02:07 +02:00			`use Symfony\Component\HttpFoundation\Session\Storage\MockArraySessionStorage;`
Added logout via AuthController 2018-10-25 18:53:05 +02:00
			`class AuthControllerTest extends TestCase`
			`{`
Added HasUserNotifications trait to show messages to the user 2020-03-01 18:21:16 +01:00			`use ArraySubsetAsserts;`
Implemented AuthController for login * Moved /login functionality to AuthController * Refactored password handling logic to use the Authenticator 2018-11-27 12:01:36 +01:00			`use HasDatabase;`

Added logout via AuthController 2018-10-25 18:53:05 +02:00			`/**`
			`* @covers \Engelsystem\Controllers\AuthController::__construct`
Implemented AuthController for login * Moved /login functionality to AuthController * Refactored password handling logic to use the Authenticator 2018-11-27 12:01:36 +01:00			`* @covers \Engelsystem\Controllers\AuthController::login`
Added validation to AuthController 2019-07-09 22:02:07 +02:00			`* @covers \Engelsystem\Controllers\AuthController::showLogin`
Added logout via AuthController 2018-10-25 18:53:05 +02:00			`*/`
Implemented AuthController for login * Moved /login functionality to AuthController * Refactored password handling logic to use the Authenticator 2018-11-27 12:01:36 +01:00			`public function testLogin()`
Added logout via AuthController 2018-10-25 18:53:05 +02:00			`{`
			`/** @var Response\|MockObject $response */`
			`$response = $this->createMock(Response::class);`
			`/** @var SessionInterface\|MockObject $session */`
Added application base url: Redirector now uses URLs instead of relative paths 2020-04-07 15:08:49 +02:00			`/** @var Redirector\|MockObject $redirect */`
AuthController: Use configured home_site 2020-03-01 03:22:52 +01:00			`/** @var Config $config */`
Implemented AuthController for login * Moved /login functionality to AuthController * Refactored password handling logic to use the Authenticator 2018-11-27 12:01:36 +01:00			`/** @var Authenticator\|MockObject $auth */`
Added application base url: Redirector now uses URLs instead of relative paths 2020-04-07 15:08:49 +02:00			`list(, $session, $redirect, $config, $auth) = $this->getMocks();`
Added logout via AuthController 2018-10-25 18:53:05 +02:00
Added HasUserNotifications trait to show messages to the user 2020-03-01 18:21:16 +01:00			`$session->expects($this->atLeastOnce())`
Added validation to AuthController 2019-07-09 22:02:07 +02:00			`->method('get')`
Added HasUserNotifications trait to show messages to the user 2020-03-01 18:21:16 +01:00			`->willReturnCallback(function ($type) {`
			`return $type == 'errors' ? ['foo' => 'bar'] : [];`
			`});`
Implemented AuthController for login * Moved /login functionality to AuthController * Refactored password handling logic to use the Authenticator 2018-11-27 12:01:36 +01:00			`$response->expects($this->once())`
			`->method('withView')`
			`->with('pages/login')`
			`->willReturn($response);`

Added application base url: Redirector now uses URLs instead of relative paths 2020-04-07 15:08:49 +02:00			`$controller = new AuthController($response, $session, $redirect, $config, $auth);`
Implemented AuthController for login * Moved /login functionality to AuthController * Refactored password handling logic to use the Authenticator 2018-11-27 12:01:36 +01:00			`$controller->login();`
			`}`

			`/**`
			`* @covers \Engelsystem\Controllers\AuthController::postLogin`
			`*/`
			`public function testPostLogin()`
			`{`
			`$this->initDatabase();`
Added logout via AuthController 2018-10-25 18:53:05 +02:00
Implemented AuthController for login * Moved /login functionality to AuthController * Refactored password handling logic to use the Authenticator 2018-11-27 12:01:36 +01:00			`$request = new Request();`
			`/** @var Response\|MockObject $response */`
			`$response = $this->createMock(Response::class);`
Added application base url: Redirector now uses URLs instead of relative paths 2020-04-07 15:08:49 +02:00			`/** @var Redirector\|MockObject $redirect */`
AuthController: Use configured home_site 2020-03-01 03:22:52 +01:00			`/** @var Config $config */`
Implemented AuthController for login * Moved /login functionality to AuthController * Refactored password handling logic to use the Authenticator 2018-11-27 12:01:36 +01:00			`/** @var Authenticator\|MockObject $auth */`
Added application base url: Redirector now uses URLs instead of relative paths 2020-04-07 15:08:49 +02:00			`list(, , $redirect, $config, $auth) = $this->getMocks();`
Added validation to AuthController 2019-07-09 22:02:07 +02:00			`$session = new Session(new MockArraySessionStorage());`
			`/** @var Validator\|MockObject $validator */`
Replaced validation with `respect/validation` 2019-07-10 13:34:15 +02:00			`$validator = new Validator();`
Fixes: AuthController session error merging and StatsTest 2019-10-08 14:18:51 +02:00			`$session->set('errors', [['bar' => 'some.bar.error']]);`
Added HasUserNotifications trait to show messages to the user 2020-03-01 18:21:16 +01:00			`$this->app->instance('session', $session);`
Login: Added OAuth support 2020-11-15 18:47:30 +01:00			`$user = $this->createUser();`
Implemented AuthController for login * Moved /login functionality to AuthController * Refactored password handling logic to use the Authenticator 2018-11-27 12:01:36 +01:00
			`$auth->expects($this->exactly(2))`
			`->method('authenticate')`
			`->with('foo', 'bar')`
			`->willReturnOnConsecutiveCalls(null, $user);`

Added validation to AuthController 2019-07-09 22:02:07 +02:00			`$response->expects($this->once())`
Implemented AuthController for login * Moved /login functionality to AuthController * Refactored password handling logic to use the Authenticator 2018-11-27 12:01:36 +01:00			`->method('withView')`
Added HasUserNotifications trait to show messages to the user 2020-03-01 18:21:16 +01:00			`->willReturnCallback(function ($view, $data = []) use ($response) {`
			`$this->assertEquals('pages/login', $view);`
			`$this->assertArraySubset(['errors' => collect(['some.bar.error', 'auth.not-found'])], $data);`
			`return $response;`
			`});`
Login: Added OAuth support 2020-11-15 18:47:30 +01:00
			`/** @var AuthController\|MockObject $controller */`
			`$controller = $this->getMockBuilder(AuthController::class)`
			`->setConstructorArgs([$response, $session, $redirect, $config, $auth])`
			`->onlyMethods(['loginUser'])`
			`->getMock();`
			`$controller->setValidator($validator);`

			`$controller->expects($this->once())`
			`->method('loginUser')`
			`->with($user)`
Implemented AuthController for login * Moved /login functionality to AuthController * Refactored password handling logic to use the Authenticator 2018-11-27 12:01:36 +01:00			`->willReturn($response);`

Added validation to AuthController 2019-07-09 22:02:07 +02:00			`// No credentials`
			`try {`
			`$controller->postLogin($request);`
			`$this->fail('Login without credentials possible');`
			`} catch (ValidationException $e) {`
			`}`

			`// Missing password`
			`$request = new Request([], ['login' => 'foo']);`
			`try {`
			`$controller->postLogin($request);`
			`$this->fail('Login without password possible');`
			`} catch (ValidationException $e) {`
			`}`
Implemented AuthController for login * Moved /login functionality to AuthController * Refactored password handling logic to use the Authenticator 2018-11-27 12:01:36 +01:00
			`// No user found`
Added validation to AuthController 2019-07-09 22:02:07 +02:00			`$request = new Request([], ['login' => 'foo', 'password' => 'bar']);`
Implemented AuthController for login * Moved /login functionality to AuthController * Refactored password handling logic to use the Authenticator 2018-11-27 12:01:36 +01:00			`$controller->postLogin($request);`
Added validation to AuthController 2019-07-09 22:02:07 +02:00			`$this->assertEquals([], $session->all());`

Implemented AuthController for login * Moved /login functionality to AuthController * Refactored password handling logic to use the Authenticator 2018-11-27 12:01:36 +01:00			`// Authenticated user`
			`$controller->postLogin($request);`
Login: Added OAuth support 2020-11-15 18:47:30 +01:00			`}`

			`/**`
			`* @covers \Engelsystem\Controllers\AuthController::loginUser`
			`*/`
			`public function testLoginUser()`
			`{`
			`$this->initDatabase();`

			`/** @var Response\|MockObject $response */`
			`$response = $this->createMock(Response::class);`
			`/** @var Redirector\|MockObject $redirect */`
			`/** @var Config $config */`
			`/** @var Authenticator\|MockObject $auth */`
			`list(, , $redirect, $config, $auth) = $this->getMocks();`
			`$session = new Session(new MockArraySessionStorage());`
			`$session->set('foo', 'bar');`
			`$user = $this->createUser();`

Redirect back from login after 403 (Not authorized) 2021-10-04 21:45:06 +02:00			`$redirect->expects($this->exactly(2))`
Login: Added OAuth support 2020-11-15 18:47:30 +01:00			`->method('to')`
Redirect back from login after 403 (Not authorized) 2021-10-04 21:45:06 +02:00			`->withConsecutive(['news'], ['/test'])`
Login: Added OAuth support 2020-11-15 18:47:30 +01:00			`->willReturn($response);`

			`$controller = new AuthController($response, $session, $redirect, $config, $auth);`
			`$controller->loginUser($user);`
Implemented AuthController for login * Moved /login functionality to AuthController * Refactored password handling logic to use the Authenticator 2018-11-27 12:01:36 +01:00
Login: Added OAuth support 2020-11-15 18:47:30 +01:00			`$this->assertFalse($session->has('foo'));`
Implemented AuthController for login * Moved /login functionality to AuthController * Refactored password handling logic to use the Authenticator 2018-11-27 12:01:36 +01:00			`$this->assertNotNull($user->last_login_at);`
Added validation to AuthController 2019-07-09 22:02:07 +02:00			`$this->assertEquals(['user_id' => 42, 'locale' => 'de_DE'], $session->all());`
Redirect back from login after 403 (Not authorized) 2021-10-04 21:45:06 +02:00
			`// Redirect to previous page`
			`$session->set('previous_page', '/test');`
			`$controller->loginUser($user);`
Implemented AuthController for login * Moved /login functionality to AuthController * Refactored password handling logic to use the Authenticator 2018-11-27 12:01:36 +01:00			`}`

			`/**`
			`* @covers \Engelsystem\Controllers\AuthController::logout`
			`*/`
			`public function testLogout()`
			`{`
			`/** @var Response $response */`
			`/** @var SessionInterface\|MockObject $session */`
Added application base url: Redirector now uses URLs instead of relative paths 2020-04-07 15:08:49 +02:00			`/** @var Redirector\|MockObject $redirect */`
AuthController: Use configured home_site 2020-03-01 03:22:52 +01:00			`/** @var Config $config */`
Implemented AuthController for login * Moved /login functionality to AuthController * Refactored password handling logic to use the Authenticator 2018-11-27 12:01:36 +01:00			`/** @var Authenticator\|MockObject $auth */`
Added application base url: Redirector now uses URLs instead of relative paths 2020-04-07 15:08:49 +02:00			`list($response, $session, $redirect, $config, $auth) = $this->getMocks();`
Implemented AuthController for login * Moved /login functionality to AuthController * Refactored password handling logic to use the Authenticator 2018-11-27 12:01:36 +01:00
			`$session->expects($this->once())`
			`->method('invalidate');`
Added logout via AuthController 2018-10-25 18:53:05 +02:00
Added application base url: Redirector now uses URLs instead of relative paths 2020-04-07 15:08:49 +02:00			`$redirect->expects($this->once())`
Added logout via AuthController 2018-10-25 18:53:05 +02:00			`->method('to')`
			`->with('/')`
Added application base url: Redirector now uses URLs instead of relative paths 2020-04-07 15:08:49 +02:00			`->willReturn($response);`
Added logout via AuthController 2018-10-25 18:53:05 +02:00
Added application base url: Redirector now uses URLs instead of relative paths 2020-04-07 15:08:49 +02:00			`$controller = new AuthController($response, $session, $redirect, $config, $auth);`
Implemented AuthController for login * Moved /login functionality to AuthController * Refactored password handling logic to use the Authenticator 2018-11-27 12:01:36 +01:00			`$return = $controller->logout();`

Added application base url: Redirector now uses URLs instead of relative paths 2020-04-07 15:08:49 +02:00			`$this->assertEquals($response, $return);`
Implemented AuthController for login * Moved /login functionality to AuthController * Refactored password handling logic to use the Authenticator 2018-11-27 12:01:36 +01:00			`}`

Login: Added OAuth support 2020-11-15 18:47:30 +01:00			`/**`
			`* @return User`
			`*/`
			`protected function createUser(): User`
			`{`
Added user related factories 2021-06-29 00:27:57 +02:00			`return User::factory(['id' => 42])`
			`->has(Settings::factory(['language' => 'de_DE']))`
			`->create();`
Login: Added OAuth support 2020-11-15 18:47:30 +01:00			`}`

Implemented AuthController for login * Moved /login functionality to AuthController * Refactored password handling logic to use the Authenticator 2018-11-27 12:01:36 +01:00			`/**`
			`* @return array`
			`*/`
			`protected function getMocks()`
			`{`
			`$response = new Response();`
			`/** @var SessionInterface\|MockObject $session */`
			`$session = $this->getMockForAbstractClass(SessionInterface::class);`
Added application base url: Redirector now uses URLs instead of relative paths 2020-04-07 15:08:49 +02:00			`/** @var Redirector\|MockObject $redirect */`
			`$redirect = $this->createMock(Redirector::class);`
AuthController: Use configured home_site 2020-03-01 03:22:52 +01:00			`$config = new Config(['home_site' => 'news']);`
Implemented AuthController for login * Moved /login functionality to AuthController * Refactored password handling logic to use the Authenticator 2018-11-27 12:01:36 +01:00			`/** @var Authenticator\|MockObject $auth */`
			`$auth = $this->createMock(Authenticator::class);`

Added HasUserNotifications trait to show messages to the user 2020-03-01 18:21:16 +01:00			`$this->app->instance('session', $session);`

Added application base url: Redirector now uses URLs instead of relative paths 2020-04-07 15:08:49 +02:00			`return [$response, $session, $redirect, $config, $auth];`
Added logout via AuthController 2018-10-25 18:53:05 +02:00			`}`
			`}`