D3Public
/
oxtotp
8
0
Fork 1
Code Pull Requests Releases Activity

extract TOTP check from admin login

This commit is contained in:
Daniel Seifert 2022-11-10 00:00:50 +01:00
parent c80b5f626f
commit e3d2156d44
Signed by: DanielS
GPG Key ID: 6A513E13AEE66170
18 changed files with 445 additions and 245 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

179
src/Application/Controller/Admin/d3totpadminlogin.php Executable file
View File

@ -0,0 +1,179 @@
<?php
/**
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* https://www.d3data.de
*
* @copyright (C) D3 Data Development (Inh. Thomas Dartsch)
* @author D3 Data Development - Daniel Seifert <info@shopmodule.com>
* @link https://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Totp\Application\Controller\Admin;
use D3\Totp\Application\Model\d3backupcodelist;
use D3\Totp\Application\Model\d3totp;
use D3\Totp\Application\Model\d3totp_conf;
use D3\Totp\Application\Model\Exceptions\d3totp_wrongOtpException;
use OxidEsales\Eshop\Application\Controller\Admin\AdminController;
use OxidEsales\Eshop\Application\Model\User;
use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException;
use OxidEsales\Eshop\Core\Registry;
use OxidEsales\Eshop\Core\Utils;
class d3totpadminlogin extends AdminController
{
protected $_sThisTemplate = 'd3totpadminlogin.tpl';
/**
* @return bool
*/
protected function _authorize(): bool
{
return true;
}
/**
* @return string
*/
public function render(): string
{
if (Registry::getSession()->hasVariable(d3totp_conf::SESSION_AUTH) ||
!Registry::getSession()->hasVariable(d3totp_conf::SESSION_CURRENTUSER)
) {
$this->getUtils()->redirect('index.php?cl=admin_start');
if (!defined('OXID_PHP_UNIT')) {
// @codeCoverageIgnoreStart
exit;
// @codeCoverageIgnoreEnd
}
}
if (!Registry::getSession()->hasVariable(d3totp_conf::SESSION_CURRENTUSER)) {
$this->getUtils()->redirect('index.php?cl=login');
}
return parent::render();
}
/**
* @return d3backupcodelist
*/
public function d3GetBackupCodeListObject()
{
return oxNew(d3backupcodelist::class);
}
/**
* @return string|void
* @throws DatabaseConnectionException
*/
public function getBackupCodeCountMessage()
{
$oBackupCodeList = $this->d3GetBackupCodeListObject();
$iCount = $oBackupCodeList->getAvailableCodeCount(Registry::getSession()->getVariable(d3totp_conf::SESSION_CURRENTUSER));
if ($iCount < 4) {
return sprintf(
Registry::getLang()->translateString('D3_TOTP_AVAILBACKUPCODECOUNT'),
$iCount
);
}
}
public function d3CancelLogin()
{
$oUser = $this->d3GetUserObject();
$oUser->logout();
return "login";
}
/**
* @return d3totp
*/
public function d3GetTotpObject()
{
return oxNew(d3totp::class);
}
/**
* @return User
*/
public function d3GetUserObject()
{
return oxNew(User::class);
}
public function checklogin()
{
$session = Registry::getSession();
$userId = $session->getVariable(d3totp_conf::SESSION_CURRENTUSER);
try {
$sTotp = Registry::getRequest()->getRequestEscapedParameter('d3totp');
$totp = $this->d3GetTotpObject();
$totp->loadByUserId($userId);
$this->d3TotpHasValidTotp($sTotp, $totp);
$adminProfiles = $session->getVariable("aAdminProfiles");
$session->initNewSession();
$session->setVariable("aAdminProfiles", $adminProfiles);
$session->setVariable('auth', $userId);
$session->setVariable(d3totp_conf::SESSION_AUTH, true);
return "admin_start";
} catch (d3totp_wrongOtpException $e) {
Registry::getUtilsView()->addErrorToDisplay($e);
Registry::getLogger()->error($e->getMessage(), ['UserId' => $userId]);
Registry::getLogger()->debug($e->getTraceAsString());
}
}
/**
* @param string $sTotp
* @param d3totp $totp
* @return bool
* @throws DatabaseConnectionException
* @throws d3totp_wrongOtpException
*/
public function d3TotpHasValidTotp($sTotp, $totp)
{
return Registry::getSession()->getVariable(d3totp_conf::SESSION_AUTH) ||
(
$sTotp && $totp->verify($sTotp)
);
}
/**
* @return Utils
*/
public function getUtils(): Utils
{
return Registry::getUtils();
}
/**
* Returns Bread Crumb - you are here page1/page2/page3...
*
* @return array
*/
public function getBreadCrumb(): array
{
$aPaths = [];
$aPath = [];
$iBaseLanguage = Registry::getLang()->getBaseLanguage();
$aPath['title'] = Registry::getLang()->translateString('D3_WEBAUTHN_BREADCRUMB', $iBaseLanguage, false);
$aPath['link'] = $this->getLink();
$aPaths[] = $aPath;
return $aPaths;
}
}

13
src/Application/Controller/d3totplogin.php
View File

@ -17,6 +17,7 @@ namespace D3\Totp\Application\Controller;
use D3\Totp\Application\Model\d3backupcodelist;
use D3\Totp\Application\Model\d3totp;
use D3\Totp\Application\Model\d3totp_conf;
use OxidEsales\Eshop\Application\Controller\FrontendController;
use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException;
use OxidEsales\Eshop\Core\Registry;
@ -28,8 +29,8 @@ class d3totplogin extends FrontendController
public function render()
{
if (Registry::getSession()->hasVariable(d3totp::TOTP_SESSION_VARNAME) ||
false == Registry::getSession()->hasVariable(d3totp::TOTP_SESSION_CURRENTUSER)
if (Registry::getSession()->hasVariable(d3totp_conf::SESSION_AUTH) ||
false == Registry::getSession()->hasVariable(d3totp_conf::SESSION_CURRENTUSER)
) {
$this->getUtils()->redirect('index.php?cl=start');
if (false == defined('OXID_PHP_UNIT')) {
@ -39,7 +40,7 @@ class d3totplogin extends FrontendController
}
}
$this->addTplParam('navFormParams', Registry::getSession()->getVariable(d3totp::TOTP_SESSION_NAVFORMPARAMS));
$this->addTplParam('navFormParams', Registry::getSession()->getVariable(d3totp_conf::SESSION_NAVFORMPARAMS));
return parent::render();
}
@ -59,7 +60,7 @@ class d3totplogin extends FrontendController
public function getBackupCodeCountMessage()
{
$oBackupCodeList = $this->getBackupCodeListObject();
$iCount = $oBackupCodeList->getAvailableCodeCount(Registry::getSession()->getVariable(d3totp::TOTP_SESSION_CURRENTUSER));
$iCount = $oBackupCodeList->getAvailableCodeCount(Registry::getSession()->getVariable(d3totp_conf::SESSION_CURRENTUSER));
if ($iCount < 4) {
return sprintf(
@ -79,12 +80,12 @@ class d3totplogin extends FrontendController
public function getPreviousClass()
{
return Registry::getSession()->getVariable(d3totp::TOTP_SESSION_CURRENTCLASS);
return Registry::getSession()->getVariable(d3totp_conf::SESSION_CURRENTCLASS);
}
public function previousClassIsOrderStep(): bool
{
$sClassKey = Registry::getSession()->getVariable(d3totp::TOTP_SESSION_CURRENTCLASS);
$sClassKey = Registry::getSession()->getVariable(d3totp_conf::SESSION_CURRENTCLASS);
$resolvedClass = Registry::getControllerClassNameResolver()->getClassNameById($sClassKey);
$resolvedClass = $resolvedClass ?: 'start';

2
src/Application/Model/d3backupcode.php
View File

@ -74,7 +74,7 @@ class d3backupcode extends BaseModel
return $this->getUser();
}
$sUserId = Registry::getSession()->getVariable(d3totp::TOTP_SESSION_CURRENTUSER);
$sUserId = Registry::getSession()->getVariable(d3totp_conf::SESSION_CURRENTUSER);
$oUser = oxNew(User::class);
$oUser->load($sUserId);
return $oUser;

5
src/Application/Model/d3totp.php
View File

@ -29,11 +29,6 @@ use OxidEsales\Eshop\Core\Registry;
class d3totp extends BaseModel
{
public const TOTP_SESSION_VARNAME = 'totp_auth';
public const TOTP_SESSION_CURRENTUSER = 'd3totpCurrentUser';
public const TOTP_SESSION_CURRENTCLASS = 'd3totpCurrentClass';
public const TOTP_SESSION_NAVFORMPARAMS = 'd3totpNavFormParams';
public $tableName = 'd3totp';
public $userId;
public $totp;

24
src/Application/Model/d3totp_conf.php Normal file
View File

@ -0,0 +1,24 @@
<?php
/**
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* https://www.d3data.de
*
* @copyright (C) D3 Data Development (Inh. Thomas Dartsch)
* @author D3 Data Development - Daniel Seifert <info@shopmodule.com>
* @link https://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Totp\Application\Model;
class d3totp_conf
{
public const SESSION_AUTH = 'd3TotpAuth'; // has valid totp, user is logged in completly
public const SESSION_CURRENTUSER = 'd3TotpCurrentUser'; // oxid assigned to user from entered username
public const SESSION_CURRENTCLASS = 'd3TotpCurrentClass'; // oxid assigned to user from entered username
public const SESSION_NAVFORMPARAMS = 'd3totpNavFormParams';
}

88
src/Application/views/admin/tpl/d3totplogin.tpl Normal file
View File

@ -0,0 +1,88 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>[{oxmultilang ident="LOGIN_TITLE"}]</title>
<meta http-equiv="Content-Type" content="text/html; charset=[{$charset}]">
<meta name="ROBOTS" content="NOINDEX, NOFOLLOW">
<link rel="shortcut icon" href="[{$oViewConf->getImageUrl()}]favicon.ico">
<link rel="stylesheet" href="[{$oViewConf->getResourceUrl()}]login.css">
<link rel="stylesheet" href="[{$oViewConf->getResourceUrl()}]colors_[{$oViewConf->getEdition()|lower}].css">
</head>
<body>
<div class="admin-login-box">
<div id="shopLogo"><img src="[{$oViewConf->getImageUrl('logo_dark.svg')}]" alt="" /></div>
<form action="[{$oViewConf->getSelfLink()}]" method="post" id="login">
[{block name="admin_login_form"}]
[{$oViewConf->getHiddenSid()}]
<input type="hidden" name="fnc" value="checklogin">
<input type="hidden" name="cl" value="[{$oViewConf->getActiveClassName()}]">
[{if !empty($Errors.default)}]
[{include file="inc_error.tpl" Errorlist=$Errors.default}]
[{/if}]
[{$oView->getBackupCodeCountMessage()}]
<label for="d3totp">[{oxmultilang ident="TOTP_INPUT"}]</label>
<input type="text" name="d3totp" id="d3totp" value="" size="49" autofocus autocomplete="off"><br>
[{oxmultilang ident="TOTP_INPUT_HELP"}]
<input type="submit" value="[{oxmultilang ident="LOGIN_START"}]" class="btn"><br>
<input class="btn btn_cancel" value="[{oxmultilang ident="TOTP_CANCEL_LOGIN"}]" type="submit"
onclick="document.getElementById('login').fnc.value='d3CancelLogin'; document.getElementById('login').submit();"
>
[{oxstyle include=$oViewConf->getModuleUrl('d3totp', 'out/admin/src/css/d3totplogin.css')}]
[{oxstyle}]
[{**
[{$oViewConf->getHiddenSid()}]
<input type="hidden" name="fnc" value="">
<input type="hidden" name="cl" value="login">
[{if !empty($Errors.default)}]
[{include file="inc_error.tpl" Errorlist=$Errors.default}]
[{/if}]
<div class="d3webauthn_icon">
<div class="svg-container">
[{include file=$oViewConf->getModulePath('d3webauthn', 'out/img/fingerprint.svg')}]
</div>
<div class="message">[{oxmultilang ident="WEBAUTHN_INPUT_HELP"}]</div>
</div>
**}]
[{* prevent cancel button (1st button) action when form is sent via Enter key *}]
[{**
<input type="submit" style="display:none !important;">
<input class="btn btn_cancel" value="[{oxmultilang ident="WEBAUTHN_CANCEL_LOGIN"}]" type="submit"
onclick="document.getElementById('login').fnc.value='d3WebauthnCancelLogin'; document.getElementById('login').submit();"
>
[{oxstyle include=$oViewConf->getModuleUrl('d3webauthn', 'out/admin/src/css/d3webauthnlogin.css')}]
[{oxstyle}]
**}]
[{/block}]
</form>
</div>
[{oxscript}]
<script type="text/javascript">if (window !== window.top) top.location.href = document.location.href;</script>
</body>
</html>

4
src/Application/views/tpl/d3totplogin.tpl
View File

@ -11,7 +11,7 @@
<form action="[{$oViewConf->getSelfActionLink()}]" method="post" name="login" id="login">
[{$oViewConf->getHiddenSid()}]
<input type="hidden" name="fnc" value="checkTotplogin">
<input type="hidden" name="fnc" value="d3TotpCheckTotpLogin">
<input type="hidden" name="cl" value="[{$oView->getPreviousClass()}]">
[{$navFormParams}]
@ -34,7 +34,7 @@
<form action="[{$oViewConf->getSelfActionLink()}]" method="post" name="login" id="login">
[{$oViewConf->getHiddenSid()}]
<input type="hidden" name="fnc" value="cancelTotplogin">
<input type="hidden" name="fnc" value="d3TotpCancelTotpLogin">
<input type="hidden" name="cl" value="[{$oView->getPreviousClass()}]">
[{$navFormParams}]

55
src/Modules/Application/Component/d3_totp_UserComponent.php
View File

@ -16,6 +16,7 @@ declare(strict_types=1);
namespace D3\Totp\Modules\Application\Component;
use D3\Totp\Application\Model\d3totp;
use D3\Totp\Application\Model\d3totp_conf;
use D3\Totp\Application\Model\Exceptions\d3totp_wrongOtpException;
use Doctrine\DBAL\DBALException;
use InvalidArgumentException;
@ -45,23 +46,23 @@ class d3_totp_UserComponent extends d3_totp_UserComponent_parent
$totp->loadByUserId($oUser->getId());
if ($totp->isActive()
&& !$this->d3GetSession()->getVariable(d3totp::TOTP_SESSION_VARNAME)
&& !$this->d3TotpGetSession()->getVariable(d3totp_conf::SESSION_AUTH)
) {
$this->d3GetSession()->setVariable(
d3totp::TOTP_SESSION_CURRENTCLASS,
$this->d3TotpGetSession()->setVariable(
d3totp_conf::SESSION_CURRENTCLASS,
$this->getParent()->getClassKey() != 'd3totplogin' ? $this->getParent()->getClassKey() : 'start'
);
$this->d3GetSession()->setVariable(d3totp::TOTP_SESSION_CURRENTUSER, $oUser->getId());
$this->d3GetSession()->setVariable(
d3totp::TOTP_SESSION_NAVFORMPARAMS,
$this->getParent()->getViewConfig()->getNavFormParams()
);
$oUser->logout();
$this->d3TotpGetSession()->setVariable(d3totp_conf::SESSION_CURRENTUSER, $oUser->getId());
$this->d3TotpGetSession()->setVariable(
d3totp_conf::SESSION_NAVFORMPARAMS,
$this->getParent()->getViewConfig()->getNavFormParams()
);
$sUrl = Registry::getConfig()->getShopHomeUrl() . 'cl=d3totplogin';
$this->d3GetUtils()->redirect($sUrl, false);
$this->d3TotpGetUtils()->redirect($sUrl, false);
}
}
@ -80,11 +81,11 @@ class d3_totp_UserComponent extends d3_totp_UserComponent_parent
* @throws DBALException
* @throws DatabaseConnectionException
*/
public function checkTotplogin()
public function d3TotpCheckTotpLogin()
{
$sTotp = Registry::getRequest()->getRequestEscapedParameter('d3totp', true);
$sUserId = Registry::getSession()->getVariable(d3totp::TOTP_SESSION_CURRENTUSER);
$sUserId = Registry::getSession()->getVariable(d3totp_conf::SESSION_CURRENTUSER);
$oUser = oxNew(User::class);
$oUser->load($sUserId);
@ -92,10 +93,10 @@ class d3_totp_UserComponent extends d3_totp_UserComponent_parent
$totp->loadByUserId($sUserId);
try {
if (!$this->isNoTotpOrNoLogin($totp) && $this->hasValidTotp($sTotp, $totp)) {
if (!$this->d3TotpIsNoTotpOrNoLogin($totp) && $this->d3TotpHasValidTotp($sTotp, $totp)) {
// relogin, don't extract from this try block
$this->d3GetSession()->setVariable(d3totp::TOTP_SESSION_VARNAME, $sTotp);
$this->d3GetSession()->setVariable('usr', $oUser->getId());
$this->d3TotpGetSession()->setVariable(d3totp_conf::SESSION_AUTH, $sTotp);
$this->d3TotpGetSession()->setVariable('usr', $oUser->getId());
$this->setUser(null);
$this->setLoginStatus(USER_LOGIN_SUCCESS);
$this->_afterLogin($oUser);
@ -105,7 +106,7 @@ class d3_totp_UserComponent extends d3_totp_UserComponent_parent
return false;
}
} catch (d3totp_wrongOtpException $oEx) {
$this->d3GetUtilsView()->addErrorToDisplay($oEx, false, false, "", 'd3totplogin');
$this->d3TotpGetUtilsView()->addErrorToDisplay($oEx, false, false, "", 'd3totplogin');
}
return 'd3totplogin';
@ -114,7 +115,7 @@ class d3_totp_UserComponent extends d3_totp_UserComponent_parent
/**
* @return UtilsView
*/
public function d3GetUtilsView()
public function d3TotpGetUtilsView()
{
return Registry::getUtilsView();
}
@ -122,12 +123,12 @@ class d3_totp_UserComponent extends d3_totp_UserComponent_parent
/**
* @return Utils
*/
public function d3GetUtils()
public function d3TotpGetUtils()
{
return Registry::getUtils();
}
public function cancelTotpLogin()
public function d3TotpCancelTotpLogin()
{
$this->d3TotpClearSessionVariables();
@ -138,9 +139,9 @@ class d3_totp_UserComponent extends d3_totp_UserComponent_parent
* @param d3totp $totp
* @return bool
*/
public function isNoTotpOrNoLogin($totp)
public function d3TotpIsNoTotpOrNoLogin($totp)
{
return false == Registry::getSession()->getVariable(d3totp::TOTP_SESSION_CURRENTUSER)
return false == Registry::getSession()->getVariable(d3totp_conf::SESSION_CURRENTUSER)
|| false == $totp->isActive();
}
@ -151,9 +152,9 @@ class d3_totp_UserComponent extends d3_totp_UserComponent_parent
* @throws DatabaseConnectionException
* @throws d3totp_wrongOtpException
*/
public function hasValidTotp($sTotp, $totp)
public function d3TotpHasValidTotp($sTotp, $totp)
{
return Registry::getSession()->getVariable(d3totp::TOTP_SESSION_VARNAME) ||
return Registry::getSession()->getVariable(d3totp_conf::SESSION_AUTH) ||
(
$sTotp && $totp->verify($sTotp)
);
@ -161,15 +162,15 @@ class d3_totp_UserComponent extends d3_totp_UserComponent_parent
public function d3TotpClearSessionVariables()
{
$this->d3GetSession()->deleteVariable(d3totp::TOTP_SESSION_CURRENTCLASS);
$this->d3GetSession()->deleteVariable(d3totp::TOTP_SESSION_CURRENTUSER);
$this->d3GetSession()->deleteVariable(d3totp::TOTP_SESSION_NAVFORMPARAMS);
$this->d3TotpGetSession()->deleteVariable(d3totp_conf::SESSION_CURRENTCLASS);
$this->d3TotpGetSession()->deleteVariable(d3totp_conf::SESSION_CURRENTUSER);
$this->d3TotpGetSession()->deleteVariable(d3totp_conf::SESSION_NAVFORMPARAMS);
}
/**
* @return Session
*/
public function d3GetSession()
public function d3TotpGetSession()
{
return Registry::getSession();
}

128
src/Modules/Application/Controller/Admin/d3_totp_LoginController.php
View File

@ -16,43 +16,15 @@ declare(strict_types=1);
namespace D3\Totp\Modules\Application\Controller\Admin;
use D3\Totp\Application\Model\d3totp;
use D3\Totp\Application\Model\d3backupcodelist;
use D3\Totp\Application\Model\Exceptions\d3totp_wrongOtpException;
use Doctrine\DBAL\DBALException;
use D3\Totp\Application\Model\d3totp_conf;
use D3\Totp\Modules\Application\Model\d3_totp_user;
use OxidEsales\Eshop\Application\Model\User;
use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException;
use OxidEsales\Eshop\Core\Registry;
use OxidEsales\Eshop\Core\Session;
use OxidEsales\Eshop\Core\UtilsView;
class d3_totp_LoginController extends d3_totp_LoginController_parent
{
/**
* @return string
* @throws DBALException
* @throws DatabaseConnectionException
*/
public function render()
{
$auth = $this->d3TotpGetSession()->getVariable("auth");
$return = parent::render();
$totp = $this->d3GetTotpObject();
$totp->loadByUserId($auth);
if ($auth
&& $totp->isActive()
&& !$this->d3TotpGetSession()->getVariable(d3totp::TOTP_SESSION_VARNAME)
) {
// set auth as secured parameter;
$this->d3TotpGetSession()->setVariable("auth", $auth);
$this->addTplParam('request_totp', true);
}
return $return;
}
/**
* @return d3totp
*/
@ -61,22 +33,6 @@ class d3_totp_LoginController extends d3_totp_LoginController_parent
return oxNew(d3totp::class);
}
/**
* @return d3backupcodelist
*/
public function d3GetBackupCodeListObject()
{
return oxNew(d3backupcodelist::class);
}
/**
* @return UtilsView
*/
public function d3TotpGetUtilsView()
{
return Registry::getUtilsView();
}
/**
* @return Session
*/
@ -87,91 +43,37 @@ class d3_totp_LoginController extends d3_totp_LoginController_parent
/**
* @return mixed|string
* @throws DBALException
* @throws DatabaseConnectionException
*/
public function checklogin()
{
$sTotp = Registry::getRequest()->getRequestEscapedParameter('d3totp', true);
$return = parent::checklogin();
$totp = $this->d3GetTotpObject();
$totp->loadByUserId(Registry::getSession()->getVariable("auth"));
$return = 'login';
if ($this->d3TotpLoginMissing($totp)) {
$userId = $this->d3TotpGetSession()->getVariable('auth');
try {
if ($this->d3TotpIsNoTotpOrNoLogin($totp) && $this->hasLoginCredentials()) {
$return = parent::checklogin();
} elseif ($this->d3TotpHasValidTotp($sTotp, $totp)) {
$this->d3TotpGetSession()->setVariable(d3totp::TOTP_SESSION_VARNAME, $sTotp);
$return = "admin_start";
}
} catch (d3totp_wrongOtpException $oEx) {
$this->d3TotpGetUtilsView()->addErrorToDisplay($oEx);
/** @var d3_totp_user $user */
$user = oxNew(User::class);
$user->logout();
$this->d3TotpGetSession()->setVariable(d3totp_conf::SESSION_CURRENTUSER, $userId);
return "d3totpadminlogin";
}
return $return;
}
/**
* @return string|void
* @throws DatabaseConnectionException
*/
public function getBackupCodeCountMessage()
{
$oBackupCodeList = $this->d3GetBackupCodeListObject();
$iCount = $oBackupCodeList->getAvailableCodeCount(Registry::getSession()->getVariable("auth"));
if ($iCount < 4) {
return sprintf(
Registry::getLang()->translateString('D3_TOTP_AVAILBACKUPCODECOUNT'),
$iCount
);
}
}
/**
* @param d3totp $totp
* @return bool
*/
public function d3TotpIsNoTotpOrNoLogin($totp)
public function d3TotpLoginMissing($totp)
{
return false == $this->d3TotpGetSession()->getVariable("auth")
|| false == $totp->isActive();
}
protected function hasLoginCredentials()
{
return Registry::getRequest()->getRequestEscapedParameter('user') &&
Registry::getRequest()->getRequestEscapedParameter('pwd');
}
/**
* @param string $sTotp
* @param d3totp $totp
* @return bool
* @throws DatabaseConnectionException
* @throws d3totp_wrongOtpException
*/
public function d3TotpHasValidTotp($sTotp, $totp)
{
return Registry::getSession()->getVariable(d3totp::TOTP_SESSION_VARNAME) ||
(
$sTotp && $totp->verify($sTotp)
);
}
public function d3CancelLogin()
{
$oUser = $this->d3TotpGetUserObject();
$oUser->logout();
}
/**
* @return User
*/
public function d3TotpGetUserObject()
{
return oxNew(User::class);
return $totp->isActive()
&& false == $this->d3TotpGetSession()->getVariable(d3totp_conf::SESSION_AUTH);
}
}

3
src/Modules/Application/Controller/d3_totp_getUserTrait.php
View File

@ -16,6 +16,7 @@ declare(strict_types=1);
namespace D3\Totp\Modules\Application\Controller;
use D3\Totp\Application\Model\d3totp;
use D3\Totp\Application\Model\d3totp_conf;
use OxidEsales\Eshop\Application\Model\User;
use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException;
use OxidEsales\Eshop\Core\Registry;
@ -36,7 +37,7 @@ trait d3_totp_getUserTrait
$totp->loadByUserId($oUser->getId());
if ($totp->isActive()
&& !$this->d3TotpGetSessionObject()->getVariable(d3totp::TOTP_SESSION_VARNAME)
&& !$this->d3TotpGetSessionObject()->getVariable(d3totp_conf::SESSION_AUTH)
) {
return false;
}

6
src/Modules/Application/Model/d3_totp_user.php
View File

@ -16,6 +16,7 @@ declare(strict_types=1);
namespace D3\Totp\Modules\Application\Model;
use D3\Totp\Application\Model\d3totp;
use D3\Totp\Application\Model\d3totp_conf;
use OxidEsales\Eshop\Core\Registry;
use OxidEsales\Eshop\Core\Session;
@ -25,7 +26,8 @@ class d3_totp_user extends d3_totp_user_parent
{
$return = parent::logout();
$this->d3GetSession()->deleteVariable(d3totp::TOTP_SESSION_VARNAME);
$this->d3TotpGetSession()->deleteVariable(d3totp_conf::SESSION_AUTH);
$this->d3TotpGetSession()->deleteVariable(d3totp_conf::SESSION_CURRENTUSER);
return $return;
}
@ -41,7 +43,7 @@ class d3_totp_user extends d3_totp_user_parent
/**
* @return Session
*/
public function d3GetSession()
public function d3TotpGetSession()
{
return Registry::getSession();
}

6
src/Modules/Core/d3_totp_utils.php
View File

@ -16,6 +16,7 @@ declare(strict_types=1);
namespace D3\Totp\Modules\Core;
use D3\Totp\Application\Model\d3totp;
use D3\Totp\Application\Model\d3totp_conf;
use Doctrine\DBAL\DBALException;
use OxidEsales\Eshop\Core\Config;
use OxidEsales\Eshop\Core\Exception\DatabaseConnectionException;
@ -32,10 +33,9 @@ class d3_totp_utils extends d3_totp_utils_parent
public function checkAccessRights()
{
$blAuth = parent::checkAccessRights();
$blAuth = $this->d3AuthHook($blAuth);
$userID = $this->d3TotpGetSessionObject()->getVariable("auth");
$totpAuth = (bool) $this->d3TotpGetSessionObject()->getVariable(d3totp::TOTP_SESSION_VARNAME);
$totpAuth = (bool) $this->d3TotpGetSessionObject()->getVariable(d3totp_conf::SESSION_AUTH);
/** @var d3totp $totp */
$totp = $this->d3GetTotpObject();
$totp->loadByUserId($userID);
@ -56,7 +56,7 @@ class d3_totp_utils extends d3_totp_utils_parent
//staten der prüfung vom einmalpasswort
if ($blAuth && $totp->isActive() && false === $totpAuth) {
$this->redirect('index.php?cl=login');
$this->redirect('index.php?cl=d3totpadminlogin');
if (false == defined('OXID_PHP_UNIT')) {
// @codeCoverageIgnoreStart
exit;

3
src/metadata.php
View File

@ -13,6 +13,7 @@
declare(strict_types=1);
use D3\Totp\Application\Controller\Admin\d3totpadminlogin;
use D3\Totp\Application\Controller\Admin\d3user_totp;
use D3\Totp\Application\Controller\Admin\d3force_2fa;
use D3\Totp\Application\Controller\d3_account_totp;
@ -72,11 +73,13 @@ $aModule = [
'd3force_2fa' => d3force_2fa::class,
'd3totplogin' => d3totplogin::class,
'd3_account_totp' => d3_account_totp::class,
'd3totpadminlogin' => d3totpadminlogin::class
],
'templates' => [
'd3user_totp.tpl' => 'd3/totp/Application/views/admin/tpl/d3user_totp.tpl',
'd3totplogin.tpl' => 'd3/totp/Application/views/tpl/d3totplogin.tpl',
'd3_account_totp.tpl' => 'd3/totp/Application/views/tpl/d3_account_totp.tpl',
'd3totpadminlogin.tpl' => 'd3/totp/Application/views/admin/tpl/d3totplogin.tpl',
],
'settings' => [
[

13
src/tests/unit/Application/Controller/d3totploginTest.php
View File

@ -16,6 +16,7 @@ namespace D3\Totp\tests\unit\Application\Controller;
use D3\Totp\Application\Controller\d3totplogin;
use D3\Totp\Application\Model\d3backupcodelist;
use D3\Totp\Application\Model\d3totp;
use D3\Totp\Application\Model\d3totp_conf;
use D3\Totp\tests\unit\d3TotpUnitTestCase;
use OxidEsales\Eshop\Core\Registry;
use OxidEsales\Eshop\Core\Utils;
@ -36,8 +37,8 @@ class d3totploginTest extends d3TotpUnitTestCase
$this->_oController = oxNew(d3totplogin::class);
Registry::getSession()->deleteVariable(d3totp::TOTP_SESSION_CURRENTUSER);
Registry::getSession()->deleteVariable(d3totp::TOTP_SESSION_CURRENTCLASS);
Registry::getSession()->deleteVariable(d3totp_conf::SESSION_CURRENTUSER);
Registry::getSession()->deleteVariable(d3totp_conf::SESSION_CURRENTCLASS);
}
public function tearDown(): void
@ -78,7 +79,7 @@ class d3totploginTest extends d3TotpUnitTestCase
*/
public function renderDontRedirect()
{
Registry::getSession()->setVariable(d3totp::TOTP_SESSION_CURRENTUSER, 'foo');
Registry::getSession()->setVariable(d3totp_conf::SESSION_CURRENTUSER, 'foo');
/** @var Utils|MockObject $oUtilsMock */
$oUtilsMock = $this->getMockBuilder(Utils::class)
@ -193,7 +194,7 @@ class d3totploginTest extends d3TotpUnitTestCase
public function canGetPreviousClass()
{
$className = "testClass";
Registry::getSession()->setVariable(d3totp::TOTP_SESSION_CURRENTCLASS, $className);
Registry::getSession()->setVariable(d3totp_conf::SESSION_CURRENTCLASS, $className);
$this->assertSame(
$className,
@ -209,7 +210,7 @@ class d3totploginTest extends d3TotpUnitTestCase
*/
public function classIsOrderStep($className, $expected)
{
Registry::getSession()->setVariable(d3totp::TOTP_SESSION_CURRENTCLASS, $className);
Registry::getSession()->setVariable(d3totp_conf::SESSION_CURRENTCLASS, $className);
$this->assertSame(
$expected,
@ -239,7 +240,7 @@ class d3totploginTest extends d3TotpUnitTestCase
*/
public function getIsOrderStepIsSameLikeOrderClass($className, $expected)
{
Registry::getSession()->setVariable(d3totp::TOTP_SESSION_CURRENTCLASS, $className);
Registry::getSession()->setVariable(d3totp_conf::SESSION_CURRENTCLASS, $className);
$this->assertSame(
$expected,

3
src/tests/unit/Application/Model/d3backupcodeTest.php
View File

@ -15,6 +15,7 @@ namespace D3\Totp\tests\unit\Application\Model;
use D3\Totp\Application\Model\d3backupcode;
use D3\Totp\Application\Model\d3totp;
use D3\Totp\Application\Model\d3totp_conf;
use D3\Totp\tests\unit\d3TotpUnitTestCase;
use OxidEsales\Eshop\Application\Model\User;
use OxidEsales\Eshop\Core\Registry;
@ -153,7 +154,7 @@ class d3backupcodeTest extends d3TotpUnitTestCase
*/
public function d3GetUserReturnCurrentUser()
{
Registry::getSession()->setVariable(d3totp::TOTP_SESSION_CURRENTUSER, 'foobar');
Registry::getSession()->setVariable(d3totp_conf::SESSION_CURRENTUSER, 'foobar');
$oUser = $this->callMethod($this->_oModel, 'd3GetUser');

141
src/tests/unit/Modules/Application/Component/d3_totp_UserComponentTest.php
View File

@ -14,6 +14,7 @@
namespace D3\Totp\tests\unit\Modules\Application\Component;
use D3\Totp\Application\Model\d3totp;
use D3\Totp\Application\Model\d3totp_conf;
use D3\Totp\Application\Model\Exceptions\d3totp_wrongOtpException;
use D3\Totp\Modules\Application\Component\d3_totp_UserComponent;
use D3\Totp\tests\unit\d3TotpUnitTestCase;
@ -42,7 +43,7 @@ class d3_totp_UserComponentTest extends d3TotpUnitTestCase
$this->_oController = oxNew(UserComponent::class);
Registry::getSession()->setVariable(d3totp::TOTP_SESSION_VARNAME, false);
Registry::getSession()->setVariable(d3totp_conf::SESSION_AUTH, false);
}
public function tearDown(): void
@ -84,13 +85,13 @@ class d3_totp_UserComponentTest extends d3TotpUnitTestCase
$oControllerMock = $this->getMockBuilder(UserComponent::class)
->onlyMethods([
'd3GetTotpObject',
'd3GetSession',
'd3GetUtils',
'd3TotpGetSession',
'd3TotpGetUtils',
])
->getMock();
$oControllerMock->method('d3GetTotpObject')->willReturn($oTotpMock);
$oControllerMock->method('d3GetSession')->willReturn($oSessionMock);
$oControllerMock->method('d3GetUtils')->willReturn($oUtilsMock);
$oControllerMock->method('d3TotpGetSession')->willReturn($oSessionMock);
$oControllerMock->method('d3TotpGetUtils')->willReturn($oUtilsMock);
$this->_oController = $oControllerMock;
@ -145,13 +146,13 @@ class d3_totp_UserComponentTest extends d3TotpUnitTestCase
$oControllerMock = $this->getMockBuilder(UserComponent::class)
->onlyMethods([
'd3GetTotpObject',
'd3GetSession',
'd3GetUtils',
'd3TotpGetSession',
'd3TotpGetUtils',
])
->getMock();
$oControllerMock->method('d3GetTotpObject')->willReturn($oTotpMock);
$oControllerMock->method('d3GetSession')->willReturn($oSessionMock);
$oControllerMock->method('d3GetUtils')->willReturn($oUtilsMock);
$oControllerMock->method('d3TotpGetSession')->willReturn($oSessionMock);
$oControllerMock->method('d3TotpGetUtils')->willReturn($oUtilsMock);
$this->_oController = $oControllerMock;
@ -221,15 +222,15 @@ class d3_totp_UserComponentTest extends d3TotpUnitTestCase
$oControllerMock = $this->getMockBuilder(UserComponent::class)
->onlyMethods([
'd3GetTotpObject',
'd3GetSession',
'd3GetUtils',
'd3TotpGetSession',
'd3TotpGetUtils',
'getParent'
])
->getMock();
$oControllerMock->method('d3GetTotpObject')->willReturn($oTotpMock);
$oControllerMock->method('getParent')->willReturn($oParentMock);
$oControllerMock->method('d3GetSession')->willReturn($oSessionMock);
$oControllerMock->method('d3GetUtils')->willReturn($oUtilsMock);
$oControllerMock->method('d3TotpGetSession')->willReturn($oSessionMock);
$oControllerMock->method('d3TotpGetUtils')->willReturn($oUtilsMock);
$this->_oController = $oControllerMock;
@ -252,7 +253,7 @@ class d3_totp_UserComponentTest extends d3TotpUnitTestCase
/**
* @test
* @throws ReflectionException
* @covers \D3\Totp\Modules\Application\Component\d3_totp_UserComponent::checkTotplogin
* @covers \D3\Totp\Modules\Application\Component\d3_totp_UserComponent::d3TotpCheckTotpLogin
*/
public function checkTotploginNoTotpLogin()
{
@ -272,29 +273,29 @@ class d3_totp_UserComponentTest extends d3TotpUnitTestCase
/** @var UserComponent|MockObject $oControllerMock */
$oControllerMock = $this->getMockBuilder(UserComponent::class)
->onlyMethods([
'isNoTotpOrNoLogin',
'hasValidTotp',
'd3TotpIsNoTotpOrNoLogin',
'd3TotpHasValidTotp',
'd3GetTotpObject',
'd3GetSession',
'd3TotpGetSession',
])
->getMock();
$oControllerMock->method('isNoTotpOrNoLogin')->willReturn(true);
$oControllerMock->expects($this->never())->method('hasValidTotp')->willReturn(false);
$oControllerMock->method('d3TotpIsNoTotpOrNoLogin')->willReturn(true);
$oControllerMock->expects($this->never())->method('d3TotpHasValidTotp')->willReturn(false);
$oControllerMock->method('d3GetTotpObject')->willReturn($oTotpMock);
$oControllerMock->method('d3GetSession')->willReturn($oSessionMock);
$oControllerMock->method('d3TotpGetSession')->willReturn($oSessionMock);
$this->_oController = $oControllerMock;
$this->assertSame(
'd3totplogin',
$this->callMethod($this->_oController, 'checkTotplogin')
$this->callMethod($this->_oController, 'd3TotpCheckTotpLogin')
);
}
/**
* @test
* @throws ReflectionException
* @covers \D3\Totp\Modules\Application\Component\d3_totp_UserComponent::checkTotplogin
* @covers \D3\Totp\Modules\Application\Component\d3_totp_UserComponent::d3TotpCheckTotpLogin
*/
public function checkTotploginUnvalidTotp()
{
@ -325,31 +326,31 @@ class d3_totp_UserComponentTest extends d3TotpUnitTestCase
/** @var UserComponent|MockObject $oControllerMock */
$oControllerMock = $this->getMockBuilder(UserComponent::class)
->onlyMethods([
'isNoTotpOrNoLogin',
'hasValidTotp',
'd3GetUtilsView',
'd3TotpIsNoTotpOrNoLogin',
'd3TotpHasValidTotp',
'd3TotpGetUtilsView',
'd3GetTotpObject',
'd3GetSession',
'd3TotpGetSession',
])
->getMock();
$oControllerMock->method('isNoTotpOrNoLogin')->willReturn(false);
$oControllerMock->expects($this->once())->method('hasValidTotp')->willThrowException($oTotpExceptionMock);
$oControllerMock->method('d3GetUtilsView')->willReturn($oUtilsViewMock);
$oControllerMock->method('d3TotpIsNoTotpOrNoLogin')->willReturn(false);
$oControllerMock->expects($this->once())->method('d3TotpHasValidTotp')->willThrowException($oTotpExceptionMock);
$oControllerMock->method('d3TotpGetUtilsView')->willReturn($oUtilsViewMock);
$oControllerMock->method('d3GetTotpObject')->willReturn($oTotpMock);
$oControllerMock->method('d3GetSession')->willReturn($oSessionMock);
$oControllerMock->method('d3TotpGetSession')->willReturn($oSessionMock);
$this->_oController = $oControllerMock;
$this->assertSame(
'd3totplogin',
$this->callMethod($this->_oController, 'checkTotplogin')
$this->callMethod($this->_oController, 'd3TotpCheckTotpLogin')
);
}
/**
* @test
* @throws ReflectionException
* @covers \D3\Totp\Modules\Application\Component\d3_totp_UserComponent::checkTotplogin
* @covers \D3\Totp\Modules\Application\Component\d3_totp_UserComponent::d3TotpCheckTotpLogin
*/
public function checkTotploginValidTotp()
{
@ -375,19 +376,19 @@ class d3_totp_UserComponentTest extends d3TotpUnitTestCase
/** @var UserComponent|MockObject $oControllerMock */
$oControllerMock = $this->getMockBuilder(UserComponent::class)
->onlyMethods([
'isNoTotpOrNoLogin',
'hasValidTotp',
'd3GetUtilsView',
'd3TotpIsNoTotpOrNoLogin',
'd3TotpHasValidTotp',
'd3TotpGetUtilsView',
'd3GetTotpObject',
'd3GetSession',
'd3TotpGetSession',
'setLoginStatus'
])
->getMock();
$oControllerMock->method('isNoTotpOrNoLogin')->willReturn(false);
$oControllerMock->expects($this->once())->method('hasValidTotp')->willReturn(true);
$oControllerMock->method('d3GetUtilsView')->willReturn($oUtilsViewMock);
$oControllerMock->method('d3TotpIsNoTotpOrNoLogin')->willReturn(false);
$oControllerMock->expects($this->once())->method('d3TotpHasValidTotp')->willReturn(true);
$oControllerMock->method('d3TotpGetUtilsView')->willReturn($oUtilsViewMock);
$oControllerMock->method('d3GetTotpObject')->willReturn($oTotpMock);
$oControllerMock->method('d3GetSession')->willReturn($oSessionMock);
$oControllerMock->method('d3TotpGetSession')->willReturn($oSessionMock);
$oControllerMock->expects($this->once())->method('setLoginStatus')->with(
$this->identicalTo(USER_LOGIN_SUCCESS)
);
@ -395,27 +396,27 @@ class d3_totp_UserComponentTest extends d3TotpUnitTestCase
$this->_oController = $oControllerMock;
$this->assertFalse(
$this->callMethod($this->_oController, 'checkTotplogin')
$this->callMethod($this->_oController, 'd3TotpCheckTotpLogin')
);
}
/**
* @test
* @throws ReflectionException
* @covers \D3\Totp\Modules\Application\Component\d3_totp_UserComponent::d3GetUtilsView
* @covers \D3\Totp\Modules\Application\Component\d3_totp_UserComponent::d3TotpGetUtilsView
*/
public function d3GetUtilsViewReturnsRightInstance()
{
$this->assertInstanceOf(
UtilsView::class,
$this->callMethod($this->_oController, 'd3GetUtilsView')
$this->callMethod($this->_oController, 'd3TotpGetUtilsView')
);
}
/**
* @test
* @throws ReflectionException
* @covers \D3\Totp\Modules\Application\Component\d3_totp_UserComponent::cancelTotpLogin
* @covers \D3\Totp\Modules\Application\Component\d3_totp_UserComponent::d3TotpCancelTotpLogin
*/
public function canCancelTotpLogin()
{
@ -427,17 +428,17 @@ class d3_totp_UserComponentTest extends d3TotpUnitTestCase
$this->_oController = $oControllerMock;
$this->callMethod($this->_oController, 'cancelTotpLogin');
$this->callMethod($this->_oController, 'd3TotpCancelTotpLogin');
}
/**
* @test
* @throws ReflectionException
* @covers \D3\Totp\Modules\Application\Component\d3_totp_UserComponent::isNoTotpOrNoLogin
* @covers \D3\Totp\Modules\Application\Component\d3_totp_UserComponent::d3TotpIsNoTotpOrNoLogin
*/
public function isNoTotpOrNoLoginTrueNoSessionVariable()
{
Registry::getSession()->setVariable(d3totp::TOTP_SESSION_CURRENTUSER, false);
Registry::getSession()->setVariable(d3totp_conf::SESSION_CURRENTUSER, false);
/** @var d3totp|MockObject $oTotpMock */
$oTotpMock = $this->getMockBuilder(d3totp::class)
@ -447,18 +448,18 @@ class d3_totp_UserComponentTest extends d3TotpUnitTestCase
$oTotpMock->method('isActive')->willReturn(true);
$this->assertTrue(
$this->callMethod($this->_oController, 'isNoTotpOrNoLogin', [$oTotpMock])
$this->callMethod($this->_oController, 'd3TotpIsNoTotpOrNoLogin', [$oTotpMock])
);
}
/**
* @test
* @throws ReflectionException
* @covers \D3\Totp\Modules\Application\Component\d3_totp_UserComponent::isNoTotpOrNoLogin
* @covers \D3\Totp\Modules\Application\Component\d3_totp_UserComponent::d3TotpIsNoTotpOrNoLogin
*/
public function isNoTotpOrNoLoginTrueTotpNotActive()
{
Registry::getSession()->setVariable(d3totp::TOTP_SESSION_CURRENTUSER, true);
Registry::getSession()->setVariable(d3totp_conf::SESSION_CURRENTUSER, true);
/** @var d3totp|MockObject $oTotpMock */
$oTotpMock = $this->getMockBuilder(d3totp::class)
@ -468,18 +469,18 @@ class d3_totp_UserComponentTest extends d3TotpUnitTestCase
$oTotpMock->method('isActive')->willReturn(false);
$this->assertTrue(
$this->callMethod($this->_oController, 'isNoTotpOrNoLogin', [$oTotpMock])
$this->callMethod($this->_oController, 'd3TotpIsNoTotpOrNoLogin', [$oTotpMock])
);
}
/**
* @test
* @throws ReflectionException
* @covers \D3\Totp\Modules\Application\Component\d3_totp_UserComponent::isNoTotpOrNoLogin
* @covers \D3\Totp\Modules\Application\Component\d3_totp_UserComponent::d3TotpIsNoTotpOrNoLogin
*/
public function isNoTotpOrNoLoginFalse()
{
Registry::getSession()->setVariable(d3totp::TOTP_SESSION_CURRENTUSER, true);
Registry::getSession()->setVariable(d3totp_conf::SESSION_CURRENTUSER, true);
/** @var d3totp|MockObject $oTotpMock */
$oTotpMock = $this->getMockBuilder(d3totp::class)
@ -489,18 +490,18 @@ class d3_totp_UserComponentTest extends d3TotpUnitTestCase
$oTotpMock->method('isActive')->willReturn(true);
$this->assertFalse(
$this->callMethod($this->_oController, 'isNoTotpOrNoLogin', [$oTotpMock])
$this->callMethod($this->_oController, 'd3TotpIsNoTotpOrNoLogin', [$oTotpMock])
);
}
/**
* @test
* @throws ReflectionException
* @covers \D3\Totp\Modules\Application\Component\d3_totp_UserComponent::hasValidTotp
* @covers \D3\Totp\Modules\Application\Component\d3_totp_UserComponent::d3TotpHasValidTotp
*/
public function hasValidTotpTrueSessionVarname()
{
Registry::getSession()->setVariable(d3totp::TOTP_SESSION_VARNAME, true);
Registry::getSession()->setVariable(d3totp_conf::SESSION_AUTH, true);
/** @var d3totp|MockObject $oTotpMock */
$oTotpMock = $this->getMockBuilder(d3totp::class)
@ -510,18 +511,18 @@ class d3_totp_UserComponentTest extends d3TotpUnitTestCase
$oTotpMock->method('verify')->willReturn(false);
$this->assertTrue(
$this->callMethod($this->_oController, 'hasValidTotp', ['123456', $oTotpMock])
$this->callMethod($this->_oController, 'd3TotpHasValidTotp', ['123456', $oTotpMock])
);
}
/**
* @test
* @throws ReflectionException
* @covers \D3\Totp\Modules\Application\Component\d3_totp_UserComponent::hasValidTotp
* @covers \D3\Totp\Modules\Application\Component\d3_totp_UserComponent::d3TotpHasValidTotp
*/
public function hasValidTotpTrueValidTotp()
{
Registry::getSession()->setVariable(d3totp::TOTP_SESSION_VARNAME, false);
Registry::getSession()->setVariable(d3totp_conf::SESSION_AUTH, false);
/** @var d3totp|MockObject $oTotpMock */
$oTotpMock = $this->getMockBuilder(d3totp::class)
@ -531,18 +532,18 @@ class d3_totp_UserComponentTest extends d3TotpUnitTestCase
$oTotpMock->method('verify')->willReturn(true);
$this->assertTrue(
$this->callMethod($this->_oController, 'hasValidTotp', ['123456', $oTotpMock])
$this->callMethod($this->_oController, 'd3TotpHasValidTotp', ['123456', $oTotpMock])
);
}
/**
* @test
* @throws ReflectionException
* @covers \D3\Totp\Modules\Application\Component\d3_totp_UserComponent::hasValidTotp
* @covers \D3\Totp\Modules\Application\Component\d3_totp_UserComponent::d3TotpHasValidTotp
*/
public function hasValidTotpFalseMissingTotp()
{
Registry::getSession()->setVariable(d3totp::TOTP_SESSION_VARNAME, false);
Registry::getSession()->setVariable(d3totp_conf::SESSION_AUTH, false);
/** @var d3totp|MockObject $oTotpMock */
$oTotpMock = $this->getMockBuilder(d3totp::class)
@ -552,18 +553,18 @@ class d3_totp_UserComponentTest extends d3TotpUnitTestCase
$oTotpMock->method('verify')->willReturn(true);
$this->assertFalse(
$this->callMethod($this->_oController, 'hasValidTotp', [null, $oTotpMock])
$this->callMethod($this->_oController, 'd3TotpHasValidTotp', [null, $oTotpMock])
);
}
/**
* @test
* @throws ReflectionException
* @covers \D3\Totp\Modules\Application\Component\d3_totp_UserComponent::hasValidTotp
* @covers \D3\Totp\Modules\Application\Component\d3_totp_UserComponent::d3TotpHasValidTotp
*/
public function hasValidTotpFalseUnverifiedTotp()
{
Registry::getSession()->setVariable(d3totp::TOTP_SESSION_VARNAME, false);
Registry::getSession()->setVariable(d3totp_conf::SESSION_AUTH, false);
/** @var d3totp|MockObject $oTotpMock */
$oTotpMock = $this->getMockBuilder(d3totp::class)
@ -573,7 +574,7 @@ class d3_totp_UserComponentTest extends d3TotpUnitTestCase
$oTotpMock->method('verify')->willReturn(false);
$this->assertFalse(
$this->callMethod($this->_oController, 'hasValidTotp', ['123456', $oTotpMock])
$this->callMethod($this->_oController, 'd3TotpHasValidTotp', ['123456', $oTotpMock])
);
}
@ -592,9 +593,9 @@ class d3_totp_UserComponentTest extends d3TotpUnitTestCase
/** @var UserComponent|MockObject $oControllerMock */
$oControllerMock = $this->getMockBuilder(UserComponent::class)
->onlyMethods(['d3GetSession'])
->onlyMethods(['d3TotpGetSession'])
->getMock();
$oControllerMock->method('d3GetSession')->willReturn($oSessionMock);
$oControllerMock->method('d3TotpGetSession')->willReturn($oSessionMock);
$this->_oController = $oControllerMock;
@ -604,13 +605,13 @@ class d3_totp_UserComponentTest extends d3TotpUnitTestCase
/**
* @test
* @throws ReflectionException
* @covers \D3\Totp\Modules\Application\Component\d3_totp_UserComponent::d3GetSession
* @covers \D3\Totp\Modules\Application\Component\d3_totp_UserComponent::d3TotpGetSession
*/
public function d3GetSessionReturnsRightInstance()
{
$this->assertInstanceOf(
Session::class,
$this->callMethod($this->_oController, 'd3GetSession')
$this->callMethod($this->_oController, 'd3TotpGetSession')
);
}
}

9
src/tests/unit/Modules/Application/Controller/Admin/d3_totp_LoginControllerTest.php
View File

@ -15,6 +15,7 @@ namespace D3\Totp\tests\unit\Modules\Application\Controller\Admin;
use D3\Totp\Application\Model\d3backupcodelist;
use D3\Totp\Application\Model\d3totp;
use D3\Totp\Application\Model\d3totp_conf;
use D3\Totp\Application\Model\Exceptions\d3totp_wrongOtpException;
use D3\Totp\Modules\Application\Controller\Admin\d3_totp_LoginController;
use D3\Totp\tests\unit\d3TotpUnitTestCase;
@ -599,7 +600,7 @@ class d3_totp_LoginControllerTest extends d3TotpUnitTestCase
*/
public function hasValidTotpTrueSessionVarname()
{
Registry::getSession()->setVariable(d3totp::TOTP_SESSION_VARNAME, true);
Registry::getSession()->setVariable(d3totp_conf::SESSION_AUTH, true);
/** @var d3totp|MockObject $oTotpMock */
$oTotpMock = $this->getMockBuilder(d3totp::class)
@ -620,7 +621,7 @@ class d3_totp_LoginControllerTest extends d3TotpUnitTestCase
*/
public function hasValidTotpTrueValidTotp()
{
Registry::getSession()->setVariable(d3totp::TOTP_SESSION_VARNAME, false);
Registry::getSession()->setVariable(d3totp_conf::SESSION_AUTH, false);
/** @var d3totp|MockObject $oTotpMock */
$oTotpMock = $this->getMockBuilder(d3totp::class)
@ -641,7 +642,7 @@ class d3_totp_LoginControllerTest extends d3TotpUnitTestCase
*/
public function hasValidTotpFalseMissingTotp()
{
Registry::getSession()->setVariable(d3totp::TOTP_SESSION_VARNAME, false);
Registry::getSession()->setVariable(d3totp_conf::SESSION_AUTH, false);
/** @var d3totp|MockObject $oTotpMock */
$oTotpMock = $this->getMockBuilder(d3totp::class)
@ -662,7 +663,7 @@ class d3_totp_LoginControllerTest extends d3TotpUnitTestCase
*/
public function hasValidTotpFalseUnverifiedTotp()
{
Registry::getSession()->setVariable(d3totp::TOTP_SESSION_VARNAME, false);
Registry::getSession()->setVariable(d3totp_conf::SESSION_AUTH, false);
/** @var d3totp|MockObject $oTotpMock */
$oTotpMock = $this->getMockBuilder(d3totp::class)

8
src/tests/unit/Modules/Application/Model/d3_totp_userTest.php
View File

@ -58,9 +58,9 @@ class d3_totp_userTest extends d3TotpUnitTestCase
/** @var d3_totp_user|MockObject $oModelMock */
$oModelMock = $this->getMockBuilder(User::class)
->onlyMethods(['d3GetSession'])
->onlyMethods(['d3TotpGetSession'])
->getMock();
$oModelMock->method('d3GetSession')->willReturn($oSessionMock);
$oModelMock->method('d3TotpGetSession')->willReturn($oSessionMock);
$this->_oModel = $oModelMock;
@ -88,13 +88,13 @@ class d3_totp_userTest extends d3TotpUnitTestCase
/**
* @test
* @throws ReflectionException
* @covers \D3\Totp\Modules\Application\Model\d3_totp_user::d3GetSession
* @covers \D3\Totp\Modules\Application\Model\d3_totp_user::d3TotpGetSession
*/
public function d3GetSessionReturnsRightInstance()
{
$this->assertInstanceOf(
Session::class,
$this->callMethod($this->_oModel, 'd3GetSession')
$this->callMethod($this->_oModel, 'd3TotpGetSession')
);
}
}