2022-11-23 00:18:09 +01:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* For the full copyright and license information, please view the LICENSE
|
|
|
|
|
* file that was distributed with this source code.
|
|
|
|
|
*
|
|
|
|
|
* https://www.d3data.de
|
|
|
|
|
*
|
|
|
|
|
* @copyright (C) D3 Data Development (Inh. Thomas Dartsch)
|
|
|
|
|
* @author D3 Data Development - Daniel Seifert <info@shopmodule.com>
|
|
|
|
|
* @link https://www.oxidmodule.com
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
declare(strict_types=1);
|
|
|
|
|
|
|
|
|
|
namespace D3\Webauthn\tests\unit\Application\Controller\Admin;
|
|
|
|
|
|
|
|
|
|
use D3\TestingTools\Development\CanAccessRestricted;
|
|
|
|
|
use D3\Webauthn\Application\Controller\Admin\d3webauthnadminlogin;
|
2022-11-27 01:02:23 +01:00
|
|
|
use D3\Webauthn\Application\Controller\d3webauthnlogin;
|
2022-11-30 01:27:05 +01:00
|
|
|
use D3\Webauthn\Application\Model\Exceptions\WebauthnGetException;
|
|
|
|
|
use D3\Webauthn\Application\Model\WebauthnAfterLogin;
|
2022-11-27 01:02:23 +01:00
|
|
|
use D3\Webauthn\Application\Model\WebauthnConf;
|
2022-11-30 01:27:05 +01:00
|
|
|
use D3\Webauthn\Application\Model\WebauthnLogin;
|
2022-11-23 00:18:09 +01:00
|
|
|
use D3\Webauthn\tests\unit\Application\Controller\d3webauthnloginTest;
|
2022-11-27 01:02:23 +01:00
|
|
|
use OxidEsales\Eshop\Core\Request;
|
|
|
|
|
use OxidEsales\Eshop\Core\Session;
|
|
|
|
|
use OxidEsales\Eshop\Core\SystemEventHandler;
|
|
|
|
|
use OxidEsales\Eshop\Core\Utils;
|
|
|
|
|
use OxidEsales\Eshop\Core\UtilsServer;
|
|
|
|
|
use OxidEsales\Eshop\Core\UtilsView;
|
|
|
|
|
use PHPUnit\Framework\MockObject\MockObject;
|
2022-11-23 00:18:09 +01:00
|
|
|
use ReflectionException;
|
|
|
|
|
|
|
|
|
|
class d3webauthnadminloginTest extends d3webauthnloginTest
|
|
|
|
|
{
|
|
|
|
|
use CanAccessRestricted;
|
|
|
|
|
|
|
|
|
|
protected $sutClassName = d3webauthnadminlogin::class;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @test
|
|
|
|
|
* @return void
|
|
|
|
|
* @throws ReflectionException
|
|
|
|
|
* @covers \D3\Webauthn\Application\Controller\Admin\d3webauthnadminlogin::_authorize
|
|
|
|
|
*/
|
|
|
|
|
public function canAuthorize()
|
|
|
|
|
{
|
|
|
|
|
$sut = oxNew(d3webauthnadminlogin::class);
|
|
|
|
|
|
|
|
|
|
$this->assertTrue(
|
|
|
|
|
$this->callMethod(
|
|
|
|
|
$sut,
|
|
|
|
|
'_authorize'
|
|
|
|
|
)
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @return void
|
|
|
|
|
*/
|
|
|
|
|
public function canGetNavigationParams()
|
|
|
|
|
{}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @test
|
|
|
|
|
* @return void
|
|
|
|
|
* @throws ReflectionException
|
|
|
|
|
* @covers \D3\Webauthn\Application\Controller\Admin\d3webauthnadminlogin::render
|
|
|
|
|
* @dataProvider canRenderDataProvider
|
|
|
|
|
*/
|
2022-11-27 01:02:23 +01:00
|
|
|
public function canRender($auth, $userFromLogin, $startRedirect, $redirectController)
|
2022-11-23 00:18:09 +01:00
|
|
|
{
|
2022-11-27 01:02:23 +01:00
|
|
|
/** @var Session|MockObject $sessionMock */
|
|
|
|
|
$sessionMock = $this->getMockBuilder(Session::class)
|
|
|
|
|
->onlyMethods(['hasVariable'])
|
|
|
|
|
->getMock();
|
|
|
|
|
$sessionMock->method('hasVariable')->willReturnMap([
|
|
|
|
|
[WebauthnConf::WEBAUTHN_ADMIN_SESSION_AUTH, $auth],
|
|
|
|
|
[WebauthnConf::WEBAUTHN_ADMIN_SESSION_CURRENTUSER, $userFromLogin]
|
|
|
|
|
]);
|
|
|
|
|
|
|
|
|
|
/** @var Utils|MockObject $utilsMock */
|
|
|
|
|
$utilsMock = $this->getMockBuilder(Utils::class)
|
|
|
|
|
->onlyMethods(['redirect'])
|
|
|
|
|
->getMock();
|
|
|
|
|
$utilsMock->expects($startRedirect ? $this->once() : $this->never())
|
|
|
|
|
->method('redirect')->with('index.php?cl='.$redirectController)->willReturn(true);
|
|
|
|
|
|
2022-11-30 01:27:05 +01:00
|
|
|
/** @var WebauthnAfterLogin|MockObject $afterLoginMock */
|
|
|
|
|
$afterLoginMock = $this->getMockBuilder(WebauthnAfterLogin::class)
|
|
|
|
|
->onlyMethods(['changeLanguage'])
|
|
|
|
|
->getMock();
|
|
|
|
|
$afterLoginMock->expects($this->once())->method('changeLanguage');
|
|
|
|
|
|
2022-11-27 01:02:23 +01:00
|
|
|
/** @var d3webauthnlogin|MockObject $sut */
|
|
|
|
|
$sut = $this->getMockBuilder($this->sutClassName)
|
2022-11-30 01:27:05 +01:00
|
|
|
->onlyMethods(['d3GetSession', 'getUtils', 'd3CallMockableParent', 'd3WebauthnGetAfterLogin',
|
|
|
|
|
'generateCredentialRequest', 'addTplParam'])
|
2022-11-27 01:02:23 +01:00
|
|
|
->getMock();
|
|
|
|
|
$sut->method('d3GetSession')->willReturn($sessionMock);
|
|
|
|
|
$sut->method('getUtils')->willReturn($utilsMock);
|
|
|
|
|
$sut->method('d3CallMockableParent')->willReturn('myTemplate.tpl');
|
|
|
|
|
// "any" because redirect doesn't stop execution
|
|
|
|
|
$sut->expects($startRedirect ? $this->any() : $this->atLeastOnce())
|
|
|
|
|
->method('generateCredentialRequest');
|
|
|
|
|
$sut->expects($startRedirect ? $this->any() : $this->atLeastOnce())
|
|
|
|
|
->method('addTplParam')->willReturn(true);
|
2022-11-30 01:27:05 +01:00
|
|
|
$sut->method('d3WebauthnGetAfterLogin')->willReturn($afterLoginMock);
|
2022-11-27 01:02:23 +01:00
|
|
|
|
|
|
|
|
$this->assertSame(
|
|
|
|
|
'myTemplate.tpl',
|
|
|
|
|
$this->callMethod(
|
|
|
|
|
$sut,
|
|
|
|
|
'render'
|
|
|
|
|
)
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @return array
|
|
|
|
|
*/
|
|
|
|
|
public function canRenderDataProvider(): array
|
|
|
|
|
{
|
|
|
|
|
return [
|
|
|
|
|
'has request' => [false, true, false, 'start'],
|
|
|
|
|
'has auth' => [true, true, true, 'admin_start'],
|
|
|
|
|
'missing user' => [false, false, true, 'login'],
|
|
|
|
|
];
|
2022-11-23 00:18:09 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @test
|
|
|
|
|
* @return void
|
|
|
|
|
* @throws ReflectionException
|
|
|
|
|
* @covers \D3\Webauthn\Application\Controller\Admin\d3webauthnadminlogin::generateCredentialRequest
|
|
|
|
|
*/
|
2022-11-27 01:02:23 +01:00
|
|
|
public function canGenerateCredentialRequest($userSessionVarName = WebauthnConf::WEBAUTHN_ADMIN_SESSION_CURRENTUSER)
|
2022-11-23 00:18:09 +01:00
|
|
|
{
|
2022-11-27 01:02:23 +01:00
|
|
|
parent::canGenerateCredentialRequest($userSessionVarName);
|
2022-11-23 00:18:09 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @test
|
|
|
|
|
* @return void
|
|
|
|
|
* @throws ReflectionException
|
|
|
|
|
* @covers \D3\Webauthn\Application\Controller\Admin\d3webauthnadminlogin::generateCredentialRequest
|
|
|
|
|
*/
|
2022-11-27 01:02:23 +01:00
|
|
|
public function generateCredentialRequestFailed($redirectClass = 'login', $userVarName = WebauthnConf::WEBAUTHN_ADMIN_SESSION_CURRENTUSER)
|
2022-11-23 00:18:09 +01:00
|
|
|
{
|
2022-11-27 01:02:23 +01:00
|
|
|
parent::generateCredentialRequestFailed($redirectClass, $userVarName);
|
2022-11-23 00:18:09 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @test
|
|
|
|
|
* @return void
|
|
|
|
|
* @throws ReflectionException
|
|
|
|
|
* @covers \D3\Webauthn\Application\Controller\Admin\d3webauthnadminlogin::getUtils
|
|
|
|
|
*/
|
|
|
|
|
public function getUtilsReturnsRightInstance()
|
|
|
|
|
{
|
|
|
|
|
parent::getUtilsReturnsRightInstance();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @test
|
|
|
|
|
* @return void
|
|
|
|
|
* @throws ReflectionException
|
2022-11-27 01:02:23 +01:00
|
|
|
* @covers \D3\Webauthn\Application\Controller\Admin\d3webauthnadminlogin::d3GetPreviousClass
|
2022-11-23 00:18:09 +01:00
|
|
|
*/
|
2022-11-27 01:02:23 +01:00
|
|
|
public function canGetPreviousClass($sessionVarName = WebauthnConf::WEBAUTHN_ADMIN_SESSION_CURRENTCLASS)
|
2022-11-23 00:18:09 +01:00
|
|
|
{
|
2022-11-27 01:02:23 +01:00
|
|
|
parent::canGetPreviousClass($sessionVarName);
|
2022-11-23 00:18:09 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @test
|
|
|
|
|
* @param $currClass
|
|
|
|
|
* @param $isOrderStep
|
|
|
|
|
* @return void
|
|
|
|
|
* @throws ReflectionException
|
|
|
|
|
* @covers \D3\Webauthn\Application\Controller\Admin\d3webauthnadminlogin::previousClassIsOrderStep
|
|
|
|
|
* @dataProvider canPreviousClassIsOrderStepDataProvider
|
|
|
|
|
*/
|
|
|
|
|
public function canPreviousClassIsOrderStep($currClass, $isOrderStep)
|
|
|
|
|
{
|
|
|
|
|
parent::canPreviousClassIsOrderStep($currClass, $isOrderStep);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @test
|
|
|
|
|
* @return void
|
|
|
|
|
* @throws ReflectionException
|
|
|
|
|
* @covers \D3\Webauthn\Application\Controller\Admin\d3webauthnadminlogin::getIsOrderStep
|
|
|
|
|
* @dataProvider canGetIsOrderStepDataProvider
|
|
|
|
|
*/
|
|
|
|
|
public function canGetIsOrderStep($boolean)
|
|
|
|
|
{
|
|
|
|
|
parent::canGetIsOrderStep($boolean);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function canGetBreadCrumb()
|
|
|
|
|
{
|
|
|
|
|
}
|
2022-11-27 01:02:23 +01:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @test
|
|
|
|
|
* @return void
|
|
|
|
|
* @throws ReflectionException
|
|
|
|
|
* @covers \D3\Webauthn\Application\Controller\Admin\d3webauthnadminlogin::d3AssertAuthn
|
|
|
|
|
*/
|
2022-11-30 01:27:05 +01:00
|
|
|
public function canAssertAuthn()
|
2022-11-27 01:02:23 +01:00
|
|
|
{
|
2022-11-30 01:27:05 +01:00
|
|
|
/** @var WebauthnLogin|MockObject $loginMock */
|
|
|
|
|
$loginMock = $this->getMockBuilder(WebauthnLogin::class)
|
|
|
|
|
->disableOriginalConstructor()
|
|
|
|
|
->onlyMethods(['adminLogin'])
|
|
|
|
|
->getMock();
|
|
|
|
|
$loginMock->expects($this->once())->method('adminLogin')->willReturn('expected');
|
|
|
|
|
|
2022-11-27 01:02:23 +01:00
|
|
|
/** @var Request|MockObject $requestMock */
|
|
|
|
|
$requestMock = $this->getMockBuilder(Request::class)
|
|
|
|
|
->onlyMethods(['getRequestEscapedParameter'])
|
|
|
|
|
->getMock();
|
2022-11-30 01:27:05 +01:00
|
|
|
$requestMock->expects($this->exactly(3))->method('getRequestEscapedParameter')->willReturn('abc');
|
2022-11-27 01:02:23 +01:00
|
|
|
|
|
|
|
|
/** @var d3webauthnadminlogin|MockObject $sut */
|
|
|
|
|
$sut = $this->getMockBuilder(d3webauthnadminlogin::class)
|
2022-11-30 01:27:05 +01:00
|
|
|
->onlyMethods(['getWebauthnLoginObject', 'd3WebAuthnGetRequest'])
|
2022-11-27 01:02:23 +01:00
|
|
|
->getMock();
|
2022-11-30 01:27:05 +01:00
|
|
|
$sut->method('getWebauthnLoginObject')->willReturn($loginMock);
|
2022-11-27 01:02:23 +01:00
|
|
|
$sut->method('d3WebAuthnGetRequest')->willReturn($requestMock);
|
|
|
|
|
|
|
|
|
|
$this->assertSame(
|
2022-11-30 01:27:05 +01:00
|
|
|
'expected',
|
2022-11-27 01:02:23 +01:00
|
|
|
$this->callMethod(
|
|
|
|
|
$sut,
|
|
|
|
|
'd3AssertAuthn'
|
|
|
|
|
)
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @test
|
|
|
|
|
* @return void
|
|
|
|
|
* @throws ReflectionException
|
|
|
|
|
* @covers \D3\Webauthn\Application\Controller\Admin\d3webauthnadminlogin::d3AssertAuthn
|
|
|
|
|
*/
|
2022-11-30 01:27:05 +01:00
|
|
|
public function cannotAssertAuthn()
|
2022-11-27 01:02:23 +01:00
|
|
|
{
|
|
|
|
|
/** @var UtilsView|MockObject $utilsViewMock */
|
|
|
|
|
$utilsViewMock = $this->getMockBuilder(UtilsView::class)
|
|
|
|
|
->onlyMethods(['addErrorToDisplay'])
|
|
|
|
|
->getMock();
|
2022-11-30 01:27:05 +01:00
|
|
|
$utilsViewMock->expects($this->once())->method('addErrorToDisplay');
|
2022-11-27 01:02:23 +01:00
|
|
|
|
2022-11-30 01:27:05 +01:00
|
|
|
/** @var Request|MockObject $requestMock */
|
|
|
|
|
$requestMock = $this->getMockBuilder(Request::class)
|
|
|
|
|
->onlyMethods(['getRequestEscapedParameter'])
|
2022-11-27 01:02:23 +01:00
|
|
|
->getMock();
|
2022-11-30 01:27:05 +01:00
|
|
|
$requestMock->expects($this->atLeast(2))->method('getRequestEscapedParameter')->willReturn('abc');
|
2022-11-27 01:02:23 +01:00
|
|
|
|
|
|
|
|
/** @var d3webauthnadminlogin|MockObject $sut */
|
|
|
|
|
$sut = $this->getMockBuilder(d3webauthnadminlogin::class)
|
2022-11-30 01:27:05 +01:00
|
|
|
->onlyMethods(['getWebauthnLoginObject', 'd3WebAuthnGetRequest', 'd3GetUtilsViewObject'])
|
2022-11-27 01:02:23 +01:00
|
|
|
->getMock();
|
2022-11-30 01:27:05 +01:00
|
|
|
$sut->method('getWebauthnLoginObject')->willThrowException(oxNew(WebauthnGetException::class));
|
2022-11-27 01:02:23 +01:00
|
|
|
$sut->method('d3WebAuthnGetRequest')->willReturn($requestMock);
|
|
|
|
|
$sut->method('d3GetUtilsViewObject')->willReturn($utilsViewMock);
|
|
|
|
|
|
|
|
|
|
$this->assertSame(
|
2022-11-30 01:27:05 +01:00
|
|
|
'login',
|
2022-11-27 01:02:23 +01:00
|
|
|
$this->callMethod(
|
|
|
|
|
$sut,
|
|
|
|
|
'd3AssertAuthn'
|
|
|
|
|
)
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @return array
|
|
|
|
|
*/
|
|
|
|
|
public function canAssertAuthnCookieSubshopDataProvider(): array
|
|
|
|
|
{
|
|
|
|
|
return [
|
|
|
|
|
'missing cookie' => ['login', true, null, 'user'],
|
|
|
|
|
'no admin user' => ['login', true, 'cookie', 'user'],
|
|
|
|
|
'assertion succ malladmin' => ['admin_start', false, 'cookie', 'malladmin'],
|
|
|
|
|
'assertion succ shop1' => ['admin_start', false, 'cookie', 1],
|
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @test
|
|
|
|
|
* @return void
|
|
|
|
|
* @throws ReflectionException
|
|
|
|
|
* @covers \D3\Webauthn\Application\Controller\Admin\d3webauthnadminlogin::d3WebauthnGetEventHandler
|
|
|
|
|
*/
|
|
|
|
|
public function canGetSystemEventHandler()
|
|
|
|
|
{
|
|
|
|
|
$sut = oxNew(d3webauthnadminlogin::class);
|
|
|
|
|
|
|
|
|
|
$this->assertInstanceOf(
|
|
|
|
|
SystemEventHandler::class,
|
|
|
|
|
$this->callMethod(
|
|
|
|
|
$sut,
|
|
|
|
|
'd3WebauthnGetEventHandler'
|
|
|
|
|
)
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @test
|
|
|
|
|
* @return void
|
|
|
|
|
* @throws ReflectionException
|
|
|
|
|
* @covers \D3\Webauthn\Application\Controller\Admin\d3webauthnadminlogin::d3WebAuthnGetRequest
|
|
|
|
|
*/
|
|
|
|
|
public function canGetRequest()
|
|
|
|
|
{
|
|
|
|
|
$sut = oxNew(d3webauthnadminlogin::class);
|
|
|
|
|
|
|
|
|
|
$this->assertInstanceOf(
|
|
|
|
|
Request::class,
|
|
|
|
|
$this->callMethod(
|
|
|
|
|
$sut,
|
|
|
|
|
'd3WebAuthnGetRequest'
|
|
|
|
|
)
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @test
|
|
|
|
|
* @return void
|
|
|
|
|
* @throws ReflectionException
|
|
|
|
|
* @covers \D3\Webauthn\Application\Controller\Admin\d3webauthnadminlogin::d3WebauthnGetUtilsServer
|
|
|
|
|
*/
|
|
|
|
|
public function canGetUtilsServer()
|
|
|
|
|
{
|
|
|
|
|
$sut = oxNew(d3webauthnadminlogin::class);
|
|
|
|
|
|
|
|
|
|
$this->assertInstanceOf(
|
|
|
|
|
UtilsServer::class,
|
|
|
|
|
$this->callMethod(
|
|
|
|
|
$sut,
|
|
|
|
|
'd3WebauthnGetUtilsServer'
|
|
|
|
|
)
|
|
|
|
|
);
|
|
|
|
|
}
|
2022-11-30 01:27:05 +01:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @test
|
|
|
|
|
* @return void
|
|
|
|
|
* @throws ReflectionException
|
|
|
|
|
* @covers \D3\Webauthn\Application\Controller\Admin\d3webauthnadminlogin::getWebauthnLoginObject
|
|
|
|
|
*/
|
|
|
|
|
public function canGetWebauthnLoginObject()
|
|
|
|
|
{
|
|
|
|
|
$sut = oxNew(d3webauthnadminlogin::class);
|
|
|
|
|
|
|
|
|
|
$this->assertInstanceOf(
|
|
|
|
|
WebauthnLogin::class,
|
|
|
|
|
$this->callMethod(
|
|
|
|
|
$sut,
|
|
|
|
|
'getWebauthnLoginObject',
|
|
|
|
|
['credential', 'error']
|
|
|
|
|
)
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @test
|
|
|
|
|
* @return void
|
|
|
|
|
* @throws ReflectionException
|
|
|
|
|
* @covers \D3\Webauthn\Application\Controller\Admin\d3webauthnadminlogin::d3WebauthnGetAfterLogin
|
|
|
|
|
*/
|
|
|
|
|
public function canGetWebauthnAfterLoginObject()
|
|
|
|
|
{
|
|
|
|
|
$sut = oxNew(d3webauthnadminlogin::class);
|
|
|
|
|
|
|
|
|
|
$this->assertInstanceOf(
|
|
|
|
|
WebauthnAfterLogin::class,
|
|
|
|
|
$this->callMethod(
|
|
|
|
|
$sut,
|
|
|
|
|
'd3WebauthnGetAfterLogin'
|
|
|
|
|
)
|
|
|
|
|
);
|
|
|
|
|
}
|
2022-11-23 00:18:09 +01:00
|
|
|
}
|
