diff --git a/src/Application/Model/RelyingPartyEntity.php b/src/Application/Model/RelyingPartyEntity.php index b769ad0..20dd0cf 100755 --- a/src/Application/Model/RelyingPartyEntity.php +++ b/src/Application/Model/RelyingPartyEntity.php @@ -34,12 +34,6 @@ class RelyingPartyEntity extends PublicKeyCredentialRpEntity $this->getRPShopUrl() ] ); -/** - parent::__construct( - $this->getActiveShop()->getFieldData('oxname'), - $this->getRPShopUrl() - ); - */ } /** diff --git a/src/Modules/Application/Controller/Admin/d3_LoginController_Webauthn.php b/src/Modules/Application/Controller/Admin/d3_LoginController_Webauthn.php index 7814cad..a6439ae 100755 --- a/src/Modules/Application/Controller/Admin/d3_LoginController_Webauthn.php +++ b/src/Modules/Application/Controller/Admin/d3_LoginController_Webauthn.php @@ -22,19 +22,12 @@ use Doctrine\DBAL\Driver\Exception as DoctrineException; use Doctrine\DBAL\Exception; use OxidEsales\Eshop\Application\Model\User; use OxidEsales\Eshop\Core\Registry; +use OxidEsales\Eshop\Core\Request; use Psr\Container\ContainerExceptionInterface; use Psr\Container\NotFoundExceptionInterface; class d3_LoginController_Webauthn extends d3_LoginController_Webauthn_parent { - /** - * @return Webauthn - */ - public function d3GetWebauthnObject(): Webauthn - { - return oxNew(Webauthn::class); - } - /** * @return mixed|string * @throws ContainerExceptionInterface @@ -44,25 +37,21 @@ class d3_LoginController_Webauthn extends d3_LoginController_Webauthn_parent */ public function checklogin() { - $lgn_user = Registry::getRequest()->getRequestParameter('user') ?: + $lgn_user = $this->d3WebauthnGetRequestObject()->getRequestParameter( 'user') ?: Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_ADMIN_SESSION_LOGINUSER); - $password = Registry::getRequest()->getRequestParameter('pwd'); /** @var d3_User_Webauthn $user */ $user = $this->d3WebauthnGetUserObject(); $userId = $user->d3GetLoginUserId($lgn_user, 'malladmin'); - if ($lgn_user && $userId && - false === Registry::getSession()->hasVariable(WebauthnConf::WEBAUTHN_ADMIN_SESSION_AUTH) && - (!strlen(trim((string) $password))) - ) { + if ( $this->d3CanUseWebauthn( $lgn_user, $userId)) { Registry::getSession()->setVariable( WebauthnConf::WEBAUTHN_ADMIN_PROFILE, - Registry::getRequest()->getRequestEscapedParameter('profile') + $this->d3WebauthnGetRequestObject()->getRequestEscapedParameter( 'profile') ); Registry::getSession()->setVariable( WebauthnConf::WEBAUTHN_ADMIN_CHLANGUAGE, - Registry::getRequest()->getRequestEscapedParameter('chlanguage') + $this->d3WebauthnGetRequestObject()->getRequestEscapedParameter( 'chlanguage') ); $webauthn = $this->d3GetWebauthnObject(); @@ -90,6 +79,14 @@ class d3_LoginController_Webauthn extends d3_LoginController_Webauthn_parent return parent::checklogin(); } + /** + * @return Webauthn + */ + public function d3GetWebauthnObject(): Webauthn + { + return oxNew(Webauthn::class); + } + /** * @return void */ @@ -106,4 +103,28 @@ class d3_LoginController_Webauthn extends d3_LoginController_Webauthn_parent { return oxNew(User::class); } + + /** + * @return Request + */ + public function d3WebauthnGetRequestObject(): Request + { + return Registry::getRequest(); + } + + /** + * @param $lgn_user + * @param string|null $userId + * + * @return bool + */ + protected function d3CanUseWebauthn( $lgn_user, ?string $userId): bool + { + $password = $this->d3WebauthnGetRequestObject()->getRequestParameter( 'pwd'); + + return $lgn_user && + $userId && + false === Registry::getSession()->hasVariable( WebauthnConf::WEBAUTHN_ADMIN_SESSION_AUTH ) && + ( ! strlen( trim( (string) $password ) ) ); + } } \ No newline at end of file diff --git a/src/tests/unit/Application/Model/RelyingPartyEntityTest.php b/src/tests/unit/Application/Model/RelyingPartyEntityTest.php index b2d20b2..d093985 100644 --- a/src/tests/unit/Application/Model/RelyingPartyEntityTest.php +++ b/src/tests/unit/Application/Model/RelyingPartyEntityTest.php @@ -224,7 +224,10 @@ class RelyingPartyEntityTest extends UnitTestCase public function canGetConfig() { /** @var RelyingPartyEntity $sut */ - $sut = oxNew(RelyingPartyEntity::class); + //$sut = oxNew(RelyingPartyEntity::class); + $sut = $this->getMockBuilder(RelyingPartyEntity::class) + ->disableOriginalConstructor() + ->getMock(); $this->assertInstanceOf( Config::class, @@ -244,7 +247,10 @@ class RelyingPartyEntityTest extends UnitTestCase public function canGetActiveShop() { /** @var RelyingPartyEntity $sut */ - $sut = oxNew(RelyingPartyEntity::class); + //$sut = oxNew(RelyingPartyEntity::class); + $sut = $this->getMockBuilder(RelyingPartyEntity::class) + ->disableOriginalConstructor() + ->getMock(); $this->assertInstanceOf( Shop::class, diff --git a/src/tests/unit/Modules/Application/Controller/Admin/LoginControllerWebauthnTest.php b/src/tests/unit/Modules/Application/Controller/Admin/LoginControllerWebauthnTest.php new file mode 100644 index 0000000..5b66cdc --- /dev/null +++ b/src/tests/unit/Modules/Application/Controller/Admin/LoginControllerWebauthnTest.php @@ -0,0 +1,111 @@ + + * @link https://www.oxidmodule.com + */ + +declare(strict_types=1); + +namespace D3\Webauthn\tests\unit\Modules\Application\Controller\Admin; + +use D3\TestingTools\Development\CanAccessRestricted; +use D3\Webauthn\Application\Model\Webauthn; +use OxidEsales\Eshop\Application\Controller\Admin\LoginController; +use OxidEsales\Eshop\Application\Model\User; +use OxidEsales\Eshop\Core\Request; +use OxidEsales\TestingLibrary\UnitTestCase; +use PHPUnit\Framework\MockObject\MockObject; +use ReflectionException; + +class LoginControllerWebauthnTest extends UnitTestCase +{ + use CanAccessRestricted; + + /** + * @test + * @covers \D3\Webauthn\Modules\Application\Controller\Admin\d3_LoginController_Webauthn::d3GetWebauthnObject + * @throws ReflectionException + */ + public function canGetWebauthnObject() + { + $sut = oxNew(LoginController::class); + + $this->assertInstanceOf( + Webauthn::class, + $this->callMethod( + $sut, + 'd3GetWebauthnObject' + ) + ); + } + + /** + * @test + * @throws ReflectionException + * @covers \D3\Webauthn\Modules\Application\Controller\Admin\d3_LoginController_Webauthn::d3WebauthnCancelLogin + */ + public function canCancelLogin() + { + /** @var User|MockObject $userMock */ + $userMock = $this->getMockBuilder(User::class) + ->onlyMethods(['logout']) + ->getMock(); + $userMock->expects($this->atLeastOnce())->method('logout'); + + /** @var LoginController|MockObject $sut */ + $sut = $this->getMockBuilder(LoginController::class) + ->onlyMethods(['d3WebauthnGetUserObject']) + ->getMock(); + $sut->method('d3WebauthnGetUserObject')->willReturn($userMock); + + $this->callMethod( + $sut, + 'd3WebauthnCancelLogin' + ); + } + + /** + * @test + * @throws ReflectionException + * @covers \D3\Webauthn\Modules\Application\Controller\Admin\d3_LoginController_Webauthn::d3WebauthnGetUserObject + */ + public function canGetUserObject() + { + /** @var LoginController $sut */ + $sut = oxNew(LoginController::class); + + $this->assertInstanceOf( + User::class, + $this->callMethod( + $sut, + 'd3WebauthnGetUserObject' + ) + ); + } + + /** + * @test + * @throws ReflectionException + * @covers \D3\Webauthn\Modules\Application\Controller\Admin\d3_LoginController_Webauthn::d3WebauthnGetRequestObject + */ + public function canGetRequestObject() + { + /** @var LoginController $sut */ + $sut = oxNew(LoginController::class); + + $this->assertInstanceOf( + Request::class, + $this->callMethod( + $sut, + 'd3WebauthnGetRequestObject' + ) + ); + } +} \ No newline at end of file