D3Public
/
webauthn
8
0
Fork 0
Code Pull Requests Packages Projects Releases Activity

add further tests

This commit is contained in:
Daniel Seifert 2022-12-02 15:56:17 +01:00
parent 9c8c3b34e9
commit 5fa3a28196
Signed by: DanielS
GPG Key ID: 8A7C4C6ED1915C6F
4 changed files with 156 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/Application/Model/RelyingPartyEntity.php
View File

@ -34,12 +34,6 @@ class RelyingPartyEntity extends PublicKeyCredentialRpEntity
$this->getRPShopUrl() $this->getRPShopUrl()
] ]
); );
/**
parent::__construct(
$this->getActiveShop()->getFieldData('oxname'),
$this->getRPShopUrl()
);
*/
} }
/** /**

53
src/Modules/Application/Controller/Admin/d3_LoginController_Webauthn.php
View File

@ -22,19 +22,12 @@ use Doctrine\DBAL\Driver\Exception as DoctrineException;
use Doctrine\DBAL\Exception; use Doctrine\DBAL\Exception;
use OxidEsales\Eshop\Application\Model\User; use OxidEsales\Eshop\Application\Model\User;
use OxidEsales\Eshop\Core\Registry; use OxidEsales\Eshop\Core\Registry;
use OxidEsales\Eshop\Core\Request;
use Psr\Container\ContainerExceptionInterface; use Psr\Container\ContainerExceptionInterface;
use Psr\Container\NotFoundExceptionInterface; use Psr\Container\NotFoundExceptionInterface;
class d3_LoginController_Webauthn extends d3_LoginController_Webauthn_parent class d3_LoginController_Webauthn extends d3_LoginController_Webauthn_parent
{ {
/**
* @return Webauthn
*/
public function d3GetWebauthnObject(): Webauthn
{
return oxNew(Webauthn::class);
}
/** /**
* @return mixed|string * @return mixed|string
* @throws ContainerExceptionInterface * @throws ContainerExceptionInterface
@ -44,25 +37,21 @@ class d3_LoginController_Webauthn extends d3_LoginController_Webauthn_parent
*/ */
public function checklogin() public function checklogin()
{ {
$lgn_user = Registry::getRequest()->getRequestParameter('user') ?: $lgn_user = $this->d3WebauthnGetRequestObject()->getRequestParameter( 'user') ?:
Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_ADMIN_SESSION_LOGINUSER); Registry::getSession()->getVariable(WebauthnConf::WEBAUTHN_ADMIN_SESSION_LOGINUSER);
$password = Registry::getRequest()->getRequestParameter('pwd');
/** @var d3_User_Webauthn $user */ /** @var d3_User_Webauthn $user */
$user = $this->d3WebauthnGetUserObject(); $user = $this->d3WebauthnGetUserObject();
$userId = $user->d3GetLoginUserId($lgn_user, 'malladmin'); $userId = $user->d3GetLoginUserId($lgn_user, 'malladmin');
if ($lgn_user && $userId && if ( $this->d3CanUseWebauthn( $lgn_user, $userId)) {
false === Registry::getSession()->hasVariable(WebauthnConf::WEBAUTHN_ADMIN_SESSION_AUTH) &&
(!strlen(trim((string) $password)))
) {
Registry::getSession()->setVariable( Registry::getSession()->setVariable(
WebauthnConf::WEBAUTHN_ADMIN_PROFILE, WebauthnConf::WEBAUTHN_ADMIN_PROFILE,
Registry::getRequest()->getRequestEscapedParameter('profile') $this->d3WebauthnGetRequestObject()->getRequestEscapedParameter( 'profile')
); );
Registry::getSession()->setVariable( Registry::getSession()->setVariable(
WebauthnConf::WEBAUTHN_ADMIN_CHLANGUAGE, WebauthnConf::WEBAUTHN_ADMIN_CHLANGUAGE,
Registry::getRequest()->getRequestEscapedParameter('chlanguage') $this->d3WebauthnGetRequestObject()->getRequestEscapedParameter( 'chlanguage')
); );
$webauthn = $this->d3GetWebauthnObject(); $webauthn = $this->d3GetWebauthnObject();
@ -90,6 +79,14 @@ class d3_LoginController_Webauthn extends d3_LoginController_Webauthn_parent
return parent::checklogin(); return parent::checklogin();
} }
/**
* @return Webauthn
*/
public function d3GetWebauthnObject(): Webauthn
{
return oxNew(Webauthn::class);
}
/** /**
* @return void * @return void
*/ */
@ -106,4 +103,28 @@ class d3_LoginController_Webauthn extends d3_LoginController_Webauthn_parent
{ {
return oxNew(User::class); return oxNew(User::class);
} }
/**
* @return Request
*/
public function d3WebauthnGetRequestObject(): Request
{
return Registry::getRequest();
}
/**
* @param $lgn_user
* @param string|null $userId
*
* @return bool
*/
protected function d3CanUseWebauthn( $lgn_user, ?string $userId): bool
{
$password = $this->d3WebauthnGetRequestObject()->getRequestParameter( 'pwd');
return $lgn_user &&
$userId &&
false === Registry::getSession()->hasVariable( WebauthnConf::WEBAUTHN_ADMIN_SESSION_AUTH ) &&
( ! strlen( trim( (string) $password ) ) );
}
} }

10
src/tests/unit/Application/Model/RelyingPartyEntityTest.php
View File

@ -224,7 +224,10 @@ class RelyingPartyEntityTest extends UnitTestCase
public function canGetConfig() public function canGetConfig()
{ {
/** @var RelyingPartyEntity $sut */ /** @var RelyingPartyEntity $sut */
$sut = oxNew(RelyingPartyEntity::class); //$sut = oxNew(RelyingPartyEntity::class);
$sut = $this->getMockBuilder(RelyingPartyEntity::class)
->disableOriginalConstructor()
->getMock();
$this->assertInstanceOf( $this->assertInstanceOf(
Config::class, Config::class,
@ -244,7 +247,10 @@ class RelyingPartyEntityTest extends UnitTestCase
public function canGetActiveShop() public function canGetActiveShop()
{ {
/** @var RelyingPartyEntity $sut */ /** @var RelyingPartyEntity $sut */
$sut = oxNew(RelyingPartyEntity::class); //$sut = oxNew(RelyingPartyEntity::class);
$sut = $this->getMockBuilder(RelyingPartyEntity::class)
->disableOriginalConstructor()
->getMock();
$this->assertInstanceOf( $this->assertInstanceOf(
Shop::class, Shop::class,

111
src/tests/unit/Modules/Application/Controller/Admin/LoginControllerWebauthnTest.php Normal file
View File

@ -0,0 +1,111 @@
<?php
/**
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* https://www.d3data.de
*
* @copyright (C) D3 Data Development (Inh. Thomas Dartsch)
* @author D3 Data Development - Daniel Seifert <info@shopmodule.com>
* @link https://www.oxidmodule.com
*/
declare(strict_types=1);
namespace D3\Webauthn\tests\unit\Modules\Application\Controller\Admin;
use D3\TestingTools\Development\CanAccessRestricted;
use D3\Webauthn\Application\Model\Webauthn;
use OxidEsales\Eshop\Application\Controller\Admin\LoginController;
use OxidEsales\Eshop\Application\Model\User;
use OxidEsales\Eshop\Core\Request;
use OxidEsales\TestingLibrary\UnitTestCase;
use PHPUnit\Framework\MockObject\MockObject;
use ReflectionException;
class LoginControllerWebauthnTest extends UnitTestCase
{
use CanAccessRestricted;
/**
* @test
* @covers \D3\Webauthn\Modules\Application\Controller\Admin\d3_LoginController_Webauthn::d3GetWebauthnObject
* @throws ReflectionException
*/
public function canGetWebauthnObject()
{
$sut = oxNew(LoginController::class);
$this->assertInstanceOf(
Webauthn::class,
$this->callMethod(
$sut,
'd3GetWebauthnObject'
)
);
}
/**
* @test
* @throws ReflectionException
* @covers \D3\Webauthn\Modules\Application\Controller\Admin\d3_LoginController_Webauthn::d3WebauthnCancelLogin
*/
public function canCancelLogin()
{
/** @var User|MockObject $userMock */
$userMock = $this->getMockBuilder(User::class)
->onlyMethods(['logout'])
->getMock();
$userMock->expects($this->atLeastOnce())->method('logout');
/** @var LoginController|MockObject $sut */
$sut = $this->getMockBuilder(LoginController::class)
->onlyMethods(['d3WebauthnGetUserObject'])
->getMock();
$sut->method('d3WebauthnGetUserObject')->willReturn($userMock);
$this->callMethod(
$sut,
'd3WebauthnCancelLogin'
);
}
/**
* @test
* @throws ReflectionException
* @covers \D3\Webauthn\Modules\Application\Controller\Admin\d3_LoginController_Webauthn::d3WebauthnGetUserObject
*/
public function canGetUserObject()
{
/** @var LoginController $sut */
$sut = oxNew(LoginController::class);
$this->assertInstanceOf(
User::class,
$this->callMethod(
$sut,
'd3WebauthnGetUserObject'
)
);
}
/**
* @test
* @throws ReflectionException
* @covers \D3\Webauthn\Modules\Application\Controller\Admin\d3_LoginController_Webauthn::d3WebauthnGetRequestObject
*/
public function canGetRequestObject()
{
/** @var LoginController $sut */
$sut = oxNew(LoginController::class);
$this->assertInstanceOf(
Request::class,
$this->callMethod(
$sut,
'd3WebauthnGetRequestObject'
)
);
}
}