search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Localisation updates from https://translatewiki.net.
[mediawiki.git] / tests / phpunit / includes / auth / ThrottlerTest.php
blobee451442186b69f9e3b1c8e9ef67a3cd50befa21
1 <?php
2
3 namespace MediaWiki\Tests\Auth;
4
5 use InvalidArgumentException;
6 use MediaWiki\Auth\Throttler;
7 use MediaWiki\MainConfigNames;
8 use MediaWikiIntegrationTestCase;
9 use Psr\Log\AbstractLogger;
10 use Psr\Log\LoggerInterface;
11 use Psr\Log\NullLogger;
12 use Wikimedia\ObjectCache\BagOStuff;
13 use Wikimedia\ObjectCache\HashBagOStuff;
14 use Wikimedia\TestingAccessWrapper;
15
16 /**
17 * @group AuthManager
18 * @covers \MediaWiki\Auth\Throttler
19 */
20 class ThrottlerTest extends MediaWikiIntegrationTestCase {
21
22 public function setUp(): void {
23 parent::setUp();
24 // Avoid issues where extensions attempt to interact with the DB when handling this hook then causing these
25 // tests to fail.
26 $this->clearHook( 'AuthenticationAttemptThrottled' );
27 }
28
29 public function testConstructor() {
30 $cache = new HashBagOStuff();
31 $logger = $this->getMockBuilder( AbstractLogger::class )
32 ->onlyMethods( [ 'log' ] )
33 ->getMockForAbstractClass();
34
35 $throttler = new Throttler(
36 [ [ 'count' => 123, 'seconds' => 456 ] ],
37 [ 'type' => 'foo', 'cache' => $cache ]
38 );
39 $throttler->setLogger( $logger );
40 $throttlerPriv = TestingAccessWrapper::newFromObject( $throttler );
41 $this->assertSame( [ [ 'count' => 123, 'seconds' => 456 ] ], $throttlerPriv->conditions );
42 $this->assertSame( 'foo', $throttlerPriv->type );
43 $this->assertSame( $cache, $throttlerPriv->cache );
44 $this->assertSame( $logger, $throttlerPriv->logger );
45
46 $throttler = new Throttler( [ [ 'count' => 123, 'seconds' => 456 ] ] );
47 $throttler->setLogger( new NullLogger() );
48 $throttlerPriv = TestingAccessWrapper::newFromObject( $throttler );
49 $this->assertSame( [ [ 'count' => 123, 'seconds' => 456 ] ], $throttlerPriv->conditions );
50 $this->assertSame( 'custom', $throttlerPriv->type );
51 $this->assertInstanceOf( BagOStuff::class, $throttlerPriv->cache );
52 $this->assertInstanceOf( LoggerInterface::class, $throttlerPriv->logger );
53
54 $this->overrideConfigValue(
55 MainConfigNames::PasswordAttemptThrottle,
56 [ [ 'count' => 321, 'seconds' => 654 ] ]
57 );
58 $throttler = new Throttler();
59 $throttler->setLogger( new NullLogger() );
60 $throttlerPriv = TestingAccessWrapper::newFromObject( $throttler );
61 $this->assertSame( [ [ 'count' => 321, 'seconds' => 654 ] ], $throttlerPriv->conditions );
62 $this->assertSame( 'password', $throttlerPriv->type );
63 $this->assertInstanceOf( BagOStuff::class, $throttlerPriv->cache );
64 $this->assertInstanceOf( LoggerInterface::class, $throttlerPriv->logger );
65
66 try {
67 new Throttler( [], [ 'foo' => 1, 'bar' => 2, 'baz' => 3 ] );
68 $this->fail( 'Expected exception not thrown' );
69 } catch ( InvalidArgumentException $ex ) {
70 $this->assertSame( 'unrecognized parameters: foo, bar, baz', $ex->getMessage() );
71 }
72 }
73
74 /**
75 * @dataProvider provideNormalizeThrottleConditions
76 */
77 public function testNormalizeThrottleConditions( $condition, $normalized ) {
78 $throttler = new Throttler( $condition );
79 $throttler->setLogger( new NullLogger() );
80 $throttlerPriv = TestingAccessWrapper::newFromObject( $throttler );
81 $this->assertSame( $normalized, $throttlerPriv->conditions );
82 }
83
84 public static function provideNormalizeThrottleConditions() {
85 return [
86 [
87 [],
88 [],
89 ],
90 [
91 [ 'count' => 1, 'seconds' => 2 ],
92 [ [ 'count' => 1, 'seconds' => 2 ] ],
93 ],
94 [
95 [ [ 'count' => 1, 'seconds' => 2 ], [ 'count' => 2, 'seconds' => 3 ] ],
96 [ [ 'count' => 1, 'seconds' => 2 ], [ 'count' => 2, 'seconds' => 3 ] ],
97 ],
98 ];
99 }
100
101 public function testNormalizeThrottleConditions2() {
102 $priv = TestingAccessWrapper::newFromClass( Throttler::class );
103 $this->assertSame( [], $priv->normalizeThrottleConditions( null ) );
104 $this->assertSame( [], $priv->normalizeThrottleConditions( 'bad' ) );
105 }
106
107 public function testIncrease() {
108 $cache = new HashBagOStuff();
109 $throttler = new Throttler( [
110 [ 'count' => 2, 'seconds' => 10, ],
111 [ 'count' => 4, 'seconds' => 15, 'allIPs' => true ],
112 ], [ 'cache' => $cache ] );
113 $throttler->setLogger( new NullLogger() );
114
115 $result = $throttler->increase( 'SomeUser', '1.2.3.4' );
116 $this->assertFalse( $result, 'should not throttle' );
117
118 $result = $throttler->increase( 'SomeUser', '1.2.3.4' );
119 $this->assertFalse( $result, 'should not throttle' );
120
121 $result = $throttler->increase( 'SomeUser', '1.2.3.4' );
122 $this->assertSame( [ 'throttleIndex' => 0, 'count' => 2, 'wait' => 10 ], $result );
123
124 $result = $throttler->increase( 'OtherUser', '1.2.3.4' );
125 $this->assertFalse( $result, 'should not throttle' );
126
127 $result = $throttler->increase( 'SomeUser', '2.3.4.5' );
128 $this->assertFalse( $result, 'should not throttle' );
129
130 $result = $throttler->increase( 'SomeUser', '3.4.5.6' );
131 $this->assertFalse( $result, 'should not throttle' );
132
133 $result = $throttler->increase( 'SomeUser', '3.4.5.6' );
134 $this->assertSame( [ 'throttleIndex' => 1, 'count' => 4, 'wait' => 15 ], $result );
135 }
136
137 public function testZeroCount() {
138 $cache = new HashBagOStuff();
139 $throttler = new Throttler( [ [ 'count' => 0, 'seconds' => 10 ] ], [ 'cache' => $cache ] );
140 $throttler->setLogger( new NullLogger() );
141
142 $result = $throttler->increase( 'SomeUser', '1.2.3.4' );
143 $this->assertFalse( $result, 'should not throttle, count=0 is ignored' );
144
145 $result = $throttler->increase( 'SomeUser', '1.2.3.4' );
146 $this->assertFalse( $result, 'should not throttle, count=0 is ignored' );
147
148 $result = $throttler->increase( 'SomeUser', '1.2.3.4' );
149 $this->assertFalse( $result, 'should not throttle, count=0 is ignored' );
150 }
151
152 public function testNamespacing() {
153 $cache = new HashBagOStuff();
154 $throttler1 = new Throttler( [ [ 'count' => 1, 'seconds' => 10 ] ],
155 [ 'cache' => $cache, 'type' => 'foo' ] );
156 $throttler2 = new Throttler( [ [ 'count' => 1, 'seconds' => 10 ] ],
157 [ 'cache' => $cache, 'type' => 'foo' ] );
158 $throttler3 = new Throttler( [ [ 'count' => 1, 'seconds' => 10 ] ],
159 [ 'cache' => $cache, 'type' => 'bar' ] );
160 $throttler1->setLogger( new NullLogger() );
161 $throttler2->setLogger( new NullLogger() );
162 $throttler3->setLogger( new NullLogger() );
163
164 $throttled = [ 'throttleIndex' => 0, 'count' => 1, 'wait' => 10 ];
165
166 $result = $throttler1->increase( 'SomeUser', '1.2.3.4' );
167 $this->assertFalse( $result, 'should not throttle' );
168
169 $result = $throttler1->increase( 'SomeUser', '1.2.3.4' );
170 $this->assertEquals( $throttled, $result, 'should throttle' );
171
172 $result = $throttler2->increase( 'SomeUser', '1.2.3.4' );
173 $this->assertEquals( $throttled, $result, 'should throttle, same namespace' );
174
175 $result = $throttler3->increase( 'SomeUser', '1.2.3.4' );
176 $this->assertFalse( $result, 'should not throttle, different namespace' );
177 }
178
179 public function testExpiration() {
180 $cache = $this->getMockBuilder( HashBagOStuff::class )
181 ->onlyMethods( [ 'add', 'incrWithInit' ] )->getMock();
182 $throttler = new Throttler( [ [ 'count' => 3, 'seconds' => 10 ] ], [ 'cache' => $cache ] );
183 $throttler->setLogger( new NullLogger() );
184
185 $cache->expects( $this->once() )
186 ->method( 'incrWithInit' )
187 ->with( $this->anything(), 10, 1 );
188 $throttler->increase( 'SomeUser' );
189 }
190
191 /**
192 */
193 public function testException() {
194 $throttler = new Throttler( [ [ 'count' => 3, 'seconds' => 10 ] ] );
195 $throttler->setLogger( new NullLogger() );
196 $this->expectException( InvalidArgumentException::class );
197 $throttler->increase();
198 }
199
200 public function testLogAndHook() {
201 // Add a implementation of the AuthenticationAttemptThrottled hook that expects no calls.
202 $this->setTemporaryHook(
203 'AuthenticationAttemptThrottled',
204 function () {
205 $this->fail( 'Did not expect the AuthenticationAttemptThrottled hook to be run.' );
206 }
207 );
208 $cache = new HashBagOStuff();
209 $throttler = new Throttler( [ [ 'count' => 1, 'seconds' => 10 ] ], [ 'cache' => $cache ] );
210
211 // Make the logger expect no calls
212 $logger = $this->getMockBuilder( AbstractLogger::class )
213 ->onlyMethods( [ 'log' ] )
214 ->getMockForAbstractClass();
215 $logger->expects( $this->never() )->method( 'log' );
216 $throttler->setLogger( $logger );
217 // Call the increase method and expect that the throttling did not occur.
218 $result = $throttler->increase( 'SomeUser', '1.2.3.4' );
219 $this->assertFalse( $result, 'should not throttle' );
220
221 // Replace the implementation of the AuthenticationAttemptThrottled hook which one that tests that it is called
222 // with the correct data.
223 $hookCalled = false;
224 $this->setTemporaryHook(
225 'AuthenticationAttemptThrottled',
226 function ( $type, $username, $ip ) use ( &$hookCalled ) {
227 $hookCalled = true;
228 $this->assertSame( 'custom', $type );
229 $this->assertSame( 'SomeUser', $username );
230 $this->assertSame( '1.2.3.4', $ip );
231 }
232 );
233 // Create a mock logger that expects a call.
234 $logger = $this->getMockBuilder( AbstractLogger::class )
235 ->onlyMethods( [ 'log' ] )
236 ->getMockForAbstractClass();
237 $logger->expects( $this->once() )->method( 'log' )->with( $this->anything(), $this->anything(), [
238 'throttle' => 'custom',
239 'index' => 0,
240 'ipKey' => '1.2.3.4',
241 'username' => 'SomeUser',
242 'count' => 1,
243 'expiry' => 10,
244 'method' => 'foo',
245 ] );
246 $throttler->setLogger( $logger );
247 // Call the increase method and expect that the throttling occurred.
248 $result = $throttler->increase( 'SomeUser', '1.2.3.4', 'foo' );
249 $this->assertSame( [ 'throttleIndex' => 0, 'count' => 1, 'wait' => 10 ], $result );
250 $this->assertTrue( $hookCalled );
251 }
252
253 public function testClear() {
254 $cache = new HashBagOStuff();
255 $throttler = new Throttler( [ [ 'count' => 1, 'seconds' => 10 ] ], [ 'cache' => $cache ] );
256 $throttler->setLogger( new NullLogger() );
257
258 $result = $throttler->increase( 'SomeUser', '1.2.3.4' );
259 $this->assertFalse( $result, 'should not throttle' );
260
261 $result = $throttler->increase( 'SomeUser', '1.2.3.4' );
262 $this->assertSame( [ 'throttleIndex' => 0, 'count' => 1, 'wait' => 10 ], $result );
263
264 $result = $throttler->increase( 'OtherUser', '1.2.3.4' );
265 $this->assertFalse( $result, 'should not throttle' );
266
267 $result = $throttler->increase( 'OtherUser', '1.2.3.4' );
268 $this->assertSame( [ 'throttleIndex' => 0, 'count' => 1, 'wait' => 10 ], $result );
269
270 $throttler->clear( 'SomeUser', '1.2.3.4' );
271
272 $result = $throttler->increase( 'SomeUser', '1.2.3.4' );
273 $this->assertFalse( $result, 'should not throttle' );
274
275 $result = $throttler->increase( 'OtherUser', '1.2.3.4' );
276 $this->assertSame( [ 'throttleIndex' => 0, 'count' => 1, 'wait' => 10 ], $result );
277 }
278 }
MediaWiki Core