search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
API: Fixes for AuthManager
[mediawiki.git] / tests / phpunit / includes / auth / ConfirmLinkSecondaryAuthenticationProviderTest.php
blob09d046c8b91de0600b60053ce5d71cb91c361818
1 <?php
2
3 namespace MediaWiki\Auth;
4
5 /**
6 * @group AuthManager
7 * @covers MediaWiki\Auth\ConfirmLinkSecondaryAuthenticationProvider
8 */
9 class ConfirmLinkSecondaryAuthenticationProviderTest extends \MediaWikiTestCase {
10 protected function setUp() {
11 global $wgDisableAuthManager;
12
13 parent::setUp();
14 if ( $wgDisableAuthManager ) {
15 $this->markTestSkipped( '$wgDisableAuthManager is set' );
16 }
17 }
18
19 /**
20 * @dataProvider provideGetAuthenticationRequests
21 * @param string $action
22 * @param array $response
23 */
24 public function testGetAuthenticationRequests( $action, $response ) {
25 $provider = new ConfirmLinkSecondaryAuthenticationProvider();
26
27 $this->assertEquals( $response, $provider->getAuthenticationRequests( $action, [] ) );
28 }
29
30 public static function provideGetAuthenticationRequests() {
31 return [
32 [ AuthManager::ACTION_LOGIN, [] ],
33 [ AuthManager::ACTION_CREATE, [] ],
34 [ AuthManager::ACTION_LINK, [] ],
35 [ AuthManager::ACTION_CHANGE, [] ],
36 [ AuthManager::ACTION_REMOVE, [] ],
37 ];
38 }
39
40 public function testBeginSecondaryAuthentication() {
41 $user = \User::newFromName( 'UTSysop' );
42 $obj = new \stdClass;
43
44 $mock = $this->getMockBuilder( ConfirmLinkSecondaryAuthenticationProvider::class )
45 ->setMethods( [ 'beginLinkAttempt', 'continueLinkAttempt' ] )
46 ->getMock();
47 $mock->expects( $this->once() )->method( 'beginLinkAttempt' )
48 ->with( $this->identicalTo( $user ), $this->identicalTo( 'AuthManager::authnState' ) )
49 ->will( $this->returnValue( $obj ) );
50 $mock->expects( $this->never() )->method( 'continueLinkAttempt' );
51
52 $this->assertSame( $obj, $mock->beginSecondaryAuthentication( $user, [] ) );
53 }
54
55 public function testContinueSecondaryAuthentication() {
56 $user = \User::newFromName( 'UTSysop' );
57 $obj = new \stdClass;
58 $reqs = [ new \stdClass ];
59
60 $mock = $this->getMockBuilder( ConfirmLinkSecondaryAuthenticationProvider::class )
61 ->setMethods( [ 'beginLinkAttempt', 'continueLinkAttempt' ] )
62 ->getMock();
63 $mock->expects( $this->never() )->method( 'beginLinkAttempt' );
64 $mock->expects( $this->once() )->method( 'continueLinkAttempt' )
65 ->with(
66 $this->identicalTo( $user ),
67 $this->identicalTo( 'AuthManager::authnState' ),
68 $this->identicalTo( $reqs )
69 )
70 ->will( $this->returnValue( $obj ) );
71
72 $this->assertSame( $obj, $mock->continueSecondaryAuthentication( $user, $reqs ) );
73 }
74
75 public function testBeginSecondaryAccountCreation() {
76 $user = \User::newFromName( 'UTSysop' );
77 $obj = new \stdClass;
78
79 $mock = $this->getMockBuilder( ConfirmLinkSecondaryAuthenticationProvider::class )
80 ->setMethods( [ 'beginLinkAttempt', 'continueLinkAttempt' ] )
81 ->getMock();
82 $mock->expects( $this->once() )->method( 'beginLinkAttempt' )
83 ->with( $this->identicalTo( $user ), $this->identicalTo( 'AuthManager::accountCreationState' ) )
84 ->will( $this->returnValue( $obj ) );
85 $mock->expects( $this->never() )->method( 'continueLinkAttempt' );
86
87 $this->assertSame( $obj, $mock->beginSecondaryAccountCreation( $user, $user, [] ) );
88 }
89
90 public function testContinueSecondaryAccountCreation() {
91 $user = \User::newFromName( 'UTSysop' );
92 $obj = new \stdClass;
93 $reqs = [ new \stdClass ];
94
95 $mock = $this->getMockBuilder( ConfirmLinkSecondaryAuthenticationProvider::class )
96 ->setMethods( [ 'beginLinkAttempt', 'continueLinkAttempt' ] )
97 ->getMock();
98 $mock->expects( $this->never() )->method( 'beginLinkAttempt' );
99 $mock->expects( $this->once() )->method( 'continueLinkAttempt' )
100 ->with(
101 $this->identicalTo( $user ),
102 $this->identicalTo( 'AuthManager::accountCreationState' ),
103 $this->identicalTo( $reqs )
104 )
105 ->will( $this->returnValue( $obj ) );
106
107 $this->assertSame( $obj, $mock->continueSecondaryAccountCreation( $user, $user, $reqs ) );
108 }
109
110 /**
111 * Get requests for testing
112 * @return AuthenticationRequest[]
113 */
114 private function getLinkRequests() {
115 $reqs = [];
116
117 $mb = $this->getMockBuilder( AuthenticationRequest::class )
118 ->setMethods( [ 'getUniqueId' ] );
119 for ( $i = 1; $i <= 3; $i++ ) {
120 $req = $mb->getMockForAbstractClass();
121 $req->expects( $this->any() )->method( 'getUniqueId' )
122 ->will( $this->returnValue( "Request$i" ) );
123 $req->id = $i - 1;
124 $reqs[$req->getUniqueId()] = $req;
125 }
126
127 return $reqs;
128 }
129
130 public function testBeginLinkAttempt() {
131 $user = \User::newFromName( 'UTSysop' );
132 $provider = \TestingAccessWrapper::newFromObject(
133 new ConfirmLinkSecondaryAuthenticationProvider
134 );
135 $request = new \FauxRequest();
136 $manager = new AuthManager( $request, \RequestContext::getMain()->getConfig() );
137 $provider->setManager( $manager );
138
139 $this->assertEquals(
140 AuthenticationResponse::newAbstain(),
141 $provider->beginLinkAttempt( $user, 'state' )
142 );
143
144 $request->getSession()->setSecret( 'state', [
145 'maybeLink' => [],
146 ] );
147 $this->assertEquals(
148 AuthenticationResponse::newAbstain(),
149 $provider->beginLinkAttempt( $user, 'state' )
150 );
151
152 $reqs = $this->getLinkRequests();
153 $request->getSession()->setSecret( 'state', [
154 'maybeLink' => $reqs
155 ] );
156 $res = $provider->beginLinkAttempt( $user, 'state' );
157 $this->assertInstanceOf( AuthenticationResponse::class, $res );
158 $this->assertSame( AuthenticationResponse::UI, $res->status );
159 $this->assertSame( 'authprovider-confirmlink-message', $res->message->getKey() );
160 $this->assertCount( 1, $res->neededRequests );
161 $req = $res->neededRequests[0];
162 $this->assertInstanceOf( ConfirmLinkAuthenticationRequest::class, $req );
163 $this->assertEquals( $reqs, \TestingAccessWrapper::newFromObject( $req )->linkRequests );
164 }
165
166 public function testContinueLinkAttempt() {
167 $user = \User::newFromName( 'UTSysop' );
168 $obj = new \stdClass;
169 $reqs = $this->getLinkRequests();
170
171 $done = [ false, false, false ];
172
173 // First, test the pass-through for not containing the ConfirmLinkAuthenticationRequest
174 $mock = $this->getMockBuilder( ConfirmLinkSecondaryAuthenticationProvider::class )
175 ->setMethods( [ 'beginLinkAttempt' ] )
176 ->getMock();
177 $mock->expects( $this->once() )->method( 'beginLinkAttempt' )
178 ->with( $this->identicalTo( $user ), $this->identicalTo( 'state' ) )
179 ->will( $this->returnValue( $obj ) );
180 $this->assertSame(
181 $obj,
182 \TestingAccessWrapper::newFromObject( $mock )->continueLinkAttempt( $user, 'state', $reqs )
183 );
184
185 // Now test the actual functioning
186 $provider = $this->getMockBuilder( ConfirmLinkSecondaryAuthenticationProvider::class )
187 ->setMethods( [
188 'beginLinkAttempt', 'providerAllowsAuthenticationDataChange',
189 'providerChangeAuthenticationData'
190 ] )
191 ->getMock();
192 $provider->expects( $this->never() )->method( 'beginLinkAttempt' );
193 $provider->expects( $this->any() )->method( 'providerAllowsAuthenticationDataChange' )
194 ->will( $this->returnCallback( function ( $req ) use ( $reqs ) {
195 return $req->getUniqueId() === 'Request3'
196 ? \StatusValue::newFatal( 'foo' ) : \StatusValue::newGood();
197 } ) );
198 $provider->expects( $this->any() )->method( 'providerChangeAuthenticationData' )
199 ->will( $this->returnCallback( function ( $req ) use ( &$done ) {
200 $done[$req->id] = true;
201 } ) );
202 $config = new \HashConfig( [
203 'AuthManagerConfig' => [
204 'preauth' => [],
205 'primaryauth' => [],
206 'secondaryauth' => [
207 [ 'factory' => function () use ( $provider ) {
208 return $provider;
209 } ],
210 ],
211 ],
212 ] );
213 $request = new \FauxRequest();
214 $manager = new AuthManager( $request, $config );
215 $provider->setManager( $manager );
216 $provider = \TestingAccessWrapper::newFromObject( $provider );
217
218 $req = new ConfirmLinkAuthenticationRequest( $reqs );
219
220 $this->assertEquals(
221 AuthenticationResponse::newAbstain(),
222 $provider->continueLinkAttempt( $user, 'state', [ $req ] )
223 );
224
225 $request->getSession()->setSecret( 'state', [
226 'maybeLink' => [],
227 ] );
228 $this->assertEquals(
229 AuthenticationResponse::newAbstain(),
230 $provider->continueLinkAttempt( $user, 'state', [ $req ] )
231 );
232
233 $request->getSession()->setSecret( 'state', [
234 'maybeLink' => $reqs
235 ] );
236 $this->assertEquals(
237 AuthenticationResponse::newPass(),
238 $res = $provider->continueLinkAttempt( $user, 'state', [ $req ] )
239 );
240 $this->assertSame( [ false, false, false ], $done );
241
242 $request->getSession()->setSecret( 'state', [
243 'maybeLink' => [ $reqs['Request2'] ],
244 ] );
245 $req->confirmedLinkIDs = [ 'Request1', 'Request2' ];
246 $res = $provider->continueLinkAttempt( $user, 'state', [ $req ] );
247 $this->assertEquals( AuthenticationResponse::newPass(), $res );
248 $this->assertSame( [ false, true, false ], $done );
249 $done = [ false, false, false ];
250
251 $request->getSession()->setSecret( 'state', [
252 'maybeLink' => $reqs,
253 ] );
254 $req->confirmedLinkIDs = [ 'Request1', 'Request2' ];
255 $res = $provider->continueLinkAttempt( $user, 'state', [ $req ] );
256 $this->assertEquals( AuthenticationResponse::newPass(), $res );
257 $this->assertSame( [ true, true, false ], $done );
258 $done = [ false, false, false ];
259
260 $request->getSession()->setSecret( 'state', [
261 'maybeLink' => $reqs,
262 ] );
263 $req->confirmedLinkIDs = [ 'Request1', 'Request3' ];
264 $res = $provider->continueLinkAttempt( $user, 'state', [ $req ] );
265 $this->assertEquals( AuthenticationResponse::UI, $res->status );
266 $this->assertCount( 1, $res->neededRequests );
267 $this->assertInstanceOf( ButtonAuthenticationRequest::class, $res->neededRequests[0] );
268 $this->assertSame( [ true, false, false ], $done );
269 $done = [ false, false, false ];
270
271 $res = $provider->continueLinkAttempt( $user, 'state', [ $res->neededRequests[0] ] );
272 $this->assertEquals( AuthenticationResponse::newPass(), $res );
273 $this->assertSame( [ false, false, false ], $done );
274 }
275
276 }
MediaWiki Core