|
1
|
|
|
<?php |
|
2
|
|
|
/** |
|
3
|
|
|
* sysPass |
|
4
|
|
|
* |
|
5
|
|
|
* @author nuxsmin |
|
6
|
|
|
* @link https://syspass.org |
|
7
|
|
|
* @copyright 2012-2018, Rubén Domínguez nuxsmin@$syspass.org |
|
8
|
|
|
* |
|
9
|
|
|
* This file is part of sysPass. |
|
10
|
|
|
* |
|
11
|
|
|
* sysPass is free software: you can redistribute it and/or modify |
|
12
|
|
|
* it under the terms of the GNU General Public License as published by |
|
13
|
|
|
* the Free Software Foundation, either version 3 of the License, or |
|
14
|
|
|
* (at your option) any later version. |
|
15
|
|
|
* |
|
16
|
|
|
* sysPass is distributed in the hope that it will be useful, |
|
17
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
18
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
19
|
|
|
* GNU General Public License for more details. |
|
20
|
|
|
* |
|
21
|
|
|
* You should have received a copy of the GNU General Public License |
|
22
|
|
|
* along with sysPass. If not, see <http://www.gnu.org/licenses/>. |
|
23
|
|
|
*/ |
|
24
|
|
|
|
|
25
|
|
|
namespace SP\Tests\Services\AuthToken; |
|
26
|
|
|
|
|
27
|
|
|
use Defuse\Crypto\Exception\CryptoException; |
|
28
|
|
|
use SP\Core\Acl\ActionsInterface; |
|
29
|
|
|
use SP\Core\Crypt\Hash; |
|
30
|
|
|
use SP\Core\Crypt\Vault; |
|
31
|
|
|
use SP\DataModel\AuthTokenData; |
|
32
|
|
|
use SP\DataModel\ItemSearchData; |
|
33
|
|
|
use SP\Repositories\DuplicatedItemException; |
|
34
|
|
|
use SP\Repositories\NoSuchItemException; |
|
35
|
|
|
use SP\Services\AuthToken\AuthTokenService; |
|
36
|
|
|
use SP\Services\ServiceException; |
|
37
|
|
|
use SP\Storage\Database\DatabaseConnectionData; |
|
38
|
|
|
use SP\Tests\DatabaseTestCase; |
|
39
|
|
|
use SP\Util\Util; |
|
40
|
|
|
use function SP\Tests\setupContext; |
|
41
|
|
|
|
|
42
|
|
|
/** |
|
43
|
|
|
* Class AuthTokenServiceTest |
|
44
|
|
|
* |
|
45
|
|
|
* @package SP\Tests\Services\AuthToken |
|
46
|
|
|
*/ |
|
47
|
|
|
class AuthTokenServiceTest extends DatabaseTestCase |
|
48
|
|
|
{ |
|
49
|
|
|
const AUTH_TOKEN = '2cee8b224f48e01ef48ac172e879cc7825800a9d7ce3b23783212f4758f1c146'; |
|
50
|
|
|
const AUTH_TOKEN_PASS = 123456; |
|
51
|
|
|
|
|
52
|
|
|
/** |
|
53
|
|
|
* @var AuthTokenService |
|
54
|
|
|
*/ |
|
55
|
|
|
private static $service; |
|
56
|
|
|
|
|
57
|
|
|
/** |
|
58
|
|
|
* @throws \DI\NotFoundException |
|
59
|
|
|
* @throws \SP\Core\Context\ContextException |
|
60
|
|
|
* @throws \DI\DependencyException |
|
61
|
|
|
*/ |
|
62
|
|
|
public static function setUpBeforeClass() |
|
63
|
|
|
{ |
|
64
|
|
|
$dic = setupContext(); |
|
65
|
|
|
|
|
66
|
|
|
self::$dataset = 'syspass_authToken.xml'; |
|
67
|
|
|
|
|
68
|
|
|
// Datos de conexión a la BBDD |
|
69
|
|
|
self::$databaseConnectionData = $dic->get(DatabaseConnectionData::class); |
|
70
|
|
|
|
|
71
|
|
|
// Inicializar el servicio |
|
72
|
|
|
self::$service = $dic->get(AuthTokenService::class); |
|
73
|
|
|
} |
|
74
|
|
|
|
|
75
|
|
|
/** |
|
76
|
|
|
* @throws \SP\Core\Exceptions\ConstraintException |
|
77
|
|
|
* @throws \SP\Core\Exceptions\QueryException |
|
78
|
|
|
* @throws \SP\Core\Exceptions\SPException |
|
79
|
|
|
*/ |
|
80
|
|
|
public function testDelete() |
|
81
|
|
|
{ |
|
82
|
|
|
self::$service->delete(1); |
|
83
|
|
|
|
|
84
|
|
|
$this->expectException(NoSuchItemException::class); |
|
85
|
|
|
|
|
86
|
|
|
self::$service->delete(10); |
|
87
|
|
|
|
|
88
|
|
|
$this->assertEquals(4, $this->conn->getRowCount('AuthToken')); |
|
89
|
|
|
} |
|
90
|
|
|
|
|
91
|
|
|
/** |
|
92
|
|
|
* @throws ServiceException |
|
93
|
|
|
* @throws \SP\Core\Exceptions\ConstraintException |
|
94
|
|
|
* @throws \SP\Core\Exceptions\QueryException |
|
95
|
|
|
*/ |
|
96
|
|
|
public function testDeleteByIdBatch() |
|
97
|
|
|
{ |
|
98
|
|
|
$this->assertEquals(2, self::$service->deleteByIdBatch([1, 2])); |
|
99
|
|
|
|
|
100
|
|
|
$this->assertEquals(0, self::$service->deleteByIdBatch([])); |
|
101
|
|
|
|
|
102
|
|
|
$this->expectException(ServiceException::class); |
|
103
|
|
|
|
|
104
|
|
|
self::$service->deleteByIdBatch([3, 10]); |
|
105
|
|
|
|
|
106
|
|
|
$this->assertEquals(2, $this->conn->getRowCount('AuthToken')); |
|
107
|
|
|
|
|
108
|
|
|
} |
|
109
|
|
|
|
|
110
|
|
|
/** |
|
111
|
|
|
* @throws \Exception |
|
112
|
|
|
*/ |
|
113
|
|
|
public function testRefreshAndUpdate() |
|
114
|
|
|
{ |
|
115
|
|
|
$data = new AuthTokenData(); |
|
116
|
|
|
$data->setId(1); |
|
117
|
|
|
$data->setActionId(ActionsInterface::ACCOUNT_CREATE); |
|
118
|
|
|
$data->setCreatedBy(1); |
|
119
|
|
|
$data->setHash(self::AUTH_TOKEN_PASS); |
|
120
|
|
|
$data->setUserId(2); |
|
121
|
|
|
|
|
122
|
|
|
self::$service->refreshAndUpdate($data); |
|
123
|
|
|
|
|
124
|
|
|
$resultData = self::$service->getById(1); |
|
125
|
|
|
|
|
126
|
|
|
$vault = Util::unserialize(Vault::class, $resultData->getVault()); |
|
127
|
|
|
|
|
128
|
|
|
$this->assertEquals('12345678900', $vault->getData(self::AUTH_TOKEN_PASS . $resultData->getToken())); |
|
129
|
|
|
|
|
130
|
|
|
$this->expectException(NoSuchItemException::class); |
|
131
|
|
|
|
|
132
|
|
|
$data->setId(10); |
|
133
|
|
|
$data->setActionId(ActionsInterface::ACCOUNT_DELETE); |
|
134
|
|
|
|
|
135
|
|
|
$this->assertEquals(0, self::$service->refreshAndUpdate($data)); |
|
|
|
|
|
|
136
|
|
|
} |
|
137
|
|
|
|
|
138
|
|
|
/** |
|
139
|
|
|
* @throws ServiceException |
|
140
|
|
|
* @throws \Defuse\Crypto\Exception\CryptoException |
|
141
|
|
|
* @throws \SP\Core\Exceptions\ConstraintException |
|
142
|
|
|
* @throws \SP\Core\Exceptions\QueryException |
|
143
|
|
|
*/ |
|
144
|
|
|
public function testGetTokenByToken() |
|
145
|
|
|
{ |
|
146
|
|
|
$data = self::$service->getTokenByToken(ActionsInterface::ACCOUNT_VIEW_PASS, self::AUTH_TOKEN); |
|
147
|
|
|
|
|
148
|
|
|
$this->assertInstanceOf(AuthTokenData::class, $data); |
|
149
|
|
|
$this->assertEquals(2, $data->getId()); |
|
150
|
|
|
$this->assertEquals(ActionsInterface::ACCOUNT_VIEW_PASS, $data->getActionId()); |
|
151
|
|
|
$this->assertTrue(Hash::checkHashKey(self::AUTH_TOKEN_PASS, $data->getHash())); |
|
152
|
|
|
$this->assertNotEmpty($data->getVault()); |
|
153
|
|
|
|
|
154
|
|
|
/** @var Vault $vault */ |
|
155
|
|
|
$vault = Util::unserialize(Vault::class, $data->getVault()); |
|
156
|
|
|
$this->assertEquals('12345678900', $vault->getData(self::AUTH_TOKEN_PASS . self::AUTH_TOKEN)); |
|
157
|
|
|
|
|
158
|
|
|
$this->expectException(CryptoException::class); |
|
159
|
|
|
|
|
160
|
|
|
$vault->getData(1234); |
|
161
|
|
|
} |
|
162
|
|
|
|
|
163
|
|
|
/** |
|
164
|
|
|
* @throws CryptoException |
|
165
|
|
|
* @throws ServiceException |
|
166
|
|
|
* @throws \SP\Core\Exceptions\ConstraintException |
|
167
|
|
|
* @throws \SP\Core\Exceptions\QueryException |
|
168
|
|
|
* @throws \SP\Core\Exceptions\SPException |
|
169
|
|
|
*/ |
|
170
|
|
|
public function testUpdate() |
|
171
|
|
|
{ |
|
172
|
|
|
$data = new AuthTokenData(); |
|
173
|
|
|
$data->setId(1); |
|
174
|
|
|
$data->setActionId(ActionsInterface::ACCOUNT_CREATE); |
|
175
|
|
|
$data->setCreatedBy(1); |
|
176
|
|
|
$data->setHash(self::AUTH_TOKEN_PASS); |
|
177
|
|
|
$data->setUserId(2); |
|
178
|
|
|
|
|
179
|
|
|
self::$service->update($data); |
|
180
|
|
|
|
|
181
|
|
|
$data = self::$service->getTokenByToken(ActionsInterface::ACCOUNT_CREATE, $data->getToken()); |
|
182
|
|
|
|
|
183
|
|
|
$this->assertInstanceOf(AuthTokenData::class, $data); |
|
184
|
|
|
$this->assertEquals(ActionsInterface::ACCOUNT_CREATE, $data->getActionId()); |
|
185
|
|
|
$this->assertTrue(Hash::checkHashKey(self::AUTH_TOKEN_PASS, $data->getHash())); |
|
186
|
|
|
$this->assertEquals(2, $data->getUserId()); |
|
187
|
|
|
|
|
188
|
|
|
$vault = Util::unserialize(Vault::class, $data->getVault()); |
|
189
|
|
|
|
|
190
|
|
|
$this->assertEquals('12345678900', $vault->getData(self::AUTH_TOKEN_PASS . $data->getToken())); |
|
191
|
|
|
|
|
192
|
|
|
$this->expectException(NoSuchItemException::class); |
|
193
|
|
|
|
|
194
|
|
|
$data->setId(10); |
|
195
|
|
|
$data->setUserId(1); |
|
196
|
|
|
|
|
197
|
|
|
self::$service->update($data); |
|
|
|
|
|
|
198
|
|
|
} |
|
199
|
|
|
|
|
200
|
|
|
/** |
|
201
|
|
|
* @throws CryptoException |
|
202
|
|
|
* @throws \SP\Core\Exceptions\ConstraintException |
|
203
|
|
|
* @throws \SP\Core\Exceptions\QueryException |
|
204
|
|
|
*/ |
|
205
|
|
|
public function testGetById() |
|
206
|
|
|
{ |
|
207
|
|
|
$data = self::$service->getById(1); |
|
208
|
|
|
|
|
209
|
|
|
$this->assertInstanceOf(AuthTokenData::class, $data); |
|
210
|
|
|
$this->assertEquals(1, $data->getId()); |
|
211
|
|
|
$this->assertEquals(ActionsInterface::ACCOUNT_SEARCH, $data->getActionId()); |
|
212
|
|
|
$this->assertEquals(pack('H*', '31326239303237643234656666663762666261636138626437373461346333346234356465333565303333643262313932613838663464666165653563323333'), $data->getToken()); |
|
213
|
|
|
$this->assertNull($data->getHash()); |
|
214
|
|
|
|
|
215
|
|
|
$data = self::$service->getById(2); |
|
216
|
|
|
|
|
217
|
|
|
$this->assertInstanceOf(AuthTokenData::class, $data); |
|
218
|
|
|
$this->assertEquals(2, $data->getId()); |
|
219
|
|
|
$this->assertEquals(ActionsInterface::ACCOUNT_VIEW_PASS, $data->getActionId()); |
|
220
|
|
|
$this->assertEquals(self::AUTH_TOKEN, $data->getToken()); |
|
221
|
|
|
$this->assertTrue(Hash::checkHashKey(self::AUTH_TOKEN_PASS, $data->getHash())); |
|
222
|
|
|
|
|
223
|
|
|
$vault = Util::unserialize(Vault::class, $data->getVault()); |
|
224
|
|
|
|
|
225
|
|
|
$this->assertEquals('12345678900', $vault->getData(self::AUTH_TOKEN_PASS . $data->getToken())); |
|
226
|
|
|
} |
|
227
|
|
|
|
|
228
|
|
|
/** |
|
229
|
|
|
* @throws \SP\Core\Exceptions\ConstraintException |
|
230
|
|
|
* @throws \SP\Core\Exceptions\QueryException |
|
231
|
|
|
*/ |
|
232
|
|
|
public function testSearch() |
|
233
|
|
|
{ |
|
234
|
|
|
$itemSearchData = new ItemSearchData(); |
|
235
|
|
|
$itemSearchData->setSeachString('admin'); |
|
236
|
|
|
|
|
237
|
|
|
$result = self::$service->search($itemSearchData); |
|
238
|
|
|
$data = $result->getDataAsArray(); |
|
239
|
|
|
|
|
240
|
|
|
$this->assertEquals(4, $result->getNumRows()); |
|
241
|
|
|
$this->assertCount(4, $data); |
|
242
|
|
|
|
|
243
|
|
|
$this->assertInstanceOf(\stdClass::class, $data[0]); |
|
244
|
|
|
$this->assertEquals(ActionsInterface::ACCOUNT_SEARCH, $data[0]->actionId); |
|
245
|
|
|
$this->assertEquals(self::AUTH_TOKEN, $data[0]->token); |
|
246
|
|
|
|
|
247
|
|
|
$this->assertInstanceOf(\stdClass::class, $data[1]); |
|
248
|
|
|
$this->assertEquals(ActionsInterface::ACCOUNT_VIEW, $data[1]->actionId); |
|
249
|
|
|
$this->assertEquals(self::AUTH_TOKEN, $data[1]->token); |
|
250
|
|
|
|
|
251
|
|
|
$itemSearchData = new ItemSearchData(); |
|
252
|
|
|
$itemSearchData->setSeachString('test'); |
|
253
|
|
|
|
|
254
|
|
|
$result = self::$service->search($itemSearchData); |
|
255
|
|
|
|
|
256
|
|
|
$this->assertEquals(0, $result->getNumRows()); |
|
257
|
|
|
$this->assertCount(0, $result->getDataAsArray()); |
|
258
|
|
|
} |
|
259
|
|
|
|
|
260
|
|
|
/** |
|
261
|
|
|
* @throws CryptoException |
|
262
|
|
|
* @throws ServiceException |
|
263
|
|
|
* @throws \Defuse\Crypto\Exception\EnvironmentIsBrokenException |
|
264
|
|
|
* @throws \SP\Core\Exceptions\ConstraintException |
|
265
|
|
|
* @throws \SP\Core\Exceptions\QueryException |
|
266
|
|
|
* @throws \SP\Core\Exceptions\SPException |
|
267
|
|
|
*/ |
|
268
|
|
|
public function testCreate() |
|
269
|
|
|
{ |
|
270
|
|
|
$authTokenData = new AuthTokenData(); |
|
271
|
|
|
$authTokenData->setActionId(ActionsInterface::ACCOUNT_CREATE); |
|
272
|
|
|
$authTokenData->setCreatedBy(1); |
|
273
|
|
|
$authTokenData->setHash(self::AUTH_TOKEN_PASS); |
|
274
|
|
|
$authTokenData->setUserId(2); |
|
275
|
|
|
|
|
276
|
|
|
$this->assertEquals(6, self::$service->create($authTokenData)); |
|
277
|
|
|
$this->assertEquals(6, $this->conn->getRowCount('AuthToken')); |
|
278
|
|
|
|
|
279
|
|
|
$data = self::$service->getTokenByToken(ActionsInterface::ACCOUNT_CREATE, $authTokenData->getToken()); |
|
280
|
|
|
|
|
281
|
|
|
$this->assertInstanceOf(AuthTokenData::class, $data); |
|
282
|
|
|
$this->assertEquals(ActionsInterface::ACCOUNT_CREATE, $data->getActionId()); |
|
283
|
|
|
$this->assertTrue(Hash::checkHashKey(self::AUTH_TOKEN_PASS, $data->getHash())); |
|
284
|
|
|
$this->assertEquals(6, $data->getId()); |
|
285
|
|
|
$this->assertEquals(2, $data->getUserId()); |
|
286
|
|
|
|
|
287
|
|
|
$vault = Util::unserialize(Vault::class, $data->getVault()); |
|
288
|
|
|
|
|
289
|
|
|
$this->assertEquals('12345678900', $vault->getData(self::AUTH_TOKEN_PASS . $data->getToken())); |
|
290
|
|
|
|
|
291
|
|
|
$this->expectException(DuplicatedItemException::class); |
|
292
|
|
|
|
|
293
|
|
|
$authTokenData->setUserId(2); |
|
294
|
|
|
|
|
295
|
|
|
self::$service->create($authTokenData); |
|
296
|
|
|
} |
|
297
|
|
|
} |
|
298
|
|
|
|
nuxsmin /
sysPass
Loading history...
This check looks for function or method calls that always return null and whose return value is used.
The method
getObject()can return nothing but null, so it makes no sense to use the return value.The reason is most likely that a function or method is imcomplete or has been reduced for debug purposes.