View GitHub Repository silverstripe-mfa

Schedule Inspection
Subscribe
Passed
Pull Request — master (#110)
by Robbie
02:33
created

testMFALoadsWhenAUserHasConfiguredMethods()   A

↳ Parent: ChangePasswordHandlerTest

Complexity

Conditions 1
Paths 1

Size

Total Lines 15
Code Lines 12

Duplication

Lines 0
Ratio 0 %

Importance

Changes 0
Metric Value
eloc 12
dl 0
loc 15
rs 9.8666
c 0
b 0
f 0
cc 1
nc 1
nop 0
1 
<?php
2 

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    3
                

                                    
                                                    
                
                
                
namespace SilverStripe\MFA\Tests\Authenticator;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    4
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    5
                

                                    
                                                    
                
                
                
use PHPUnit_Framework_MockObject_MockObject;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    6
                

                                    
                                                    
                
                
                
use Psr\Log\LoggerInterface;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    7
                

                                    
                                                    
                
                
                
use SilverStripe\Core\Config\Config;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    8
                

                                    
                                                    
                
                
                
use SilverStripe\Core\Injector\Injector;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    9
                

                                    
                                                    
                
                
                
use SilverStripe\Dev\FunctionalTest;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    10
                

                                    
                                                    
                
                
                
use SilverStripe\MFA\Authenticator\MemberAuthenticator;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    11
                

                                    
                                                    
                
                
                
use SilverStripe\MFA\Extension\MemberExtension;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    12
                

                                    
                                                    
                
                
                
use SilverStripe\MFA\Service\MethodRegistry;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    13
                

                                    
                                                    
                
                
                
use SilverStripe\MFA\Tests\Stub\BasicMath\Method;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    14
                

                                    
                                                    
                
                
                
use SilverStripe\Security\Member;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    15
                

                                    
                                                    
                
                
                
use SilverStripe\Security\Security;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    16
                

                                    
                                                    
                
                
                
use SilverStripe\SiteConfig\SiteConfig;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    17
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    18
                

                                    
                                                    
                
                
                
class ChangePasswordHandlerTest extends FunctionalTest

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    19
                

                                    
                                                    
                
                
                
{

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    20
                

                                    
                                                    
                
                
                
    protected static $fixture_file = 'ChangePasswordHandlerTest.yml';

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    21
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    22
                

                                    
                                                    
                
                
                
    protected function setUp()

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    23
                

                                    
                                                    
                
                
                
    {

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    24
                

                                    
                                                    
                
                
                
        parent::setUp();

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    25
                

                                    
                                                    
                
                
                
        Config::modify()

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    26
                

                                    
                                                    
                
                
                
            ->set(MethodRegistry::class, 'methods', [Method::class])

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    27
                

                                    
                                                    
                
                
                
            ->set(Member::class, 'auto_login_token_lifetime', 10);

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    28
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    29
                

                                    
                                                    
                
                
                
        SiteConfig::current_site_config()->update(['MFAEnabled' => true])->write();

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    30
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    31
                

                                    
                                                    
                
                
                
        Injector::inst()->load([

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    32
                

                                    
                                                    
                
                
                
            Security::class => [

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    33
                

                                    
                                                    
                
                
                
                'properties' => [

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    34
                

                                    
                                                    
                
                
                
                    'authenticators' => [

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    35
                

                                    
                                                    
                
                
                
                        'default' => '%$' . MemberAuthenticator::class,

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    36
                

                                    
                                                    
                
                
                
                    ]

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    37
                

                                    
                                                    
                
                
                
                ]

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    38
                

                                    
                                                    
                
                
                
            ],

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    39
                

                                    
                                                    
                
                
                
            LoggerInterface::class . '.mfa' => [

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    40
                

                                    
                                                    
                
                
                
                'class' => 'Monolog\Handler\NullHandler'

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    41
                

                                    
                                                    
                
                
                
            ],

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    42
                

                                    
                                                    
                
                
                
        ]);

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    43
                

                                    
                                                    
                
                
                
    }

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    44
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    45
                

                                    
                                                    
                
                
                
    /**

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    46
                

                                    
                                                    
                
                
                
     * @param Member $member

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    47
                

                                    
                                                    
                
                
                
     * @param string $password

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    48
                

                                    
                                                    
                
                
                
     * @return HTTPResponse

            


                            

                    
                        
                    
                    
                    
                    
                                                                                                    
                        

                            
                            
0 ignored issues
show
                        


                        

                                                                                        




    

        
            Bug
    
    
    
        introduced 
                            by 
            

        

        

            
        

        

            

                

                    
                
                
            


        

    

    

        
                        

                            
                        

                                        
The type SilverStripe\MFA\Tests\Authenticator\HTTPResponse was not found. Did you mean HTTPResponse? If so, make sure to prefix the type with \.
                                                                                                                                                    

                    
                                                    

                     Loading history...
                

                    


    




                                                                                    


                    		
                

            
                                                                                                            
                            
            
                                    
            
            

                
                    49
                

                                    
                                                    
                
                
                
     */

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    50
                

                                    
                                                    
                
                
                
    protected function doLogin(Member $member, $password)

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    51
                

                                    
                                                    
                
                
                
    {

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    52
                

                                    
                                                    
                
                
                
        $this->get('Security/changepassword');

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    53
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    54
                

                                    
                                                    
                
                
                
        return $this->submitForm(

            


                            

                    
                        
                    
                    
                    
                    
                                                                                                    
                        

                            
                            
0 ignored issues
show
                        


                        

                                                                                        




    

        
            Bug
            Best Practice
    
    
    
        introduced 
                            by 
            

        

        

            
        

        

            

                

                    
                
                
            


        

    

    

        
                        

                            
                        

                                        
The expression return $this->submitForm...'action_doLogin' => 1)) returns the type SilverStripe\Control\HTTPResponse which is incompatible with the documented return type SilverStripe\MFA\Tests\Authenticator\HTTPResponse.
                                                                                                                                                                                                        

                    
                                                    

                     Loading history...
                

                    


    




                                                                                    


                    		
                

            
                                                                                                            
                            
            
                                    
            
            

                
                    55
                

                                    
                                                    
                
                
                
            'MemberLoginForm_LoginForm',

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    56
                

                                    
                                                    
                
                
                
            null,

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    57
                

                                    
                                                    
                
                
                
            array(

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    58
                

                                    
                                                    
                
                
                
                'Email' => $member->Email,

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    59
                

                                    
                                                    
                
                
                
                'Password' => $password,

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    60
                

                                    
                                                    
                
                
                
                'AuthenticationMethod' => MemberAuthenticator::class,

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    61
                

                                    
                                                    
                
                
                
                'action_doLogin' => 1,

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    62
                

                                    
                                                    
                
                
                
            )

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    63
                

                                    
                                                    
                
                
                
        );

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    64
                

                                    
                                                    
                
                
                
    }

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    65
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    66
                

                                    
                                                    
                
                
                
    public function testMFADoesNotLoadWhenAUserIsLoggedIn()

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    67
                

                                    
                                                    
                
                
                
    {

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    68
                

                                    
                                                    
                
                
                
        /** @var Member&MemberExtension $member */

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    69
                

                                    
                                                    
                
                
                
        $member = $this->objFromFixture(Member::class, 'simon');

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    70
                

                                    
                                                    
                
                
                
        $this->logInAs($member);

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    71
                

                                    
                                                    
                
                
                
        $this->get('Security/changepassword');

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    72
                

                                    
                                                    
                
                
                
        $this->assertNotEmpty($this->cssParser()->getByXpath('//input[@type="password"][@name="OldPassword"]'));

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    73
                

                                    
                                                    
                
                
                
    }

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    74
                

                                    
                                                    
                
                
                

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    75
                

                                    
                                                    
                
                
                
    public function testMFADoesNotLoadWhenAUserDoesNotHaveRegisteredMethods()

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    76
                

                                    
                                                    
                
                
                
    {

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    77
                

                                    
                                                    
                
                
                
        /** @var Member&MemberExtension $member */

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    78
                

                                    
                                                    
                
                
                
        $member = $this->objFromFixture(Member::class, 'guy');

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    79
                

                                    
                                                    
                
                
                
        $m = $member->ID;

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    80
                

                                    
                                                    
                
                
                
        $t = $member->generateAutologinTokenAndStoreHash();

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    81
                

                                    
                                                    
                
                
                
        $this->get("Security/changepassword?m={$m}&t={$t}");

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    82
                

                                    
                                                    
                
                
                
        $parser = $this->cssParser();

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    83
                

                                    
                                                    
                
                
                
        $this->assertNotEmpty(

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    84
                

                                    
                                                    
                
                
                
            $parser->getByXpath('//input[@type="password"][@name="NewPassword1"]'),

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    85
                

                                    
                                                    
                
                
                
            'There should be a new password field'

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    86
                

                                    
                                                    
                
                
                
        );

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    87
                

                                    
                                                    
                
                
                
        $this->assertNotEmpty(

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    88
                

                                    
                                                    
                
                
                
            $parser->getByXpath('//input[@type="password"][@name="NewPassword2"]'),

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    89
                

                                    
                                                    
                
                
                
            'There should be a confirm new password field'

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    90
                

                                    
                                                    
                
                
                
        );

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    91
                

                                    
                                                    
                
                
                
    }

            


            
                                                                                                            
                                                                
            
                                    
            
            

                
                    92
                

                                    
                                                    
                
                
                

            


            
                                                                        
                            
            
                                    
            
            

                
                    93
                

                                    
                                                    
                
                
                
    public function testMFALoadsWhenAUserHasConfiguredMethods()

            


            
                                                                        
                            
            
                                    
            
            

                
                    94
                

                                    
                                                    
                
                
                
    {

            


            
                                                                        
                            
            
                                    
            
            

                
                    95
                

                                    
                                                    
                
                
                
        /** @var Member&MemberExtension $member */

            


            
                                                                        
                            
            
                                    
            
            

                
                    96
                

                                    
                                                    
                
                
                
        $member = $this->objFromFixture(Member::class, 'robbie');

            


            
                                                                        
                            
            
                                    
            
            

                
                    97
                

                                    
                                                    
                
                
                
        $m = $member->ID;

            


            
                                                                        
                            
            
                                    
            
            

                
                    98
                

                                    
                                                    
                
                
                
        $t = $member->generateAutologinTokenAndStoreHash();

            


            
                                                                        
                            
            
                                    
            
            

                
                    99
                

                                    
                                                    
                
                
                
        $this->get("Security/changepassword?m={$m}&t={$t}");

            


            
                                                                        
                            
            
                                    
            
            

                
                    100
                

                                    
                                                    
                
                
                
        $parser = $this->cssParser();

            


            
                                                                        
                            
            
                                    
            
            

                
                    101
                

                                    
                                                    
                
                
                
        $this->assertEmpty($parser->getByXpath('//input[@type="password"]'));

            


            
                                                                        
                            
            
                                    
            
            

                
                    102
                

                                    
                                                    
                
                
                
        $mfaApp = $parser->getBySelector('#mfa-app');

            


            
                                                                        
                            
            
                                    
            
            

                
                    103
                

                                    
                                                    
                
                
                
        $this->assertNotEmpty($mfaApp);

            


            
                                                                        
                            
            
                                    
            
            

                
                    104
                

                                    
                                                    
                
                
                
        $this->assertCount(1, $mfaApp);

            


            
                                                                        
                            
            
                                    
            
            

                
                    105
                

                                    
                                                    
                
                
                
        $this->assertArraySubset(

            


            
                                                                        
                            
            
                                    
            
            

                
                    106
                

                                    
                                                    
                
                
                
            ['data-schemaurl' => "/Security/changepassword/mfa/schema"],

            


            
                                                                        
                            
            
                                    
            
            

                
                    107
                

                                    
                                                    
                
                
                
            current($mfaApp[0]->attributes())

            


                            

                    
                        
                    
                    
                    
                    
                                                                                                    
                        

                            
                            
0 ignored issues
show
                        


                        

                                                                                        




    

        
            Bug
    
    
    
        introduced 
                            by 
            

        

        

            
        

        

            

                

                    
                
                
            


        

    

    

        
                        

                            
                        

                                        
$mfaApp[0]->attributes() of type SimpleXMLElement is incompatible with the type array expected by parameter $array of current().
                                                                                                                                                                                           (
                                     Ignorable by Annotation
                                )
                                

                                    
 If this is a false-positive, you can also ignore this issue in your code via the ignore-type   annotation

                                    

                                        

                                            107
                                            
                                                
            current(/** @scrutinizer ignore-type */ $mfaApp[0]->attributes())

                                        

                                                                            

                                

                                                                                                                                                                                                                                                                                        

                    
                                                    

                     Loading history...
                

                    


    




                                                                                    


                    		
                

            
                                                                                                            
                            
            
                                    
            
            

                
                    108
                

                                    
                                                    
                
                
                
        );

            


            
                                                                                                            
                            
            
                                    
            
            

                
                    109
                

                                    
                                                    
                
                
                
    }

            


            
                                                                                                            
                                                                
            
                                    
            
            

                
                    110
                

                                    
                                                    
                
                
                
}

            


            
                                                        
            
                                    
            
            

                
                    111