aboutsummaryrefslogblamecommitdiffstats
path: root/tests/unit/includes/AuthTest.php
blob: fa9726fe8526e7e089dcaa071fe58db91edb552b (plain) (tree) 
350f84913

















































































1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81

















































































                                                                                                         
<?php
/**
 * Tests for the authentication code used in Hubzilla.
 *
 * SPDX-FileCopyrightText: 2024 Hubzilla Community
 * SPDX-FileContributor: Harald Eilertsen
 *
 * SPDX-License-Identifier: MIT
 */

namespace Zotlabs\Tests\Unit\Includes;

use App;
use Zotlabs\Lib\AConfig;
use Zotlabs\Tests\Unit\UnitTestCase;
use PHPUnit\Framework\Attributes\{DataProvider, RunTestsInSeparateProcesses};

/**
 * Test class containing the test for the Hubzilla authentication code.
 *
 * Since the main authentication code is executed in the global scope on
 * inclusion of the `includes/auth.php` file, we need to run each test in a
 * separate process to make sure we can excersize the code as we need.
 */
#[RunTestsInSeparateProcesses]
class AuthTest extends UnitTestCase {

	/**
	 * Check that mfa status is not checked for certain modules.
	 *
	 * This causes issues with things like WebDAV and CardDAV, as there's
	 * currently no way for these modules to signal that a TOTP code is needed
	 * back to the connecting client.
	 */
	#[DataProvider('modules_excluded_from_mfa')]
	public function test_mfa_is_not_checked_for_excluded_modules(string $module, array $args): void {
		$account_id = $this->fixtures['account']['0']['account_id'];

		$_SESSION = [
			'authenticated' => true,
			'account_id' => $account_id,

			// Trick the code to not warn that $_SESSION['uid'] is not set,
			// but also not trigger the code that tries to change to the
			// given channel. *Remove when code is fixed!*
			'uid' => 0,
		];

		$_SERVER['REMOTE_ADDR'] = '127.0.0.1';

		App::$session = $this->create_session_stub();
		App::$module = $module;
		App::$argv = $args;
		App::$argc = count($args);

		// Enable multi factor authentication for this account
		AConfig::Set($account_id, 'system', 'mfa_enabled', true);

		require 'include/auth.php';

		$this->assertEquals(1, $_SESSION['authenticated']);
	}

	/**
	 * Data provider for testing modules excluded from mfa
	 * @SuppressWarnings(PHPMD.UnusedPrivateMethod)
	 */
	public static function modules_excluded_from_mfa(): array {
		return [
			['totp_check', []],
			['cdav', []],
			['cdav', ['calendar']],
			['cdav', ['addressbook']],
			['dav', []],
		];
	}

	private function create_session_stub(): \Zotlabs\Web\Session {
		return $this->createStub('Zotlabs\Web\Session');
	}
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-21 19:20:27 +0000