aboutsummaryrefslogtreecommitdiffstats
path: root/tests/unit/includes/AuthTest.php
diff options
context:
space:
mode:
authorHarald Eilertsen <haraldei@anduin.net>2024-06-05 07:59:42 +0000
committerMario <mario@mariovavti.com>2024-06-05 07:59:42 +0000
commit350f84913a9390ac67f800a51f6c4d319331149c (patch)
tree426afa3f952456ddbbc1eb1db3a4d28c39cfb735 /tests/unit/includes/AuthTest.php
parent9d56bb952e162dddd24d3bcdc50b2957ef0e0b97 (diff)
downloadvolse-hubzilla-350f84913a9390ac67f800a51f6c4d319331149c.tar.gz
volse-hubzilla-350f84913a9390ac67f800a51f6c4d319331149c.tar.bz2
volse-hubzilla-350f84913a9390ac67f800a51f6c4d319331149c.zip
Skip checking MFA status for WebDAV and CardDAV requests.
Diffstat (limited to 'tests/unit/includes/AuthTest.php')
-rw-r--r--tests/unit/includes/AuthTest.php81
1 files changed, 81 insertions, 0 deletions
diff --git a/tests/unit/includes/AuthTest.php b/tests/unit/includes/AuthTest.php
new file mode 100644
index 000000000..fa9726fe8
--- /dev/null
+++ b/tests/unit/includes/AuthTest.php
@@ -0,0 +1,81 @@
+<?php
+/**
+ * Tests for the authentication code used in Hubzilla.
+ *
+ * SPDX-FileCopyrightText: 2024 Hubzilla Community
+ * SPDX-FileContributor: Harald Eilertsen
+ *
+ * SPDX-License-Identifier: MIT
+ */
+
+namespace Zotlabs\Tests\Unit\Includes;
+
+use App;
+use Zotlabs\Lib\AConfig;
+use Zotlabs\Tests\Unit\UnitTestCase;
+use PHPUnit\Framework\Attributes\{DataProvider, RunTestsInSeparateProcesses};
+
+/**
+ * Test class containing the test for the Hubzilla authentication code.
+ *
+ * Since the main authentication code is executed in the global scope on
+ * inclusion of the `includes/auth.php` file, we need to run each test in a
+ * separate process to make sure we can excersize the code as we need.
+ */
+#[RunTestsInSeparateProcesses]
+class AuthTest extends UnitTestCase {
+
+ /**
+ * Check that mfa status is not checked for certain modules.
+ *
+ * This causes issues with things like WebDAV and CardDAV, as there's
+ * currently no way for these modules to signal that a TOTP code is needed
+ * back to the connecting client.
+ */
+ #[DataProvider('modules_excluded_from_mfa')]
+ public function test_mfa_is_not_checked_for_excluded_modules(string $module, array $args): void {
+ $account_id = $this->fixtures['account']['0']['account_id'];
+
+ $_SESSION = [
+ 'authenticated' => true,
+ 'account_id' => $account_id,
+
+ // Trick the code to not warn that $_SESSION['uid'] is not set,
+ // but also not trigger the code that tries to change to the
+ // given channel. *Remove when code is fixed!*
+ 'uid' => 0,
+ ];
+
+ $_SERVER['REMOTE_ADDR'] = '127.0.0.1';
+
+ App::$session = $this->create_session_stub();
+ App::$module = $module;
+ App::$argv = $args;
+ App::$argc = count($args);
+
+ // Enable multi factor authentication for this account
+ AConfig::Set($account_id, 'system', 'mfa_enabled', true);
+
+ require 'include/auth.php';
+
+ $this->assertEquals(1, $_SESSION['authenticated']);
+ }
+
+ /**
+ * Data provider for testing modules excluded from mfa
+ * @SuppressWarnings(PHPMD.UnusedPrivateMethod)
+ */
+ public static function modules_excluded_from_mfa(): array {
+ return [
+ ['totp_check', []],
+ ['cdav', []],
+ ['cdav', ['calendar']],
+ ['cdav', ['addressbook']],
+ ['dav', []],
+ ];
+ }
+
+ private function create_session_stub(): \Zotlabs\Web\Session {
+ return $this->createStub('Zotlabs\Web\Session');
+ }
+}