mirror of
https://code.mensbeam.com/MensBeam/Arsse.git
synced 2025-01-03 14:32:40 +00:00
Full set of authentication tests for Fever
This commit is contained in:
parent
d59223bbcb
commit
1e2d595992
2 changed files with 50 additions and 3 deletions
|
@ -49,10 +49,19 @@ class API extends \JKingWeb\Arsse\REST\AbstractHandler {
|
||||||
'api_version' => self::LEVEL,
|
'api_version' => self::LEVEL,
|
||||||
'auth' => 0,
|
'auth' => 0,
|
||||||
];
|
];
|
||||||
|
if ($req->getAttribute("authenticated", false)) {
|
||||||
|
// if HTTP authentication was successfully used, set the expected user ID
|
||||||
|
Arsse::$user->id = $req->getAttribute("authenticatedUser");
|
||||||
|
$out['auth'] = 1;
|
||||||
|
} elseif (Arsse::$conf->userHTTPAuthRequired || Arsse::$conf->userPreAuth || $req->getAttribute("authenticationFailed", false)) {
|
||||||
|
// otherwise if HTTP authentication failed or is required, deny access at the HTTP level
|
||||||
|
return new EmptyResponse(401);
|
||||||
|
}
|
||||||
// check that the user specified credentials
|
// check that the user specified credentials
|
||||||
if ($this->logIn(strtolower($inW['api_key'] ?? ""))) {
|
if ($this->logIn(strtolower($inW['api_key'] ?? ""))) {
|
||||||
$out['auth'] = 1;
|
$out['auth'] = 1;
|
||||||
} else {
|
} else {
|
||||||
|
$out['auth'] = 0;
|
||||||
return $this->formatResponse($out, $xml);
|
return $this->formatResponse($out, $xml);
|
||||||
}
|
}
|
||||||
// handle each possible parameter
|
// handle each possible parameter
|
||||||
|
|
|
@ -80,21 +80,59 @@ class TestAPI extends \JKingWeb\Arsse\Test\AbstractTest {
|
||||||
}
|
}
|
||||||
|
|
||||||
/** @dataProvider provideAuthenticationRequests */
|
/** @dataProvider provideAuthenticationRequests */
|
||||||
public function testAuthenticateAUser(bool $httpRequired, bool $tokenEnforced, string $httpUser = null, array $dataPost, array $dataGet, bool $success) {
|
public function testAuthenticateAUser(bool $httpRequired, bool $tokenEnforced, string $httpUser = null, array $dataPost, array $dataGet, ResponseInterface $exp) {
|
||||||
self::setConf([
|
self::setConf([
|
||||||
'userHTTPAuthRequired' => $httpRequired,
|
'userHTTPAuthRequired' => $httpRequired,
|
||||||
'userSessionEnforced' => $tokenEnforced,
|
'userSessionEnforced' => $tokenEnforced,
|
||||||
], true);
|
], true);
|
||||||
|
Arsse::$user->id = null;
|
||||||
\Phake::when(Arsse::$db)->tokenLookup->thenThrow(new ExceptionInput("subjectMissing"));
|
\Phake::when(Arsse::$db)->tokenLookup->thenThrow(new ExceptionInput("subjectMissing"));
|
||||||
\Phake::when(Arsse::$db)->tokenLookup("fever.login", "validtoken")->thenReturn(['user' => "jane.doe@example.com"]);
|
\Phake::when(Arsse::$db)->tokenLookup("fever.login", "validtoken")->thenReturn(['user' => "jane.doe@example.com"]);
|
||||||
$exp = new JsonResponse($success ? ['api_version' => API::LEVEL, 'auth' => 1] : ['api_version' => API::LEVEL, 'auth' => 0]);
|
|
||||||
$act = $this->req($dataGet, $dataPost, "POST", null, "", $httpUser);
|
$act = $this->req($dataGet, $dataPost, "POST", null, "", $httpUser);
|
||||||
$this->assertMessage($exp, $act);
|
$this->assertMessage($exp, $act);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function provideAuthenticationRequests() {
|
public function provideAuthenticationRequests() {
|
||||||
|
$success = new JsonResponse(['api_version' => API::LEVEL, 'auth' => 1]);
|
||||||
|
$failure = new JsonResponse(['api_version' => API::LEVEL, 'auth' => 0]);
|
||||||
|
$denied = new EmptyResponse(401);
|
||||||
return [
|
return [
|
||||||
[false, true, null, ['api_key' => "validToken"], ['api' => null], true],
|
[false, true, null, [], ['api' => null], $failure],
|
||||||
|
[false, false, null, [], ['api' => null], $failure],
|
||||||
|
[true, true, null, [], ['api' => null], $denied],
|
||||||
|
[true, false, null, [], ['api' => null], $denied],
|
||||||
|
[false, true, "", [], ['api' => null], $denied],
|
||||||
|
[false, false, "", [], ['api' => null], $denied],
|
||||||
|
[true, true, "", [], ['api' => null], $denied],
|
||||||
|
[true, false, "", [], ['api' => null], $denied],
|
||||||
|
[false, true, null, [], ['api' => null, 'api_key' => "validToken"], $failure],
|
||||||
|
[false, false, null, [], ['api' => null, 'api_key' => "validToken"], $failure],
|
||||||
|
[true, true, null, [], ['api' => null, 'api_key' => "validToken"], $denied],
|
||||||
|
[true, false, null, [], ['api' => null, 'api_key' => "validToken"], $denied],
|
||||||
|
[false, true, null, ['api_key' => "validToken"], ['api' => null], $success],
|
||||||
|
[false, false, null, ['api_key' => "validToken"], ['api' => null], $success],
|
||||||
|
[true, true, null, ['api_key' => "validToken"], ['api' => null], $denied],
|
||||||
|
[true, false, null, ['api_key' => "validToken"], ['api' => null], $denied],
|
||||||
|
[false, true, "", ['api_key' => "validToken"], ['api' => null], $denied],
|
||||||
|
[false, false, "", ['api_key' => "validToken"], ['api' => null], $denied],
|
||||||
|
[true, true, "", ['api_key' => "validToken"], ['api' => null], $denied],
|
||||||
|
[true, false, "", ['api_key' => "validToken"], ['api' => null], $denied],
|
||||||
|
[false, true, "validUser", ['api_key' => "validToken"], ['api' => null], $success],
|
||||||
|
[false, false, "validUser", ['api_key' => "validToken"], ['api' => null], $success],
|
||||||
|
[true, true, "validUser", ['api_key' => "validToken"], ['api' => null], $success],
|
||||||
|
[true, false, "validUser", ['api_key' => "validToken"], ['api' => null], $success],
|
||||||
|
[false, true, null, ['api_key' => "invalidToken"], ['api' => null], $failure],
|
||||||
|
[false, false, null, ['api_key' => "invalidToken"], ['api' => null], $failure],
|
||||||
|
[true, true, null, ['api_key' => "invalidToken"], ['api' => null], $denied],
|
||||||
|
[true, false, null, ['api_key' => "invalidToken"], ['api' => null], $denied],
|
||||||
|
[false, true, "", ['api_key' => "invalidToken"], ['api' => null], $denied],
|
||||||
|
[false, false, "", ['api_key' => "invalidToken"], ['api' => null], $denied],
|
||||||
|
[true, true, "", ['api_key' => "invalidToken"], ['api' => null], $denied],
|
||||||
|
[true, false, "", ['api_key' => "invalidToken"], ['api' => null], $denied],
|
||||||
|
[false, true, "validUser", ['api_key' => "invalidToken"], ['api' => null], $failure],
|
||||||
|
[false, false, "validUser", ['api_key' => "invalidToken"], ['api' => null], $success],
|
||||||
|
[true, true, "validUser", ['api_key' => "invalidToken"], ['api' => null], $failure],
|
||||||
|
[true, false, "validUser", ['api_key' => "invalidToken"], ['api' => null], $success],
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue