mirror of https://github.com/nextcloud/server
fix(session): Do not update authtoken last_check for passwordless
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
This commit is contained in:
parent
a2fefbce9a
commit
21ee7f59bd
|
@ -767,8 +767,6 @@ class Session implements IUserSession, Emitter {
|
|||
return false;
|
||||
}
|
||||
|
||||
$dbToken->setLastCheck($now);
|
||||
$this->tokenProvider->updateToken($dbToken);
|
||||
return true;
|
||||
}
|
||||
|
||||
|
|
|
@ -11,9 +11,11 @@ namespace Test\User;
|
|||
use OC\AppFramework\Http\Request;
|
||||
use OC\Authentication\Events\LoginFailed;
|
||||
use OC\Authentication\Exceptions\InvalidTokenException;
|
||||
use OC\Authentication\Exceptions\PasswordlessTokenException;
|
||||
use OC\Authentication\Exceptions\PasswordLoginForbiddenException;
|
||||
use OC\Authentication\Token\IProvider;
|
||||
use OC\Authentication\Token\IToken;
|
||||
use OC\Authentication\Token\PublicKeyToken;
|
||||
use OC\Security\CSRF\CsrfTokenManager;
|
||||
use OC\Session\Memory;
|
||||
use OC\User\LoginException;
|
||||
|
@ -35,6 +37,8 @@ use OCP\Security\ISecureRandom;
|
|||
use OCP\User\Events\PostLoginEvent;
|
||||
use PHPUnit\Framework\MockObject\MockObject;
|
||||
use Psr\Log\LoggerInterface;
|
||||
use function array_diff;
|
||||
use function get_class_methods;
|
||||
|
||||
/**
|
||||
* @group DB
|
||||
|
@ -309,6 +313,80 @@ class SessionTest extends \Test\TestCase {
|
|||
$userSession->login('foo', 'bar');
|
||||
}
|
||||
|
||||
public function testPasswordlessLoginNoLastCheckUpdate(): void {
|
||||
$session = $this->getMockBuilder(Memory::class)->setConstructorArgs([''])->getMock();
|
||||
$managerMethods = get_class_methods(Manager::class);
|
||||
// Keep following methods intact in order to ensure hooks are working
|
||||
$mockedManagerMethods = array_diff($managerMethods, ['__construct', 'emit', 'listen']);
|
||||
$manager = $this->getMockBuilder(Manager::class)
|
||||
->setMethods($mockedManagerMethods)
|
||||
->setConstructorArgs([
|
||||
$this->config,
|
||||
$this->createMock(ICacheFactory::class),
|
||||
$this->createMock(IEventDispatcher::class),
|
||||
])
|
||||
->getMock();
|
||||
$userSession = new Session($manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random, $this->lockdownManager, $this->logger, $this->dispatcher);
|
||||
|
||||
$session->expects($this->never())
|
||||
->method('set');
|
||||
$session->expects($this->once())
|
||||
->method('regenerateId');
|
||||
$token = new PublicKeyToken();
|
||||
$token->setLoginName('foo');
|
||||
$token->setLastCheck(0); // Never
|
||||
$token->setUid('foo');
|
||||
$this->tokenProvider
|
||||
->method('getPassword')
|
||||
->with($token)
|
||||
->willThrowException(new PasswordlessTokenException());
|
||||
$this->tokenProvider
|
||||
->method('getToken')
|
||||
->with('app-password')
|
||||
->willReturn($token);
|
||||
$this->tokenProvider->expects(self::never())
|
||||
->method('updateToken');
|
||||
|
||||
$userSession->login('foo', 'app-password');
|
||||
}
|
||||
|
||||
public function testLoginLastCheckUpdate(): void {
|
||||
$session = $this->getMockBuilder(Memory::class)->setConstructorArgs([''])->getMock();
|
||||
$managerMethods = get_class_methods(Manager::class);
|
||||
// Keep following methods intact in order to ensure hooks are working
|
||||
$mockedManagerMethods = array_diff($managerMethods, ['__construct', 'emit', 'listen']);
|
||||
$manager = $this->getMockBuilder(Manager::class)
|
||||
->setMethods($mockedManagerMethods)
|
||||
->setConstructorArgs([
|
||||
$this->config,
|
||||
$this->createMock(ICacheFactory::class),
|
||||
$this->createMock(IEventDispatcher::class),
|
||||
])
|
||||
->getMock();
|
||||
$userSession = new Session($manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random, $this->lockdownManager, $this->logger, $this->dispatcher);
|
||||
|
||||
$session->expects($this->never())
|
||||
->method('set');
|
||||
$session->expects($this->once())
|
||||
->method('regenerateId');
|
||||
$token = new PublicKeyToken();
|
||||
$token->setLoginName('foo');
|
||||
$token->setLastCheck(0); // Never
|
||||
$token->setUid('foo');
|
||||
$this->tokenProvider
|
||||
->method('getPassword')
|
||||
->with($token)
|
||||
->willReturn('secret');
|
||||
$this->tokenProvider
|
||||
->method('getToken')
|
||||
->with('app-password')
|
||||
->willReturn($token);
|
||||
$this->tokenProvider->expects(self::once())
|
||||
->method('updateToken');
|
||||
|
||||
$userSession->login('foo', 'app-password');
|
||||
}
|
||||
|
||||
public function testLoginNonExisting() {
|
||||
$session = $this->getMockBuilder(Memory::class)->setConstructorArgs([''])->getMock();
|
||||
$manager = $this->createMock(Manager::class);
|
||||
|
|
Loading…
Reference in New Issue