mirror of
https://framagit.org/hubzilla/core.git
synced 2026-06-21 00:52:33 -04:00
82 lines
2.3 KiB
PHP
82 lines
2.3 KiB
PHP
<?php
|
|
/**
|
|
* Tests for the authentication code used in Hubzilla.
|
|
*
|
|
* SPDX-FileCopyrightText: 2024 Hubzilla Community
|
|
* SPDX-FileContributor: Harald Eilertsen
|
|
*
|
|
* SPDX-License-Identifier: MIT
|
|
*/
|
|
|
|
namespace Zotlabs\Tests\Unit\Includes;
|
|
|
|
use App;
|
|
use Zotlabs\Lib\AConfig;
|
|
use Zotlabs\Tests\Unit\UnitTestCase;
|
|
use PHPUnit\Framework\Attributes\{DataProvider, RunTestsInSeparateProcesses};
|
|
|
|
/**
|
|
* Test class containing the test for the Hubzilla authentication code.
|
|
*
|
|
* Since the main authentication code is executed in the global scope on
|
|
* inclusion of the `includes/auth.php` file, we need to run each test in a
|
|
* separate process to make sure we can excersize the code as we need.
|
|
*/
|
|
#[RunTestsInSeparateProcesses]
|
|
class AuthTest extends UnitTestCase {
|
|
|
|
/**
|
|
* Check that mfa status is not checked for certain modules.
|
|
*
|
|
* This causes issues with things like WebDAV and CardDAV, as there's
|
|
* currently no way for these modules to signal that a TOTP code is needed
|
|
* back to the connecting client.
|
|
*/
|
|
#[DataProvider('modules_excluded_from_mfa')]
|
|
public function test_mfa_is_not_checked_for_excluded_modules(string $module, array $args): void {
|
|
$account_id = $this->fixtures['account']['0']['account_id'];
|
|
|
|
$_SESSION = [
|
|
'authenticated' => true,
|
|
'account_id' => $account_id,
|
|
|
|
// Trick the code to not warn that $_SESSION['uid'] is not set,
|
|
// but also not trigger the code that tries to change to the
|
|
// given channel. *Remove when code is fixed!*
|
|
'uid' => 0,
|
|
];
|
|
|
|
$_SERVER['REMOTE_ADDR'] = '127.0.0.1';
|
|
|
|
App::$session = $this->create_session_stub();
|
|
App::$module = $module;
|
|
App::$argv = $args;
|
|
App::$argc = count($args);
|
|
|
|
// Enable multi factor authentication for this account
|
|
AConfig::Set($account_id, 'system', 'mfa_enabled', true);
|
|
|
|
require 'include/auth.php';
|
|
|
|
$this->assertEquals(1, $_SESSION['authenticated']);
|
|
}
|
|
|
|
/**
|
|
* Data provider for testing modules excluded from mfa
|
|
* @SuppressWarnings(PHPMD.UnusedPrivateMethod)
|
|
*/
|
|
public static function modules_excluded_from_mfa(): array {
|
|
return [
|
|
['totp_check', []],
|
|
['cdav', []],
|
|
['cdav', ['calendar']],
|
|
['cdav', ['addressbook']],
|
|
['dav', []],
|
|
];
|
|
}
|
|
|
|
private function create_session_stub(): \Zotlabs\Web\Session {
|
|
return $this->createStub('Zotlabs\Web\Session');
|
|
}
|
|
}
|