Add unit tests for LDAP and ReverseProxy auth
This commit is contained in:
Frederic Guillot
@@ -13,25 +13,40 @@ function ldap_set_option()
|
||||
{
|
||||
}
|
||||
|
||||
function ldap_bind($ldap, $ldap_username, $ldap_password)
|
||||
function ldap_bind($link_identifier, $bind_rdn, $bind_password)
|
||||
{
|
||||
return LdapTest::$functions->ldap_bind($ldap, $ldap_username, $ldap_password);
|
||||
return LdapTest::$functions->ldap_bind($link_identifier, $bind_rdn, $bind_password);
|
||||
}
|
||||
|
||||
function ldap_search($link_identifier, $base_dn, $filter, array $attributes)
|
||||
{
|
||||
return LdapTest::$functions->ldap_search($link_identifier, $base_dn, $filter, $attributes);
|
||||
}
|
||||
|
||||
function ldap_get_entries($link_identifier, $result_identifier)
|
||||
{
|
||||
return LdapTest::$functions->ldap_get_entries($link_identifier, $result_identifier);
|
||||
}
|
||||
|
||||
class LdapTest extends \Base
|
||||
{
|
||||
public static $functions;
|
||||
private $ldap;
|
||||
|
||||
public function setUp()
|
||||
{
|
||||
parent::setup();
|
||||
|
||||
$this->ldap = $ldap = new Ldap($this->container);
|
||||
|
||||
self::$functions = $this
|
||||
->getMockBuilder('stdClass')
|
||||
->setMethods(array(
|
||||
'ldap_connect',
|
||||
'ldap_set_option',
|
||||
'ldap_bind',
|
||||
'ldap_search',
|
||||
'ldap_get_entries',
|
||||
))
|
||||
->getMock();
|
||||
}
|
||||
@@ -53,8 +68,7 @@ class LdapTest extends \Base
|
||||
)
|
||||
->will($this->returnValue('my_ldap_resource'));
|
||||
|
||||
$ldap = new Ldap($this->container);
|
||||
$this->assertNotFalse($ldap->connect());
|
||||
$this->assertNotFalse($this->ldap->connect('my_ldap_server'));
|
||||
}
|
||||
|
||||
public function testConnectFailure()
|
||||
@@ -68,8 +82,7 @@ class LdapTest extends \Base
|
||||
)
|
||||
->will($this->returnValue(false));
|
||||
|
||||
$ldap = new Ldap($this->container);
|
||||
$this->assertFalse($ldap->connect());
|
||||
$this->assertFalse($this->ldap->connect('my_ldap_server'));
|
||||
}
|
||||
|
||||
public function testBindAnonymous()
|
||||
@@ -84,8 +97,7 @@ class LdapTest extends \Base
|
||||
)
|
||||
->will($this->returnValue(true));
|
||||
|
||||
$ldap = new Ldap($this->container);
|
||||
$this->assertTrue($ldap->bind('my_ldap_connection', 'my_user', 'my_password', 'anonymous'));
|
||||
$this->assertTrue($this->ldap->bind('my_ldap_connection', 'my_user', 'my_password', 'anonymous'));
|
||||
}
|
||||
|
||||
public function testBindUser()
|
||||
@@ -100,8 +112,7 @@ class LdapTest extends \Base
|
||||
)
|
||||
->will($this->returnValue(true));
|
||||
|
||||
$ldap = new Ldap($this->container);
|
||||
$this->assertTrue($ldap->bind('my_ldap_connection', 'my_user', 'my_password', 'user', 'uid=%s', 'something'));
|
||||
$this->assertTrue($this->ldap->bind('my_ldap_connection', 'my_user', 'my_password', 'user', 'uid=%s', 'something'));
|
||||
}
|
||||
|
||||
public function testBindProxy()
|
||||
@@ -116,7 +127,349 @@ class LdapTest extends \Base
|
||||
)
|
||||
->will($this->returnValue(true));
|
||||
|
||||
$ldap = new Ldap($this->container);
|
||||
$this->assertTrue($ldap->bind('my_ldap_connection', 'my_user', 'my_password', 'proxy', 'someone', 'something'));
|
||||
$this->assertTrue($this->ldap->bind('my_ldap_connection', 'my_user', 'my_password', 'proxy', 'someone', 'something'));
|
||||
}
|
||||
|
||||
public function testSearchSuccess()
|
||||
{
|
||||
$entries = array(
|
||||
'count' => 1,
|
||||
0 => array(
|
||||
'count' => 2,
|
||||
'dn' => 'uid=my_user,ou=People,dc=kanboard,dc=local',
|
||||
'displayname' => array(
|
||||
'count' => 1,
|
||||
0 => 'My user',
|
||||
),
|
||||
'mail' => array(
|
||||
'count' => 2,
|
||||
0 => 'user1@localhost',
|
||||
1 => 'user2@localhost',
|
||||
),
|
||||
0 => 'displayname',
|
||||
1 => 'mail',
|
||||
)
|
||||
);
|
||||
|
||||
$expected = array(
|
||||
'username' => 'my_user',
|
||||
'name' => 'My user',
|
||||
'email' => 'user1@localhost',
|
||||
);
|
||||
|
||||
self::$functions
|
||||
->expects($this->at(0))
|
||||
->method('ldap_search')
|
||||
->with(
|
||||
$this->equalTo('my_ldap_connection'),
|
||||
$this->equalTo('ou=People,dc=kanboard,dc=local'),
|
||||
$this->equalTo('uid=my_user'),
|
||||
$this->equalTo(array(LDAP_ACCOUNT_FULLNAME, LDAP_ACCOUNT_EMAIL))
|
||||
)
|
||||
->will($this->returnValue('my_result_identifier'));
|
||||
|
||||
self::$functions
|
||||
->expects($this->at(1))
|
||||
->method('ldap_get_entries')
|
||||
->with(
|
||||
$this->equalTo('my_ldap_connection'),
|
||||
$this->equalTo('my_result_identifier')
|
||||
)
|
||||
->will($this->returnValue($entries));
|
||||
|
||||
self::$functions
|
||||
->expects($this->at(2))
|
||||
->method('ldap_bind')
|
||||
->with(
|
||||
$this->equalTo('my_ldap_connection'),
|
||||
$this->equalTo('uid=my_user,ou=People,dc=kanboard,dc=local'),
|
||||
$this->equalTo('my_password')
|
||||
)
|
||||
->will($this->returnValue(true));
|
||||
|
||||
$this->assertEquals($expected, $this->ldap->search('my_ldap_connection', 'my_user', 'my_password', 'ou=People,dc=kanboard,dc=local', 'uid=%s'));
|
||||
}
|
||||
|
||||
public function testSearchWithBadPassword()
|
||||
{
|
||||
$entries = array(
|
||||
'count' => 1,
|
||||
0 => array(
|
||||
'count' => 2,
|
||||
'dn' => 'uid=my_user,ou=People,dc=kanboard,dc=local',
|
||||
'displayname' => array(
|
||||
'count' => 1,
|
||||
0 => 'My user',
|
||||
),
|
||||
'mail' => array(
|
||||
'count' => 2,
|
||||
0 => 'user1@localhost',
|
||||
1 => 'user2@localhost',
|
||||
),
|
||||
0 => 'displayname',
|
||||
1 => 'mail',
|
||||
)
|
||||
);
|
||||
|
||||
self::$functions
|
||||
->expects($this->at(0))
|
||||
->method('ldap_search')
|
||||
->with(
|
||||
$this->equalTo('my_ldap_connection'),
|
||||
$this->equalTo('ou=People,dc=kanboard,dc=local'),
|
||||
$this->equalTo('uid=my_user'),
|
||||
$this->equalTo(array(LDAP_ACCOUNT_FULLNAME, LDAP_ACCOUNT_EMAIL))
|
||||
)
|
||||
->will($this->returnValue('my_result_identifier'));
|
||||
|
||||
self::$functions
|
||||
->expects($this->at(1))
|
||||
->method('ldap_get_entries')
|
||||
->with(
|
||||
$this->equalTo('my_ldap_connection'),
|
||||
$this->equalTo('my_result_identifier')
|
||||
)
|
||||
->will($this->returnValue($entries));
|
||||
|
||||
self::$functions
|
||||
->expects($this->at(2))
|
||||
->method('ldap_bind')
|
||||
->with(
|
||||
$this->equalTo('my_ldap_connection'),
|
||||
$this->equalTo('uid=my_user,ou=People,dc=kanboard,dc=local'),
|
||||
$this->equalTo('my_password')
|
||||
)
|
||||
->will($this->returnValue(false));
|
||||
|
||||
$this->assertFalse($this->ldap->search('my_ldap_connection', 'my_user', 'my_password', 'ou=People,dc=kanboard,dc=local', 'uid=%s'));
|
||||
}
|
||||
|
||||
public function testSearchWithUserNotFound()
|
||||
{
|
||||
self::$functions
|
||||
->expects($this->at(0))
|
||||
->method('ldap_search')
|
||||
->with(
|
||||
$this->equalTo('my_ldap_connection'),
|
||||
$this->equalTo('ou=People,dc=kanboard,dc=local'),
|
||||
$this->equalTo('uid=my_user'),
|
||||
$this->equalTo(array(LDAP_ACCOUNT_FULLNAME, LDAP_ACCOUNT_EMAIL))
|
||||
)
|
||||
->will($this->returnValue('my_result_identifier'));
|
||||
|
||||
self::$functions
|
||||
->expects($this->at(1))
|
||||
->method('ldap_get_entries')
|
||||
->with(
|
||||
$this->equalTo('my_ldap_connection'),
|
||||
$this->equalTo('my_result_identifier')
|
||||
)
|
||||
->will($this->returnValue(array()));
|
||||
|
||||
$this->assertFalse($this->ldap->search('my_ldap_connection', 'my_user', 'my_password', 'ou=People,dc=kanboard,dc=local', 'uid=%s'));
|
||||
}
|
||||
|
||||
public function testSuccessfulAuthentication()
|
||||
{
|
||||
$this->container['userSession'] = $this
|
||||
->getMockBuilder('\Model\UserSession')
|
||||
->setConstructorArgs(array($this->container))
|
||||
->setMethods(array('refresh'))
|
||||
->getMock();
|
||||
|
||||
$this->container['user'] = $this
|
||||
->getMockBuilder('\Model\User')
|
||||
->setConstructorArgs(array($this->container))
|
||||
->setMethods(array('getByUsername'))
|
||||
->getMock();
|
||||
|
||||
$ldap = $this
|
||||
->getMockBuilder('\Auth\Ldap')
|
||||
->setConstructorArgs(array($this->container))
|
||||
->setMethods(array('findUser'))
|
||||
->getMock();
|
||||
|
||||
$ldap
|
||||
->expects($this->once())
|
||||
->method('findUser')
|
||||
->with(
|
||||
$this->equalTo('user'),
|
||||
$this->equalTo('password')
|
||||
)
|
||||
->will($this->returnValue(array('username' => 'user', 'name' => 'My user', 'email' => 'user@here')));
|
||||
|
||||
$this->container['user']
|
||||
->expects($this->once())
|
||||
->method('getByUsername')
|
||||
->with(
|
||||
$this->equalTo('user')
|
||||
)
|
||||
->will($this->returnValue(array('id' => 2, 'username' => 'user', 'is_ldap_user' => 1)));
|
||||
|
||||
$this->container['userSession']
|
||||
->expects($this->once())
|
||||
->method('refresh');
|
||||
|
||||
$this->assertTrue($ldap->authenticate('user', 'password'));
|
||||
}
|
||||
|
||||
public function testAuthenticationWithExistingLocalUser()
|
||||
{
|
||||
$this->container['userSession'] = $this
|
||||
->getMockBuilder('\Model\UserSession')
|
||||
->setConstructorArgs(array($this->container))
|
||||
->setMethods(array('refresh'))
|
||||
->getMock();
|
||||
|
||||
$this->container['user'] = $this
|
||||
->getMockBuilder('\Model\User')
|
||||
->setConstructorArgs(array($this->container))
|
||||
->setMethods(array('getByUsername'))
|
||||
->getMock();
|
||||
|
||||
$ldap = $this
|
||||
->getMockBuilder('\Auth\Ldap')
|
||||
->setConstructorArgs(array($this->container))
|
||||
->setMethods(array('findUser'))
|
||||
->getMock();
|
||||
|
||||
$ldap
|
||||
->expects($this->once())
|
||||
->method('findUser')
|
||||
->with(
|
||||
$this->equalTo('user'),
|
||||
$this->equalTo('password')
|
||||
)
|
||||
->will($this->returnValue(array('username' => 'user', 'name' => 'My user', 'email' => 'user@here')));
|
||||
|
||||
$this->container['user']
|
||||
->expects($this->once())
|
||||
->method('getByUsername')
|
||||
->with(
|
||||
$this->equalTo('user')
|
||||
)
|
||||
->will($this->returnValue(array('id' => 2, 'username' => 'user', 'is_ldap_user' => 0)));
|
||||
|
||||
$this->container['userSession']
|
||||
->expects($this->never())
|
||||
->method('refresh');
|
||||
|
||||
$this->assertFalse($ldap->authenticate('user', 'password'));
|
||||
}
|
||||
|
||||
public function testAuthenticationWithAutomaticAccountCreation()
|
||||
{
|
||||
$this->container['userSession'] = $this
|
||||
->getMockBuilder('\Model\UserSession')
|
||||
->setConstructorArgs(array($this->container))
|
||||
->setMethods(array('refresh'))
|
||||
->getMock();
|
||||
|
||||
$this->container['user'] = $this
|
||||
->getMockBuilder('\Model\User')
|
||||
->setConstructorArgs(array($this->container))
|
||||
->setMethods(array('getByUsername'))
|
||||
->getMock();
|
||||
|
||||
$ldap = $this
|
||||
->getMockBuilder('\Auth\Ldap')
|
||||
->setConstructorArgs(array($this->container))
|
||||
->setMethods(array('findUser', 'createUser'))
|
||||
->getMock();
|
||||
|
||||
$ldap
|
||||
->expects($this->at(0))
|
||||
->method('findUser')
|
||||
->with(
|
||||
$this->equalTo('user'),
|
||||
$this->equalTo('password')
|
||||
)
|
||||
->will($this->returnValue(array('username' => 'user', 'name' => 'My user', 'email' => 'user@here')));
|
||||
|
||||
$ldap
|
||||
->expects($this->at(1))
|
||||
->method('createUser')
|
||||
->with(
|
||||
$this->equalTo('user'),
|
||||
$this->equalTo('My user'),
|
||||
$this->equalTo('user@here')
|
||||
)
|
||||
->will($this->returnValue(true));
|
||||
|
||||
$this->container['user']
|
||||
->expects($this->at(0))
|
||||
->method('getByUsername')
|
||||
->with(
|
||||
$this->equalTo('user')
|
||||
)
|
||||
->will($this->returnValue(null));
|
||||
|
||||
$this->container['user']
|
||||
->expects($this->at(1))
|
||||
->method('getByUsername')
|
||||
->with(
|
||||
$this->equalTo('user')
|
||||
)
|
||||
->will($this->returnValue(array('id' => 2, 'username' => 'user', 'is_ldap_user' => 1)));
|
||||
|
||||
$this->container['userSession']
|
||||
->expects($this->once())
|
||||
->method('refresh');
|
||||
|
||||
$this->assertTrue($ldap->authenticate('user', 'password'));
|
||||
}
|
||||
|
||||
public function testAuthenticationWithAutomaticAccountCreationFailed()
|
||||
{
|
||||
$this->container['userSession'] = $this
|
||||
->getMockBuilder('\Model\UserSession')
|
||||
->setConstructorArgs(array($this->container))
|
||||
->setMethods(array('refresh'))
|
||||
->getMock();
|
||||
|
||||
$this->container['user'] = $this
|
||||
->getMockBuilder('\Model\User')
|
||||
->setConstructorArgs(array($this->container))
|
||||
->setMethods(array('getByUsername'))
|
||||
->getMock();
|
||||
|
||||
$ldap = $this
|
||||
->getMockBuilder('\Auth\Ldap')
|
||||
->setConstructorArgs(array($this->container))
|
||||
->setMethods(array('findUser', 'createUser'))
|
||||
->getMock();
|
||||
|
||||
$ldap
|
||||
->expects($this->at(0))
|
||||
->method('findUser')
|
||||
->with(
|
||||
$this->equalTo('user'),
|
||||
$this->equalTo('password')
|
||||
)
|
||||
->will($this->returnValue(array('username' => 'user', 'name' => 'My user', 'email' => 'user@here')));
|
||||
|
||||
$ldap
|
||||
->expects($this->at(1))
|
||||
->method('createUser')
|
||||
->with(
|
||||
$this->equalTo('user'),
|
||||
$this->equalTo('My user'),
|
||||
$this->equalTo('user@here')
|
||||
)
|
||||
->will($this->returnValue(false));
|
||||
|
||||
$this->container['user']
|
||||
->expects($this->once())
|
||||
->method('getByUsername')
|
||||
->with(
|
||||
$this->equalTo('user')
|
||||
)
|
||||
->will($this->returnValue(null));
|
||||
|
||||
$this->container['userSession']
|
||||
->expects($this->never())
|
||||
->method('refresh');
|
||||
|
||||
$this->assertFalse($ldap->authenticate('user', 'password'));
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user