webapp/bookstack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2025-10-13 11:47:56 +03:00
Code Activity

Applied latest styles changes from style CI

Browse Source
This commit is contained in:
Dan Brown
2021-10-16 16:01:59 +01:00
parent 263384cf99
commit 6e325de226
23 changed files with 177 additions and 147 deletions
Download Patch File Download Diff File Expand all files Collapse all files

88
tests/Auth/OidcTest.php
View File

@@ -1,7 +1,8 @@
<?php namespace Tests\Auth;
<?php
namespace Tests\Auth;
use BookStack\Actions\ActivityType;
use BookStack\Auth\Access\Oidc\OidcService;
use BookStack\Auth\User;
use GuzzleHttp\Psr7\Request;
use GuzzleHttp\Psr7\Response;
@@ -25,18 +26,18 @@ class OidcTest extends TestCase
file_put_contents($this->keyFilePath, OidcJwtHelper::publicPemKey());
config()->set([
'auth.method' => 'oidc',
'auth.defaults.guard' => 'oidc',
'oidc.name' => 'SingleSignOn-Testing',
'oidc.display_name_claims' => ['name'],
'oidc.client_id' => OidcJwtHelper::defaultClientId(),
'oidc.client_secret' => 'testpass',
'oidc.jwt_public_key' => $this->keyFilePath,
'oidc.issuer' => OidcJwtHelper::defaultIssuer(),
'auth.method' => 'oidc',
'auth.defaults.guard' => 'oidc',
'oidc.name' => 'SingleSignOn-Testing',
'oidc.display_name_claims' => ['name'],
'oidc.client_id' => OidcJwtHelper::defaultClientId(),
'oidc.client_secret' => 'testpass',
'oidc.jwt_public_key' => $this->keyFilePath,
'oidc.issuer' => OidcJwtHelper::defaultIssuer(),
'oidc.authorization_endpoint' => 'https://oidc.local/auth',
'oidc.token_endpoint' => 'https://oidc.local/token',
'oidc.discover' => false,
'oidc.dump_user_details' => false,
'oidc.token_endpoint' => 'https://oidc.local/token',
'oidc.discover' => false,
'oidc.dump_user_details' => false,
]);
}
@@ -131,7 +132,7 @@ class OidcTest extends TestCase
$transactions = &$this->mockHttpClient([$this->getMockAuthorizationResponse([
'email' => 'benny@example.com',
'sub' => 'benny1010101'
'sub' => 'benny1010101',
])]);
// Callback from auth provider
@@ -148,12 +149,11 @@ class OidcTest extends TestCase
$this->assertStringContainsString('code=SplxlOBeZQQYbYS6WxSbIA', $tokenRequest->getBody());
$this->assertStringContainsString('redirect_uri=' . urlencode(url('/oidc/callback')), $tokenRequest->getBody());
$this->assertTrue(auth()->check());
$this->assertDatabaseHas('users', [
'email' => 'benny@example.com',
'email' => 'benny@example.com',
'external_auth_id' => 'benny1010101',
'email_confirmed' => false,
'email_confirmed' => false,
]);
$user = User::query()->where('email', '=', 'benny@example.com')->first();
@@ -176,15 +176,15 @@ class OidcTest extends TestCase
$resp = $this->runLogin([
'email' => 'benny@example.com',
'sub' => 'benny505'
'sub' => 'benny505',
]);
$resp->assertStatus(200);
$resp->assertJson([
'email' => 'benny@example.com',
'sub' => 'benny505',
"iss" => OidcJwtHelper::defaultIssuer(),
"aud" => OidcJwtHelper::defaultClientId(),
'sub' => 'benny505',
'iss' => OidcJwtHelper::defaultIssuer(),
'aud' => OidcJwtHelper::defaultClientId(),
]);
$this->assertFalse(auth()->check());
}
@@ -193,7 +193,7 @@ class OidcTest extends TestCase
{
$this->runLogin([
'email' => '',
'sub' => 'benny505'
'sub' => 'benny505',
]);
$this->assertSessionError('Could not find an email address, for this user, in the data provided by the external authentication system');
@@ -205,7 +205,7 @@ class OidcTest extends TestCase
$this->runLogin([
'email' => 'benny@example.com',
'sub' => 'benny505'
'sub' => 'benny505',
]);
$this->assertSessionError('Already logged in');
@@ -221,7 +221,7 @@ class OidcTest extends TestCase
$this->runLogin([
'email' => 'benny@example.com',
'sub' => 'benny505'
'sub' => 'benny505',
]);
$this->assertTrue(auth()->check());
@@ -238,7 +238,7 @@ class OidcTest extends TestCase
$this->runLogin([
'email' => $editor->email,
'sub' => 'benny505'
'sub' => 'benny505',
]);
$this->assertSessionError('A user with the email ' . $editor->email . ' already exists but with different credentials.');
@@ -300,7 +300,7 @@ class OidcTest extends TestCase
$this->getAutoDiscoveryResponse(),
$this->getJwksResponse(),
$this->getAutoDiscoveryResponse([
'issuer' => 'https://auto.example.com'
'issuer' => 'https://auto.example.com',
]),
$this->getJwksResponse(),
]);
@@ -321,11 +321,11 @@ class OidcTest extends TestCase
protected function withAutodiscovery()
{
config()->set([
'oidc.issuer' => OidcJwtHelper::defaultIssuer(),
'oidc.discover' => true,
'oidc.issuer' => OidcJwtHelper::defaultIssuer(),
'oidc.discover' => true,
'oidc.authorization_endpoint' => null,
'oidc.token_endpoint' => null,
'oidc.jwt_public_key' => null,
'oidc.token_endpoint' => null,
'oidc.jwt_public_key' => null,
]);
}
@@ -341,41 +341,41 @@ class OidcTest extends TestCase
protected function getAutoDiscoveryResponse($responseOverrides = []): Response
{
return new Response(200, [
'Content-Type' => 'application/json',
'Content-Type' => 'application/json',
'Cache-Control' => 'no-cache, no-store',
'Pragma' => 'no-cache'
'Pragma' => 'no-cache',
], json_encode(array_merge([
'token_endpoint' => OidcJwtHelper::defaultIssuer() . '/oidc/token',
'token_endpoint' => OidcJwtHelper::defaultIssuer() . '/oidc/token',
'authorization_endpoint' => OidcJwtHelper::defaultIssuer() . '/oidc/authorize',
'jwks_uri' => OidcJwtHelper::defaultIssuer() . '/oidc/keys',
'issuer' => OidcJwtHelper::defaultIssuer()
'jwks_uri' => OidcJwtHelper::defaultIssuer() . '/oidc/keys',
'issuer' => OidcJwtHelper::defaultIssuer(),
], $responseOverrides)));
}
protected function getJwksResponse(): Response
{
return new Response(200, [
'Content-Type' => 'application/json',
'Content-Type' => 'application/json',
'Cache-Control' => 'no-cache, no-store',
'Pragma' => 'no-cache'
'Pragma' => 'no-cache',
], json_encode([
'keys' => [
OidcJwtHelper::publicJwkKeyArray()
]
OidcJwtHelper::publicJwkKeyArray(),
],
]));
}
protected function getMockAuthorizationResponse($claimOverrides = []): Response
{
return new Response(200, [
'Content-Type' => 'application/json',
'Content-Type' => 'application/json',
'Cache-Control' => 'no-cache, no-store',
'Pragma' => 'no-cache'
'Pragma' => 'no-cache',
], json_encode([
'access_token' => 'abc123',
'token_type' => 'Bearer',
'expires_in' => 3600,
'id_token' => OidcJwtHelper::idToken($claimOverrides)
'token_type' => 'Bearer',
'expires_in' => 3600,
'id_token' => OidcJwtHelper::idToken($claimOverrides),
]));
}
}

47
tests/Helpers/OidcJwtHelper.php
View File

@@ -12,31 +12,31 @@ class OidcJwtHelper
{
public static function defaultIssuer(): string
{
return "https://auth.example.com";
return 'https://auth.example.com';
}
public static function defaultClientId(): string
{
return "xxyyzz.aaa.bbccdd.123";
return 'xxyyzz.aaa.bbccdd.123';
}
public static function defaultPayload(): array
{
return [
"sub" => "abc1234def",
"name" => "Barry Scott",
"email" => "bscott@example.com",
"ver" => 1,
"iss" => static::defaultIssuer(),
"aud" => static::defaultClientId(),
"iat" => time(),
"exp" => time() + 720,
"jti" => "ID.AaaBBBbbCCCcccDDddddddEEEeeeeee",
"amr" => ["pwd"],
"idp" => "fghfghgfh546456dfgdfg",
"preferred_username" => "xXBazzaXx",
"auth_time" => time(),
"at_hash" => "sT4jbsdSGy9w12pq3iNYDA",
'sub' => 'abc1234def',
'name' => 'Barry Scott',
'email' => 'bscott@example.com',
'ver' => 1,
'iss' => static::defaultIssuer(),
'aud' => static::defaultClientId(),
'iat' => time(),
'exp' => time() + 720,
'jti' => 'ID.AaaBBBbbCCCcccDDddddddEEEeeeeee',
'amr' => ['pwd'],
'idp' => 'fghfghgfh546456dfgdfg',
'preferred_username' => 'xXBazzaXx',
'auth_time' => time(),
'at_hash' => 'sT4jbsdSGy9w12pq3iNYDA',
];
}
@@ -55,6 +55,7 @@ class OidcJwtHelper
$privateKey = static::privateKeyInstance();
$signature = $privateKey->sign($top);
return $top . '.' . static::base64UrlEncode($signature);
}
@@ -75,7 +76,7 @@ class OidcJwtHelper
public static function publicPemKey(): string
{
return "-----BEGIN PUBLIC KEY-----
return '-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqo1OmfNKec5S2zQC4SP9
DrHuUR0VgCi6oqcGERz7zqO36hqk3A3R3aCgJkEjfnbnMuszRRKs45NbXoOp9pvm
zXL16c93Obn7G8x8A3ao6yN5qKO5S5+CETqOZfKN/g75Xlz7VsC3igOhgsXnPx6i
@@ -83,12 +84,12 @@ iM6sbYbk0U/XpFaT84LXKI8VTIPUo7gTeZN1pTET//i9FlzAOzX+xfWBKdOqlEzl
+zihMHCZUUvQu99P+o0MDR0lMUT+vPJ6SJeRfnoHexwt6bZFiNnsZIEL03bX4QNk
WvsLta1+jNUee+8IPVhzCO8bvM86NzLaKUJ4k6NZ5IVrmdCFpFsjCWByOrDG8wdw
3wIDAQAB
-----END PUBLIC KEY-----";
-----END PUBLIC KEY-----';
}
public static function privatePemKey(): string
{
return "-----BEGIN PRIVATE KEY-----
return '-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCqjU6Z80p5zlLb
NALhI/0Ose5RHRWAKLqipwYRHPvOo7fqGqTcDdHdoKAmQSN+ducy6zNFEqzjk1te
g6n2m+bNcvXpz3c5ufsbzHwDdqjrI3moo7lLn4IROo5l8o3+DvleXPtWwLeKA6GC
@@ -115,7 +116,7 @@ W0TI+6Fc2xwPj38vP465dTentbKM1E+wdSYW6SMwSfhO6ECDbfJsst5Sr2Kkt1N7
efqXPwg2wAPYeiec49EbfnteQQKAkqNfJ9K69yE2naf6bw3/5mCBsq/cXeuaBMII
ylysUIRBqt2J0kWm2yCpFWR7H+Ilhdx9A7ZLCqYVt8e+vjO/BOI3cQDe2VPOLPSl
q/1PY4iJviGKddtmfClH3v4=
-----END PRIVATE KEY-----";
-----END PRIVATE KEY-----';
}
public static function publicJwkKeyArray(): array
@@ -125,8 +126,8 @@ q/1PY4iJviGKddtmfClH3v4=
'alg' => 'RS256',
'kid' => '066e52af-8884-4926-801d-032a276f9f2a',
'use' => 'sig',
'e' => 'AQAB',
'n' => 'qo1OmfNKec5S2zQC4SP9DrHuUR0VgCi6oqcGERz7zqO36hqk3A3R3aCgJkEjfnbnMuszRRKs45NbXoOp9pvmzXL16c93Obn7G8x8A3ao6yN5qKO5S5-CETqOZfKN_g75Xlz7VsC3igOhgsXnPx6iiM6sbYbk0U_XpFaT84LXKI8VTIPUo7gTeZN1pTET__i9FlzAOzX-xfWBKdOqlEzl-zihMHCZUUvQu99P-o0MDR0lMUT-vPJ6SJeRfnoHexwt6bZFiNnsZIEL03bX4QNkWvsLta1-jNUee-8IPVhzCO8bvM86NzLaKUJ4k6NZ5IVrmdCFpFsjCWByOrDG8wdw3w',
'e' => 'AQAB',
'n' => 'qo1OmfNKec5S2zQC4SP9DrHuUR0VgCi6oqcGERz7zqO36hqk3A3R3aCgJkEjfnbnMuszRRKs45NbXoOp9pvmzXL16c93Obn7G8x8A3ao6yN5qKO5S5-CETqOZfKN_g75Xlz7VsC3igOhgsXnPx6iiM6sbYbk0U_XpFaT84LXKI8VTIPUo7gTeZN1pTET__i9FlzAOzX-xfWBKdOqlEzl-zihMHCZUUvQu99P-o0MDR0lMUT-vPJ6SJeRfnoHexwt6bZFiNnsZIEL03bX4QNkWvsLta1-jNUee-8IPVhzCO8bvM86NzLaKUJ4k6NZ5IVrmdCFpFsjCWByOrDG8wdw3w',
];
}
}
}

2
tests/SharedTestHelpers.php
View File

@@ -252,6 +252,7 @@ trait SharedTestHelpers
/**
* Mock the http client used in BookStack.
* Returns a reference to the container which holds all history of http transactions.
*
* @link https://docs.guzzlephp.org/en/stable/testing.html#history-middleware
*/
protected function &mockHttpClient(array $responses = []): array
@@ -262,6 +263,7 @@ trait SharedTestHelpers
$handlerStack = new HandlerStack($mock);
$handlerStack->push($history);
$this->app[ClientInterface::class] = new Client(['handler' => $handlerStack]);
return $container;
}

18
tests/Unit/OidcIdTokenTest.php
View File

@@ -2,8 +2,8 @@
namespace Tests\Unit;
use BookStack\Auth\Access\Oidc\OidcInvalidTokenException;
use BookStack\Auth\Access\Oidc\OidcIdToken;
use BookStack\Auth\Access\Oidc\OidcInvalidTokenException;
use Tests\Helpers\OidcJwtHelper;
use Tests\TestCase;
@@ -12,7 +12,7 @@ class OidcIdTokenTest extends TestCase
public function test_valid_token_passes_validation()
{
$token = new OidcIdToken(OidcJwtHelper::idToken(), OidcJwtHelper::defaultIssuer(), [
OidcJwtHelper::publicJwkKeyArray()
OidcJwtHelper::publicJwkKeyArray(),
]);
$this->assertTrue($token->validate('xxyyzz.aaa.bbccdd.123'));
@@ -54,6 +54,7 @@ class OidcIdTokenTest extends TestCase
foreach ($messagesAndTokenValues as [$message, $tokenValue]) {
$token = new OidcIdToken($tokenValue, OidcJwtHelper::defaultIssuer(), []);
$err = null;
try {
$token->validate('abc');
} catch (\Exception $exception) {
@@ -77,8 +78,8 @@ class OidcIdTokenTest extends TestCase
{
$token = new OidcIdToken(OidcJwtHelper::idToken(), OidcJwtHelper::defaultIssuer(), [
array_merge(OidcJwtHelper::publicJwkKeyArray(), [
'n' => 'iqK-1QkICMf_cusNLpeNnN-bhT0-9WLBvzgwKLALRbrevhdi5ttrLHIQshaSL0DklzfyG2HWRmAnJ9Q7sweEjuRiiqRcSUZbYu8cIv2hLWYu7K_NH67D2WUjl0EnoHEuiVLsZhQe1CmdyLdx087j5nWkd64K49kXRSdxFQUlj8W3NeK3CjMEUdRQ3H4RZzJ4b7uuMiFA29S2ZhMNG20NPbkUVsFL-jiwTd10KSsPT8yBYipI9O7mWsUWt_8KZs1y_vpM_k3SyYihnWpssdzDm1uOZ8U3mzFr1xsLAO718GNUSXk6npSDzLl59HEqa6zs4O9awO2qnSHvcmyELNk31w'
])
'n' => 'iqK-1QkICMf_cusNLpeNnN-bhT0-9WLBvzgwKLALRbrevhdi5ttrLHIQshaSL0DklzfyG2HWRmAnJ9Q7sweEjuRiiqRcSUZbYu8cIv2hLWYu7K_NH67D2WUjl0EnoHEuiVLsZhQe1CmdyLdx087j5nWkd64K49kXRSdxFQUlj8W3NeK3CjMEUdRQ3H4RZzJ4b7uuMiFA29S2ZhMNG20NPbkUVsFL-jiwTd10KSsPT8yBYipI9O7mWsUWt_8KZs1y_vpM_k3SyYihnWpssdzDm1uOZ8U3mzFr1xsLAO718GNUSXk6npSDzLl59HEqa6zs4O9awO2qnSHvcmyELNk31w',
]),
]);
$this->expectException(OidcInvalidTokenException::class);
$this->expectExceptionMessage('Token signature could not be validated using the provided keys');
@@ -97,7 +98,7 @@ class OidcIdTokenTest extends TestCase
{
$token = new OidcIdToken(OidcJwtHelper::idToken([], ['alg' => 'HS256']), OidcJwtHelper::defaultIssuer(), []);
$this->expectException(OidcInvalidTokenException::class);
$this->expectExceptionMessage("Only RS256 signature validation is supported. Token reports using HS256");
$this->expectExceptionMessage('Only RS256 signature validation is supported. Token reports using HS256');
$token->validate('abc');
}
@@ -134,10 +135,11 @@ class OidcIdTokenTest extends TestCase
foreach ($claimOverridesByErrorMessage as [$message, $overrides]) {
$token = new OidcIdToken(OidcJwtHelper::idToken($overrides), OidcJwtHelper::defaultIssuer(), [
OidcJwtHelper::publicJwkKeyArray()
OidcJwtHelper::publicJwkKeyArray(),
]);
$err = null;
try {
$token->validate('xxyyzz.aaa.bbccdd.123');
} catch (\Exception $exception) {
@@ -155,10 +157,10 @@ class OidcIdTokenTest extends TestCase
$testFilePath = 'file://' . stream_get_meta_data($file)['uri'];
file_put_contents($testFilePath, OidcJwtHelper::publicPemKey());
$token = new OidcIdToken(OidcJwtHelper::idToken(), OidcJwtHelper::defaultIssuer(), [
$testFilePath
$testFilePath,
]);
$this->assertTrue($token->validate('xxyyzz.aaa.bbccdd.123'));
unlink($testFilePath);
}
}
}