Add tests for OAuth2 app

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>

apps/oauth2/lib/Db/AccessTokenMapper.php

@@ -21,6 +21,7 @@
 
 namespace OCA\OAuth2\Db;
 
+use OCA\OAuth2\Exceptions\AccessTokenNotFoundException;
 use OCP\AppFramework\Db\Mapper;
 use OCP\DB\QueryBuilder\IQueryBuilder;
 use OCP\IDBConnection;
@@ -37,6 +38,7 @@ class AccessTokenMapper extends Mapper {
 	/**
 	 * @param string $code
 	 * @return AccessToken
+	 * @throws AccessTokenNotFoundException
 	 */
 	public function getByCode($code) {
 		$qb = $this->db->getQueryBuilder();
@@ -47,6 +49,9 @@ class AccessTokenMapper extends Mapper {
 		$result = $qb->execute();
 		$row = $result->fetch();
 		$result->closeCursor();
+		if($row === false) {
+			throw new AccessTokenNotFoundException();
+		}
 		return AccessToken::fromRow($row);
 	}
 

apps/oauth2/lib/Db/ClientMapper.php

@@ -21,6 +21,7 @@
 
 namespace OCA\OAuth2\Db;
 
+use OCA\OAuth2\Exceptions\ClientNotFoundException;
 use OCP\AppFramework\Db\Mapper;
 use OCP\DB\QueryBuilder\IQueryBuilder;
 use OCP\IDBConnection;
@@ -37,6 +38,7 @@ class ClientMapper extends Mapper {
 	/**
 	 * @param string $clientIdentifier
 	 * @return Client
+	 * @throws ClientNotFoundException
 	 */
 	public function getByIdentifier($clientIdentifier) {
 		$qb = $this->db->getQueryBuilder();
@@ -47,17 +49,16 @@ class ClientMapper extends Mapper {
 		$result = $qb->execute();
 		$row = $result->fetch();
 		$result->closeCursor();
-
-		if (!is_array($row)) {
-			$row = [];
+		if($row === false) {
+			throw new ClientNotFoundException();
 		}
-
 		return Client::fromRow($row);
 	}
 
 	/**
 	 * @param string $uid internal uid of the client
 	 * @return Client
+	 * @throws ClientNotFoundException
 	 */
 	public function getByUid($uid) {
 		$qb = $this->db->getQueryBuilder();
@@ -68,11 +69,9 @@ class ClientMapper extends Mapper {
 		$result = $qb->execute();
 		$row = $result->fetch();
 		$result->closeCursor();
-
-		if (!is_array($row)) {
-			$row = [];
+		if($row === false) {
+			throw new ClientNotFoundException();
 		}
-
 		return Client::fromRow($row);
 	}
 

apps/oauth2/tests/Controller/LoginRedirectorControllerTest.php

@@ -0,0 +1,91 @@
+<?php
+/**
+ * @copyright Copyright (c) 2017 Lukas Reschke <lukas@statuscode.ch>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\OAuth2\Tests\Controller;
+
+use OCA\Files_Sharing\Tests\TestCase;
+use OCA\OAuth2\Controller\LoginRedirectorController;
+use OCA\OAuth2\Db\Client;
+use OCA\OAuth2\Db\ClientMapper;
+use OCP\AppFramework\Http\RedirectResponse;
+use OCP\IRequest;
+use OCP\ISession;
+use OCP\IURLGenerator;
+
+/**
+ * @group DB
+ */
+class LoginRedirectorControllerTest extends TestCase {
+	/** @var IRequest|\PHPUnit_Framework_MockObject_MockObject */
+	private $request;
+	/** @var IURLGenerator|\PHPUnit_Framework_MockObject_MockObject */
+	private $urlGenerator;
+	/** @var ClientMapper|\PHPUnit_Framework_MockObject_MockObject */
+	private $clientMapper;
+	/** @var ISession|\PHPUnit_Framework_MockObject_MockObject */
+	private $session;
+	/** @var LoginRedirectorController */
+	private $loginRedirectorController;
+
+	public function setUp() {
+		parent::setUp();
+
+		$this->request = $this->createMock(IRequest::class);
+		$this->urlGenerator = $this->createMock(IURLGenerator::class);
+		$this->clientMapper = $this->createMock(ClientMapper::class);
+		$this->session = $this->createMock(ISession::class);
+
+		$this->loginRedirectorController = new LoginRedirectorController(
+			'oauth2',
+			$this->request,
+			$this->urlGenerator,
+			$this->clientMapper,
+			$this->session
+		);
+	}
+
+	public function testAuthorize() {
+		$client = new Client();
+		$client->setClientIdentifier('MyClientIdentifier');
+		$this->clientMapper
+			->expects($this->once())
+			->method('getByIdentifier')
+			->with('MyClientId')
+			->willReturn($client);
+		$this->session
+			->expects($this->once())
+			->method('set')
+			->with('oauth.state', 'MyState');
+		$this->urlGenerator
+			->expects($this->once())
+			->method('linkToRouteAbsolute')
+			->with(
+				'core.ClientFlowLogin.showAuthPickerPage',
+				[
+					'clientIdentifier' => 'MyClientIdentifier',
+				]
+			)
+			->willReturn('https://example.com/?clientIdentifier=foo');
+
+		$expected = new RedirectResponse('https://example.com/?clientIdentifier=foo');
+		$this->assertEquals($expected, $this->loginRedirectorController->authorize('MyClientId', 'MyState'));
+	}
+}

apps/oauth2/tests/Controller/OauthApiControllerTest.php

@@ -0,0 +1,106 @@
+<?php
+/**
+ * @copyright Copyright (c) 2017 Lukas Reschke <lukas@statuscode.ch>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\OAuth2\Tests\Controller;
+
+use OC\Authentication\Token\DefaultToken;
+use OC\Authentication\Token\DefaultTokenMapper;
+use OCA\OAuth2\Controller\OauthApiController;
+use OCA\OAuth2\Db\AccessToken;
+use OCA\OAuth2\Db\AccessTokenMapper;
+use OCP\AppFramework\Http\JSONResponse;
+use OCP\IRequest;
+use OCP\Security\ICrypto;
+use OCP\Security\ISecureRandom;
+use Test\TestCase;
+
+class OauthApiControllerTest extends TestCase {
+	/** @var IRequest|\PHPUnit_Framework_MockObject_MockObject */
+	private $request;
+	/** @var ICrypto|\PHPUnit_Framework_MockObject_MockObject */
+	private $crypto;
+	/** @var AccessTokenMapper|\PHPUnit_Framework_MockObject_MockObject */
+	private $accessTokenMapper;
+	/** @var DefaultTokenMapper|\PHPUnit_Framework_MockObject_MockObject */
+	private $defaultTokenMapper;
+	/** @var ISecureRandom|\PHPUnit_Framework_MockObject_MockObject */
+	private $secureRandom;
+	/** @var OauthApiController */
+	private $oauthApiController;
+
+	public function setUp() {
+		parent::setUp();
+
+		$this->request = $this->createMock(IRequest::class);
+		$this->crypto = $this->createMock(ICrypto::class);
+		$this->accessTokenMapper = $this->createMock(AccessTokenMapper::class);
+		$this->defaultTokenMapper = $this->createMock(DefaultTokenMapper::class);
+		$this->secureRandom = $this->createMock(ISecureRandom::class);
+
+		$this->oauthApiController = new OauthApiController(
+			'oauth2',
+			$this->request,
+			$this->crypto,
+			$this->accessTokenMapper,
+			$this->defaultTokenMapper,
+			$this->secureRandom
+		);
+	}
+
+	public function testGetToken() {
+		$accessToken = new AccessToken();
+		$accessToken->setEncryptedToken('MyEncryptedToken');
+		$accessToken->setTokenId(123);
+		$this->accessTokenMapper
+			->expects($this->once())
+			->method('getByCode')
+			->willReturn($accessToken);
+		$this->crypto
+			->expects($this->once())
+			->method('decrypt')
+			->with('MyEncryptedToken', 'MySecretCode')
+			->willReturn('MyDecryptedToken');
+		$this->secureRandom
+			->expects($this->once())
+			->method('generate')
+			->with(128)
+			->willReturn('NewToken');
+		$token = new DefaultToken();
+		$token->setUid('JohnDoe');
+		$this->defaultTokenMapper
+			->expects($this->once())
+			->method('getTokenById')
+			->with(123)
+			->willReturn($token);
+
+		$expected = new JSONResponse(
+			[
+				'access_token' => 'MyDecryptedToken',
+				'token_type' => 'Bearer',
+				'expires_in' => 3600,
+				'refresh_token' => 'NewToken',
+				'user_id' => 'JohnDoe',
+			]
+		);
+		$this->assertEquals($expected, $this->oauthApiController->getToken('MySecretCode'));
+	}
+
+}

apps/oauth2/tests/Controller/SettingsControllerTest.php

@@ -0,0 +1,139 @@
+<?php
+/**
+ * @copyright Copyright (c) 2017 Lukas Reschke <lukas@statuscode.ch>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\OAuth2\Tests\Controller;
+
+use OC\Authentication\Token\DefaultTokenMapper;
+use OCA\OAuth2\Controller\SettingsController;
+use OCA\OAuth2\Db\AccessTokenMapper;
+use OCA\OAuth2\Db\Client;
+use OCA\OAuth2\Db\ClientMapper;
+use OCP\AppFramework\Http\RedirectResponse;
+use OCP\IRequest;
+use OCP\IURLGenerator;
+use OCP\Security\ISecureRandom;
+use Test\TestCase;
+
+class SettingsControllerTest extends TestCase {
+	/** @var IRequest|\PHPUnit_Framework_MockObject_MockObject */
+	private $request;
+	/** @var IURLGenerator|\PHPUnit_Framework_MockObject_MockObject */
+	private $urlGenerator;
+	/** @var ClientMapper|\PHPUnit_Framework_MockObject_MockObject */
+	private $clientMapper;
+	/** @var ISecureRandom|\PHPUnit_Framework_MockObject_MockObject */
+	private $secureRandom;
+	/** @var AccessTokenMapper|\PHPUnit_Framework_MockObject_MockObject */
+	private $accessTokenMapper;
+	/** @var DefaultTokenMapper|\PHPUnit_Framework_MockObject_MockObject */
+	private $defaultTokenMapper;
+	/** @var SettingsController */
+	private $settingsController;
+
+	public function setUp() {
+		parent::setUp();
+
+		$this->request = $this->createMock(IRequest::class);
+		$this->urlGenerator = $this->createMock(IURLGenerator::class);
+		$this->clientMapper = $this->createMock(ClientMapper::class);
+		$this->secureRandom = $this->createMock(ISecureRandom::class);
+		$this->accessTokenMapper = $this->createMock(AccessTokenMapper::class);
+		$this->defaultTokenMapper = $this->createMock(DefaultTokenMapper::class);
+
+		$this->settingsController = new SettingsController(
+			'oauth2',
+			$this->request,
+			$this->urlGenerator,
+			$this->clientMapper,
+			$this->secureRandom,
+			$this->accessTokenMapper,
+			$this->defaultTokenMapper
+		);
+	}
+
+	public function testAddClient() {
+		$this->secureRandom
+			->expects($this->at(0))
+			->method('generate')
+			->with(64, 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789')
+			->willReturn('MySecret');
+		$this->secureRandom
+			->expects($this->at(1))
+			->method('generate')
+			->with(64, 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789')
+			->willReturn('MyClientIdentifier');
+
+		$client = new Client();
+		$client->setName('My Client Name');
+		$client->setRedirectUri('https://example.com/');
+		$client->setSecret('MySecret');
+		$client->setClientIdentifier('MyClientIdentifier');
+
+		$this->clientMapper
+			->expects($this->once())
+			->method('insert')
+			->with($client);
+
+		$this->urlGenerator
+			->expects($this->once())
+			->method('getAbsoluteURL')
+			->with('/index.php/settings/admin/security')
+			->willReturn('https://example.com/index.php/settings/admin/security');
+
+		$expected = new RedirectResponse('https://example.com/index.php/settings/admin/security');
+		$this->assertEquals($expected, $this->settingsController->addClient('My Client Name', 'https://example.com/'));
+	}
+
+	public function testDeleteClient() {
+		$client = new Client();
+		$client->setName('My Client Name');
+		$client->setRedirectUri('https://example.com/');
+		$client->setSecret('MySecret');
+		$client->setClientIdentifier('MyClientIdentifier');
+
+		$this->clientMapper
+			->expects($this->at(0))
+			->method('getByUid')
+			->with(123)
+			->willReturn($client);
+		$this->accessTokenMapper
+			->expects($this->once())
+			->method('deleteByClientId')
+			->with(123);
+		$this->defaultTokenMapper
+			->expects($this->once())
+			->method('deleteByName')
+			->with('My Client Name');
+		$this->clientMapper
+			->expects($this->at(1))
+			->method('delete')
+			->with($client);
+
+		$this->urlGenerator
+			->expects($this->once())
+			->method('getAbsoluteURL')
+			->with('/index.php/settings/admin/security')
+			->willReturn('https://example.com/index.php/settings/admin/security');
+
+		$expected = new RedirectResponse('https://example.com/index.php/settings/admin/security');
+		$this->assertEquals($expected, $this->settingsController->deleteClient(123));
+	}
+}

apps/oauth2/tests/Db/AccessTokenMapperTest.php

@@ -0,0 +1,69 @@
+<?php
+/**
+ * @copyright Copyright (c) 2017 Lukas Reschke <lukas@statuscode.ch>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\OAuth2\Tests\Db;
+
+use OCA\OAuth2\Db\AccessToken;
+use OCA\OAuth2\Db\AccessTokenMapper;
+use Test\TestCase;
+
+/**
+ * @group DB
+ */
+class AccessTokenMapperTest extends TestCase {
+	/** @var AccessTokenMapper */
+	private $accessTokenMapper;
+
+	public function setUp() {
+		parent::setUp();
+		$this->accessTokenMapper = new AccessTokenMapper(\OC::$server->getDatabaseConnection());
+	}
+
+	public function testGetByCode() {
+		$this->accessTokenMapper->deleteByClientId(1234);
+		$token = new AccessToken();
+		$token->setClientId(1234);
+		$token->setTokenId((string)time());
+		$token->setEncryptedToken('MyEncryptedToken');
+		$token->setHashedCode(hash('sha512', 'MyAwesomeToken'));
+		$this->accessTokenMapper->insert($token);
+		$token->resetUpdatedFields();
+
+		$result = $this->accessTokenMapper->getByCode('MyAwesomeToken');
+		$this->assertEquals($token, $result);
+	}
+
+	/**
+	 * @expectedException \OCA\OAuth2\Exceptions\AccessTokenNotFoundException
+	 */
+	public function testDeleteByClientId() {
+		$this->accessTokenMapper->deleteByClientId('TestId');
+		$token = new AccessToken();
+		$token->setClientId(1234);
+		$token->setTokenId((string)time());
+		$token->setEncryptedToken('MyEncryptedToken');
+		$token->setHashedCode(hash('sha512', 'MyAwesomeToken'));
+		$this->accessTokenMapper->insert($token);
+		$token->resetUpdatedFields();
+		$this->accessTokenMapper->deleteByClientId(1234);
+		$this->accessTokenMapper->getByCode('MyAwesomeToken');
+	}
+}

apps/oauth2/tests/Db/ClientMapperTest.php

@@ -0,0 +1,79 @@
+<?php
+/**
+ * @copyright Copyright (c) 2017 Lukas Reschke <lukas@statuscode.ch>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\OAuth2\Tests\Db;
+
+use OCA\OAuth2\Db\Client;
+use OCA\OAuth2\Db\ClientMapper;
+use Test\TestCase;
+
+/**
+ * @group DB
+ */
+class ClientMapperTest extends TestCase {
+	/** @var ClientMapper */
+	private $clientMapper;
+
+	public function setUp() {
+		parent::setUp();
+		$this->clientMapper = new ClientMapper(\OC::$server->getDatabaseConnection());
+	}
+
+	public function testGetByIdentifier() {
+		$client = new Client();
+		$client->setClientIdentifier('MyAwesomeClientIdentifier');
+		$client->setName('Client Name');
+		$client->setRedirectUri('https://example.com/');
+		$client->setSecret('TotallyNotSecret');
+		$this->clientMapper->insert($client);
+		$client->resetUpdatedFields();
+		$this->assertEquals($client, $this->clientMapper->getByIdentifier('MyAwesomeClientIdentifier'));
+	}
+
+	/**
+	 * @expectedException \OCA\OAuth2\Exceptions\ClientNotFoundException
+	 */
+	public function testGetByIdentifierNotExisting() {
+		$this->clientMapper->getByIdentifier('MyTotallyNotExistingClient');
+	}
+
+	public function testGetByUid() {
+		$client = new Client();
+		$client->setClientIdentifier('MyNewClient');
+		$client->setName('Client Name');
+		$client->setRedirectUri('https://example.com/');
+		$client->setSecret('TotallyNotSecret');
+		$this->clientMapper->insert($client);
+		$client->resetUpdatedFields();
+		$this->assertEquals($client, $this->clientMapper->getByUid($client->getId()));
+	}
+
+	/**
+	 * @expectedException \OCA\OAuth2\Exceptions\ClientNotFoundException
+	 */
+	public function testGetByUidNotExisting() {
+		$this->clientMapper->getByUid(1234);
+	}
+
+	public function testGetClients() {
+		$this->assertSame('array', gettype($this->clientMapper->getClients()));
+	}
+}

apps/oauth2/tests/Settings/AdminTest.php

@@ -0,0 +1,66 @@
+<?php
+/**
+ * @copyright Copyright (c) 2017 Lukas Reschke <lukas@statuscode.ch>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\OAuth2\Tests\Settings;
+
+use OCA\OAuth2\Db\ClientMapper;
+use OCA\OAuth2\Settings\Admin;
+use OCP\AppFramework\Http\TemplateResponse;
+use Test\TestCase;
+
+class AdminTest extends TestCase {
+	/** @var ClientMapper|\PHPUnit_Framework_MockObject_MockObject */
+	private $clientMapper;
+	/** @var Admin|\PHPUnit_Framework_MockObject_MockObject */
+	private $admin;
+
+	public function setUp() {
+		parent::setUp();
+
+		$this->clientMapper = $this->createMock(ClientMapper::class);
+		$this->admin = new Admin($this->clientMapper);
+	}
+
+	public function testGetForm() {
+		$this->clientMapper
+			->expects($this->once())
+			->method('getClients')
+			->willReturn(['MyClients']);
+
+		$expected = new TemplateResponse(
+			'oauth2',
+			'admin',
+			[
+				'clients' => ['MyClients'],
+			],
+			''
+		);
+		$this->assertEquals($expected, $this->admin->getForm());
+	}
+
+	public function testGetSection() {
+		$this->assertSame('security', $this->admin->getSection());
+	}
+
+	public function testGetPriority() {
+		$this->assertSame(0, $this->admin->getPriority());
+	}
+}

tests/phpunit-autotest.xml

@@ -30,6 +30,7 @@
 				<directory suffix=".php">../apps/files_sharing/tests</directory>
 				<directory suffix=".php">../apps/files_trashbin/tests</directory>
 				<directory suffix=".php">../apps/files_versions/tests</directory>
+				<directory suffix=".php">../apps/oauth2/tests</directory>
 				<directory suffix=".php">../apps/provisioning_api/tests</directory>
 				<directory suffix=".php">../apps/systemtags/tests</directory>
 				<directory suffix=".php">../apps/theming/tests</directory>