‪TYPO3CMS  11.5
MfaProviderRegistryTest.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
18 namespace ‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa;
19 
20 use ‪TYPO3\CMS\Core\Authentication\AbstractUserAuthentication;
21 use ‪TYPO3\CMS\Core\Authentication\Mfa\MfaProviderManifest;
22 use ‪TYPO3\CMS\Core\Authentication\Mfa\MfaProviderRegistry;
23 use TYPO3\TestingFramework\Core\Functional\FunctionalTestCase;
24 
25 class ‪MfaProviderRegistryTest extends FunctionalTestCase
26 {
27  protected ‪MfaProviderRegistry ‪$subject;
28  protected ‪AbstractUserAuthentication ‪$user;
29 
30  protected function ‪setUp(): void
31  {
32  parent::setUp();
33 
34  $this->subject = $this->get(MfaProviderRegistry::class);
35 
36  // Add two providers, which both are not active and unlocked
37  $this->user = $this->setUpBackendUserFromFixture(1);
38  $this->user->user['mfa'] = json_encode([
39  'recovery-codes' => [
40  'active' => false,
41  'codes' => ['some-code'],
42  ],
43  'totp' => [
44  'active' => false,
45  'secret' => 'KRMVATZTJFZUC53FONXW2ZJB',
46  'attempts' => 0,
47  ],
48  ]);
49  }
50 
51  public function ‪registerProviderTest(): void
52  {
53  self::assertCount(2, $this->subject->getProviders());
54 
55  $this->subject->registerProvider(
56  new ‪MfaProviderManifest(
57  'some-provider',
58  'Some provider',
59  'Some provider description',
60  'Setup instructions for some-provider',
61  'actions-music',
62  true,
63  'SomeProvider',
64  $this->getContainer()
65  )
66  );
67 
68  self::assertCount(3, $this->subject->getProviders());
69  self::assertTrue($this->subject->hasProvider('some-provider'));
70  self::assertInstanceOf(MfaProviderManifest::class, $this->subject->getProvider('some-provider'));
71  }
72 
76  public function ‪getProviderThrowsExceptionOnInvalidIdentifierTest(): void
77  {
78  $this->expectExceptionCode(1610994735);
79  $this->expectException(\InvalidArgumentException::class);
80  $this->subject->getProvider('unknown-provider');
81  }
82 
86  public function ‪hasActiveProvidersTest(): void
87  {
88  self::assertFalse($this->subject->hasActiveProviders($this->user));
89  $this->‪activateProvider('totp');
90  self::assertTrue($this->subject->hasActiveProviders($this->user));
91  }
92 
96  public function ‪getActiveProvidersTest(): void
97  {
98  self::assertCount(0, $this->subject->getActiveProviders($this->user));
99 
100  $this->‪activateProvider('totp');
101  $result = $this->subject->getActiveProviders($this->user);
102 
103  self::assertCount(1, $result);
104  self::assertEquals('totp', array_key_first($result));
105 
106  $this->‪activateProvider('recovery-codes');
107  $result = $this->subject->getActiveProviders($this->user);
108 
109  self::assertCount(2, $result);
110  self::assertEquals('recovery-codes', array_key_last($result));
111  }
112 
116  public function ‪getFirstAuthenticationAwareProviderTest(): void
117  {
118  self::assertNull($this->subject->getFirstAuthenticationAwareProvider($this->user));
119 
120  $this->‪activateProvider('recovery-codes');
121  // Recovery codes can NOT be an authentication aware provider, without another provider being active
122  self::assertNull($this->subject->getFirstAuthenticationAwareProvider($this->user));
123 
124  $this->‪activateProvider('totp');
125  self::assertEquals(
126  'totp',
127  $this->subject->getFirstAuthenticationAwareProvider($this->user)->getIdentifier()
128  );
129 
130  // @todo This does no significance, until we have another "full" provider
131  $this->‪setDefaultProvider('totp');
132  self::assertEquals(
133  'totp',
134  $this->subject->getFirstAuthenticationAwareProvider($this->user)->getIdentifier()
135  );
136  }
137 
141  public function ‪hasLockedProvidersTest(): void
142  {
143  self::assertFalse($this->subject->hasLockedProviders($this->user));
144  $this->‪lockProvider('totp');
145  self::assertTrue($this->subject->hasLockedProviders($this->user));
146  }
147 
151  public function ‪getLockedProvidersTest(): void
152  {
153  self::assertCount(0, $this->subject->getLockedProviders($this->user));
154 
155  $this->‪lockProvider('totp');
156  $result = $this->subject->getLockedProviders($this->user);
157 
158  self::assertCount(1, $result);
159  self::assertEquals('totp', array_key_first($result));
160 
161  $this->‪lockProvider('recovery-codes');
162  $result = $this->subject->getLockedProviders($this->user);
163 
164  self::assertCount(2, $result);
165  self::assertEquals('recovery-codes', array_key_last($result));
166  }
167 
171  public function ‪allowedProvidersItemsProcFuncTest(): void
172  {
173  $parameters = [];
174  $this->subject->allowedProvidersItemsProcFunc($parameters);
175 
176  self::assertEquals(
177  [
178  'items' => [
179  [
180  'LLL:EXT:core/Resources/Private/Language/locallang_mfa_provider.xlf:totp.title',
181  'totp',
182  'actions-qrcode',
183  null,
184  'LLL:EXT:core/Resources/Private/Language/locallang_mfa_provider.xlf:totp.description',
185  ],
186  [
187  'LLL:EXT:core/Resources/Private/Language/locallang_mfa_provider.xlf:recoveryCodes.title',
188  'recovery-codes',
189  'content-text-columns',
190  null,
191  'LLL:EXT:core/Resources/Private/Language/locallang_mfa_provider.xlf:recoveryCodes.description',
192  ],
193  ],
194  ],
195  $parameters
196  );
197  }
198 
199  protected function ‪activateProvider(string $provider): void
200  {
201  $mfa = json_decode($this->user->user['mfa'], true);
202  $mfa[$provider]['active'] = true;
203  $this->user->user['mfa'] = json_encode($mfa);
204  }
205 
206  protected function ‪lockProvider(string $provider): void
207  {
208  $mfa = json_decode($this->user->user['mfa'], true);
209  $mfa[$provider]['attempts'] = 3;
210  $this->user->user['mfa'] = json_encode($mfa);
211  }
212 
213  protected function ‪setDefaultProvider(string $defaultProvider): void
214  {
215  $this->user->uc['mfa']['defaultProvider'] = $defaultProvider;
216  }
217 }
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa\MfaProviderRegistryTest\hasActiveProvidersTest
‪hasActiveProvidersTest()
Definition: MfaProviderRegistryTest.php:86
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa\MfaProviderRegistryTest\getLockedProvidersTest
‪getLockedProvidersTest()
Definition: MfaProviderRegistryTest.php:151
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa\MfaProviderRegistryTest\setUp
‪setUp()
Definition: MfaProviderRegistryTest.php:30
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa\MfaProviderRegistryTest\setDefaultProvider
‪setDefaultProvider(string $defaultProvider)
Definition: MfaProviderRegistryTest.php:213
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa\MfaProviderRegistryTest\activateProvider
‪activateProvider(string $provider)
Definition: MfaProviderRegistryTest.php:199
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa\MfaProviderRegistryTest\registerProviderTest
‪registerProviderTest()
Definition: MfaProviderRegistryTest.php:51
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa\MfaProviderRegistryTest\allowedProvidersItemsProcFuncTest
‪allowedProvidersItemsProcFuncTest()
Definition: MfaProviderRegistryTest.php:171
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa\MfaProviderRegistryTest
Definition: MfaProviderRegistryTest.php:26
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa\MfaProviderRegistryTest\hasLockedProvidersTest
‪hasLockedProvidersTest()
Definition: MfaProviderRegistryTest.php:141
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa
Definition: MfaProviderPropertyManagerTest.php:18
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa\MfaProviderRegistryTest\getProviderThrowsExceptionOnInvalidIdentifierTest
‪getProviderThrowsExceptionOnInvalidIdentifierTest()
Definition: MfaProviderRegistryTest.php:76
‪TYPO3\CMS\Core\Authentication\Mfa\MfaProviderManifest
Definition: MfaProviderManifest.php:30
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa\MfaProviderRegistryTest\$subject
‪MfaProviderRegistry $subject
Definition: MfaProviderRegistryTest.php:27
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa\MfaProviderRegistryTest\getActiveProvidersTest
‪getActiveProvidersTest()
Definition: MfaProviderRegistryTest.php:96
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa\MfaProviderRegistryTest\getFirstAuthenticationAwareProviderTest
‪getFirstAuthenticationAwareProviderTest()
Definition: MfaProviderRegistryTest.php:116
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa\MfaProviderRegistryTest\lockProvider
‪lockProvider(string $provider)
Definition: MfaProviderRegistryTest.php:206
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa\MfaProviderRegistryTest\$user
‪AbstractUserAuthentication $user
Definition: MfaProviderRegistryTest.php:28
‪TYPO3\CMS\Core\Authentication\AbstractUserAuthentication
Definition: AbstractUserAuthentication.php:56
‪TYPO3\CMS\Core\Authentication\Mfa\MfaProviderRegistry
Definition: MfaProviderRegistry.php:28