‪TYPO3CMS  ‪main
MfaProviderRegistryTest.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
18 namespace ‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa;
19 
20 use PHPUnit\Framework\Attributes\Test;
21 use ‪TYPO3\CMS\Core\Authentication\AbstractUserAuthentication;
22 use ‪TYPO3\CMS\Core\Authentication\Mfa\MfaProviderManifest;
23 use ‪TYPO3\CMS\Core\Authentication\Mfa\MfaProviderRegistry;
24 use TYPO3\TestingFramework\Core\Functional\FunctionalTestCase;
25 
26 final class ‪MfaProviderRegistryTest extends FunctionalTestCase
27 {
28  protected ‪MfaProviderRegistry ‪$subject;
29  protected ‪AbstractUserAuthentication ‪$user;
30 
31  protected function ‪setUp(): void
32  {
33  parent::setUp();
34 
35  $this->subject = $this->get(MfaProviderRegistry::class);
36 
37  // Add two providers, which both are not active and unlocked
38  $this->importCSVDataSet(__DIR__ . '/../Fixtures/be_users.csv');
39  $this->user = $this->setUpBackendUser(1);
40  $this->user->user['mfa'] = json_encode([
41  'recovery-codes' => [
42  'active' => false,
43  'codes' => ['some-code'],
44  ],
45  'totp' => [
46  'active' => false,
47  'secret' => 'KRMVATZTJFZUC53FONXW2ZJB',
48  'attempts' => 0,
49  ],
50  ]);
51  }
52 
53  public function ‪registerProviderTest(): void
54  {
55  self::assertCount(2, $this->subject->getProviders());
56 
57  $this->subject->registerProvider(
58  new ‪MfaProviderManifest(
59  'some-provider',
60  'Some provider',
61  'Some provider description',
62  'Setup instructions for some-provider',
63  'actions-music',
64  true,
65  'SomeProvider',
66  $this->getContainer()
67  )
68  );
69 
70  self::assertCount(3, $this->subject->getProviders());
71  self::assertTrue($this->subject->hasProvider('some-provider'));
72  self::assertInstanceOf(MfaProviderManifest::class, $this->subject->getProvider('some-provider'));
73  }
74 
75  #[Test]
76  public function ‪getProviderThrowsExceptionOnInvalidIdentifierTest(): void
77  {
78  $this->expectExceptionCode(1610994735);
79  $this->expectException(\InvalidArgumentException::class);
80  $this->subject->getProvider('unknown-provider');
81  }
82 
83  #[Test]
84  public function ‪hasActiveProvidersTest(): void
85  {
86  self::assertFalse($this->subject->hasActiveProviders($this->user));
87  $this->‪activateProvider('totp');
88  self::assertTrue($this->subject->hasActiveProviders($this->user));
89  }
90 
91  #[Test]
92  public function ‪getActiveProvidersTest(): void
93  {
94  self::assertCount(0, $this->subject->getActiveProviders($this->user));
95 
96  $this->‪activateProvider('totp');
97  $result = $this->subject->getActiveProviders($this->user);
98 
99  self::assertCount(1, $result);
100  self::assertEquals('totp', array_key_first($result));
101 
102  $this->‪activateProvider('recovery-codes');
103  $result = $this->subject->getActiveProviders($this->user);
104 
105  self::assertCount(2, $result);
106  self::assertEquals('recovery-codes', array_key_last($result));
107  }
108 
109  #[Test]
110  public function ‪getFirstAuthenticationAwareProviderTest(): void
111  {
112  self::assertNull($this->subject->getFirstAuthenticationAwareProvider($this->user));
113 
114  $this->‪activateProvider('recovery-codes');
115  // Recovery codes can NOT be an authentication aware provider, without another provider being active
116  self::assertNull($this->subject->getFirstAuthenticationAwareProvider($this->user));
117 
118  $this->‪activateProvider('totp');
119  self::assertEquals(
120  'totp',
121  $this->subject->getFirstAuthenticationAwareProvider($this->user)->getIdentifier()
122  );
123 
124  // @todo This does no significance, until we have another "full" provider
125  $this->‪setDefaultProvider('totp');
126  self::assertEquals(
127  'totp',
128  $this->subject->getFirstAuthenticationAwareProvider($this->user)->getIdentifier()
129  );
130  }
131 
132  #[Test]
133  public function ‪hasLockedProvidersTest(): void
134  {
135  self::assertFalse($this->subject->hasLockedProviders($this->user));
136  $this->‪lockProvider('totp');
137  self::assertTrue($this->subject->hasLockedProviders($this->user));
138  }
139 
140  #[Test]
141  public function ‪getLockedProvidersTest(): void
142  {
143  self::assertCount(0, $this->subject->getLockedProviders($this->user));
144 
145  $this->‪lockProvider('totp');
146  $result = $this->subject->getLockedProviders($this->user);
147 
148  self::assertCount(1, $result);
149  self::assertEquals('totp', array_key_first($result));
150 
151  $this->‪lockProvider('recovery-codes');
152  $result = $this->subject->getLockedProviders($this->user);
153 
154  self::assertCount(2, $result);
155  self::assertEquals('recovery-codes', array_key_last($result));
156  }
157 
158  #[Test]
159  public function ‪allowedProvidersItemsProcFuncTest(): void
160  {
161  $parameters = [];
162  $this->subject->allowedProvidersItemsProcFunc($parameters);
163 
164  self::assertEquals(
165  [
166  'items' => [
167  [
168  'label' => 'LLL:EXT:core/Resources/Private/Language/locallang_mfa_provider.xlf:totp.title',
169  'value' => 'totp',
170  'icon' => 'actions-qrcode',
171  'description' => 'LLL:EXT:core/Resources/Private/Language/locallang_mfa_provider.xlf:totp.description',
172  ],
173  [
174  'label' => 'LLL:EXT:core/Resources/Private/Language/locallang_mfa_provider.xlf:recoveryCodes.title',
175  'value' => 'recovery-codes',
176  'icon' => 'content-text-columns',
177  'description' => 'LLL:EXT:core/Resources/Private/Language/locallang_mfa_provider.xlf:recoveryCodes.description',
178  ],
179  ],
180  ],
181  $parameters
182  );
183  }
184 
185  protected function ‪activateProvider(string $provider): void
186  {
187  $mfa = json_decode($this->user->user['mfa'], true);
188  $mfa[$provider]['active'] = true;
189  $this->user->user['mfa'] = json_encode($mfa);
190  }
191 
192  protected function ‪lockProvider(string $provider): void
193  {
194  $mfa = json_decode($this->user->user['mfa'], true);
195  $mfa[$provider]['attempts'] = 3;
196  $this->user->user['mfa'] = json_encode($mfa);
197  }
198 
199  protected function ‪setDefaultProvider(string $defaultProvider): void
200  {
201  $this->user->uc['mfa']['defaultProvider'] = $defaultProvider;
202  }
203 }
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa\MfaProviderRegistryTest\hasActiveProvidersTest
‪hasActiveProvidersTest()
Definition: MfaProviderRegistryTest.php:84
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa\MfaProviderRegistryTest\getLockedProvidersTest
‪getLockedProvidersTest()
Definition: MfaProviderRegistryTest.php:141
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa\MfaProviderRegistryTest\setUp
‪setUp()
Definition: MfaProviderRegistryTest.php:31
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa\MfaProviderRegistryTest\setDefaultProvider
‪setDefaultProvider(string $defaultProvider)
Definition: MfaProviderRegistryTest.php:199
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa\MfaProviderRegistryTest\activateProvider
‪activateProvider(string $provider)
Definition: MfaProviderRegistryTest.php:185
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa\MfaProviderRegistryTest\registerProviderTest
‪registerProviderTest()
Definition: MfaProviderRegistryTest.php:53
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa\MfaProviderRegistryTest\allowedProvidersItemsProcFuncTest
‪allowedProvidersItemsProcFuncTest()
Definition: MfaProviderRegistryTest.php:159
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa\MfaProviderRegistryTest
Definition: MfaProviderRegistryTest.php:27
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa\MfaProviderRegistryTest\hasLockedProvidersTest
‪hasLockedProvidersTest()
Definition: MfaProviderRegistryTest.php:133
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa
Definition: MfaProviderPropertyManagerTest.php:18
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa\MfaProviderRegistryTest\getProviderThrowsExceptionOnInvalidIdentifierTest
‪getProviderThrowsExceptionOnInvalidIdentifierTest()
Definition: MfaProviderRegistryTest.php:76
‪TYPO3\CMS\Core\Authentication\Mfa\MfaProviderManifest
Definition: MfaProviderManifest.php:30
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa\MfaProviderRegistryTest\$subject
‪MfaProviderRegistry $subject
Definition: MfaProviderRegistryTest.php:28
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa\MfaProviderRegistryTest\getActiveProvidersTest
‪getActiveProvidersTest()
Definition: MfaProviderRegistryTest.php:92
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa\MfaProviderRegistryTest\getFirstAuthenticationAwareProviderTest
‪getFirstAuthenticationAwareProviderTest()
Definition: MfaProviderRegistryTest.php:110
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa\MfaProviderRegistryTest\lockProvider
‪lockProvider(string $provider)
Definition: MfaProviderRegistryTest.php:192
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Mfa\MfaProviderRegistryTest\$user
‪AbstractUserAuthentication $user
Definition: MfaProviderRegistryTest.php:29
‪TYPO3\CMS\Core\Authentication\AbstractUserAuthentication
Definition: AbstractUserAuthentication.php:65
‪TYPO3\CMS\Core\Authentication\Mfa\MfaProviderRegistry
Definition: MfaProviderRegistry.php:28