‪TYPO3CMS  ‪main
ResetPasswordControllerTest.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
19 
20 use PHPUnit\Framework\Attributes\Test;
21 use Psr\Http\Message\ServerRequestInterface;
41 use TYPO3\TestingFramework\Core\Functional\FunctionalTestCase;
42 
43 final class ‪ResetPasswordControllerTest extends FunctionalTestCase
44 {
46  protected ServerRequestInterface ‪$request;
47 
49  'EXTENSIONS' => [
50  'backend' => [
51  'loginHighlightColor' => '#abcdef',
52  ],
53  ],
54  ];
55 
56  protected function ‪setUp(): void
57  {
58  parent::setUp();
59 
60  $passwordResetMock = $this->createMock(PasswordReset::class);
61  $passwordResetMock->method('isEnabled')->willReturn(true);
62  $passwordResetMock->method('isValidResetTokenFromRequest')->with(self::anything())->willReturn(true);
63  $passwordResetMock->method('resetPassword')->with(self::anything(), self::anything())->willReturn(true);
64 
65  $this->subject = new ‪ResetPasswordController(
66  $this->get(Context::class),
67  $this->get(Locales::class),
68  $this->get(Features::class),
69  $this->get(UriBuilder::class),
70  $this->get(PageRenderer::class),
71  $passwordResetMock,
72  $this->get(Typo3Information::class),
73  $this->get(AuthenticationStyleInformation::class),
75  $this->get(BackendViewFactory::class),
76  );
77 
78  $this->request = (new ‪ServerRequest('https://example.com/typo3/'))
79  ->withAttribute('applicationType', ‪SystemEnvironmentBuilder::REQUESTTYPE_BE)
80  ->withAttribute('route', new ‪Route('path', ['packageName' => 'typo3/cms-backend']));
81 
82  ‪$GLOBALS['BE_USER'] = new ‪BackendUserAuthentication();
83  ‪$GLOBALS['BE_USER']->initializeUserSessionManager();
84  ‪$GLOBALS['LANG'] = GeneralUtility::makeInstance(LanguageServiceFactory::class)->create('default');
85  }
86 
87  #[Test]
89  {
90  $backendUser = new ‪BackendUserAuthentication();
91  $backendUser->user['uid'] = 13;
92  GeneralUtility::makeInstance(Context::class)->setAspect('backend.user', new ‪UserAspect($backendUser));
93 
94  $this->expectExceptionCode(1618342858);
95  $this->expectException(PropagateResponseException::class);
96  ‪$GLOBALS['TYPO3_REQUEST'] = ‪$this->request;
97  $this->subject->forgetPasswordFormAction($this->request);
98  }
99 
100  #[Test]
101  public function ‪customStylingIsApplied(): void
102  {
104  ‪$GLOBALS['TYPO3_REQUEST'] = ‪$request;
105  $response = $this->subject->forgetPasswordFormAction(‪$request)->getBody()->__toString();
106  self::assertStringContainsString('/*loginHighlightColor*/', $response);
107  self::assertMatchesRegularExpression('/\.btn-login { background-color: #abcdef; }.*\.card-login \.card-footer { border-color: #abcdef; }/s', $response);
108  }
109 
110  #[Test]
111  public function ‪queryArgumentsAreKept(): void
112  {
113  $queryParams = [
114  'loginProvider' => '123456789',
115  'redirect' => 'web_list',
116  'redirectParams' => 'id=123',
117  ];
118  ‪$request = $this->request->withQueryParams($queryParams);
119  ‪$GLOBALS['TYPO3_REQUEST'] = ‪$request;
120 
121  // Both views supply "go back" links which should contain the defined queryParams
122  $expected = htmlspecialchars(http_build_query($queryParams));
123 
124  self::assertStringContainsString($expected, $this->subject->forgetPasswordFormAction(‪$request)->getBody()->__toString());
125  self::assertStringContainsString($expected, $this->subject->initiatePasswordResetAction(‪$request)->getBody()->__toString());
126  self::assertStringContainsString($expected, $this->subject->passwordResetAction(‪$request)->getBody()->__toString());
127  }
128 
129  #[Test]
131  {
132  $start = microtime(true);
134  ‪$GLOBALS['TYPO3_REQUEST'] = ‪$request;
135  $this->subject->initiatePasswordResetAction(‪$request);
136  self::assertGreaterThan(0.2, microtime(true) - $start);
137  }
138 
139  #[Test]
141  {
142  ‪$request = $this->request->withParsedBody(['email' => 'email..email@example.com']);
143  ‪$GLOBALS['TYPO3_REQUEST'] = ‪$request;
144  self::assertStringContainsString(
145  'The entered email address is invalid. Please try again.',
146  $this->subject->initiatePasswordResetAction(‪$request)->getBody()->__toString()
147  );
148  }
149 
150  #[Test]
152  {
153  $queryParams = [
154  't' => 'some-token-123',
155  'i' => 'some-identifier-456',
156  'e' => '1618401660',
157  ];
158  ‪$request = $this->request->withQueryParams($queryParams);
159  ‪$GLOBALS['TYPO3_REQUEST'] = ‪$request;
160 
161  // Expect the form action to contain the necessary reset query params
162  $expected = '<form action="/typo3/login/password-reset/finish?' . htmlspecialchars(http_build_query($queryParams));
163 
164  self::assertStringContainsString($expected, $this->subject->passwordResetAction(‪$request)->getBody()->__toString());
165  }
166 }
‪TYPO3\CMS\Core\Localization\LanguageServiceFactory
Definition: LanguageServiceFactory.php:25
‪TYPO3\CMS\Backend\View\AuthenticationStyleInformation
Definition: AuthenticationStyleInformation.php:32
‪TYPO3\CMS\Core\Information\Typo3Information
Definition: Typo3Information.php:28
‪TYPO3\CMS\Backend\View\BackendViewFactory
Definition: BackendViewFactory.php:35
‪TYPO3\CMS\Core\Configuration\ExtensionConfiguration
Definition: ExtensionConfiguration.php:47
‪TYPO3\CMS\Core\Core\SystemEnvironmentBuilder
Definition: SystemEnvironmentBuilder.php:41
‪TYPO3\CMS\Backend\Tests\Functional\Controller\ResetPasswordControllerTest\initiatePasswordResetPreventsTimeBasedInformationDisclosure
‪initiatePasswordResetPreventsTimeBasedInformationDisclosure()
Definition: ResetPasswordControllerTest.php:130
‪TYPO3\CMS\Backend\Authentication\PasswordReset
Definition: PasswordReset.php:65
‪TYPO3\CMS\Backend\Tests\Functional\Controller\ResetPasswordControllerTest\throwsPropagateResponseExceptionOnLoggedInUser
‪throwsPropagateResponseExceptionOnLoggedInUser()
Definition: ResetPasswordControllerTest.php:88
‪TYPO3\CMS\Backend\Tests\Functional\Controller\ResetPasswordControllerTest\customStylingIsApplied
‪customStylingIsApplied()
Definition: ResetPasswordControllerTest.php:101
‪TYPO3\CMS\Backend\Tests\Functional\Controller\ResetPasswordControllerTest\$configurationToUseInTestInstance
‪array $configurationToUseInTestInstance
Definition: ResetPasswordControllerTest.php:48
‪TYPO3\CMS\Core\Core\SystemEnvironmentBuilder\REQUESTTYPE_BE
‪const REQUESTTYPE_BE
Definition: SystemEnvironmentBuilder.php:45
‪TYPO3\CMS\Core\Localization\Locales
Definition: Locales.php:36
‪TYPO3\CMS\Backend\Tests\Functional\Controller\ResetPasswordControllerTest
Definition: ResetPasswordControllerTest.php:44
‪TYPO3\CMS\Backend\Routing\Route
Definition: Route.php:24
‪TYPO3\CMS\Core\Context\Context
Definition: Context.php:54
‪TYPO3\CMS\Core\Page\PageRenderer
Definition: PageRenderer.php:44
‪TYPO3\CMS\Backend\Tests\Functional\Controller\ResetPasswordControllerTest\queryArgumentsAreKept
‪queryArgumentsAreKept()
Definition: ResetPasswordControllerTest.php:111
‪TYPO3\CMS\Backend\Tests\Functional\Controller\ResetPasswordControllerTest\initiatePasswordResetValidatesGivenEmailAddress
‪initiatePasswordResetValidatesGivenEmailAddress()
Definition: ResetPasswordControllerTest.php:140
‪TYPO3\CMS\Backend\Tests\Functional\Controller\ResetPasswordControllerTest\$subject
‪ResetPasswordController $subject
Definition: ResetPasswordControllerTest.php:45
‪TYPO3\CMS\Backend\Routing\UriBuilder
Definition: UriBuilder.php:44
‪TYPO3\CMS\Core\Configuration\Features
Definition: Features.php:56
‪TYPO3\CMS\Core\Http\ServerRequest
Definition: ServerRequest.php:39
‪TYPO3\CMS\Core\Authentication\BackendUserAuthentication
Definition: BackendUserAuthentication.php:62
‪TYPO3\CMS\Backend\Tests\Functional\Controller\ResetPasswordControllerTest\$request
‪ServerRequestInterface $request
Definition: ResetPasswordControllerTest.php:46
‪TYPO3\CMS\Backend\Tests\Functional\Controller\ResetPasswordControllerTest\resetPasswordFormUrlContainsQueryParameters
‪resetPasswordFormUrlContainsQueryParameters()
Definition: ResetPasswordControllerTest.php:151
‪TYPO3\CMS\Core\Http\PropagateResponseException
Definition: PropagateResponseException.php:47
‪TYPO3\CMS\Backend\Controller\ResetPasswordController
Definition: ResetPasswordController.php:51
‪$GLOBALS
‪$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['adminpanel']['modules']
Definition: ext_localconf.php:25
‪TYPO3\CMS\Core\Utility\GeneralUtility
Definition: GeneralUtility.php:52
‪TYPO3\CMS\Backend\Tests\Functional\Controller
Definition: BackendControllerTest.php:18
‪TYPO3\CMS\Core\Context\UserAspect
Definition: UserAspect.php:37
‪TYPO3\CMS\Backend\Tests\Functional\Controller\ResetPasswordControllerTest\setUp
‪setUp()
Definition: ResetPasswordControllerTest.php:56