‪TYPO3CMS  ‪main
AuthenticationServiceTest.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
18 namespace ‪TYPO3\CMS\Core\Tests\Unit\Authentication;
19 
20 use PHPUnit\Framework\Attributes\DataProvider;
21 use PHPUnit\Framework\Attributes\Test;
22 use Psr\Log\NullLogger;
23 use ‪TYPO3\CMS\Core\Authentication\AuthenticationService;
24 use ‪TYPO3\CMS\Core\Session\UserSession;
25 use ‪TYPO3\CMS\Core\Tests\Functional\Authentication\Fixtures\AnyUserAuthentication;
26 use TYPO3\TestingFramework\Core\Unit\UnitTestCase;
27 
28 final class ‪AuthenticationServiceTest extends UnitTestCase
29 {
30  protected bool ‪$resetSingletonInstances = true;
31 
32  protected function ‪tearDown(): void
33  {
34  unset(‪$GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey']);
35  parent::tearDown();
36  }
37 
38  public static function ‪processLoginDataProvider(): array
39  {
40  return [
41  'Backend login with securityLevel "normal"' => [
42  'normal',
43  [
44  'status' => 'login',
45  'uname' => 'admin',
46  'uident' => 'password',
47  ],
48  [
49  'status' => 'login',
50  'uname' => 'admin',
51  'uident' => 'password',
52  'uident_text' => 'password',
53  ],
54  ],
55  'Frontend login with securityLevel "normal"' => [
56  'normal',
57  [
58  'status' => 'login',
59  'uname' => 'admin',
60  'uident' => 'password',
61  ],
62  [
63  'status' => 'login',
64  'uname' => 'admin',
65  'uident' => 'password',
66  'uident_text' => 'password',
67  ],
68  ],
69  'Frontend login with securityLevel "normal" and spaced passwords removes spaces' => [
70  'normal',
71  [
72  'status' => 'login',
73  'uname' => 'admin ',
74  'uident' => ' my password ',
75  ],
76  [
77  'status' => 'login',
78  'uname' => 'admin',
79  'uident' => 'my password',
80  'uident_text' => 'my password',
81  ],
82  ],
83  ];
84  }
85 
86  #[DataProvider('processLoginDataProvider')]
87  #[Test]
88  public function ‪processLoginReturnsCorrectData(string $passwordSubmissionStrategy, array ‪$loginData, array $expectedProcessedData): void
89  {
90  $subject = new ‪AuthenticationService();
91  // Login data is modified by reference
92  $subject->processLoginData(‪$loginData, $passwordSubmissionStrategy);
93  self::assertEquals($expectedProcessedData, ‪$loginData);
94  }
95 
96  #[Test]
97  public function ‪authUserReturns100IfSubmittedPasswordIsEmpty(): void
98  {
99  ‪$GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey'] = '12345';
100  $sessionId = 'f20bd8643811f5a2792605a689b619bc02caa7dc';
101  $userSession = ‪UserSession::createNonFixated($sessionId);
102  $anyUserAuthentication = new ‪AnyUserAuthentication($userSession);
103  $anyUserAuthentication->loginType = 'BE';
104  $subject = new ‪AuthenticationService();
105  $subject->initAuth('mode', ['uident_text' => '', 'uname' => 'user'], [], $anyUserAuthentication);
106  self::assertSame(100, $subject->authUser([]));
107  }
108 
109  #[Test]
110  public function ‪authUserReturns100IfUserSubmittedUsernameIsEmpty(): void
111  {
112  ‪$GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey'] = '12345';
113  $sessionId = 'f20bd8643811f5a2792605a689b619bc02caa7dc';
114  $userSession = ‪UserSession::createNonFixated($sessionId);
115  $anyUserAuthentication = new ‪AnyUserAuthentication($userSession);
116  $anyUserAuthentication->loginType = 'BE';
117  $subject = new ‪AuthenticationService();
118  $subject->initAuth('mode', ['uident_text' => 'foo', 'uname' => ''], [], $anyUserAuthentication);
119  self::assertSame(100, $subject->authUser([]));
120  }
121 
122  #[Test]
123  public function ‪authUserThrowsExceptionIfUserTableIsNotSet(): void
124  {
125  ‪$GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey'] = '12345';
126  $sessionId = 'f20bd8643811f5a2792605a689b619bc02caa7dc';
127  $userSession = ‪UserSession::createNonFixated($sessionId);
128  $anyUserAuthentication = new ‪AnyUserAuthentication($userSession);
129  $anyUserAuthentication->loginType = 'BE';
130  $subject = new ‪AuthenticationService();
131  $subject->initAuth('mode', ['uident_text' => 'password', 'uname' => 'user'], [], $anyUserAuthentication);
132  $this->expectException(\RuntimeException::class);
133  $this->expectExceptionCode(1533159150);
134  $subject->authUser([]);
135  }
136 
137  #[Test]
138  public function ‪authUserThrowsExceptionIfPasswordInDbDoesNotResolveToAValidHash(): void
139  {
140  ‪$GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey'] = '12345';
141  $sessionId = 'f20bd8643811f5a2792605a689b619bc02caa7dc';
142  $userSession = ‪UserSession::createNonFixated($sessionId);
143  $anyUserAuthentication = new ‪AnyUserAuthentication($userSession);
144  $anyUserAuthentication->loginType = 'BE';
145  $subject = new ‪AuthenticationService();
146  $subject->setLogger(new NullLogger());
147  $subject->initAuth(
148  'authUserBE',
149  [
150  'uident_text' => 'password',
151  'uname' => 'lolli',
152  ],
153  [
154  'db_user' => ['table' => 'be_users'],
155  'HTTP_HOST' => '',
156  ],
157  $anyUserAuthentication
158  );
159  $dbUser = [
160  'password' => 'aPlainTextPassword',
161  ];
162  self::assertEquals(100, $subject->authUser($dbUser));
163  }
164 
165  #[Test]
166  public function ‪authUserReturns0IfPasswordDoesNotMatch(): void
167  {
168  ‪$GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey'] = '12345';
169  $sessionId = 'f20bd8643811f5a2792605a689b619bc02caa7dc';
170  $userSession = ‪UserSession::createNonFixated($sessionId);
171  $anyUserAuthentication = new ‪AnyUserAuthentication($userSession);
172  $anyUserAuthentication->loginType = 'BE';
173  $subject = new ‪AuthenticationService();
174  $subject->setLogger(new NullLogger());
175  $subject->initAuth(
176  'authUserBE',
177  [
178  'uident_text' => 'notMyPassword',
179  'uname' => 'lolli',
180  ],
181  [
182  'db_user' => ['table' => 'be_users'],
183  'HTTP_HOST' => '',
184  ],
185  $anyUserAuthentication
186  );
187  $dbUser = [
188  // a phpass hash of 'myPassword'
189  'password' => '$P$C/2Vr3ywuuPo5C7cs75YBnVhgBWpMP1',
190  ];
191  self::assertSame(0, $subject->authUser($dbUser));
192  }
193 
194  #[Test]
195  public function ‪authUserReturns200IfPasswordMatch(): void
196  {
197  ‪$GLOBALS['TYPO3_CONF_VARS']['SYS']['encryptionKey'] = '12345';
198  $sessionId = 'f20bd8643811f5a2792605a689b619bc02caa7dc';
199  $userSession = ‪UserSession::createNonFixated($sessionId);
200  $anyUserAuthentication = new ‪AnyUserAuthentication($userSession);
201  $anyUserAuthentication->loginType = 'BE';
202  $subject = new ‪AuthenticationService();
203  $subject->setLogger(new NullLogger());
204  $subject->initAuth(
205  'authUserBE',
206  [
207  'uident_text' => 'myPassword',
208  'uname' => 'lolli',
209  ],
210  [
211  'db_user' => ['table' => 'be_users'],
212  'HTTP_HOST' => '',
213  ],
214  $anyUserAuthentication
215  );
216  $dbUser = [
217  // an argon2id hash of 'myPassword'
218  'password' => '$argon2id$v=19$m=65536,t=16,p=1$cjBVcVJJUkxQWnFsdExsZw$Ss2WRXeeGTFerTg8EdTNE4IDcIwX6hGTvKmH6XvvFX8',
219  ];
220  self::assertSame(200, $subject->authUser($dbUser));
221  }
222 }
‪TYPO3\CMS\Core\Tests\Functional\Authentication\Fixtures\AnyUserAuthentication
Definition: AnyUserAuthentication.php:24
‪TYPO3\CMS\Core\Tests\Unit\Authentication\AuthenticationServiceTest\$resetSingletonInstances
‪bool $resetSingletonInstances
Definition: AuthenticationServiceTest.php:30
‪TYPO3\CMS\Core\Session\UserSession\createNonFixated
‪static createNonFixated(string $identifier)
Definition: UserSession.php:243
‪TYPO3\CMS\Core\Session\UserSession
Definition: UserSession.php:45
‪TYPO3\CMS\Core\Tests\Unit\Authentication
Definition: AuthenticationServiceTest.php:18
‪TYPO3\CMS\Core\Tests\Unit\Authentication\AuthenticationServiceTest\authUserReturns100IfUserSubmittedUsernameIsEmpty
‪authUserReturns100IfUserSubmittedUsernameIsEmpty()
Definition: AuthenticationServiceTest.php:110
‪TYPO3\CMS\Core\Tests\Unit\Authentication\AuthenticationServiceTest\authUserReturns200IfPasswordMatch
‪authUserReturns200IfPasswordMatch()
Definition: AuthenticationServiceTest.php:195
‪TYPO3\CMS\Core\Tests\Unit\Authentication\AuthenticationServiceTest
Definition: AuthenticationServiceTest.php:29
‪TYPO3\CMS\Core\Tests\Unit\Authentication\AuthenticationServiceTest\processLoginDataProvider
‪static processLoginDataProvider()
Definition: AuthenticationServiceTest.php:38
‪TYPO3\CMS\Core\Tests\Unit\Authentication\AuthenticationServiceTest\authUserReturns0IfPasswordDoesNotMatch
‪authUserReturns0IfPasswordDoesNotMatch()
Definition: AuthenticationServiceTest.php:166
‪TYPO3\CMS\Webhooks\Message\$loginData
‪identifier readonly UriInterface readonly array $loginData
Definition: LoginErrorOccurredMessage.php:37
‪TYPO3\CMS\Core\Authentication\AuthenticationService
Definition: AuthenticationService.php:32
‪TYPO3\CMS\Core\Tests\Unit\Authentication\AuthenticationServiceTest\authUserReturns100IfSubmittedPasswordIsEmpty
‪authUserReturns100IfSubmittedPasswordIsEmpty()
Definition: AuthenticationServiceTest.php:97
‪TYPO3\CMS\Core\Tests\Unit\Authentication\AuthenticationServiceTest\authUserThrowsExceptionIfUserTableIsNotSet
‪authUserThrowsExceptionIfUserTableIsNotSet()
Definition: AuthenticationServiceTest.php:123
‪$GLOBALS
‪$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['adminpanel']['modules']
Definition: ext_localconf.php:25
‪TYPO3\CMS\Core\Tests\Unit\Authentication\AuthenticationServiceTest\tearDown
‪tearDown()
Definition: AuthenticationServiceTest.php:32
‪TYPO3\CMS\Core\Tests\Unit\Authentication\AuthenticationServiceTest\processLoginReturnsCorrectData
‪processLoginReturnsCorrectData(string $passwordSubmissionStrategy, array $loginData, array $expectedProcessedData)
Definition: AuthenticationServiceTest.php:88
‪TYPO3\CMS\Core\Tests\Unit\Authentication\AuthenticationServiceTest\authUserThrowsExceptionIfPasswordInDbDoesNotResolveToAValidHash
‪authUserThrowsExceptionIfPasswordInDbDoesNotResolveToAValidHash()
Definition: AuthenticationServiceTest.php:138