diff --git a/library/Icinga/Test/Authentication/BackendMock.php b/library/Icinga/Test/Authentication/BackendMock.php deleted file mode 100644 index b24218bda..000000000 --- a/library/Icinga/Test/Authentication/BackendMock.php +++ /dev/null @@ -1,119 +0,0 @@ - - * @license http://www.gnu.org/licenses/gpl-2.0.txt GPL, version 2 - * @author Icinga Development Team - * - */ -// {{{ICINGA_LICENSE_HEADER}}} - -namespace Icinga\Test\Authentication; - -use Icinga\Test\BaseTestCase; - - -use \Zend_Config; -use \Icinga\Authentication\Credential; -use \Icinga\Authentication\UserBackend as UserBackend; -use \Icinga\User; - -/** -* Simple backend mock that takes an config object -* with the property "credentials", which is an array -* of Credential this backend authenticates -**/ -class BackendMock implements UserBackend -{ - public $allowedCredentials = array(); - public $name; - - public function __construct(Zend_Config $config = null) - { - if ($config === null) { - return; - } - - if (isset ($config->credentials)) { - $this->allowedCredentials = $config->credentials; - } - - if ($config->name) { - $this->name = $config->name; - } else { - $this->name = 'TestBackendMock-' . uniqid(); - } - } - - public function hasUsername(Credential $userCredentials) - { - foreach ($this->allowedCredentials as $credential) { - if ($credential->getUsername() == $userCredentials->getUsername()) { - return true; - } - } - return false; - } - - /** - * Name of the backend - * - * @return string - */ - public function getName() - { - return $this->name; - } - - public static function getDummyUser() - { - return new User( - 'Username', - 'Firstname', - 'Lastname', - 'user@test.local' - ); - } - - public function getUserCount() { - return count($this->allowedCredentials); - } - - public function authenticate(Credential $credentials) - { - if (!in_array($credentials, $this->allowedCredentials)) { - return; - } - - return self::getDummyUser(); - } - - public function setCredentials(array $credentials) - { - $this->allowedCredentials = $credentials; - } - - public function connect() - { - - } -} diff --git a/library/Icinga/Test/Authentication/ErrorProneBackendMock.php b/library/Icinga/Test/Authentication/ErrorProneBackendMock.php deleted file mode 100644 index 655c6558e..000000000 --- a/library/Icinga/Test/Authentication/ErrorProneBackendMock.php +++ /dev/null @@ -1,122 +0,0 @@ - - * @license http://www.gnu.org/licenses/gpl-2.0.txt GPL, version 2 - * @author Icinga Development Team - * - */ -// {{{ICINGA_LICENSE_HEADER}}} - -namespace Icinga\Test\Authentication; - -use Icinga\Test\BaseTestCase; - - -use \Exception; -use \Zend_Config; -use \Icinga\Authentication\Credential; -use \Icinga\Authentication\UserBackend as UserBackend; -use \Icinga\User; - -/** - * Simple backend mock that takes an config object - * with the property "credentials", which is an array - * of Credential this backend authenticates - **/ -class ErrorProneBackendMock implements UserBackend -{ - public static $throwOnCreate = false; - - public $name; - - /** - * Creates a new object - * - * @param Zend_Config $config - * @throws Exception - */ - public function __construct(Zend_Config $config) - { - if (self::$throwOnCreate === true) { - throw new Exception('__construct error: Could not create'); - } - - if ($config->name) { - $this->name = $config->name; - } else { - $this->name = 'TestBackendErrorProneMock-' . uniqid(); - } - } - - /** - * Test if the username exists - * - * @param Credential $credentials - * - * @return bool - * @throws Exception - */ - public function hasUsername(Credential $credentials) - { - throw new Exception('hasUsername error: ' . $credentials->getUsername()); - } - - /** - * Authenticate - * - * @param Credential $credentials - * - * @return User - * @throws Exception - */ - public function authenticate(Credential $credentials) - { - throw new Exception('authenticate error: ' . $credentials->getUsername()); - } - - /** - * Name of the backend - * - * @return string - */ - public function getName() - { - return $this->name; - } - - /** - * Get the number of users available through this backend - * - * @return int - * @throws Exception - */ - public function getUserCount() - { - throw new Exception('getUserCount error: No users in this error prone backend'); - } - - public function connect() - { - - } -} diff --git a/library/Icinga/Test/Authentication/SessionMock.php b/library/Icinga/Test/Authentication/SessionMock.php deleted file mode 100644 index 9eb24c2d0..000000000 --- a/library/Icinga/Test/Authentication/SessionMock.php +++ /dev/null @@ -1,76 +0,0 @@ - - * @license http://www.gnu.org/licenses/gpl-2.0.txt GPL, version 2 - * @author Icinga Development Team - * - */ -// {{{ICINGA_LICENSE_HEADER}}} - -namespace Icinga\Test\Authentication; - -use Icinga\Web\Session\Session; - -class SessionMock extends Session -{ - public $isOpen = false; - public $isWritten = false; - - public function open() - { - if (!$this->isOpen && $this->isWritten) { - throw new \Exception("Session write after close"); - } - $this->isOpen = true; - } - - public function read($keepOpen = false) - { - $this->open(); - if (!$keepOpen) { - $this->close(); - } - } - - public function write($keepOpen = false) - { - $this->open(); - if (!$keepOpen) { - $this->close(); - } - } - - public function close() - { - $this->isOpen = false; - $this->isWritten = true; - } - - public function purge() - { - } - - public function refreshId() - { - } -} diff --git a/test/php/library/Icinga/Authentication/DbUserBackendTest.php b/test/php/library/Icinga/Authentication/DbUserBackendTest.php deleted file mode 100644 index d6c81cd78..000000000 --- a/test/php/library/Icinga/Authentication/DbUserBackendTest.php +++ /dev/null @@ -1,232 +0,0 @@ - 'user1', - self::PASSWORD_COLUMN => 'secret1', - self::SALT_COLUMN => '8a7487a539c5d1d6766639d04d1ed1e6', - self::ACTIVE_COLUMN => 1 - ), - array( - self::USER_NAME_COLUMN => 'user2', - self::PASSWORD_COLUMN => 'secret2', - self::SALT_COLUMN => '04b5521ddd761b5a5b633be83faa494d', - self::ACTIVE_COLUMN => 1 - ), - array( - self::USER_NAME_COLUMN => 'user3', - self::PASSWORD_COLUMN => 'secret3', - self::SALT_COLUMN => '08bb94ba3120338ae56db80ef551d324', - self::ACTIVE_COLUMN => 0 - ) - ); - - /** - * Test the authentication functions of the DbUserBackend using PostgreSQL as backend. - * - * @dataProvider pgsqlDb - */ - public function testCorrectUserLoginForPgsql($resource) - { - $this->setupDbProvider($resource); - $backend = new DbUserBackend($resource); - $this->runBackendAuthentication($backend); - $this->runBackendUsername($backend); - } - - /** - * Test the authentication functions of the DbUserBackend using MySQL as backend. - * - * @dataProvider mysqlDb - */ - public function testCorrectUserLoginForMySQL($resource) - { - $this->setupDbProvider($resource); - $backend = new DbUserBackend($resource); - $this->runBackendAuthentication($backend); - $this->runBackendUsername($backend); - } - - /** - * @param Connection $resource - */ - public function setupDbProvider($resource) - { - parent::setupDbProvider($resource); - - $adapter = $resource->getConnection(); - $type = $adapter->getConnection()->getAttribute(PDO::ATTR_DRIVER_NAME); - - $dumpFile = BaseTestCase::$etcDir . '/schema/accounts.' . $type . '.sql'; - - $this->assertFileExists($dumpFile); - - $this->loadSql($resource, $dumpFile); - - for ($i = 0; $i < count($this->userData); $i++) { - $usr = $this->userData[$i]; - $data = array( - self::USER_NAME_COLUMN => $usr[self::USER_NAME_COLUMN], - self::PASSWORD_COLUMN => hash_hmac( - 'sha256', - $usr[self::PASSWORD_COLUMN], - $usr[self::SALT_COLUMN] - ), - self::ACTIVE_COLUMN => $usr[self::ACTIVE_COLUMN], - self::SALT_COLUMN => $usr[self::SALT_COLUMN] - ); - $adapter->insert($this->testTable, $data); - } - } - - /** - * Run the hasUsername test against an instance of DbUserBackend - * - * @param DbUserBackend $backend The backend that will be tested. - */ - private function runBackendUsername($backend) - { - $this->markTestSkipped('I do not know where Credential is located'); - // Known user - $this->assertTrue( - $backend->hasUsername( - new Credential( - $this->userData[0][self::USER_NAME_COLUMN], - $this->userData[0][self::PASSWORD_COLUMN] - ) - ), - 'Assert that the user is known by the backend' - ); - - // Unknown user - $this->assertFalse( - $backend->hasUsername( - new Credential( - 'unknown user', - 'secret' - ) - ), - 'Assert that the user is not known by the backend' - ); - - // Inactive user - $this->assertFalse( - $backend->hasUsername( - new Credential( - $this->userData[2][self::USER_NAME_COLUMN], - $this->userData[2][self::PASSWORD_COLUMN] - ) - ), - 'Assert that the user is inactive and therefore not known by the backend' - ); - } - - /** - * Run the authentication test against an instance of DbUserBackend - * - * @param DbUserBackend $backend The backend that will be tested. - */ - private function runBackendAuthentication($backend) - { - $this->markTestSkipped('I do not know where Credential is located'); - // Known user - $this->assertNotNull( - $backend->authenticate( - new Credential( - $this->userData[0][self::USER_NAME_COLUMN], - $this->userData[0][self::PASSWORD_COLUMN] - ) - ), - 'Assert that an existing, active user with the right credentials can authenticate.' - ); - - // Wrong password - $this->assertNull( - $backend->authenticate( - new Credential( - $this->userData[1][self::USER_NAME_COLUMN], - 'wrongpassword' - ) - ), - 'Assert that an existing user with an invalid password cannot authenticate' - ); - - // Nonexisting user - $this->assertNull( - $backend->authenticate( - new Credential( - 'nonexisting user', - $this->userData[1][self::PASSWORD_COLUMN] - ) - ), - 'Assert that a non-existing user cannot authenticate.' - ); - - // Inactive user - $this->assertNull( - $backend->authenticate( - new Credential( - $this->userData[2][self::USER_NAME_COLUMN], - $this->userData[2][self::PASSWORD_COLUMN] - ) - ), - 'Assert that an inactive user cannot authenticate.' - ); - } - - /** - * @dataProvider mysqlDb - */ - public function testCountUsersMySql($resource) - { - $this->setupDbProvider($resource); - $backend = new DbUserBackend($resource); - - $this->assertGreaterThan(0, $backend->count()); - } - - /** - * @dataProvider pgsqlDb - */ - public function testCountUsersPgSql($resource) - { - $this->setupDbProvider($resource); - $backend = new DbUserBackend($resource); - - $this->assertGreaterThan(0, $backend->count()); - } -} diff --git a/test/php/library/Icinga/Authentication/LdapUserBackendTest.php b/test/php/library/Icinga/Authentication/LdapUserBackendTest.php deleted file mode 100644 index c51b9d600..000000000 --- a/test/php/library/Icinga/Authentication/LdapUserBackendTest.php +++ /dev/null @@ -1,193 +0,0 @@ - array( - 'cn' => 'Richard Miles', - 'sn' => 'Miles', - 'objectclass' => 'inetOrgPerson', - 'givenName' => 'Richard', - 'mail' => 'richard@doe.local', - 'uid' => 'rmiles', - 'userPassword' => 'passrmiles' - ), - 'cn=Jane Woe,ou=icinga-unittest,dc=icinga,dc=org' => array( - 'cn' => 'Jane Woe', - 'sn' => 'Woe', - 'objectclass' => 'inetOrgPerson', - 'givenName' => 'Jane', - 'mail' => 'jane@woe.local', - 'uid' => 'jwoe', - 'userPassword' => 'passjwoe' - ) - ); - - private $baseOu = array( - 'ou=icinga-unittest,dc=icinga,dc=org' => array( - 'objectclass' => 'organizationalUnit', - 'ou' => 'icinga-unittest' - ) - ); - - private function getLDAPConnection() - { - $ldapConn = ldap_connect('localhost', 389); - - if (!$ldapConn) { - $this->markTestSkipped('Could not connect to test-ldap server, skipping test'); - } - $bind = @ldap_bind($ldapConn, self::ADMIN_DN, self::ADMIN_PASS); - - if (!$bind) { - $this->markTestSkipped('Could not bind to test-ldap server, skipping test'); - } - - return $ldapConn; - } - - private function clearTestData($connection) - { - foreach ($this->users as $ou => $info) { - @ldap_delete($connection, $ou); - } - - foreach ($this->baseOu as $ou => $info) { - @ldap_delete($connection, $ou); - } - } - - private function insertTestData($connection) - { - foreach ($this->baseOu as $ou => $info) { - if (ldap_add($connection, $ou, $info) === false) { - $this->markTestSkipped('Couldn\'t set up test-ldap users, skipping test'); - } - } - - foreach ($this->users as $ou => $info) { - if (ldap_add($connection, $ou, $info) === false) { - $this->markTestSkipped('Couldn\'t set up test-ldap users, skipping test'); - } - } - } - - public function setUp() - { - parent::setUp(); - - $conn = $this->getLDAPConnection(); - $this->clearTestData($conn); - $this->insertTestData($conn); - - $result = ldap_list($conn, 'ou=icinga-unittest, dc=icinga, dc=org', '(cn=Richard Miles)'); - - if (ldap_count_entries($conn, $result) < 1) { - $this->markTestSkipped('Couldn\'t set up test users, skipping test'); - } - - $result = ldap_list($conn, 'ou=icinga-unittest, dc=icinga, dc=org', '(cn=Jane Woe)'); - - if (ldap_count_entries($conn, $result) < 1) { - $this->markTestSkipped('Couldn\'t set up test users, skipping test'); - } - - ldap_close($conn); - } - - public function tearDown() - { - parent::tearDown(); - $conn = $this->getLDAPConnection(); - - // $this->clearTestData($conn); - ldap_close($conn); - } - - /** - * Create a backend config and initialise the LdapConnection to the testing backend manually, - * to prevent the LdapUserBackend from calling the unitialised ResourceFactory - * - * @return Zend_Config The authentication backend configuration - */ - private function createBackendConfig() - { - $resourceConfig = new Zend_Config( - array( - 'hostname' => 'localhost', - 'root_dn' => 'ou=icinga-unittest,dc=icinga,dc=org', - 'bind_dn' => 'cn=admin,cn=config', - 'bind_pw' => 'admin' - ) - ); - $backendConfig = new Zend_Config( - array( - 'resource' => new LdapConnection($resourceConfig), - 'target' => 'user', - 'user_class' => 'inetOrgPerson', - 'user_name_attribute' => 'uid' - ) - ); - return $backendConfig; - } - - /** - * Test for LdapUserBackend::HasUsername() - **/ - public function testHasUsername() - { - $this->markTestSkipped('Backend creation has been decoupled'); - $backend = new LdapUserBackend($this->createBackendConfig()); - $this->assertTrue($backend->hasUsername(new Credential('jwoe'))); - $this->assertTrue($backend->hasUsername(new Credential('rmiles'))); - $this->assertFalse($backend->hasUsername(new Credential('DoesNotExist'))); - } - - /** - * Test for LdapUserBackend::Authenticate() - */ - public function testAuthenticate() - { - $this->markTestSkipped('Backend creation has been decoupled'); - $backend = new LdapUserBackend($this->createBackendConfig()); - - $this->assertInstanceOf( - '\Icinga\User', - $backend->authenticate(new Credential('jwoe', 'passjwoe')) - ); - - $this->assertNull($backend->authenticate(new Credential('jwoe', 'passjwoe22'))); - - $this->assertInstanceOf( - '\Icinga\User', - $backend->authenticate(new Credential('rmiles', 'passrmiles')) - ); - - $this->assertNull($backend->authenticate(new Credential('rmiles', 'passrmiles33'))); - } - - /** - * @expectedException Exception - * @expectedExceptionMessage Cannot fetch single DN for - */ - public function testAuthenticateUnknownUser() - { - $this->markTestSkipped('Backend creation has been decoupled'); - $backend = new LdapUserBackend($this->createBackendConfig()); - $this->assertFalse($backend->authenticate(new Credential('unknown123', 'passunknown123'))); - } -} diff --git a/test/php/library/Icinga/Authentication/ManagerTest.php b/test/php/library/Icinga/Authentication/ManagerTest.php deleted file mode 100644 index 03ba70fc3..000000000 --- a/test/php/library/Icinga/Authentication/ManagerTest.php +++ /dev/null @@ -1,303 +0,0 @@ -allowedCredentials = $this->getTestCredentials(); - $manager->addUserBackend($backend); - } - - return $manager; - } - - public function testManagerInstanciation() - { - $this->markTestSkipped('ErrorProneBackendMock, SessionMock and BackendMock are faulty'); - $authMgr = $this->getManagerInstance(); - $this->assertSame($authMgr, AuthManager::getInstance()); - } - - public function testManagerProducingDependencies() - { - $this->markTestSkipped('ErrorProneBackendMock, SessionMock and BackendMock are faulty'); - $authMgr = $this->getManagerInstance($session, true); - $this->assertSame($authMgr, AuthManager::getInstance()); - - $backend = new BackendMock(); - $backend->setCredentials($this->getTestCredentials()); - - $authMgr->addUserBackend($backend); - - $this->assertTrue( - $authMgr->authenticate( - new Credential('jdoe', 'passjdoe') - ) - ); - - $this->assertInstanceOf('Icinga\User', $authMgr->getUser()); - $this->assertSame('Username', $authMgr->getUser()->getUsername()); - - $session->isOpen = true; - $authMgr->removeAuthorization(); - - $this->assertNull($authMgr->getUser()); - } - - public function testAuthentication() - { - $this->markTestSkipped('ErrorProneBackendMock, SessionMock and BackendMock are faulty'); - $auth = $this->getManagerInstance(); - $this->assertFalse( - $auth->authenticate( - new Credential("jhoe", "passjdoe"), - false - ) - ); - $this->assertFalse( - $auth->authenticate( - new Credential("joe", "passjhoe"), - false - ) - ); - $this->assertTrue( - $auth->authenticate( - new Credential("jdoe", "passjdoe"), - false - ) - ); - } - - /** - * @expectedException Icinga\Exception\ConfigurationError - * @expectedExceptionMessage No authentication backend set - */ - public function testErrorProneBackendsFromConfigurationWhenInitiate() - { - $this->markTestSkipped('ErrorProneBackendMock, SessionMock and BackendMock are faulty'); - $managerConfig = new Zend_Config( - array( - 'provider1' => array( - 'class' => 'Icinga\Test\Authentication\ErrorProneBackendMock' - ) - ), - true - ); - - ErrorProneBackendMock::$throwOnCreate = true; - - $authManager = $this->getManagerInstance($session, true, true, $managerConfig); - - $this->assertNull( - $authManager->getUserBackend('provider1') - ); - - $authManager->authenticate( - new Credential('jdoe', 'passjdoe') - ); - } - - /** - * @expectedException Icinga\Exception\ConfigurationError - * @expectedExceptionMessage No working backend found. Unable to authenticate any - */ - public function testErrorProneBackendsFromConfigurationWhenAuthenticate() - { - $this->markTestSkipped('ErrorProneBackendMock, SessionMock and BackendMock are faulty'); - $managerConfig = new Zend_Config( - array( - 'provider1' => array( - 'class' => 'Icinga\Test\Authentication\ErrorProneBackendMock' - ), - 'provider2' => array( - 'class' => 'Icinga\Test\Authentication\ErrorProneBackendMock' - ) - ), - true - ); - - ErrorProneBackendMock::$throwOnCreate = false; - - $authManager = $this->getManagerInstance($session, false, true, $managerConfig); - - $this->assertInstanceOf( - 'Icinga\Test\Authentication\ErrorProneBackendMock', - $authManager->getUserBackend('provider1') - ); - - $this->assertInstanceOf( - 'Icinga\Test\Authentication\ErrorProneBackendMock', - $authManager->getUserBackend('provider2') - ); - - $authManager->authenticate( - new Credential('jdoe', 'passjdoe') - ); - } - - public function testAuthenticationChainWithGoodProviders() - { - $this->markTestSkipped('ErrorProneBackendMock, SessionMock and BackendMock are faulty'); - $managerConfig = new Zend_Config( - array( - 'provider1' => array( - 'name' => 'provider1', - 'class' => 'Icinga\Test\Authentication\BackendMock' - ), - 'provider2' => array( - 'name' => 'provider2', - 'class' => 'Icinga\Test\Authentication\BackendMock' - ) - ), - true - ); - - $authManager = $this->getManagerInstance($session, true, true, $managerConfig); - - $authManager->getUserBackend('provider1')->setCredentials( - array( - new Credential('p1-user1', 'p1-passwd1'), - new Credential('p1-user2', 'p1-passwd2') - ) - ); - - $authManager->getUserBackend('provider2')->setCredentials( - array( - new Credential('p2-user1', 'p2-passwd1'), - new Credential('p2-user2', 'p2-passwd2') - ) - ); - - $this->assertTrue( - $authManager->authenticate(new Credential('p2-user2', 'p2-passwd2')) - ); - } - - public function testAuthenticationChainWithBadProviders() - { - $this->markTestSkipped('ErrorProneBackendMock, SessionMock and BackendMock are faulty'); - $managerConfig = new Zend_Config( - array( - 'provider1' => array( - 'class' => 'Icinga\Test\Authentication\ErrorProneBackendMock' - ), - 'provider2' => array( - 'class' => 'Icinga\Test\Authentication\ErrorProneBackendMock' - ), - 'provider3' => array( - 'class' => 'Icinga\Test\Authentication\ErrorProneBackendMock' - ), - 'provider4' => array( - 'class' => 'Icinga\Test\Authentication\BackendMock' - ) - ), - true - ); - - $authManager = $this->getManagerInstance($session, false, true, $managerConfig); - - $this->assertInstanceOf( - 'Icinga\Test\Authentication\ErrorProneBackendMock', - $authManager->getUserBackend('provider1') - ); - - $this->assertInstanceOf( - 'Icinga\Test\Authentication\BackendMock', - $authManager->getUserBackend('provider4') - ); - - $authManager->getUserBackend('provider4')->setCredentials( - array( - new Credential('p4-user1', 'p4-passwd1'), - new Credential('p4-user2', 'p4-passwd2') - ) - ); - - $session->isOpen = true; - - $this->assertTrue( - $authManager->authenticate(new Credential('p4-user2', 'p4-passwd2')) - ); - - $session->isOpen = true; - - $this->assertTrue( - $authManager->authenticate(new Credential('p4-user1', 'p4-passwd1')) - ); - - $session->isOpen = true; - - $this->assertFalse( - $authManager->authenticate(new Credential('p4-user2', 'p4-passwd1-WRONG123123')) - ); - } - - public function testErrorConditionsInConfiguration() - { - $this->markTestSkipped('ErrorProneBackendMock, SessionMock and BackendMock are faulty'); - $managerConfig = new Zend_Config( - array( - 'provider1' => array( - 'backend' => 'db' - ), - 'provider2' => array( - 'target' => 'user' - ), - 'provider3' => array( - 'class' => 'Uhh\Ahh\WeDoNotCare123' - ) - ), - true - ); - - $authManager = $this->getManagerInstance($session, true, true, $managerConfig); - - $this->assertNull($authManager->getUserBackend('provider1')); - $this->assertNull($authManager->getUserBackend('provider2')); - $this->assertNull($authManager->getUserBackend('provider3')); - } -}