Example #1
0
 /**
  * @expectedException \Sabre\DAV\Exception\NotAuthenticated
  * @expectedExceptionMessage Username or password does not match
  */
 public function testAuthenticateInvalidCredentials()
 {
     $server = $this->getMockBuilder('\\Sabre\\DAV\\Server')->disableOriginalConstructor()->getMock();
     $server->httpRequest = $this->getMockBuilder('\\Sabre\\HTTP\\RequestInterface')->disableOriginalConstructor()->getMock();
     $server->httpRequest->expects($this->once())->method('getHeader')->with('Authorization')->will($this->returnValue('basic dXNlcm5hbWU6cGFzc3dvcmQ='));
     $server->httpResponse = $this->getMockBuilder('\\Sabre\\HTTP\\ResponseInterface')->disableOriginalConstructor()->getMock();
     $this->userSession->expects($this->once())->method('login')->with('username', 'password')->will($this->returnValue(false));
     $this->auth->authenticate($server, 'TestRealm');
 }
Example #2
0
 public function testAuthenticateInvalidCredentials()
 {
     $server = $this->getMockBuilder('\\Sabre\\DAV\\Server')->disableOriginalConstructor()->getMock();
     $server->httpRequest = $this->getMockBuilder('\\Sabre\\HTTP\\RequestInterface')->disableOriginalConstructor()->getMock();
     $server->httpRequest->expects($this->at(0))->method('getHeader')->with('X-Requested-With')->will($this->returnValue(null));
     $server->httpRequest->expects($this->at(1))->method('getHeader')->with('Authorization')->will($this->returnValue('basic dXNlcm5hbWU6cGFzc3dvcmQ='));
     $server->httpResponse = $this->getMockBuilder('\\Sabre\\HTTP\\ResponseInterface')->disableOriginalConstructor()->getMock();
     $this->userSession->expects($this->once())->method('login')->with('username', 'password')->will($this->returnValue(false));
     $response = $this->auth->check($server->httpRequest, $server->httpResponse);
     $this->assertEquals([false, 'Username or password was incorrect'], $response);
 }
Example #3
0
 private function protectAgainstCSRF()
 {
     $user = $this->auth->getCurrentUser();
     if ($this->auth->isDavAuthenticated($user)) {
         return true;
     }
     if ($this->request->passesCSRFCheck()) {
         return true;
     }
     throw new BadRequest();
 }