public function testLogin()
{
// Test failure when bot passwords aren't enabled
$this->setMwGlobals('wgEnableBotPasswords', false);
$status = BotPassword::login("{$this->testUserName}@BotPassword", 'foobaz', new FauxRequest());
$this->assertEquals(Status::newFatal('botpasswords-disabled'), $status);
$this->setMwGlobals('wgEnableBotPasswords', true);
// Test failure when BotPasswordSessionProvider isn't configured
$manager = new SessionManager(['logger' => new Psr\Log\NullLogger(), 'store' => new EmptyBagOStuff()]);
$reset = MediaWiki\Session\TestUtils::setSessionManagerSingleton($manager);
$this->assertNull($manager->getProvider(MediaWiki\Session\BotPasswordSessionProvider::class), 'sanity check');
$status = BotPassword::login("{$this->testUserName}@BotPassword", 'foobaz', new FauxRequest());
$this->assertEquals(Status::newFatal('botpasswords-no-provider'), $status);
ScopedCallback::consume($reset);
// Now configure BotPasswordSessionProvider for further tests...
$mainConfig = RequestContext::getMain()->getConfig();
$config = new HashConfig(['SessionProviders' => $mainConfig->get('SessionProviders') + [MediaWiki\Session\BotPasswordSessionProvider::class => ['class' => MediaWiki\Session\BotPasswordSessionProvider::class, 'args' => [['priority' => 40]]]]]);
$manager = new SessionManager(['config' => new MultiConfig([$config, RequestContext::getMain()->getConfig()]), 'logger' => new Psr\Log\NullLogger(), 'store' => new EmptyBagOStuff()]);
$reset = MediaWiki\Session\TestUtils::setSessionManagerSingleton($manager);
// No "@"-thing in the username
$status = BotPassword::login($this->testUserName, 'foobaz', new FauxRequest());
$this->assertEquals(Status::newFatal('botpasswords-invalid-name', '@'), $status);
// No base user
$status = BotPassword::login('UTDummy@BotPassword', 'foobaz', new FauxRequest());
$this->assertEquals(Status::newFatal('nosuchuser', 'UTDummy'), $status);
// No bot password
$status = BotPassword::login("{$this->testUserName}@DoesNotExist", 'foobaz', new FauxRequest());
$this->assertEquals(Status::newFatal('botpasswords-not-exist', $this->testUserName, 'DoesNotExist'), $status);
// Failed restriction
$request = $this->getMock('FauxRequest', ['getIP']);
$request->expects($this->any())->method('getIP')->will($this->returnValue('10.0.0.1'));
$status = BotPassword::login("{$this->testUserName}@BotPassword", 'foobaz', $request);
$this->assertEquals(Status::newFatal('botpasswords-restriction-failed'), $status);
// Wrong password
$status = BotPassword::login("{$this->testUserName}@BotPassword", $this->testUser->password, new FauxRequest());
$this->assertEquals(Status::newFatal('wrongpassword'), $status);
// Success!
$request = new FauxRequest();
$this->assertNotInstanceOf(MediaWiki\Session\BotPasswordSessionProvider::class, $request->getSession()->getProvider(), 'sanity check');
$status = BotPassword::login("{$this->testUserName}@BotPassword", 'foobaz', $request);
$this->assertInstanceOf('Status', $status);
$this->assertTrue($status->isGood());
$session = $status->getValue();
$this->assertInstanceOf(MediaWiki\Session\Session::class, $session);
$this->assertInstanceOf(MediaWiki\Session\BotPasswordSessionProvider::class, $session->getProvider());
$this->assertSame($session->getId(), $request->getSession()->getId());
ScopedCallback::consume($reset);
}
public function testContinueLinkAttempt()
{
$user = \User::newFromName('UTSysop');
$obj = new \stdClass();
$reqs = $this->getLinkRequests();
$done = [false, false, false];
// First, test the pass-through for not containing the ConfirmLinkAuthenticationRequest
$mock = $this->getMockBuilder(ConfirmLinkSecondaryAuthenticationProvider::class)->setMethods(['beginLinkAttempt'])->getMock();
$mock->expects($this->once())->method('beginLinkAttempt')->with($this->identicalTo($user), $this->identicalTo('state'))->will($this->returnValue($obj));
$this->assertSame($obj, \TestingAccessWrapper::newFromObject($mock)->continueLinkAttempt($user, 'state', $reqs));
// Now test the actual functioning
$provider = $this->getMockBuilder(ConfirmLinkSecondaryAuthenticationProvider::class)->setMethods(['beginLinkAttempt', 'providerAllowsAuthenticationDataChange', 'providerChangeAuthenticationData'])->getMock();
$provider->expects($this->never())->method('beginLinkAttempt');
$provider->expects($this->any())->method('providerAllowsAuthenticationDataChange')->will($this->returnCallback(function ($req) use($reqs) {
return $req->getUniqueId() === 'Request3' ? \StatusValue::newFatal('foo') : \StatusValue::newGood();
}));
$provider->expects($this->any())->method('providerChangeAuthenticationData')->will($this->returnCallback(function ($req) use(&$done) {
$done[$req->id] = true;
}));
$config = new \HashConfig(['AuthManagerConfig' => ['preauth' => [], 'primaryauth' => [], 'secondaryauth' => [['factory' => function () use($provider) {
return $provider;
}]]]]);
$request = new \FauxRequest();
$manager = new AuthManager($request, $config);
$provider->setManager($manager);
$provider = \TestingAccessWrapper::newFromObject($provider);
$req = new ConfirmLinkAuthenticationRequest($reqs);
$this->assertEquals(AuthenticationResponse::newAbstain(), $provider->continueLinkAttempt($user, 'state', [$req]));
$request->getSession()->setSecret('state', ['maybeLink' => []]);
$this->assertEquals(AuthenticationResponse::newAbstain(), $provider->continueLinkAttempt($user, 'state', [$req]));
$request->getSession()->setSecret('state', ['maybeLink' => $reqs]);
$this->assertEquals(AuthenticationResponse::newPass(), $res = $provider->continueLinkAttempt($user, 'state', [$req]));
$this->assertSame([false, false, false], $done);
$request->getSession()->setSecret('state', ['maybeLink' => [$reqs['Request2']]]);
$req->confirmedLinkIDs = ['Request1', 'Request2'];
$res = $provider->continueLinkAttempt($user, 'state', [$req]);
$this->assertEquals(AuthenticationResponse::newPass(), $res);
$this->assertSame([false, true, false], $done);
$done = [false, false, false];
$request->getSession()->setSecret('state', ['maybeLink' => $reqs]);
$req->confirmedLinkIDs = ['Request1', 'Request2'];
$res = $provider->continueLinkAttempt($user, 'state', [$req]);
$this->assertEquals(AuthenticationResponse::newPass(), $res);
$this->assertSame([true, true, false], $done);
$done = [false, false, false];
$request->getSession()->setSecret('state', ['maybeLink' => $reqs]);
$req->confirmedLinkIDs = ['Request1', 'Request3'];
$res = $provider->continueLinkAttempt($user, 'state', [$req]);
$this->assertEquals(AuthenticationResponse::UI, $res->status);
$this->assertCount(1, $res->neededRequests);
$this->assertInstanceOf(ButtonAuthenticationRequest::class, $res->neededRequests[0]);
$this->assertSame([true, false, false], $done);
$done = [false, false, false];
$res = $provider->continueLinkAttempt($user, 'state', [$res->neededRequests[0]]);
$this->assertEquals(AuthenticationResponse::newPass(), $res);
$this->assertSame([false, false, false], $done);
}