/** * @test */ public function tokenCanBeCastToString() { $arguments = []; $arguments['__authentication']['TYPO3']['Flow']['Security']['Authentication']['Token']['UsernamePassword']['username'] = '******'; $arguments['__authentication']['TYPO3']['Flow']['Security']['Authentication']['Token']['UsernamePassword']['password'] = '******'; $this->mockHttpRequest->expects($this->atLeastOnce())->method('getMethod')->will($this->returnValue('POST')); $this->mockActionRequest->expects($this->atLeastOnce())->method('getInternalArguments')->will($this->returnValue($arguments)); $this->token->updateCredentials($this->mockActionRequest); $this->assertEquals('Username: "******"', (string) $this->token); }
/** * @test */ public function authenticationFailsWithWrongCredentialsInAnUsernamePasswordToken() { $this->mockHashService->expects($this->once())->method('validatePassword')->with('wrong password', '8bf0abbb93000e2e47f0e0a80721e834,80f117a78cff75f3f73793fd02aa9086')->will($this->returnValue(false)); $this->mockAccount->expects($this->once())->method('getCredentialsSource')->will($this->returnValue('8bf0abbb93000e2e47f0e0a80721e834,80f117a78cff75f3f73793fd02aa9086')); $this->mockAccountRepository->expects($this->once())->method('findActiveByAccountIdentifierAndAuthenticationProviderName')->with('admin', 'myProvider')->will($this->returnValue($this->mockAccount)); $this->mockToken->expects($this->once())->method('getCredentials')->will($this->returnValue(['username' => 'admin', 'password' => 'wrong password'])); $this->mockToken->expects($this->at(2))->method('setAuthenticationStatus')->with(\Neos\Flow\Security\Authentication\TokenInterface::NO_CREDENTIALS_GIVEN); $this->mockToken->expects($this->at(3))->method('setAuthenticationStatus')->with(\Neos\Flow\Security\Authentication\TokenInterface::WRONG_CREDENTIALS); $this->persistedUsernamePasswordProvider->authenticate($this->mockToken); }
/** * @test */ public function authenticationWithCorrectCredentialsResetsFailedAuthenticationCount() { $this->authenticationToken->_set('credentials', ['username' => 'username', 'password' => 'wrongPW']); $this->persistedUsernamePasswordProvider->authenticate($this->authenticationToken); $account = $this->accountRepository->findActiveByAccountIdentifierAndAuthenticationProviderName('username', 'myTestProvider'); $this->assertEquals(1, $account->getFailedAuthenticationCount()); $this->authenticationToken->_set('credentials', ['username' => 'username', 'password' => 'password']); $this->persistedUsernamePasswordProvider->authenticate($this->authenticationToken); $account = $this->accountRepository->findActiveByAccountIdentifierAndAuthenticationProviderName('username', 'myTestProvider'); $this->assertEquals((new \DateTime())->format(\DateTime::W3C), $account->getLastSuccessfulAuthenticationDate()->format(\DateTime::W3C)); $this->assertEquals(0, $account->getFailedAuthenticationCount()); }
/** * @test */ public function shutdownCreatesSpecialDataEntryForSessionWithAuthenticatedAccounts() { $session = new Session(); $this->inject($session, 'bootstrap', $this->mockBootstrap); $this->inject($session, 'objectManager', $this->mockObjectManager); $this->inject($session, 'settings', $this->settings); $this->inject($session, 'metaDataCache', $this->createCache('Meta')); $this->inject($session, 'storageCache', $this->createCache('Storage')); $session->initializeObject(); $session->start(); $account = new Account(); $account->setAccountIdentifier('admin'); $account->setAuthenticationProviderName('MyProvider'); $token = new UsernamePassword(); $token->setAuthenticationStatus(TokenInterface::AUTHENTICATION_SUCCESSFUL); $token->setAccount($account); $this->mockSecurityContext->expects($this->any())->method('isInitialized')->will($this->returnValue(true)); $this->mockSecurityContext->expects($this->any())->method('getAuthenticationTokens')->will($this->returnValue([$token])); $session->close(); $this->httpRequest->setCookie($this->httpResponse->getCookie('TYPO3_Flow_Session')); $session->resume(); $this->assertEquals(['MyProvider:admin'], $session->getData('TYPO3_Flow_Security_Accounts')); }