public function addDBData() { $passwordFactory = new \PasswordFactory(); $passwordFactory->init(\RequestContext::getMain()->getConfig()); // A is unsalted MD5 (thus fast) ... we don't care about security here, this is test only $passwordFactory->setDefaultType('A'); $pwhash = $passwordFactory->newFromPlaintext('foobaz'); $userId = \CentralIdLookup::factory('local')->centralIdFromName('UTSysop'); $dbw = wfGetDB(DB_MASTER); $dbw->delete('bot_passwords', array('bp_user' => $userId, 'bp_app_id' => 'BotPasswordSessionProvider'), __METHOD__); $dbw->insert('bot_passwords', array('bp_user' => $userId, 'bp_app_id' => 'BotPasswordSessionProvider', 'bp_password' => $pwhash->toString(), 'bp_token' => 'token!', 'bp_restrictions' => '{"IPAddresses":["127.0.0.0/8"]}', 'bp_grants' => '["test"]'), __METHOD__); }
/** * Set the password on a testing user * * This assumes we're still using the generic AuthManager config from * PHPUnitMaintClass::finalSetup(), and just sets the password in the * database directly. * @param User $user * @param string $password */ public static function setPasswordForUser(User $user, $password) { if (!$user->getId()) { throw new MWException("Passed User has not been added to the database yet!"); } $passwordFactory = new PasswordFactory(); $passwordFactory->init(RequestContext::getMain()->getConfig()); // A is unsalted MD5 (thus fast) ... we don't care about security here, this is test only $passwordFactory->setDefaultType('A'); $pwhash = $passwordFactory->newFromPlaintext($password); wfGetDB(DB_MASTER)->update('user', array('user_password' => $pwhash->toString()), array('user_id' => $user->getId()), __METHOD__); }
public function testBotPassword() { global $wgServer, $wgSessionProviders; if (!isset($wgServer)) { $this->markTestIncomplete('This test needs $wgServer to be set in LocalSettings.php'); } $this->setMwGlobals(array('wgSessionProviders' => array_merge($wgSessionProviders, array(array('class' => 'MediaWiki\\Session\\BotPasswordSessionProvider', 'args' => array(array('priority' => 40))))), 'wgEnableBotPasswords' => true, 'wgBotPasswordsDatabase' => false, 'wgCentralIdLookupProvider' => 'local', 'wgGrantPermissions' => array('test' => array('read' => true)))); // Make sure our session provider is present $manager = TestingAccessWrapper::newFromObject(MediaWiki\Session\SessionManager::singleton()); if (!isset($manager->sessionProviders['MediaWiki\\Session\\BotPasswordSessionProvider'])) { $tmp = $manager->sessionProviders; $manager->sessionProviders = null; $manager->sessionProviders = $tmp + $manager->getProviders(); } $this->assertNotNull(MediaWiki\Session\SessionManager::singleton()->getProvider('MediaWiki\\Session\\BotPasswordSessionProvider'), 'sanity check'); $user = self::$users['sysop']; $centralId = CentralIdLookup::factory()->centralIdFromLocalUser($user->getUser()); $this->assertNotEquals(0, $centralId, 'sanity check'); $passwordFactory = new PasswordFactory(); $passwordFactory->init(RequestContext::getMain()->getConfig()); // A is unsalted MD5 (thus fast) ... we don't care about security here, this is test only $passwordFactory->setDefaultType('A'); $pwhash = $passwordFactory->newFromPlaintext('foobaz'); $dbw = wfGetDB(DB_MASTER); $dbw->insert('bot_passwords', array('bp_user' => $centralId, 'bp_app_id' => 'foo', 'bp_password' => $pwhash->toString(), 'bp_token' => '', 'bp_restrictions' => MWRestrictions::newDefault()->toJson(), 'bp_grants' => '["test"]'), __METHOD__); $lgName = $user->username . BotPassword::getSeparator() . 'foo'; $ret = $this->doApiRequest(array('action' => 'login', 'lgname' => $lgName, 'lgpassword' => 'foobaz')); $result = $ret[0]; $this->assertNotInternalType('bool', $result); $this->assertNotInternalType('null', $result['login']); $a = $result['login']['result']; $this->assertEquals('NeedToken', $a); $token = $result['login']['token']; $ret = $this->doApiRequest(array('action' => 'login', 'lgtoken' => $token, 'lgname' => $lgName, 'lgpassword' => 'foobaz'), $ret[2]); $result = $ret[0]; $this->assertNotInternalType('bool', $result); $a = $result['login']['result']; $this->assertEquals('Success', $a); }
public function testTestUserCanAuthenticate() { $dbw = wfGetDB(DB_MASTER); $passwordFactory = new \PasswordFactory(); $passwordFactory->init(\RequestContext::getMain()->getConfig()); // A is unsalted MD5 (thus fast) ... we don't care about security here, this is test only $passwordFactory->setDefaultType('A'); $pwhash = $passwordFactory->newFromPlaintext('password')->toString(); $provider = $this->getProvider(); $providerPriv = \TestingAccessWrapper::newFromObject($provider); $this->assertFalse($provider->testUserCanAuthenticate('<invalid>')); $this->assertFalse($provider->testUserCanAuthenticate('DoesNotExist')); $dbw->update('user', ['user_newpassword' => \PasswordFactory::newInvalidPassword()->toString(), 'user_newpass_time' => null], ['user_name' => 'UTSysop']); $this->assertFalse($provider->testUserCanAuthenticate('UTSysop')); $dbw->update('user', ['user_newpassword' => $pwhash, 'user_newpass_time' => null], ['user_name' => 'UTSysop']); $this->assertTrue($provider->testUserCanAuthenticate('UTSysop')); $this->assertTrue($provider->testUserCanAuthenticate('uTSysop')); $dbw->update('user', ['user_newpassword' => $pwhash, 'user_newpass_time' => $dbw->timestamp(time() - 10)], ['user_name' => 'UTSysop']); $providerPriv->newPasswordExpiry = 100; $this->assertTrue($provider->testUserCanAuthenticate('UTSysop')); $providerPriv->newPasswordExpiry = 1; $this->assertFalse($provider->testUserCanAuthenticate('UTSysop')); $dbw->update('user', ['user_newpassword' => \PasswordFactory::newInvalidPassword()->toString(), 'user_newpass_time' => null], ['user_name' => 'UTSysop']); }
/** * @dataProvider provideSave * @param string|null $password */ public function testSave($password) { $passwordFactory = new \PasswordFactory(); $passwordFactory->init(\RequestContext::getMain()->getConfig()); // A is unsalted MD5 (thus fast) ... we don't care about security here, this is test only $passwordFactory->setDefaultType('A'); $bp = BotPassword::newUnsaved(array('centralId' => 42, 'appId' => 'TestSave', 'restrictions' => MWRestrictions::newFromJson('{"IPAddresses":["127.0.0.0/8"]}'), 'grants' => array('test'))); $this->assertFalse($bp->isSaved(), 'sanity check'); $this->assertNull(BotPassword::newFromCentralId(42, 'TestSave', BotPassword::READ_LATEST), 'sanity check'); $pwhash = $password ? $passwordFactory->newFromPlaintext($password) : null; $this->assertFalse($bp->save('update', $pwhash)); $this->assertTrue($bp->save('insert', $pwhash)); $bp2 = BotPassword::newFromCentralId(42, 'TestSave', BotPassword::READ_LATEST); $this->assertInstanceOf('BotPassword', $bp2); $this->assertEquals($bp->getUserCentralId(), $bp2->getUserCentralId()); $this->assertEquals($bp->getAppId(), $bp2->getAppId()); $this->assertEquals($bp->getToken(), $bp2->getToken()); $this->assertEquals($bp->getRestrictions(), $bp2->getRestrictions()); $this->assertEquals($bp->getGrants(), $bp2->getGrants()); $pw = TestingAccessWrapper::newFromObject($bp)->getPassword(); if ($password === null) { $this->assertInstanceOf('InvalidPassword', $pw); } else { $this->assertTrue($pw->equals($password)); } $token = $bp->getToken(); $this->assertFalse($bp->save('insert')); $this->assertTrue($bp->save('update')); $this->assertNotEquals($token, $bp->getToken()); $bp2 = BotPassword::newFromCentralId(42, 'TestSave', BotPassword::READ_LATEST); $this->assertInstanceOf('BotPassword', $bp2); $this->assertEquals($bp->getToken(), $bp2->getToken()); $pw = TestingAccessWrapper::newFromObject($bp)->getPassword(); if ($password === null) { $this->assertInstanceOf('InvalidPassword', $pw); } else { $this->assertTrue($pw->equals($password)); } $pwhash = $passwordFactory->newFromPlaintext('XXX'); $token = $bp->getToken(); $this->assertTrue($bp->save('update', $pwhash)); $this->assertNotEquals($token, $bp->getToken()); $pw = TestingAccessWrapper::newFromObject($bp)->getPassword(); $this->assertTrue($pw->equals('XXX')); $this->assertTrue($bp->delete()); $this->assertFalse($bp->isSaved()); $this->assertNull(BotPassword::newFromCentralId(42, 'TestSave', BotPassword::READ_LATEST)); $this->assertFalse($bp->save('foobar')); }