/** * @covers Alchemy\Phrasea\Authentication\PersistentCookie\Manager::getSession */ public function testGetSessionReturnFalse() { $encoder = $this->getPasswordEncoderMock(); $browser = $this->getBrowserMock(); $tokenValue = 'encrypted-persistent-value'; $browser->expects($this->once())->method('getBrowser')->will($this->returnValue('Firefox')); $browser->expects($this->once())->method('getPlatform')->will($this->returnValue('Linux')); $session = new Session(); $session->setNonce('prettyN0nce'); $repo = $this->getMockBuilder('Doctrine\\ORM\\EntityRepository')->disableOriginalConstructor()->getMock(); $repo->expects($this->once())->method('findOneBy')->with($this->equalTo(['token' => $tokenValue]))->will($this->returnValue($session)); $manager = new Manager($encoder, $repo, $browser); $encoder->expects($this->once())->method('isPasswordValid')->with($this->anything(), 'Firefox_Linux', 'prettyN0nce')->will($this->returnValue(false)); $this->assertFalse($manager->getSession($tokenValue)); }
public function refreshAccount(Session $session) { if (!$this->app['repo.sessions']->find($session->getId())) { throw new RuntimeException('Unable to refresh the session, it does not exist anymore'); } if (null === ($user = $session->getUser())) { throw new RuntimeException('Unable to refresh the session'); } $this->session->clear(); $this->populateSession($session); foreach ($this->app['acl']->get($user)->get_granted_sbas() as $databox) { \cache_databox::insertClient($this->app, $databox); } $this->reinitUser(); return $session; }
/** * {@inheritdoc} */ public function apply(base $appbox, Application $app) { try { $sql = 'SELECT usr_id, user_agent, ip, platform, browser, app, browser_version, screen, token, nonce, lastaccess, created_on FROM cache'; $stmt = $appbox->get_connection()->prepare($sql); $stmt->execute(); $rs = $stmt->fetchAll(\PDO::FETCH_ASSOC); $stmt->closeCursor(); } catch (DBALException $e) { // this may fail on oldest versions return false; } foreach ($rs as $row) { if (null === ($user = $this->loadUser($app['EM'], $row['usr_id']))) { continue; } $created = $updated = null; if ('0000-00-00 00:00:00' !== $row['created_on']) { $created = \DateTime::createFromFormat('Y-m-d H:i:s', $row['created_on']); } if ('0000-00-00 00:00:00' !== $row['lastaccess']) { $updated = \DateTime::createFromFormat('Y-m-d H:i:s', $row['lastaccess']); } $session = new Session(); $session->setUser($user)->setUserAgent($row['user_agent'])->setUpdated($updated)->setToken($row['token'])->setPlatform($row['platform'])->setNonce($row['nonce'])->setIpAddress($row['ip'])->setCreated($created)->setBrowserVersion($row['browser_version'])->setBrowserName($row['browser']); $sizes = explode('x', $row['screen']); if (2 === count($sizes)) { $session->setScreenWidth($sizes[0])->setScreenHeight($sizes[1]); } if (false !== ($apps = @unserialize($row['app']))) { foreach ($apps as $appli) { $module = new SessionModule(); $module->setModuleId($appli)->setCreated($created)->setSession($session)->setUpdated($updated); $session->addModule($module); $app['EM']->persist($module); } } $app['EM']->persist($session); } $app['EM']->flush(); return true; }
/** * @covers Alchemy\Phrasea\Authentication\Authenticator::isAuthenticated */ public function testIsAuthenticated() { $app = $this->loadApp(); $sessionEntity = new Session(); $sessionEntity->setUser(self::$DI['user']); $sessionEntity->setUserAgent(''); $app['browser'] = $browser = $this->getBrowserMock(); $app['session'] = $session = $this->getSessionMock(); $app['EM'] = $em = $this->getEntityManagerMock(); $app['EM']->expects($this->any())->method('find')->with($this->equalTo('Phraseanet:Session'), $this->equalTo(1))->will($this->returnValue($sessionEntity)); $userRepository = $this->getMockBuilder('Alchemy\\Phrasea\\Model\\Repositories\\UserRepository')->disableOriginalConstructor()->getMock(); $userRepository->expects($this->once())->method('find')->with($this->equalTo(self::$DI['user']->getId()))->will($this->returnValue(self::$DI['user'])); $app['manipulator.user'] = $this->getMockBuilder('Alchemy\\Phrasea\\Model\\Manipulator\\UserManipulator')->disableOriginalConstructor()->getMock(); $app['manipulator.user']->expects($this->once())->method('getRepository')->will($this->returnValue($userRepository)); $session->set('usr_id', self::$DI['user']->getId()); $session->set('session_id', 1); $authenticator = new Authenticator($app, $browser, $session, $app['EM']); $this->assertTrue($authenticator->isAuthenticated()); $this->assertEquals(self::$DI['user'], $authenticator->getUser()); }
/** * Authenticates self::['user'] against application. * * @param Application $app * @param User $user */ protected function authenticate(Application $app, $user = null) { $user = $user ?: self::$DI['user']; $app['session']->clear(); $app['session']->set('usr_id', self::$DI['user']->getId()); $session = new Session(); $session->setUser(self::$DI['user']); $session->setUserAgent(''); self::$DI['app']['EM']->persist($session); self::$DI['app']['EM']->flush(); $app['session']->set('session_id', $session->getId()); self::$DI['app']['authentication']->reinitUser(); }
public function testEndSessionAuthenticatedWithOutdatedIdleXmlHttpRequest() { $app = new Application('test'); $app['dispatcher']->addSubscriber(new SessionManagerSubscriber($app)); $app['authentication'] = $this->getMockBuilder('Alchemy\\Phrasea\\Authentication\\Authenticator')->disableOriginalConstructor()->getMock(); $app['authentication']->expects($this->any())->method('isAuthenticated')->will($this->returnValue(true)); $app['authentication']->expects($this->once())->method('closeAccount')->will($this->returnValue(null)); $session = new Session(); $session->setUpdated(new \DateTime('-1 hour')); $app['EM'] = $this->getMockBuilder('Doctrine\\ORM\\EntityManager')->disableOriginalConstructor()->getMock(); $app['repo.sessions'] = $this->getMockBuilder('Doctrine\\Common\\Persistence\\ObjectRepository')->getMock(); $app['repo.sessions']->expects($this->once())->method('find')->will($this->returnValue($session)); $app['EM']->expects($this->any())->method('persist')->will($this->returnValue(null)); $app['EM']->expects($this->any())->method('flush')->will($this->returnValue(null)); $app['phraseanet.configuration']['session'] = ['idle' => 10, 'lifetime' => 60475]; $app->get('/login', function () { return ''; })->bind("homepage"); $app->get('/prod', function () { return ''; }); $client = new Client($app); $client->request('GET', '/prod', [], [], ['HTTP_ACCEPT' => 'application/json', 'HTTP_X-Requested-With' => 'XMLHttpRequest']); $this->assertTrue($client->getResponse()->isClientError()); $this->assertNotNUll($client->getResponse()->headers->get('x-phraseanet-end-session')); }
/** * Authenticates self::['user'] against application. * * @param Application $app * @param User $user */ protected function authenticate(Application $app, User $user = null) { /** @var User $user */ $user = $user ?: self::$DI['user']; $app['session']->clear(); $app['session']->set('usr_id', $user->getId()); $session = new Session(); $session->setUser($user); $session->setUserAgent(''); $app['orm.em']->persist($session); $app['orm.em']->flush(); $app['session']->set('session_id', $session->getId()); $app->getAuthenticator()->reinitUser(); }
/** * {@inheritDoc} */ public function hasModuleId($moduleId) { $this->__initializer__ && $this->__initializer__->__invoke($this, 'hasModuleId', array($moduleId)); return parent::hasModuleId($moduleId); }