Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
13 changed files
with
259 additions
and
81 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,102 @@ | ||
<?php | ||
|
||
declare(strict_types=1); | ||
|
||
namespace SimpleSAML\Module\authYubikey\Controller; | ||
|
||
use SimpleSAML\Configuration; | ||
use SimpleSAML\Error; | ||
use SimpleSAML\Module\authYubikey\Auth\Source; | ||
use SimpleSAML\Session; | ||
use SimpleSAML\XHTML\Template; | ||
use Symfony\Component\HttpFoundation\Request; | ||
|
||
/** | ||
* Controller class for the authyubikey module. | ||
* | ||
* This class serves the different views available in the module. | ||
* | ||
* @package simplesamlphp/simplesamlphp-module-authyubikey | ||
*/ | ||
class Yubikey | ||
{ | ||
/** @var \SimpleSAML\Configuration */ | ||
protected Configuration $config; | ||
|
||
/** @var \SimpleSAML\Session */ | ||
protected Session $session; | ||
|
||
/** | ||
* @var \SimpleSAML\Module\authYubikey\Auth\Source\YubiKey|string | ||
* @psalm-var \SimpleSAML\Module\authYubikey\Auth\Source\YubiKey|class-string | ||
*/ | ||
protected $yubikey = Source\YubiKey::class; | ||
|
||
|
||
/** | ||
* Controller constructor. | ||
* | ||
* It initializes the global configuration and session for the controllers implemented here. | ||
* | ||
* @param \SimpleSAML\Configuration $config The configuration to use by the controllers. | ||
* @param \SimpleSAML\Session $session The session to use by the controllers. | ||
* | ||
* @throws \Exception | ||
*/ | ||
public function __construct( | ||
Configuration $config, | ||
Session $session | ||
) { | ||
$this->config = $config; | ||
$this->session = $session; | ||
} | ||
|
||
|
||
/** | ||
* Inject the \SimpleSAML\Module\authYubikey\Auth\Source\YubiKey dependency. | ||
* | ||
* @param \SimpleSAML\Module\authYubikey\Auth\Source\YubiKey $yubikey | ||
*/ | ||
public function setYubikey(Source\Yubikey $yubikey): void | ||
{ | ||
$this->yubikey = $yubikey; | ||
} | ||
|
||
|
||
/** | ||
* @param \Symfony\Component\HttpFoundation\Request $request The current request. | ||
* @return \SimpleSAML\XHTML\Template | ||
*/ | ||
public function main(Request $request): Template | ||
{ | ||
$stateId = $request->get('AuthState'); | ||
if ($stateId === null) { | ||
throw new Error\BadRequest('Missing AuthState parameter.'); | ||
} | ||
|
||
$t = new Template($this->config, 'authYubikey:yubikeylogin.twig'); | ||
|
||
$errorCode = null; | ||
$otp = $request->get('otp'); | ||
if ($otp !== null) { | ||
// attempt to log in | ||
|
||
/** @psalm-var string $errorCode */ | ||
$errorCode = $this->yubikey::handleLogin($stateId, $otp); | ||
$errorCodes = Error\ErrorCodes::getAllErrorCodeMessages(); | ||
|
||
if (array_key_exists($errorCode, $errorCodes['title'])) { | ||
$t->data['errorTitle'] = $errorCodes['title'][$errorCode]; | ||
} | ||
|
||
if (array_key_exists($errorCode, $errorCodes['descr'])) { | ||
$t->data['errorDesc'] = $errorCodes['descr'][$errorCode]; | ||
} | ||
} | ||
|
||
$t->data['errorCode'] = $errorCode; | ||
$t->data['stateParams'] = ['AuthState' => $stateId]; | ||
|
||
return $t; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,20 +1,20 @@ | ||
<?xml version="1.0" encoding="utf-8" ?> | ||
<phpunit bootstrap="tests/bootstrap.php"> | ||
<testsuites> | ||
<testsuite name="The project's test suite"> | ||
<directory>./vendor/simplesamlphp/simplesamlphp-test-framework/src/</directory> | ||
<directory>tests/</directory> | ||
</testsuite> | ||
</testsuites> | ||
<filter> | ||
<whitelist processUncoveredFilesFromWhitelist="true"> | ||
<directory suffix=".php">./lib</directory> | ||
</whitelist> | ||
</filter> | ||
<logging> | ||
<log type="coverage-text" target="php://stdout" showUncoveredFiles="true" /> | ||
<log type="coverage-html" target="build/coverage" title="PHP Coveralls" charset="UTF-8" yui="true" highlight="true" lowUpperBound="35" highLowerBound="70" /> | ||
<log type="coverage-clover" target="build/logs/clover.xml" /> | ||
</logging> | ||
<?xml version="1.0" encoding="utf-8"?> | ||
<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" bootstrap="tests/bootstrap.php" xsi:noNamespaceSchemaLocation="https://schema.phpunit.de/9.3/phpunit.xsd"> | ||
<coverage processUncoveredFiles="true"> | ||
<include> | ||
<directory suffix=".php">./lib</directory> | ||
</include> | ||
<report> | ||
<clover outputFile="build/logs/clover.xml"/> | ||
<html outputDirectory="build/coverage" lowUpperBound="35" highLowerBound="70"/> | ||
<text outputFile="php://stdout" showUncoveredFiles="true"/> | ||
</report> | ||
</coverage> | ||
<testsuites> | ||
<testsuite name="The project's test suite"> | ||
<directory>./vendor/simplesamlphp/simplesamlphp-test-framework/src/</directory> | ||
<directory>tests/</directory> | ||
</testsuite> | ||
</testsuites> | ||
<logging/> | ||
</phpunit> | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
authyubikey-main: | ||
path: /login | ||
defaults: { _controller: 'SimpleSAML\Module\authyubikey\Controller\Yubikey::main' } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,127 @@ | ||
<?php | ||
|
||
declare(strict_types=1); | ||
|
||
namespace SimpleSAML\Test\Module\authYubikey\Controller; | ||
|
||
use PHPUnit\Framework\TestCase; | ||
//use SimpleSAML\Auth\State as AuthState; | ||
use SimpleSAML\Configuration; | ||
use SimpleSAML\Error; | ||
use SimpleSAML\Module\authYubikey\Auth\Source\YubiKey; | ||
use SimpleSAML\Module\authYubikey\Controller; | ||
use SimpleSAML\Session; | ||
use SimpleSAML\XHTML\Template; | ||
use Symfony\Component\HttpFoundation\Request; | ||
|
||
/** | ||
* Set of tests for the controllers in the "authyubikey" module. | ||
* | ||
* @covers \SimpleSAML\Module\authYubikey\Controller\Yubikey | ||
*/ | ||
class YubikeyTest extends TestCase | ||
{ | ||
/** @var \SimpleSAML\Configuration */ | ||
protected Configuration $config; | ||
|
||
/** @var \SimpleSAML\Session */ | ||
protected Session $session; | ||
|
||
|
||
/** | ||
* Set up for each test. | ||
*/ | ||
protected function setUp(): void | ||
{ | ||
parent::setUp(); | ||
|
||
$this->config = Configuration::loadFromArray( | ||
[ | ||
'module.enable' => ['authYubikey' => true], | ||
], | ||
'[ARRAY]', | ||
'simplesaml' | ||
); | ||
|
||
$this->session = Session::getSessionFromRequest(); | ||
|
||
Configuration::setPreLoadedConfig($this->config, 'config.php'); | ||
} | ||
|
||
|
||
/** | ||
* Test that accessing the otp-endpoint without state results in an error-response | ||
* | ||
* @return void | ||
*/ | ||
public function testOtpNoState(): void | ||
{ | ||
$request = Request::create( | ||
'/login', | ||
'GET' | ||
); | ||
|
||
$c = new Controller\Yubikey($this->config, $this->session); | ||
|
||
$this->expectException(Error\BadRequest::class); | ||
$this->expectExceptionMessage("BADREQUEST('%REASON%' => 'Missing AuthState parameter.')"); | ||
|
||
$c->main($request); | ||
} | ||
|
||
|
||
/** | ||
* Test that accessing the otp-endpoint without otp results in a Template | ||
* | ||
* @return void | ||
*/ | ||
public function testOtpNoOtp(): void | ||
{ | ||
$request = Request::create( | ||
'/login', | ||
'GET', | ||
['AuthState' => 'abc123'] | ||
); | ||
|
||
$c = new Controller\Yubikey($this->config, $this->session); | ||
/** | ||
$c->setAuthState(new class () extends Auth\State { | ||
public static function loadState(string $id, string $stage, bool $allowMissing = false): ?array | ||
{ | ||
return []; | ||
} | ||
}); | ||
*/ | ||
$response = $c->main($request); | ||
|
||
$this->assertTrue($response->isSuccessful()); | ||
$this->assertInstanceOf(Template::class, $response); | ||
} | ||
|
||
|
||
/** | ||
* Test that accessing the otp-endpoint with invalid otp returns Template | ||
* | ||
* @return void | ||
*/ | ||
public function testWrongOtp(): void | ||
{ | ||
$request = Request::create( | ||
'/login', | ||
'GET', | ||
['AuthState' => 'abc123', 'otp' => 'aabbccddeeffgghhiijjkkllmmnnooppqq'] | ||
); | ||
|
||
$c = new Controller\Yubikey($this->config, $this->session); | ||
$c->setYubikey(new class (['AuthId' => 'authYubikey'], []) extends YubiKey { | ||
public static function handleLogin(string $stateId, string $otp): ?string | ||
{ | ||
return 'WRONGUSERPASS'; | ||
} | ||
}); | ||
$response = $c->main($request); | ||
|
||
$this->assertTrue($response->isSuccessful()); | ||
$this->assertInstanceOf(Template::class, $response); | ||
} | ||
} |
Oops, something went wrong.