Commit 0ba8e633 authored by Bertrand Gauthier's avatar Bertrand Gauthier
Browse files

Adapteurs d'authentification Ldap : tests unitaires.

parent b274c849
......@@ -5,7 +5,6 @@ use UnicaenAuth\Options\ModuleOptions;
use Zend\Authentication\Exception\UnexpectedValueException;
use Zend\Authentication\Result as AuthenticationResult;
use Zend\Authentication\Adapter\Ldap as LdapAuthAdapter;
use Zend\Crypt\Password\Bcrypt;
use Zend\EventManager\EventManager;
use Zend\EventManager\EventManagerAwareInterface;
use Zend\EventManager\EventManagerInterface;
......
<?php
namespace UnicaenAuthTest\Authentication\Adapter;
use PHPUnit_Framework_TestCase;
use UnicaenAuth\Authentication\Adapter\Ldap;
use Zend\Authentication\Result;
use Zend\EventManager\EventManager;
use Zend\Http\Request;
use Zend\Stdlib\Parameters;
use ZfcUser\Authentication\Adapter\AdapterChainEvent;
/**
* Description of LdapTest
*
* @author Bertrand GAUTHIER <bertrand.gauthier at unicaen.fr>
*/
class LdapTest extends PHPUnit_Framework_TestCase
{
protected $adapter;
protected $appModuleOptions;
protected $authModuleOptions;
protected $mapper;
/**
* Sets up the fixture, for example, open a network connection.
* This method is called before a test is executed.
*/
protected function setUp()
{
$this->appModuleOptions = $appModuleOptions = new \UnicaenApp\Options\ModuleOptions(array(
'ldap' => array(
'connection' => array(
'default' => array(
'params' => array(
'host' => 'host.domain.fr',
'username' => "uid=xxxxxxxxx,ou=xxxxxxxxxx,dc=domain,dc=fr",
'password' => "xxxxxxxxxxxx",
'baseDn' => "ou=xxxxxxxxxxx,dc=domain,dc=fr",
'bindRequiresDn' => true,
'accountFilterFormat' => "(&(objectClass=posixAccount)(supannAliasLogin=%s))",
)
)
)
),
));
$this->authModuleOptions = $authModuleOptions = new \UnicaenAuth\Options\ModuleOptions(array(
'usurpation_allowed_usernames' => array('usurpateur'),
));
$this->mapper = $mapper = $this->getMock('ZfcUser\Mapper\User', array('findByUsername', 'findByEmail'));
$serviceManager = $this->getMock('Zend\ServiceManager\ServiceManager', array('get'));
$serviceManager->expects($this->any())
->method('get')
->will($this->returnCallback(function($serviceName) use ($authModuleOptions, $appModuleOptions, $mapper) {
if ('zfcuser_module_options' === $serviceName) {
return new \ZfcUser\Options\ModuleOptions();
}
if ('unicaen-app_module_options' === $serviceName) {
return $appModuleOptions;
}
if ('unicaen-auth_module_options' === $serviceName) {
return $authModuleOptions;
}
if ('zfcuser_user_mapper' === $serviceName) {
return $mapper;
}
return null;
}));
$this->adapter = new Ldap();
$this->adapter->setServiceManager($serviceManager)
->setEventManager(new EventManager());
}
public function testCanProvideDefaultLdapAuthAdapter()
{
$adapter = $this->adapter->getLdapAuthAdapter();
$this->assertInstanceOf('Zend\Authentication\Adapter\Ldap', $adapter);
$appModuleLdapOptions = $this->appModuleOptions->getLdap();
$connectionNames = array_keys($appModuleLdapOptions['connection']);
$connectionParams = array_map(function($connection) { return $connection['params']; }, $appModuleLdapOptions['connection']);
$this->assertEquals(array_combine($connectionNames, $connectionParams), $adapter->getOptions());
}
public function testUsurpationWithAllowedUsernameAndSuccessfulAuthentication()
{
$this->authModuleOptions->setUsurpationAllowedUsernames(array('usurpateur'));
$event = new AdapterChainEvent();
$result = $this->_authenticateWithUsurpation(Result::SUCCESS, $event);
$this->assertTrue($result);
$this->assertTrue($this->adapter->isSatisfied());
$this->assertEquals(array('is_satisfied' => true, 'identity' => 'usurpe'), $this->adapter->getStorage()->read());
$this->assertEquals("userAuthenticated", $event->getName());
$this->assertEquals(Result::SUCCESS, $event->getCode());
$this->assertEquals('usurpe', $event->getIdentity());
$this->assertTrue($event->propagationIsStopped());
}
public function testUsurpationWithAllowedUsernameAndUnsuccessfulAuthentication()
{
$this->authModuleOptions->setUsurpationAllowedUsernames(array('usurpateur'));
$event = new AdapterChainEvent();
$result = $this->_authenticateWithUsurpation(Result::FAILURE, $event);
$this->assertFalse($result);
$this->assertFalse($this->adapter->isSatisfied());
$this->assertEquals(array('is_satisfied' => false), $this->adapter->getStorage()->read());
$this->assertNull($event->getName());
$this->assertEquals(Result::FAILURE, $event->getCode());
$this->assertNull($event->getIdentity());
$this->assertFalse($event->propagationIsStopped());
}
public function testUsurpationWithNotAllowedUsernameAndSuccessfulAuthentication()
{
$this->authModuleOptions->setUsurpationAllowedUsernames(array());
$event = new AdapterChainEvent();
$result = $this->_authenticateWithUsurpation(Result::SUCCESS, $event);
$this->assertTrue($result);
$this->assertTrue($this->adapter->isSatisfied());
$this->assertEquals(array('is_satisfied' => true, 'identity' => 'usurpateur'), $this->adapter->getStorage()->read());
$this->assertEquals("userAuthenticated", $event->getName());
$this->assertTrue($event->propagationIsStopped());
$this->assertEquals('usurpateur', $event->getIdentity());
}
public function testUsurpationWithNotAllowedUsernameAndUnsuccessfulAuthentication()
{
$this->authModuleOptions->setUsurpationAllowedUsernames(array());
$event = new AdapterChainEvent();
$result = $this->_authenticateWithUsurpation(Result::FAILURE, $event);
$this->assertFalse($result);
$this->assertFalse($this->adapter->isSatisfied());
$this->assertEquals(array('is_satisfied' => false), $this->adapter->getStorage()->read());
$this->assertNull($event->getName());
$this->assertEquals(Result::FAILURE, $event->getCode());
$this->assertNull($event->getIdentity());
$this->assertFalse($event->propagationIsStopped());
}
protected function _authenticateWithUsurpation($authenticationResultCode, AdapterChainEvent &$event)
{
$usernameUsurpateur = 'usurpateur';
$usernameUsurpe = 'usurpe';
$username = $usernameUsurpateur . Ldap::USURPATION_USERNAMES_SEP . $usernameUsurpe;
$ldapAuthAdapter = $this->getMock('Zend\Authentication\Adapter\Ldap', array('setUsername', 'setPassword', 'authenticate'));
$ldapAuthAdapter->expects($this->once())
->method('setUsername')
->with($usernameUsurpateur)
->will($this->returnSelf());
$ldapAuthAdapter->expects($this->once())
->method('setPassword')
->will($this->returnSelf());
$ldapAuthAdapter->expects($this->once())
->method('authenticate')
->will($this->returnValue(new Result($authenticationResultCode, $usernameUsurpateur)));
$this->adapter->setLdapAuthAdapter($ldapAuthAdapter);
$request = new Request();
$request->setPost(new Parameters(array('identity' => $username, 'credential' => "xxxxx")));
$event->setRequest($request);
return $this->adapter->authenticate($event);
}
}
\ No newline at end of file
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment