2FAuth/tests/Unit/MigratorTest.php

559 lines
20 KiB
PHP
Raw Normal View History

2022-12-09 10:52:17 +01:00
<?php
namespace Tests\Unit;
use App\Exceptions\EncryptedMigrationException;
use App\Exceptions\InvalidMigrationDataException;
2022-12-13 12:07:29 +01:00
use App\Exceptions\UnsupportedMigrationException;
use App\Factories\MigratorFactory;
2022-12-09 10:52:17 +01:00
use App\Models\TwoFAccount;
2023-08-01 11:28:27 +02:00
use App\Providers\MigrationServiceProvider;
2022-12-09 10:52:17 +01:00
use App\Services\Migrators\AegisMigrator;
2022-12-13 12:07:29 +01:00
use App\Services\Migrators\GoogleAuthMigrator;
2022-12-09 10:52:17 +01:00
use App\Services\Migrators\Migrator;
use App\Services\Migrators\PlainTextMigrator;
2022-12-13 12:07:29 +01:00
use App\Services\Migrators\TwoFASMigrator;
2023-03-18 17:33:43 +01:00
use App\Services\Migrators\TwoFAuthMigrator;
2022-12-09 10:52:17 +01:00
use App\Services\SettingService;
use Illuminate\Support\Facades\Storage;
use Mockery\MockInterface;
2023-08-01 11:28:27 +02:00
use PHPUnit\Framework\Attributes\CoversClass;
use PHPUnit\Framework\Attributes\DataProvider;
use PHPUnit\Framework\Attributes\UsesClass;
2022-12-09 10:52:17 +01:00
use Tests\Data\MigrationTestData;
use Tests\Data\OtpTestData;
use Tests\TestCase;
/**
2023-08-01 11:28:27 +02:00
* MigratorTest test class
2022-12-09 10:52:17 +01:00
*/
2023-08-01 11:28:27 +02:00
#[CoversClass(MigrationServiceProvider::class)]
#[CoversClass(MigratorFactory::class)]
#[CoversClass(Migrator::class)]
#[CoversClass(AegisMigrator::class)]
#[CoversClass(TwoFASMigrator::class)]
#[CoversClass(PlainTextMigrator::class)]
#[CoversClass(GoogleAuthMigrator::class)]
#[CoversClass(TwoFAuthMigrator::class)]
#[UsesClass(TwoFAccount::class)]
2022-12-09 10:52:17 +01:00
class MigratorTest extends TestCase
{
/**
* App\Models\TwoFAccount $totpTwofaccount
*/
protected $totpTwofaccount;
/**
* App\Models\TwoFAccount $totpTwofaccount
*/
protected $hotpTwofaccount;
/**
* App\Models\TwoFAccount $steamTwofaccount
*/
protected $steamTwofaccount;
/**
* App\Models\TwoFAccount $GAuthTotpTwofaccount
*/
protected $GAuthTotpTwofaccount;
/**
* App\Models\TwoFAccount $GAuthTotpBisTwofaccount
*/
2023-03-10 22:59:46 +01:00
protected $GAuthTotpBisTwofaccount;
protected $fakeTwofaccount;
2022-12-09 10:52:17 +01:00
2022-12-13 12:07:29 +01:00
public function setUp() : void
2022-12-09 10:52:17 +01:00
{
parent::setUp();
$this->mock(SettingService::class, function (MockInterface $settingService) {
$settingService->allows()
->get('useEncryption')
->andReturn(false);
});
2022-12-09 10:52:17 +01:00
$this->totpTwofaccount = new TwoFAccount;
$this->totpTwofaccount->legacy_uri = OtpTestData::TOTP_FULL_CUSTOM_URI_NO_IMG;
$this->totpTwofaccount->service = OtpTestData::SERVICE;
$this->totpTwofaccount->account = OtpTestData::ACCOUNT;
$this->totpTwofaccount->icon = null;
$this->totpTwofaccount->otp_type = 'totp';
$this->totpTwofaccount->secret = OtpTestData::SECRET;
$this->totpTwofaccount->digits = OtpTestData::DIGITS_CUSTOM;
$this->totpTwofaccount->algorithm = OtpTestData::ALGORITHM_CUSTOM;
$this->totpTwofaccount->period = OtpTestData::PERIOD_CUSTOM;
$this->totpTwofaccount->counter = null;
$this->hotpTwofaccount = new TwoFAccount;
$this->hotpTwofaccount->legacy_uri = OtpTestData::HOTP_FULL_CUSTOM_URI_NO_IMG;
$this->hotpTwofaccount->service = OtpTestData::SERVICE;
$this->hotpTwofaccount->account = OtpTestData::ACCOUNT;
$this->hotpTwofaccount->icon = null;
$this->hotpTwofaccount->otp_type = 'hotp';
$this->hotpTwofaccount->secret = OtpTestData::SECRET;
$this->hotpTwofaccount->digits = OtpTestData::DIGITS_CUSTOM;
$this->hotpTwofaccount->algorithm = OtpTestData::ALGORITHM_CUSTOM;
$this->hotpTwofaccount->period = null;
$this->hotpTwofaccount->counter = OtpTestData::COUNTER_CUSTOM;
$this->steamTwofaccount = new TwoFAccount;
$this->steamTwofaccount->legacy_uri = OtpTestData::STEAM_TOTP_URI;
$this->steamTwofaccount->service = OtpTestData::STEAM;
$this->steamTwofaccount->account = OtpTestData::ACCOUNT;
$this->steamTwofaccount->icon = null;
$this->steamTwofaccount->otp_type = 'steamtotp';
$this->steamTwofaccount->secret = OtpTestData::STEAM_SECRET;
$this->steamTwofaccount->digits = OtpTestData::DIGITS_STEAM;
$this->steamTwofaccount->algorithm = OtpTestData::ALGORITHM_DEFAULT;
$this->steamTwofaccount->period = OtpTestData::PERIOD_DEFAULT;
$this->steamTwofaccount->counter = null;
2022-12-13 12:07:29 +01:00
$this->GAuthTotpTwofaccount = new TwoFAccount;
$this->GAuthTotpTwofaccount->service = OtpTestData::SERVICE;
$this->GAuthTotpTwofaccount->account = OtpTestData::ACCOUNT;
$this->GAuthTotpTwofaccount->icon = null;
$this->GAuthTotpTwofaccount->otp_type = 'totp';
$this->GAuthTotpTwofaccount->secret = OtpTestData::SECRET;
$this->GAuthTotpTwofaccount->digits = OtpTestData::DIGITS_DEFAULT;
$this->GAuthTotpTwofaccount->algorithm = OtpTestData::ALGORITHM_DEFAULT;
$this->GAuthTotpTwofaccount->period = OtpTestData::PERIOD_DEFAULT;
$this->GAuthTotpTwofaccount->counter = null;
$this->GAuthTotpBisTwofaccount = new TwoFAccount;
$this->GAuthTotpBisTwofaccount->service = OtpTestData::SERVICE . '_bis';
$this->GAuthTotpBisTwofaccount->account = OtpTestData::ACCOUNT . '_bis';
$this->GAuthTotpBisTwofaccount->icon = null;
$this->GAuthTotpBisTwofaccount->otp_type = 'totp';
$this->GAuthTotpBisTwofaccount->secret = OtpTestData::SECRET;
$this->GAuthTotpBisTwofaccount->digits = OtpTestData::DIGITS_DEFAULT;
$this->GAuthTotpBisTwofaccount->algorithm = OtpTestData::ALGORITHM_DEFAULT;
$this->GAuthTotpBisTwofaccount->period = OtpTestData::PERIOD_DEFAULT;
$this->GAuthTotpBisTwofaccount->counter = null;
$this->fakeTwofaccount = new TwoFAccount;
$this->fakeTwofaccount->id = TwoFAccount::FAKE_ID;
2022-12-09 10:52:17 +01:00
}
/**
* Clean up the testing environment before the next test.
*
*
* @throws \Mockery\Exception\InvalidCountException
*/
protected function tearDown() : void
{
$this->forgetMock(SettingService::class);
parent::tearDown();
}
2022-12-09 10:52:17 +01:00
/**
* @test
*/
2023-08-01 11:28:27 +02:00
#[DataProvider('validMigrationsProvider')]
2022-12-09 10:52:17 +01:00
public function test_migrate_returns_consistent_accounts(Migrator $migrator, mixed $payload, string $expected, bool $hasSteam)
{
$accounts = $migrator->migrate($payload);
if ($expected === 'gauth') {
$totp = $this->GAuthTotpTwofaccount;
$hotp = $this->GAuthTotpBisTwofaccount;
} else {
$totp = $this->totpTwofaccount;
$hotp = $this->hotpTwofaccount;
if ($hasSteam) {
$steam = $this->steamTwofaccount;
}
}
$this->assertContainsOnlyInstancesOf(TwoFAccount::class, $accounts);
$this->assertCount($hasSteam ? 3 : 2, $accounts);
// The returned collection could have non-linear index (because of possible blank lines
// in the migration payload) so we do not use get() to retrieve items
$this->assertObjectEquals($totp, $accounts->first());
$this->assertObjectEquals($hotp, $accounts->slice(1, 1)->first());
if ($hasSteam) {
$this->assertObjectEquals($steam, $accounts->last());
}
}
/**
* Provide data for TwoFAccount store tests
*/
2023-08-01 11:28:27 +02:00
public static function validMigrationsProvider()
2022-12-09 10:52:17 +01:00
{
return [
'PLAIN_TEXT_PAYLOAD' => [
new PlainTextMigrator(),
MigrationTestData::VALID_PLAIN_TEXT_PAYLOAD,
'custom',
2022-12-13 12:07:29 +01:00
$hasSteam = true,
2022-12-09 10:52:17 +01:00
],
'PLAIN_TEXT_PAYLOAD_WITH_INTRUDER' => [
new PlainTextMigrator(),
MigrationTestData::VALID_PLAIN_TEXT_PAYLOAD_WITH_INTRUDER,
'custom',
2022-12-13 12:07:29 +01:00
$hasSteam = true,
2022-12-09 10:52:17 +01:00
],
'AEGIS_JSON_MIGRATION_PAYLOAD' => [
new AegisMigrator(),
MigrationTestData::VALID_AEGIS_JSON_MIGRATION_PAYLOAD,
'custom',
2022-12-13 12:07:29 +01:00
$hasSteam = true,
2022-12-09 10:52:17 +01:00
],
'2FAS_MIGRATION_PAYLOAD' => [
new TwoFASMigrator(),
MigrationTestData::VALID_2FAS_MIGRATION_PAYLOAD,
'custom',
2022-12-13 12:07:29 +01:00
$hasSteam = false,
2022-12-09 10:52:17 +01:00
],
'GOOGLE_AUTH_MIGRATION_PAYLOAD' => [
new GoogleAuthMigrator(),
MigrationTestData::GOOGLE_AUTH_MIGRATION_URI,
'gauth',
$hasSteam = false,
],
2023-03-18 17:33:43 +01:00
'2FAUTH_MIGRATION_PAYLOAD' => [
new TwoFAuthMigrator(),
MigrationTestData::VALID_2FAUTH_JSON_MIGRATION_PAYLOAD,
'custom',
$hasSteam = true,
],
2022-12-09 10:52:17 +01:00
];
}
/**
* @test
*/
2023-08-01 11:28:27 +02:00
#[DataProvider('invalidMigrationsProvider')]
2022-12-09 10:52:17 +01:00
public function test_migrate_with_invalid_payload_returns_InvalidMigrationDataException(Migrator $migrator, mixed $payload)
{
$this->expectException(InvalidMigrationDataException::class);
$accounts = $migrator->migrate($payload);
}
/**
* Provide data for TwoFAccount store tests
*/
2023-08-01 11:28:27 +02:00
public static function invalidMigrationsProvider()
2022-12-09 10:52:17 +01:00
{
return [
'INVALID_PLAIN_TEXT_NO_URI' => [
new PlainTextMigrator(),
MigrationTestData::INVALID_PLAIN_TEXT_NO_URI,
],
'INVALID_PLAIN_TEXT_ONLY_EMPTY_LINES' => [
new PlainTextMigrator(),
MigrationTestData::INVALID_PLAIN_TEXT_ONLY_EMPTY_LINES,
],
'INVALID_PLAIN_TEXT_NULL' => [
new PlainTextMigrator(),
null,
],
'INVALID_PLAIN_TEXT_EMPTY_STRING' => [
new PlainTextMigrator(),
'',
],
'INVALID_PLAIN_TEXT_INT' => [
new PlainTextMigrator(),
10,
],
'INVALID_PLAIN_TEXT_BOOL' => [
new PlainTextMigrator(),
true,
],
'INVALID_AEGIS_JSON_MIGRATION_PAYLOAD' => [
new AegisMigrator(),
MigrationTestData::INVALID_AEGIS_JSON_MIGRATION_PAYLOAD,
],
'ENCRYPTED_AEGIS_JSON_MIGRATION_PAYLOAD' => [
new AegisMigrator(),
MigrationTestData::ENCRYPTED_AEGIS_JSON_MIGRATION_PAYLOAD,
],
'INVALID_2FAS_MIGRATION_PAYLOAD' => [
new TwoFASMigrator(),
MigrationTestData::INVALID_2FAS_MIGRATION_PAYLOAD,
],
'INVALID_GOOGLE_AUTH_MIGRATION_URI' => [
new GoogleAuthMigrator(),
MigrationTestData::INVALID_GOOGLE_AUTH_MIGRATION_URI,
],
'GOOGLE_AUTH_MIGRATION_URI_WITH_INVALID_DATA' => [
new GoogleAuthMigrator(),
MigrationTestData::GOOGLE_AUTH_MIGRATION_URI_WITH_INVALID_DATA,
],
2023-03-18 17:33:43 +01:00
'INVALID_2FAUTH_JSON_MIGRATION_PAYLOAD' => [
new TwoFAuthMigrator(),
MigrationTestData::INVALID_2FAUTH_JSON_MIGRATION_PAYLOAD,
],
2022-12-09 10:52:17 +01:00
];
}
/**
* @test
*/
2023-08-01 11:28:27 +02:00
#[DataProvider('migrationWithInvalidAccountsProvider')]
2022-12-09 10:52:17 +01:00
public function test_migrate_returns_fake_accounts(Migrator $migrator, mixed $payload)
{
$accounts = $migrator->migrate($payload);
$this->assertContainsOnlyInstancesOf(TwoFAccount::class, $accounts);
$this->assertCount(2, $accounts);
// The returned collection could have non-linear index (because of possible blank lines
// in the migration payload) so we do not use get() to retrieve items
$this->assertObjectEquals($this->totpTwofaccount, $accounts->first());
$this->assertEquals($this->fakeTwofaccount->id, $accounts->last()->id);
}
/**
* Provide data for TwoFAccount store tests
*/
2023-08-01 11:28:27 +02:00
public static function migrationWithInvalidAccountsProvider()
2022-12-09 10:52:17 +01:00
{
return [
'PLAIN_TEXT_PAYLOAD_WITH_INVALID_URI' => [
new PlainTextMigrator(),
MigrationTestData::PLAIN_TEXT_PAYLOAD_WITH_INVALID_URI,
],
'VALID_AEGIS_JSON_MIGRATION_PAYLOAD_WITH_UNSUPPORTED_OTP_TYPE' => [
new AegisMigrator(),
MigrationTestData::VALID_AEGIS_JSON_MIGRATION_PAYLOAD_WITH_UNSUPPORTED_OTP_TYPE,
],
'VALID_2FAS_MIGRATION_PAYLOAD_WITH_UNSUPPORTED_OTP_TYPE' => [
new TwoFASMigrator(),
MigrationTestData::VALID_2FAS_MIGRATION_PAYLOAD_WITH_UNSUPPORTED_OTP_TYPE,
],
2023-03-18 17:33:43 +01:00
'VALID_2FAUTH_MIGRATION_PAYLOAD_WITH_UNSUPPORTED_OTP_TYPE' => [
new TwoFAuthMigrator(),
MigrationTestData::VALID_2FAUTH_MIGRATION_PAYLOAD_WITH_UNSUPPORTED_OTP_TYPE,
],
2022-12-09 10:52:17 +01:00
];
}
/**
* @test
*/
public function test_migrate_gauth_returns_fake_accounts()
{
$migrator = $this->partialMock(GoogleAuthMigrator::class, function (MockInterface $migrator) {
$migrator->shouldAllowMockingProtectedMethods()->shouldReceive('toBase32')
2022-12-09 10:52:17 +01:00
->andThrow(new \Exception());
});
/** @disregard Undefined function */
2022-12-09 10:52:17 +01:00
$accounts = $migrator->migrate(MigrationTestData::GOOGLE_AUTH_MIGRATION_URI);
$this->assertContainsOnlyInstancesOf(TwoFAccount::class, $accounts);
$this->assertCount(2, $accounts);
// The returned collection could have non-linear index (because of possible blank lines
// in the migration payload) so we do not use get() to retrieve items
$this->assertEquals($this->fakeTwofaccount->id, $accounts->first()->id);
$this->assertEquals($this->fakeTwofaccount->id, $accounts->last()->id);
2024-05-29 11:53:41 +02:00
$this->forgetMock(GoogleAuthMigrator::class);
2022-12-09 10:52:17 +01:00
}
/**
* @test
*/
2023-08-01 11:28:27 +02:00
#[DataProvider('AegisWithIconMigrationProvider')]
2022-12-09 10:52:17 +01:00
public function test_migrate_aegis_payload_with_icon_sets_and_stores_the_icon($migration)
{
Storage::fake('icons');
$migrator = new AegisMigrator();
$accounts = $migrator->migrate($migration);
$this->assertContainsOnlyInstancesOf(TwoFAccount::class, $accounts);
$this->assertCount(1, $accounts);
Storage::disk('icons')->assertExists($accounts->first()->icon);
}
/**
* Provide data for TwoFAccount store tests
*/
2023-08-01 11:28:27 +02:00
public static function AegisWithIconMigrationProvider()
2022-12-09 10:52:17 +01:00
{
return [
'SVG' => [
MigrationTestData::VALID_AEGIS_JSON_MIGRATION_PAYLOAD_WITH_SVG_ICON,
],
'PNG' => [
MigrationTestData::VALID_AEGIS_JSON_MIGRATION_PAYLOAD_WITH_PNG_ICON,
],
'JPG' => [
MigrationTestData::VALID_AEGIS_JSON_MIGRATION_PAYLOAD_WITH_JPG_ICON,
],
];
}
/**
* @test
*/
public function test_migrate_aegis_payload_with_unsupported_icon_does_not_fail()
{
Storage::fake('icons');
$migrator = new AegisMigrator();
$accounts = $migrator->migrate(MigrationTestData::VALID_AEGIS_JSON_MIGRATION_PAYLOAD_WITH_UNSUPPORTED_ICON);
$this->assertContainsOnlyInstancesOf(TwoFAccount::class, $accounts);
$this->assertCount(1, $accounts);
$this->assertNull($this->fakeTwofaccount->icon);
Storage::disk('icons')->assertDirectoryEmpty('/');
}
2023-03-18 17:33:43 +01:00
/**
* @test
*/
2023-08-01 11:28:27 +02:00
#[DataProvider('TwoFAuthWithIconMigrationProvider')]
2023-03-18 17:33:43 +01:00
public function test_migrate_2fauth_payload_with_icon_sets_and_stores_the_icon($migration)
{
Storage::fake('icons');
$migrator = new TwoFAuthMigrator();
$accounts = $migrator->migrate($migration);
$this->assertContainsOnlyInstancesOf(TwoFAccount::class, $accounts);
$this->assertCount(1, $accounts);
Storage::disk('icons')->assertExists($accounts->first()->icon);
}
/**
* Provide data for TwoFAccount store tests
*/
2023-08-01 11:28:27 +02:00
public static function TwoFAuthWithIconMigrationProvider()
2023-03-18 17:33:43 +01:00
{
return [
'SVG' => [
MigrationTestData::VALID_2FAUTH_JSON_MIGRATION_PAYLOAD_WITH_SVG_ICON,
],
'PNG' => [
MigrationTestData::VALID_2FAUTH_JSON_MIGRATION_PAYLOAD_WITH_PNG_ICON,
],
'JPG' => [
MigrationTestData::VALID_2FAUTH_JSON_MIGRATION_PAYLOAD_WITH_JPG_ICON,
],
'BMP' => [
MigrationTestData::VALID_2FAUTH_JSON_MIGRATION_PAYLOAD_WITH_BMP_ICON,
],
'WEBP' => [
MigrationTestData::VALID_2FAUTH_JSON_MIGRATION_PAYLOAD_WITH_WEBP_ICON,
],
];
}
/**
* @test
*/
public function test_migrate_2fauth_payload_with_unsupported_icon_does_not_fail()
{
Storage::fake('icons');
$migrator = new TwoFAuthMigrator();
$accounts = $migrator->migrate(MigrationTestData::VALID_2FAUTH_JSON_MIGRATION_PAYLOAD_WITH_UNSUPPORTED_ICON);
$this->assertContainsOnlyInstancesOf(TwoFAccount::class, $accounts);
$this->assertCount(1, $accounts);
$this->assertNull($this->fakeTwofaccount->icon);
Storage::disk('icons')->assertDirectoryEmpty('/');
}
2022-12-09 10:52:17 +01:00
/**
* @test
*/
2023-08-01 11:28:27 +02:00
#[DataProvider('factoryProvider')]
2023-03-18 17:33:43 +01:00
public function test_factory_returns_relevant_migrator($payload, $migratorClass)
2022-12-09 10:52:17 +01:00
{
$factory = new MigratorFactory();
$migrator = $factory->create($payload);
$this->assertInstanceOf($migratorClass, $migrator);
}
/**
* Provide data for TwoFAccount store tests
*/
2023-08-01 11:28:27 +02:00
public static function factoryProvider()
2022-12-09 10:52:17 +01:00
{
return [
'VALID_PLAIN_TEXT_PAYLOAD' => [
MigrationTestData::VALID_PLAIN_TEXT_PAYLOAD,
PlainTextMigrator::class,
],
'VALID_AEGIS_JSON_MIGRATION_PAYLOAD' => [
MigrationTestData::VALID_AEGIS_JSON_MIGRATION_PAYLOAD,
AegisMigrator::class,
],
'VALID_AEGIS_JSON_MIGRATION_PAYLOAD_WITH_UNSUPPORTED_ICON' => [
MigrationTestData::VALID_AEGIS_JSON_MIGRATION_PAYLOAD_WITH_UNSUPPORTED_ICON,
AegisMigrator::class,
],
'VALID_2FAS_MIGRATION_PAYLOAD' => [
MigrationTestData::VALID_2FAS_MIGRATION_PAYLOAD,
TwoFASMigrator::class,
],
'GOOGLE_AUTH_MIGRATION_URI' => [
MigrationTestData::GOOGLE_AUTH_MIGRATION_URI,
GoogleAuthMigrator::class,
],
2023-03-18 17:33:43 +01:00
'2FAUTH_MIGRATION_URI' => [
MigrationTestData::VALID_2FAUTH_JSON_MIGRATION_PAYLOAD,
TwoFAuthMigrator::class,
],
2022-12-09 10:52:17 +01:00
];
}
/**
* @test
*/
public function test_factory_throw_UnsupportedMigrationException()
{
$this->expectException(UnsupportedMigrationException::class);
$factory = new MigratorFactory();
$migrator = $factory->create('not_a_valid_payload');
}
/**
* @test
*/
2023-08-01 11:28:27 +02:00
#[DataProvider('encryptedMigrationDataProvider')]
2022-12-09 10:52:17 +01:00
public function test_factory_throw_EncryptedMigrationException($payload)
{
$this->expectException(EncryptedMigrationException::class);
$factory = new MigratorFactory();
$migrator = $factory->create($payload);
}
/**
* Provide data for TwoFAccount store tests
*/
2023-08-01 11:28:27 +02:00
public static function encryptedMigrationDataProvider()
2022-12-09 10:52:17 +01:00
{
return [
'ENCRYPTED_AEGIS_JSON_MIGRATION_PAYLOAD' => [
2022-12-13 12:07:29 +01:00
MigrationTestData::ENCRYPTED_AEGIS_JSON_MIGRATION_PAYLOAD,
2022-12-09 10:52:17 +01:00
],
'ENCRYPTED_2FAS_MIGRATION_PAYLOAD' => [
2022-12-13 12:07:29 +01:00
MigrationTestData::ENCRYPTED_2FAS_MIGRATION_PAYLOAD,
2022-12-09 10:52:17 +01:00
],
];
}
}