作者:rchicol
项目:owncloud-cor
/**
*
*/
protected function setUp()
{
parent::setUp();
$this->sessionMock = $this->getMock('OCP\\ISession');
$this->sessionMock->expects($this->any())->method('set')->will($this->returnCallback([$this, "setValueTester"]));
$this->sessionMock->expects($this->any())->method('get')->will($this->returnCallback([$this, "getValueTester"]));
$this->sessionMock->expects($this->any())->method('remove')->will($this->returnCallback([$this, "removeValueTester"]));
$this->instance = new Session($this->sessionMock);
}
作者:evanj
项目:cor
public function testUnwrappingGet()
{
$unencryptedValue = 'foobar';
$encryptedValue = $this->crypto->encrypt($unencryptedValue);
$this->wrappedSession->expects($this->once())->method('get')->with('encrypted_session_data')->willReturnCallback(function () use($encryptedValue) {
return $encryptedValue;
});
$this->assertSame($unencryptedValue, $this->wrappedSession->get('encrypted_session_data'));
}
作者:kenw
项目:cor
public function manipulateStorageConfig(StorageConfig &$storage)
{
$encrypted = $this->session->get('password::sessioncredentials/credentials');
if (!isset($encrypted)) {
throw new InsufficientDataForMeaningfulAnswerException('No session credentials saved');
}
$credentials = json_decode($this->crypto->decrypt($encrypted), true);
$storage->setBackendOption('user', $this->session->get('loginname'));
$storage->setBackendOption('password', $credentials['password']);
}
作者:stwei
项目:owncloud-cor
public function testShowLoginFormWithErrorsInSession()
{
$this->userSession->expects($this->once())->method('isLoggedIn')->willReturn(false);
$this->session->expects($this->once())->method('get')->with('loginMessages')->willReturn([['ErrorArray1', 'ErrorArray2'], ['MessageArray1', 'MessageArray2']]);
$expectedResponse = new TemplateResponse('core', 'login', ['ErrorArray1' => true, 'ErrorArray2' => true, 'messages' => ['MessageArray1', 'MessageArray2'], 'loginName' => '', 'user_autofocus' => true, 'canResetPassword' => true, 'alt_login' => [], 'rememberLoginAllowed' => \OC_Util::rememberLoginAllowed(), 'rememberLoginState' => 0], 'guest');
$this->assertEquals($expectedResponse, $this->loginController->showLoginForm('', '', ''));
}
作者:rchicol
项目:owncloud-cor
/**
* @NoAdminRequired
* @NoSubadminRequired
*
* @return JSONResponse
*/
public function create($name)
{
try {
$sessionId = $this->session->getId();
} catch (SessionNotAvailableException $ex) {
$resp = new JSONResponse();
$resp->setStatus(Http::STATUS_SERVICE_UNAVAILABLE);
return $resp;
}
try {
$sessionToken = $this->tokenProvider->getToken($sessionId);
$loginName = $sessionToken->getLoginName();
try {
$password = $this->tokenProvider->getPassword($sessionToken, $sessionId);
} catch (PasswordlessTokenException $ex) {
$password = null;
}
} catch (InvalidTokenException $ex) {
$resp = new JSONResponse();
$resp->setStatus(Http::STATUS_SERVICE_UNAVAILABLE);
return $resp;
}
$token = $this->generateRandomDeviceToken();
$deviceToken = $this->tokenProvider->generateToken($token, $this->uid, $loginName, $password, $name, IToken::PERMANENT_TOKEN);
return ['token' => $token, 'deviceToken' => $deviceToken];
}
作者:matiasdelelli
项目:mai
/**
* @NoAdminRequired
* @NoCSRFRequired
*
* @param string $src
*
* TODO: Cache the proxied content to prevent unnecessary requests from the oC server
* The caching should also already happen in a cronjob so that the sender of the
* mail does not know whether the mail has been opened.
*
* @return ProxyDownloadResponse
*/
public function proxy($src)
{
// close the session to allow parallel downloads
$this->session->close();
$content = $this->helper->getUrlContent($src);
return new ProxyDownloadResponse($content, $src, 'application/octet-stream');
}
作者:enoch8
项目:owncloud-testserve
/**
* Makes sure the user is already properly authenticated when a password is required and none
* was provided
*
* @param array|bool $linkItem
*
* @throws CheckException
*/
private function checkSession($linkItem)
{
// Not authenticated ?
if (!$this->session->exists('public_link_authenticated') || $this->session->get('public_link_authenticated') !== $linkItem['id']) {
throw new CheckException("Missing password", Http::STATUS_UNAUTHORIZED);
}
}
作者:drognise
项目:Portfolio-Sit
/**
* Makes sure the user is already properly authenticated when a password is required and none
* was provided
*
* @param IShare $share
*
* @throws CheckException
*/
private function checkSession($share)
{
// Not authenticated ?
if (!$this->session->exists('public_link_authenticated') || $this->session->get('public_link_authenticated') !== (string) $share->getId()) {
throw new CheckException("Missing password", Http::STATUS_UNAUTHORIZED);
}
}
作者:GitHubUser423
项目:cor
/**
* Get the timezone of the current user, based on his session information and config data
*
* @param bool|int $timestamp
* @return \DateTimeZone
*/
public function getTimeZone($timestamp = false)
{
$timeZone = $this->config->getUserValue($this->session->get('user_id'), 'core', 'timezone', null);
if ($timeZone === null) {
if ($this->session->exists('timezone')) {
return $this->guessTimeZoneFromOffset($this->session->get('timezone'), $timestamp);
}
$timeZone = $this->getDefaultTimeZone();
}
try {
return new \DateTimeZone($timeZone);
} catch (\Exception $e) {
\OCP\Util::writeLog('datetimezone', 'Failed to created DateTimeZone "' . $timeZone . "'", \OCP\Util::DEBUG);
return new \DateTimeZone($this->getDefaultTimeZone());
}
}
作者:jakobsac
项目:mai
/**
* @NoAdminRequired
* @NoCSRFRequired
*
* TODO: Cache the proxied content to prevent unnecessary requests from the oC server
* The caching should also already happen in a cronjob so that the sender of the
* mail does not know whether the mail has been opened.
*
* @return ProxyDownloadResponse
*/
public function proxy()
{
// close the session to allow parallel downloads
$this->session->close();
$resourceURL = $this->request->getParam('src');
$content = \OC::$server->getHelper()->getUrlContent($resourceURL);
return new ProxyDownloadResponse($content, $resourceURL, 'application/octet-stream');
}
作者:evanj
项目:cor
/**
* remove keys from session
*/
public function clear()
{
$this->session->remove('publicSharePrivateKey');
$this->session->remove('privateKey');
$this->session->remove('encryptionInitialized');
$this->session->remove('decryptAll');
$this->session->remove('decryptAllKey');
$this->session->remove('decryptAllUid');
}
作者:hyb14
项目:cor
/**
* Close the session and release the lock, also writes all changed data in batch
*/
public function close()
{
if ($this->isModified) {
$encryptedValue = $this->crypto->encrypt(json_encode($this->sessionValues), $this->passphrase);
$this->session->set(self::encryptedSessionName, $encryptedValue);
$this->isModified = false;
}
$this->session->close();
}
作者:nem0xf
项目:cor
public function testAuthenticateAlreadyLoggedIn()
{
$server = $this->getMockBuilder('\\Sabre\\DAV\\Server')->disableOriginalConstructor()->getMock();
$this->userSession->expects($this->once())->method('isLoggedIn')->will($this->returnValue(true));
$this->session->expects($this->once())->method('get')->with('AUTHENTICATED_TO_DAV_BACKEND')->will($this->returnValue(null));
$user = $this->getMockBuilder('\\OCP\\IUser')->disableOriginalConstructor()->getMock();
$user->expects($this->once())->method('getUID')->will($this->returnValue('MyWrongDavUser'));
$this->userSession->expects($this->once())->method('getUser')->will($this->returnValue($user));
$this->session->expects($this->once())->method('close');
$this->assertTrue($this->auth->authenticate($server, 'TestRealm'));
}
作者:leechan53
项目:calenda
/**
* @param \Sabre\DAV\Server $server
* @param $realm
* @return bool
*/
private function auth(\Sabre\DAV\Server $server, $realm)
{
if (\OC_User::handleApacheAuth() || $this->userSession->isLoggedIn() && is_null($this->session->get(self::DAV_AUTHENTICATED))) {
$user = $this->userSession->getUser()->getUID();
\OC_Util::setupFS($user);
$this->currentUser = $user;
$this->session->close();
return true;
}
return parent::authenticate($server, $realm);
}
作者:TechAre
项目:cor
public function testAuthenticateNoBasicAuthenticateHeadersProvidedWithAjaxButUserIsStillLoggedIn()
{
/** @var \Sabre\HTTP\RequestInterface $httpRequest */
$httpRequest = $this->getMockBuilder('\\Sabre\\HTTP\\RequestInterface')->disableOriginalConstructor()->getMock();
/** @var \Sabre\HTTP\ResponseInterface $httpResponse */
$httpResponse = $this->getMockBuilder('\\Sabre\\HTTP\\ResponseInterface')->disableOriginalConstructor()->getMock();
$this->userSession->expects($this->any())->method('isLoggedIn')->will($this->returnValue(true));
$this->session->expects($this->once())->method('get')->with('AUTHENTICATED_TO_DAV_BACKEND')->will($this->returnValue('MyTestUser'));
$httpRequest->expects($this->once())->method('getHeader')->with('Authorization')->will($this->returnValue(null));
$this->auth->check($httpRequest, $httpResponse);
}
作者:heldern
项目:owncloud8-extende
/**
* Get the timezone of the current user, based on his session information and config data
*
* @return \DateTimeZone
*/
public function getTimeZone()
{
$timeZone = $this->config->getUserValue($this->session->get('user_id'), 'core', 'timezone', null);
if ($timeZone === null) {
if ($this->session->exists('timezone')) {
$offsetHours = $this->session->get('timezone');
// Note: the timeZone name is the inverse to the offset,
// so a positive offset means negative timeZone
// and the other way around.
if ($offsetHours > 0) {
return new \DateTimeZone('Etc/GMT-' . $offsetHours);
} else {
return new \DateTimeZone('Etc/GMT+' . abs($offsetHours));
}
} else {
return new \DateTimeZone('UTC');
}
}
return new \DateTimeZone($timeZone);
}
作者:drognise
项目:Portfolio-Sit
/**
* Update password of the browser session token if there is one
*
* @param string $password
*/
public function updateSessionTokenPassword($password)
{
try {
$sessionId = $this->session->getId();
$token = $this->tokenProvider->getToken($sessionId);
$this->tokenProvider->setPassword($token, $sessionId, $password);
} catch (SessionNotAvailableException $ex) {
// Nothing to do
} catch (InvalidTokenException $ex) {
// Nothing to do
}
}
作者:kebenxiaomin
项目:cor
public function testAuthenticateAlreadyLoggedIn()
{
$request = $this->getMockBuilder('Sabre\\HTTP\\RequestInterface')->disableOriginalConstructor()->getMock();
$response = $this->getMockBuilder('Sabre\\HTTP\\ResponseInterface')->disableOriginalConstructor()->getMock();
$this->userSession->expects($this->once())->method('isLoggedIn')->will($this->returnValue(true));
$this->session->expects($this->once())->method('get')->with('AUTHENTICATED_TO_DAV_BACKEND')->will($this->returnValue(null));
$user = $this->getMockBuilder('\\OCP\\IUser')->disableOriginalConstructor()->getMock();
$user->expects($this->once())->method('getUID')->will($this->returnValue('MyWrongDavUser'));
$this->userSession->expects($this->once())->method('getUser')->will($this->returnValue($user));
$this->session->expects($this->once())->method('close');
$response = $this->auth->check($request, $response);
$this->assertEquals([true, 'principals/users/MyWrongDavUser'], $response);
}
作者:GitHubUser423
项目:cor
public function testSharePasswordLinkInvalidSession()
{
$share = $this->getMock('OCP\\Share\\IShare');
$share->method('getPassword')->willReturn('password');
$share->method('getShareType')->willReturn(\OCP\Share::SHARE_TYPE_LINK);
$share->method('getId')->willReturn('42');
$this->shareManager->expects($this->once())->method('getShareByToken')->willReturn($share);
$this->shareManager->method('checkPassword')->with($this->equalTo($share), $this->equalTo('password'))->willReturn(false);
$this->session->method('exists')->with('public_link_authenticated')->willReturn(true);
$this->session->method('get')->with('public_link_authenticated')->willReturn('43');
$result = $this->invokePrivate($this->auth, 'validateUserPass', ['username', 'password']);
$this->assertFalse($result);
}
作者:stwei
项目:owncloud-cor
/**
* Validates a username and password
*
* This method should return true or false depending on if login
* succeeded.
*
* @param string $username
* @param string $password
*
* @return bool
* @throws \Sabre\DAV\Exception\NotAuthenticated
*/
protected function validateUserPass($username, $password)
{
try {
$share = $this->shareManager->getShareByToken($username);
} catch (ShareNotFound $e) {
return false;
}
$this->share = $share;
\OC_User::setIncognitoMode(true);
// check if the share is password protected
if ($share->getPassword() !== null) {
if ($share->getShareType() === \OCP\Share::SHARE_TYPE_LINK) {
if ($this->shareManager->checkPassword($share, $password)) {
return true;
} else {
if ($this->session->exists('public_link_authenticated') && $this->session->get('public_link_authenticated') === $share->getId()) {
return true;
} else {
if (in_array('XMLHttpRequest', explode(',', $this->request->getHeader('X-Requested-With')))) {
// do not re-authenticate over ajax, use dummy auth name to prevent browser popup
http_response_code(401);
header('WWW-Authenticate', 'DummyBasic real="ownCloud"');
throw new \Sabre\DAV\Exception\NotAuthenticated('Cannot authenticate over ajax calls');
}
return false;
}
}
} else {
if ($share->getShareType() === \OCP\Share::SHARE_TYPE_REMOTE) {
return true;
} else {
return false;
}
}
} else {
return true;
}
}