2021-06-26 15:23:15 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
namespace Tests\Auth;
|
2015-09-22 21:07:50 +01:00
|
|
|
|
2021-09-15 20:55:10 +01:00
|
|
|
use BookStack\Actions\ActivityType;
|
2021-06-14 22:30:53 +01:00
|
|
|
use BookStack\Auth\SocialAccount;
|
2020-03-10 19:09:22 +00:00
|
|
|
use BookStack\Auth\User;
|
2021-09-26 15:37:55 +01:00
|
|
|
use Illuminate\Support\Facades\DB;
|
2020-03-10 19:09:22 +00:00
|
|
|
use Laravel\Socialite\Contracts\Factory;
|
|
|
|
use Laravel\Socialite\Contracts\Provider;
|
|
|
|
use Mockery;
|
2020-04-04 01:16:05 +01:00
|
|
|
use Tests\TestCase;
|
2020-03-10 19:09:22 +00:00
|
|
|
|
2018-09-21 18:05:06 +01:00
|
|
|
class SocialAuthTest extends TestCase
|
2015-09-22 21:07:50 +01:00
|
|
|
{
|
2016-01-15 23:21:47 +00:00
|
|
|
public function test_social_registration()
|
2015-09-22 21:07:50 +01:00
|
|
|
{
|
2021-10-30 21:29:59 +01:00
|
|
|
$user = User::factory()->make();
|
2015-09-22 21:07:50 +01:00
|
|
|
|
|
|
|
$this->setSettings(['registration-enabled' => 'true']);
|
2016-01-15 23:21:47 +00:00
|
|
|
config(['GOOGLE_APP_ID' => 'abc123', 'GOOGLE_APP_SECRET' => '123abc', 'APP_URL' => 'http://localhost']);
|
2015-09-22 21:07:50 +01:00
|
|
|
|
2021-03-19 21:54:50 +00:00
|
|
|
$mockSocialite = $this->mock(Factory::class);
|
2020-03-10 19:09:22 +00:00
|
|
|
$mockSocialDriver = Mockery::mock(Provider::class);
|
|
|
|
$mockSocialUser = Mockery::mock(\Laravel\Socialite\Contracts\User::class);
|
2015-09-22 21:07:50 +01:00
|
|
|
|
|
|
|
$mockSocialite->shouldReceive('driver')->twice()->with('google')->andReturn($mockSocialDriver);
|
|
|
|
$mockSocialDriver->shouldReceive('redirect')->once()->andReturn(redirect('/'));
|
|
|
|
$mockSocialDriver->shouldReceive('user')->once()->andReturn($mockSocialUser);
|
|
|
|
|
|
|
|
$mockSocialUser->shouldReceive('getId')->twice()->andReturn(1);
|
|
|
|
$mockSocialUser->shouldReceive('getEmail')->twice()->andReturn($user->email);
|
|
|
|
$mockSocialUser->shouldReceive('getName')->once()->andReturn($user->name);
|
|
|
|
$mockSocialUser->shouldReceive('getAvatar')->once()->andReturn('avatar_placeholder');
|
|
|
|
|
2018-09-21 18:05:06 +01:00
|
|
|
$this->get('/register/service/google');
|
|
|
|
$this->get('/login/service/google/callback');
|
|
|
|
$this->assertDatabaseHas('users', ['name' => $user->name, 'email' => $user->email]);
|
2015-09-22 21:07:50 +01:00
|
|
|
$user = $user->whereEmail($user->email)->first();
|
2018-09-21 18:05:06 +01:00
|
|
|
$this->assertDatabaseHas('social_accounts', ['user_id' => $user->id]);
|
2015-09-22 21:07:50 +01:00
|
|
|
}
|
|
|
|
|
2017-01-02 14:56:58 +00:00
|
|
|
public function test_social_login()
|
|
|
|
{
|
|
|
|
config([
|
|
|
|
'GOOGLE_APP_ID' => 'abc123', 'GOOGLE_APP_SECRET' => '123abc',
|
|
|
|
'GITHUB_APP_ID' => 'abc123', 'GITHUB_APP_SECRET' => '123abc',
|
2021-06-26 15:23:15 +00:00
|
|
|
'APP_URL' => 'http://localhost',
|
2017-01-02 14:56:58 +00:00
|
|
|
]);
|
|
|
|
|
2021-03-19 21:54:50 +00:00
|
|
|
$mockSocialite = $this->mock(Factory::class);
|
2020-03-10 19:09:22 +00:00
|
|
|
$mockSocialDriver = Mockery::mock(Provider::class);
|
|
|
|
$mockSocialUser = Mockery::mock(\Laravel\Socialite\Contracts\User::class);
|
2017-01-02 14:56:58 +00:00
|
|
|
|
|
|
|
$mockSocialUser->shouldReceive('getId')->twice()->andReturn('logintest123');
|
|
|
|
|
|
|
|
$mockSocialDriver->shouldReceive('user')->twice()->andReturn($mockSocialUser);
|
|
|
|
$mockSocialite->shouldReceive('driver')->twice()->with('google')->andReturn($mockSocialDriver);
|
|
|
|
$mockSocialite->shouldReceive('driver')->twice()->with('github')->andReturn($mockSocialDriver);
|
|
|
|
$mockSocialDriver->shouldReceive('redirect')->twice()->andReturn(redirect('/'));
|
|
|
|
|
|
|
|
// Test login routes
|
2018-09-21 18:05:06 +01:00
|
|
|
$resp = $this->get('/login');
|
|
|
|
$resp->assertElementExists('a#social-login-google[href$="/login/service/google"]');
|
2021-06-26 15:23:15 +00:00
|
|
|
$resp = $this->followingRedirects()->get('/login/service/google');
|
2018-09-21 18:05:06 +01:00
|
|
|
$resp->assertSee('login-form');
|
2017-01-02 14:56:58 +00:00
|
|
|
|
|
|
|
// Test social callback
|
2018-09-21 18:05:06 +01:00
|
|
|
$resp = $this->followingRedirects()->get('/login/service/google/callback');
|
|
|
|
$resp->assertSee('login-form');
|
|
|
|
$resp->assertSee(trans('errors.social_account_not_used', ['socialAccount' => 'Google']));
|
|
|
|
|
|
|
|
$resp = $this->get('/login');
|
|
|
|
$resp->assertElementExists('a#social-login-github[href$="/login/service/github"]');
|
2021-06-26 15:23:15 +00:00
|
|
|
$resp = $this->followingRedirects()->get('/login/service/github');
|
2018-09-21 18:05:06 +01:00
|
|
|
$resp->assertSee('login-form');
|
2017-01-02 14:56:58 +00:00
|
|
|
|
|
|
|
// Test social callback with matching social account
|
2020-03-10 19:09:22 +00:00
|
|
|
DB::table('social_accounts')->insert([
|
2021-06-26 15:23:15 +00:00
|
|
|
'user_id' => $this->getAdmin()->id,
|
|
|
|
'driver' => 'github',
|
|
|
|
'driver_id' => 'logintest123',
|
2017-01-02 14:56:58 +00:00
|
|
|
]);
|
2018-09-21 18:05:06 +01:00
|
|
|
$resp = $this->followingRedirects()->get('/login/service/github/callback');
|
2021-06-26 15:23:15 +00:00
|
|
|
$resp->assertDontSee('login-form');
|
2021-09-15 20:55:10 +01:00
|
|
|
$this->assertActivityExists(ActivityType::AUTH_LOGIN, null, 'github; (' . $this->getAdmin()->id . ') ' . $this->getAdmin()->name);
|
2018-09-21 18:05:06 +01:00
|
|
|
}
|
|
|
|
|
2021-06-14 22:30:53 +01:00
|
|
|
public function test_social_account_detach()
|
|
|
|
{
|
|
|
|
$editor = $this->getEditor();
|
|
|
|
config([
|
|
|
|
'GITHUB_APP_ID' => 'abc123', 'GITHUB_APP_SECRET' => '123abc',
|
2021-06-26 15:23:15 +00:00
|
|
|
'APP_URL' => 'http://localhost',
|
2021-06-14 22:30:53 +01:00
|
|
|
]);
|
|
|
|
|
|
|
|
$socialAccount = SocialAccount::query()->forceCreate([
|
2021-06-26 15:23:15 +00:00
|
|
|
'user_id' => $editor->id,
|
|
|
|
'driver' => 'github',
|
2021-06-14 22:30:53 +01:00
|
|
|
'driver_id' => 'logintest123',
|
|
|
|
]);
|
|
|
|
|
|
|
|
$resp = $this->actingAs($editor)->get($editor->getEditUrl());
|
2021-06-14 22:37:58 +01:00
|
|
|
$resp->assertElementContains('form[action$="/login/service/github/detach"]', 'Disconnect Account');
|
2021-06-14 22:30:53 +01:00
|
|
|
|
2021-06-14 22:37:58 +01:00
|
|
|
$resp = $this->post('/login/service/github/detach');
|
2021-06-14 22:30:53 +01:00
|
|
|
$resp->assertRedirect($editor->getEditUrl());
|
|
|
|
$resp = $this->followRedirects($resp);
|
|
|
|
$resp->assertSee('Github account was successfully disconnected from your profile.');
|
|
|
|
|
|
|
|
$this->assertDatabaseMissing('social_accounts', ['id' => $socialAccount->id]);
|
|
|
|
}
|
|
|
|
|
2018-09-21 18:05:06 +01:00
|
|
|
public function test_social_autoregister()
|
|
|
|
{
|
|
|
|
config([
|
|
|
|
'services.google.client_id' => 'abc123', 'services.google.client_secret' => '123abc',
|
2021-06-26 15:23:15 +00:00
|
|
|
'APP_URL' => 'http://localhost',
|
2018-09-21 18:05:06 +01:00
|
|
|
]);
|
|
|
|
|
2021-10-30 21:29:59 +01:00
|
|
|
$user = User::factory()->make();
|
2021-03-19 21:54:50 +00:00
|
|
|
$mockSocialite = $this->mock(Factory::class);
|
2020-03-10 19:09:22 +00:00
|
|
|
$mockSocialDriver = Mockery::mock(Provider::class);
|
|
|
|
$mockSocialUser = Mockery::mock(\Laravel\Socialite\Contracts\User::class);
|
2018-09-21 18:05:06 +01:00
|
|
|
|
|
|
|
$mockSocialUser->shouldReceive('getId')->times(4)->andReturn(1);
|
|
|
|
$mockSocialUser->shouldReceive('getEmail')->times(2)->andReturn($user->email);
|
|
|
|
$mockSocialUser->shouldReceive('getName')->once()->andReturn($user->name);
|
|
|
|
$mockSocialUser->shouldReceive('getAvatar')->once()->andReturn('avatar_placeholder');
|
|
|
|
|
|
|
|
$mockSocialDriver->shouldReceive('user')->times(2)->andReturn($mockSocialUser);
|
|
|
|
$mockSocialite->shouldReceive('driver')->times(4)->with('google')->andReturn($mockSocialDriver);
|
|
|
|
$mockSocialDriver->shouldReceive('redirect')->twice()->andReturn(redirect('/'));
|
|
|
|
|
|
|
|
$googleAccountNotUsedMessage = trans('errors.social_account_not_used', ['socialAccount' => 'Google']);
|
|
|
|
|
|
|
|
$this->get('/login/service/google');
|
|
|
|
$resp = $this->followingRedirects()->get('/login/service/google/callback');
|
|
|
|
$resp->assertSee($googleAccountNotUsedMessage);
|
|
|
|
|
|
|
|
config(['services.google.auto_register' => true]);
|
|
|
|
|
|
|
|
$this->get('/login/service/google');
|
|
|
|
$resp = $this->followingRedirects()->get('/login/service/google/callback');
|
|
|
|
$resp->assertDontSee($googleAccountNotUsedMessage);
|
|
|
|
|
|
|
|
$this->assertDatabaseHas('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]);
|
|
|
|
$user = $user->whereEmail($user->email)->first();
|
|
|
|
$this->assertDatabaseHas('social_accounts', ['user_id' => $user->id]);
|
|
|
|
}
|
|
|
|
|
|
|
|
public function test_social_auto_email_confirm()
|
|
|
|
{
|
|
|
|
config([
|
|
|
|
'services.google.client_id' => 'abc123', 'services.google.client_secret' => '123abc',
|
2021-06-26 15:23:15 +00:00
|
|
|
'APP_URL' => 'http://localhost', 'services.google.auto_register' => true, 'services.google.auto_confirm' => true,
|
2018-09-21 18:05:06 +01:00
|
|
|
]);
|
|
|
|
|
2021-10-30 21:29:59 +01:00
|
|
|
$user = User::factory()->make();
|
2021-03-19 21:54:50 +00:00
|
|
|
$mockSocialite = $this->mock(Factory::class);
|
2020-03-10 19:09:22 +00:00
|
|
|
$mockSocialDriver = Mockery::mock(Provider::class);
|
|
|
|
$mockSocialUser = Mockery::mock(\Laravel\Socialite\Contracts\User::class);
|
2018-09-21 18:05:06 +01:00
|
|
|
|
|
|
|
$mockSocialUser->shouldReceive('getId')->times(3)->andReturn(1);
|
|
|
|
$mockSocialUser->shouldReceive('getEmail')->times(2)->andReturn($user->email);
|
|
|
|
$mockSocialUser->shouldReceive('getName')->once()->andReturn($user->name);
|
|
|
|
$mockSocialUser->shouldReceive('getAvatar')->once()->andReturn('avatar_placeholder');
|
|
|
|
|
|
|
|
$mockSocialDriver->shouldReceive('user')->times(1)->andReturn($mockSocialUser);
|
|
|
|
$mockSocialite->shouldReceive('driver')->times(2)->with('google')->andReturn($mockSocialDriver);
|
|
|
|
$mockSocialDriver->shouldReceive('redirect')->once()->andReturn(redirect('/'));
|
|
|
|
|
|
|
|
$this->get('/login/service/google');
|
|
|
|
$this->get('/login/service/google/callback');
|
|
|
|
|
|
|
|
$this->assertDatabaseHas('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => true]);
|
|
|
|
$user = $user->whereEmail($user->email)->first();
|
|
|
|
$this->assertDatabaseHas('social_accounts', ['user_id' => $user->id]);
|
2017-01-02 14:56:58 +00:00
|
|
|
}
|
|
|
|
|
2018-11-10 14:52:43 +00:00
|
|
|
public function test_google_select_account_option_changes_redirect_url()
|
|
|
|
{
|
|
|
|
config()->set('services.google.select_account', 'true');
|
|
|
|
|
|
|
|
$resp = $this->get('/login/service/google');
|
2019-09-14 14:12:39 +01:00
|
|
|
$this->assertStringContainsString('prompt=select_account', $resp->headers->get('Location'));
|
2018-11-10 14:52:43 +00:00
|
|
|
}
|
|
|
|
|
2020-03-10 19:09:22 +00:00
|
|
|
public function test_social_registration_with_no_name_uses_email_as_name()
|
|
|
|
{
|
2021-10-30 21:29:59 +01:00
|
|
|
$user = User::factory()->make(['email' => 'nonameuser@example.com']);
|
2020-03-10 19:09:22 +00:00
|
|
|
|
|
|
|
$this->setSettings(['registration-enabled' => 'true']);
|
|
|
|
config(['GITHUB_APP_ID' => 'abc123', 'GITHUB_APP_SECRET' => '123abc', 'APP_URL' => 'http://localhost']);
|
|
|
|
|
2021-03-19 21:54:50 +00:00
|
|
|
$mockSocialite = $this->mock(Factory::class);
|
2020-03-10 19:09:22 +00:00
|
|
|
$mockSocialDriver = Mockery::mock(Provider::class);
|
|
|
|
$mockSocialUser = Mockery::mock(\Laravel\Socialite\Contracts\User::class);
|
|
|
|
|
|
|
|
$mockSocialite->shouldReceive('driver')->twice()->with('github')->andReturn($mockSocialDriver);
|
|
|
|
$mockSocialDriver->shouldReceive('redirect')->once()->andReturn(redirect('/'));
|
|
|
|
$mockSocialDriver->shouldReceive('user')->once()->andReturn($mockSocialUser);
|
|
|
|
|
|
|
|
$mockSocialUser->shouldReceive('getId')->twice()->andReturn(1);
|
|
|
|
$mockSocialUser->shouldReceive('getEmail')->twice()->andReturn($user->email);
|
|
|
|
$mockSocialUser->shouldReceive('getName')->once()->andReturn('');
|
|
|
|
$mockSocialUser->shouldReceive('getAvatar')->once()->andReturn('avatar_placeholder');
|
|
|
|
|
|
|
|
$this->get('/register/service/github');
|
|
|
|
$this->get('/login/service/github/callback');
|
|
|
|
$this->assertDatabaseHas('users', ['name' => 'nonameuser', 'email' => $user->email]);
|
|
|
|
$user = $user->whereEmail($user->email)->first();
|
|
|
|
$this->assertDatabaseHas('social_accounts', ['user_id' => $user->id]);
|
|
|
|
}
|
2015-09-22 21:07:50 +01:00
|
|
|
}
|