diff options
author | diosmosis <diosmosis@users.noreply.github.com> | 2019-06-17 07:03:06 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-06-17 07:03:06 +0300 |
commit | 824204a88d80b229df3708d1edcf5416eeb2ea44 (patch) | |
tree | 52b1cfd1bcb0e5961920094a9f69517d5cbefd55 /tests | |
parent | d61a9ea28a798f5598e2cb69c0ca6b3342b6c157 (diff) |
Detect expired session use (#14502)
* Add INI config option and add tests.
* Detect expired sessions.
* Update config docs.
* Apply review feedback including storing expiration in session fingerprint.
* fixing tests.
* fix unit tests
* fix test
Diffstat (limited to 'tests')
4 files changed, 75 insertions, 6 deletions
diff --git a/tests/PHPUnit/Integration/FrontControllerTest.php b/tests/PHPUnit/Integration/FrontControllerTest.php index 12a396986b..89c426136a 100644 --- a/tests/PHPUnit/Integration/FrontControllerTest.php +++ b/tests/PHPUnit/Integration/FrontControllerTest.php @@ -59,6 +59,9 @@ FORMAT; $this->assertStringMatchesFormat($expectedFormat, $response['message']); } + /** + * @runInSeparateProcess + */ public function test_authImplementationConfigured_EvenIfSessionAuthSucceeds() { Access::getInstance()->setSuperUserAccess(false); diff --git a/tests/PHPUnit/Integration/Session/SessionAuthTest.php b/tests/PHPUnit/Integration/Session/SessionAuthTest.php index 914e957d76..ae64512e9a 100644 --- a/tests/PHPUnit/Integration/Session/SessionAuthTest.php +++ b/tests/PHPUnit/Integration/Session/SessionAuthTest.php @@ -11,6 +11,7 @@ namespace Piwik\Tests\Integration\Session; use Piwik\AuthResult; use Piwik\Container\StaticContainer; +use Piwik\Date; use Piwik\Plugins\UsersManager\UserUpdater; use Piwik\Session\SessionAuth; use Piwik\Session\SessionFingerprint; @@ -74,24 +75,67 @@ class SessionAuthTest extends IntegrationTestCase $this->assertEquals(AuthResult::FAILURE, $result->getCode()); } + /** + * @runInSeparateProcess + */ public function test_authenticate_ReturnsSuccess_IfUserDataHasNoPasswordModifiedTimestamp() { $this->initializeSession(self::TEST_OTHER_USER); + $sessionFingerprint = new SessionFingerprint(); + $expireTime = $sessionFingerprint->getExpirationTime(); + $this->assertNotNull($expireTime); + $usersModel = new UsersModel(); $user = $usersModel->getUser(self::TEST_OTHER_USER); unset($user['ts_password_modified']); + sleep(1); + $sessionAuth = new SessionAuth(new MockUsersModel($user)); $result = $sessionAuth->authenticate(); + $this->assertGreaterThan($expireTime, $sessionFingerprint->getExpirationTime()); + $this->assertEquals(AuthResult::SUCCESS, $result->getCode()); } - private function initializeSession($userLogin) + public function test_authenticate_ReturnsFailure_IfSessionIsExpiredWhenRememberMeUsed() + { + Date::$now = strtotime('2012-02-03 04:55:44'); + $this->initializeSession(self::TEST_OTHER_USER, true); + + Date::$now = strtotime('2012-03-03 04:55:44'); + + $usersModel = new UsersModel(); + $user = $usersModel->getUser(self::TEST_OTHER_USER); + + $sessionAuth = new SessionAuth(new MockUsersModel($user)); + $result = $sessionAuth->authenticate(); + + $this->assertEquals(AuthResult::FAILURE, $result->getCode()); + } + + public function test_authenticate_ReturnsFailure_IfSessionIsExpiredWhenRememberMeNotUsed() + { + Date::$now = strtotime('2012-02-03 04:55:44'); + $this->initializeSession(self::TEST_OTHER_USER); + + Date::$now = strtotime('2012-02-04 04:56:44'); + + $usersModel = new UsersModel(); + $user = $usersModel->getUser(self::TEST_OTHER_USER); + + $sessionAuth = new SessionAuth(new MockUsersModel($user)); + $result = $sessionAuth->authenticate(); + + $this->assertEquals(AuthResult::FAILURE, $result->getCode()); + } + + private function initializeSession($userLogin, $isRemembered = false) { $sessionFingerprint = new SessionFingerprint(); - $sessionFingerprint->initialize($userLogin); + $sessionFingerprint->initialize($userLogin, $isRemembered); } protected static function configureFixture($fixture) diff --git a/tests/PHPUnit/Unit/Session/SessionFingerprintTest.php b/tests/PHPUnit/Unit/Session/SessionFingerprintTest.php index a0cae1ef98..3fdd69c92f 100644 --- a/tests/PHPUnit/Unit/Session/SessionFingerprintTest.php +++ b/tests/PHPUnit/Unit/Session/SessionFingerprintTest.php @@ -10,6 +10,7 @@ namespace Piwik\Tests\Unit\Session; +use Piwik\Date; use Piwik\Session\SessionFingerprint; class SessionFingerprintTest extends \PHPUnit_Framework_TestCase @@ -28,6 +29,13 @@ class SessionFingerprintTest extends \PHPUnit_Framework_TestCase $this->testInstance = new SessionFingerprint(); } + public function tearDown() + { + Date::$now = null; + + parent::tearDown(); + } + public function test_getUser_ReturnsUserNameSessionVar_WhenSessionVarIsSet() { $_SESSION[SessionFingerprint::USER_NAME_SESSION_VAR_NAME] = 'testuser'; @@ -60,7 +68,7 @@ class SessionFingerprintTest extends \PHPUnit_Framework_TestCase $this->assertEquals('testuser', $_SESSION[SessionFingerprint::USER_NAME_SESSION_VAR_NAME]); $this->assertEquals( - ['ts' => self::TEST_TIME_VALUE, 'remembered' => true], + ['ts' => self::TEST_TIME_VALUE, 'remembered' => true, 'expiration' => self::TEST_TIME_VALUE + 3600], $_SESSION[SessionFingerprint::SESSION_INFO_SESSION_VAR_NAME] ); } @@ -77,10 +85,24 @@ class SessionFingerprintTest extends \PHPUnit_Framework_TestCase $this->assertTrue($this->testInstance->hasVerifiedTwoFactor()); } - public function test_getSessionStartTime_() + public function test_updateSessionExpireTime_SetsANewExpirationTime() + { + $this->testInstance->initialize('testuser', false, self::TEST_TIME_VALUE); + + Date::$now = self::TEST_TIME_VALUE + 100; + + $this->testInstance->updateSessionExpirationTime(); + + $this->assertEquals( + self::TEST_TIME_VALUE + 3700, + $_SESSION[SessionFingerprint::SESSION_INFO_SESSION_VAR_NAME]['expiration'] + ); + } + + public function test_getSessionStartTime_ReturnsCorrectValue() { $_SESSION[SessionFingerprint::SESSION_INFO_SESSION_VAR_NAME] = [ - 'ts' => 123. + 'ts' => 123, ]; $this->assertEquals(123, $this->testInstance->getSessionStartTime()); } diff --git a/tests/PHPUnit/Unit/Session/SessionInitializerTest.php b/tests/PHPUnit/Unit/Session/SessionInitializerTest.php index f24b69b8dc..0b0bde4c47 100644 --- a/tests/PHPUnit/Unit/Session/SessionInitializerTest.php +++ b/tests/PHPUnit/Unit/Session/SessionInitializerTest.php @@ -72,7 +72,7 @@ class SessionInitializerTest extends \PHPUnit_Framework_TestCase $fingerprint = new SessionFingerprint(); $this->assertEquals('testlogin', $fingerprint->getUser()); $this->assertNotEmpty($fingerprint->getSessionStartTime()); - $this->assertEquals(['ts', 'remembered'], array_keys($fingerprint->getUserInfo())); + $this->assertEquals(['ts', 'remembered', 'expiration'], array_keys($fingerprint->getUserInfo())); } } |