diff options
author | Christoph Wurst <christoph@winzerhof-wurst.at> | 2016-08-22 12:17:31 +0300 |
---|---|---|
committer | Christoph Wurst <christoph@winzerhof-wurst.at> | 2016-08-22 12:17:31 +0300 |
commit | 9fa4b44b4e40632294dfe72ed6e9cf3a9f83250a (patch) | |
tree | df4e1ac5901c414e72aa7f5b0269e8b856a6b70e | |
parent | 8eca1cc845375a367f791ac65d14de793fe44547 (diff) |
fix url encoding of OTP QR codes
-rw-r--r-- | lib/Controller/SettingsController.php | 7 | ||||
-rw-r--r-- | tests/phpunit.xml | 2 | ||||
-rw-r--r-- | tests/unit/Controller/SettingsControllerTest.php | 23 |
3 files changed, 24 insertions, 8 deletions
diff --git a/lib/Controller/SettingsController.php b/lib/Controller/SettingsController.php index 7dd73a0..30f52ab 100644 --- a/lib/Controller/SettingsController.php +++ b/lib/Controller/SettingsController.php @@ -84,7 +84,8 @@ class SettingsController extends Controller { $qrCode = new QrCode(); $secretName = $this->getSecretName(); $issuer = $this->getSecretIssuer(); - $qr = $qrCode->setText("otpauth://totp/$secretName?secret=$secret&issuer=$issuer") + $x = "otpauth://totp/$secretName?secret=$secret&issuer=$issuer"; + $qr = $qrCode->setText($x) ->setSize(150) ->getDataUri(); return [ @@ -102,13 +103,13 @@ class SettingsController extends Controller { private function getSecretName() { $userName = $this->userSession->getUser()->getCloudId(); - return rawurldecode($userName); + return rawurlencode($userName); } private function getSecretIssuer() { $productName = $this->defaults->getName(); $url = $this->urlGenerator->getAbsoluteURL('/'); - return rawurldecode("$url ($productName)"); + return rawurlencode("$url ($productName)"); } } diff --git a/tests/phpunit.xml b/tests/phpunit.xml index cd4f03b..cc94bb0 100644 --- a/tests/phpunit.xml +++ b/tests/phpunit.xml @@ -5,7 +5,7 @@ timeoutForMediumTests="900" timeoutForLargeTests="900"> <testsuite name="TOTP 2FA Provider"> - <directory suffix="test.php">.</directory> + <directory suffix="Test.php">.</directory> </testsuite> <!-- filters for code coverage --> <filter> diff --git a/tests/unit/Controller/SettingsControllerTest.php b/tests/unit/Controller/SettingsControllerTest.php index 69676f0..ce668be 100644 --- a/tests/unit/Controller/SettingsControllerTest.php +++ b/tests/unit/Controller/SettingsControllerTest.php @@ -21,7 +21,9 @@ namespace OCA\TwoFactor_Totp\Unit\Controller; +use Endroid\QrCode\QrCode; use OCA\TwoFactor_Totp\Controller\SettingsController; +use OCP\Defaults; use Test\TestCase; class SettingsControllerTest extends TestCase { @@ -29,6 +31,8 @@ class SettingsControllerTest extends TestCase { private $request; private $userSession; private $totp; + private $defaults; + private $urlGenerator; /** @var SettingsController */ private $controller; @@ -39,8 +43,10 @@ class SettingsControllerTest extends TestCase { $this->request = $this->getMock('\OCP\IRequest'); $this->userSession = $this->getMock('\OCP\IUserSession'); $this->totp = $this->getMock('\OCA\TwoFactor_Totp\Service\ITotp'); + $this->defaults = new Defaults(); + $this->urlGenerator = $this->getMock('\OCP\IURLGenerator'); - $this->controller = new SettingsController('twofactor_totp', $this->request, $this->userSession, $this->totp); + $this->controller = new SettingsController('twofactor_totp', $this->request, $this->userSession, $this->totp, $this->defaults, $this->urlGenerator); } public function testNothing() { @@ -62,16 +68,25 @@ class SettingsControllerTest extends TestCase { public function testEnable() { $user = $this->getMock('\OCP\IUser'); - $this->userSession->expects($this->once()) + $this->userSession->expects($this->exactly(2)) ->method('getUser') ->will($this->returnValue($user)); + $user->expects($this->once()) + ->method('getCloudId') + ->will($this->returnValue('user@instance.com')); + $this->urlGenerator->expects($this->once()) + ->method('getAbsoluteUrl') + ->with('/') + ->will($this->returnValue('https://instance.com')); $this->totp->expects($this->once()) ->method('createSecret') ->with($user) ->will($this->returnValue('newsecret')); - $qrCode = new \Endroid\QrCode\QrCode(); - $qr = $qrCode->setText("otpauth://totp/ownCloud%20TOTP?secret=newsecret") + $qrCode = new QrCode(); + $issuer = rawurlencode('https://instance.com (' . $this->defaults->getName() . ')'); + $x = "otpauth://totp/user%40instance.com?secret=newsecret&issuer=$issuer"; + $qr = $qrCode->setText($x) ->setSize(150) ->getDataUri(); |