From 8435e0907b14536edde76cd9db36bb18e2a3b125 Mon Sep 17 00:00:00 2001 From: Aryeh Gregor Date: Mon, 8 Oct 2018 14:29:47 +0300 Subject: [PATCH] Clean up ApiLoginTest Change-Id: Icd77f8a5ee0c26cfbd3cc8f220412cfa1bf49d60 --- tests/phpunit/includes/api/ApiLoginTest.php | 222 +++++--------------- 1 file changed, 58 insertions(+), 164 deletions(-) diff --git a/tests/phpunit/includes/api/ApiLoginTest.php b/tests/phpunit/includes/api/ApiLoginTest.php index 384d7794e3..449214186f 100644 --- a/tests/phpunit/includes/api/ApiLoginTest.php +++ b/tests/phpunit/includes/api/ApiLoginTest.php @@ -1,6 +1,8 @@ [ 'login' => 'foobar' ], ]; - $data = $this->doApiRequest( [ 'action' => 'login', - 'lgname' => '', 'lgpassword' => self::$users['sysop']->getPassword(), - 'lgtoken' => (string)( new MediaWiki\Session\Token( 'foobar', '' ) ) + $ret = $this->doApiRequest( [ + 'action' => 'login', + 'lgname' => '', + 'lgpassword' => self::$users['sysop']->getPassword(), + 'lgtoken' => (string)( new MediaWiki\Session\Token( 'foobar', '' ) ), ], $session ); - $this->assertEquals( 'Failed', $data[0]['login']['result'] ); + $this->assertSame( 'Failed', $ret[0]['login']['result'] ); } - public function testApiLoginBadPass() { - global $wgServer; - - $user = self::$users['sysop']; - $userName = $user->getUser()->getName(); - $user->getUser()->logout(); - - if ( !isset( $wgServer ) ) { - $this->markTestIncomplete( 'This test needs $wgServer to be set in LocalSettings.php' ); - } + private function doUserLogin( $name, $password ) { $ret = $this->doApiRequest( [ - "action" => "login", - "lgname" => $userName, - "lgpassword" => "bad", + 'action' => 'login', + 'lgname' => $name, ] ); - $result = $ret[0]; + $this->assertSame( 'NeedToken', $ret[0]['login']['result'] ); - $this->assertNotInternalType( "bool", $result ); - $a = $result["login"]["result"]; - $this->assertEquals( "NeedToken", $a ); - - $token = $result["login"]["token"]; - - $ret = $this->doApiRequest( - [ - "action" => "login", - "lgtoken" => $token, - "lgname" => $userName, - "lgpassword" => "badnowayinhell", - ], - $ret[2] - ); + return $this->doApiRequest( [ + 'action' => 'login', + 'lgtoken' => $ret[0]['login']['token'], + 'lgname' => $name, + 'lgpassword' => $password, + ], $ret[2] ); + } - $result = $ret[0]; + public function testBadPass() { + $user = self::$users['sysop']; + $userName = $user->getUser()->getName(); + $user->getUser()->logout(); - $this->assertNotInternalType( "bool", $result ); - $a = $result["login"]["result"]; + $ret = $this->doUserLogin( $userName, 'bad' ); - $this->assertEquals( 'Failed', $a ); + $this->assertSame( 'Failed', $ret[0]['login']['result'] ); } - public function testApiLoginGoodPass() { - global $wgServer; - - if ( !isset( $wgServer ) ) { - $this->markTestIncomplete( 'This test needs $wgServer to be set in LocalSettings.php' ); - } - + public function testGoodPass() { $user = self::$users['sysop']; $userName = $user->getUser()->getName(); $password = $user->getPassword(); $user->getUser()->logout(); - $ret = $this->doApiRequest( [ - "action" => "login", - "lgname" => $userName, - "lgpassword" => $password, - ] - ); - - $result = $ret[0]; - $this->assertNotInternalType( "bool", $result ); - $this->assertNotInternalType( "null", $result["login"] ); - - $a = $result["login"]["result"]; - $this->assertEquals( "NeedToken", $a ); - $token = $result["login"]["token"]; - - $ret = $this->doApiRequest( - [ - "action" => "login", - "lgtoken" => $token, - "lgname" => $userName, - "lgpassword" => $password, - ], - $ret[2] - ); - - $result = $ret[0]; + $ret = $this->doUserLogin( $userName, $password ); - $this->assertNotInternalType( "bool", $result ); - $a = $result["login"]["result"]; - - $this->assertEquals( "Success", $a ); + $this->assertSame( 'Success', $ret[0]['login']['result'] ); } /** * @group Broken */ - public function testApiLoginGotCookie() { + public function testGotCookie() { $this->markTestIncomplete( "The server can't do external HTTP requests, " . "and the internal one won't give cookies" ); global $wgServer, $wgScriptPath; - if ( !isset( $wgServer ) ) { - $this->markTestIncomplete( 'This test needs $wgServer to be set in LocalSettings.php' ); - } $user = self::$users['sysop']; $userName = $user->getUser()->getName(); $password = $user->getPassword(); - $req = MWHttpRequest::factory( self::$apiUrl . "?action=login&format=xml", - [ "method" => "POST", - "postData" => [ - "lgname" => $userName, - "lgpassword" => $password - ] + $req = MWHttpRequest::factory( + self::$apiUrl . '?action=login&format=json', + [ + 'method' => 'POST', + 'postData' => [ + 'lgname' => $userName, + 'lgpassword' => $password, + ], ], __METHOD__ ); $req->execute(); - libxml_use_internal_errors( true ); - $sxe = simplexml_load_string( $req->getContent() ); - $this->assertNotInternalType( "bool", $sxe ); - $this->assertThat( $sxe, $this->isInstanceOf( SimpleXMLElement::class ) ); - $this->assertNotInternalType( "null", $sxe->login[0] ); + $content = json_decode( $req->getContent() ); - $a = $sxe->login[0]->attributes()->result[0]; - $this->assertEquals( ' result="NeedToken"', $a->asXML() ); - $token = (string)$sxe->login[0]->attributes()->token; + $this->assertSame( 'NeedToken', $content->login->result ); $req->setData( [ - "lgtoken" => $token, - "lgname" => $userName, - "lgpassword" => $password ] ); + 'lgtoken' => $content->login->token, + 'lgname' => $userName, + 'lgpassword' => $password, + ] ); $req->execute(); $cj = $req->getCookieJar(); $serverName = parse_url( $wgServer, PHP_URL_HOST ); $this->assertNotEquals( false, $serverName ); $serializedCookie = $cj->serializeToHttpRequest( $wgScriptPath, $serverName ); - $this->assertNotEquals( '', $serializedCookie ); $this->assertRegExp( - '/_session=[^;]*; .*UserID=[0-9]*; .*UserName=' . $user->userName . '; .*Token=/', + '/_session=[^;]*; .*UserID=[0-9]*; .*UserName=' . $userName . '; .*Token=/', $serializedCookie ); } - public function testRunLogin() { - $user = self::$users['sysop']; - $userName = $user->getUser()->getName(); - $password = $user->getPassword(); - - $data = $this->doApiRequest( [ - 'action' => 'login', - 'lgname' => $userName, - 'lgpassword' => $password ] ); - - $this->assertArrayHasKey( "login", $data[0] ); - $this->assertArrayHasKey( "result", $data[0]['login'] ); - $this->assertEquals( "NeedToken", $data[0]['login']['result'] ); - $token = $data[0]['login']['token']; - - $data = $this->doApiRequest( [ - 'action' => 'login', - "lgtoken" => $token, - "lgname" => $userName, - "lgpassword" => $password ], $data[2] ); - - $this->assertArrayHasKey( "login", $data[0] ); - $this->assertArrayHasKey( "result", $data[0]['login'] ); - $this->assertEquals( "Success", $data[0]['login']['result'] ); - } - public function testBotPassword() { - global $wgServer, $wgSessionProviders; - - if ( !isset( $wgServer ) ) { - $this->markTestIncomplete( 'This test needs $wgServer to be set in LocalSettings.php' ); - } + global $wgSessionProviders; $this->setMwGlobals( [ + // We can't use mergeMwGlobalArrayValue because it will overwrite the existing entry + // with index 0 'wgSessionProviders' => array_merge( $wgSessionProviders, [ [ - 'class' => MediaWiki\Session\BotPasswordSessionProvider::class, + 'class' => BotPasswordSessionProvider::class, 'args' => [ [ 'priority' => 40 ] ], - ] + ], ] ), 'wgEnableBotPasswords' => true, 'wgBotPasswordsDatabase' => false, @@ -216,22 +135,20 @@ class ApiLoginTest extends ApiTestCase { ] ); // Make sure our session provider is present - $manager = TestingAccessWrapper::newFromObject( MediaWiki\Session\SessionManager::singleton() ); - if ( !isset( $manager->sessionProviders[MediaWiki\Session\BotPasswordSessionProvider::class] ) ) { + $manager = TestingAccessWrapper::newFromObject( SessionManager::singleton() ); + if ( !isset( $manager->sessionProviders[BotPasswordSessionProvider::class] ) ) { $tmp = $manager->sessionProviders; $manager->sessionProviders = null; $manager->sessionProviders = $tmp + $manager->getProviders(); } $this->assertNotNull( - MediaWiki\Session\SessionManager::singleton()->getProvider( - MediaWiki\Session\BotPasswordSessionProvider::class - ), + SessionManager::singleton()->getProvider( BotPasswordSessionProvider::class ), 'sanity check' ); $user = self::$users['sysop']; $centralId = CentralIdLookup::factory()->centralIdFromLocalUser( $user->getUser() ); - $this->assertNotEquals( 0, $centralId, 'sanity check' ); + $this->assertNotSame( 0, $centralId, 'sanity check' ); $password = 'ngfhmjm64hv0854493hsj5nncjud2clk'; $passwordFactory = MediaWikiServices::getInstance()->getPasswordFactory(); @@ -254,32 +171,9 @@ class ApiLoginTest extends ApiTestCase { $lgName = $user->getUser()->getName() . BotPassword::getSeparator() . 'foo'; - $ret = $this->doApiRequest( [ - 'action' => 'login', - 'lgname' => $lgName, - 'lgpassword' => $password, - ] ); - - $result = $ret[0]; - $this->assertNotInternalType( 'bool', $result ); - $this->assertNotInternalType( 'null', $result['login'] ); + $ret = $this->doUserLogin( $lgName, $password ); - $a = $result['login']['result']; - $this->assertEquals( 'NeedToken', $a ); - $token = $result['login']['token']; - - $ret = $this->doApiRequest( [ - 'action' => 'login', - 'lgtoken' => $token, - 'lgname' => $lgName, - 'lgpassword' => $password, - ], $ret[2] ); - - $result = $ret[0]; - $this->assertNotInternalType( 'bool', $result ); - $a = $result['login']['result']; - - $this->assertEquals( 'Success', $a ); + $this->assertSame( 'Success', $ret[0]['login']['result'] ); } public function testLoginWithNoSameOriginSecurity() { @@ -289,13 +183,13 @@ class ApiLoginTest extends ApiTestCase { } ); - $result = $this->doApiRequest( [ + $ret = $this->doApiRequest( [ 'action' => 'login', ] )[0]['login']; $this->assertSame( [ 'result' => 'Aborted', 'reason' => 'Cannot log in when the same-origin policy is not applied.', - ], $result ); + ], $ret ); } } -- 2.20.1