Add trusted browser classes
- Added some tests
This commit is contained in:
parent
b633d75e6c
commit
72bb3bce34
7 changed files with 356 additions and 0 deletions
56
src/BaseEntity.php
Normal file
56
src/BaseEntity.php
Normal file
|
@ -0,0 +1,56 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* @copyright Copyright (C) 2020, Friendica
|
||||||
|
*
|
||||||
|
* @license GNU AGPL version 3 or any later version
|
||||||
|
*
|
||||||
|
* This program is free software: you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU Affero General Public License as
|
||||||
|
* published by the Free Software Foundation, either version 3 of the
|
||||||
|
* License, or (at your option) any later version.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU Affero General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU Affero General Public License
|
||||||
|
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
namespace Friendica;
|
||||||
|
|
||||||
|
use Friendica\Network\HTTPException;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The Entity classes directly inheriting from this abstract class are meant to represent a single business entity.
|
||||||
|
* Their properties may or may not correspond with the database fields of the table we use to represent it.
|
||||||
|
* Each model method must correspond to a business action being performed on this entity.
|
||||||
|
* Only these methods will be allowed to alter the model data.
|
||||||
|
*
|
||||||
|
* To persist such a model, the associated Repository must be instantiated and the "save" method must be called
|
||||||
|
* and passed the entity as a parameter.
|
||||||
|
*
|
||||||
|
* Ideally, the constructor should only be called in the associated Factory which will instantiate entities depending
|
||||||
|
* on the provided data.
|
||||||
|
*
|
||||||
|
* Since these objects aren't meant to be using any dependency, including logging, unit tests can and must be
|
||||||
|
* written for each and all of their methods
|
||||||
|
*/
|
||||||
|
abstract class BaseEntity extends BaseDataTransferObject
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* @param string $name
|
||||||
|
* @return mixed
|
||||||
|
* @throws HTTPException\InternalServerErrorException
|
||||||
|
*/
|
||||||
|
public function __get(string $name)
|
||||||
|
{
|
||||||
|
if (!property_exists($this, $name)) {
|
||||||
|
throw new HTTPException\InternalServerErrorException('Unknown property ' . $name . ' in Entity ' . static::class);
|
||||||
|
}
|
||||||
|
|
||||||
|
return $this->$name;
|
||||||
|
}
|
||||||
|
}
|
10
src/Security/TwoFactor/Collection/TrustedBrowsers.php
Normal file
10
src/Security/TwoFactor/Collection/TrustedBrowsers.php
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace Friendica\Security\TwoFactor\Collection;
|
||||||
|
|
||||||
|
use Friendica\BaseCollection;
|
||||||
|
|
||||||
|
class TrustedBrowsers extends BaseCollection
|
||||||
|
{
|
||||||
|
|
||||||
|
}
|
33
src/Security/TwoFactor/Factory/TrustedBrowser.php
Normal file
33
src/Security/TwoFactor/Factory/TrustedBrowser.php
Normal file
|
@ -0,0 +1,33 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace Friendica\Security\TwoFactor\Factory;
|
||||||
|
|
||||||
|
use Friendica\BaseFactory;
|
||||||
|
use Friendica\Util\DateTimeFormat;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
|
|
||||||
|
class TrustedBrowser extends BaseFactory
|
||||||
|
{
|
||||||
|
public function createForUserWithUserAgent($uid, $userAgent): \Friendica\Security\TwoFactor\Model\TrustedBrowser
|
||||||
|
{
|
||||||
|
$trustedHash = Strings::getRandomHex();
|
||||||
|
|
||||||
|
return new \Friendica\Security\TwoFactor\Model\TrustedBrowser(
|
||||||
|
$trustedHash,
|
||||||
|
$uid,
|
||||||
|
$userAgent,
|
||||||
|
DateTimeFormat::utcNow()
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function createFromTableRow(array $row): \Friendica\Security\TwoFactor\Model\TrustedBrowser
|
||||||
|
{
|
||||||
|
return new \Friendica\Security\TwoFactor\Model\TrustedBrowser(
|
||||||
|
$row['cookie_hash'],
|
||||||
|
$row['uid'],
|
||||||
|
$row['user_agent'],
|
||||||
|
$row['created'],
|
||||||
|
$row['last_used']
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
51
src/Security/TwoFactor/Model/TrustedBrowser.php
Normal file
51
src/Security/TwoFactor/Model/TrustedBrowser.php
Normal file
|
@ -0,0 +1,51 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace Friendica\Security\TwoFactor\Model;
|
||||||
|
|
||||||
|
use Friendica\BaseEntity;
|
||||||
|
use Friendica\Util\DateTimeFormat;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Class TrustedBrowser
|
||||||
|
*
|
||||||
|
*
|
||||||
|
* @property-read $cookie_hash
|
||||||
|
* @property-read $uid
|
||||||
|
* @property-read $user_agent
|
||||||
|
* @property-read $created
|
||||||
|
* @property-read $last_used
|
||||||
|
* @package Friendica\Model\TwoFactor
|
||||||
|
*/
|
||||||
|
class TrustedBrowser extends BaseEntity
|
||||||
|
{
|
||||||
|
protected $cookie_hash;
|
||||||
|
protected $uid;
|
||||||
|
protected $user_agent;
|
||||||
|
protected $created;
|
||||||
|
protected $last_used;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Please do not use this constructor directly, instead use one of the method of the TrustedBroser factory.
|
||||||
|
*
|
||||||
|
* @see \Friendica\Security\TwoFactor\Factory\TrustedBrowser
|
||||||
|
*
|
||||||
|
* @param string $cookie_hash
|
||||||
|
* @param int $uid
|
||||||
|
* @param string $user_agent
|
||||||
|
* @param string $created
|
||||||
|
* @param string|null $last_used
|
||||||
|
*/
|
||||||
|
public function __construct(string $cookie_hash, int $uid, string $user_agent, string $created, string $last_used = null)
|
||||||
|
{
|
||||||
|
$this->cookie_hash = $cookie_hash;
|
||||||
|
$this->uid = $uid;
|
||||||
|
$this->user_agent = $user_agent;
|
||||||
|
$this->created = $created;
|
||||||
|
$this->last_used = $last_used;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function recordUse()
|
||||||
|
{
|
||||||
|
$this->last_used = DateTimeFormat::utcNow();
|
||||||
|
}
|
||||||
|
}
|
98
src/Security/TwoFactor/Repository/TrustedBrowser.php
Normal file
98
src/Security/TwoFactor/Repository/TrustedBrowser.php
Normal file
|
@ -0,0 +1,98 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace Friendica\Security\TwoFactor\Repository;
|
||||||
|
|
||||||
|
use Friendica\Security\TwoFactor\Model;
|
||||||
|
use Friendica\Security\TwoFactor\Collection\TrustedBrowsers;
|
||||||
|
use Friendica\Database\Database;
|
||||||
|
use Friendica\Network\HTTPException\NotFoundException;
|
||||||
|
use Psr\Log\LoggerInterface;
|
||||||
|
|
||||||
|
class TrustedBrowser
|
||||||
|
{
|
||||||
|
/** @var Database */
|
||||||
|
protected $db;
|
||||||
|
|
||||||
|
/** @var LoggerInterface */
|
||||||
|
protected $logger;
|
||||||
|
|
||||||
|
/** @var \Friendica\Security\TwoFactor\Factory\TrustedBrowser */
|
||||||
|
protected $factory;
|
||||||
|
|
||||||
|
protected static $table_name = '2fa_trusted_browser';
|
||||||
|
|
||||||
|
public function __construct(Database $database, LoggerInterface $logger, \Friendica\Security\TwoFactor\Factory\TrustedBrowser $factory = null)
|
||||||
|
{
|
||||||
|
$this->db = $database;
|
||||||
|
$this->logger = $logger;
|
||||||
|
$this->factory = $factory ?? new \Friendica\Security\TwoFactor\Factory\TrustedBrowser($logger);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param string $cookie_hash
|
||||||
|
* @return Model\TrustedBrowser|null
|
||||||
|
* @throws \Exception
|
||||||
|
*/
|
||||||
|
public function selectOneByHash(string $cookie_hash): Model\TrustedBrowser
|
||||||
|
{
|
||||||
|
$fields = $this->db->selectFirst(self::$table_name, [], ['cookie_hash' => $cookie_hash]);
|
||||||
|
if (!$this->db->isResult($fields)) {
|
||||||
|
throw new NotFoundException('');
|
||||||
|
}
|
||||||
|
|
||||||
|
return $this->factory->createFromTableRow($fields);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function selectAllByUid(int $uid): TrustedBrowsers
|
||||||
|
{
|
||||||
|
$rows = $this->db->selectToArray(self::$table_name, [], ['uid' => $uid]);
|
||||||
|
|
||||||
|
$trustedBrowsers = [];
|
||||||
|
foreach ($rows as $fields) {
|
||||||
|
$trustedBrowsers[] = $this->factory->createFromTableRow($fields);
|
||||||
|
}
|
||||||
|
|
||||||
|
return new TrustedBrowsers($trustedBrowsers);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param Model\TrustedBrowser $trustedBrowser
|
||||||
|
* @return bool
|
||||||
|
* @throws \Exception
|
||||||
|
*/
|
||||||
|
public function save(Model\TrustedBrowser $trustedBrowser): bool
|
||||||
|
{
|
||||||
|
return $this->db->insert(self::$table_name, $trustedBrowser->toArray(), $this->db::INSERT_UPDATE);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param Model\TrustedBrowser $trustedBrowser
|
||||||
|
* @return bool
|
||||||
|
* @throws \Exception
|
||||||
|
*/
|
||||||
|
public function remove(Model\TrustedBrowser $trustedBrowser): bool
|
||||||
|
{
|
||||||
|
return $this->db->delete(self::$table_name, ['cookie_hash' => $trustedBrowser->cookie_hash]);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param int $local_user
|
||||||
|
* @param string $cookie_hash
|
||||||
|
* @return bool
|
||||||
|
* @throws \Exception
|
||||||
|
*/
|
||||||
|
public function removeForUser(int $local_user, string $cookie_hash): bool
|
||||||
|
{
|
||||||
|
return $this->db->delete(self::$table_name, ['cookie_hash' => $cookie_hash,'uid' => $local_user]);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param int $local_user
|
||||||
|
* @return bool
|
||||||
|
* @throws \Exception
|
||||||
|
*/
|
||||||
|
public function removeAllForUser(int $local_user): bool
|
||||||
|
{
|
||||||
|
return $this->db->delete(self::$table_name, ['uid' => $local_user]);
|
||||||
|
}
|
||||||
|
}
|
62
tests/src/Security/TwoFactor/Factory/TrustedBrowserTest.php
Normal file
62
tests/src/Security/TwoFactor/Factory/TrustedBrowserTest.php
Normal file
|
@ -0,0 +1,62 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace Friendica\Test\src\Security\TwoFactor\Factory;
|
||||||
|
|
||||||
|
use Friendica\Security\TwoFactor\Factory\TrustedBrowser;
|
||||||
|
use Friendica\Util\DateTimeFormat;
|
||||||
|
use Friendica\Util\Logger\VoidLogger;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
|
|
||||||
|
class TrustedBrowserTest extends \PHPUnit_Framework_TestCase
|
||||||
|
{
|
||||||
|
public function testCreateFromTableRowSuccess()
|
||||||
|
{
|
||||||
|
$factory = new TrustedBrowser(new VoidLogger());
|
||||||
|
|
||||||
|
$row = [
|
||||||
|
'cookie_hash' => Strings::getRandomHex(),
|
||||||
|
'uid' => 42,
|
||||||
|
'user_agent' => 'PHPUnit',
|
||||||
|
'created' => DateTimeFormat::utcNow(),
|
||||||
|
'last_used' => null,
|
||||||
|
];
|
||||||
|
|
||||||
|
$trustedBrowser = $factory->createFromTableRow($row);
|
||||||
|
|
||||||
|
$this->assertEquals($row, $trustedBrowser->toArray());
|
||||||
|
}
|
||||||
|
|
||||||
|
public function testCreateFromTableRowMissingData()
|
||||||
|
{
|
||||||
|
$this->expectException(\TypeError::class);
|
||||||
|
|
||||||
|
$factory = new TrustedBrowser(new VoidLogger());
|
||||||
|
|
||||||
|
$row = [
|
||||||
|
'cookie_hash' => null,
|
||||||
|
'uid' => null,
|
||||||
|
'user_agent' => null,
|
||||||
|
'created' => null,
|
||||||
|
'last_used' => null,
|
||||||
|
];
|
||||||
|
|
||||||
|
$trustedBrowser = $factory->createFromTableRow($row);
|
||||||
|
|
||||||
|
$this->assertEquals($row, $trustedBrowser->toArray());
|
||||||
|
}
|
||||||
|
|
||||||
|
public function testCreateForUserWithUserAgent()
|
||||||
|
{
|
||||||
|
$factory = new TrustedBrowser(new VoidLogger());
|
||||||
|
|
||||||
|
$uid = 42;
|
||||||
|
$userAgent = 'PHPUnit';
|
||||||
|
|
||||||
|
$trustedBrowser = $factory->createForUserWithUserAgent($uid, $userAgent);
|
||||||
|
|
||||||
|
$this->assertNotEmpty($trustedBrowser->cookie_hash);
|
||||||
|
$this->assertEquals($uid, $trustedBrowser->uid);
|
||||||
|
$this->assertEquals($userAgent, $trustedBrowser->user_agent);
|
||||||
|
$this->assertNotEmpty($trustedBrowser->created);
|
||||||
|
}
|
||||||
|
}
|
46
tests/src/Security/TwoFactor/Model/TrustedBrowserTest.php
Normal file
46
tests/src/Security/TwoFactor/Model/TrustedBrowserTest.php
Normal file
|
@ -0,0 +1,46 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace Friendica\Test\src\Security\TwoFactor\Model;
|
||||||
|
|
||||||
|
use Friendica\Security\TwoFactor\Model\TrustedBrowser;
|
||||||
|
use Friendica\Util\DateTimeFormat;
|
||||||
|
use Friendica\Util\Strings;
|
||||||
|
|
||||||
|
class TrustedBrowserTest extends \PHPUnit_Framework_TestCase
|
||||||
|
{
|
||||||
|
public function test__construct()
|
||||||
|
{
|
||||||
|
$hash = Strings::getRandomHex();
|
||||||
|
|
||||||
|
$trustedBrowser = new TrustedBrowser(
|
||||||
|
$hash,
|
||||||
|
42,
|
||||||
|
'PHPUnit',
|
||||||
|
DateTimeFormat::utcNow()
|
||||||
|
);
|
||||||
|
|
||||||
|
$this->assertEquals($hash, $trustedBrowser->cookie_hash);
|
||||||
|
$this->assertEquals(42, $trustedBrowser->uid);
|
||||||
|
$this->assertEquals('PHPUnit', $trustedBrowser->user_agent);
|
||||||
|
$this->assertNotEmpty($trustedBrowser->created);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function testRecordUse()
|
||||||
|
{
|
||||||
|
$hash = Strings::getRandomHex();
|
||||||
|
$past = DateTimeFormat::utc('now - 5 minutes');
|
||||||
|
|
||||||
|
$trustedBrowser = new TrustedBrowser(
|
||||||
|
$hash,
|
||||||
|
42,
|
||||||
|
'PHPUnit',
|
||||||
|
$past,
|
||||||
|
$past
|
||||||
|
);
|
||||||
|
|
||||||
|
$trustedBrowser->recordUse();
|
||||||
|
|
||||||
|
$this->assertEquals($past, $trustedBrowser->created);
|
||||||
|
$this->assertGreaterThan($past, $trustedBrowser->last_used);
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in a new issue