2016-08-17 07:44:18 +00:00
|
|
|
<?php
|
|
|
|
// This file is part of Moodle - http://moodle.org/
|
|
|
|
//
|
|
|
|
// Moodle is free software: you can redistribute it and/or modify
|
|
|
|
// it under the terms of the GNU General Public License as published by
|
|
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
|
|
// (at your option) any later version.
|
|
|
|
//
|
|
|
|
// Moodle is distributed in the hope that it will be useful,
|
|
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
// GNU General Public License for more details.
|
|
|
|
//
|
|
|
|
// You should have received a copy of the GNU General Public License
|
|
|
|
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
2024-06-25 10:00:04 +00:00
|
|
|
namespace auth_jwt;
|
2022-08-19 00:56:39 +00:00
|
|
|
|
|
|
|
use advanced_testcase;
|
|
|
|
use webservice_access_exception;
|
2024-06-25 10:00:04 +00:00
|
|
|
use auth_jwt_external;
|
2022-08-19 00:56:39 +00:00
|
|
|
use external_api;
|
|
|
|
use invalid_parameter_exception;
|
|
|
|
use required_capability_exception;
|
|
|
|
use context_system;
|
|
|
|
|
2016-08-17 07:44:18 +00:00
|
|
|
/**
|
|
|
|
* Tests for externallib.php.
|
|
|
|
*
|
2024-06-25 10:00:04 +00:00
|
|
|
* @covers \auth_jwt_external
|
2022-08-19 01:16:11 +00:00
|
|
|
*
|
2024-06-25 10:00:04 +00:00
|
|
|
* @package auth_jwt
|
|
|
|
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
|
2016-08-17 07:44:18 +00:00
|
|
|
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
|
|
|
*/
|
2022-08-19 00:56:39 +00:00
|
|
|
class externallib_test extends advanced_testcase {
|
2016-08-17 07:44:18 +00:00
|
|
|
/**
|
|
|
|
* User object.
|
|
|
|
*
|
|
|
|
* @var
|
|
|
|
*/
|
|
|
|
protected $user = array();
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Initial set up.
|
|
|
|
*/
|
2022-06-03 06:44:24 +00:00
|
|
|
public function setUp(): void {
|
2016-08-17 07:44:18 +00:00
|
|
|
global $CFG;
|
|
|
|
|
|
|
|
require_once($CFG->libdir . "/externallib.php");
|
2024-06-25 10:00:04 +00:00
|
|
|
require_once($CFG->dirroot . '/auth/jwt/externallib.php');
|
2016-08-17 07:44:18 +00:00
|
|
|
|
|
|
|
$this->resetAfterTest();
|
|
|
|
|
|
|
|
$user = array();
|
|
|
|
$user['username'] = 'username';
|
|
|
|
$user['email'] = 'exists@test.com';
|
|
|
|
$user['idnumber'] = 'idnumber';
|
|
|
|
$this->user = self::getDataGenerator()->create_user($user);
|
|
|
|
}
|
|
|
|
|
2016-08-18 11:47:56 +00:00
|
|
|
/**
|
|
|
|
* Test call with incorrect required parameter.
|
|
|
|
*/
|
|
|
|
public function test_throwing_plugin_disabled_exception() {
|
|
|
|
$this->setAdminUser();
|
|
|
|
|
|
|
|
$params = array(
|
|
|
|
'bla' => 'exists@test.com',
|
|
|
|
);
|
2022-08-19 00:08:02 +00:00
|
|
|
|
|
|
|
$this->expectException(webservice_access_exception::class);
|
2024-06-25 10:00:04 +00:00
|
|
|
$this->expectExceptionMessage('Access control exception (The jwt authentication plugin is disabled.)');
|
2022-08-19 00:08:02 +00:00
|
|
|
|
2016-08-18 11:47:56 +00:00
|
|
|
// Simulate the web service server.
|
2024-06-25 10:00:04 +00:00
|
|
|
$result = auth_jwt_external::request_login_url($params);
|
|
|
|
$result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result);
|
2016-08-18 11:47:56 +00:00
|
|
|
}
|
|
|
|
|
2016-08-17 07:44:18 +00:00
|
|
|
/**
|
|
|
|
* Test successful web service calls.
|
|
|
|
*/
|
|
|
|
public function test_successful_webservice_calls() {
|
|
|
|
global $DB, $CFG;
|
|
|
|
|
2024-06-25 10:00:04 +00:00
|
|
|
$CFG->auth = "jwt";
|
2016-08-18 08:10:38 +00:00
|
|
|
$this->setAdminUser();
|
|
|
|
|
2016-08-17 07:44:18 +00:00
|
|
|
// Email.
|
|
|
|
$params = array(
|
|
|
|
'email' => 'exists@test.com',
|
|
|
|
);
|
|
|
|
|
|
|
|
// Simulate the web service server.
|
2024-06-25 10:00:04 +00:00
|
|
|
$result = auth_jwt_external::request_login_url($params);
|
|
|
|
$result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result);
|
2016-08-17 07:44:18 +00:00
|
|
|
|
|
|
|
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
2024-06-25 10:00:04 +00:00
|
|
|
$expectedurl = $CFG->wwwroot . '/auth/jwt/login.php?key=' . $actualkey->value;
|
2016-08-17 07:44:18 +00:00
|
|
|
|
|
|
|
$this->assertTrue(is_array($result));
|
|
|
|
$this->assertTrue(key_exists('loginurl', $result));
|
|
|
|
$this->assertEquals($expectedurl, $result['loginurl']);
|
|
|
|
|
|
|
|
// Username.
|
2024-06-25 10:00:04 +00:00
|
|
|
set_config('mappingfield', 'username', 'auth_jwt');
|
2016-08-17 07:44:18 +00:00
|
|
|
$params = array(
|
|
|
|
'username' => 'username',
|
|
|
|
);
|
|
|
|
|
|
|
|
// Simulate the web service server.
|
2024-06-25 10:00:04 +00:00
|
|
|
$result = auth_jwt_external::request_login_url($params);
|
|
|
|
$result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result);
|
2016-08-17 07:44:18 +00:00
|
|
|
|
|
|
|
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
2024-06-25 10:00:04 +00:00
|
|
|
$expectedurl = $CFG->wwwroot . '/auth/jwt/login.php?key=' . $actualkey->value;
|
2016-08-17 07:44:18 +00:00
|
|
|
|
|
|
|
$this->assertTrue(is_array($result));
|
|
|
|
$this->assertTrue(key_exists('loginurl', $result));
|
|
|
|
$this->assertEquals($expectedurl, $result['loginurl']);
|
|
|
|
|
|
|
|
// Idnumber.
|
2024-06-25 10:00:04 +00:00
|
|
|
set_config('mappingfield', 'idnumber', 'auth_jwt');
|
2016-08-17 07:44:18 +00:00
|
|
|
$params = array(
|
|
|
|
'idnumber' => 'idnumber',
|
|
|
|
);
|
|
|
|
|
|
|
|
// Simulate the web service server.
|
2024-06-25 10:00:04 +00:00
|
|
|
$result = auth_jwt_external::request_login_url($params);
|
|
|
|
$result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result);
|
2016-08-17 07:44:18 +00:00
|
|
|
|
|
|
|
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
2024-06-25 10:00:04 +00:00
|
|
|
$expectedurl = $CFG->wwwroot . '/auth/jwt/login.php?key=' . $actualkey->value;
|
2016-08-17 07:44:18 +00:00
|
|
|
|
|
|
|
$this->assertTrue(is_array($result));
|
|
|
|
$this->assertTrue(key_exists('loginurl', $result));
|
|
|
|
$this->assertEquals($expectedurl, $result['loginurl']);
|
2016-08-19 06:01:08 +00:00
|
|
|
|
|
|
|
// IP restriction.
|
2024-06-25 10:00:04 +00:00
|
|
|
set_config('iprestriction', true, 'auth_jwt');
|
|
|
|
set_config('mappingfield', 'idnumber', 'auth_jwt');
|
2016-08-19 06:01:08 +00:00
|
|
|
$params = array(
|
|
|
|
'idnumber' => 'idnumber',
|
|
|
|
'ip' => '192.168.1.1',
|
|
|
|
);
|
|
|
|
|
|
|
|
// Simulate the web service server.
|
2024-06-25 10:00:04 +00:00
|
|
|
$result = auth_jwt_external::request_login_url($params);
|
|
|
|
$result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result);
|
2016-08-19 06:01:08 +00:00
|
|
|
|
|
|
|
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
2024-06-25 10:00:04 +00:00
|
|
|
$expectedurl = $CFG->wwwroot . '/auth/jwt/login.php?key=' . $actualkey->value;
|
2016-08-19 06:01:08 +00:00
|
|
|
|
|
|
|
$this->assertTrue(is_array($result));
|
|
|
|
$this->assertTrue(key_exists('loginurl', $result));
|
|
|
|
$this->assertEquals($expectedurl, $result['loginurl']);
|
2016-08-17 07:44:18 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2016-08-19 06:01:08 +00:00
|
|
|
* Test call with missing email required parameter.
|
2016-08-17 07:44:18 +00:00
|
|
|
*/
|
2020-05-08 09:39:22 +00:00
|
|
|
public function test_exception_thrown_if_required_parameter_email_is_not_set() {
|
2016-08-18 11:47:56 +00:00
|
|
|
global $CFG;
|
|
|
|
|
2016-08-18 08:10:38 +00:00
|
|
|
$this->setAdminUser();
|
2024-06-25 10:00:04 +00:00
|
|
|
$CFG->auth = "jwt";
|
2016-08-18 08:10:38 +00:00
|
|
|
|
2016-08-17 07:44:18 +00:00
|
|
|
$params = array(
|
|
|
|
'bla' => 'exists@test.com',
|
|
|
|
);
|
2016-08-19 06:01:08 +00:00
|
|
|
|
2022-08-19 00:08:02 +00:00
|
|
|
$this->expectException(invalid_parameter_exception::class);
|
|
|
|
$this->expectExceptionMessage('Invalid parameter value detected (Required field "email" is not set or empty.)');
|
|
|
|
|
2024-06-25 10:00:04 +00:00
|
|
|
auth_jwt_external::request_login_url($params);
|
2016-08-19 06:01:08 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Test call with missing ip required parameter.
|
|
|
|
*/
|
2020-05-08 09:39:22 +00:00
|
|
|
public function test_exception_thrown_if_required_parameter_op_is_not_set() {
|
2016-08-19 06:01:08 +00:00
|
|
|
global $CFG;
|
|
|
|
|
|
|
|
$this->setAdminUser();
|
2024-06-25 10:00:04 +00:00
|
|
|
$CFG->auth = "jwt";
|
2016-08-19 06:01:08 +00:00
|
|
|
|
2024-06-25 10:00:04 +00:00
|
|
|
set_config('iprestriction', true, 'auth_jwt');
|
2016-08-19 06:01:08 +00:00
|
|
|
|
|
|
|
$params = array(
|
|
|
|
'email' => 'exists@test.com',
|
|
|
|
);
|
|
|
|
|
2022-08-19 00:08:02 +00:00
|
|
|
$this->expectException(invalid_parameter_exception::class);
|
|
|
|
$this->expectExceptionMessage('Invalid parameter value detected (Required parameter "ip" is not set.)');
|
|
|
|
|
2024-06-25 10:00:04 +00:00
|
|
|
auth_jwt_external::request_login_url($params);
|
2016-08-17 07:44:18 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Test request for a user who is not exist.
|
|
|
|
*/
|
|
|
|
public function test_request_not_existing_user() {
|
2016-08-18 11:47:56 +00:00
|
|
|
global $CFG;
|
|
|
|
|
2016-08-18 08:10:38 +00:00
|
|
|
$this->setAdminUser();
|
2024-06-25 10:00:04 +00:00
|
|
|
$CFG->auth = "jwt";
|
2016-08-18 11:47:56 +00:00
|
|
|
|
|
|
|
$params = array(
|
|
|
|
'email' => 'notexists@test.com',
|
|
|
|
);
|
|
|
|
|
2022-08-19 00:08:02 +00:00
|
|
|
$this->expectException(invalid_parameter_exception::class);
|
|
|
|
$this->expectExceptionMessage('Invalid parameter value detected (User is not exist)');
|
|
|
|
|
2016-08-18 11:47:56 +00:00
|
|
|
// Simulate the web service server.
|
2024-06-25 10:00:04 +00:00
|
|
|
$result = auth_jwt_external::request_login_url($params);
|
|
|
|
$result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result);
|
2016-08-18 11:47:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Test that permission exception gets thrown if user doesn't have required permissions.
|
|
|
|
*/
|
|
|
|
public function test_throwing_of_permission_exception() {
|
|
|
|
global $CFG;
|
|
|
|
|
|
|
|
$this->setUser($this->user);
|
2024-06-25 10:00:04 +00:00
|
|
|
$CFG->auth = "jwt";
|
2016-08-18 08:10:38 +00:00
|
|
|
|
2016-08-17 07:44:18 +00:00
|
|
|
$params = array(
|
|
|
|
'email' => 'notexists@test.com',
|
|
|
|
);
|
|
|
|
|
2022-08-19 00:08:02 +00:00
|
|
|
$this->expectException(required_capability_exception::class);
|
|
|
|
$this->expectExceptionMessage('Sorry, but you do not currently have permissions to do that (Generate login user key)');
|
|
|
|
|
2016-08-17 07:44:18 +00:00
|
|
|
// Simulate the web service server.
|
2024-06-25 10:00:04 +00:00
|
|
|
$result = auth_jwt_external::request_login_url($params);
|
|
|
|
$result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result);
|
2016-08-17 07:44:18 +00:00
|
|
|
}
|
2016-08-18 11:47:56 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Test request gets executed correctly if use has required permissions.
|
|
|
|
*/
|
|
|
|
public function test_request_gets_executed_if_user_has_permission() {
|
|
|
|
global $CFG, $DB;
|
|
|
|
|
|
|
|
$this->setUser($this->user);
|
2024-06-25 10:00:04 +00:00
|
|
|
$CFG->auth = "jwt";
|
2016-08-18 11:47:56 +00:00
|
|
|
|
|
|
|
$context = context_system::instance();
|
2016-08-18 13:30:58 +00:00
|
|
|
$studentrole = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST);
|
2024-06-25 10:00:04 +00:00
|
|
|
assign_capability('auth/jwt:generatekey', CAP_ALLOW, $studentrole->id, $context->id);
|
2016-08-18 11:47:56 +00:00
|
|
|
role_assign($studentrole->id, $this->user->id, $context->id);
|
|
|
|
|
|
|
|
$params = array(
|
|
|
|
'email' => 'exists@test.com',
|
|
|
|
);
|
|
|
|
|
|
|
|
// Simulate the web service server.
|
2024-06-25 10:00:04 +00:00
|
|
|
$result = auth_jwt_external::request_login_url($params);
|
|
|
|
$result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result);
|
2016-08-18 11:47:56 +00:00
|
|
|
|
|
|
|
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
2024-06-25 10:00:04 +00:00
|
|
|
$expectedurl = $CFG->wwwroot . '/auth/jwt/login.php?key=' . $actualkey->value;
|
2016-08-18 11:47:56 +00:00
|
|
|
|
|
|
|
$this->assertTrue(is_array($result));
|
|
|
|
$this->assertTrue(key_exists('loginurl', $result));
|
|
|
|
$this->assertEquals($expectedurl, $result['loginurl']);
|
|
|
|
}
|
2016-08-17 07:44:18 +00:00
|
|
|
}
|