mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-03-20 23:51:28 +01:00
Code Issues Releases Wiki Activity

Merge pull request #5725 from marc1706/ticket/12574

Browse Source 
[ticket/12574] Remove passwords manager dependency from auth providers
This commit is contained in:
Marc Alexander 2019-11-17 14:55:25 +01:00
commit f2e6bda0d1
No known key found for this signature in database
GPG Key ID: 50E0D2423696F995
16 changed files with 448 additions and 326 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.travis.yml
View File

@ -37,6 +37,7 @@ install:
before_script:
- travis/setup-database.sh $DB $TRAVIS_PHP_VERSION $NOTESTS
- travis/setup-ldap.sh $SLOWTESTS
- phantomjs --webdriver=8910 > /dev/null &
script:

15
phpBB/config/default/container/services_auth.yml
View File

@ -15,12 +15,12 @@ services:
auth.provider.db:
class: phpbb\auth\provider\db
arguments:
- '@dbal.conn'
- '@captcha.factory'
- '@config'
- '@dbal.conn'
- '@passwords.manager'
- '@request'
- '@user'
- '@service_container'
- '%core.root_path%'
- '%core.php_ext%'
tags:
@ -29,9 +29,9 @@ services:
auth.provider.apache:
class: phpbb\auth\provider\apache
arguments:
- '@dbal.conn'
- '@config'
- '@passwords.manager'
- '@dbal.conn'
- '@language'
- '@request'
- '@user'
- '%core.root_path%'
@ -42,9 +42,9 @@ services:
auth.provider.ldap:
class: phpbb\auth\provider\ldap
arguments:
- '@dbal.conn'
- '@config'
- '@passwords.manager'
- '@dbal.conn'
- '@language'
- '@user'
tags:
- { name: auth.provider }
@ -53,11 +53,10 @@ services:
class: phpbb\auth\provider\oauth\oauth
arguments:
- '@config'
- '@service_container'
- '@dbal.conn'
- '@auth.provider.db'
- '@dispatcher'
- '@language'
- '@passwords.manager'
- '@request'
- '@auth.provider.oauth.service_collection'
- '@user'

75
phpBB/phpbb/auth/provider/apache.php
View File

@ -13,34 +13,55 @@
namespace phpbb\auth\provider;
use phpbb\config\config;
use phpbb\db\driver\driver_interface;
use phpbb\language\language;
use phpbb\request\request_interface;
use phpbb\request\type_cast_helper;
use phpbb\user;
/**
* Apache authentication provider for phpBB3
*/
class apache extends \phpbb\auth\provider\base
class apache extends base
{
/**
* phpBB passwords manager
*
* @var \phpbb\passwords\manager
*/
protected $passwords_manager;
/** @var config phpBB config */
protected $config;
/** @var driver_interface Database object */
protected $db;
/** @var language Language object */
protected $language;
/** @var request_interface Request object */
protected $request;
/** @var user User object */
protected $user;
/** @var string Relative path to phpBB root */
protected $phpbb_root_path;
/** @var string PHP file extension */
protected $php_ext;
/**
* Apache Authentication Constructor
*
* @param \phpbb\db\driver\driver_interface $db Database object
* @param \phpbb\config\config $config Config object
* @param \phpbb\passwords\manager $passwords_manager Passwords Manager object
* @param \phpbb\request\request $request Request object
* @param \phpbb\user $user User object
* @param config $config Config object
* @param driver_interface $db Database object
* @param language $language Language object
* @param request_interface $request Request object
* @param user $user User object
* @param string $phpbb_root_path Relative path to phpBB root
* @param string $php_ext PHP file extension
*/
public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\request\request $request, \phpbb\user $user, $phpbb_root_path, $php_ext)
public function __construct(config $config, driver_interface $db, language $language, request_interface $request, user $user, $phpbb_root_path, $php_ext)
{
$this->db = $db;
$this->config = $config;
$this->passwords_manager = $passwords_manager;
$this->db = $db;
$this->language = $language;
$this->request = $request;
$this->user = $user;
$this->phpbb_root_path = $phpbb_root_path;
@ -52,9 +73,9 @@ class apache extends \phpbb\auth\provider\base
*/
public function init()
{
if (!$this->request->is_set('PHP_AUTH_USER', \phpbb\request\request_interface::SERVER) || $this->user->data['username'] !== htmlspecialchars_decode($this->request->server('PHP_AUTH_USER')))
if (!$this->request->is_set('PHP_AUTH_USER', request_interface::SERVER) || $this->user->data['username'] !== htmlspecialchars_decode($this->request->server('PHP_AUTH_USER')))
{
return $this->user->lang['APACHE_SETUP_BEFORE_USE'];
return $this->language->lang('APACHE_SETUP_BEFORE_USE');
}
return false;
}
@ -83,7 +104,7 @@ class apache extends \phpbb\auth\provider\base
);
}
if (!$this->request->is_set('PHP_AUTH_USER', \phpbb\request\request_interface::SERVER))
if (!$this->request->is_set('PHP_AUTH_USER', request_interface::SERVER))
{
return array(
'status' => LOGIN_ERROR_EXTERNAL_AUTH,
@ -137,7 +158,7 @@ class apache extends \phpbb\auth\provider\base
return array(
'status' => LOGIN_SUCCESS_CREATE_PROFILE,
'error_msg' => false,
'user_row' => $this->user_row($php_auth_user, $php_auth_pw),
'user_row' => $this->user_row($php_auth_user),
);
}
@ -154,7 +175,7 @@ class apache extends \phpbb\auth\provider\base
*/
public function autologin()
{
if (!$this->request->is_set('PHP_AUTH_USER', \phpbb\request\request_interface::SERVER))
if (!$this->request->is_set('PHP_AUTH_USER', request_interface::SERVER))
{
return array();
}
@ -164,8 +185,8 @@ class apache extends \phpbb\auth\provider\base
if (!empty($php_auth_user) && !empty($php_auth_pw))
{
set_var($php_auth_user, $php_auth_user, 'string', true);
set_var($php_auth_pw, $php_auth_pw, 'string', true);
$type_cast_helper = new type_cast_helper();
$type_cast_helper->set_var($php_auth_user, $php_auth_user, 'string', true);
$sql = 'SELECT *
FROM ' . USERS_TABLE . "
@ -185,7 +206,7 @@ class apache extends \phpbb\auth\provider\base
}
// create the user if he does not exist yet
user_add($this->user_row($php_auth_user, $php_auth_pw));
user_add($this->user_row($php_auth_user));
$sql = 'SELECT *
FROM ' . USERS_TABLE . "
@ -208,11 +229,11 @@ class apache extends \phpbb\auth\provider\base
* function in order to create a user
*
* @param string $username The username of the new user.
* @param string $password The password of the new user.
*
* @return array Contains data that can be passed directly to
* the user_add function.
*/
private function user_row($username, $password)
private function user_row($username)
{
// first retrieve default group id
$sql = 'SELECT group_id
@ -231,7 +252,7 @@ class apache extends \phpbb\auth\provider\base
// generate user account data
return array(
'username' => $username,
'user_password' => $this->passwords_manager->hash($password),
'user_password' => '',
'user_email' => '',
'group_id' => (int) $row['group_id'],
'user_type' => USER_NORMAL,
@ -246,7 +267,7 @@ class apache extends \phpbb\auth\provider\base
public function validate_session($user)
{
// Check if PHP_AUTH_USER is set and handle this case
if ($this->request->is_set('PHP_AUTH_USER', \phpbb\request\request_interface::SERVER))
if ($this->request->is_set('PHP_AUTH_USER', request_interface::SERVER))
{
$php_auth_user = $this->request->server('PHP_AUTH_USER');

61
phpBB/phpbb/auth/provider/db.php
View File

@ -13,48 +13,69 @@
namespace phpbb\auth\provider;
use phpbb\captcha\factory;
use phpbb\config\config;
use phpbb\db\driver\driver_interface;
use phpbb\passwords\manager;
use phpbb\request\request_interface;
use phpbb\user;
/**
* Database authentication provider for phpBB3
* This is for authentication via the integrated user table
*/
class db extends \phpbb\auth\provider\base
class db extends base
{
/** @var factory CAPTCHA factory */
protected $captcha_factory;
/** @var config phpBB config */
protected $config;
/** @var driver_interface DBAL driver instance */
protected $db;
/** @var request_interface Request object */
protected $request;
/** @var user User object */
protected $user;
/** @var string phpBB root path */
protected $phpbb_root_path;
/** @var string PHP file extension */
protected $php_ext;
/**
* phpBB passwords manager
*
* @var \phpbb\passwords\manager
* @var manager
*/
protected $passwords_manager;
/**
* DI container
*
* @var \Symfony\Component\DependencyInjection\ContainerInterface
*/
protected $phpbb_container;
/**
* Database Authentication Constructor
*
* @param \phpbb\db\driver\driver_interface $db
* @param \phpbb\config\config $config
* @param \phpbb\passwords\manager $passwords_manager
* @param \phpbb\request\request $request
* @param \phpbb\user $user
* @param \Symfony\Component\DependencyInjection\ContainerInterface $phpbb_container DI container
* @param factory $captcha_factory
* @param config $config
* @param driver_interface $db
* @param manager $passwords_manager
* @param request_interface $request
* @param user $user
* @param string $phpbb_root_path
* @param string $php_ext
*/
public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\request\request $request, \phpbb\user $user, \Symfony\Component\DependencyInjection\ContainerInterface $phpbb_container, $phpbb_root_path, $php_ext)
public function __construct(factory $captcha_factory, config $config, driver_interface $db, manager $passwords_manager, request_interface $request, user $user, $phpbb_root_path, $php_ext)
{
$this->db = $db;
$this->captcha_factory = $captcha_factory;
$this->config = $config;
$this->db = $db;
$this->passwords_manager = $passwords_manager;
$this->request = $request;
$this->user = $user;
$this->phpbb_root_path = $phpbb_root_path;
$this->php_ext = $php_ext;
$this->phpbb_container = $phpbb_container;
}
/**
@ -155,9 +176,7 @@ class db extends \phpbb\auth\provider\base
// Every auth module is able to define what to do by itself...
if ($show_captcha)
{
/* @var $captcha_factory \phpbb\captcha\factory */
$captcha_factory = $this->phpbb_container->get('captcha.factory');
$captcha = $captcha_factory->get_instance($this->config['captcha_plugin']);
$captcha = $this->captcha_factory->get_instance($this->config['captcha_plugin']);
$captcha->init(CONFIRM_LOGIN);
$vc_response = $captcha->validate($row);
if ($vc_response)

53
phpBB/phpbb/auth/provider/ldap.php
View File

@ -1,4 +1,5 @@
<?php
/**
*
* This file is part of the phpBB Forum Software package.
@ -13,32 +14,42 @@
namespace phpbb\auth\provider;
use phpbb\config\config;
use phpbb\db\driver\driver_interface;
use phpbb\language\language;
use phpbb\user;
/**
* Database authentication provider for phpBB3
* This is for authentication via the integrated user table
*/
class ldap extends \phpbb\auth\provider\base
class ldap extends base
{
/**
* phpBB passwords manager
*
* @var \phpbb\passwords\manager
*/
protected $passwords_manager;
/** @var config phpBB config */
protected $config;
/** @var driver_interface DBAL driver interface */
protected $db;
/** @var language phpBB language class */
protected $language;
/** @var user phpBB user */
protected $user;
/**
* LDAP Authentication Constructor
*
* @param \phpbb\db\driver\driver_interface $db Database object
* @param \phpbb\config\config $config Config object
* @param \phpbb\passwords\manager $passwords_manager Passwords manager object
* @param \phpbb\user $user User object
* @param driver_interface $db DBAL driver interface
* @param config $config Config object
* @param language $language Language object
* @param user $user User object
*/
public function __construct(\phpbb\db\driver\driver_interface $db, \phpbb\config\config $config, \phpbb\passwords\manager $passwords_manager, \phpbb\user $user)
public function __construct(config $config, driver_interface $db, language $language, user $user)
{
$this->db = $db;
$this->config = $config;
$this->passwords_manager = $passwords_manager;
$this->db = $db;
$this->language = $language;
$this->user = $user;
}
@ -49,7 +60,7 @@ class ldap extends \phpbb\auth\provider\base
{
if (!@extension_loaded('ldap'))
{
return $this->user->lang['LDAP_NO_LDAP_EXTENSION'];
return $this->language->lang('LDAP_NO_LDAP_EXTENSION');
}
$this->config['ldap_port'] = (int) $this->config['ldap_port'];
@ -64,7 +75,7 @@ class ldap extends \phpbb\auth\provider\base
if (!$ldap)
{
return $this->user->lang['LDAP_NO_SERVER_CONNECTION'];
return $this->language->lang('LDAP_NO_SERVER_CONNECTION');
}
@ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
@ -74,7 +85,7 @@ class ldap extends \phpbb\auth\provider\base
{
if (!@ldap_bind($ldap, htmlspecialchars_decode($this->config['ldap_user']), htmlspecialchars_decode($this->config['ldap_password'])))
{
return $this->user->lang['LDAP_INCORRECT_USER_PASSWORD'];
return $this->language->lang('LDAP_INCORRECT_USER_PASSWORD');
}
}
@ -92,7 +103,7 @@ class ldap extends \phpbb\auth\provider\base
if ($search === false)
{
return $this->user->lang['LDAP_SEARCH_FAILED'];
return $this->language->lang('LDAP_SEARCH_FAILED');
}
$result = @ldap_get_entries($ldap, $search);
@ -101,12 +112,12 @@ class ldap extends \phpbb\auth\provider\base
if (!is_array($result) || count($result) < 2)
{
return sprintf($this->user->lang['LDAP_NO_IDENTITY'], $this->user->data['username']);
return $this->language->lang('LDAP_NO_IDENTITY', $this->user->data['username']);
}
if (!empty($this->config['ldap_email']) && !isset($result[0][htmlspecialchars_decode($this->config['ldap_email'])]))
{
return $this->user->lang['LDAP_NO_EMAIL'];
return $this->language->lang('LDAP_NO_EMAIL');
}
return false;
@ -245,7 +256,7 @@ class ldap extends \phpbb\auth\provider\base
// generate user account data
$ldap_user_row = array(
'username' => $username,
'user_password' => $this->passwords_manager->hash($password),
'user_password' => '',
'user_email' => (!empty($this->config['ldap_email'])) ? utf8_htmlspecialchars($ldap_result[0][htmlspecialchars_decode($this->config['ldap_email'])][0]) : '',
'group_id' => (int) $row['group_id'],
'user_type' => USER_NORMAL,

92
phpBB/phpbb/auth/provider/oauth/oauth.php
View File

@ -13,44 +13,50 @@
namespace phpbb\auth\provider\oauth;
use OAuth\Common\Http\Exception\TokenResponseException;
use OAuth\ServiceFactory;
use OAuth\Common\Consumer\Credentials;
use OAuth\Common\Service\ServiceInterface;
use OAuth\OAuth1\Service\AbstractService as OAuth1Service;
use OAuth\OAuth2\Service\AbstractService as OAuth2Service;
use Symfony\Component\DependencyInjection\ContainerInterface;
use phpbb\auth\provider\base;
use phpbb\auth\provider\db;
use phpbb\auth\provider\oauth\service\exception;
use phpbb\config\config;
use phpbb\db\driver\driver_interface;
use phpbb\di\service_collection;
use phpbb\event\dispatcher;
use phpbb\language\language;
use phpbb\request\request_interface;
use phpbb\user;
/**
* OAuth authentication provider for phpBB3
*/
class oauth extends \phpbb\auth\provider\base
class oauth extends base
{
/** @var \phpbb\config\config */
/** @var config */
protected $config;
/** @var ContainerInterface */
protected $container;
/** @var \phpbb\db\driver\driver_interface */
/** @var driver_interface */
protected $db;
/** @var \phpbb\event\dispatcher */
/** @var db */
protected $db_auth;
/** @var dispatcher */
protected $dispatcher;
/** @var \phpbb\language\language */
/** @var language */
protected $language;
/** @var \phpbb\passwords\manager */
protected $passwords_manager;
/** @var \phpbb\request\request_interface */
/** @var request_interface */
protected $request;
/** @var \phpbb\di\service_collection */
/** @var service_collection */
protected $service_providers;
/** @var \phpbb\user */
/** @var user */
protected $user;
/** @var string OAuth table: token storage */
@ -74,15 +80,14 @@ class oauth extends \phpbb\auth\provider\base
/**
* Constructor.
*
* @param \phpbb\config\config $config Config object
* @param ContainerInterface $container Service container object
* @param \phpbb\db\driver\driver_interface $db Database object
* @param \phpbb\event\dispatcher $dispatcher Event dispatcher object
* @param \phpbb\language\language $language Language object
* @param \phpbb\passwords\manager $passwords_manager Password manager object
* @param \phpbb\request\request_interface $request Request object
* @param \phpbb\di\service_collection $service_providers OAuth providers service collection
* @param \phpbb\user $user User object
* @param config $config Config object
* @param driver_interface $db Database object
* @param db $db_auth DB auth provider
* @param dispatcher $dispatcher Event dispatcher object
* @param language $language Language object
* @param request_interface $request Request object
* @param service_collection $service_providers OAuth providers service collection
* @param user $user User object
* @param string $oauth_token_table OAuth table: token storage
* @param string $oauth_state_table OAuth table: state
* @param string $oauth_account_table OAuth table: account association
@ -91,15 +96,14 @@ class oauth extends \phpbb\auth\provider\base
* @param string $php_ext php File extension
*/
public function __construct(
\phpbb\config\config $config,
ContainerInterface $container,
\phpbb\db\driver\driver_interface $db,
\phpbb\event\dispatcher $dispatcher,
\phpbb\language\language $language,
\phpbb\passwords\manager $passwords_manager,
\phpbb\request\request_interface $request,
\phpbb\di\service_collection $service_providers,
\phpbb\user $user,
config $config,
driver_interface $db,
db $db_auth,
dispatcher $dispatcher,
language $language,
request_interface $request,
service_collection $service_providers,
user $user,
$oauth_token_table,
$oauth_state_table,
$oauth_account_table,
@ -109,10 +113,9 @@ class oauth extends \phpbb\auth\provider\base
)
{
$this->config = $config;
$this->container = $container;
$this->db = $db;
$this->db_auth = $db_auth;
$this->dispatcher = $dispatcher;
$this->passwords_manager = $passwords_manager;
$this->language = $language;
$this->service_providers = $service_providers;
$this->request = $request;
@ -153,18 +156,7 @@ class oauth extends \phpbb\auth\provider\base
// Temporary workaround for only having one authentication provider available
if (!$this->request->is_set('oauth_service'))
{
$provider = new \phpbb\auth\provider\db(
$this->db,
$this->config,
$this->passwords_manager,
$this->request,
$this->user,
$this->container,
$this->root_path,
$this->php_ext
);
return $provider->login($username, $password);
return $this->db_auth->login($username, $password);
}
// Request the name of the OAuth service
@ -822,10 +814,10 @@ class oauth extends \phpbb\auth\provider\base
switch ($service::OAUTH_VERSION)
{
case 1:
return $this->request->is_set('oauth_token', \phpbb\request\request_interface::GET);
return $this->request->is_set('oauth_token', request_interface::GET);
case 2:
return $this->request->is_set('code', \phpbb\request\request_interface::GET);
return $this->request->is_set('code', request_interface::GET);
default:
return false;
@ -850,7 +842,7 @@ class oauth extends \phpbb\auth\provider\base
$token = $service->requestRequestToken();
$parameters = ['oauth_token' => $token->getRequestToken()];
}
catch (\OAuth\Common\Http\Exception\TokenResponseException $e)
catch (TokenResponseException $e)
{
return [
'status' => LOGIN_ERROR_EXTERNAL_AUTH,

12
tests/auth/fixtures/user.xml
View File

@ -1,5 +1,17 @@
<?xml version="1.0" encoding="UTF-8" ?>
<dataset>
<table name="phpbb_groups">
<column>group_id</column>
<column>group_name</column>
<column>group_type</column>
<column>group_desc</column>
<row>
<value>1</value>
<value>REGISTERED</value>
<value>3</value>
<value>foobar</value>
</row>
</table>
<table name="phpbb_users">
<column>user_id</column>
<column>username</column>

39
tests/auth/fixtures/user_533.xml
View File

@ -1,39 +0,0 @@
<?xml version="1.0" encoding="UTF-8" ?>
<dataset>
<table name="phpbb_users">
<column>user_id</column>
<column>username</column>
<column>username_clean</column>
<column>user_password</column>
<column>user_passchg</column>
<column>user_email</column>
<column>user_type</column>
<column>user_login_attempts</column>
<column>user_permissions</column>
<column>user_sig</column>
<row>
<value>1</value>
<value>foobar</value>
<value>foobar</value>
<value>$2a$10$e01Syh9PbJjUkio66eFuUu4FhCE2nRgG7QPc1JACalsPXcIuG2bbi</value>
<value>0</value>
<value>example@example.com</value>
<value>0</value>
<value>0</value>
<value></value>
<value></value>
</row>
<row>
<value>2</value>
<value>foobar2</value>
<value>foobar2</value>
<value>$H$9E45lK6J8nLTSm9oJE5aNCSTFK9wqa/</value>
<value>0</value>
<value>example@example.com</value>
<value>0</value>
<value>0</value>
<value></value>
<value></value>
</row>
</table>
</dataset>

37
tests/auth/provider_apache_test.php
View File

@ -28,41 +28,14 @@ class phpbb_auth_provider_apache_test extends phpbb_database_test_case
$lang_loader = new \phpbb\language\language_file_loader($phpbb_root_path, $phpEx);
$lang = new \phpbb\language\language($lang_loader);
$this->request = $this->createMock('\phpbb\request\request');
$this->user = new \phpbb\user($lang, '\phpbb\datetime');
$driver_helper = new \phpbb\passwords\driver\helper($config);
$passwords_drivers = array(
'passwords.driver.bcrypt_2y' => new \phpbb\passwords\driver\bcrypt_2y($config, $driver_helper),
'passwords.driver.bcrypt' => new \phpbb\passwords\driver\bcrypt($config, $driver_helper),
'passwords.driver.salted_md5' => new \phpbb\passwords\driver\salted_md5($config, $driver_helper),
'passwords.driver.phpass' => new \phpbb\passwords\driver\phpass($config, $driver_helper),
);
$this->user = new \phpbb\user($lang, '\phpbb\datetime');;
$passwords_helper = new \phpbb\passwords\helper;
// Set up passwords manager
$passwords_manager = new \phpbb\passwords\manager($config, $passwords_drivers, $passwords_helper, array_keys($passwords_drivers));
if (version_compare(PHP_VERSION, '5.3.7', '<'))
{
$this->password_hash = '$2a$10$e01Syh9PbJjUkio66eFuUu4FhCE2nRgG7QPc1JACalsPXcIuG2bbi';
}
else
{
$this->password_hash = '$2y$10$4RmpyVu2y8Yf/lP3.yQBquKvE54TCUuEDEBJYY6FDDFN3LcbCGz9i';
}
$this->provider = new \phpbb\auth\provider\apache($db, $config, $passwords_manager, $this->request, $this->user, $phpbb_root_path, $phpEx);
$this->provider = new \phpbb\auth\provider\apache($config, $db, $lang, $this->request, $this->user, $phpbb_root_path, $phpEx);
}
public function getDataSet()
{
if ((version_compare(PHP_VERSION, '5.3.7', '<')))
{
return $this->createXMLDataSet(dirname(__FILE__).'/fixtures/user_533.xml');
}
else
{
return $this->createXMLDataSet(dirname(__FILE__).'/fixtures/user.xml');
}
return $this->createXMLDataSet(dirname(__FILE__).'/fixtures/user.xml');
}
/**
@ -109,7 +82,7 @@ class phpbb_auth_provider_apache_test extends phpbb_database_test_case
'user_row' => array(
'user_id' => '1',
'username' => 'foobar',
'user_password' => $this->password_hash,
'user_password' => '$2y$10$4RmpyVu2y8Yf/lP3.yQBquKvE54TCUuEDEBJYY6FDDFN3LcbCGz9i',
'user_passchg' => '0',
'user_email' => 'example@example.com',
'user_type' => '0',
@ -145,7 +118,7 @@ class phpbb_auth_provider_apache_test extends phpbb_database_test_case
'user_regdate' => '0',
'username' => 'foobar',
'username_clean' => 'foobar',
'user_password' => $this->password_hash,
'user_password' => '$2y$10$4RmpyVu2y8Yf/lP3.yQBquKvE54TCUuEDEBJYY6FDDFN3LcbCGz9i',
'user_passchg' => '0',
'user_email' => 'example@example.com',
'user_email_hash' => '0',

35
tests/auth/provider_db_test.php
View File

@ -15,14 +15,7 @@ class phpbb_auth_provider_db_test extends phpbb_database_test_case
{
public function getDataSet()
{
if ((version_compare(PHP_VERSION, '5.3.7', '<')))
{
return $this->createXMLDataSet(dirname(__FILE__).'/fixtures/user_533.xml');
}
else
{
return $this->createXMLDataSet(dirname(__FILE__).'/fixtures/user.xml');
}
return $this->createXMLDataSet(dirname(__FILE__).'/fixtures/user.xml');
}
public function test_login()
@ -52,16 +45,21 @@ class phpbb_auth_provider_db_test extends phpbb_database_test_case
$passwords_manager = new \phpbb\passwords\manager($config, $passwords_drivers, $passwords_helper, array_keys($passwords_drivers));
$phpbb_container = new phpbb_mock_container_builder();
$plugins = new \phpbb\di\service_collection($phpbb_container);
$plugins->add('core.captcha.plugins.nogd');
$phpbb_container->set(
'captcha.factory',
new \phpbb\captcha\factory($phpbb_container, $plugins)
);
$phpbb_container->set(
'core.captcha.plugins.nogd',
new \phpbb\captcha\plugins\nogd()
);
/** @var \phpbb\captcha\factory $captcha_factory */
$captcha_factory = $phpbb_container->get('captcha.factory');
$provider = new \phpbb\auth\provider\db($db, $config, $passwords_manager, $request, $user, $phpbb_container, $phpbb_root_path, $phpEx);
if (version_compare(PHP_VERSION, '5.3.7', '<'))
{
$password_hash = '$2a$10$e01Syh9PbJjUkio66eFuUu4FhCE2nRgG7QPc1JACalsPXcIuG2bbi';
}
else
{
$password_hash = '$2y$10$4RmpyVu2y8Yf/lP3.yQBquKvE54TCUuEDEBJYY6FDDFN3LcbCGz9i';
}
$provider = new \phpbb\auth\provider\db($captcha_factory, $config, $db, $passwords_manager, $request, $user, $phpbb_root_path, $phpEx);
$password_hash = '$2y$10$4RmpyVu2y8Yf/lP3.yQBquKvE54TCUuEDEBJYY6FDDFN3LcbCGz9i';
$expected = array(
'status' => LOGIN_SUCCESS,
@ -88,7 +86,6 @@ class phpbb_auth_provider_db_test extends phpbb_database_test_case
// Check if convert works
$login_return = $provider->login('foobar2', 'example');
$password_start = (version_compare(PHP_VERSION, '5.3.7', '<')) ? '$2a$10$' : '$2y$10$';
$this->assertStringStartsWith($password_start, $login_return['user_row']['user_password']);
$this->assertStringStartsWith('$2y$10$', $login_return['user_row']['user_password']);
}
}

94
tests/auth/provider_ldap_test.php Normal file
View File

@ -0,0 +1,94 @@
<?php
/**
*
* This file is part of the phpBB Forum Software package.
*
* @copyright (c) phpBB Limited <https://www.phpbb.com>
* @license GNU General Public License, version 2 (GPL-2.0)
*
* For full copyright and license information, please see
* the docs/CREDITS.txt file.
*
*/
/**
* @group slow
*/
class phpbb_auth_provider_ldap_test extends phpbb_database_test_case
{
/** @var \phpbb\auth\provider\ldap */
protected $provider;
protected $user;
protected function setup() : void
{
parent::setUp();
global $phpbb_root_path, $phpEx;
$db = $this->new_dbal();
$config = new \phpbb\config\config([
'ldap_server' => 'localhost',
'ldap_port' => 3389,
'ldap_base_dn' => 'dc=example,dc=com',
'ldap_uid' => 'uid',
'ldap_email' => 'mail',
]);
$lang_loader = new \phpbb\language\language_file_loader($phpbb_root_path, $phpEx);
$lang = new \phpbb\language\language($lang_loader);
$this->user = new \phpbb\user($lang, '\phpbb\datetime');
$this->user->data['username'] = 'admin';
$this->provider = new \phpbb\auth\provider\ldap($config, $db, $lang, $this->user);
}
public function getDataSet()
{
return $this->createXMLDataSet(dirname(__FILE__).'/fixtures/user.xml');
}
/**
* Test to see if a user is identified to Apache. Expects false if they are.
*/
public function test_init()
{
$this->assertFalse($this->provider->init());
}
public function test_login()
{
$username = 'admin';
$password = 'adminadmin';
$expected = array(
'status' => LOGIN_SUCCESS_CREATE_PROFILE, // successful login and user created
'error_msg' => false,
'user_row' => array(
'username' => 'admin',
'user_password' => '',
'user_email' => 'admin@example.com',
'user_type' => 0,
'group_id' => 1,
'user_new' => 0,
'user_ip' => '',
),
);
$this->assertEquals($expected, $this->provider->login($username, $password));
}
public function test_autologin()
{
$this->assertNull($this->provider->autologin());
}
public function test_validate_session()
{
$user = array(
'username' => 'admin',
);
$this->assertNull($this->provider->validate_session($user));
}
}

25
tests/functions/user_delete_test.php
View File

@ -60,13 +60,34 @@ class phpbb_functions_user_delete_test extends phpbb_database_test_case
// Set up passwords manager
$passwords_manager = new \phpbb\passwords\manager($config, $passwords_drivers, $passwords_helper, array_keys($passwords_drivers));
$plugins = new \phpbb\di\service_collection($phpbb_container);
$plugins->add('core.captcha.plugins.nogd');
$phpbb_container->set(
'captcha.factory',
new \phpbb\captcha\factory($phpbb_container, $plugins)
);
$phpbb_container->set(
'core.captcha.plugins.nogd',
new \phpbb\captcha\plugins\nogd()
);
// Set up passwords manager
$db_auth_provider = new \phpbb\auth\provider\db(
new \phpbb\captcha\factory($phpbb_container, $plugins),
$config,
$db,
$passwords_manager,
$request,
$user,
$phpbb_root_path,
$phpEx
);
$oauth_provider = new \phpbb\auth\provider\oauth\oauth(
$config,
$phpbb_container,
$db,
$db_auth_provider,
$phpbb_dispatcher,
$lang,
$passwords_manager,
$request,
$oauth_provider_collection,
$user,

154
tests/passwords/manager_test.php
View File

@ -51,26 +51,13 @@ class phpbb_passwords_manager_test extends \phpbb_test_case
public function hash_password_data()
{
if (version_compare(PHP_VERSION, '5.3.7', '<'))
{
return array(
array('', '2a', 60),
array('passwords.driver.bcrypt_2y', '2a', 60),
array('passwords.driver.bcrypt', '2a', 60),
array('passwords.driver.salted_md5', 'H', 34),
array('passwords.driver.foobar', '', false),
);
}
else
{
return array(
array('', '2y', 60),
array('passwords.driver.bcrypt_2y', '2y', 60),
array('passwords.driver.bcrypt', '2a', 60),
array('passwords.driver.salted_md5', 'H', 34),
array('passwords.driver.foobar', '', false),
);
}
return array(
array('', '2y', 60),
array('passwords.driver.bcrypt_2y', '2y', 60),
array('passwords.driver.bcrypt', '2a', 60),
array('passwords.driver.salted_md5', 'H', 34),
array('passwords.driver.foobar', '', false),
);
}
/**
@ -100,23 +87,12 @@ class phpbb_passwords_manager_test extends \phpbb_test_case
public function check_password_data()
{
if (version_compare(PHP_VERSION, '5.3.7', '<'))
{
return array(
array('passwords.driver.bcrypt'),
array('passwords.driver.salted_md5'),
array('passwords.driver.phpass'),
);
}
else
{
return array(
array('passwords.driver.bcrypt_2y'),
array('passwords.driver.bcrypt'),
array('passwords.driver.salted_md5'),
array('passwords.driver.phpass'),
);
}
return array(
array('passwords.driver.bcrypt_2y'),
array('passwords.driver.bcrypt'),
array('passwords.driver.salted_md5'),
array('passwords.driver.phpass'),
);
}
/**
@ -136,7 +112,7 @@ class phpbb_passwords_manager_test extends \phpbb_test_case
}
// Check if convert_flag is correctly set
$default_type = (version_compare(PHP_VERSION, '5.3.7', '<')) ? 'passwords.driver.bcrypt' : 'passwords.driver.bcrypt_2y';
$default_type = 'passwords.driver.bcrypt_2y';
$this->assertEquals(($hash_type !== $default_type), $this->manager->convert_flag);
}
@ -200,79 +176,43 @@ class phpbb_passwords_manager_test extends \phpbb_test_case
public function test_hash_password_8bit_bcrypt()
{
$this->assertEquals(false, $this->manager->hash('foobar𝄞', 'passwords.driver.bcrypt'));
if (version_compare(PHP_VERSION, '5.3.7', '<'))
{
$this->assertEquals(false, $this->manager->hash('foobar𝄞', 'passwords.driver.bcrypt_2y'));
}
else
{
$this->assertNotEquals(false, $this->manager->hash('foobar𝄞', 'passwords.driver.bcrypt_2y'));
}
$this->assertNotEquals(false, $this->manager->hash('foobar𝄞', 'passwords.driver.bcrypt_2y'));
}
public function combined_hash_data()
{
if (version_compare(PHP_VERSION, '5.3.7', '<'))
{
return array(
array(
'passwords.driver.salted_md5',
array('passwords.driver.bcrypt'),
),
array(
'passwords.driver.phpass',
array('passwords.driver.salted_md5'),
),
array(
'passwords.driver.salted_md5',
array('passwords.driver.phpass', 'passwords.driver.bcrypt'),
),
array(
'passwords.driver.salted_md5',
array('passwords.driver.salted_md5'),
false,
),
array(
'$H$',
array('$2a$'),
),
);
}
else
{
return array(
array(
'passwords.driver.salted_md5',
array('passwords.driver.bcrypt_2y'),
),
array(
'passwords.driver.salted_md5',
array('passwords.driver.bcrypt'),
),
array(
'passwords.driver.phpass',
array('passwords.driver.salted_md5'),
),
array(
'passwords.driver.salted_md5',
array('passwords.driver.bcrypt_2y', 'passwords.driver.bcrypt'),
),
array(
'passwords.driver.salted_md5',
array('passwords.driver.salted_md5'),
false,
),
array(
'passwords.driver.bcrypt_2y',
array('passwords.driver.salted_md4'),
false,
),
array(
'$H$',
array('$2y$'),
),
);
}
return array(
array(
'passwords.driver.salted_md5',
array('passwords.driver.bcrypt_2y'),
),
array(
'passwords.driver.salted_md5',
array('passwords.driver.bcrypt'),
),
array(
'passwords.driver.phpass',
array('passwords.driver.salted_md5'),
),
array(
'passwords.driver.salted_md5',
array('passwords.driver.bcrypt_2y', 'passwords.driver.bcrypt'),
),
array(
'passwords.driver.salted_md5',
array('passwords.driver.salted_md5'),
false,
),
array(
'passwords.driver.bcrypt_2y',
array('passwords.driver.salted_md4'),
false,
),
array(
'$H$',
array('$2y$'),
),
);
}
/**

41
travis/ldap/base.ldif Normal file
View File

@ -0,0 +1,41 @@
dn: dc=example,dc=com
objectClass: top
objectClass: dcObject
objectClass: organization
o: example
dc: example
dn: ou=foo,dc=example,dc=com
objectClass: organizationalUnit
ou: foo
dn: cn=admin,dc=example,dc=com
objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
description: LDAP administrator
userPassword:: e1NTSEF9NytMR2gveUxTMzdsc3RRd1V1dENZSVA0TWdYdm9SdDY=
dn: ou=group,dc=example,dc=com
objectClass: organizationalUnit
ou: group
dn: cn=admin,ou=foo,dc=example,dc=com
objectClass: posixAccount
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
loginShell: /bin/bash
homeDirectory: /home/admin
uid: admin
cn: admin
uidNumber: 10000
gidNumber: 10000
sn: admin
mail: admin@example.com
userPassword:: e1NTSEF9WHpueGZURHZZc21JSkl6czdMVXBjdCtWYTA1dlMzVlQ=
dn: cn=admin,ou=group,dc=example,dc=com
objectClass: posixGroup
gidNumber: 10000
cn: admin

17
travis/ldap/slapd.conf Normal file
View File

@ -0,0 +1,17 @@
# See slapd.conf(5) for details on configuration options.
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/nis.schema
pidfile /tmp/slapd/slapd.pid
argsfile /tmp/slapd/slapd.args
modulepath /usr/lib/openldap
database ldif
directory /tmp/slapd
suffix "dc=example,dc=com"
rootdn "cn=admin,dc=example,dc=com"
rootpw adminadmin

23
travis/setup-ldap.sh Executable file
View File

@ -0,0 +1,23 @@
#!/bin/bash
#
# This file is part of the phpBB Forum Software package.
#
# @copyright (c) phpBB Limited <https://www.phpbb.com>
# @license GNU General Public License, version 2 (GPL-2.0)
#
# For full copyright and license information, please see
# the docs/CREDITS.txt file.
#
set -e
set -x
SLOWTESTS=$1
if [ "$SLOWTESTS" == '1' ]
then
sudo apt-get -y install ldap-utils slapd php-ldap
mkdir /tmp/slapd
slapd -f travis/ldap/slapd.conf -h ldap://localhost:3389 &
sleep 3
ldapadd -h localhost:3389 -D "cn=admin,dc=example,dc=com" -w adminadmin -f travis/ldap/base.ldif
fi