BookStack Code Mirror - bookstack/blob - tests/Auth/SocialAuthTest.php

1 <?php

2

3 namespace Tests\Auth;

4

5 use BookStack\Access\SocialAccount;

6 use BookStack\Activity\ActivityType;

7 use BookStack\Users\Models\User;

8 use Illuminate\Support\Facades\DB;

9 use Laravel\Socialite\Contracts\Factory;

10 use Laravel\Socialite\Contracts\Provider;

11 use Mockery;

12 use Tests\TestCase;

13

14 class SocialAuthTest extends TestCase

15 {

16 public function test_social_registration()

17 {

18 $user = User::factory()->make();

19

20 $this->setSettings(['registration-enabled' => 'true']);

21 config(['GOOGLE_APP_ID' => 'abc123', 'GOOGLE_APP_SECRET' => '123abc']);

22

23 $mockSocialite = $this->mock(Factory::class);

24 $mockSocialDriver = Mockery::mock(Provider::class);

25 $mockSocialUser = Mockery::mock(\Laravel\Socialite\Contracts\User::class);

26

27 $mockSocialite->shouldReceive('driver')->twice()->with('google')->andReturn($mockSocialDriver);

28 $mockSocialDriver->shouldReceive('redirect')->once()->andReturn(redirect('/'));

29 $mockSocialDriver->shouldReceive('user')->once()->andReturn($mockSocialUser);

30

31 $mockSocialUser->shouldReceive('getId')->twice()->andReturn(1);

32 $mockSocialUser->shouldReceive('getEmail')->twice()->andReturn($user->email);

33 $mockSocialUser->shouldReceive('getName')->once()->andReturn($user->name);

34 $mockSocialUser->shouldReceive('getAvatar')->once()->andReturn('avatar_placeholder');

35

36 $this->get('/register/service/google');

37 $this->get('/login/service/google/callback');

38 $this->assertDatabaseHas('users', ['name' => $user->name, 'email' => $user->email]);

39 $user = $user->whereEmail($user->email)->first();

40 $this->assertDatabaseHas('social_accounts', ['user_id' => $user->id]);

41 }

42

43 public function test_social_login()

44 {

45 config([

46 'GOOGLE_APP_ID' => 'abc123', 'GOOGLE_APP_SECRET' => '123abc',

47 'GITHUB_APP_ID' => 'abc123', 'GITHUB_APP_SECRET' => '123abc',

48 ]);

49

50 $mockSocialite = $this->mock(Factory::class);

51 $mockSocialDriver = Mockery::mock(Provider::class);

52 $mockSocialUser = Mockery::mock(\Laravel\Socialite\Contracts\User::class);

53

54 $mockSocialUser->shouldReceive('getId')->twice()->andReturn('logintest123');

55

56 $mockSocialDriver->shouldReceive('user')->twice()->andReturn($mockSocialUser);

57 $mockSocialite->shouldReceive('driver')->twice()->with('google')->andReturn($mockSocialDriver);

58 $mockSocialite->shouldReceive('driver')->twice()->with('github')->andReturn($mockSocialDriver);

59 $mockSocialDriver->shouldReceive('redirect')->twice()->andReturn(redirect('/'));

60

61 // Test login routes

62 $resp = $this->get('/login');

63 $this->withHtml($resp)->assertElementExists('a#social-login-google[href$="/login/service/google"]');

64 $resp = $this->followingRedirects()->get('/login/service/google');

65 $resp->assertSee('login-form');

66

67 // Test social callback

68 $resp = $this->followingRedirects()->get('/login/service/google/callback');

69 $resp->assertSee('login-form');

70 $resp->assertSee(trans('errors.social_account_not_used', ['socialAccount' => 'Google']));

71

72 $resp = $this->get('/login');

73 $this->withHtml($resp)->assertElementExists('a#social-login-github[href$="/login/service/github"]');

74 $resp = $this->followingRedirects()->get('/login/service/github');

75 $resp->assertSee('login-form');

76

77 // Test social callback with matching social account

78 DB::table('social_accounts')->insert([

79 'user_id' => $this->users->admin()->id,

80 'driver' => 'github',

81 'driver_id' => 'logintest123',

82 ]);

83 $resp = $this->followingRedirects()->get('/login/service/github/callback');

84 $resp->assertDontSee('login-form');

85 $this->assertActivityExists(ActivityType::AUTH_LOGIN, null, 'github; (' . $this->users->admin()->id . ') ' . $this->users->admin()->name);

86 }

87

88 public function test_social_account_attach()

89 {

90 config([

91 'GOOGLE_APP_ID' => 'abc123', 'GOOGLE_APP_SECRET' => '123abc',

92 ]);

93 $editor = $this->users->editor();

94

95 $mockSocialite = $this->mock(Factory::class);

96 $mockSocialDriver = Mockery::mock(Provider::class);

97 $mockSocialUser = Mockery::mock(\Laravel\Socialite\Contracts\User::class);

98

99 $mockSocialUser->shouldReceive('getId')->twice()->andReturn('logintest123');

100 $mockSocialUser->shouldReceive('getAvatar')->andReturn(null);

101

102 $mockSocialite->shouldReceive('driver')->twice()->with('google')->andReturn($mockSocialDriver);

103 $mockSocialDriver->shouldReceive('redirect')->once()->andReturn(redirect('/login/service/google/callback'));

104 $mockSocialDriver->shouldReceive('user')->once()->andReturn($mockSocialUser);

105

106 // Test login routes

107 $resp = $this->actingAs($editor)->followingRedirects()->get('/login/service/google');

108 $resp->assertSee('Access & Security');

109

110 // Test social callback with matching social account

111 $this->assertDatabaseHas('social_accounts', [

112 'user_id' => $editor->id,

113 'driver' => 'google',

114 'driver_id' => 'logintest123',

115 ]);

116 }

117

118 public function test_social_account_detach()

119 {

120 $editor = $this->users->editor();

121 config([

122 'GITHUB_APP_ID' => 'abc123', 'GITHUB_APP_SECRET' => '123abc',

123 ]);

124

125 $socialAccount = SocialAccount::query()->forceCreate([

126 'user_id' => $editor->id,

127 'driver' => 'github',

128 'driver_id' => 'logintest123',

129 ]);

130

131 $resp = $this->actingAs($editor)->get('/my-account/auth');

132 $this->withHtml($resp)->assertElementContains('form[action$="/login/service/github/detach"]', 'Disconnect Account');

133

134 $resp = $this->post('/login/service/github/detach');

135 $resp->assertRedirect('/my-account/auth#social-accounts');

136 $resp = $this->followRedirects($resp);

137 $resp->assertSee('Github account was successfully disconnected from your profile.');

138

139 $this->assertDatabaseMissing('social_accounts', ['id' => $socialAccount->id]);

140 }

141

142 public function test_social_autoregister()

143 {

144 config([

145 'services.google.client_id' => 'abc123', 'services.google.client_secret' => '123abc',

146 ]);

147

148 $user = User::factory()->make();

149 $mockSocialite = $this->mock(Factory::class);

150 $mockSocialDriver = Mockery::mock(Provider::class);

151 $mockSocialUser = Mockery::mock(\Laravel\Socialite\Contracts\User::class);

152

153 $mockSocialUser->shouldReceive('getId')->times(4)->andReturn(1);

154 $mockSocialUser->shouldReceive('getEmail')->times(2)->andReturn($user->email);

155 $mockSocialUser->shouldReceive('getName')->once()->andReturn($user->name);

156 $mockSocialUser->shouldReceive('getAvatar')->once()->andReturn('avatar_placeholder');

157

158 $mockSocialDriver->shouldReceive('user')->times(2)->andReturn($mockSocialUser);

159 $mockSocialite->shouldReceive('driver')->times(4)->with('google')->andReturn($mockSocialDriver);

160 $mockSocialDriver->shouldReceive('redirect')->twice()->andReturn(redirect('/'));

161

162 $googleAccountNotUsedMessage = trans('errors.social_account_not_used', ['socialAccount' => 'Google']);

163

164 $this->get('/login/service/google');

165 $resp = $this->followingRedirects()->get('/login/service/google/callback');

166 $resp->assertSee($googleAccountNotUsedMessage);

167

168 config(['services.google.auto_register' => true]);

169

170 $this->get('/login/service/google');

171 $resp = $this->followingRedirects()->get('/login/service/google/callback');

172 $resp->assertDontSee($googleAccountNotUsedMessage);

173

174 $this->assertDatabaseHas('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => false]);

175 $user = $user->whereEmail($user->email)->first();

176 $this->assertDatabaseHas('social_accounts', ['user_id' => $user->id]);

177 }

178

179 public function test_social_auto_email_confirm()

180 {

181 config([

182 'services.google.client_id' => 'abc123', 'services.google.client_secret' => '123abc',

183 'services.google.auto_register' => true, 'services.google.auto_confirm' => true,

184 ]);

185

186 $user = User::factory()->make();

187 $mockSocialite = $this->mock(Factory::class);

188 $mockSocialDriver = Mockery::mock(Provider::class);

189 $mockSocialUser = Mockery::mock(\Laravel\Socialite\Contracts\User::class);

190

191 $mockSocialUser->shouldReceive('getId')->times(3)->andReturn(1);

192 $mockSocialUser->shouldReceive('getEmail')->times(2)->andReturn($user->email);

193 $mockSocialUser->shouldReceive('getName')->once()->andReturn($user->name);

194 $mockSocialUser->shouldReceive('getAvatar')->once()->andReturn('avatar_placeholder');

195

196 $mockSocialDriver->shouldReceive('user')->times(1)->andReturn($mockSocialUser);

197 $mockSocialite->shouldReceive('driver')->times(2)->with('google')->andReturn($mockSocialDriver);

198 $mockSocialDriver->shouldReceive('redirect')->once()->andReturn(redirect('/'));

199

200 $this->get('/login/service/google');

201 $this->get('/login/service/google/callback');

202

203 $this->assertDatabaseHas('users', ['name' => $user->name, 'email' => $user->email, 'email_confirmed' => true]);

204 $user = $user->whereEmail($user->email)->first();

205 $this->assertDatabaseHas('social_accounts', ['user_id' => $user->id]);

206 }

207

208 public function test_google_select_account_option_changes_redirect_url()

209 {

210 config()->set('services.google.select_account', 'true');

211

212 $resp = $this->get('/login/service/google');

213 $this->assertStringContainsString('prompt=select_account', $resp->headers->get('Location'));

214 }

215

216 public function test_social_registration_with_no_name_uses_email_as_name()

217 {

218 $user = User::factory()->make(['email' => 'nonameuser@example.com']);

219

220 $this->setSettings(['registration-enabled' => 'true']);

221 config(['GITHUB_APP_ID' => 'abc123', 'GITHUB_APP_SECRET' => '123abc']);

222

223 $mockSocialite = $this->mock(Factory::class);

224 $mockSocialDriver = Mockery::mock(Provider::class);

225 $mockSocialUser = Mockery::mock(\Laravel\Socialite\Contracts\User::class);

226

227 $mockSocialite->shouldReceive('driver')->twice()->with('github')->andReturn($mockSocialDriver);

228 $mockSocialDriver->shouldReceive('redirect')->once()->andReturn(redirect('/'));

229 $mockSocialDriver->shouldReceive('user')->once()->andReturn($mockSocialUser);

230

231 $mockSocialUser->shouldReceive('getId')->twice()->andReturn(1);

232 $mockSocialUser->shouldReceive('getEmail')->twice()->andReturn($user->email);

233 $mockSocialUser->shouldReceive('getName')->once()->andReturn('');

234 $mockSocialUser->shouldReceive('getAvatar')->once()->andReturn('avatar_placeholder');

235

236 $this->get('/register/service/github');

237 $this->get('/login/service/github/callback');

238 $this->assertDatabaseHas('users', ['name' => 'nonameuser', 'email' => $user->email]);

239 $user = $user->whereEmail($user->email)->first();

240 $this->assertDatabaseHas('social_accounts', ['user_id' => $user->id]);

241 }

242 }