3 namespace MediaWiki\Auth
;
8 * @covers MediaWiki\Auth\ThrottlePreAuthenticationProvider
10 class ThrottlePreAuthenticationProviderTest
extends \MediaWikiTestCase
{
11 public function testConstructor() {
12 $provider = new ThrottlePreAuthenticationProvider();
13 $providerPriv = \TestingAccessWrapper
::newFromObject( $provider );
14 $config = new \
HashConfig( [
15 'AccountCreationThrottle' => [ [
19 'PasswordAttemptThrottle' => [ [
24 $provider->setConfig( $config );
26 'accountCreationThrottle' => [ [ 'count' => 123, 'seconds' => 86400 ] ],
27 'passwordAttemptThrottle' => [ [ 'count' => 5, 'seconds' => 300 ] ]
28 ], $providerPriv->throttleSettings
);
29 $accountCreationThrottle = \TestingAccessWrapper
::newFromObject(
30 $providerPriv->accountCreationThrottle
);
31 $this->assertSame( [ [ 'count' => 123, 'seconds' => 86400 ] ],
32 $accountCreationThrottle->conditions
);
33 $passwordAttemptThrottle = \TestingAccessWrapper
::newFromObject(
34 $providerPriv->passwordAttemptThrottle
);
35 $this->assertSame( [ [ 'count' => 5, 'seconds' => 300 ] ],
36 $passwordAttemptThrottle->conditions
);
38 $provider = new ThrottlePreAuthenticationProvider( [
39 'accountCreationThrottle' => [ [ 'count' => 43, 'seconds' => 10000 ] ],
40 'passwordAttemptThrottle' => [ [ 'count' => 11, 'seconds' => 100 ] ],
42 $providerPriv = \TestingAccessWrapper
::newFromObject( $provider );
43 $config = new \
HashConfig( [
44 'AccountCreationThrottle' => [ [
48 'PasswordAttemptThrottle' => [ [
53 $provider->setConfig( $config );
55 'accountCreationThrottle' => [ [ 'count' => 43, 'seconds' => 10000 ] ],
56 'passwordAttemptThrottle' => [ [ 'count' => 11, 'seconds' => 100 ] ],
57 ], $providerPriv->throttleSettings
);
59 $cache = new \
HashBagOStuff();
60 $provider = new ThrottlePreAuthenticationProvider( [ 'cache' => $cache ] );
61 $providerPriv = \TestingAccessWrapper
::newFromObject( $provider );
62 $provider->setConfig( new \
HashConfig( [
63 'AccountCreationThrottle' => [ [ 'count' => 1, 'seconds' => 1 ] ],
64 'PasswordAttemptThrottle' => [ [ 'count' => 1, 'seconds' => 1 ] ],
66 $accountCreationThrottle = \TestingAccessWrapper
::newFromObject(
67 $providerPriv->accountCreationThrottle
);
68 $this->assertSame( $cache, $accountCreationThrottle->cache
);
69 $passwordAttemptThrottle = \TestingAccessWrapper
::newFromObject(
70 $providerPriv->passwordAttemptThrottle
);
71 $this->assertSame( $cache, $passwordAttemptThrottle->cache
);
74 public function testDisabled() {
75 $provider = new ThrottlePreAuthenticationProvider( [
76 'accountCreationThrottle' => [],
77 'passwordAttemptThrottle' => [],
78 'cache' => new \
HashBagOStuff(),
80 $provider->setLogger( new \Psr\Log\
NullLogger() );
81 $provider->setConfig( new \
HashConfig( [
82 'AccountCreationThrottle' => null,
83 'PasswordAttemptThrottle' => null,
85 $provider->setManager( AuthManager
::singleton() );
88 \StatusValue
::newGood(),
89 $provider->testForAccountCreation(
90 \User
::newFromName( 'Created' ),
91 \User
::newFromName( 'Creator' ),
96 \StatusValue
::newGood(),
97 $provider->testForAuthentication( [] )
102 * @dataProvider provideTestForAccountCreation
103 * @param string $creatorname
104 * @param bool $succeed
107 public function testTestForAccountCreation( $creatorname, $succeed, $hook ) {
108 $provider = new ThrottlePreAuthenticationProvider( [
109 'accountCreationThrottle' => [ [ 'count' => 2, 'seconds' => 86400 ] ],
110 'cache' => new \
HashBagOStuff(),
112 $provider->setLogger( new \Psr\Log\
NullLogger() );
113 $provider->setConfig( new \
HashConfig( [
114 'AccountCreationThrottle' => null,
115 'PasswordAttemptThrottle' => null,
117 $provider->setManager( AuthManager
::singleton() );
119 $user = \User
::newFromName( 'RandomUser' );
120 $creator = \User
::newFromName( $creatorname );
122 $mock = $this->getMockBuilder( 'stdClass' )
123 ->setMethods( [ 'onExemptFromAccountCreationThrottle' ] )
125 $mock->expects( $this->any() )->method( 'onExemptFromAccountCreationThrottle' )
126 ->will( $this->returnValue( false ) );
127 $this->mergeMwGlobalArrayValue( 'wgHooks', [
128 'ExemptFromAccountCreationThrottle' => [ $mock ],
134 $provider->testForAccountCreation( $user, $creator, [] )->isOK(),
139 $provider->testForAccountCreation( $user, $creator, [] )->isOK(),
143 $succeed ?
true : false,
144 $provider->testForAccountCreation( $user, $creator, [] )->isOK(),
149 public static function provideTestForAccountCreation() {
151 'Normal user' => [ 'NormalUser', false, false ],
152 'Sysop' => [ 'UTSysop', true, false ],
153 'Normal user with hook' => [ 'NormalUser', true, true ],
157 public function testTestForAuthentication() {
158 $provider = new ThrottlePreAuthenticationProvider( [
159 'passwordAttemptThrottle' => [ [ 'count' => 2, 'seconds' => 86400 ] ],
160 'cache' => new \
HashBagOStuff(),
162 $provider->setLogger( new \Psr\Log\
NullLogger() );
163 $provider->setConfig( new \
HashConfig( [
164 'AccountCreationThrottle' => null,
165 'PasswordAttemptThrottle' => null,
167 $provider->setManager( AuthManager
::singleton() );
169 $req = new UsernameAuthenticationRequest
;
170 $req->username
= 'SomeUser';
171 for ( $i = 1; $i <= 3; $i++
) {
172 $status = $provider->testForAuthentication( [ $req ] );
173 $this->assertEquals( $i < 3, $status->isGood(), "attempt #$i" );
175 $this->assertCount( 1, $status->getErrors() );
176 $msg = new \
Message( $status->getErrors()[0]['message'], $status->getErrors()[0]['params'] );
177 $this->assertEquals( 'login-throttled', $msg->getKey() );
179 $provider->postAuthentication( \User
::newFromName( 'SomeUser' ),
180 AuthenticationResponse
::newFail( wfMessage( 'foo' ) ) );
181 $this->assertFalse( $provider->testForAuthentication( [ $req ] )->isGood(), 'after FAIL' );
183 $provider->postAuthentication( \User
::newFromName( 'SomeUser' ),
184 AuthenticationResponse
::newPass() );
185 $this->assertTrue( $provider->testForAuthentication( [ $req ] )->isGood(), 'after PASS' );
187 $req1 = new UsernameAuthenticationRequest
;
188 $req1->username
= 'foo';
189 $req2 = new UsernameAuthenticationRequest
;
190 $req2->username
= 'bar';
191 $this->assertTrue( $provider->testForAuthentication( [ $req1, $req2 ] )->isGood() );
193 $req = new UsernameAuthenticationRequest
;
194 $req->username
= 'Some user';
195 $provider->testForAuthentication( [ $req ] );
196 $req->username
= 'Some_user';
197 $provider->testForAuthentication( [ $req ] );
198 $req->username
= 'some user';
199 $status = $provider->testForAuthentication( [ $req ] );
200 $this->assertFalse( $status->isGood(), 'denormalized usernames are normalized' );
203 public function testPostAuthentication() {
204 $provider = new ThrottlePreAuthenticationProvider( [
205 'passwordAttemptThrottle' => [],
206 'cache' => new \
HashBagOStuff(),
208 $provider->setLogger( new \TestLogger
);
209 $provider->setConfig( new \
HashConfig( [
210 'AccountCreationThrottle' => null,
211 'PasswordAttemptThrottle' => null,
213 $provider->setManager( AuthManager
::singleton() );
214 $provider->postAuthentication( \User
::newFromName( 'SomeUser' ),
215 AuthenticationResponse
::newPass() );
217 $provider = new ThrottlePreAuthenticationProvider( [
218 'passwordAttemptThrottle' => [ [ 'count' => 2, 'seconds' => 86400 ] ],
219 'cache' => new \
HashBagOStuff(),
221 $logger = new \
TestLogger( true );
222 $provider->setLogger( $logger );
223 $provider->setConfig( new \
HashConfig( [
224 'AccountCreationThrottle' => null,
225 'PasswordAttemptThrottle' => null,
227 $provider->setManager( AuthManager
::singleton() );
228 $provider->postAuthentication( \User
::newFromName( 'SomeUser' ),
229 AuthenticationResponse
::newPass() );
231 [ \Psr\Log\LogLevel
::INFO
, 'throttler data not found for {user}' ],
232 ], $logger->getBuffer() );