Skip to content
This repository has been archived by the owner on Jul 24, 2023. It is now read-only.

Commit

Permalink
Assert that rules are executed when authenticating with SSO middleware
Browse files Browse the repository at this point in the history 
#748
  • Loading branch information
@stevebauman
stevebauman committed Jun 28, 2019
1 parent be9a381 commit e7e60f0
Showing 1 changed file with 47 additions and 8 deletions.
55 changes: 47 additions & 8 deletions tests/WindowsAuthenticateTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,8 @@
use Mockery as m;
use Adldap\Query\Builder;
use Adldap\Laravel\Facades\Resolver;
use Adldap\Laravel\Tests\Models\TestUser;
use Adldap\Laravel\Validation\Rules\DenyTrashed;
use Adldap\Laravel\Middleware\WindowsAuthenticate;

class WindowsAuthenticateTest extends DatabaseTestCase
Expand All @@ -16,8 +18,6 @@ public function middleware_authenticates_users()

$request->server->set('AUTH_USER', 'jdoe');

$middleware = app(WindowsAuthenticate::class);

$user = $this->makeLdapUser([
'objectguid' => ['cc07cacc-5d9d-fa40-a9fb-3a4d50a172b0'],
'cn' => ['John Doe'],
Expand All @@ -35,10 +35,9 @@ public function middleware_authenticates_users()
->shouldReceive('getDatabaseIdColumn')->twice()->andReturn('objectguid')
->shouldReceive('getDatabaseUsernameColumn')->once()->andReturn('email')
->shouldReceive('getLdapDiscoveryAttribute')->once()->andReturn('userprincipalname')
->shouldReceive('byModel')->once()->andReturn(($user));
->shouldReceive('byModel')->once()->andReturn($user);

$middleware->handle($request, function () {
});
app(WindowsAuthenticate::class)->handle($request, function () {});

$authenticated = auth()->user();

Expand All @@ -55,8 +54,6 @@ public function middleware_continues_request_when_user_is_not_found()

$request->server->set('AUTH_USER', 'jdoe');

$middleware = app(WindowsAuthenticate::class);

$query = m::mock(Builder::class);

$query
Expand All @@ -65,9 +62,51 @@ public function middleware_continues_request_when_user_is_not_found()

Resolver::shouldReceive('query')->once()->andReturn($query);

$middleware->handle($request, function () {
app(WindowsAuthenticate::class)->handle($request, function () {});

$this->assertNull(auth()->user());
}

/** @test */
public function middleware_validates_authenticating_users()
{
// Deny deleted users from authenticating.
config()->set('ldap_auth.rules', [DenyTrashed::class]);

// Create the deleted user.
tap(new TestUser(), function ($user) {
$user->name = 'John Doe';
$user->email = '[email protected]';
$user->password = 'secret';
$user->deleted_at = now();

$user->save();
});

$request = app('request');

$request->server->set('AUTH_USER', 'jdoe');

$user = $this->makeLdapUser([
'objectguid' => ['cc07cacc-5d9d-fa40-a9fb-3a4d50a172b0'],
'cn' => ['John Doe'],
'userprincipalname' => ['[email protected]'],
'samaccountname' => ['jdoe'],
]);

$query = m::mock(Builder::class);

$query
->shouldReceive('whereEquals')->once()->withArgs(['samaccountname', 'jdoe'])->andReturn($query)
->shouldReceive('first')->once()->andReturn($user);

Resolver::shouldReceive('query')->once()->andReturn($query)
->shouldReceive('getDatabaseIdColumn')->twice()->andReturn('objectguid')
->shouldReceive('getDatabaseUsernameColumn')->once()->andReturn('email')
->shouldReceive('getLdapDiscoveryAttribute')->once()->andReturn('userprincipalname');

app(WindowsAuthenticate::class)->handle($request, function () {});

$this->assertNull(auth()->user());
}
}

0 comments on commit e7e60f0

Please sign in to comment.