Merge pull request #3937 from wallabag/fix/credential-subdomain

Add ability to match many domains for credentials
This commit is contained in:
Jérémy Benoist 2019-04-27 10:58:26 +02:00 committed by GitHub
commit ea54c2adb1
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
17 changed files with 187 additions and 43 deletions

View file

@ -5,19 +5,38 @@ namespace Wallabag\CoreBundle\DataFixtures\ORM;
use Doctrine\Common\DataFixtures\AbstractFixture;
use Doctrine\Common\DataFixtures\OrderedFixtureInterface;
use Doctrine\Common\Persistence\ObjectManager;
use Symfony\Component\DependencyInjection\ContainerAwareInterface;
use Symfony\Component\DependencyInjection\ContainerInterface;
use Wallabag\CoreBundle\Entity\SiteCredential;
class LoadSiteCredentialData extends AbstractFixture implements OrderedFixtureInterface
class LoadSiteCredentialData extends AbstractFixture implements OrderedFixtureInterface, ContainerAwareInterface
{
/**
* @var ContainerInterface
*/
private $container;
public function setContainer(ContainerInterface $container = null)
{
$this->container = $container;
}
/**
* {@inheritdoc}
*/
public function load(ObjectManager $manager)
{
$credential = new SiteCredential($this->getReference('admin-user'));
$credential->setHost('example.com');
$credential->setUsername('foo');
$credential->setPassword('bar');
$credential->setHost('.super.com');
$credential->setUsername($this->container->get('wallabag_core.helper.crypto_proxy')->crypt('.super'));
$credential->setPassword($this->container->get('wallabag_core.helper.crypto_proxy')->crypt('bar'));
$manager->persist($credential);
$credential = new SiteCredential($this->getReference('admin-user'));
$credential->setHost('paywall.example.com');
$credential->setUsername($this->container->get('wallabag_core.helper.crypto_proxy')->crypt('paywall.example'));
$credential->setPassword($this->container->get('wallabag_core.helper.crypto_proxy')->crypt('bar'));
$manager->persist($credential);

View file

@ -62,11 +62,24 @@ class GrabySiteConfigBuilder implements SiteConfigBuilder
$host = substr($host, 4);
}
$credentials = null;
if ($this->currentUser) {
$credentials = $this->credentialRepository->findOneByHostAndUser($host, $this->currentUser->getId());
if (!$this->currentUser) {
$this->logger->debug('Auth: no current user defined.');
return false;
}
$hosts = [$host];
// will try to see for a host without the first subdomain (fr.example.org & .example.org)
$split = explode('.', $host);
if (\count($split) > 1) {
// remove first subdomain
array_shift($split);
$hosts[] = '.' . implode('.', $split);
}
$credentials = $this->credentialRepository->findOneByHostsAndUser($hosts, $this->currentUser->getId());
if (null === $credentials) {
$this->logger->debug('Auth: no credentials available for host.', ['host' => $host]);

View file

@ -19,16 +19,16 @@ class SiteCredentialRepository extends \Doctrine\ORM\EntityRepository
/**
* Retrieve one username/password for the given host and userId.
*
* @param string $host
* @param int $userId
* @param array $hosts An array of host to look for
* @param int $userId
*
* @return array|null
*/
public function findOneByHostAndUser($host, $userId)
public function findOneByHostsAndUser($hosts, $userId)
{
$res = $this->createQueryBuilder('s')
->select('s.username', 's.password')
->where('s.host = :hostname')->setParameter('hostname', $host)
->where('s.host IN (:hosts)')->setParameter('hosts', $hosts)
->andWhere('s.user = :userId')->setParameter('userId', $userId)
->setMaxResults(1)
->getQuery()

View file

@ -550,7 +550,7 @@ site_credential:
# create_new_one: Create a new credential
# form:
# username_label: 'Username'
# host_label: 'Host'
# host_label: 'Host (subdomain.example.org, .example.org, etc.)'
# password_label: 'Password'
# save: Save
# delete: Delete

View file

@ -550,7 +550,7 @@ site_credential:
create_new_one: 'Einen neuen Seitenzugang anlegen'
form:
username_label: 'Benutzername'
host_label: 'Host'
host_label: 'Host (subdomain.example.org, .example.org, etc.)'
password_label: 'Passwort'
save: 'Speichern'
delete: 'Löschen'

View file

@ -550,7 +550,7 @@ site_credential:
create_new_one: Create a new credential
form:
username_label: 'Username'
host_label: 'Host'
host_label: 'Host (subdomain.example.org, .example.org, etc.)'
password_label: 'Password'
save: Save
delete: Delete

View file

@ -550,7 +550,7 @@ site_credential:
# create_new_one: Create a new credential
# form:
# username_label: 'Username'
# host_label: 'Host'
# host_label: 'Host (subdomain.example.org, .example.org, etc.)'
# password_label: 'Password'
# save: Save
# delete: Delete

View file

@ -550,7 +550,7 @@ site_credential:
# create_new_one: Create a new credential
# form:
# username_label: 'Username'
# host_label: 'Host'
# host_label: 'Host (subdomain.example.org, .example.org, etc.)'
# password_label: 'Password'
# save: Save
# delete: Delete

View file

@ -550,7 +550,7 @@ site_credential:
create_new_one: Créer un nouvel accès à un site
form:
username_label: 'Identifiant'
host_label: 'Domaine'
host_label: 'Domaine (subdomain.example.org, .example.org, etc.)'
password_label: 'Mot de passe'
save: "Sauvegarder"
delete: "Supprimer"

View file

@ -550,7 +550,7 @@ site_credential:
# create_new_one: Create a new credential
# form:
# username_label: 'Username'
# host_label: 'Host'
# host_label: 'Host (subdomain.example.org, .example.org, etc.)'
# password_label: 'Password'
# save: Save
# delete: Delete

View file

@ -550,7 +550,7 @@ site_credential:
create_new_one: Crear un novèl identificant
form:
username_label: "Nom d'utilizaire"
host_label: 'Òste'
host_label: 'Òste (subdomain.example.org, .example.org, etc.)'
password_label: 'Senhal'
save: 'Enregistrar'
delete: 'Suprimir'

View file

@ -550,7 +550,7 @@ site_credential:
create_new_one: Stwórz nowe poświadczenie
form:
username_label: 'Nazwa użytkownika'
host_label: 'Host'
host_label: 'Host (subdomain.example.org, .example.org, etc.)'
password_label: 'Hasło'
save: Zapisz
delete: Usuń

View file

@ -550,7 +550,7 @@ site_credential:
# create_new_one: Create a new credential
form:
# username_label: 'Username'
# host_label: 'Host'
# host_label: 'Host (subdomain.example.org, .example.org, etc.)'
# password_label: 'Password'
save: 'Salvar'
delete: 'Apagar'

View file

@ -550,7 +550,7 @@ site_credential:
# create_new_one: Create a new credential
# form:
# username_label: 'Username'
# host_label: 'Host'
# host_label: 'Host (subdomain.example.org, .example.org, etc.)'
# password_label: 'Password'
# save: Save
# delete: Delete

View file

@ -548,7 +548,7 @@ site_credential:
create_new_one: สร้างข้อมูลส่วนตัวใหม่
form:
username_label: 'ชื่อผู้ใช้'
host_label: 'โฮส'
host_label: 'โฮส (subdomain.example.org, .example.org, etc.)'
password_label: 'รหัสผ่าน'
save: บันทึก
delete: ลบ

View file

@ -166,7 +166,7 @@ class EntryControllerTest extends WallabagCoreTestCase
$this->assertSame($this->url, $content->getUrl());
$this->assertContains('Google', $content->getTitle());
$this->assertSame('fr', $content->getLanguage());
$this->assertSame('2016-04-07 19:01:35', $content->getPublishedAt()->format('Y-m-d H:i:s'));
$this->assertSame('2015-03-28 11:43:19', $content->getPublishedAt()->format('Y-m-d H:i:s'));
$this->assertArrayHasKey('x-frame-options', $content->getHeaders());
$client->getContainer()->get('craue_config')->set('store_article_headers', 0);
}

View file

@ -5,26 +5,22 @@ namespace Tests\Wallabag\CoreBundle\GuzzleSiteAuthenticator;
use Graby\SiteConfig\SiteConfig as GrabySiteConfig;
use Monolog\Handler\TestHandler;
use Monolog\Logger;
use PHPUnit\Framework\TestCase;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage;
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
use Tests\Wallabag\CoreBundle\WallabagCoreTestCase;
use Wallabag\CoreBundle\GuzzleSiteAuthenticator\GrabySiteConfigBuilder;
class GrabySiteConfigBuilderTest extends TestCase
class GrabySiteConfigBuilderTest extends WallabagCoreTestCase
{
/** @var \Wallabag\CoreBundle\GuzzleSiteAuthenticator\GrabySiteConfigBuilder */
protected $builder;
public function testBuildConfigExists()
{
/* @var \Graby\SiteConfig\ConfigBuilder|\PHPUnit_Framework_MockObject_MockObject */
$grabyConfigBuilderMock = $this->getMockBuilder('Graby\SiteConfig\ConfigBuilder')
->disableOriginalConstructor()
->getMock();
$grabySiteConfig = new GrabySiteConfig();
$grabySiteConfig->requires_login = true;
$grabySiteConfig->login_uri = 'http://www.example.com/login';
$grabySiteConfig->login_uri = 'http://api.example.com/login';
$grabySiteConfig->login_username_field = 'login';
$grabySiteConfig->login_password_field = 'password';
$grabySiteConfig->login_extra_fields = ['field=value'];
@ -32,7 +28,7 @@ class GrabySiteConfigBuilderTest extends TestCase
$grabyConfigBuilderMock
->method('buildForHost')
->with('example.com')
->with('api.example.com')
->will($this->returnValue($grabySiteConfig));
$logger = new Logger('foo');
@ -43,8 +39,8 @@ class GrabySiteConfigBuilderTest extends TestCase
->disableOriginalConstructor()
->getMock();
$siteCrentialRepo->expects($this->once())
->method('findOneByHostAndUser')
->with('example.com', 1)
->method('findOneByHostsAndUser')
->with(['api.example.com', '.example.com'], 1)
->willReturn(['username' => 'foo', 'password' => 'bar']);
$user = $this->getMockBuilder('Wallabag\UserBundle\Entity\User')
@ -59,18 +55,18 @@ class GrabySiteConfigBuilderTest extends TestCase
$tokenStorage = new TokenStorage();
$tokenStorage->setToken($token);
$this->builder = new GrabySiteConfigBuilder(
$builder = new GrabySiteConfigBuilder(
$grabyConfigBuilderMock,
$tokenStorage,
$siteCrentialRepo,
$logger
);
$config = $this->builder->buildForHost('www.example.com');
$config = $builder->buildForHost('api.example.com');
$this->assertSame('example.com', $config->getHost());
$this->assertSame('api.example.com', $config->getHost());
$this->assertTrue($config->requiresLogin());
$this->assertSame('http://www.example.com/login', $config->getLoginUri());
$this->assertSame('http://api.example.com/login', $config->getLoginUri());
$this->assertSame('login', $config->getUsernameField());
$this->assertSame('password', $config->getPasswordField());
$this->assertSame(['field' => 'value'], $config->getExtraFields());
@ -85,7 +81,6 @@ class GrabySiteConfigBuilderTest extends TestCase
public function testBuildConfigDoesntExist()
{
/* @var \Graby\SiteConfig\ConfigBuilder|\PHPUnit_Framework_MockObject_MockObject */
$grabyConfigBuilderMock = $this->getMockBuilder('\Graby\SiteConfig\ConfigBuilder')
->disableOriginalConstructor()
->getMock();
@ -103,8 +98,8 @@ class GrabySiteConfigBuilderTest extends TestCase
->disableOriginalConstructor()
->getMock();
$siteCrentialRepo->expects($this->once())
->method('findOneByHostAndUser')
->with('unknown.com', 1)
->method('findOneByHostsAndUser')
->with(['unknown.com', '.com'], 1)
->willReturn(null);
$user = $this->getMockBuilder('Wallabag\UserBundle\Entity\User')
@ -119,14 +114,14 @@ class GrabySiteConfigBuilderTest extends TestCase
$tokenStorage = new TokenStorage();
$tokenStorage->setToken($token);
$this->builder = new GrabySiteConfigBuilder(
$builder = new GrabySiteConfigBuilder(
$grabyConfigBuilderMock,
$tokenStorage,
$siteCrentialRepo,
$logger
);
$config = $this->builder->buildForHost('unknown.com');
$config = $builder->buildForHost('unknown.com');
$this->assertFalse($config);
@ -134,4 +129,121 @@ class GrabySiteConfigBuilderTest extends TestCase
$this->assertCount(1, $records, 'One log was recorded');
}
public function testBuildConfigUserNotDefined()
{
$grabyConfigBuilderMock = $this->getMockBuilder('\Graby\SiteConfig\ConfigBuilder')
->disableOriginalConstructor()
->getMock();
$grabyConfigBuilderMock
->method('buildForHost')
->with('unknown.com')
->will($this->returnValue(new GrabySiteConfig()));
$logger = new Logger('foo');
$handler = new TestHandler();
$logger->pushHandler($handler);
$siteCrentialRepo = $this->getMockBuilder('Wallabag\CoreBundle\Repository\SiteCredentialRepository')
->disableOriginalConstructor()
->getMock();
$tokenStorage = new TokenStorage();
$builder = new GrabySiteConfigBuilder(
$grabyConfigBuilderMock,
$tokenStorage,
$siteCrentialRepo,
$logger
);
$config = $builder->buildForHost('unknown.com');
$this->assertFalse($config);
}
public function dataProviderCredentials()
{
return [
[
'host' => 'example.com',
],
[
'host' => 'other.example.com',
],
[
'host' => 'paywall.example.com',
'expectedUsername' => 'paywall.example',
'expectedPassword' => 'bar',
],
[
'host' => 'api.super.com',
'expectedUsername' => '.super',
'expectedPassword' => 'bar',
],
[
'host' => '.super.com',
'expectedUsername' => '.super',
'expectedPassword' => 'bar',
],
];
}
/**
* @dataProvider dataProviderCredentials
*/
public function testBuildConfigWithDbAccess($host, $expectedUsername = null, $expectedPassword = null)
{
$grabyConfigBuilderMock = $this->getMockBuilder('Graby\SiteConfig\ConfigBuilder')
->disableOriginalConstructor()
->getMock();
$grabySiteConfig = new GrabySiteConfig();
$grabySiteConfig->requires_login = true;
$grabySiteConfig->login_uri = 'http://api.example.com/login';
$grabySiteConfig->login_username_field = 'login';
$grabySiteConfig->login_password_field = 'password';
$grabySiteConfig->login_extra_fields = ['field=value'];
$grabySiteConfig->not_logged_in_xpath = '//div[@class="need-login"]';
$grabyConfigBuilderMock
->method('buildForHost')
->with($host)
->will($this->returnValue($grabySiteConfig));
$user = $this->getMockBuilder('Wallabag\UserBundle\Entity\User')
->disableOriginalConstructor()
->getMock();
$user->expects($this->once())
->method('getId')
->willReturn(1);
$token = new UsernamePasswordToken($user, 'pass', 'provider');
$tokenStorage = new TokenStorage();
$tokenStorage->setToken($token);
$logger = new Logger('foo');
$handler = new TestHandler();
$logger->pushHandler($handler);
$builder = new GrabySiteConfigBuilder(
$grabyConfigBuilderMock,
$tokenStorage,
$this->getClient()->getContainer()->get('wallabag_core.site_credential_repository'),
$logger
);
$config = $builder->buildForHost($host);
if (null === $expectedUsername && null === $expectedPassword) {
$this->assertFalse($config);
return;
}
$this->assertSame($expectedUsername, $config->getUsername());
$this->assertSame($expectedPassword, $config->getPassword());
}
}