* Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * * @author Andreas Heigl * @copyright 2016-2016 Andreas Heigl * @license http://www.opensource.org/licenses/mit-license.php MIT-License * @version 0.0 * @since 07.06.2016 * @link http://github.com/heiglandreas/authLDAP */ namespace Org_Heigl\AuthLdapTest; use Org_Heigl\AuthLdap\LDAP; use Org_Heigl\AuthLdap\LdapList; use phpmock\spy\Spy; use PHPUnit_Framework_TestCase; class LDAPBaseTest extends PHPUnit_Framework_TestCase { public function setUp() { $this->ldap_connect_spy = new Spy('Org_Heigl\AuthLdap', 'ldap_connect'); $this->ldap_connect_spy->enable(); } public function tearDown() { $this->ldap_connect_spy->disable(); } /** @dataProvider bindingWithPasswordProvider */ public function testThatBindingWithPasswordWorks($user, $password, $filter, $uri) { $ldap = new LDAP($uri); $this->assertTrue($ldap->authenticate($user, $password, $filter)); } public function bindingWithPasswordProvider() { return [ ['user3', 'user!"', 'uid=%s', 'ldap://cn=Manager,dc=example,dc=com:insecure@127.0.0.1:3890/dc=example,dc=com'], ['Manager', 'insecure', 'cn=%s', 'ldap://cn=Manager,dc=example,dc=com:insecure@127.0.0.1:3890/dc=example,dc=com'], ['user1', 'user1', 'uid=%s', 'ldap://cn=Manager,dc=example,dc=com:insecure@127.0.0.1:3890/dc=example,dc=com'], ['user 4', 'user!"', 'uid=%s', 'ldap://cn=Manager,dc=example,dc=com:insecure@127.0.0.1:3890/dc=example,dc=com'], ['user 5', 'user!"', 'uid=%s', 'ldap://cn=Manager,dc=example,dc=com:insecure@127.0.0.1:3890/dc=test%20space,dc=example,dc=com'], ]; } /** * @param $uri * @dataProvider initialBindingToLdapServerWorksProvider */ public function testThatInitialBindingWorks($uri) { $ldap = new LDAP($uri); $this->assertInstanceof(LDAP::class, $ldap->bind()); } /** * @param $uri * @dataProvider initialBindingToLdapServerWorksProvider */ public function testThatInitialBindingToMultipleLdapsWorks($uri) { $list = new LdapList(); $list->addLDAP(new LDAP($uri)); $this->assertTrue($list->bind()); } public function initialBindingToLdapServerWorksProvider() { return [ ['ldap://uid=user%205,dc=test%20space,dc=example,dc=com:user!"@localhost:3890/dc=test%20space,dc=example,dc=com'], ]; } /** @dataProvider bindingWithPasswordProvider */ public function testThatBindingWithAddedSlashesFailsWorks($user, $password, $filter) { $newpassword = addslashes($password); $ldap = new LDAP('ldap://cn=Manager,dc=example,dc=com:insecure@127.0.0.1:3890/dc=example,dc=com'); if ($newpassword === $password) { $this->assertTrue($ldap->authenticate($user, $password, $filter)); } else { $this->assertFalse($ldap->authenticate($user, $newpassword, $filter)); } } /** @dataProvider serchingForGroupsProvider */ public function testThatSearchingForGoupsWorks($filter, $user, $groups) { // (&(objectCategory=group)(member=)) $ldap = new LDAP('ldap://cn=Manager,dc=example,dc=com:insecure@127.0.0.1:3890/dc=example,dc=com'); $ldap->bind(); $this->assertContains($groups, $ldap->search(sprintf($filter, $user), ['cn'])[0]); } public function serchingForGroupsProvider() { return [ [ '(&(objectclass=groupOfUniqueNames)(uniqueMember=%s))', 'uid=user 4,dc=example,dc=com', ['count' => 1, 0 => 'group4'], ], ]; } public function testThatSettingLDAPSActuallyGivesTheCorrectPort() { $ldap = new LDAP('ldaps://cn=Manager,dc=example,dc=com:insecure@127.0.0.1/dc=example,dc=com'); $ldap->connect(); $this->assertEquals('ldaps://127.0.0.1:636', $this->ldap_connect_spy->getInvocations()[0]->getArguments()[0]); } }