From f97359f466d929d16dd723d3a7f4eb24d5ba469a Mon Sep 17 00:00:00 2001
From: Roland Gruber <post@rolandgruber.de>
Date: Wed, 1 Jan 2020 18:08:30 +0100
Subject: [PATCH] webauthn

---
 lam/lib/2factor.inc                   | 15 ++++-
 lam/tests/lib/2factorWebauthnTest.php | 86 +++++++++++++++++++++++++++
 2 files changed, 98 insertions(+), 3 deletions(-)
 create mode 100644 lam/tests/lib/2factorWebauthnTest.php

diff --git a/lam/lib/2factor.inc b/lam/lib/2factor.inc
index b20ba8ad..713836e3 100644
--- a/lam/lib/2factor.inc
+++ b/lam/lib/2factor.inc
@@ -491,7 +491,7 @@ class WebauthnProvider extends BaseProvider {
 	 *
 	 * @param TwoFactorConfiguration $config configuration
 	 */
-	public function __construct(&$config) {
+	public function __construct($config) {
 		$this->config = $config;
 	}
 
@@ -550,7 +550,7 @@ class WebauthnProvider extends BaseProvider {
 		$row->add(new htmlDiv(null, $errorMessage, array('hidden webauthn-error')), 12);
 		if ($this->config->twoFactorAuthenticationOptional === true) {
 			include_once __DIR__ . '/webauthn.inc';
-			$webauthnManager = new WebauthnManager();
+			$webauthnManager = $this->getWebauthnManager();
 			$hasTokens = $webauthnManager->isRegistered($userDn);
 			if (!$hasTokens) {
 				$skipButton = new htmlButton('skip_webauthn', _('Skip'));
@@ -565,6 +565,15 @@ class WebauthnProvider extends BaseProvider {
 		$row->add(new htmlJavaScript('window.lam.webauthn.start(\'' . $pathPrefix . '\');'), 0);
 	}
 
+	/**
+	 * Returns the webauthn manager.
+	 *
+	 * @return WebauthnManager manager
+	 */
+	public function getWebauthnManager() {
+		return new WebauthnManager();
+	}
+
 	/**
 	 * {@inheritDoc}
 	 * @see \LAM\LIB\TWO_FACTOR\TwoFactorProvider::verify2ndFactor()
@@ -572,7 +581,7 @@ class WebauthnProvider extends BaseProvider {
 	public function verify2ndFactor($user, $password, $serial, $twoFactorInput) {
 		logNewMessage(LOG_DEBUG, 'WebauthnProvider: Checking 2nd factor for ' . $user);
 		include_once __DIR__ . '/webauthn.inc';
-		$webauthnManager = new WebauthnManager();
+		$webauthnManager = $this->getWebauthnManager();
 		if (!empty($_SESSION['ldap'])) {
 			$userDn = $_SESSION['ldap']->getUserName();
 		}
diff --git a/lam/tests/lib/2factorWebauthnTest.php b/lam/tests/lib/2factorWebauthnTest.php
new file mode 100644
index 00000000..7f0cd39b
--- /dev/null
+++ b/lam/tests/lib/2factorWebauthnTest.php
@@ -0,0 +1,86 @@
+<?php
+namespace LAM\LIB\TWO_FACTOR;
+use LAM\LOGIN\WEBAUTHN\WebauthnManager;
+use PHPUnit\Framework\TestCase;
+
+/*
+  This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
+  Copyright (C) 2020  Roland Gruber
+
+  This program is free software; you can redistribute it and/or modify
+  it under the terms of the GNU General Public License as published by
+  the Free Software Foundation; either version 2 of the License, or
+  (at your option) any later version.
+
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+
+  You should have received a copy of the GNU General Public License
+  along with this program; if not, write to the Free Software
+  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+*/
+
+require_once __DIR__ . '/../../lib/modules.inc';
+require_once __DIR__ . '/../../lib/2factor.inc';
+
+/**
+ * Tests the webauthn provider.
+ *
+ * @author Roland Gruber
+ */
+class WebauthnProviderTest extends TestCase {
+
+	/**
+	 * @var TwoFactorConfiguration
+	 */
+	private $config;
+
+	protected function setUp() {
+		$this->config = new TwoFactorConfiguration();
+	}
+
+	public function test_getSerials() {
+		$provider = new WebauthnProvider($this->config);
+
+		$this->assertNotEmpty($provider->getSerials('user', 'password'));
+	}
+
+	public function test_isShowSubmitButton() {
+		$provider = new WebauthnProvider($this->config);
+
+		$this->assertFalse($provider->isShowSubmitButton());
+	}
+
+	public function test_hasCustomInputForm() {
+		$provider = new WebauthnProvider($this->config);
+
+		$this->assertTrue($provider->hasCustomInputForm());
+	}
+
+	public function test_addCustomInput() {
+		$this->config->twoFactorAuthenticationOptional = true;
+		$manager = $this
+			->getMockBuilder(WebauthnManager::class)
+			->setMethods(array('isRegistered'))
+			->getMock();
+		$manager->method('isRegistered')->willReturn(false);
+		$provider = $this
+			->getMockBuilder(WebauthnProvider::class)
+			->setConstructorArgs(array($this->config))
+			->setMethods(array('getWebauthnManager'))
+			->getMock();
+		$provider->method('getWebauthnManager')->willReturn($manager);
+		$row = new \htmlResponsiveRow();
+
+		$provider->addCustomInput($row, 'userDn');
+		$tabindex = 0;
+		ob_start();
+		$row->generateHTML(null, array(), array(), false, $tabindex, 'none');
+		$html = ob_get_contents();
+		ob_end_clean();
+		$this->assertContains('skip_webauthn', $html);
+	}
+
+}
\ No newline at end of file