git subrepo commit (merge) mailcow/src/mailcow-dockerized
subrepo: subdir: "mailcow/src/mailcow-dockerized"
merged: "02ae5285"
upstream: origin: "https://github.com/mailcow/mailcow-dockerized.git"
branch: "master"
commit: "649a5c01"
git-subrepo: version: "0.4.3"
origin: "???"
commit: "???"
Change-Id: I870ad468fba026cc5abf3c5699ed1e12ff28b32b
diff --git a/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Qr/IQRCodeProviderTest.php b/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Qr/IQRCodeProviderTest.php
new file mode 100644
index 0000000..86dd431
--- /dev/null
+++ b/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Qr/IQRCodeProviderTest.php
@@ -0,0 +1,56 @@
+<?php
+
+namespace Tests\Providers\Qr;
+
+use PHPUnit\Framework\TestCase;
+use RobThree\Auth\TwoFactorAuth;
+use RobThree\Auth\TwoFactorAuthException;
+
+class IQRCodeProviderTest extends TestCase
+{
+ /**
+ * @param string $datauri
+ *
+ * @return null|array
+ */
+ private function DecodeDataUri($datauri)
+ {
+ if (preg_match('/data:(?P<mimetype>[\w\.\-\/]+);(?P<encoding>\w+),(?P<data>.*)/', $datauri, $m) === 1) {
+ return array(
+ 'mimetype' => $m['mimetype'],
+ 'encoding' => $m['encoding'],
+ 'data' => base64_decode($m['data'])
+ );
+ }
+
+ return null;
+ }
+
+ /**
+ * @return void
+ */
+ public function testTotpUriIsCorrect()
+ {
+ $qr = new TestQrProvider();
+
+ $tfa = new TwoFactorAuth('Test&Issuer', 6, 30, 'sha1', $qr);
+ $data = $this->DecodeDataUri($tfa->getQRCodeImageAsDataUri('Test&Label', 'VMR466AB62ZBOKHE'));
+ $this->assertEquals('test/test', $data['mimetype']);
+ $this->assertEquals('base64', $data['encoding']);
+ $this->assertEquals('otpauth://totp/Test%26Label?secret=VMR466AB62ZBOKHE&issuer=Test%26Issuer&period=30&algorithm=SHA1&digits=6@200', $data['data']);
+ }
+
+ /**
+ * @return void
+ */
+ public function testGetQRCodeImageAsDataUriThrowsOnInvalidSize()
+ {
+ $qr = new TestQrProvider();
+
+ $tfa = new TwoFactorAuth('Test', 6, 30, 'sha1', $qr);
+
+ $this->expectException(TwoFactorAuthException::class);
+
+ $tfa->getQRCodeImageAsDataUri('Test', 'VMR466AB62ZBOKHE', 0);
+ }
+}
diff --git a/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Qr/TestQrProvider.php b/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Qr/TestQrProvider.php
new file mode 100644
index 0000000..93242c2
--- /dev/null
+++ b/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Qr/TestQrProvider.php
@@ -0,0 +1,24 @@
+<?php
+
+namespace Tests\Providers\Qr;
+
+use RobThree\Auth\Providers\Qr\IQRCodeProvider;
+
+class TestQrProvider implements IQRCodeProvider
+{
+ /**
+ * {@inheritdoc}
+ */
+ public function getQRCodeImage($qrtext, $size)
+ {
+ return $qrtext . '@' . $size;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ public function getMimeType()
+ {
+ return 'test/test';
+ }
+}
diff --git a/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Rng/CSRNGProviderTest.php b/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Rng/CSRNGProviderTest.php
new file mode 100644
index 0000000..e42ccfd
--- /dev/null
+++ b/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Rng/CSRNGProviderTest.php
@@ -0,0 +1,30 @@
+<?php
+
+namespace Tests\Providers\Rng;
+
+use PHPUnit\Framework\TestCase;
+use Tests\MightNotMakeAssertions;
+use RobThree\Auth\Providers\Rng\CSRNGProvider;
+
+class CSRNGProviderTest extends TestCase
+{
+ use NeedsRngLengths, MightNotMakeAssertions;
+
+ /**
+ * @requires function random_bytes
+ *
+ * @return void
+ */
+ public function testCSRNGProvidersReturnExpectedNumberOfBytes()
+ {
+ if (function_exists('random_bytes')) {
+ $rng = new CSRNGProvider();
+ foreach ($this->rngTestLengths as $l) {
+ $this->assertEquals($l, strlen($rng->getRandomBytes($l)));
+ }
+ $this->assertTrue($rng->isCryptographicallySecure());
+ } else {
+ $this->noAssertionsMade();
+ }
+ }
+}
diff --git a/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Rng/HashRNGProviderTest.php b/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Rng/HashRNGProviderTest.php
new file mode 100644
index 0000000..c99879d
--- /dev/null
+++ b/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Rng/HashRNGProviderTest.php
@@ -0,0 +1,24 @@
+<?php
+
+namespace Tests\Providers\Rng;
+
+use PHPUnit\Framework\TestCase;
+use RobThree\Auth\Providers\Rng\HashRNGProvider;
+
+class HashRNGProviderTest extends TestCase
+{
+ use NeedsRngLengths;
+
+ /**
+ * @return void
+ */
+ public function testHashRNGProvidersReturnExpectedNumberOfBytes()
+ {
+ $rng = new HashRNGProvider();
+ foreach ($this->rngTestLengths as $l) {
+ $this->assertEquals($l, strlen($rng->getRandomBytes($l)));
+ }
+
+ $this->assertFalse($rng->isCryptographicallySecure());
+ }
+}
diff --git a/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Rng/IRNGProviderTest.php b/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Rng/IRNGProviderTest.php
new file mode 100644
index 0000000..8897673
--- /dev/null
+++ b/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Rng/IRNGProviderTest.php
@@ -0,0 +1,61 @@
+<?php
+
+namespace Tests\Providers\Rng;
+
+use PHPUnit\Framework\TestCase;
+use RobThree\Auth\TwoFactorAuth;
+use RobThree\Auth\TwoFactorAuthException;
+
+class IRNGProviderTest extends TestCase
+{
+ /**
+ * @return void
+ */
+ public function testCreateSecretThrowsOnInsecureRNGProvider()
+ {
+ $rng = new TestRNGProvider();
+
+ $tfa = new TwoFactorAuth('Test', 6, 30, 'sha1', null, $rng);
+
+ $this->expectException(TwoFactorAuthException::class);
+ $tfa->createSecret();
+ }
+
+ /**
+ * @return void
+ */
+ public function testCreateSecretOverrideSecureDoesNotThrowOnInsecureRNG()
+ {
+ $rng = new TestRNGProvider();
+
+ $tfa = new TwoFactorAuth('Test', 6, 30, 'sha1', null, $rng);
+ $this->assertEquals('ABCDEFGHIJKLMNOP', $tfa->createSecret(80, false));
+ }
+
+ /**
+ * @return void
+ */
+ public function testCreateSecretDoesNotThrowOnSecureRNGProvider()
+ {
+ $rng = new TestRNGProvider(true);
+
+ $tfa = new TwoFactorAuth('Test', 6, 30, 'sha1', null, $rng);
+ $this->assertEquals('ABCDEFGHIJKLMNOP', $tfa->createSecret());
+ }
+
+ /**
+ * @return void
+ */
+ public function testCreateSecretGeneratesDesiredAmountOfEntropy()
+ {
+ $rng = new TestRNGProvider(true);
+
+ $tfa = new TwoFactorAuth('Test', 6, 30, 'sha1', null, $rng);
+ $this->assertEquals('A', $tfa->createSecret(5));
+ $this->assertEquals('AB', $tfa->createSecret(6));
+ $this->assertEquals('ABCDEFGHIJKLMNOPQRSTUVWXYZ', $tfa->createSecret(128));
+ $this->assertEquals('ABCDEFGHIJKLMNOPQRSTUVWXYZ234567', $tfa->createSecret(160));
+ $this->assertEquals('ABCDEFGHIJKLMNOPQRSTUVWXYZ234567ABCDEFGHIJKLMNOPQRSTUVWXYZ234567', $tfa->createSecret(320));
+ $this->assertEquals('ABCDEFGHIJKLMNOPQRSTUVWXYZ234567ABCDEFGHIJKLMNOPQRSTUVWXYZ234567A', $tfa->createSecret(321));
+ }
+}
diff --git a/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Rng/MCryptRNGProviderTest.php b/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Rng/MCryptRNGProviderTest.php
new file mode 100644
index 0000000..f6dd91e
--- /dev/null
+++ b/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Rng/MCryptRNGProviderTest.php
@@ -0,0 +1,32 @@
+<?php
+
+namespace Tests\Providers\Rng;
+
+use PHPUnit\Framework\TestCase;
+use Tests\MightNotMakeAssertions;
+use RobThree\Auth\Providers\Rng\MCryptRNGProvider;
+
+class MCryptRNGProviderTest extends TestCase
+{
+ use NeedsRngLengths, MightNotMakeAssertions;
+
+ /**
+ * @requires function mcrypt_create_iv
+ *
+ * @return void
+ */
+ public function testMCryptRNGProvidersReturnExpectedNumberOfBytes()
+ {
+ if (function_exists('mcrypt_create_iv')) {
+ $rng = new MCryptRNGProvider();
+
+ foreach ($this->rngTestLengths as $l) {
+ $this->assertEquals($l, strlen($rng->getRandomBytes($l)));
+ }
+
+ $this->assertTrue($rng->isCryptographicallySecure());
+ } else {
+ $this->noAssertionsMade();
+ }
+ }
+}
diff --git a/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Rng/NeedsRngLengths.php b/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Rng/NeedsRngLengths.php
new file mode 100644
index 0000000..7bbfed9
--- /dev/null
+++ b/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Rng/NeedsRngLengths.php
@@ -0,0 +1,9 @@
+<?php
+
+namespace Tests\Providers\Rng;
+
+trait NeedsRngLengths
+{
+ /** @var array */
+ protected $rngTestLengths = array(1, 16, 32, 256);
+}
diff --git a/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Rng/OpenSSLRNGProviderTest.php b/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Rng/OpenSSLRNGProviderTest.php
new file mode 100644
index 0000000..c941fcc
--- /dev/null
+++ b/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Rng/OpenSSLRNGProviderTest.php
@@ -0,0 +1,37 @@
+<?php
+
+namespace Tests\Providers\Rng;
+
+use PHPUnit\Framework\TestCase;
+use RobThree\Auth\Providers\Rng\OpenSSLRNGProvider;
+
+class OpenSSLRNGProviderTest extends TestCase
+{
+ use NeedsRngLengths;
+
+ /**
+ * @return void
+ */
+ public function testStrongOpenSSLRNGProvidersReturnExpectedNumberOfBytes()
+ {
+ $rng = new OpenSSLRNGProvider(true);
+ foreach ($this->rngTestLengths as $l) {
+ $this->assertEquals($l, strlen($rng->getRandomBytes($l)));
+ }
+
+ $this->assertTrue($rng->isCryptographicallySecure());
+ }
+
+ /**
+ * @return void
+ */
+ public function testNonStrongOpenSSLRNGProvidersReturnExpectedNumberOfBytes()
+ {
+ $rng = new OpenSSLRNGProvider(false);
+ foreach ($this->rngTestLengths as $l) {
+ $this->assertEquals($l, strlen($rng->getRandomBytes($l)));
+ }
+
+ $this->assertFalse($rng->isCryptographicallySecure());
+ }
+}
diff --git a/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Rng/TestRNGProvider.php b/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Rng/TestRNGProvider.php
new file mode 100644
index 0000000..7179521
--- /dev/null
+++ b/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Rng/TestRNGProvider.php
@@ -0,0 +1,41 @@
+<?php
+
+namespace Tests\Providers\Rng;
+
+use RobThree\Auth\Providers\Rng\IRNGProvider;
+
+class TestRNGProvider implements IRNGProvider
+{
+ /** @var bool */
+ private $isSecure;
+
+ /**
+ * @param bool $isSecure whether this provider is cryptographically secure
+ */
+ function __construct($isSecure = false)
+ {
+ $this->isSecure = $isSecure;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ public function getRandomBytes($bytecount)
+ {
+ $result = '';
+
+ for ($i = 0; $i < $bytecount; $i++) {
+ $result .= chr($i);
+ }
+
+ return $result;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ public function isCryptographicallySecure()
+ {
+ return $this->isSecure;
+ }
+}
diff --git a/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Time/ITimeProviderTest.php b/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Time/ITimeProviderTest.php
new file mode 100644
index 0000000..159e0c8
--- /dev/null
+++ b/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Time/ITimeProviderTest.php
@@ -0,0 +1,53 @@
+<?php
+
+namespace Tests\Providers\Time;
+
+use PHPUnit\Framework\TestCase;
+use Tests\MightNotMakeAssertions;
+use RobThree\Auth\TwoFactorAuthException;
+use RobThree\Auth\TwoFactorAuth;
+
+class ITimeProviderTest extends TestCase
+{
+ use MightNotMakeAssertions;
+
+ /**
+ * @return void
+ */
+ public function testEnsureCorrectTimeDoesNotThrowForCorrectTime()
+ {
+ $tpr1 = new TestTimeProvider(123);
+ $tpr2 = new TestTimeProvider(128);
+
+ $tfa = new TwoFactorAuth('Test', 6, 30, 'sha1', null, null, $tpr1);
+ $tfa->ensureCorrectTime(array($tpr2)); // 128 - 123 = 5 => within default leniency
+
+ $this->noAssertionsMade();
+ }
+
+ /**
+ * @return void
+ */
+ public function testEnsureCorrectTimeThrowsOnIncorrectTime()
+ {
+ $tpr1 = new TestTimeProvider(123);
+ $tpr2 = new TestTimeProvider(124);
+
+ $tfa = new TwoFactorAuth('Test', 6, 30, 'sha1', null, null, $tpr1);
+
+ $this->expectException(TwoFactorAuthException::class);
+
+ $tfa->ensureCorrectTime(array($tpr2), 0); // We force a leniency of 0, 124-123 = 1 so this should throw
+ }
+
+ /**
+ * @return void
+ */
+ public function testEnsureDefaultTimeProviderReturnsCorrectTime()
+ {
+ $tfa = new TwoFactorAuth('Test', 6, 30, 'sha1');
+ $tfa->ensureCorrectTime(array(new TestTimeProvider(time())), 1); // Use a leniency of 1, should the time change between both time() calls
+
+ $this->noAssertionsMade();
+ }
+}
diff --git a/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Time/TestTimeProvider.php b/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Time/TestTimeProvider.php
new file mode 100644
index 0000000..0fc2d12
--- /dev/null
+++ b/mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/robthree/twofactorauth/tests/Providers/Time/TestTimeProvider.php
@@ -0,0 +1,27 @@
+<?php
+
+namespace Tests\Providers\Time;
+
+use RobThree\Auth\Providers\Time\ITimeProvider;
+
+class TestTimeProvider implements ITimeProvider
+{
+ /** @var int */
+ private $time;
+
+ /**
+ * @param int $time
+ */
+ function __construct($time)
+ {
+ $this->time = $time;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ public function getTime()
+ {
+ return $this->time;
+ }
+}