From ce754c17408e2793561c7a013a0b3a8aa0fea8a8 Mon Sep 17 00:00:00 2001 From: Mauro Mura Date: Tue, 12 Nov 2024 08:40:16 +0100 Subject: [PATCH 1/2] Telekom bearer secret changes --- lib/Command/UpsertProvider.php | 12 +- lib/Controller/SettingsController.php | 6 +- lib/Db/Provider.php | 6 + lib/Db/ProviderMapper.php | 7 +- .../Version00008Date20211114183344.php | 25 ++ .../Version010304Date20230902125945.php | 97 ++++ src/components/SettingsForm.vue | 9 + .../unit/MagentaCloud/BearerSettingsTest.php | 420 ++++++++++++++++++ 8 files changed, 577 insertions(+), 5 deletions(-) create mode 100644 lib/Migration/Version00008Date20211114183344.php create mode 100644 lib/Migration/Version010304Date20230902125945.php create mode 100644 tests/unit/MagentaCloud/BearerSettingsTest.php diff --git a/lib/Command/UpsertProvider.php b/lib/Command/UpsertProvider.php index a31690a0..f33303b5 100644 --- a/lib/Command/UpsertProvider.php +++ b/lib/Command/UpsertProvider.php @@ -146,6 +146,7 @@ protected function configure() { ->addOption('clientsecret', 's', InputOption::VALUE_REQUIRED, 'OpenID client secret') ->addOption('discoveryuri', 'd', InputOption::VALUE_REQUIRED, 'OpenID discovery endpoint uri') ->addOption('endsessionendpointuri', 'e', InputOption::VALUE_OPTIONAL, 'OpenID end session endpoint uri') + ->addOption('bearersecret', 'bs', InputOption::VALUE_OPTIONAL, 'Telekom bearer token requires a different client secret for bearer tokens') ->addOption('scope', 'o', InputOption::VALUE_OPTIONAL, 'OpenID requested value scopes, if not set defaults to "openid email profile"'); foreach (self::EXTRA_OPTIONS as $name => $option) { $this->addOption($name, $option['shortcut'], $option['mode'], $option['description'], $option['default']); @@ -170,10 +171,17 @@ protected function execute(InputInterface $input, OutputInterface $output) { return $this->listProviders($input, $output); } + // bearersecret is usually base64 encoded, but SAM delivers it non-encoded by default + // so always encode/decode for this field + $bearersecret = $input->getOption('bearersecret'); + if ($bearersecret !== null) { + $bearersecret = $this->crypto->encrypt(\Base64Url\Base64Url::encode($bearersecret)); + } + // check if any option for updating is provided $updateOptions = array_filter($input->getOptions(), static function ($value, $option) { return in_array($option, [ - 'identifier', 'clientid', 'clientsecret', 'discoveryuri', 'scope', + 'identifier', 'clientid', 'clientsecret', 'discoveryuri', 'scope', 'bearersecret', ...array_keys(self::EXTRA_OPTIONS), ]) && $value !== null; }, ARRAY_FILTER_USE_BOTH); @@ -213,7 +221,7 @@ protected function execute(InputInterface $input, OutputInterface $output) { $scope = $scope ?? 'openid email profile'; } try { - $provider = $this->providerMapper->createOrUpdateProvider($identifier, $clientid, $clientsecret, $discoveryuri, $scope, $endsessionendpointuri); + $provider = $this->providerMapper->createOrUpdateProvider($identifier, $clientid, $clientsecret, $discoveryuri, $scope, $endsessionendpointuri, $bearersecret); // invalidate JWKS cache (even if it was just created) $this->providerService->setSetting($provider->getId(), ProviderService::SETTING_JWKS_CACHE, ''); $this->providerService->setSetting($provider->getId(), ProviderService::SETTING_JWKS_CACHE_TIMESTAMP, ''); diff --git a/lib/Controller/SettingsController.php b/lib/Controller/SettingsController.php index 9af6eba7..b277f5b1 100644 --- a/lib/Controller/SettingsController.php +++ b/lib/Controller/SettingsController.php @@ -73,7 +73,7 @@ public function isDiscoveryEndpointValid($url) { return $result; } - public function createProvider(string $identifier, string $clientId, string $clientSecret, string $discoveryEndpoint, + public function createProvider(string $identifier, string $clientId, string $clientSecret, string $discoveryEndpoint, string $bearerSecret, array $settings = [], string $scope = 'openid email profile', ?string $endSessionEndpoint = null): JSONResponse { if ($this->providerService->getProviderByIdentifier($identifier) !== null) { return new JSONResponse(['message' => 'Provider with the given identifier already exists'], Http::STATUS_CONFLICT); @@ -96,6 +96,8 @@ public function createProvider(string $identifier, string $clientId, string $cli $provider->setDiscoveryEndpoint($discoveryEndpoint); $provider->setEndSessionEndpoint($endSessionEndpoint ?: null); $provider->setScope($scope); + $encryptedBearerSecret = $this->crypto->encrypt(\Base64Url\Base64Url::encode($bearerSecret)); + $provider->setBearerSecret($encryptedBearerSecret); $provider = $this->providerMapper->insert($provider); $providerSettings = $this->providerService->setSettings($provider->getId(), $settings); @@ -103,7 +105,7 @@ public function createProvider(string $identifier, string $clientId, string $cli return new JSONResponse(array_merge($provider->jsonSerialize(), ['settings' => $providerSettings])); } - public function updateProvider(int $providerId, string $identifier, string $clientId, string $discoveryEndpoint, ?string $clientSecret = null, + public function updateProvider(int $providerId, string $identifier, string $clientId, string $discoveryEndpoint, ?string $clientSecret = null, string $bearerSecret = null, array $settings = [], string $scope = 'openid email profile', ?string $endSessionEndpoint = null): JSONResponse { $provider = $this->providerMapper->getProvider($providerId); diff --git a/lib/Db/Provider.php b/lib/Db/Provider.php index 4399b8f3..2f183ccf 100644 --- a/lib/Db/Provider.php +++ b/lib/Db/Provider.php @@ -17,10 +17,13 @@ * @method void setClientId(string $clientId) * @method string getClientSecret() * @method void setClientSecret(string $clientSecret) + * @method string getBearerSecret() + * @method void setBearerSecret(string $bearerSecret) * @method string getDiscoveryEndpoint() * @method void setDiscoveryEndpoint(string $discoveryEndpoint) * @method string getEndSessionEndpoint() * @method void setEndSessionEndpoint(string $endSessionEndpoint) + * @method string getScope() * @method void setScope(string $scope) */ class Provider extends Entity implements \JsonSerializable { @@ -34,6 +37,9 @@ class Provider extends Entity implements \JsonSerializable { /** @var string */ protected $clientSecret; + /** @var string */ + protected $bearerSecret; + /** @var string */ protected $discoveryEndpoint; diff --git a/lib/Db/ProviderMapper.php b/lib/Db/ProviderMapper.php index f3eaf38e..dfd86efd 100644 --- a/lib/Db/ProviderMapper.php +++ b/lib/Db/ProviderMapper.php @@ -80,6 +80,7 @@ public function getProviders() { * @param string $identifier * @param string|null $clientid * @param string|null $clientsecret + * @param string|null $bearersecret * @param string|null $discoveryuri * @param string $scope * @param string|null $endsessionendpointuri @@ -90,7 +91,7 @@ public function getProviders() { */ public function createOrUpdateProvider(string $identifier, ?string $clientid = null, ?string $clientsecret = null, ?string $discoveryuri = null, string $scope = 'openid email profile', - ?string $endsessionendpointuri = null) { + ?string $endsessionendpointuri = null, string $bearersecret = null) { try { $provider = $this->findProviderByIdentifier($identifier); } catch (DoesNotExistException $eNotExist) { @@ -105,6 +106,7 @@ public function createOrUpdateProvider(string $identifier, ?string $clientid = n $provider->setIdentifier($identifier); $provider->setClientId($clientid); $provider->setClientSecret($clientsecret); + $provider->setBearerSecret($bearersecret ?? ''); $provider->setDiscoveryEndpoint($discoveryuri); $provider->setEndSessionEndpoint($endsessionendpointuri); $provider->setScope($scope); @@ -116,6 +118,9 @@ public function createOrUpdateProvider(string $identifier, ?string $clientid = n if ($clientsecret !== null) { $provider->setClientSecret($clientsecret); } + if ($bearersecret !== null) { + $provider->setBearerSecret($bearersecret); + } if ($discoveryuri !== null) { $provider->setDiscoveryEndpoint($discoveryuri); } diff --git a/lib/Migration/Version00008Date20211114183344.php b/lib/Migration/Version00008Date20211114183344.php new file mode 100644 index 00000000..1c9cf6ea --- /dev/null +++ b/lib/Migration/Version00008Date20211114183344.php @@ -0,0 +1,25 @@ +getTable('user_oidc_providers'); + $table->addColumn('bearer_secret', 'string', [ + 'notnull' => true, + 'length' => 64, + ]); + + return $schema; + } +} diff --git a/lib/Migration/Version010304Date20230902125945.php b/lib/Migration/Version010304Date20230902125945.php new file mode 100644 index 00000000..9d817df8 --- /dev/null +++ b/lib/Migration/Version010304Date20230902125945.php @@ -0,0 +1,97 @@ + + * + * @author B. Rederlechner + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ +namespace OCA\UserOIDC\Migration; + +use Closure; +use OCP\DB\ISchemaWrapper; +use OCP\DB\QueryBuilder\IQueryBuilder; +use OCP\IDBConnection; +use OCP\Migration\IOutput; +use OCP\Migration\SimpleMigrationStep; +use OCP\Security\ICrypto; + +class Version010304Date20230902125945 extends SimpleMigrationStep { + + /** + * @var IDBConnection + */ + private $connection; + /** + * @var ICrypto + */ + private $crypto; + + public function __construct( + IDBConnection $connection, + ICrypto $crypto + ) { + $this->connection = $connection; + $this->crypto = $crypto; + } + + public function changeSchema(IOutput $output, Closure $schemaClosure, array $options) { + /** @var ISchemaWrapper $schema */ + $schema = $schemaClosure(); + $tableName = 'user_oidc_providers'; + + if ($schema->hasTable($tableName)) { + $table = $schema->getTable($tableName); + if ($table->hasColumn('bearer_secret')) { + $column = $table->getColumn('bearer_secret'); + $column->setLength(512); + return $schema; + } + } + + return null; + } + + public function postSchemaChange(IOutput $output, Closure $schemaClosure, array $options) { + $tableName = 'user_oidc_providers'; + + // update secrets in user_oidc_providers and user_oidc_id4me + $qbUpdate = $this->connection->getQueryBuilder(); + $qbUpdate->update($tableName) + ->set('bearer_secret', $qbUpdate->createParameter('updateSecret')) + ->where( + $qbUpdate->expr()->eq('id', $qbUpdate->createParameter('updateId')) + ); + + $qbSelect = $this->connection->getQueryBuilder(); + $qbSelect->select('id', 'bearer_secret') + ->from($tableName); + $req = $qbSelect->executeQuery(); + while ($row = $req->fetch()) { + $id = $row['id']; + $secret = $row['bearer_secret']; + $encryptedSecret = $this->crypto->encrypt($secret); + $qbUpdate->setParameter('updateSecret', $encryptedSecret, IQueryBuilder::PARAM_STR); + $qbUpdate->setParameter('updateId', $id, IQueryBuilder::PARAM_INT); + $qbUpdate->executeStatement(); + } + $req->closeCursor(); + } +} diff --git a/src/components/SettingsForm.vue b/src/components/SettingsForm.vue index 81eee52b..ad6d860b 100644 --- a/src/components/SettingsForm.vue +++ b/src/components/SettingsForm.vue @@ -32,6 +32,15 @@ :required="!update" autocomplete="off">

+

+ + +

{{ t('user_oidc', 'Warning, if the protocol of the URLs in the discovery content is HTTP, the ID token will be delivered through an insecure connection.') }} diff --git a/tests/unit/MagentaCloud/BearerSettingsTest.php b/tests/unit/MagentaCloud/BearerSettingsTest.php new file mode 100644 index 00000000..8ac57376 --- /dev/null +++ b/tests/unit/MagentaCloud/BearerSettingsTest.php @@ -0,0 +1,420 @@ + + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ + +declare(strict_types=1); + +use OCP\IRequest; +use OCP\IConfig; + +use OCA\UserOIDC\AppInfo\Application; + +use OCA\UserOIDC\Service\ProviderService; +use OCA\UserOIDC\Db\Provider; +use OCA\UserOIDC\Db\ProviderMapper; + +use OCP\Security\ICrypto; + +use OCA\UserOIDC\Command\UpsertProvider; +use Symfony\Component\Console\Tester\CommandTester; + + +use PHPUnit\Framework\TestCase; + +class BearerSettingsTest extends TestCase { + /** + * @var ProviderService + */ + private $provider; + + /** + * @var IConfig; + */ + private $config; + + public function setUp(): void { + parent::setUp(); + + $app = new \OCP\AppFramework\App(Application::APP_ID); + $this->requestMock = $this->createMock(IRequest::class); + + $this->config = $this->createMock(IConfig::class); + $this->providerMapper = $this->createMock(ProviderMapper::class); + $providers = [ + new \OCA\UserOIDC\Db\Provider(), + ]; + $providers[0]->setId(1); + $providers[0]->setIdentifier('Fraesbook'); + + $this->providerMapper->expects(self::any()) + ->method('getProviders') + ->willReturn($providers); + + $this->providerService = $this->getMockBuilder(ProviderService::class) + ->setConstructorArgs([ $this->config, $this->providerMapper]) + ->onlyMethods(['getProviderByIdentifier']) + ->getMock(); + $this->crypto = $app->getContainer()->get(ICrypto::class); + } + + protected function mockCreateUpdate( + string $providername, + string|null $clientid, + string|null $clientsecret, + string|null $discovery, + string $scope, + string|null $bearersecret, + array $options, + int $id = 2 + ) { + $provider = $this->getMockBuilder(Provider::class) + ->addMethods(['getIdentifier', 'getId']) + ->getMock(); + $provider->expects($this->any()) + ->method('getIdentifier') + ->willReturn($providername); + $provider->expects($this->any()) + ->method('getId') + ->willReturn($id); + + $this->providerMapper->expects($this->once()) + ->method('createOrUpdateProvider') + ->with( + $this->equalTo($providername), + $this->equalTo($clientid), + $this->anything(), + $this->equalTo($discovery), + $this->equalTo($scope), + $this->anything() + ) + ->willReturnCallback(function ($id, $clientid, $secret, $discovery, $scope, $bsecret) use ($clientsecret, $bearersecret, $provider) { + if ($secret !== null) { + $this->assertEquals($clientsecret, $this->crypto->decrypt($secret)); + } else { + $this->assertNull($secret); + } + if ($bsecret !== null) { + $this->assertEquals($bearersecret, \Base64Url\Base64Url::decode($this->crypto->decrypt($bsecret))); + } else { + $this->assertNull($bsecret); + } + return $provider; + }); + + + $this->config->expects($this->any()) + ->method('setAppValue') + ->with($this->equalTo(Application::APP_ID), $this->anything(), $this->anything()) + ->willReturnCallback(function ($appid, $key, $value) use ($options) { + if (array_key_exists($key, $options)) { + $this->assertEquals($options[$key], $value); + } + return ''; + }); + } + + + public function testCommandAddProvider() { + $this->providerService->expects($this->once()) + ->method('getProviderByIdentifier') + ->with($this->equalTo('Telekom')) + ->willReturn(null); + + $this->mockCreateUpdate('Telekom', + '10TVL0SAM30000004901NEXTMAGENTACLOUDTEST', + 'clientsecret***', + 'https://accounts.login00.idm.ver.sul.t-online.de/.well-known/openid-configuration', + 'openid email profile', + 'bearersecret***', + [ + 'provider-2-' . ProviderService::SETTING_UNIQUE_UID => '0', + 'provider-2-' . ProviderService::SETTING_MAPPING_DISPLAYNAME => 'urn:telekom.com:displayname', + 'provider-2-' . ProviderService::SETTING_MAPPING_EMAIL => 'urn:telekom.com:mainEmail', + 'provider-2-' . ProviderService::SETTING_MAPPING_QUOTA => 'quota', + 'provider-2-' . ProviderService::SETTING_MAPPING_UID => 'sub' + ]); + + $command = new UpsertProvider($this->providerService, $this->providerMapper, $this->crypto); + $commandTester = new CommandTester($command); + + $commandTester->execute(array( + 'identifier' => 'Telekom', + '--clientid' => '10TVL0SAM30000004901NEXTMAGENTACLOUDTEST', + '--clientsecret' => 'clientsecret***', + '--bearersecret' => 'bearersecret***', + '--discoveryuri' => 'https://accounts.login00.idm.ver.sul.t-online.de/.well-known/openid-configuration', + '--scope' => 'openid email profile', + '--unique-uid' => '0', + '--mapping-display-name' => 'urn:telekom.com:displayname', + '--mapping-email' => 'urn:telekom.com:mainEmail', + '--mapping-quota' => 'quota', + '--mapping-uid' => 'sub', + )); + + + //$output = $commandTester->getOutput(); + //$this->assertContains('done', $output); + } + + protected function mockProvider(string $providername, + string $clientid, + string $clientsecret, + string $discovery, + string $scope, + string $bearersecret, + int $id = 2) : Provider { + $provider = $this->getMockBuilder(Provider::class) + ->addMethods(['getIdentifier', 'getClientId', 'getClientSecret', 'getBearerSecret', 'getDiscoveryEndpoint']) + ->setMethods(['getScope', 'getId']) + ->getMock(); + $provider->expects($this->any()) + ->method('getIdentifier') + ->willReturn($providername); + $provider->expects($this->any()) + ->method('getId') + ->willReturn(2); + $provider->expects($this->any()) + ->method('getClientId') + ->willReturn($clientid); + $provider->expects($this->any()) + ->method('getClientSecret') + ->willReturn($clientsecret); + $provider->expects($this->any()) + ->method('getBearerSecret') + ->willReturn(\Base64Url\Base64Url::encode($bearersecret)); + $provider->expects($this->any()) + ->method('getDiscoveryEndpoint') + ->willReturn($discovery); + $provider->expects($this->any()) + ->method('getScope') + ->willReturn($scope); + + return $provider; + } + + public function testCommandUpdateFull() { + $provider = $this->getMockBuilder(Provider::class) + ->addMethods(['getIdentifier', 'getClientId', 'getClientSecret', 'getBearerSecret', 'getDiscoveryEndpoint']) + ->setMethods(['getScope']) + ->getMock(); + $provider->expects($this->any()) + ->method('getIdentifier') + ->willReturn('Telekom'); + $provider->expects($this->never())->method('getClientId'); + $provider->expects($this->never())->method('getClientSecret'); + $provider->expects($this->never())->method('getBearerSecret'); + $provider->expects($this->never())->method('getDiscoveryEndpoint'); + $provider->expects($this->never())->method('getScope'); + + $this->providerService->expects($this->once()) + ->method('getProviderByIdentifier') + ->with($this->equalTo('Telekom')) + ->willReturn(null); + $this->mockCreateUpdate('Telekom', + '10TVL0SAM30000004902NEXTMAGENTACLOUDTEST', + 'client*secret***', + 'https://accounts.login00.idm.ver.sul.t-online.de/.well-unknown/openid-configuration', + 'openid profile', + 'bearer*secret***', + [ + 'provider-2-' . ProviderService::SETTING_UNIQUE_UID => '1', + 'provider-2-' . ProviderService::SETTING_MAPPING_DISPLAYNAME => 'urn:telekom.com:displaykrame', + 'provider-2-' . ProviderService::SETTING_MAPPING_EMAIL => 'urn:telekom.com:mainDemail', + 'provider-2-' . ProviderService::SETTING_MAPPING_QUOTA => 'quotas', + 'provider-2-' . ProviderService::SETTING_MAPPING_UID => 'flop' + ]); + + $command = new UpsertProvider($this->providerService, $this->providerMapper, $this->crypto); + $commandTester = new CommandTester($command); + $commandTester->execute(array( + 'identifier' => 'Telekom', + '--clientid' => '10TVL0SAM30000004902NEXTMAGENTACLOUDTEST', + '--clientsecret' => 'client*secret***', + '--bearersecret' => 'bearer*secret***', + '--discoveryuri' => 'https://accounts.login00.idm.ver.sul.t-online.de/.well-unknown/openid-configuration', + '--scope' => 'openid profile', + '--mapping-display-name' => 'urn:telekom.com:displaykrame', + '--mapping-email' => 'urn:telekom.com:mainDemail', + '--mapping-quota' => 'quotas', + '--mapping-uid' => 'flop', + '--unique-uid' => '1' + )); + } + + public function testCommandUpdateSingleClientId() { + $provider = $this->mockProvider('Telekom', '10TVL0SAM30000004901NEXTMAGENTACLOUDTEST', 'clientsecret***', + 'https://accounts.login00.idm.ver.sul.t-online.de/.well-known/openid-configuration', + 'openid email profile', 'bearersecret***'); + $this->providerService->expects($this->once()) + ->method('getProviderByIdentifier') + ->with($this->equalTo('Telekom')) + ->willReturn($provider); + $this->mockCreateUpdate( + 'Telekom', + '10TVL0SAM30000004903NEXTMAGENTACLOUDTEST', + null, + null, + 'openid email profile', + null, + []); + + $command = new UpsertProvider($this->providerService, $this->providerMapper, $this->crypto); + $commandTester = new CommandTester($command); + + $commandTester->execute(array( + 'identifier' => 'Telekom', + '--clientid' => '10TVL0SAM30000004903NEXTMAGENTACLOUDTEST', + )); + } + + + public function testCommandUpdateSingleClientSecret() { + $provider = $this->mockProvider('Telekom', '10TVL0SAM30000004901NEXTMAGENTACLOUDTEST', 'clientsecret***', + 'https://accounts.login00.idm.ver.sul.t-online.de/.well-known/openid-configuration', + 'openid email profile', 'bearersecret***'); + $this->providerService->expects($this->once()) + ->method('getProviderByIdentifier') + ->with($this->equalTo('Telekom')) + ->willReturn($provider); + $this->mockCreateUpdate( + 'Telekom', + null, + '***clientsecret***', + null, + 'openid email profile', + null, + []); + + $command = new UpsertProvider($this->providerService, $this->providerMapper, $this->crypto); + $commandTester = new CommandTester($command); + + $commandTester->execute(array( + 'identifier' => 'Telekom', + '--clientsecret' => '***clientsecret***', + )); + } + + public function testCommandUpdateSingleBearerSecret() { + $provider = $this->mockProvider('Telekom', '10TVL0SAM30000004901NEXTMAGENTACLOUDTEST', 'clientsecret***', + 'https://accounts.login00.idm.ver.sul.t-online.de/.well-known/openid-configuration', + 'openid email profile', 'bearersecret***'); + $this->providerService->expects($this->once()) + ->method('getProviderByIdentifier') + ->with($this->equalTo('Telekom')) + ->willReturn($provider); + $this->mockCreateUpdate( + 'Telekom', + null, + null, + null, + 'openid email profile', + '***bearersecret***', + []); + + + $command = new UpsertProvider($this->providerService, $this->providerMapper, $this->crypto); + $commandTester = new CommandTester($command); + + $commandTester->execute(array( + 'identifier' => 'Telekom', + '--bearersecret' => '***bearersecret***', + )); + } + + public function testCommandUpdateSingleDiscoveryEndpoint() { + $provider = $this->mockProvider('Telekom', '10TVL0SAM30000004901NEXTMAGENTACLOUDTEST', 'clientsecret***', + 'https://accounts.login00.idm.ver.sul.t-online.de/.well-known/openid-configuration', + 'openid email profile', 'bearersecret***'); + $this->providerService->expects($this->once()) + ->method('getProviderByIdentifier') + ->with($this->equalTo('Telekom')) + ->willReturn($provider); + $this->mockCreateUpdate( + 'Telekom', + null, + null, + 'https://accounts.login00.idm.ver.sul.t-online.de/.well-unknown/openid-configuration', + 'openid email profile', + null, []); + + $command = new UpsertProvider($this->providerService, $this->providerMapper, $this->crypto); + $commandTester = new CommandTester($command); + + $commandTester->execute(array( + 'identifier' => 'Telekom', + '--discoveryuri' => 'https://accounts.login00.idm.ver.sul.t-online.de/.well-unknown/openid-configuration', + )); + } + + public function testCommandUpdateSingleScope() { + $provider = $this->mockProvider('Telekom', '10TVL0SAM30000004901NEXTMAGENTACLOUDTEST', 'clientsecret***', + 'https://accounts.login00.idm.ver.sul.t-online.de/.well-known/openid-configuration', + 'openid email profile', 'bearersecret***'); + $this->providerService->expects($this->once()) + ->method('getProviderByIdentifier') + ->with($this->equalTo('Telekom')) + ->willReturn($provider); + $this->mockCreateUpdate( + 'Telekom', + null, + null, + null, + 'openid profile', + '***bearersecret***', + []); + + + $command = new UpsertProvider($this->providerService, $this->providerMapper, $this->crypto); + $commandTester = new CommandTester($command); + + $commandTester->execute(array( + 'identifier' => 'Telekom', + '--scope' => 'openid profile', + )); + } + + public function testCommandUpdateSingleUniqueUid() { + $provider = $this->mockProvider('Telekom', '10TVL0SAM30000004901NEXTMAGENTACLOUDTEST', 'clientsecret***', + 'https://accounts.login00.idm.ver.sul.t-online.de/.well-known/openid-configuration', + 'openid email profile', 'bearersecret***'); + $this->providerService->expects($this->once()) + ->method('getProviderByIdentifier') + ->with($this->equalTo('Telekom')) + ->willReturn($provider); + $this->mockCreateUpdate( + 'Telekom', + null, + null, + null, + 'openid email profile', + null, + ['provider-2-' . ProviderService::SETTING_UNIQUE_UID => '1']); + + $command = new UpsertProvider($this->providerService, $this->providerMapper, $this->crypto); + $commandTester = new CommandTester($command); + + $commandTester->execute(array( + 'identifier' => 'Telekom', + '--unique-uid' => '1', + )); + } +} From d7230794955aa4b225689f8d367c9ee353b626b7 Mon Sep 17 00:00:00 2001 From: Mauro Mura Date: Thu, 14 Nov 2024 10:28:51 +0100 Subject: [PATCH 2/2] fixed code style --- lib/Controller/SettingsController.php | 2 +- lib/Db/ProviderMapper.php | 2 +- .../Version010304Date20230902125945.php | 12 +- .../unit/MagentaCloud/BearerSettingsTest.php | 324 +++++++++--------- 4 files changed, 170 insertions(+), 170 deletions(-) diff --git a/lib/Controller/SettingsController.php b/lib/Controller/SettingsController.php index b277f5b1..2a6cc36b 100644 --- a/lib/Controller/SettingsController.php +++ b/lib/Controller/SettingsController.php @@ -105,7 +105,7 @@ public function createProvider(string $identifier, string $clientId, string $cli return new JSONResponse(array_merge($provider->jsonSerialize(), ['settings' => $providerSettings])); } - public function updateProvider(int $providerId, string $identifier, string $clientId, string $discoveryEndpoint, ?string $clientSecret = null, string $bearerSecret = null, + public function updateProvider(int $providerId, string $identifier, string $clientId, string $discoveryEndpoint, ?string $clientSecret = null, ?string $bearerSecret = null, array $settings = [], string $scope = 'openid email profile', ?string $endSessionEndpoint = null): JSONResponse { $provider = $this->providerMapper->getProvider($providerId); diff --git a/lib/Db/ProviderMapper.php b/lib/Db/ProviderMapper.php index dfd86efd..dad1fa1f 100644 --- a/lib/Db/ProviderMapper.php +++ b/lib/Db/ProviderMapper.php @@ -91,7 +91,7 @@ public function getProviders() { */ public function createOrUpdateProvider(string $identifier, ?string $clientid = null, ?string $clientsecret = null, ?string $discoveryuri = null, string $scope = 'openid email profile', - ?string $endsessionendpointuri = null, string $bearersecret = null) { + ?string $endsessionendpointuri = null, ?string $bearersecret = null) { try { $provider = $this->findProviderByIdentifier($identifier); } catch (DoesNotExistException $eNotExist) { diff --git a/lib/Migration/Version010304Date20230902125945.php b/lib/Migration/Version010304Date20230902125945.php index 9d817df8..bbc04849 100644 --- a/lib/Migration/Version010304Date20230902125945.php +++ b/lib/Migration/Version010304Date20230902125945.php @@ -46,7 +46,7 @@ class Version010304Date20230902125945 extends SimpleMigrationStep { public function __construct( IDBConnection $connection, - ICrypto $crypto + ICrypto $crypto, ) { $this->connection = $connection; $this->crypto = $crypto; @@ -75,14 +75,14 @@ public function postSchemaChange(IOutput $output, Closure $schemaClosure, array // update secrets in user_oidc_providers and user_oidc_id4me $qbUpdate = $this->connection->getQueryBuilder(); $qbUpdate->update($tableName) - ->set('bearer_secret', $qbUpdate->createParameter('updateSecret')) - ->where( - $qbUpdate->expr()->eq('id', $qbUpdate->createParameter('updateId')) - ); + ->set('bearer_secret', $qbUpdate->createParameter('updateSecret')) + ->where( + $qbUpdate->expr()->eq('id', $qbUpdate->createParameter('updateId')) + ); $qbSelect = $this->connection->getQueryBuilder(); $qbSelect->select('id', 'bearer_secret') - ->from($tableName); + ->from($tableName); $req = $qbSelect->executeQuery(); while ($row = $req->fetch()) { $id = $row['id']; diff --git a/tests/unit/MagentaCloud/BearerSettingsTest.php b/tests/unit/MagentaCloud/BearerSettingsTest.php index 8ac57376..eb142675 100644 --- a/tests/unit/MagentaCloud/BearerSettingsTest.php +++ b/tests/unit/MagentaCloud/BearerSettingsTest.php @@ -23,22 +23,22 @@ declare(strict_types=1); -use OCP\IRequest; -use OCP\IConfig; - use OCA\UserOIDC\AppInfo\Application; +use OCA\UserOIDC\Command\UpsertProvider; -use OCA\UserOIDC\Service\ProviderService; use OCA\UserOIDC\Db\Provider; + use OCA\UserOIDC\Db\ProviderMapper; +use OCA\UserOIDC\Service\ProviderService; +use OCP\IConfig; -use OCP\Security\ICrypto; +use OCP\IRequest; -use OCA\UserOIDC\Command\UpsertProvider; -use Symfony\Component\Console\Tester\CommandTester; +use OCP\Security\ICrypto; +use PHPUnit\Framework\TestCase; -use PHPUnit\Framework\TestCase; +use Symfony\Component\Console\Tester\CommandTester; class BearerSettingsTest extends TestCase { /** @@ -70,93 +70,93 @@ public function setUp(): void { ->willReturn($providers); $this->providerService = $this->getMockBuilder(ProviderService::class) - ->setConstructorArgs([ $this->config, $this->providerMapper]) - ->onlyMethods(['getProviderByIdentifier']) - ->getMock(); + ->setConstructorArgs([ $this->config, $this->providerMapper]) + ->onlyMethods(['getProviderByIdentifier']) + ->getMock(); $this->crypto = $app->getContainer()->get(ICrypto::class); } protected function mockCreateUpdate( string $providername, - string|null $clientid, - string|null $clientsecret, - string|null $discovery, + ?string $clientid, + ?string $clientsecret, + ?string $discovery, string $scope, - string|null $bearersecret, + ?string $bearersecret, array $options, - int $id = 2 + int $id = 2, ) { $provider = $this->getMockBuilder(Provider::class) - ->addMethods(['getIdentifier', 'getId']) - ->getMock(); + ->addMethods(['getIdentifier', 'getId']) + ->getMock(); $provider->expects($this->any()) - ->method('getIdentifier') - ->willReturn($providername); + ->method('getIdentifier') + ->willReturn($providername); $provider->expects($this->any()) - ->method('getId') - ->willReturn($id); + ->method('getId') + ->willReturn($id); $this->providerMapper->expects($this->once()) - ->method('createOrUpdateProvider') - ->with( - $this->equalTo($providername), - $this->equalTo($clientid), - $this->anything(), - $this->equalTo($discovery), - $this->equalTo($scope), - $this->anything() - ) - ->willReturnCallback(function ($id, $clientid, $secret, $discovery, $scope, $bsecret) use ($clientsecret, $bearersecret, $provider) { - if ($secret !== null) { - $this->assertEquals($clientsecret, $this->crypto->decrypt($secret)); - } else { - $this->assertNull($secret); - } - if ($bsecret !== null) { - $this->assertEquals($bearersecret, \Base64Url\Base64Url::decode($this->crypto->decrypt($bsecret))); - } else { - $this->assertNull($bsecret); - } - return $provider; - }); + ->method('createOrUpdateProvider') + ->with( + $this->equalTo($providername), + $this->equalTo($clientid), + $this->anything(), + $this->equalTo($discovery), + $this->equalTo($scope), + $this->anything() + ) + ->willReturnCallback(function ($id, $clientid, $secret, $discovery, $scope, $bsecret) use ($clientsecret, $bearersecret, $provider) { + if ($secret !== null) { + $this->assertEquals($clientsecret, $this->crypto->decrypt($secret)); + } else { + $this->assertNull($secret); + } + if ($bsecret !== null) { + $this->assertEquals($bearersecret, \Base64Url\Base64Url::decode($this->crypto->decrypt($bsecret))); + } else { + $this->assertNull($bsecret); + } + return $provider; + }); $this->config->expects($this->any()) - ->method('setAppValue') - ->with($this->equalTo(Application::APP_ID), $this->anything(), $this->anything()) - ->willReturnCallback(function ($appid, $key, $value) use ($options) { - if (array_key_exists($key, $options)) { - $this->assertEquals($options[$key], $value); - } - return ''; - }); + ->method('setAppValue') + ->with($this->equalTo(Application::APP_ID), $this->anything(), $this->anything()) + ->willReturnCallback(function ($appid, $key, $value) use ($options) { + if (array_key_exists($key, $options)) { + $this->assertEquals($options[$key], $value); + } + return ''; + }); } public function testCommandAddProvider() { $this->providerService->expects($this->once()) - ->method('getProviderByIdentifier') - ->with($this->equalTo('Telekom')) - ->willReturn(null); + ->method('getProviderByIdentifier') + ->with($this->equalTo('Telekom')) + ->willReturn(null); $this->mockCreateUpdate('Telekom', - '10TVL0SAM30000004901NEXTMAGENTACLOUDTEST', - 'clientsecret***', - 'https://accounts.login00.idm.ver.sul.t-online.de/.well-known/openid-configuration', - 'openid email profile', - 'bearersecret***', - [ - 'provider-2-' . ProviderService::SETTING_UNIQUE_UID => '0', - 'provider-2-' . ProviderService::SETTING_MAPPING_DISPLAYNAME => 'urn:telekom.com:displayname', - 'provider-2-' . ProviderService::SETTING_MAPPING_EMAIL => 'urn:telekom.com:mainEmail', - 'provider-2-' . ProviderService::SETTING_MAPPING_QUOTA => 'quota', - 'provider-2-' . ProviderService::SETTING_MAPPING_UID => 'sub' - ]); + '10TVL0SAM30000004901NEXTMAGENTACLOUDTEST', + 'clientsecret***', + 'https://accounts.login00.idm.ver.sul.t-online.de/.well-known/openid-configuration', + 'openid email profile', + 'bearersecret***', + [ + 'provider-2-' . ProviderService::SETTING_UNIQUE_UID => '0', + 'provider-2-' . ProviderService::SETTING_MAPPING_DISPLAYNAME => 'urn:telekom.com:displayname', + 'provider-2-' . ProviderService::SETTING_MAPPING_EMAIL => 'urn:telekom.com:mainEmail', + 'provider-2-' . ProviderService::SETTING_MAPPING_QUOTA => 'quota', + 'provider-2-' . ProviderService::SETTING_MAPPING_UID => 'sub' + ]); $command = new UpsertProvider($this->providerService, $this->providerMapper, $this->crypto); $commandTester = new CommandTester($command); - $commandTester->execute(array( + $commandTester->execute([ 'identifier' => 'Telekom', '--clientid' => '10TVL0SAM30000004901NEXTMAGENTACLOUDTEST', '--clientsecret' => 'clientsecret***', @@ -168,7 +168,7 @@ public function testCommandAddProvider() { '--mapping-email' => 'urn:telekom.com:mainEmail', '--mapping-quota' => 'quota', '--mapping-uid' => 'sub', - )); + ]); //$output = $commandTester->getOutput(); @@ -176,49 +176,49 @@ public function testCommandAddProvider() { } protected function mockProvider(string $providername, - string $clientid, - string $clientsecret, - string $discovery, - string $scope, - string $bearersecret, - int $id = 2) : Provider { + string $clientid, + string $clientsecret, + string $discovery, + string $scope, + string $bearersecret, + int $id = 2) : Provider { $provider = $this->getMockBuilder(Provider::class) - ->addMethods(['getIdentifier', 'getClientId', 'getClientSecret', 'getBearerSecret', 'getDiscoveryEndpoint']) - ->setMethods(['getScope', 'getId']) - ->getMock(); + ->addMethods(['getIdentifier', 'getClientId', 'getClientSecret', 'getBearerSecret', 'getDiscoveryEndpoint']) + ->setMethods(['getScope', 'getId']) + ->getMock(); $provider->expects($this->any()) - ->method('getIdentifier') - ->willReturn($providername); + ->method('getIdentifier') + ->willReturn($providername); $provider->expects($this->any()) - ->method('getId') - ->willReturn(2); + ->method('getId') + ->willReturn(2); $provider->expects($this->any()) - ->method('getClientId') - ->willReturn($clientid); + ->method('getClientId') + ->willReturn($clientid); $provider->expects($this->any()) - ->method('getClientSecret') - ->willReturn($clientsecret); + ->method('getClientSecret') + ->willReturn($clientsecret); $provider->expects($this->any()) - ->method('getBearerSecret') - ->willReturn(\Base64Url\Base64Url::encode($bearersecret)); + ->method('getBearerSecret') + ->willReturn(\Base64Url\Base64Url::encode($bearersecret)); $provider->expects($this->any()) - ->method('getDiscoveryEndpoint') - ->willReturn($discovery); + ->method('getDiscoveryEndpoint') + ->willReturn($discovery); $provider->expects($this->any()) - ->method('getScope') - ->willReturn($scope); + ->method('getScope') + ->willReturn($scope); return $provider; } public function testCommandUpdateFull() { $provider = $this->getMockBuilder(Provider::class) - ->addMethods(['getIdentifier', 'getClientId', 'getClientSecret', 'getBearerSecret', 'getDiscoveryEndpoint']) - ->setMethods(['getScope']) - ->getMock(); + ->addMethods(['getIdentifier', 'getClientId', 'getClientSecret', 'getBearerSecret', 'getDiscoveryEndpoint']) + ->setMethods(['getScope']) + ->getMock(); $provider->expects($this->any()) - ->method('getIdentifier') - ->willReturn('Telekom'); + ->method('getIdentifier') + ->willReturn('Telekom'); $provider->expects($this->never())->method('getClientId'); $provider->expects($this->never())->method('getClientSecret'); $provider->expects($this->never())->method('getBearerSecret'); @@ -226,26 +226,26 @@ public function testCommandUpdateFull() { $provider->expects($this->never())->method('getScope'); $this->providerService->expects($this->once()) - ->method('getProviderByIdentifier') - ->with($this->equalTo('Telekom')) - ->willReturn(null); + ->method('getProviderByIdentifier') + ->with($this->equalTo('Telekom')) + ->willReturn(null); $this->mockCreateUpdate('Telekom', - '10TVL0SAM30000004902NEXTMAGENTACLOUDTEST', - 'client*secret***', - 'https://accounts.login00.idm.ver.sul.t-online.de/.well-unknown/openid-configuration', - 'openid profile', - 'bearer*secret***', - [ - 'provider-2-' . ProviderService::SETTING_UNIQUE_UID => '1', - 'provider-2-' . ProviderService::SETTING_MAPPING_DISPLAYNAME => 'urn:telekom.com:displaykrame', - 'provider-2-' . ProviderService::SETTING_MAPPING_EMAIL => 'urn:telekom.com:mainDemail', - 'provider-2-' . ProviderService::SETTING_MAPPING_QUOTA => 'quotas', - 'provider-2-' . ProviderService::SETTING_MAPPING_UID => 'flop' - ]); + '10TVL0SAM30000004902NEXTMAGENTACLOUDTEST', + 'client*secret***', + 'https://accounts.login00.idm.ver.sul.t-online.de/.well-unknown/openid-configuration', + 'openid profile', + 'bearer*secret***', + [ + 'provider-2-' . ProviderService::SETTING_UNIQUE_UID => '1', + 'provider-2-' . ProviderService::SETTING_MAPPING_DISPLAYNAME => 'urn:telekom.com:displaykrame', + 'provider-2-' . ProviderService::SETTING_MAPPING_EMAIL => 'urn:telekom.com:mainDemail', + 'provider-2-' . ProviderService::SETTING_MAPPING_QUOTA => 'quotas', + 'provider-2-' . ProviderService::SETTING_MAPPING_UID => 'flop' + ]); $command = new UpsertProvider($this->providerService, $this->providerMapper, $this->crypto); $commandTester = new CommandTester($command); - $commandTester->execute(array( + $commandTester->execute([ 'identifier' => 'Telekom', '--clientid' => '10TVL0SAM30000004902NEXTMAGENTACLOUDTEST', '--clientsecret' => 'client*secret***', @@ -257,17 +257,17 @@ public function testCommandUpdateFull() { '--mapping-quota' => 'quotas', '--mapping-uid' => 'flop', '--unique-uid' => '1' - )); + ]); } public function testCommandUpdateSingleClientId() { $provider = $this->mockProvider('Telekom', '10TVL0SAM30000004901NEXTMAGENTACLOUDTEST', 'clientsecret***', - 'https://accounts.login00.idm.ver.sul.t-online.de/.well-known/openid-configuration', - 'openid email profile', 'bearersecret***'); + 'https://accounts.login00.idm.ver.sul.t-online.de/.well-known/openid-configuration', + 'openid email profile', 'bearersecret***'); $this->providerService->expects($this->once()) - ->method('getProviderByIdentifier') - ->with($this->equalTo('Telekom')) - ->willReturn($provider); + ->method('getProviderByIdentifier') + ->with($this->equalTo('Telekom')) + ->willReturn($provider); $this->mockCreateUpdate( 'Telekom', '10TVL0SAM30000004903NEXTMAGENTACLOUDTEST', @@ -280,21 +280,21 @@ public function testCommandUpdateSingleClientId() { $command = new UpsertProvider($this->providerService, $this->providerMapper, $this->crypto); $commandTester = new CommandTester($command); - $commandTester->execute(array( + $commandTester->execute([ 'identifier' => 'Telekom', '--clientid' => '10TVL0SAM30000004903NEXTMAGENTACLOUDTEST', - )); + ]); } public function testCommandUpdateSingleClientSecret() { $provider = $this->mockProvider('Telekom', '10TVL0SAM30000004901NEXTMAGENTACLOUDTEST', 'clientsecret***', - 'https://accounts.login00.idm.ver.sul.t-online.de/.well-known/openid-configuration', - 'openid email profile', 'bearersecret***'); + 'https://accounts.login00.idm.ver.sul.t-online.de/.well-known/openid-configuration', + 'openid email profile', 'bearersecret***'); $this->providerService->expects($this->once()) - ->method('getProviderByIdentifier') - ->with($this->equalTo('Telekom')) - ->willReturn($provider); + ->method('getProviderByIdentifier') + ->with($this->equalTo('Telekom')) + ->willReturn($provider); $this->mockCreateUpdate( 'Telekom', null, @@ -307,20 +307,20 @@ public function testCommandUpdateSingleClientSecret() { $command = new UpsertProvider($this->providerService, $this->providerMapper, $this->crypto); $commandTester = new CommandTester($command); - $commandTester->execute(array( + $commandTester->execute([ 'identifier' => 'Telekom', '--clientsecret' => '***clientsecret***', - )); + ]); } public function testCommandUpdateSingleBearerSecret() { $provider = $this->mockProvider('Telekom', '10TVL0SAM30000004901NEXTMAGENTACLOUDTEST', 'clientsecret***', - 'https://accounts.login00.idm.ver.sul.t-online.de/.well-known/openid-configuration', - 'openid email profile', 'bearersecret***'); + 'https://accounts.login00.idm.ver.sul.t-online.de/.well-known/openid-configuration', + 'openid email profile', 'bearersecret***'); $this->providerService->expects($this->once()) - ->method('getProviderByIdentifier') - ->with($this->equalTo('Telekom')) - ->willReturn($provider); + ->method('getProviderByIdentifier') + ->with($this->equalTo('Telekom')) + ->willReturn($provider); $this->mockCreateUpdate( 'Telekom', null, @@ -334,45 +334,45 @@ public function testCommandUpdateSingleBearerSecret() { $command = new UpsertProvider($this->providerService, $this->providerMapper, $this->crypto); $commandTester = new CommandTester($command); - $commandTester->execute(array( + $commandTester->execute([ 'identifier' => 'Telekom', '--bearersecret' => '***bearersecret***', - )); + ]); } public function testCommandUpdateSingleDiscoveryEndpoint() { $provider = $this->mockProvider('Telekom', '10TVL0SAM30000004901NEXTMAGENTACLOUDTEST', 'clientsecret***', - 'https://accounts.login00.idm.ver.sul.t-online.de/.well-known/openid-configuration', - 'openid email profile', 'bearersecret***'); + 'https://accounts.login00.idm.ver.sul.t-online.de/.well-known/openid-configuration', + 'openid email profile', 'bearersecret***'); $this->providerService->expects($this->once()) - ->method('getProviderByIdentifier') - ->with($this->equalTo('Telekom')) - ->willReturn($provider); + ->method('getProviderByIdentifier') + ->with($this->equalTo('Telekom')) + ->willReturn($provider); $this->mockCreateUpdate( - 'Telekom', - null, - null, - 'https://accounts.login00.idm.ver.sul.t-online.de/.well-unknown/openid-configuration', - 'openid email profile', - null, []); + 'Telekom', + null, + null, + 'https://accounts.login00.idm.ver.sul.t-online.de/.well-unknown/openid-configuration', + 'openid email profile', + null, []); $command = new UpsertProvider($this->providerService, $this->providerMapper, $this->crypto); $commandTester = new CommandTester($command); - $commandTester->execute(array( + $commandTester->execute([ 'identifier' => 'Telekom', '--discoveryuri' => 'https://accounts.login00.idm.ver.sul.t-online.de/.well-unknown/openid-configuration', - )); + ]); } public function testCommandUpdateSingleScope() { $provider = $this->mockProvider('Telekom', '10TVL0SAM30000004901NEXTMAGENTACLOUDTEST', 'clientsecret***', - 'https://accounts.login00.idm.ver.sul.t-online.de/.well-known/openid-configuration', - 'openid email profile', 'bearersecret***'); + 'https://accounts.login00.idm.ver.sul.t-online.de/.well-known/openid-configuration', + 'openid email profile', 'bearersecret***'); $this->providerService->expects($this->once()) - ->method('getProviderByIdentifier') - ->with($this->equalTo('Telekom')) - ->willReturn($provider); + ->method('getProviderByIdentifier') + ->with($this->equalTo('Telekom')) + ->willReturn($provider); $this->mockCreateUpdate( 'Telekom', null, @@ -386,20 +386,20 @@ public function testCommandUpdateSingleScope() { $command = new UpsertProvider($this->providerService, $this->providerMapper, $this->crypto); $commandTester = new CommandTester($command); - $commandTester->execute(array( + $commandTester->execute([ 'identifier' => 'Telekom', '--scope' => 'openid profile', - )); + ]); } public function testCommandUpdateSingleUniqueUid() { $provider = $this->mockProvider('Telekom', '10TVL0SAM30000004901NEXTMAGENTACLOUDTEST', 'clientsecret***', - 'https://accounts.login00.idm.ver.sul.t-online.de/.well-known/openid-configuration', - 'openid email profile', 'bearersecret***'); + 'https://accounts.login00.idm.ver.sul.t-online.de/.well-known/openid-configuration', + 'openid email profile', 'bearersecret***'); $this->providerService->expects($this->once()) - ->method('getProviderByIdentifier') - ->with($this->equalTo('Telekom')) - ->willReturn($provider); + ->method('getProviderByIdentifier') + ->with($this->equalTo('Telekom')) + ->willReturn($provider); $this->mockCreateUpdate( 'Telekom', null, @@ -412,9 +412,9 @@ public function testCommandUpdateSingleUniqueUid() { $command = new UpsertProvider($this->providerService, $this->providerMapper, $this->crypto); $commandTester = new CommandTester($command); - $commandTester->execute(array( + $commandTester->execute([ 'identifier' => 'Telekom', '--unique-uid' => '1', - )); + ]); } }