Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php declare(strict_types=1); /** * Passbolt ~ Open source password manager for teams ..

Decoded Output download

<?php
declare(strict_types=1);

/**
 * Passbolt ~ Open source password manager for teams
 * Copyright (c) Passbolt SA (https://www.passbolt.com)
 *
 * Licensed under GNU Affero General Public License version 3 of the or any later version.
 * For full copyright and license information, please see the LICENSE.txt
 * Redistributions of files must retain the above copyright notice.
 *
 * @copyright     Copyright (c) Passbolt SA (https://www.passbolt.com)
 * @license       https://opensource.org/licenses/AGPL-3.0 AGPL License
 * @link          https://www.passbolt.com Passbolt(tm)
 * @since         2.0.0
 */
namespace App\Test\TestCase\Controller\Setup;

use App\Model\Entity\AuthenticationToken;
use App\Test\Factory\AuthenticationTokenFactory;
use App\Test\Factory\UserFactory;
use App\Test\Lib\AppIntegrationTestCase;
use App\Utility\UuidFactory;
use Cake\Utility\Hash;

/**
 * @covers \App\Controller\Setup\RecoverStartController
 */
class RecoverStartControllerTest extends AppIntegrationTestCase
{
    public function testRecoverStartController_Success(): void
    {
        $userId = UserFactory::make()->active()->persist()->id;
        $t = AuthenticationTokenFactory::make()
            ->active()
            ->type(AuthenticationToken::TYPE_RECOVER)
            ->userId($userId)
            ->persist();
        $url = "/setup/recover/start/{$userId}/{$t->token}.json";
        $this->getJson($url);
        $this->assertResponseOk();
        $this->assertNotNull($this->_responseJsonBody->user);
        $this->assertUserAttributes($this->_responseJsonBody->user);
        $this->assertNotNull($this->_responseJsonBody->user->locale);
        $this->assertNotNull($this->_responseJsonBody->user->profile);
        $this->assertNotNull($this->_responseJsonBody->user->role);
    }

    public function testRecoverStartController_Error_NotGuest(): void
    {
        $user = UserFactory::make()->user()->persist();
        $this->logInAs($user);

        $userId = $user->id;

        $t = AuthenticationTokenFactory::make()
            ->active()
            ->type(AuthenticationToken::TYPE_RECOVER)
            ->userId($userId)
            ->persist();

        $url = "/setup/recover/start/{$userId}/{$t->token}.json";
        $this->getJson($url);
        $this->assertResponseCode(403);
    }

    public function testRecoverStartController_Error_MissingUrlParameters(): void
    {
        $fails = [
            'no parameter given' => '/setup/recover/nope.json',
            // Add when legacy urls removed (/setup/recover/nope/nope get called instead of 404)
            //'only one parameter given' => '/setup/recover/start/' . UuidFactory::uuid(),
            'no parameter given on legacy url' => '/setup/recover.json',
            'only one parameter given on legacy url' => '/setup/recover/' . UuidFactory::uuid() . '.json',
        ];
        foreach ($fails as $case => $url) {
            $this->get($url);
            $this->assertResponseCode(404, 'Setup start should fail with 404 on case: ' . $case);
            $this->_response = null; // Free the memory usage.
        }
    }

    public function testRecoverStartController_Error_InvalidParameters(): void
    {
        $fails = [
            'user not a uuid' => '/setup/recover/start/nope/nope.json',
            'user not a uuid with legacy url' => '/setup/recover/nope/nope.json',
            'token not a uuid' => '/setup/recover/start/' . UuidFactory::uuid('user.id.ruth') . '/nope.json',
            'token not a uuid with legacy url' => '/setup/recover/' . UuidFactory::uuid('user.id.ruth') . '/nope.json',
            'both not a uuid' => '/setup/recover/nope/nope.json',
        ];
        foreach ($fails as $case => $url) {
            $this->getJson($url);
            $this->assertResponseCode(400, 'Setup start should fail with 400 on case: ' . $case);
            $this->_response = null; // Free the memory usage.
        }
    }

    public function testRecoverStartController_Error_UserInactive(): void
    {
        $userId = UserFactory::make()->inactive()->persist()->id;
        $token = UuidFactory::uuid();
        $url = "/setup/recover/start/{$userId}/{$token}.json";
        $this->getJson($url);
        $this->assertResponseCode(400);
        $this->assertResponseContains('The user does not exist or is not active or is disabled.');
    }

    public function testRecoverStartController_Error_UserNotExist(): void
    {
        $userId = UuidFactory::uuid();
        $token = UuidFactory::uuid();
        $url = "/setup/recover/start/{$userId}/{$token}.json";
        $this->getJson($url);
        $this->assertResponseCode(400);
        $this->assertResponseContains('The user does not exist or is not active or is disabled.');
    }

    public function testRecoverStartController_Error_UserDeleted(): void
    {
        $userId = UserFactory::make()->deleted()->persist()->id;
        $token = UuidFactory::uuid();
        $url = "/setup/recover/start/{$userId}/{$token}.json";
        $this->getJson($url);
        $this->assertResponseCode(400);
        $this->assertResponseContains('The user does not exist or is not active or is disabled.');
    }

    public function testRecoverStartController_Error_UserDisabled(): void
    {
        $userId = UserFactory::make()->active()->disabled()->persist()->id;
        $token = UuidFactory::uuid();
        $url = "/setup/recover/start/{$userId}/{$token}.json";
        $this->getJson($url);
        $this->assertResponseCode(400);
        $this->assertResponseContains('The user does not exist or is not active or is disabled.');
    }

    public function testRecoverStartController_Error_TokenDoesntExist(): void
    {
        $userId = UserFactory::make()->active()->persist()->id;
        $token = UuidFactory::uuid();
        $url = "/setup/recover/start/{$userId}/{$token}.json";
        $this->getJson($url);
        $this->assertResponseCode(400);
        $this->assertResponseContains('The authentication token is not valid.');
    }

    public function testRecoverStartController_Error_WrongTokenType(): void
    {
        $userId = UserFactory::make()->active()->persist()->id;
        $t = AuthenticationTokenFactory::make()
            ->active()
            ->type('Foo')
            ->userId($userId)
            ->persist();
        $url = "/setup/recover/start/{$userId}/{$t->token}.json";
        $this->getJson($url);
        $this->assertResponseCode(400);
        $this->assertResponseContains('The authentication token is not valid.');
    }

    public function testRecoverStartController_Error_TokenAlreadyConsumed(): void
    {
        $userId = UserFactory::make()->active()->persist()->id;
        $t = AuthenticationTokenFactory::make()
            ->inactive()
            ->type(AuthenticationToken::TYPE_RECOVER)
            ->userId($userId)
            ->persist();
        $url = "/setup/recover/start/{$userId}/{$t->token}.json";
        $this->getJson($url);
        $this->assertResponseCode(400);
        $this->assertResponseContains('The authentication token is not valid.');
    }

    public function testRecoverStartController_Error_TokenExpired(): void
    {
        $userId = UserFactory::make()->active()->persist()->id;
        $t = AuthenticationTokenFactory::make()
            ->active()
            ->expired()
            ->type(AuthenticationToken::TYPE_RECOVER)
            ->userId($userId)
            ->persist();
        $url = "/setup/recover/start/{$userId}/{$t->token}.json";
        $this->getJson($url);
        $this->assertResponseCode(400);
        $arr = $this->getResponseBodyAsArray();
        $error = Hash::get($arr, 'token');
        $this->assertNotNull($error, 'The test should return an error for the given field.');
        $this->assertEquals('The token is expired.', $error['expired']);
    }

    public function testRecoverStartController_HTML_Success(): void
    {
        $userId = UserFactory::make()->active()->persist()->id;
        $t = AuthenticationTokenFactory::make()
            ->active()
            ->type(AuthenticationToken::TYPE_RECOVER)
            ->userId($userId)
            ->persist();
        $url = "/setup/recover/start/{$userId}/{$t->token}";
        $this->get($url);
        $this->assertResponseOk();
    }

    public function testRecoverStartController_HTML_Error_MissingUrlParameters(): void
    {
        $fails = [
            'no parameter given' => '/setup/recover/nope',
            // Add when legacy urls removed (/setup/recover/nope/nope get called instead of 404)
            //'only one parameter given' => '/setup/recover/start/' . UuidFactory::uuid(),
            'no parameter given on legacy url' => '/setup/recover',
            'only one parameter given on legacy url' => '/setup/recover/' . UuidFactory::uuid(),
        ];
        foreach ($fails as $case => $url) {
            $this->get($url);
            $this->assertResponseCode(404, 'Setup start should fail with 404 on case: ' . $case);
            $this->_response = null; // Free the memory usage.
        }
    }
}
 ?>

Did this file decode correctly?

Original Code

<?php
declare(strict_types=1);

/**
 * Passbolt ~ Open source password manager for teams
 * Copyright (c) Passbolt SA (https://www.passbolt.com)
 *
 * Licensed under GNU Affero General Public License version 3 of the or any later version.
 * For full copyright and license information, please see the LICENSE.txt
 * Redistributions of files must retain the above copyright notice.
 *
 * @copyright     Copyright (c) Passbolt SA (https://www.passbolt.com)
 * @license       https://opensource.org/licenses/AGPL-3.0 AGPL License
 * @link          https://www.passbolt.com Passbolt(tm)
 * @since         2.0.0
 */
namespace App\Test\TestCase\Controller\Setup;

use App\Model\Entity\AuthenticationToken;
use App\Test\Factory\AuthenticationTokenFactory;
use App\Test\Factory\UserFactory;
use App\Test\Lib\AppIntegrationTestCase;
use App\Utility\UuidFactory;
use Cake\Utility\Hash;

/**
 * @covers \App\Controller\Setup\RecoverStartController
 */
class RecoverStartControllerTest extends AppIntegrationTestCase
{
    public function testRecoverStartController_Success(): void
    {
        $userId = UserFactory::make()->active()->persist()->id;
        $t = AuthenticationTokenFactory::make()
            ->active()
            ->type(AuthenticationToken::TYPE_RECOVER)
            ->userId($userId)
            ->persist();
        $url = "/setup/recover/start/{$userId}/{$t->token}.json";
        $this->getJson($url);
        $this->assertResponseOk();
        $this->assertNotNull($this->_responseJsonBody->user);
        $this->assertUserAttributes($this->_responseJsonBody->user);
        $this->assertNotNull($this->_responseJsonBody->user->locale);
        $this->assertNotNull($this->_responseJsonBody->user->profile);
        $this->assertNotNull($this->_responseJsonBody->user->role);
    }

    public function testRecoverStartController_Error_NotGuest(): void
    {
        $user = UserFactory::make()->user()->persist();
        $this->logInAs($user);

        $userId = $user->id;

        $t = AuthenticationTokenFactory::make()
            ->active()
            ->type(AuthenticationToken::TYPE_RECOVER)
            ->userId($userId)
            ->persist();

        $url = "/setup/recover/start/{$userId}/{$t->token}.json";
        $this->getJson($url);
        $this->assertResponseCode(403);
    }

    public function testRecoverStartController_Error_MissingUrlParameters(): void
    {
        $fails = [
            'no parameter given' => '/setup/recover/nope.json',
            // Add when legacy urls removed (/setup/recover/nope/nope get called instead of 404)
            //'only one parameter given' => '/setup/recover/start/' . UuidFactory::uuid(),
            'no parameter given on legacy url' => '/setup/recover.json',
            'only one parameter given on legacy url' => '/setup/recover/' . UuidFactory::uuid() . '.json',
        ];
        foreach ($fails as $case => $url) {
            $this->get($url);
            $this->assertResponseCode(404, 'Setup start should fail with 404 on case: ' . $case);
            $this->_response = null; // Free the memory usage.
        }
    }

    public function testRecoverStartController_Error_InvalidParameters(): void
    {
        $fails = [
            'user not a uuid' => '/setup/recover/start/nope/nope.json',
            'user not a uuid with legacy url' => '/setup/recover/nope/nope.json',
            'token not a uuid' => '/setup/recover/start/' . UuidFactory::uuid('user.id.ruth') . '/nope.json',
            'token not a uuid with legacy url' => '/setup/recover/' . UuidFactory::uuid('user.id.ruth') . '/nope.json',
            'both not a uuid' => '/setup/recover/nope/nope.json',
        ];
        foreach ($fails as $case => $url) {
            $this->getJson($url);
            $this->assertResponseCode(400, 'Setup start should fail with 400 on case: ' . $case);
            $this->_response = null; // Free the memory usage.
        }
    }

    public function testRecoverStartController_Error_UserInactive(): void
    {
        $userId = UserFactory::make()->inactive()->persist()->id;
        $token = UuidFactory::uuid();
        $url = "/setup/recover/start/{$userId}/{$token}.json";
        $this->getJson($url);
        $this->assertResponseCode(400);
        $this->assertResponseContains('The user does not exist or is not active or is disabled.');
    }

    public function testRecoverStartController_Error_UserNotExist(): void
    {
        $userId = UuidFactory::uuid();
        $token = UuidFactory::uuid();
        $url = "/setup/recover/start/{$userId}/{$token}.json";
        $this->getJson($url);
        $this->assertResponseCode(400);
        $this->assertResponseContains('The user does not exist or is not active or is disabled.');
    }

    public function testRecoverStartController_Error_UserDeleted(): void
    {
        $userId = UserFactory::make()->deleted()->persist()->id;
        $token = UuidFactory::uuid();
        $url = "/setup/recover/start/{$userId}/{$token}.json";
        $this->getJson($url);
        $this->assertResponseCode(400);
        $this->assertResponseContains('The user does not exist or is not active or is disabled.');
    }

    public function testRecoverStartController_Error_UserDisabled(): void
    {
        $userId = UserFactory::make()->active()->disabled()->persist()->id;
        $token = UuidFactory::uuid();
        $url = "/setup/recover/start/{$userId}/{$token}.json";
        $this->getJson($url);
        $this->assertResponseCode(400);
        $this->assertResponseContains('The user does not exist or is not active or is disabled.');
    }

    public function testRecoverStartController_Error_TokenDoesntExist(): void
    {
        $userId = UserFactory::make()->active()->persist()->id;
        $token = UuidFactory::uuid();
        $url = "/setup/recover/start/{$userId}/{$token}.json";
        $this->getJson($url);
        $this->assertResponseCode(400);
        $this->assertResponseContains('The authentication token is not valid.');
    }

    public function testRecoverStartController_Error_WrongTokenType(): void
    {
        $userId = UserFactory::make()->active()->persist()->id;
        $t = AuthenticationTokenFactory::make()
            ->active()
            ->type('Foo')
            ->userId($userId)
            ->persist();
        $url = "/setup/recover/start/{$userId}/{$t->token}.json";
        $this->getJson($url);
        $this->assertResponseCode(400);
        $this->assertResponseContains('The authentication token is not valid.');
    }

    public function testRecoverStartController_Error_TokenAlreadyConsumed(): void
    {
        $userId = UserFactory::make()->active()->persist()->id;
        $t = AuthenticationTokenFactory::make()
            ->inactive()
            ->type(AuthenticationToken::TYPE_RECOVER)
            ->userId($userId)
            ->persist();
        $url = "/setup/recover/start/{$userId}/{$t->token}.json";
        $this->getJson($url);
        $this->assertResponseCode(400);
        $this->assertResponseContains('The authentication token is not valid.');
    }

    public function testRecoverStartController_Error_TokenExpired(): void
    {
        $userId = UserFactory::make()->active()->persist()->id;
        $t = AuthenticationTokenFactory::make()
            ->active()
            ->expired()
            ->type(AuthenticationToken::TYPE_RECOVER)
            ->userId($userId)
            ->persist();
        $url = "/setup/recover/start/{$userId}/{$t->token}.json";
        $this->getJson($url);
        $this->assertResponseCode(400);
        $arr = $this->getResponseBodyAsArray();
        $error = Hash::get($arr, 'token');
        $this->assertNotNull($error, 'The test should return an error for the given field.');
        $this->assertEquals('The token is expired.', $error['expired']);
    }

    public function testRecoverStartController_HTML_Success(): void
    {
        $userId = UserFactory::make()->active()->persist()->id;
        $t = AuthenticationTokenFactory::make()
            ->active()
            ->type(AuthenticationToken::TYPE_RECOVER)
            ->userId($userId)
            ->persist();
        $url = "/setup/recover/start/{$userId}/{$t->token}";
        $this->get($url);
        $this->assertResponseOk();
    }

    public function testRecoverStartController_HTML_Error_MissingUrlParameters(): void
    {
        $fails = [
            'no parameter given' => '/setup/recover/nope',
            // Add when legacy urls removed (/setup/recover/nope/nope get called instead of 404)
            //'only one parameter given' => '/setup/recover/start/' . UuidFactory::uuid(),
            'no parameter given on legacy url' => '/setup/recover',
            'only one parameter given on legacy url' => '/setup/recover/' . UuidFactory::uuid(),
        ];
        foreach ($fails as $case => $url) {
            $this->get($url);
            $this->assertResponseCode(404, 'Setup start should fail with 404 on case: ' . $case);
            $this->_response = null; // Free the memory usage.
        }
    }
}

Function Calls

None

Variables

None

Stats

MD5 fff76d8225333ac17136c58ed0015f3d
Eval Count 0
Decode Time 103 ms