From 54dfc00a910b4ffe12ec509706c7893444f5539f Mon Sep 17 00:00:00 2001
From: Sagar <sagargurung1001@gmail.com>
Date: Wed, 18 Dec 2024 14:20:26 +0545
Subject: [PATCH] temp test

Signed-off-by: Sagar <sagargurung1001@gmail.com>
---
 lib/Controller/ConfigController.php           |  14 +-
 tests/lib/Controller/ConfigControllerTest.php | 268 ++++++++++++++++++
 2 files changed, 274 insertions(+), 8 deletions(-)

diff --git a/lib/Controller/ConfigController.php b/lib/Controller/ConfigController.php
index 2765eece9..129befd03 100755
--- a/lib/Controller/ConfigController.php
+++ b/lib/Controller/ConfigController.php
@@ -301,9 +301,7 @@ private function setIntegrationConfig(array $values): array {
 		);
 
 		$runningOIDCReset = false;
-		if (array_key_exists('authorization_method', $values) &&
-			$values['authorization_method'] === OpenProjectAPIService::AUTH_METHOD_OAUTH &&
-			!$runningFullReset &&
+		if (
 			array_key_exists('oidc_provider', $values) &&
 			array_key_exists('targeted_audience_client_id', $values)
 		) {
@@ -361,11 +359,11 @@ private function setIntegrationConfig(array $values): array {
 		$this->config->deleteAppValue(Application::APP_ID, 'oPOAuthTokenRevokeStatus');
 		if (
 			// when the OP client information has changed
-			!$runningFullResetWithOIDC && ((array_key_exists('openproject_client_id', $values) && $values['openproject_client_id'] !== $oldClientId) ||
-					(array_key_exists('openproject_client_secret', $values) && $values['openproject_client_secret'] !== $oldClientSecret)) ||
-				// when the OP client information is for reset
-			$runningFullResetWithOAuth2 ||
-			$runningOauth2Reset
+			(!$runningFullResetWithOIDC && ((array_key_exists('openproject_client_id', $values) && $values['openproject_client_id'] !== $oldClientId) ||
+						(array_key_exists('openproject_client_secret', $values) && $values['openproject_client_secret'] !== $oldClientSecret))) ||
+					// when the OP client information is for reset
+				$runningFullResetWithOAuth2 ||
+				$runningOauth2Reset
 		) {
 			$this->userManager->callForAllUsers(function (IUser $user) use (
 				$oldOpenProjectOauthUrl, $oldClientId, $oldClientSecret
diff --git a/tests/lib/Controller/ConfigControllerTest.php b/tests/lib/Controller/ConfigControllerTest.php
index 2acfc196c..77dfbf335 100644
--- a/tests/lib/Controller/ConfigControllerTest.php
+++ b/tests/lib/Controller/ConfigControllerTest.php
@@ -643,6 +643,8 @@ public function testSetAdminConfigForDifferentAdminConfigStatusForOIDC($credsToU
 			->withConsecutive(
 				['integration_openproject', 'openproject_instance_url', ''],
 				['integration_openproject', 'authorization_method', ''],
+				['integration_openproject', 'oidc_provider'],
+				['integration_openproject', 'targeted_audience_client_id'],
 				['integration_openproject', 'nc_oauth_client_id', ''],
 				['integration_openproject', 'oPOAuthTokenRevokeStatus', ''],
 				['integration_openproject', 'authorization_method'],
@@ -653,6 +655,8 @@ public function testSetAdminConfigForDifferentAdminConfigStatusForOIDC($credsToU
 			->willReturnOnConsecutiveCalls(
 				'http://localhost:3000',
 				OpenProjectAPIService::AUTH_METHOD_OAUTH,
+				'',
+				'',
 				'123',
 				'',
 				OpenProjectAPIService::AUTH_METHOD_OIDC,
@@ -1602,4 +1606,268 @@ public function testSignTOSForUserOpenProjectError():void {
 		$data = $result->getData();
 		$this->assertEquals("Database Error!", $data['error']);
 	}
+
+	/**
+	 * @return array<mixed>
+	 */
+	public function setAdminConfigForOIDCAuthSettingProvider() {
+		return [
+			[ // set info if the authorization settings are changed
+				[
+					'authorization_method' => OpenProjectAPIService::AUTH_METHOD_OIDC,
+					'oidc_provider' => 'old-oidc_provider',
+					'targeted_audience_client_id' => 'old-targeted_audience_client_id',
+					'openproject_instance_url' => 'http://old-openproject.com',
+				],
+				[
+					'authorization_method' => OpenProjectAPIService::AUTH_METHOD_OIDC,
+					'oidc_provider' => 'oidc_provider',
+					'targeted_audience_client_id' => 'targeted_audience_client_id',
+					'openproject_instance_url' => 'http://openproject.com',
+				],
+				false,
+				'change'
+			],
+			[ // set info even if only 'targeted_audience_client_id' authorization settings are changed
+				[
+					'authorization_method' => OpenProjectAPIService::AUTH_METHOD_OIDC,
+					'oidc_provider' => 'old-oidc_provider',
+					'targeted_audience_client_id' => 'old-targeted_audience_client_id',
+					'openproject_instance_url' => 'http://old-openproject.com',
+				],
+				[
+					'authorization_method' => OpenProjectAPIService::AUTH_METHOD_OIDC,
+					'oidc_provider' => 'old_oidc_provider',
+					'targeted_audience_client_id' => 'new_targeted_audience_client_id',
+					'openproject_instance_url' => 'http://openproject.com',
+				],
+				false,
+				'change'
+			],
+			[ // setinfo even if only 'oidc_provider' authorization settings are changed
+				[
+					'authorization_method' => OpenProjectAPIService::AUTH_METHOD_OIDC,
+					'oidc_provider' => 'old-oidc_provider',
+					'targeted_audience_client_id' => 'old-targeted_audience_client_id',
+					'openproject_instance_url' => 'http://old-openproject.com',
+				],
+				[
+					'authorization_method' => OpenProjectAPIService::AUTH_METHOD_OIDC,
+					'oidc_provider' => 'new_oidc_provider',
+					'targeted_audience_client_id' => 'old-targeted_audience_client_id',
+					'openproject_instance_url' => 'http://openproject.com',
+				]
+			],
+			[ // set if authorization settings are empty string
+				[
+					'authorization_method' => OpenProjectAPIService::AUTH_METHOD_OIDC,
+					'oidc_provider' => 'old-oidc_provider',
+					'targeted_audience_client_id' => 'old-targeted_audience_client_id',
+					'openproject_instance_url' => 'http://old-openproject.com',
+				],
+				[
+					'authorization_method' => OpenProjectAPIService::AUTH_METHOD_OIDC,
+					'oidc_provider' => '',
+					'targeted_audience_client_id' => '',
+					'openproject_instance_url' => 'http://openproject.com',
+				]
+			],
+			[ // set if authorization settings are null
+				[
+					'authorization_method' => OpenProjectAPIService::AUTH_METHOD_OIDC,
+					'oidc_provider' => 'old-oidc_provider',
+					'targeted_audience_client_id' => 'old-targeted_audience_client_id',
+					'openproject_instance_url' => 'http://old-openproject.com',
+				],
+				[
+					'authorization_method' => OpenProjectAPIService::AUTH_METHOD_OIDC,
+					'oidc_provider' => null,
+					'targeted_audience_client_id' => null,
+					'openproject_instance_url' => 'http://openproject.com',
+				]
+			],
+		];
+	}
+
+	/**
+	 * @group ignoreWithPHP8.0
+	 * @param array<string> $oldCreds
+	 * @param array<string> $credsToUpdate
+	 * @param bool $deleteUserValues
+	 * @param bool|string $updateNCOAuthClient false => don't touch the client, 'change' => update it, 'delete' => remove it
+	 * @return void
+	 * @dataProvider setAdminConfigForOIDCAuthSettingProvider
+	 */
+	public function testSetAdminConfigOIDCAuthSetting(
+		$oldCreds, $credsToUpdate
+	) {
+		$userManager = $this->checkForUsersCountBeforeTest();
+		$configMock = $this->getMockBuilder(IConfig::class)->getMock();
+		$oauthServiceMock = $this->createMock(OauthService::class);
+		$oauthSettingsControllerMock = $this->getMockBuilder(SettingsController::class)
+			->disableOriginalConstructor()
+			->getMock();
+		$configMock
+			->method('getAppValue')
+			->withConsecutive(
+				['integration_openproject', 'openproject_instance_url', ''],
+				['integration_openproject', 'authorization_method', ''],
+				['integration_openproject', 'oidc_provider'],
+				['integration_openproject', 'targeted_audience_client_id'],
+				['integration_openproject', 'nc_oauth_client_id', ''],
+				['integration_openproject', 'oPOAuthTokenRevokeStatus', ''],
+				['integration_openproject', 'authorization_method', ''],
+				['integration_openproject', 'oidc_provider'],
+				['integration_openproject', 'targeted_audience_client_id'],
+				['integration_openproject', 'openproject_instance_url'],
+			)
+			->willReturnOnConsecutiveCalls(
+				$oldCreds['openproject_instance_url'],
+				$oldCreds['authorization_method'],
+				$oldCreds['oidc_provider'],
+				$oldCreds['targeted_audience_client_id'],
+				'123',
+				'',
+				OpenProjectAPIService::AUTH_METHOD_OAUTH,
+				$credsToUpdate['oidc_provider'],
+				$credsToUpdate['targeted_audience_client_id'],
+				$credsToUpdate['openproject_instance_url']
+			);
+
+		$apiService = $this->getMockBuilder(OpenProjectAPIService::class)
+			->disableOriginalConstructor()
+			->getMock();
+		$configController = new ConfigController(
+			'integration_openproject',
+			$this->createMock(IRequest::class),
+			$configMock,
+			$this->createMock(IURLGenerator::class),
+			$userManager,
+			$this->l,
+			$apiService,
+			$this->createMock(LoggerInterface::class),
+			$oauthServiceMock,
+			$oauthSettingsControllerMock,
+			$this->createMock(IGroupManager::class),
+			$this->createMock(ISecureRandom::class),
+			$this->createMock(ISubAdmin::class),
+			'test101'
+		);
+		$configController->setAdminConfig($credsToUpdate);
+	}
+
+
+	/**
+	 * @return array<mixed>
+	 */
+	public function setAdminConfigSwitchFromOauth2ToOIDCAuthDataProvider() {
+		return [
+			[ // when switching from oauth2 to oidc, userdata gets deleted along with the nc client information
+				[
+					'authorization_method' => OpenProjectAPIService::AUTH_METHOD_OAUTH,
+					'openproject_client_id' => 'old-openproject_client_id',
+					'openproject_client_secret' => 'old-openproject_client_secret',
+					'openproject_instance_url' => 'http://old-openproject.com',
+				],
+				[
+					'authorization_method' => OpenProjectAPIService::AUTH_METHOD_OIDC,
+					'openproject_client_id' => '',
+					'openproject_client_secret' => '',
+					'openproject_instance_url' => 'http://openproject.com',
+				]
+			]
+		];
+	}
+
+	/**
+	 * @group ignoreWithPHP8.0
+	 * @param array<string> $oldCreds
+	 * @param array<string> $credsToUpdate
+	 * @return void
+	 * @dataProvider setAdminConfigSwitchFromOauth2ToOIDCAuthDataProvider
+	 */
+	public function testSetAdminConfigSwitchFromOauth2ToOIDCAuth(
+		$oldCreds, $credsToUpdate
+	) {
+		$userManager = $this->checkForUsersCountBeforeTest();
+		$this->user1 = $userManager->createUser('test101', 'test101');
+
+		$configMock = $this->getMockBuilder(IConfig::class)->getMock();
+		$oauthServiceMock = $this->createMock(OauthService::class);
+		$oauthSettingsControllerMock = $this->getMockBuilder(SettingsController::class)
+			->disableOriginalConstructor()
+			->getMock();
+		$configMock
+			->method('getAppValue')
+			->withConsecutive(
+				['integration_openproject', 'openproject_instance_url', ''],
+				['integration_openproject', 'authorization_method', ''],
+				['integration_openproject', 'openproject_client_id'],
+				['integration_openproject', 'openproject_client_secret'],
+				['integration_openproject', 'nc_oauth_client_id', ''],
+				['integration_openproject', 'nc_oauth_client_id', ''],
+				['integration_openproject', 'oPOAuthTokenRevokeStatus', ''],
+				['integration_openproject', 'authorization_method', ''],
+				['integration_openproject', 'openproject_client_id'],
+				['integration_openproject', 'openproject_client_secret'],
+				['integration_openproject', 'openproject_instance_url'],
+			)
+			->willReturnOnConsecutiveCalls(
+				$oldCreds['openproject_instance_url'],
+				$oldCreds['authorization_method'],
+				$oldCreds['openproject_client_id'],
+				$oldCreds['openproject_client_secret'],
+				'123',
+				'123',
+				'',
+				OpenProjectAPIService::AUTH_METHOD_OAUTH,
+				$credsToUpdate['openproject_client_id'],
+				$credsToUpdate['openproject_client_secret'],
+				$credsToUpdate['openproject_instance_url']
+			);
+		$oauthServiceMock
+			->expects($this->once())
+			->method('setClientRedirectUri')
+			->with(123, $credsToUpdate['openproject_instance_url']);
+		$oauthSettingsControllerMock
+			->expects($this->once())
+			->method('deleteClient')
+			->with(123);
+		$configMock
+			->expects($this->exactly(10)) // 5 times for each user
+			->method('deleteUserValue')
+			->withConsecutive(
+				['admin', 'integration_openproject', 'token'],
+				['admin', 'integration_openproject', 'login'],
+				['admin', 'integration_openproject', 'user_id'],
+				['admin', 'integration_openproject', 'user_name'],
+				['admin', 'integration_openproject', 'refresh_token'],
+				[$this->user1->getUID(), 'integration_openproject', 'token'],
+				[$this->user1->getUID(), 'integration_openproject', 'login'],
+				[$this->user1->getUID(), 'integration_openproject', 'user_id'],
+				[$this->user1->getUID(), 'integration_openproject', 'user_name'],
+				[$this->user1->getUID(), 'integration_openproject', 'refresh_token'],
+			);
+
+		$apiService = $this->getMockBuilder(OpenProjectAPIService::class)
+			->disableOriginalConstructor()
+			->getMock();
+		$configController = new ConfigController(
+			'integration_openproject',
+			$this->createMock(IRequest::class),
+			$configMock,
+			$this->createMock(IURLGenerator::class),
+			$userManager,
+			$this->l,
+			$apiService,
+			$this->createMock(LoggerInterface::class),
+			$oauthServiceMock,
+			$oauthSettingsControllerMock,
+			$this->createMock(IGroupManager::class),
+			$this->createMock(ISecureRandom::class),
+			$this->createMock(ISubAdmin::class),
+			'test101'
+		);
+		$configController->setAdminConfig($credsToUpdate);
+	}
 }