mirror of
https://gitlab.linphone.org/BC/public/flexisip-account-manager.git
synced 2026-01-17 10:08:05 +00:00
123 lines
4.2 KiB
PHP
123 lines
4.2 KiB
PHP
<?php
|
|
/*
|
|
Flexisip Account Manager is a set of tools to manage SIP accounts.
|
|
Copyright (C) 2021 Belledonne Communications SARL, All rights reserved.
|
|
|
|
This program is free software: you can redistribute it and/or modify
|
|
it under the terms of the GNU Affero General Public License as
|
|
published by the Free Software Foundation, either version 3 of the
|
|
License, or (at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU Affero General Public License for more details.
|
|
|
|
You should have received a copy of the GNU Affero General Public License
|
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
namespace Tests\Feature;
|
|
|
|
use App\Password;
|
|
use DateTimeImmutable;
|
|
use Lcobucci\Clock\FrozenClock;
|
|
use Lcobucci\JWT\Builder;
|
|
use Lcobucci\JWT\JwtFacade;
|
|
use Lcobucci\JWT\Signer\Key\InMemory;
|
|
use Lcobucci\JWT\Signer\Rsa\Sha256;
|
|
|
|
class AccountAlstomTest extends AccountJWTAuthenticationTest
|
|
{
|
|
|
|
public function setUp(): void
|
|
{
|
|
parent::setUp();
|
|
}
|
|
|
|
public function testAlstomProvisioning()
|
|
{
|
|
# JWT is disabled if Sodium is not loaded
|
|
if (!extension_loaded('sodium'))
|
|
return;
|
|
|
|
$password = Password::factory()->create();
|
|
|
|
//$domain = 'sip_provisioning.example.com';
|
|
$bearer = 'authz_server="https://sso.test/", realm="sip.test.org"';
|
|
|
|
//\App\Space::where('domain', $password->account->domain)->update(['host' => $domain]);
|
|
//config()->set('app.sip_domain', $domain);
|
|
config()->set('services.jwt.rsa_public_key_pem', $this->serverPublicKeyPem);
|
|
|
|
$this->get($this->route)->assertStatus(400);
|
|
|
|
// Accounts to provision
|
|
$passwordAccount1 = Password::factory()->create();
|
|
$passwordAccount2 = Password::factory()->create();
|
|
|
|
$clock = new FrozenClock(new DateTimeImmutable());
|
|
|
|
config()->set('services.jwt.sip_identifier', 'sip_identity');
|
|
|
|
$token = (new JwtFacade(null, $clock))->issue(
|
|
new Sha256(),
|
|
InMemory::plainText($this->serverPrivateKeyPem),
|
|
static fn(
|
|
Builder $builder,
|
|
DateTimeImmutable $issuedAt
|
|
): Builder => $builder
|
|
->withClaim(
|
|
'sip_identity',
|
|
'sip:' . $password->account->username . '@' . $password->account->domain
|
|
)
|
|
->withClaim(
|
|
'matching_accounts',
|
|
[
|
|
'sip:' . $passwordAccount1->account->identifier,
|
|
'sip:' . $passwordAccount2->account->identifier
|
|
]
|
|
)
|
|
);
|
|
|
|
$this->withHeaders([
|
|
'Authorization' => 'Bearer ' . $token->toString(),
|
|
'x-linphone-provisioning' => true,
|
|
])
|
|
->get($this->accountRoute)
|
|
->assertStatus(200)
|
|
->assertSee($passwordAccount1->account->username)
|
|
->assertSee($passwordAccount1->account->passwords()->first()->ha1);
|
|
|
|
// Non existing accounts
|
|
|
|
$token = (new JwtFacade(null, $clock))->issue(
|
|
new Sha256(),
|
|
InMemory::plainText($this->serverPrivateKeyPem),
|
|
static fn(
|
|
Builder $builder,
|
|
DateTimeImmutable $issuedAt
|
|
): Builder => $builder
|
|
->withClaim(
|
|
'sip_identity',
|
|
'sip:' . $password->account->username . '@' . $password->account->domain
|
|
)
|
|
->withClaim(
|
|
'matching_accounts',
|
|
[
|
|
'sip:' . $passwordAccount1->account->identifier,
|
|
'sip:' . $passwordAccount2->account->identifier,
|
|
'sip:other@account.com'
|
|
]
|
|
)
|
|
);
|
|
|
|
$this->withHeaders([
|
|
'Authorization' => 'Bearer ' . $token->toString(),
|
|
'x-linphone-provisioning' => true,
|
|
])
|
|
->get($this->accountRoute)
|
|
->assertStatus(400)
|
|
->dump();
|
|
}
|
|
}
|