|
1
|
|
|
<?php declare(strict_types=1); |
|
2
|
|
|
/** |
|
3
|
|
|
* This file is part of the daikon-cqrs/security-interop project. |
|
4
|
|
|
* |
|
5
|
|
|
* For the full copyright and license information, please view the LICENSE |
|
6
|
|
|
* file that was distributed with this source code. |
|
7
|
|
|
*/ |
|
8
|
|
|
|
|
9
|
|
|
namespace Daikon\Tests\Security\Middleware; |
|
10
|
|
|
|
|
11
|
|
|
use Daikon\Config\ConfigProviderInterface; |
|
12
|
|
|
use Daikon\Security\Middleware\JwtDecoder; |
|
13
|
|
|
use Firebase\JWT\JWT; |
|
14
|
|
|
use PHPUnit\Framework\TestCase; |
|
15
|
|
|
use Psr\Http\Message\ServerRequestInterface; |
|
16
|
|
|
use Psr\Http\Server\RequestHandlerInterface; |
|
17
|
|
|
|
|
18
|
|
|
final class JwtDecoderTest extends TestCase |
|
19
|
|
|
{ |
|
20
|
1 |
|
public function testEmptyAuth(): void |
|
21
|
|
|
{ |
|
22
|
1 |
|
$config = $this->createMock(ConfigProviderInterface::class); |
|
23
|
1 |
|
$config->expects($this->once())->method('get')->with('project.authentication')->willReturn([]); |
|
24
|
1 |
|
$request = $this->createMock(ServerRequestInterface::class); |
|
25
|
1 |
|
$request->expects($this->once())->method('getCookieParams')->willReturn(null); |
|
26
|
1 |
|
$request->expects($this->exactly(2))->method('getHeaderLine')->willReturn(''); |
|
27
|
1 |
|
$request->expects($this->exactly(2))->method('withAttribute')->willReturnSelf(); |
|
28
|
1 |
|
$handler = $this->createMock(RequestHandlerInterface::class); |
|
29
|
|
|
/** |
|
30
|
|
|
* @var ConfigProviderInterface $config |
|
31
|
|
|
* @var ServerRequestInterface $request |
|
32
|
|
|
* @var RequestHandlerInterface $handler |
|
33
|
|
|
*/ |
|
34
|
1 |
|
$decoder = new JwtDecoder($config); |
|
35
|
1 |
|
$decoder->process($request, $handler); |
|
36
|
1 |
|
} |
|
37
|
|
|
|
|
38
|
1 |
|
public function testHeaderAuthWithInvalidJwt(): void |
|
39
|
|
|
{ |
|
40
|
1 |
|
$config = $this->createMock(ConfigProviderInterface::class); |
|
41
|
1 |
|
$config->expects($this->exactly(2)) |
|
42
|
1 |
|
->method('get') |
|
43
|
1 |
|
->withConsecutive(['project.authentication'], ['project.authentication.cookies.jwt.secret']) |
|
44
|
1 |
|
->willReturnOnConsecutiveCalls([], 'key'); |
|
45
|
1 |
|
$request = $this->createMock(ServerRequestInterface::class); |
|
46
|
1 |
|
$request->expects($this->once())->method('getCookieParams')->willReturn(null); |
|
47
|
1 |
|
$request->expects($this->exactly(2)) |
|
48
|
1 |
|
->method('getHeaderLine') |
|
49
|
1 |
|
->withConsecutive(['Authorization'], ['X-XSRF-TOKEN']) |
|
50
|
1 |
|
->willReturnOnConsecutiveCalls('Bearer xyz', 'xsrf'); |
|
51
|
1 |
|
$request->expects($this->exactly(2)) |
|
52
|
1 |
|
->method('withAttribute') |
|
53
|
1 |
|
->withConsecutive(['__Host-_jwt', null], ['__Host-_xsrf', 'xsrf']) |
|
54
|
1 |
|
->willReturnSelf(); |
|
55
|
1 |
|
$handler = $this->createMock(RequestHandlerInterface::class); |
|
56
|
|
|
/** |
|
57
|
|
|
* @var ConfigProviderInterface $config |
|
58
|
|
|
* @var ServerRequestInterface $request |
|
59
|
|
|
* @var RequestHandlerInterface $handler |
|
60
|
|
|
*/ |
|
61
|
1 |
|
$decoder = new JwtDecoder($config); |
|
62
|
1 |
|
$decoder->process($request, $handler); |
|
63
|
1 |
|
} |
|
64
|
|
|
|
|
65
|
1 |
|
public function testHeaderAuthWithValidJwt(): void |
|
66
|
|
|
{ |
|
67
|
1 |
|
$jwt = JWT::encode(['iss' => 'test', 'xsrf' => 'xsrf'], 'key'); |
|
68
|
1 |
|
$decodedJwt = JWT::decode($jwt, 'key', ['HS256']); |
|
69
|
1 |
|
$config = $this->createMock(ConfigProviderInterface::class); |
|
70
|
1 |
|
$config->expects($this->exactly(2)) |
|
71
|
1 |
|
->method('get') |
|
72
|
1 |
|
->withConsecutive(['project.authentication'], ['project.authentication.cookies.jwt.secret']) |
|
73
|
1 |
|
->willReturnOnConsecutiveCalls([], 'key'); |
|
74
|
1 |
|
$request = $this->createMock(ServerRequestInterface::class); |
|
75
|
1 |
|
$request->expects($this->once())->method('getCookieParams')->willReturn(null); |
|
76
|
1 |
|
$request->expects($this->exactly(2)) |
|
77
|
1 |
|
->method('getHeaderLine') |
|
78
|
1 |
|
->withConsecutive(['Authorization'], ['X-XSRF-TOKEN']) |
|
79
|
1 |
|
->willReturnOnConsecutiveCalls("Bearer $jwt", 'xsrf'); |
|
80
|
1 |
|
$request->expects($this->exactly(2)) |
|
81
|
1 |
|
->method('withAttribute') |
|
82
|
1 |
|
->withConsecutive(['__Host-_jwt', $decodedJwt], ['__Host-_xsrf', 'xsrf']) |
|
83
|
1 |
|
->willReturnSelf(); |
|
84
|
1 |
|
$handler = $this->createMock(RequestHandlerInterface::class); |
|
85
|
|
|
/** |
|
86
|
|
|
* @var ConfigProviderInterface $config |
|
87
|
|
|
* @var ServerRequestInterface $request |
|
88
|
|
|
* @var RequestHandlerInterface $handler |
|
89
|
|
|
*/ |
|
90
|
1 |
|
$decoder = new JwtDecoder($config); |
|
91
|
1 |
|
$decoder->process($request, $handler); |
|
92
|
1 |
|
} |
|
93
|
|
|
} |
|
94
|
|
|
|
daikon-cqrs /
security-interop
