|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
namespace Emarref\Jwt\Verification; |
|
4
|
|
|
|
|
5
|
|
|
use Emarref\Jwt\HeaderParameter; |
|
6
|
|
|
|
|
7
|
|
|
class EncryptionVerifierTest extends \PHPUnit_Framework_TestCase |
|
8
|
|
|
{ |
|
9
|
|
|
/** |
|
10
|
|
|
* @var \PHPUnit_Framework_MockObject_MockObject |
|
11
|
|
|
*/ |
|
12
|
|
|
private $header; |
|
13
|
|
|
|
|
14
|
|
|
/** |
|
15
|
|
|
* @var \PHPUnit_Framework_MockObject_MockObject |
|
16
|
|
|
*/ |
|
17
|
|
|
private $token; |
|
18
|
|
|
|
|
19
|
|
|
/** |
|
20
|
|
|
* @var \PHPUnit_Framework_MockObject_MockObject |
|
21
|
|
|
*/ |
|
22
|
|
|
private $algorithm; |
|
23
|
|
|
|
|
24
|
|
|
/** |
|
25
|
|
|
* @var \PHPUnit_Framework_MockObject_MockObject |
|
26
|
|
|
*/ |
|
27
|
|
|
private $encryption; |
|
28
|
|
|
|
|
29
|
|
|
/** |
|
30
|
|
|
* @var \PHPUnit_Framework_MockObject_MockObject |
|
31
|
|
|
*/ |
|
32
|
|
|
private $encoder; |
|
33
|
|
|
|
|
34
|
|
|
/** |
|
35
|
|
|
* @var \PHPUnit_Framework_MockObject_MockObject |
|
36
|
|
|
*/ |
|
37
|
|
|
private $signer; |
|
38
|
|
|
|
|
39
|
|
|
public function setUp() |
|
40
|
|
|
{ |
|
41
|
|
|
$this->header = $this->getMockBuilder('Emarref\Jwt\Token\Header')->getMock(); |
|
42
|
|
|
|
|
43
|
|
|
$this->token = $this->getMockBuilder('Emarref\Jwt\Token')->getMock(); |
|
44
|
|
|
|
|
45
|
|
|
$this->token->expects($this->any()) |
|
46
|
|
|
->method('getHeader') |
|
47
|
|
|
->will($this->returnValue($this->header)); |
|
48
|
|
|
|
|
49
|
|
|
$this->algorithm = $this->getMockBuilder('Emarref\Jwt\Algorithm\None')->getMock(); |
|
50
|
|
|
|
|
51
|
|
|
$this->encryption = $this->getMockBuilder('Emarref\Jwt\Encryption\Symmetric') |
|
52
|
|
|
->setConstructorArgs([$this->algorithm]) |
|
53
|
|
|
->getMock(); |
|
54
|
|
|
|
|
55
|
|
|
$this->encoder = $this->getMockBuilder('Emarref\Jwt\Encoding\Base64')->getMock(); |
|
56
|
|
|
|
|
57
|
|
|
$this->signer = $this->getMockBuilder('Emarref\Jwt\Signature\Jws') |
|
58
|
|
|
->disableOriginalConstructor() |
|
59
|
|
|
->getMock(); |
|
60
|
|
|
} |
|
61
|
|
|
|
|
62
|
|
|
/** |
|
63
|
|
|
* @expectedException \RuntimeException |
|
64
|
|
|
* @expectedExceptionMessage Algorithm parameter not found in token header. |
|
65
|
|
|
*/ |
|
66
|
|
|
public function testMissingAlgorithm() |
|
67
|
|
|
{ |
|
68
|
|
|
$this->header->expects($this->once()) |
|
69
|
|
|
->method('findParameterByName') |
|
70
|
|
|
->with(HeaderParameter\Algorithm::NAME) |
|
71
|
|
|
->will($this->returnValue(null)); |
|
72
|
|
|
|
|
73
|
|
|
$verifier = new EncryptionVerifier($this->encryption, $this->encoder); |
|
74
|
|
|
$verifier->verify($this->token); |
|
75
|
|
|
} |
|
76
|
|
|
|
|
77
|
|
|
/** |
|
78
|
|
|
* @expectedException \RuntimeException |
|
79
|
|
|
* @expectedExceptionMessage Cannot use "bar" algorithm to decrypt token encrypted with algorithm "foo". |
|
80
|
|
|
*/ |
|
81
|
|
|
public function testAlgorithmMismatch() |
|
82
|
|
|
{ |
|
83
|
|
|
$algorithmParameter = $this->getMockBuilder('Emarref\Jwt\HeaderParameter\Algorithm')->getMock(); |
|
84
|
|
|
|
|
85
|
|
|
$algorithmParameter->expects($this->exactly(2)) |
|
86
|
|
|
->method('getValue') |
|
87
|
|
|
->will($this->returnValue('foo')); |
|
88
|
|
|
|
|
89
|
|
|
$this->header->expects($this->once()) |
|
90
|
|
|
->method('findParameterByName') |
|
91
|
|
|
->with(HeaderParameter\Algorithm::NAME) |
|
92
|
|
|
->will($this->returnValue($algorithmParameter)); |
|
93
|
|
|
|
|
94
|
|
|
$this->encryption->expects($this->exactly(2)) |
|
95
|
|
|
->method('getAlgorithmName') |
|
96
|
|
|
->will($this->returnValue('bar')); |
|
97
|
|
|
|
|
98
|
|
|
$verifier = new EncryptionVerifier($this->encryption, $this->encoder); |
|
99
|
|
|
$verifier->verify($this->token); |
|
100
|
|
|
} |
|
101
|
|
|
|
|
102
|
|
|
/** |
|
103
|
|
|
* @expectedException Emarref\Jwt\Exception\VerificationException |
|
104
|
|
|
* @expectedExceptionMessage Signature is invalid. |
|
105
|
|
|
*/ |
|
106
|
|
View Code Duplication |
public function testInvalidSignature() |
|
|
|
|
|
|
107
|
|
|
{ |
|
108
|
|
|
$algorithmParameter = $this->getMockBuilder('Emarref\Jwt\HeaderParameter\Algorithm')->getMock(); |
|
109
|
|
|
|
|
110
|
|
|
$algorithmParameter->expects($this->once()) |
|
111
|
|
|
->method('getValue') |
|
112
|
|
|
->will($this->returnValue('foo')); |
|
113
|
|
|
|
|
114
|
|
|
$this->header->expects($this->once()) |
|
115
|
|
|
->method('findParameterByName') |
|
116
|
|
|
->with(HeaderParameter\Algorithm::NAME) |
|
117
|
|
|
->will($this->returnValue($algorithmParameter)); |
|
118
|
|
|
|
|
119
|
|
|
$this->encryption->expects($this->once()) |
|
120
|
|
|
->method('getAlgorithmName') |
|
121
|
|
|
->will($this->returnValue('foo')); |
|
122
|
|
|
|
|
123
|
|
|
$this->encryption->expects($this->once()) |
|
124
|
|
|
->method('verify') |
|
125
|
|
|
->will($this->returnValue(false)); |
|
126
|
|
|
|
|
127
|
|
|
$this->signer->expects($this->once()) |
|
128
|
|
|
->method('getUnsignedValue') |
|
129
|
|
|
->will($this->returnValue('foo')); |
|
130
|
|
|
|
|
131
|
|
|
$this->token->expects($this->once()) |
|
132
|
|
|
->method('getSignature') |
|
133
|
|
|
->will($this->returnValue('bar')); |
|
134
|
|
|
|
|
135
|
|
|
$verifier = new EncryptionVerifierStub($this->encryption, $this->encoder, $this->signer); |
|
136
|
|
|
$verifier->verify($this->token); |
|
137
|
|
|
} |
|
138
|
|
|
|
|
139
|
|
View Code Duplication |
public function testValidSignature() |
|
|
|
|
|
|
140
|
|
|
{ |
|
141
|
|
|
$algorithmParameter = $this->getMockBuilder('Emarref\Jwt\HeaderParameter\Algorithm')->getMock(); |
|
142
|
|
|
|
|
143
|
|
|
$algorithmParameter->expects($this->once()) |
|
144
|
|
|
->method('getValue') |
|
145
|
|
|
->will($this->returnValue('foo')); |
|
146
|
|
|
|
|
147
|
|
|
$this->header->expects($this->once()) |
|
148
|
|
|
->method('findParameterByName') |
|
149
|
|
|
->with(HeaderParameter\Algorithm::NAME) |
|
150
|
|
|
->will($this->returnValue($algorithmParameter)); |
|
151
|
|
|
|
|
152
|
|
|
$this->encryption->expects($this->once()) |
|
153
|
|
|
->method('getAlgorithmName') |
|
154
|
|
|
->will($this->returnValue('foo')); |
|
155
|
|
|
|
|
156
|
|
|
$this->encryption->expects($this->once()) |
|
157
|
|
|
->method('verify') |
|
158
|
|
|
->will($this->returnValue(true)); |
|
159
|
|
|
|
|
160
|
|
|
$this->signer->expects($this->once()) |
|
161
|
|
|
->method('getUnsignedValue') |
|
162
|
|
|
->will($this->returnValue('bar')); |
|
163
|
|
|
|
|
164
|
|
|
$this->token->expects($this->once()) |
|
165
|
|
|
->method('getSignature') |
|
166
|
|
|
->will($this->returnValue('bar')); |
|
167
|
|
|
|
|
168
|
|
|
$verifier = new EncryptionVerifierStub($this->encryption, $this->encoder, $this->signer); |
|
169
|
|
|
$verifier->verify($this->token); |
|
170
|
|
|
} |
|
171
|
|
|
} |
|
172
|
|
|
|
emarref /
jwt
Loading history...
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.