FunctionalTest::cannotGetSecuredContentWithoutToken() - Code Metrics - Inspection of "Dynamic secret loading feature" - kleijnweb/jwt-bundle - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#7)

by John

created 2016-05-01 10:31 UTC

cannotGetSecuredContentWithoutToken() A

↳ Parent: FunctionalTest

Complexity

Conditions	1
Paths	1

Size

Total Lines	4
Code Lines	2

Duplication

Lines	0
Ratio	0 %

Importance

Changes	2
Bugs	0	Features	0

Metric	Value
c	2
b	0
f	0
dl	0
loc	4
rs	10
cc	1
eloc	2
nc	1
nop	0

<?php
/*
 * This file is part of the KleijnWeb\JwtBundle package.
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace KleijnWeb\JwtBundle\Tests\Functional;

use KleijnWeb\JwtBundle\Tests\Authenticator\AuthenticatorTest;
use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
use Symfony\Bundle\FrameworkBundle\Client;

/**
 * @author John Kleijn <[email protected]>
 */
class FunctionalTest extends WebTestCase
{
    // @codingStandardsIgnoreStart
    const PSK_TOKEN = AuthenticatorTest::TEST_TOKEN;
    const HMAC_TOKEN = 'eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImtleVR3byJ9.eyJwcm4iOiJqb2huIiwiaXNzIjoiaHR0cDovL2FwaS5zZXJ2ZXIyLmNvbS9vYXV0aDIvdG9rZW4ifQ.vdGhD5E4Ibj2Tndlh_0pPgJsOuRUpAn1QYu5miB6qwjrXhKCicuTKOuC9x2_2ErUOApv5KiblYds_gcWONdGKx1tQyQa1dsuhrkiVn_VJAsaaix8nJiHAuNv-ukm8mnSWJoVuOcTQIQG8IaupviyphEAEdjrm9QQhvzERgdFUT4bdCdfywrC37oYEAH5bHpiiUK2UzyNuUIHwOP_gWODodbEWRJOxtefwJ_vdpqHvSZzyW7Vei4mCtr2vE1k2qBvG_Qjw2ebLfEdX58k6-eYa7phle9hYjA_q-I8Y-S1ulBiVf_tpvayk8-4lWup9Wbg_BT2vDJOidQgM4l9jV9QHg';
    const DYN_HMAC_TOKEN = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImtleVRocmVlIn0.eyJwcm4iOiJqb2UiLCJpc3MiOiJodHRwOi8vYXBpLnNlcnZlcjIuY29tL29hdXRoMi90b2tlbiJ9.fv9yrTk3AnPTle_ikBY2EjIFhb1xaxKO4-Vop2AxnME';
    // @codingStandardsIgnoreEnd

    /**
     * @test
     */
    public function canGetUnsecuredContentWithoutToken()
    {
        $this->assertSame(
            'UNSECURED CONTENT',
            $this->makeRequest('/unsecured')
        );
    }

    /**
     * @test
     * @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException
     */
    public function cannotGetSecuredContentWithoutToken()
    {
        $this->makeRequest('/secured');
    }

    /**
     * @test
     * @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException
     */
    public function cannotGetSecuredContentWitInvalidToken()
    {
        $this->makeRequest('/secured', 'foo');
    }

    /**
     * @test
     */
    public function canGetSecuredContentWitValidPskToken()
    {
        $this->assertSame(
            'SECURED CONTENT',
            $this->makeRequest('/secured', self::PSK_TOKEN)
        );
    }

    /**
     * @test
     */
    public function canGetSecuredContentWitValidHmacToken()
    {
        $this->assertSame(
            'SECURED CONTENT',
            $this->makeRequest('/secured', self::HMAC_TOKEN)
        );
    }

    /**
     * @test
     */
    public function canGetSecuredContentWithSecretLoader()
    {
        $this->assertSame(
            'CONTENT SECURED WITH SECRET LOADER',
            $this->makeRequest('/secured-with-secret-loader', self::DYN_HMAC_TOKEN)
        );
    }

    /**
     * @param string $url
     * @param string $token
     *
     * @return string
     */
    private function makeRequest($url, $token = null)
    {
        $client = $this->createClient();
        $server = [];
        if ($token) {
''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
            $server = ['HTTP_AUTHORIZATION' => 'Bearer ' . $token];
        }
        $client->request('GET', $url, $parameters = [], $files = [], $server);

        return $client->getResponse()->getContent();
    }
}


1			<?php
2			/*
3			* This file is part of the KleijnWeb\JwtBundle package.
4			*
5			* For the full copyright and license information, please view the LICENSE
6			* file that was distributed with this source code.
7			*/
8
9			namespace KleijnWeb\JwtBundle\Tests\Functional;
10
11			use KleijnWeb\JwtBundle\Tests\Authenticator\AuthenticatorTest;
12			use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
13			use Symfony\Bundle\FrameworkBundle\Client;
14
15			/**
16			* @author John Kleijn <[email protected]>
17			*/
18			class FunctionalTest extends WebTestCase
19			{
20			// @codingStandardsIgnoreStart
21			const PSK_TOKEN = AuthenticatorTest::TEST_TOKEN;
22			const HMAC_TOKEN = 'eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImtleVR3byJ9.eyJwcm4iOiJqb2huIiwiaXNzIjoiaHR0cDovL2FwaS5zZXJ2ZXIyLmNvbS9vYXV0aDIvdG9rZW4ifQ.vdGhD5E4Ibj2Tndlh_0pPgJsOuRUpAn1QYu5miB6qwjrXhKCicuTKOuC9x2_2ErUOApv5KiblYds_gcWONdGKx1tQyQa1dsuhrkiVn_VJAsaaix8nJiHAuNv-ukm8mnSWJoVuOcTQIQG8IaupviyphEAEdjrm9QQhvzERgdFUT4bdCdfywrC37oYEAH5bHpiiUK2UzyNuUIHwOP_gWODodbEWRJOxtefwJ_vdpqHvSZzyW7Vei4mCtr2vE1k2qBvG_Qjw2ebLfEdX58k6-eYa7phle9hYjA_q-I8Y-S1ulBiVf_tpvayk8-4lWup9Wbg_BT2vDJOidQgM4l9jV9QHg';
23			const DYN_HMAC_TOKEN = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImtleVRocmVlIn0.eyJwcm4iOiJqb2UiLCJpc3MiOiJodHRwOi8vYXBpLnNlcnZlcjIuY29tL29hdXRoMi90b2tlbiJ9.fv9yrTk3AnPTle_ikBY2EjIFhb1xaxKO4-Vop2AxnME';
24			// @codingStandardsIgnoreEnd
25
26			/**
27			* @test
28			*/
29			public function canGetUnsecuredContentWithoutToken()
30			{
31			$this->assertSame(
32			'UNSECURED CONTENT',
33			$this->makeRequest('/unsecured')
34			);
35			}
36
37			/**
38			* @test
39			* @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException
40			*/
41			public function cannotGetSecuredContentWithoutToken()
42			{
43			$this->makeRequest('/secured');
44			}
45
46			/**
47			* @test
48			* @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException
49			*/
50			public function cannotGetSecuredContentWitInvalidToken()
51			{
52			$this->makeRequest('/secured', 'foo');
53			}
54
55			/**
56			* @test
57			*/
58			public function canGetSecuredContentWitValidPskToken()
59			{
60			$this->assertSame(
61			'SECURED CONTENT',
62			$this->makeRequest('/secured', self::PSK_TOKEN)
63			);
64			}
65
66			/**
67			* @test
68			*/
69			public function canGetSecuredContentWitValidHmacToken()
70			{
71			$this->assertSame(
72			'SECURED CONTENT',
73			$this->makeRequest('/secured', self::HMAC_TOKEN)
74			);
75			}
76
77			/**
78			* @test
79			*/
80			public function canGetSecuredContentWithSecretLoader()
81			{
82			$this->assertSame(
83			'CONTENT SECURED WITH SECRET LOADER',
84			$this->makeRequest('/secured-with-secret-loader', self::DYN_HMAC_TOKEN)
85			);
86			}
87
88			/**
89			* @param string $url
90			* @param string $token
91			*
92			* @return string
93			*/
94			private function makeRequest($url, $token = null)
95			{
96			$client = $this->createClient();
97			$server = [];
98			if ($token) {
			0 ignored issues – show Bug Best Practice introduced 2016-05-01 10:33 UTC by Report Bug Copy Issue Report The expression `$token` of type `string\|null` is loosely compared to `true`; this is ambiguous if the string can be empty. You might want to explicitly use `!== null` instead. In PHP, under loose comparison (like `==`, or `!=`, or `switch` conditions), values of different types might be equal. For `string` values, the empty string `''` is a special case, in particular the following results might be unexpected: '' == false // true '' == null // true 'ab' == false // false 'ab' == null // false // It is often better to use strict comparison '' === false // false '' === null // false Loading history...
99			$server = ['HTTP_AUTHORIZATION' => 'Bearer ' . $token];
100			}
101			$client->request('GET', $url, $parameters = [], $files = [], $server);
102
103			return $client->getResponse()->getContent();
104			}
105			}
106

kleijnweb / jwt-bundle

Pull Request — master (#7)

cannotGetSecuredContentWithoutToken() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like