|
1
|
|
|
<?php |
|
2
|
|
|
/** |
|
3
|
|
|
* Fetching authentication information from Cookie header. |
|
4
|
|
|
*/ |
|
5
|
|
|
|
|
6
|
|
|
namespace Graviton\SecurityBundle\Authentication\Strategies; |
|
7
|
|
|
|
|
8
|
|
|
use Graviton\TestBundle\Test\WebTestCase; |
|
9
|
|
|
use Symfony\Component\BrowserKit\Cookie; |
|
10
|
|
|
|
|
11
|
|
|
/** |
|
12
|
|
|
* Class CookieFieldStrategyTest |
|
13
|
|
|
* |
|
14
|
|
|
* @author List of contributors <https://github.com/libgraviton/graviton/graphs/contributors> |
|
15
|
|
|
* @license http://opensource.org/licenses/gpl-license.php GNU Public License |
|
16
|
|
|
* @link http://swisscom.ch |
|
17
|
|
|
*/ |
|
18
|
|
|
class CookieFieldStrategyTest extends WebTestCase |
|
19
|
|
|
{ |
|
20
|
|
|
protected $strategy; |
|
21
|
|
|
protected $client; |
|
22
|
|
|
protected $propertyKey; |
|
23
|
|
|
|
|
24
|
|
|
/** |
|
25
|
|
|
* UnitTest Starts this on reach test |
|
26
|
|
|
* @return void |
|
27
|
|
|
*/ |
|
28
|
|
|
public function setUp() |
|
29
|
|
|
{ |
|
30
|
|
|
parent::setUp(); |
|
31
|
|
|
|
|
32
|
|
|
/** @var \Symfony\Bundle\FrameworkBundle\Client client */ |
|
33
|
|
|
$this->client = static::createClient(); |
|
34
|
|
|
$this->propertyKey = $this->client->getKernel()->getContainer()->getParameter('graviton.security.authentication.strategy_key'); |
|
35
|
|
|
$this->strategy = new CookieFieldStrategy( |
|
36
|
|
|
$this->propertyKey |
|
37
|
|
|
); |
|
38
|
|
|
|
|
39
|
|
|
} |
|
40
|
|
|
|
|
41
|
|
|
/** |
|
42
|
|
|
* @covers \Graviton\SecurityBundle\Authentication\Strategies\CookieFieldStrategy::apply |
|
43
|
|
|
* @covers \Graviton\SecurityBundle\Authentication\Strategies\AbstractHttpStrategy::extractFieldInfo |
|
44
|
|
|
* @covers \Graviton\SecurityBundle\Authentication\Strategies\AbstractHttpStrategy::validateField |
|
45
|
|
|
* |
|
46
|
|
|
* @dataProvider stringProvider |
|
47
|
|
|
* |
|
48
|
|
|
* @param string $fieldValue value to check |
|
49
|
|
|
* |
|
50
|
|
|
* @return void |
|
51
|
|
|
*/ |
|
52
|
|
View Code Duplication |
public function testApply($fieldValue) |
|
|
|
|
|
|
53
|
|
|
{ |
|
54
|
|
|
$cookie = new Cookie( |
|
55
|
|
|
$this->propertyKey, |
|
56
|
|
|
$fieldValue, |
|
57
|
|
|
time() + 3600 * 24 * 7, |
|
58
|
|
|
'/', |
|
59
|
|
|
null, |
|
60
|
|
|
false, |
|
61
|
|
|
false |
|
62
|
|
|
); |
|
63
|
|
|
$this->client->getCookieJar()->set($cookie); |
|
64
|
|
|
$this->client->request( |
|
65
|
|
|
'GET', //method |
|
66
|
|
|
'/', //uri |
|
67
|
|
|
array(), //parameters |
|
68
|
|
|
array(), //files |
|
69
|
|
|
array() //server |
|
70
|
|
|
); |
|
71
|
|
|
|
|
72
|
|
|
$this->assertSame($fieldValue, $this->strategy->apply($this->client->getRequest())); |
|
|
|
|
|
|
73
|
|
|
} |
|
74
|
|
|
|
|
75
|
|
|
/** |
|
76
|
|
|
* @return array<string> |
|
77
|
|
|
*/ |
|
78
|
|
View Code Duplication |
public function stringProvider() |
|
|
|
|
|
|
79
|
|
|
{ |
|
80
|
|
|
return array( |
|
81
|
|
|
'plain string, no special chars' => array('exampleAuthenticationHeader'), |
|
82
|
|
|
'string with special chars' => array("$-_.+!*'(),{}|\\^~[]`<>#%;/?:@&=."), |
|
83
|
|
|
'string with octal chars' => array("a: \141, A: \101"), |
|
84
|
|
|
'string with hex chars' => array("a: \x61, A: \x41") |
|
85
|
|
|
); |
|
86
|
|
|
} |
|
87
|
|
|
|
|
88
|
|
|
/** |
|
89
|
|
|
* Todo, find a way to have also to client id set in request stack. |
|
90
|
|
|
* |
|
91
|
|
|
* @covers \Graviton\SecurityBundle\Authentication\Strategies\CookieFieldStrategy::apply |
|
92
|
|
|
* @covers \Graviton\SecurityBundle\Authentication\Strategies\AbstractHttpStrategy::extractFieldInfo |
|
93
|
|
|
* @covers \Graviton\SecurityBundle\Authentication\Strategies\AbstractHttpStrategy::validateField |
|
94
|
|
|
* @covers \Graviton\SecurityBundle\Authentication\Strategies\CookieFieldStrategy::setDynamicParameters |
|
95
|
|
|
* |
|
96
|
|
|
* @dataProvider stringExtractProvider |
|
97
|
|
|
* |
|
98
|
|
|
* @param string $fieldValue value to check |
|
99
|
|
|
* |
|
100
|
|
|
* @return void |
|
101
|
|
|
*/ |
|
102
|
|
View Code Duplication |
public function testApplyExtract($fieldValue) |
|
|
|
|
|
|
103
|
|
|
{ |
|
104
|
|
|
$cookie = new Cookie( |
|
105
|
|
|
$this->propertyKey, |
|
106
|
|
|
$fieldValue, |
|
107
|
|
|
time() + 3600 * 24 * 7, |
|
108
|
|
|
'/', |
|
109
|
|
|
null, |
|
110
|
|
|
false, |
|
111
|
|
|
false |
|
112
|
|
|
); |
|
113
|
|
|
$this->client->getCookieJar()->set($cookie); |
|
114
|
|
|
$this->client->request( |
|
115
|
|
|
'GET', //method |
|
116
|
|
|
'/', //uri |
|
117
|
|
|
array(), //parameters |
|
118
|
|
|
array(), //files |
|
119
|
|
|
array() //server |
|
120
|
|
|
); |
|
121
|
|
|
|
|
122
|
|
|
$this->assertSame('testUser', $this->strategy->apply($this->client->getRequest())); |
|
|
|
|
|
|
123
|
|
|
} |
|
124
|
|
|
|
|
125
|
|
|
/** |
|
126
|
|
|
* @return array<string> |
|
127
|
|
|
*/ |
|
128
|
|
|
public function stringExtractProvider() |
|
129
|
|
|
{ |
|
130
|
|
|
return array( |
|
131
|
|
|
'testing extract username' => array("username=testUser,finnova_id=someId123"), |
|
132
|
|
|
'testing extract rev username' => array("finnova_id=someId123,username=testUser"), |
|
133
|
|
|
); |
|
134
|
|
|
} |
|
135
|
|
|
} |
|
136
|
|
|
|
libgraviton /
graviton
Loading history...
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.