MD5UrlSignerTest - Code Metrics - Inspection of "Replace phpspec with PHPUnit" - spatie/url-signer - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#18)

by lee

created 2018-11-22 09:27 UTC

MD5UrlSignerTest A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	118
Duplicated Lines	0 %

Coupling/Cohesion

Components	3
Dependencies	2

Importance

Changes

Metric	Value
wmc	11
lcom	3
cbo	2
dl	0
loc	118
rs	10
c	0
b	0
f	0

11 Methods

Rating	Name	Size	Complexity
A	it_is_initialized()	6	1
A	it_will_throw_an_exception_for_an_empty_signatureKey()	6	1
A	it_returns_false_when_validating_a_forged_url()	7	1
A	it_returns_false_when_validating_an_expired_url()	7	1
A	it_returns_true_when_validating_an_non_expired_url()	9	1
A	unsignedUrlProvider()	7	1
A	it_returns_false_when_validating_an_unsigned_url()	6	1
A	it_does_a_strict_check_on_expirations()	10	1
A	pastExpirationProvider()	7	1
A	it_doesnt_allow_expirations_in_the_past()	9	1
A	it_keeps_the_urls_query_parameters_intact()	16	1

<?php

namespace spec\Spatie\UrlSigner;

use DateTime;
use DateTimeZone;
use League\Url\UrlImmutable;
use PHPUnit\Framework\TestCase;
use Spatie\UrlSigner\Exceptions\InvalidExpiration;
use Spatie\UrlSigner\Exceptions\InvalidSignatureKey;
use Spatie\UrlSigner\MD5UrlSigner;
use Spatie\UrlSigner\UrlSigner;

class MD5UrlSignerTest extends TestCase
{
    /** @test */
    public function it_is_initialized()
    {
        $urlSigner = new MD5UrlSigner('random_monkey');

        $this->assertInstanceOf(MD5UrlSigner::class, $urlSigner);
    }

    /** @test */
    public function it_will_throw_an_exception_for_an_empty_signatureKey()
    {
        $this->expectException(InvalidSignatureKey::class);

        $urlSigner = new MD5UrlSigner('');
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
    }

    /** @test */
    public function it_returns_false_when_validating_a_forged_url()
    {
        $signedUrl = 'http://myapp.com/somewhereelse/?expires=4594900544&signature=41d5c3a92c6ef94e73cb70c7dcda0859';
        $urlSigner = new MD5UrlSigner('random_monkey');

        $this->assertFalse($urlSigner->validate($signedUrl));
    }

    /** @test */
    public function it_returns_false_when_validating_an_expired_url()
    {
        $signedUrl = 'http://myapp.com/?expires=1123690544&signature=93e02326d7572632dd6edfa2665f2743';
        $urlSigner = new MD5UrlSigner('random_monkey');

        $this->assertFalse($urlSigner->validate($signedUrl));
    }

    /** @test */
    public function it_returns_true_when_validating_an_non_expired_url()
    {
        $url = 'http://myapp.com';
        $expiration = 10000;
        $urlSigner = new MD5UrlSigner('random_monkey');
        $signedUrl = $urlSigner->sign($url, $expiration);

        $this->assertTrue($urlSigner->validate($signedUrl));
    }

    public function unsignedUrlProvider()
    {
        return [
            ['http://myapp.com/?expires=4594900544'],
            ['http://myapp.com/?signature=41d5c3a92c6ef94e73cb70c7dcda0859'],
        ];
    }

    /**
     * @test
     * @dataProvider unsignedUrlProvider
     */
    public function it_returns_false_when_validating_an_unsigned_url($unsignedUrl)
    {
        $urlSigner = new MD5UrlSigner('random_monkey');

        $this->assertFalse($urlSigner->validate($unsignedUrl));
    }

    /** @test */
    public function it_does_a_strict_check_on_expirations()
    {
        $url = 'http://myapp.com';
        $expiration = '30';
        $urlSigner = new MD5UrlSigner('random_monkey');

        $this->expectException(InvalidExpiration::class);

        $urlSigner->sign($url, $expiration);
    }

    public function pastExpirationProvider()
    {
        return [
            [DateTime::createFromFormat('d/m/Y H:i:s', '10/08/2005 18:15:44')],
            [-10],
        ];
    }

    /**
     * @test
     * @dataProvider pastExpirationProvider
     */
    public function it_doesnt_allow_expirations_in_the_past($pastExpiration)
    {
        $url = 'http://myapp.com';
        $urlSigner = new MD5UrlSigner('random_monkey');

        $this->expectException(InvalidExpiration::class);

        $urlSigner->sign($url, $pastExpiration);
    }

    /** @test */
    public function it_keeps_the_urls_query_parameters_intact()
    {
        $url = 'http://myapp.com/?foo=bar&baz=qux';
        $expiration = DateTime::createFromFormat(
            'd/m/Y H:i:s',
            '10/08/2115 18:15:44',
            new DateTimeZone('Europe/Brussels')
        );
        $exepectedUrl = 'http://myapp.com/?foo=bar&baz=qux&expires=4594900544&signature=728971d9fd0682793d2a1e96b734d949';

        $urlSigner = new MD5UrlSigner('random_monkey');
        $signedUrl = $urlSigner->sign($url, $expiration);
<?php

function getDate($date)
{
    if ($date !== null) {
        return new DateTime($date);
    }

    return false;
}

        $this->assertSame($exepectedUrl, $signedUrl);
        $this->assertTrue($urlSigner->validate($signedUrl));
    }
}


1			<?php
2
3			namespace spec\Spatie\UrlSigner;
4
5			use DateTime;
6			use DateTimeZone;
7			use League\Url\UrlImmutable;
8			use PHPUnit\Framework\TestCase;
9			use Spatie\UrlSigner\Exceptions\InvalidExpiration;
10			use Spatie\UrlSigner\Exceptions\InvalidSignatureKey;
11			use Spatie\UrlSigner\MD5UrlSigner;
12			use Spatie\UrlSigner\UrlSigner;
13
14			class MD5UrlSignerTest extends TestCase
15			{
16			/** @test */
17			public function it_is_initialized()
18			{
19			$urlSigner = new MD5UrlSigner('random_monkey');
20
21			$this->assertInstanceOf(MD5UrlSigner::class, $urlSigner);
22			}
23
24			/** @test */
25			public function it_will_throw_an_exception_for_an_empty_signatureKey()
26			{
27			$this->expectException(InvalidSignatureKey::class);
28
29			$urlSigner = new MD5UrlSigner('');
			0 ignored issues – show Unused Code introduced 2018-11-22 09:29 UTC by Report Bug Copy Issue Report `$urlSigner` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
30			}
31
32			/** @test */
33			public function it_returns_false_when_validating_a_forged_url()
34			{
35			$signedUrl = 'http://myapp.com/somewhereelse/?expires=4594900544&signature=41d5c3a92c6ef94e73cb70c7dcda0859';
36			$urlSigner = new MD5UrlSigner('random_monkey');
37
38			$this->assertFalse($urlSigner->validate($signedUrl));
39			}
40
41			/** @test */
42			public function it_returns_false_when_validating_an_expired_url()
43			{
44			$signedUrl = 'http://myapp.com/?expires=1123690544&signature=93e02326d7572632dd6edfa2665f2743';
45			$urlSigner = new MD5UrlSigner('random_monkey');
46
47			$this->assertFalse($urlSigner->validate($signedUrl));
48			}
49
50			/** @test */
51			public function it_returns_true_when_validating_an_non_expired_url()
52			{
53			$url = 'http://myapp.com';
54			$expiration = 10000;
55			$urlSigner = new MD5UrlSigner('random_monkey');
56			$signedUrl = $urlSigner->sign($url, $expiration);
57
58			$this->assertTrue($urlSigner->validate($signedUrl));
59			}
60
61			public function unsignedUrlProvider()
62			{
63			return [
64			['http://myapp.com/?expires=4594900544'],
65			['http://myapp.com/?signature=41d5c3a92c6ef94e73cb70c7dcda0859'],
66			];
67			}
68
69			/**
70			* @test
71			* @dataProvider unsignedUrlProvider
72			*/
73			public function it_returns_false_when_validating_an_unsigned_url($unsignedUrl)
74			{
75			$urlSigner = new MD5UrlSigner('random_monkey');
76
77			$this->assertFalse($urlSigner->validate($unsignedUrl));
78			}
79
80			/** @test */
81			public function it_does_a_strict_check_on_expirations()
82			{
83			$url = 'http://myapp.com';
84			$expiration = '30';
85			$urlSigner = new MD5UrlSigner('random_monkey');
86
87			$this->expectException(InvalidExpiration::class);
88
89			$urlSigner->sign($url, $expiration);
90			}
91
92			public function pastExpirationProvider()
93			{
94			return [
95			[DateTime::createFromFormat('d/m/Y H:i:s', '10/08/2005 18:15:44')],
96			[-10],
97			];
98			}
99
100			/**
101			* @test
102			* @dataProvider pastExpirationProvider
103			*/
104			public function it_doesnt_allow_expirations_in_the_past($pastExpiration)
105			{
106			$url = 'http://myapp.com';
107			$urlSigner = new MD5UrlSigner('random_monkey');
108
109			$this->expectException(InvalidExpiration::class);
110
111			$urlSigner->sign($url, $pastExpiration);
112			}
113
114			/** @test */
115			public function it_keeps_the_urls_query_parameters_intact()
116			{
117			$url = 'http://myapp.com/?foo=bar&baz=qux';
118			$expiration = DateTime::createFromFormat(
119			'd/m/Y H:i:s',
120			'10/08/2115 18:15:44',
121			new DateTimeZone('Europe/Brussels')
122			);
123			$exepectedUrl = 'http://myapp.com/?foo=bar&baz=qux&expires=4594900544&signature=728971d9fd0682793d2a1e96b734d949';
124
125			$urlSigner = new MD5UrlSigner('random_monkey');
126			$signedUrl = $urlSigner->sign($url, $expiration);
			0 ignored issues – show Security Bug introduced 2018-11-22 09:29 UTC by Report Bug Copy Issue Report It seems like `$expiration` defined by `\DateTime::createFromFor...one('Europe/Brussels'))` on line `118` can also be of type `false`; however, `Spatie\UrlSigner\BaseUrlSigner::sign()` does only seem to accept `object<DateTime>\|integer`, did you maybe forget to handle an error condition? This check looks for type mismatches where the missing type is `false`. This is usually indicative of an error condtion. Consider the follow example <?php function getDate($date) { if ($date !== null) { return new DateTime($date); } return false; } This function either returns a new `DateTime` object or false, if there was an error. This is a typical pattern in PHP programming to show that an error has occurred without raising an exception. The calling code should check for this returned `false` before passing on the value to another function or method that may not be able to handle a `false`. Loading history...
127
128			$this->assertSame($exepectedUrl, $signedUrl);
129			$this->assertTrue($urlSigner->validate($signedUrl));
130			}
131			}
132

spatie / url-signer

Pull Request — master (#18)

MD5UrlSignerTest A

Complexity

Size/Duplication

Coupling/Cohesion

Importance

11 Methods

Duplication Side-by-Side

Filter issues like