MD5UrlSignerTest::unsignedUrlProvider() - Code Metrics - Inspection of "Merge pull request #18 from peter279k/issue_#17" - spatie/url-signer - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 967e00...d33763 )

by Sebastian

created 2018-11-22 13:57 UTC

MD5UrlSignerTest::unsignedUrlProvider() A

↳ Parent: MD5UrlSignerTest

Complexity

Conditions	1
Paths	1

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	7
rs	10
c	0
b	0
f	0
cc	1
nc	1
nop	0

<?php

namespace spec\Spatie\UrlSigner;

use DateTime;
use DateTimeZone;
use PHPUnit\Framework\TestCase;
use Spatie\UrlSigner\Exceptions\InvalidExpiration;
use Spatie\UrlSigner\Exceptions\InvalidSignatureKey;
use Spatie\UrlSigner\MD5UrlSigner;

class MD5UrlSignerTest extends TestCase
{
    /** @test */
    public function it_is_initialized()
    {
        $urlSigner = new MD5UrlSigner('random_monkey');

        $this->assertInstanceOf(MD5UrlSigner::class, $urlSigner);
    }

    /** @test */
    public function it_will_throw_an_exception_for_an_empty_signatureKey()
    {
        $this->expectException(InvalidSignatureKey::class);

        $urlSigner = new MD5UrlSigner('');
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
    }

    /** @test */
    public function it_returns_false_when_validating_a_forged_url()
    {
        $signedUrl = 'http://myapp.com/somewhereelse/?expires=4594900544&signature=41d5c3a92c6ef94e73cb70c7dcda0859';
        $urlSigner = new MD5UrlSigner('random_monkey');

        $this->assertFalse($urlSigner->validate($signedUrl));
    }

    /** @test */
    public function it_returns_false_when_validating_an_expired_url()
    {
        $signedUrl = 'http://myapp.com/?expires=1123690544&signature=93e02326d7572632dd6edfa2665f2743';
        $urlSigner = new MD5UrlSigner('random_monkey');

        $this->assertFalse($urlSigner->validate($signedUrl));
    }

    /** @test */
    public function it_returns_true_when_validating_an_non_expired_url()
    {
        $url = 'http://myapp.com';
        $expiration = 10000;
        $urlSigner = new MD5UrlSigner('random_monkey');
        $signedUrl = $urlSigner->sign($url, $expiration);

        $this->assertTrue($urlSigner->validate($signedUrl));
    }

    public function unsignedUrlProvider()
    {
        return [
            ['http://myapp.com/?expires=4594900544'],
            ['http://myapp.com/?signature=41d5c3a92c6ef94e73cb70c7dcda0859'],
        ];
    }

    /**
     * @test
     * @dataProvider unsignedUrlProvider
     */
    public function it_returns_false_when_validating_an_unsigned_url($unsignedUrl)
    {
        $urlSigner = new MD5UrlSigner('random_monkey');

        $this->assertFalse($urlSigner->validate($unsignedUrl));
    }

    /** @test */
    public function it_does_a_strict_check_on_expirations()
    {
        $url = 'http://myapp.com';
        $expiration = '30';
        $urlSigner = new MD5UrlSigner('random_monkey');

        $this->expectException(InvalidExpiration::class);

        $urlSigner->sign($url, $expiration);
    }

    public function pastExpirationProvider()
    {
        return [
            [DateTime::createFromFormat('d/m/Y H:i:s', '10/08/2005 18:15:44')],
            [-10],
        ];
    }

    /**
     * @test
     * @dataProvider pastExpirationProvider
     */
    public function it_doesnt_allow_expirations_in_the_past($pastExpiration)
    {
        $url = 'http://myapp.com';
        $urlSigner = new MD5UrlSigner('random_monkey');

        $this->expectException(InvalidExpiration::class);

        $urlSigner->sign($url, $pastExpiration);
    }

    /** @test */
    public function it_keeps_the_urls_query_parameters_intact()
    {
        $url = 'http://myapp.com/?foo=bar&baz=qux';
        $expiration = DateTime::createFromFormat(
            'd/m/Y H:i:s',
            '10/08/2115 18:15:44',
            new DateTimeZone('Europe/Brussels')
        );
        $exepectedUrl = 'http://myapp.com/?foo=bar&baz=qux&expires=4594900544&signature=728971d9fd0682793d2a1e96b734d949';

        $urlSigner = new MD5UrlSigner('random_monkey');
        $signedUrl = $urlSigner->sign($url, $expiration);
<?php

function getDate($date)
{
    if ($date !== null) {
        return new DateTime($date);
    }

    return false;
}

        $this->assertSame($exepectedUrl, $signedUrl);
        $this->assertTrue($urlSigner->validate($signedUrl));
    }
}


1			<?php
2
3			namespace spec\Spatie\UrlSigner;
4
5			use DateTime;
6			use DateTimeZone;
7			use PHPUnit\Framework\TestCase;
8			use Spatie\UrlSigner\Exceptions\InvalidExpiration;
9			use Spatie\UrlSigner\Exceptions\InvalidSignatureKey;
10			use Spatie\UrlSigner\MD5UrlSigner;
11
12			class MD5UrlSignerTest extends TestCase
13			{
14			/** @test */
15			public function it_is_initialized()
16			{
17			$urlSigner = new MD5UrlSigner('random_monkey');
18
19			$this->assertInstanceOf(MD5UrlSigner::class, $urlSigner);
20			}
21
22			/** @test */
23			public function it_will_throw_an_exception_for_an_empty_signatureKey()
24			{
25			$this->expectException(InvalidSignatureKey::class);
26
27			$urlSigner = new MD5UrlSigner('');
			0 ignored issues – show Unused Code introduced 2018-11-22 09:29 UTC by Report Bug Copy Issue Report `$urlSigner` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
28			}
29
30			/** @test */
31			public function it_returns_false_when_validating_a_forged_url()
32			{
33			$signedUrl = 'http://myapp.com/somewhereelse/?expires=4594900544&signature=41d5c3a92c6ef94e73cb70c7dcda0859';
34			$urlSigner = new MD5UrlSigner('random_monkey');
35
36			$this->assertFalse($urlSigner->validate($signedUrl));
37			}
38
39			/** @test */
40			public function it_returns_false_when_validating_an_expired_url()
41			{
42			$signedUrl = 'http://myapp.com/?expires=1123690544&signature=93e02326d7572632dd6edfa2665f2743';
43			$urlSigner = new MD5UrlSigner('random_monkey');
44
45			$this->assertFalse($urlSigner->validate($signedUrl));
46			}
47
48			/** @test */
49			public function it_returns_true_when_validating_an_non_expired_url()
50			{
51			$url = 'http://myapp.com';
52			$expiration = 10000;
53			$urlSigner = new MD5UrlSigner('random_monkey');
54			$signedUrl = $urlSigner->sign($url, $expiration);
55
56			$this->assertTrue($urlSigner->validate($signedUrl));
57			}
58
59			public function unsignedUrlProvider()
60			{
61			return [
62			['http://myapp.com/?expires=4594900544'],
63			['http://myapp.com/?signature=41d5c3a92c6ef94e73cb70c7dcda0859'],
64			];
65			}
66
67			/**
68			* @test
69			* @dataProvider unsignedUrlProvider
70			*/
71			public function it_returns_false_when_validating_an_unsigned_url($unsignedUrl)
72			{
73			$urlSigner = new MD5UrlSigner('random_monkey');
74
75			$this->assertFalse($urlSigner->validate($unsignedUrl));
76			}
77
78			/** @test */
79			public function it_does_a_strict_check_on_expirations()
80			{
81			$url = 'http://myapp.com';
82			$expiration = '30';
83			$urlSigner = new MD5UrlSigner('random_monkey');
84
85			$this->expectException(InvalidExpiration::class);
86
87			$urlSigner->sign($url, $expiration);
88			}
89
90			public function pastExpirationProvider()
91			{
92			return [
93			[DateTime::createFromFormat('d/m/Y H:i:s', '10/08/2005 18:15:44')],
94			[-10],
95			];
96			}
97
98			/**
99			* @test
100			* @dataProvider pastExpirationProvider
101			*/
102			public function it_doesnt_allow_expirations_in_the_past($pastExpiration)
103			{
104			$url = 'http://myapp.com';
105			$urlSigner = new MD5UrlSigner('random_monkey');
106
107			$this->expectException(InvalidExpiration::class);
108
109			$urlSigner->sign($url, $pastExpiration);
110			}
111
112			/** @test */
113			public function it_keeps_the_urls_query_parameters_intact()
114			{
115			$url = 'http://myapp.com/?foo=bar&baz=qux';
116			$expiration = DateTime::createFromFormat(
117			'd/m/Y H:i:s',
118			'10/08/2115 18:15:44',
119			new DateTimeZone('Europe/Brussels')
120			);
121			$exepectedUrl = 'http://myapp.com/?foo=bar&baz=qux&expires=4594900544&signature=728971d9fd0682793d2a1e96b734d949';
122
123			$urlSigner = new MD5UrlSigner('random_monkey');
124			$signedUrl = $urlSigner->sign($url, $expiration);
			0 ignored issues – show Security Bug introduced 2018-11-22 09:29 UTC by Report Bug Copy Issue Report It seems like `$expiration` defined by `\DateTime::createFromFor...one('Europe/Brussels'))` on line `116` can also be of type `false`; however, `Spatie\UrlSigner\BaseUrlSigner::sign()` does only seem to accept `object<DateTime>\|integer`, did you maybe forget to handle an error condition? This check looks for type mismatches where the missing type is `false`. This is usually indicative of an error condtion. Consider the follow example <?php function getDate($date) { if ($date !== null) { return new DateTime($date); } return false; } This function either returns a new `DateTime` object or false, if there was an error. This is a typical pattern in PHP programming to show that an error has occurred without raising an exception. The calling code should check for this returned `false` before passing on the value to another function or method that may not be able to handle a `false`. Loading history...
125
126			$this->assertSame($exepectedUrl, $signedUrl);
127			$this->assertTrue($urlSigner->validate($signedUrl));
128			}
129			}
130

spatie / url-signer

Push — master ( 967e00...d33763 )

MD5UrlSignerTest::unsignedUrlProvider() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like