CsrfHeaderCheckMiddlewareTest::testGetRequest() - Code Metrics - thecodingmachine/csrf-header-check-middleware - Measure and Improve Code Quality continuously with Scrutinizer

CsrfHeaderCheckMiddlewareTest::testGetRequest() A
last analyzed 2018-02-27 16:15 UTC

↳ Parent: CsrfHeaderCheckMiddlewareTest

Complexity

Conditions	1
Paths	1

Size

Total Lines	11
Code Lines	5

Duplication

Lines	11
Ratio	100 %

Importance

Changes

Metric	Value
dl	11
loc	11
rs	9.4285
c	0
b	0
f	0
cc	1
eloc	5
nc	1
nop	0

<?php
declare(strict_types=1);

namespace TheCodingMachine\Middlewares;

use PHPUnit\Framework\TestCase;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use TheCodingMachine\Middlewares\SafeRequests\IsSafeHttpMethod;
use Zend\Diactoros\Request;
use Zend\Diactoros\Response;
use Zend\Diactoros\ServerRequest;

class CsrfHeaderCheckMiddlewareTest extends AbstractMiddlewareTest
{
    public function testGetRequest()

    {
        $request = new ServerRequest([], [], "http://alice.com/hello", "Get");

        $middleware = CsrfHeaderCheckMiddlewareFactory::createDefault();


        $response = $middleware->process($request, $this->getDelegate());

        $this->assertSame('foobar', (string) $response->getBody());
    }

    public function testFailingPostRequestNoHost()

    {
        $request = new ServerRequest([], [], "http://alice.com/hello", "Post");
        $request = $request->withHeader('Origin', "http://alice.com");
        $request = $request->withoutHeader('Host');

        $middleware = CsrfHeaderCheckMiddlewareFactory::createDefault();

        $this->expectException(CsrfHeaderCheckMiddlewareException::class);
        $this->expectExceptionMessage('Could not find the HOST header in the HTTP request.');

        $response = $middleware->process($request, $this->getDelegate());
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
    }

    public function testSuccessfullPostWithOriginAndHost()

    {
        $request = new ServerRequest([], [], "http://alice.com/hello", "Post");
        $request = $request->withHeader('Origin', "http://alice.com");

        $middleware = CsrfHeaderCheckMiddlewareFactory::createDefault();

        $response = $middleware->process($request, $this->getDelegate());

        $this->assertSame('foobar', (string) $response->getBody());
    }

    public function testSuccessfullPostWithOriginAndHostAndPort()

    {
        $request = new ServerRequest([], [], "http://alice.com:8080/hello", "Post");
        $request = $request->withHeader('Origin', "http://alice.com:8080");

        $middleware = CsrfHeaderCheckMiddlewareFactory::createDefault();

        $response = $middleware->process($request, $this->getDelegate());

        $this->assertSame('foobar', (string) $response->getBody());
    }

    public function testAttackPostWithOriginAndHost()

    {
        $request = new ServerRequest([], [], "http://alice.com/hello", "Post");
        $request = $request->withHeader('Origin', "http://eve.com");

        $middleware = CsrfHeaderCheckMiddlewareFactory::createDefault();

        $this->expectException(CsrfHeaderCheckMiddlewareException::class);
        $this->expectExceptionMessage('Potential CSRF attack stopped. Source origin and target origin do not match.');
        $response = $middleware->process($request, $this->getDelegate());
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
    }

    public function testExceptionOnWeirdRequests()

    {
        $request = new ServerRequest([], [], "http://alice.com/hello", "Post");
        $request = $request->withHeader('Origin', "http://eve.com");
        $request = $request->withAddedHeader('Origin', "http://alice.com");

        $middleware = CsrfHeaderCheckMiddlewareFactory::createDefault();

        $this->expectException(CsrfHeaderCheckMiddlewareException::class);
        $this->expectExceptionMessage('Unexpected request: more than one ORIGIN header sent.');
        $response = $middleware->process($request, $this->getDelegate());
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
    }
}


1		<?php
2		declare(strict_types=1);
3
4		namespace TheCodingMachine\Middlewares;
5
6		use PHPUnit\Framework\TestCase;
7		use Psr\Http\Message\ResponseInterface;
8		use Psr\Http\Message\ServerRequestInterface;
9		use TheCodingMachine\Middlewares\SafeRequests\IsSafeHttpMethod;
10		use Zend\Diactoros\Request;
11		use Zend\Diactoros\Response;
12		use Zend\Diactoros\ServerRequest;
13
14		class CsrfHeaderCheckMiddlewareTest extends AbstractMiddlewareTest
15		{
16	View Code Duplication	public function testGetRequest()
		0 ignored issues – show Duplication introduced 2018-02-27 14:46 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
17		{
18		$request = new ServerRequest([], [], "http://alice.com/hello", "Get");
19
20		$middleware = CsrfHeaderCheckMiddlewareFactory::createDefault();
21
22
23		$response = $middleware->process($request, $this->getDelegate());
24
25		$this->assertSame('foobar', (string) $response->getBody());
26		}
27
28	View Code Duplication	public function testFailingPostRequestNoHost()
		0 ignored issues – show Duplication introduced 2018-02-27 14:46 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
29		{
30		$request = new ServerRequest([], [], "http://alice.com/hello", "Post");
31		$request = $request->withHeader('Origin', "http://alice.com");
32		$request = $request->withoutHeader('Host');
33
34		$middleware = CsrfHeaderCheckMiddlewareFactory::createDefault();
35
36		$this->expectException(CsrfHeaderCheckMiddlewareException::class);
37		$this->expectExceptionMessage('Could not find the HOST header in the HTTP request.');
38
39		$response = $middleware->process($request, $this->getDelegate());
		0 ignored issues – show Unused Code introduced 2017-06-08 16:21 UTC by Report Bug Copy Issue Report `$response` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
40		}
41
42	View Code Duplication	public function testSuccessfullPostWithOriginAndHost()
		0 ignored issues – show Duplication introduced 2018-02-27 14:46 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
43		{
44		$request = new ServerRequest([], [], "http://alice.com/hello", "Post");
45		$request = $request->withHeader('Origin', "http://alice.com");
46
47		$middleware = CsrfHeaderCheckMiddlewareFactory::createDefault();
48
49		$response = $middleware->process($request, $this->getDelegate());
50
51		$this->assertSame('foobar', (string) $response->getBody());
52		}
53
54	View Code Duplication	public function testSuccessfullPostWithOriginAndHostAndPort()
		0 ignored issues – show Duplication introduced 2018-02-27 14:46 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
55		{
56		$request = new ServerRequest([], [], "http://alice.com:8080/hello", "Post");
57		$request = $request->withHeader('Origin', "http://alice.com:8080");
58
59		$middleware = CsrfHeaderCheckMiddlewareFactory::createDefault();
60
61		$response = $middleware->process($request, $this->getDelegate());
62
63		$this->assertSame('foobar', (string) $response->getBody());
64		}
65
66	View Code Duplication	public function testAttackPostWithOriginAndHost()
		0 ignored issues – show Duplication introduced 2018-02-27 14:46 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
67		{
68		$request = new ServerRequest([], [], "http://alice.com/hello", "Post");
69		$request = $request->withHeader('Origin', "http://eve.com");
70
71		$middleware = CsrfHeaderCheckMiddlewareFactory::createDefault();
72
73		$this->expectException(CsrfHeaderCheckMiddlewareException::class);
74		$this->expectExceptionMessage('Potential CSRF attack stopped. Source origin and target origin do not match.');
75		$response = $middleware->process($request, $this->getDelegate());
		0 ignored issues – show Unused Code introduced 2017-06-08 16:21 UTC by Report Bug Copy Issue Report `$response` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
76		}
77
78	View Code Duplication	public function testExceptionOnWeirdRequests()
		0 ignored issues – show Duplication introduced 2018-02-27 14:46 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
79		{
80		$request = new ServerRequest([], [], "http://alice.com/hello", "Post");
81		$request = $request->withHeader('Origin', "http://eve.com");
82		$request = $request->withAddedHeader('Origin', "http://alice.com");
83
84		$middleware = CsrfHeaderCheckMiddlewareFactory::createDefault();
85
86		$this->expectException(CsrfHeaderCheckMiddlewareException::class);
87		$this->expectExceptionMessage('Unexpected request: more than one ORIGIN header sent.');
88		$response = $middleware->process($request, $this->getDelegate());
		0 ignored issues – show Unused Code introduced 2017-06-08 16:21 UTC by Report Bug Copy Issue Report `$response` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
89		}
90		}
91

thecodingmachine / csrf-header-check-middleware

CsrfHeaderCheckMiddlewareTest::testGetRequest() A last analyzed 2018-02-27 16:15 UTC

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like

CsrfHeaderCheckMiddlewareTest::testGetRequest() A
last analyzed 2018-02-27 16:15 UTC