creylopez
/
k8s-cluster-projects
1
1
Fork 0
Code Issues 1 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
66 Commits
1 Branch
422 MiB
 
 
 
 
 
 
Tree: a66aa5b54d
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'a66aa5b54d'
${ noResults }
k8s-cluster-projects/PHP-Tikiwiki/tiki-master/lib/test/auth/AuthTokensTest.php

272 lines
10 KiB
Raw Blame History

<?php
// (c) Copyright by authors of the Tiki Wiki CMS Groupware Project
//
// All Rights Reserved. See copyright.txt for details and a complete list of authors.
// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details.
// $Id$
/**
* @group integration
*/
require_once __DIR__ . '/../../auth/tokens.php';
class AuthTokensTest extends TikiDatabaseTestCase
{
private $db;
private $dt;
private $table;
private $obj;
public function getDataSet()
{
return $this->createMySQLXMLDataSet(__DIR__ . '/fixtures/auth_tokens_dataset.xml');
}
public function setUp(): void
{
$this->db = TikiDb::get();
$this->dt = new DateTime();
$this->dt->setTimezone(new DateTimeZone('UTC'));
// 2012-02-03 15:25:07
$this->dt->setTimestamp('1328282707');
$this->table = $this->db->table('tiki_auth_tokens');
$this->obj = new AuthTokens($this->db, [], $this->dt);
parent::setUp();
}
public function testNoTokensIsDenied(): void
{
$params = [];
$groups = $this->obj->getGroups('AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA', 'tiki-index.php', $params);
$this->assertNull($groups);
}
public function testCreateToken(): void
{
$expectedTable = $this->createMySQLXmlDataSet(__DIR__ . '/fixtures/auth_tokens_dataset_create.xml')
->getTable('tiki_auth_tokens');
$token = $this->obj->createToken('tiki-index.php', ['page' => 'HomePage'], ['Registered'], ['timeout' => 5]);
$this->db->query("UPDATE tiki_auth_tokens SET creation = '2012-02-03 15:25:07', token = '0ae3b4b86286ab68f5a66fb8c49da163' WHERE token = '$token'");
$queryTable = $this->getConnection()->createQueryTable('tiki_auth_tokens', 'SELECT * FROM tiki_auth_tokens');
self::assertTablesEqual($expectedTable, $queryTable);
}
public function testTokenMatchesCompleteHash(): void
{
$token = $this->obj->createToken('tiki-index.php', ['page' => 'HomePage'], ['Registered']);
$row = $this->db->query('SELECT `tokenId`, `creation`, `timeout`, `entry`, `parameters`, `groups` FROM `tiki_auth_tokens` ORDER BY `creation` desc')->fetchRow();
$this->assertEquals(md5(implode('', $row)), $token);
}
public function testRetrieveGroupsForToken(): void
{
$this->dt->setTimestamp(time());
$token = $this->obj->createToken('tiki-index.php', ['page' => 'HomePage'], ['Registered']);
$this->assertEquals(['Registered'], $this->obj->getGroups($token, 'tiki-index.php', ['page' => 'HomePage']));
}
public function testAccessExpiredToken(): void
{
$this->assertNull($this->obj->getGroups("946fc2fa0a5e1cecd54440ce733b8fb4", 'tiki-index.php', ['page' => 'HomePage']));
}
public function testAlteredDataCancels(): void
{
$token = $this->obj->createToken('tiki-index.php', ['page' => 'HomePage'], ['Registered']);
$this->db->query('UPDATE `tiki_auth_tokens` SET `groups` = \'["Admins"]\'');
$this->assertNull($this->obj->getGroups($token, 'tiki-index.php', ['page' => 'HomePage']));
}
public function testExtraDataCancels(): void
{
$token = $this->obj->createToken('tiki-index.php', ['page' => 'HomePage'], ['Registered']);
$this->assertNull($this->obj->getGroups($token, 'tiki-index.php', ['page' => 'HomePage', 'hello' => 'world']));
}
public function testMissingDataCancels(): void
{
$token = $this->obj->createToken('tiki-index.php', ['page' => 'HomePage', 'foobar' => 'baz'], ['Registered']);
$this->assertNull($this->obj->getGroups($token, 'tiki-index.php', ['page' => 'HomePage']));
}
public function testDifferingEntryCancels(): void
{
$token = $this->obj->createToken('tiki-index.php', ['page' => 'HomePage'], ['Registered']);
$this->assertNull($this->obj->getGroups($token, 'tiki-print.php', ['page' => 'HomePage']));
}
public function testDifferingValueCancels(): void
{
$token = $this->obj->createToken('tiki-index.php', ['page' => 'HomePage'], ['Registered']);
$this->assertNull($this->obj->getGroups($token, 'tiki-index.php', ['page' => 'Home']));
}
public function testNoParamerers(): void
{
$this->dt->setTimestamp(time());
$token = $this->obj->createToken('tiki-index.php', [], ['Registered']);
$this->assertEquals(['Registered'], $this->obj->getGroups($token, 'tiki-index.php', []));
}
public function testMaximumTimeout(): void
{
$lib = new AuthTokens(
$this->db,
[
'maxTimeout' => 10,
]
);
$lib->createToken('tiki-index.php', ['page' => 'HomePage'], ['Registered'], ['timeout' => 3600]);
$this->assertEquals(10, $this->db->getOne('SELECT timeout FROM tiki_auth_tokens ORDER BY creation desc'));
}
public function testSameTokenTwice(): void
{
$token = $this->obj->createToken('tiki-index.php', ['page' => 'HomePage'], ['Registered']);
$this->obj->getGroups($token, 'tiki-index.php', ['page' => 'HomePage']);
$this->assertNull($this->obj->getGroups($token, 'tiki-index.php', ['page' => 'HomePage']));
}
public function testAllowMultipleHits(): void
{
$lib = new AuthTokens($this->db, ['maxHits' => 100]);
$token = $lib->createToken('tiki-index.php', ['page' => 'HomePage'], ['Registered'], ['hits' => 3]);
$lib->getGroups($token, 'tiki-index.php', ['page' => 'HomePage']);
$lib->getGroups($token, 'tiki-index.php', ['page' => 'HomePage']);
$this->assertEquals(['Registered'], $lib->getGroups($token, 'tiki-index.php', ['page' => 'HomePage']));
$this->assertNull($lib->getGroups($token, 'tiki-index.php', ['page' => 'HomePage']));
}
public function testLimitOnAccessCount(): void
{
$lib = new AuthTokens(
$this->db,
[
'maxHits' => 10,
]
);
$lib->createToken('tiki-index.php', ['page' => 'HomePage'], ['Registered'], ['hits' => 3600]);
$this->assertEquals(10, $this->db->getOne('SELECT hits FROM tiki_auth_tokens WHERE tokenId = 1'));
}
public function testIncludeToken(): void
{
$url = 'http://example.com/tiki/tiki-index.php?page=SomePage';
$new = $this->obj->includeToken($url);
$this->assertRegExp('/TOKEN=[a-z0-9]{32}/i', $new);
$this->assertStringContainsString('http://example.com/tiki/tiki-index.php', $new);
$this->assertStringContainsString('page=SomePage', $new);
}
public function testIncludeTokenNoPath(): void
{
$url = 'http://example.com/tiki-index.php';
$new = $this->obj->includeToken($url);
$this->assertRegExp('/TOKEN=[a-z0-9]{32}/i', $new);
$this->assertStringContainsString('http://example.com/tiki-index.php', $new);
}
public function testWithFragment(): void
{
$url = 'http://example.com/tiki-index.php#Test';
$new = $this->obj->includeToken($url);
$this->assertRegExp('/TOKEN=[a-z0-9]{32}#Test/i', $new);
}
public function testGetTokensShouldReturnEmptyArrayIfNoToken(): void
{
$this->db->query('TRUNCATE tiki_auth_tokens');
$this->assertEquals([], $this->obj->getTokens());
}
public function testGetTokensShouldReturnAllTokens(): void
{
$token1 = '91bba2f998b48fce0146016809886127';
$token2 = '823bde97a717c55b2cfbf9fbd6c81816';
$token3 = 'e2990f7983b7b6c46b3987536aa38d32';
$tokens = $this->obj->getTokens();
$this->assertCount(3, $tokens);
$this->assertEquals($token1, $tokens[0]['token']);
$this->assertEquals($token2, $tokens[1]['token']);
$this->assertEquals($token3, $tokens[2]['token']);
}
public function testDeleteToken(): void
{
$this->obj->createToken('tiki-user_send_reports.php', [], ['Registered']);
$tokenId = $this->db->getOne('SELECT tokenId FROM tiki_auth_tokens ORDER BY creation desc');
$this->obj->deleteToken($tokenId);
$this->assertEmpty($this->table->fetchRow(['entry'], ['tokenId' => $tokenId]));
}
public function testGetGroupsShouldDeleteExpiredTokens(): void
{
$expectedTable = $this->createMySQLXmlDataSet(__DIR__ . '/fixtures/auth_tokens_dataset_delete_timeout.xml')
->getTable('tiki_auth_tokens');
$this->obj->getGroups('91bba2f998b48fce0146016809886127', 'tiki-index.php', []);
$queryTable = $this->getConnection()->createQueryTable('tiki_auth_tokens', 'SELECT * FROM tiki_auth_tokens');
self::assertTablesEqual($expectedTable, $queryTable);
}
public function testGetGroupsShouldDeleteTokensWithoutHitsLeft(): void
{
// 2012-02-01 13:25:07
$this->dt->setTimestamp('1328109907');
$this->db->query('UPDATE tiki_auth_tokens set maxHits = -1, hits = -1 WHERE tokenId = 1');
$this->db->query('UPDATE tiki_auth_tokens set maxHits = 10, hits = 0 WHERE tokenId = 2');
$expectedTable = $this->createMySQLXmlDataSet(__DIR__ . '/fixtures/auth_tokens_dataset_delete_hits.xml')
->getTable('tiki_auth_tokens');
$this->obj->getGroups('91bba2f998b48fce0146016809886127', 'tiki-index.php', []);
$queryTable = $this->getConnection()->createQueryTable('tiki_auth_tokens', 'SELECT * FROM tiki_auth_tokens');
self::assertTablesEqual($expectedTable, $queryTable);
}
public function testGetGroupsShouldDecrementHits(): void
{
$this->obj->getGroups('e2990f7983b7b6c46b3987536aa38d32', 'tiki-index.php', []);
$this->assertEquals('9', $this->db->getOne('SELECT hits FROM tiki_auth_tokens WHERE tokenId = 3'));
}
public function testGetGroupsShouldDecrementIfUnlimitedHits(): void
{
$this->db->query('UPDATE tiki_auth_tokens set maxHits = -1, hits = -1 WHERE tokenId = 3');
$this->obj->getGroups('e2990f7983b7b6c46b3987536aa38d32', 'tiki-index.php', []);
$this->assertEquals('-1', $this->db->getOne('SELECT hits FROM tiki_auth_tokens WHERE tokenId = 3'));
}
}