[Security] Split the component into 3 sub-components Core, ACL, HTTP

6 files changed, 381 insertions, 0 deletions

diff --git a/Core/Tests/Encoder/BCryptPasswordEncoderTest.php b/Core/Tests/Encoder/BCryptPasswordEncoderTest.php
new file mode 100644
index 0000000..4780411
--- /dev/null
+++ b/Core/Tests/Encoder/BCryptPasswordEncoderTest.php
@@ -0,0 +1,73 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Core\Tests\Encoder;
+
+use Symfony\Component\Security\Core\Encoder\BCryptPasswordEncoder;
+
+/**
+ * @author Elnur Abdurrakhimov <elnur@elnur.pro>
+ */
+class BCryptPasswordEncoderTest extends \PHPUnit_Framework_TestCase
+{
+    const PASSWORD = 'password';
+    const BYTES = '0123456789abcdef';
+    const VALID_COST = '04';
+
+    /**
+     * @expectedException \InvalidArgumentException
+     */
+    public function testCostBelowRange()
+    {
+        new BCryptPasswordEncoder(3);
+    }
+
+    /**
+     * @expectedException \InvalidArgumentException
+     */
+    public function testCostAboveRange()
+    {
+        new BCryptPasswordEncoder(32);
+    }
+
+    public function testCostInRange()
+    {
+        for ($cost = 4; $cost <= 31; $cost++) {
+            new BCryptPasswordEncoder($cost);
+        }
+    }
+
+    public function testResultLength()
+    {
+        $this->skipIfPhpVersionIsNotSupported();
+
+        $encoder = new BCryptPasswordEncoder(self::VALID_COST);
+        $result = $encoder->encodePassword(self::PASSWORD, null);
+        $this->assertEquals(60, strlen($result));
+    }
+
+    public function testValidation()
+    {
+        $this->skipIfPhpVersionIsNotSupported();
+
+        $encoder = new BCryptPasswordEncoder(self::VALID_COST);
+        $result = $encoder->encodePassword(self::PASSWORD, null);
+        $this->assertTrue($encoder->isPasswordValid($result, self::PASSWORD, null));
+        $this->assertFalse($encoder->isPasswordValid($result, 'anotherPassword', null));
+    }
+
+    private function skipIfPhpVersionIsNotSupported()
+    {
+        if (version_compare(phpversion(), '5.3.7', '<')) {
+            $this->markTestSkipped('Requires PHP >= 5.3.7');
+        }
+    }
+}
diff --git a/Core/Tests/Encoder/BasePasswordEncoderTest.php b/Core/Tests/Encoder/BasePasswordEncoderTest.php
new file mode 100644
index 0000000..73fac2e
--- /dev/null
+++ b/Core/Tests/Encoder/BasePasswordEncoderTest.php
@@ -0,0 +1,85 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Core\Tests\Encoder;
+
+use Symfony\Component\Security\Core\Encoder\BasePasswordEncoder;
+
+class PasswordEncoder extends BasePasswordEncoder
+{
+    public function encodePassword($raw, $salt)
+    {
+    }
+
+    public function isPasswordValid($encoded, $raw, $salt)
+    {
+    }
+}
+
+class BasePasswordEncoderTest extends \PHPUnit_Framework_TestCase
+{
+    public function testComparePassword()
+    {
+        $this->assertTrue($this->invokeComparePasswords('password', 'password'));
+        $this->assertFalse($this->invokeComparePasswords('password', 'foo'));
+    }
+
+    public function testDemergePasswordAndSalt()
+    {
+        $this->assertEquals(array('password', 'salt'), $this->invokeDemergePasswordAndSalt('password{salt}'));
+        $this->assertEquals(array('password', ''), $this->invokeDemergePasswordAndSalt('password'));
+        $this->assertEquals(array('', ''), $this->invokeDemergePasswordAndSalt(''));
+    }
+
+    public function testMergePasswordAndSalt()
+    {
+        $this->assertEquals('password{salt}', $this->invokeMergePasswordAndSalt('password', 'salt'));
+        $this->assertEquals('password', $this->invokeMergePasswordAndSalt('password', ''));
+    }
+
+    /**
+     * @expectedException InvalidArgumentException
+     */
+    public function testMergePasswordAndSaltWithException()
+    {
+        $this->invokeMergePasswordAndSalt('password', '{foo}');
+    }
+
+    protected function invokeDemergePasswordAndSalt($password)
+    {
+        $encoder = new PasswordEncoder();
+        $r = new \ReflectionObject($encoder);
+        $m = $r->getMethod('demergePasswordAndSalt');
+        $m->setAccessible(true);
+
+        return $m->invoke($encoder, $password);
+    }
+
+    protected function invokeMergePasswordAndSalt($password, $salt)
+    {
+        $encoder = new PasswordEncoder();
+        $r = new \ReflectionObject($encoder);
+        $m = $r->getMethod('mergePasswordAndSalt');
+        $m->setAccessible(true);
+
+        return $m->invoke($encoder, $password, $salt);
+    }
+
+    protected function invokeComparePasswords($p1, $p2)
+    {
+        $encoder = new PasswordEncoder();
+        $r = new \ReflectionObject($encoder);
+        $m = $r->getMethod('comparePasswords');
+        $m->setAccessible(true);
+
+        return $m->invoke($encoder, $p1, $p2);
+    }
+}
diff --git a/Core/Tests/Encoder/EncoderFactoryTest.php b/Core/Tests/Encoder/EncoderFactoryTest.php
new file mode 100644
index 0000000..18c8c4a
--- /dev/null
+++ b/Core/Tests/Encoder/EncoderFactoryTest.php
@@ -0,0 +1,94 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Core\Tests\Encoder;
+
+use Symfony\Component\Security\Core\Encoder\MessageDigestPasswordEncoder;
+use Symfony\Component\Security\Core\Encoder\EncoderFactory;
+use Symfony\Component\Security\Core\User\User;
+use Symfony\Component\Security\Core\User\UserInterface;
+
+class EncoderFactoryTest extends \PHPUnit_Framework_TestCase
+{
+    public function testGetEncoderWithMessageDigestEncoder()
+    {
+        $factory = new EncoderFactory(array('Symfony\Component\Security\Core\User\UserInterface' => array(
+            'class' => 'Symfony\Component\Security\Core\Encoder\MessageDigestPasswordEncoder',
+            'arguments' => array('sha512', true, 5),
+        )));
+
+        $encoder = $factory->getEncoder($this->getMock('Symfony\Component\Security\Core\User\UserInterface'));
+        $expectedEncoder = new MessageDigestPasswordEncoder('sha512', true, 5);
+
+        $this->assertEquals($expectedEncoder->encodePassword('foo', 'moo'), $encoder->encodePassword('foo', 'moo'));
+    }
+
+    public function testGetEncoderWithService()
+    {
+        $factory = new EncoderFactory(array(
+            'Symfony\Component\Security\Core\User\UserInterface' => new MessageDigestPasswordEncoder('sha1'),
+        ));
+
+        $encoder = $factory->getEncoder($this->getMock('Symfony\Component\Security\Core\User\UserInterface'));
+        $expectedEncoder = new MessageDigestPasswordEncoder('sha1');
+        $this->assertEquals($expectedEncoder->encodePassword('foo', ''), $encoder->encodePassword('foo', ''));
+
+        $encoder = $factory->getEncoder(new User('user', 'pass'));
+        $expectedEncoder = new MessageDigestPasswordEncoder('sha1');
+        $this->assertEquals($expectedEncoder->encodePassword('foo', ''), $encoder->encodePassword('foo', ''));
+    }
+
+    public function testGetEncoderWithClassName()
+    {
+        $factory = new EncoderFactory(array(
+            'Symfony\Component\Security\Core\User\UserInterface' => new MessageDigestPasswordEncoder('sha1'),
+        ));
+
+        $encoder = $factory->getEncoder('Symfony\Component\Security\Core\Tests\Encoder\SomeChildUser');
+        $expectedEncoder = new MessageDigestPasswordEncoder('sha1');
+        $this->assertEquals($expectedEncoder->encodePassword('foo', ''), $encoder->encodePassword('foo', ''));
+    }
+
+    public function testGetEncoderConfiguredForConcreteClassWithService()
+    {
+        $factory = new EncoderFactory(array(
+            'Symfony\Component\Security\Core\User\User' => new MessageDigestPasswordEncoder('sha1'),
+        ));
+
+        $encoder = $factory->getEncoder(new User('user', 'pass'));
+        $expectedEncoder = new MessageDigestPasswordEncoder('sha1');
+        $this->assertEquals($expectedEncoder->encodePassword('foo', ''), $encoder->encodePassword('foo', ''));
+    }
+
+    public function testGetEncoderConfiguredForConcreteClassWithClassName()
+    {
+        $factory = new EncoderFactory(array(
+            'Symfony\Component\Security\Core\Tests\Encoder\SomeUser' => new MessageDigestPasswordEncoder('sha1'),
+        ));
+
+        $encoder = $factory->getEncoder('Symfony\Component\Security\Core\Tests\Encoder\SomeChildUser');
+        $expectedEncoder = new MessageDigestPasswordEncoder('sha1');
+        $this->assertEquals($expectedEncoder->encodePassword('foo', ''), $encoder->encodePassword('foo', ''));
+    }
+}
+
+class SomeUser implements UserInterface
+{
+    public function getRoles() {}
+    public function getPassword() {}
+    public function getSalt() {}
+    public function getUsername() {}
+    public function eraseCredentials() {}
+}
+
+class SomeChildUser extends SomeUser
+{
+}
diff --git a/Core/Tests/Encoder/MessageDigestPasswordEncoderTest.php b/Core/Tests/Encoder/MessageDigestPasswordEncoderTest.php
new file mode 100644
index 0000000..550d08e
--- /dev/null
+++ b/Core/Tests/Encoder/MessageDigestPasswordEncoderTest.php
@@ -0,0 +1,45 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Core\Tests\Encoder;
+
+use Symfony\Component\Security\Core\Encoder\MessageDigestPasswordEncoder;
+
+class MessageDigestPasswordEncoderTest extends \PHPUnit_Framework_TestCase
+{
+    public function testIsPasswordValid()
+    {
+        $encoder = new MessageDigestPasswordEncoder('sha256', false, 1);
+
+        $this->assertTrue($encoder->isPasswordValid(hash('sha256', 'password'), 'password', ''));
+    }
+
+    public function testEncodePassword()
+    {
+        $encoder = new MessageDigestPasswordEncoder('sha256', false, 1);
+        $this->assertSame(hash('sha256', 'password'), $encoder->encodePassword('password', ''));
+
+        $encoder = new MessageDigestPasswordEncoder('sha256', true, 1);
+        $this->assertSame(base64_encode(hash('sha256', 'password', true)), $encoder->encodePassword('password', ''));
+
+        $encoder = new MessageDigestPasswordEncoder('sha256', false, 2);
+        $this->assertSame(hash('sha256', hash('sha256', 'password', true).'password'), $encoder->encodePassword('password', ''));
+    }
+
+    /**
+     * @expectedException LogicException
+     */
+    public function testEncodePasswordAlgorithmDoesNotExist()
+    {
+        $encoder = new MessageDigestPasswordEncoder('foobar');
+        $encoder->encodePassword('password', '');
+    }
+}
diff --git a/Core/Tests/Encoder/Pbkdf2PasswordEncoderTest.php b/Core/Tests/Encoder/Pbkdf2PasswordEncoderTest.php
new file mode 100644
index 0000000..ba5c4d5
--- /dev/null
+++ b/Core/Tests/Encoder/Pbkdf2PasswordEncoderTest.php
@@ -0,0 +1,45 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Core\Tests\Encoder;
+
+use Symfony\Component\Security\Core\Encoder\Pbkdf2PasswordEncoder;
+
+class Pbkdf2PasswordEncoderTest extends \PHPUnit_Framework_TestCase
+{
+    public function testIsPasswordValid()
+    {
+        $encoder = new Pbkdf2PasswordEncoder('sha256', false, 1, 40);
+
+        $this->assertTrue($encoder->isPasswordValid('c1232f10f62715fda06ae7c0a2037ca19b33cf103b727ba56d870c11f290a2ab106974c75607c8a3', 'password', ''));
+    }
+
+    public function testEncodePassword()
+    {
+        $encoder = new Pbkdf2PasswordEncoder('sha256', false, 1, 40);
+        $this->assertSame('c1232f10f62715fda06ae7c0a2037ca19b33cf103b727ba56d870c11f290a2ab106974c75607c8a3', $encoder->encodePassword('password', ''));
+
+        $encoder = new Pbkdf2PasswordEncoder('sha256', true, 1, 40);
+        $this->assertSame('wSMvEPYnFf2gaufAogN8oZszzxA7cnulbYcMEfKQoqsQaXTHVgfIow==', $encoder->encodePassword('password', ''));
+
+        $encoder = new Pbkdf2PasswordEncoder('sha256', false, 2, 40);
+        $this->assertSame('8bc2f9167a81cdcfad1235cd9047f1136271c1f978fcfcb35e22dbeafa4634f6fd2214218ed63ebb', $encoder->encodePassword('password', ''));
+    }
+
+    /**
+     * @expectedException LogicException
+     */
+    public function testEncodePasswordAlgorithmDoesNotExist()
+    {
+        $encoder = new Pbkdf2PasswordEncoder('foobar');
+        $encoder->encodePassword('password', '');
+    }
+}
diff --git a/Core/Tests/Encoder/PlaintextPasswordEncoderTest.php b/Core/Tests/Encoder/PlaintextPasswordEncoderTest.php
new file mode 100644
index 0000000..513a94a
--- /dev/null
+++ b/Core/Tests/Encoder/PlaintextPasswordEncoderTest.php
@@ -0,0 +1,39 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Core\Tests\Encoder;
+
+use Symfony\Component\Security\Core\Encoder\PlaintextPasswordEncoder;
+
+class PlaintextPasswordEncoderTest extends \PHPUnit_Framework_TestCase
+{
+    public function testIsPasswordValid()
+    {
+        $encoder = new PlaintextPasswordEncoder();
+
+        $this->assertTrue($encoder->isPasswordValid('foo', 'foo', ''));
+        $this->assertFalse($encoder->isPasswordValid('bar', 'foo', ''));
+        $this->assertFalse($encoder->isPasswordValid('FOO', 'foo', ''));
+
+        $encoder = new PlaintextPasswordEncoder(true);
+
+        $this->assertTrue($encoder->isPasswordValid('foo', 'foo', ''));
+        $this->assertFalse($encoder->isPasswordValid('bar', 'foo', ''));
+        $this->assertTrue($encoder->isPasswordValid('FOO', 'foo', ''));
+    }
+
+    public function testEncodePassword()
+    {
+        $encoder = new PlaintextPasswordEncoder();
+
+        $this->assertSame('foo', $encoder->encodePassword('foo', ''));
+    }
+}