[Security] AbstractRememberMeServices::encodeCookie() validates cookie parts

author: Dawid Nowak <code@dnowak.pl> 2015-05-17 22:37:53 +0200
committer: Fabien Potencier <fabien.potencier@gmail.com> 2015-05-21 06:28:25 +0200
commit: 51f245f2684a0a819dcaff815f401494e63a582d (patch)
tree: 44be4a9754998b26b001e481e45b214a45d49fd1 /Tests/Http/RememberMe
parent: c7a417a9e3a9712ddd2f8650193232fcf370e3c8 (diff)
download: symfony-security-51f245f2684a0a819dcaff815f401494e63a582d.zip
symfony-security-51f245f2684a0a819dcaff815f401494e63a582d.tar.gz
symfony-security-51f245f2684a0a819dcaff815f401494e63a582d.tar.bz2
1 files changed, 34 insertions, 0 deletions
diff --git a/Tests/Http/RememberMe/AbstractRememberMeServicesTest.php b/Tests/Http/RememberMe/AbstractRememberMeServicesTest.php
index 0f64730..70ff6a0 100644
--- a/Tests/Http/RememberMe/AbstractRememberMeServicesTest.php
+++ b/Tests/Http/RememberMe/AbstractRememberMeServicesTest.php
@@ -14,6 +14,7 @@ namespace Symfony\Component\Security\Tests\Http\RememberMe;
 use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Security\Http\RememberMe\AbstractRememberMeServices;
 
 class AbstractRememberMeServicesTest extends \PHPUnit_Framework_TestCase
 {
@@ -236,6 +237,30 @@ class AbstractRememberMeServicesTest extends \PHPUnit_Framework_TestCase
         );
     }
 
+    public function testEncodeCookieAndDecodeCookieAreInvertible()
+    {
+        $cookieParts = array('aa', 'bb', 'cc');
+        $service = $this->getService();
+
+        $encoded = $this->callProtected($service, 'encodeCookie', array($cookieParts));
+        $this->assertInternalType('string', $encoded);
+
+        $decoded = $this->callProtected($service, 'decodeCookie', array($encoded));
+        $this->assertSame($cookieParts, $decoded);
+    }
+
+    /**
+     * @expectedException InvalidArgumentException
+     * @expectedExceptionMessage cookie delimiter
+     */
+    public function testThereShouldBeNoCookieDelimiterInCookieParts()
+    {
+        $cookieParts = array('aa', 'b'.AbstractRememberMeServices::COOKIE_DELIMITER.'b', 'cc');
+        $service = $this->getService();
+
+        $this->callProtected($service, 'encodeCookie', array($cookieParts));
+    }
+
     protected function getService($userProvider = null, $options = array(), $logger = null)
     {
         if (null === $userProvider) {
@@ -258,4 +283,13 @@ class AbstractRememberMeServicesTest extends \PHPUnit_Framework_TestCase
 
         return $provider;
     }
+
+    private function callProtected($object, $method, array $args)
+    {
+        $reflection = new \ReflectionClass(get_class($object));
+        $reflectionMethod = $reflection->getMethod($method);
+        $reflectionMethod->setAccessible(true);
+
+        return $reflectionMethod->invokeArgs($object, $args);
+    }
 }
author	Dawid Nowak <code@dnowak.pl>	2015-05-17 22:37:53 +0200
committer	Fabien Potencier <fabien.potencier@gmail.com>	2015-05-21 06:28:25 +0200
commit	51f245f2684a0a819dcaff815f401494e63a582d (patch)
tree	44be4a9754998b26b001e481e45b214a45d49fd1 /Tests/Http/RememberMe
parent	c7a417a9e3a9712ddd2f8650193232fcf370e3c8 (diff)
download	symfony-security-51f245f2684a0a819dcaff815f401494e63a582d.zip symfony-security-51f245f2684a0a819dcaff815f401494e63a582d.tar.gz symfony-security-51f245f2684a0a819dcaff815f401494e63a582d.tar.bz2