diff options
Diffstat (limited to 'Tests')
36 files changed, 889 insertions, 103 deletions
diff --git a/Tests/Acl/Dbal/AclProviderTest.php b/Tests/Acl/Dbal/AclProviderTest.php index e03edc0..83771ee 100644 --- a/Tests/Acl/Dbal/AclProviderTest.php +++ b/Tests/Acl/Dbal/AclProviderTest.php @@ -27,7 +27,7 @@ class AclProviderTest extends \PHPUnit_Framework_TestCase protected $insertSidStmt; /** - * @expectedException Symfony\Component\Security\Acl\Exception\AclNotFoundException + * @expectedException \Symfony\Component\Security\Acl\Exception\AclNotFoundException * @expectedMessage There is no ACL for the given object identity. */ public function testFindAclThrowsExceptionWhenNoAclExists() diff --git a/Tests/Acl/Dbal/MutableAclProviderTest.php b/Tests/Acl/Dbal/MutableAclProviderTest.php index e264b6d..3e8d65f 100644 --- a/Tests/Acl/Dbal/MutableAclProviderTest.php +++ b/Tests/Acl/Dbal/MutableAclProviderTest.php @@ -53,7 +53,7 @@ class MutableAclProviderTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Acl\Exception\AclAlreadyExistsException + * @expectedException \Symfony\Component\Security\Acl\Exception\AclAlreadyExistsException */ public function testCreateAclThrowsExceptionWhenAclAlreadyExists() { @@ -267,7 +267,7 @@ class MutableAclProviderTest extends \PHPUnit_Framework_TestCase $provider->updateAcl($acl); } - public function testUpdateAclThrowsExceptionOnConcurrentModifcationOfSharedProperties() + public function testUpdateAclThrowsExceptionOnConcurrentModificationOfSharedProperties() { $provider = $this->getProvider(); $acl1 = $provider->createAcl(new ObjectIdentity(1, 'Foo')); diff --git a/Tests/Acl/Domain/AclTest.php b/Tests/Acl/Domain/AclTest.php index b6f3d79..4b67e62 100644 --- a/Tests/Acl/Domain/AclTest.php +++ b/Tests/Acl/Domain/AclTest.php @@ -433,7 +433,7 @@ class AclTest extends \PHPUnit_Framework_TestCase * @expectedException \InvalidArgumentException * @dataProvider getUpdateFieldAuditingTests */ - public function testUpdateFieldAuditingthrowsExceptionOnInvalidField($type) + public function testUpdateFieldAuditingThrowsExceptionOnInvalidField($type) { $acl = $this->getAcl(); $acl->{'update'.$type.'Auditing'}(0, 'foo', true, true); diff --git a/Tests/Acl/Domain/PermissionGrantingStrategyTest.php b/Tests/Acl/Domain/PermissionGrantingStrategyTest.php index 67c9f3f..d200d2b 100644 --- a/Tests/Acl/Domain/PermissionGrantingStrategyTest.php +++ b/Tests/Acl/Domain/PermissionGrantingStrategyTest.php @@ -31,7 +31,7 @@ class PermissionGrantingStrategyTest extends \PHPUnit_Framework_TestCase $this->assertFalse($strategy->isGranted($acl, array(1), array($sid))); } - public function testIsGrantedFallsbackToClassAcesIfNoApplicableObjectAceWasFound() + public function testIsGrantedFallsBackToClassAcesIfNoApplicableObjectAceWasFound() { $strategy = new PermissionGrantingStrategy(); $acl = $this->getAcl($strategy); @@ -73,7 +73,7 @@ class PermissionGrantingStrategyTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Acl\Exception\NoAceFoundException + * @expectedException \Symfony\Component\Security\Acl\Exception\NoAceFoundException */ public function testIsGrantedReturnsExceptionIfNoAceIsFound() { diff --git a/Tests/Acl/Domain/SecurityIdentityRetrievalStrategyTest.php b/Tests/Acl/Domain/SecurityIdentityRetrievalStrategyTest.php index 2083728..f649653 100644 --- a/Tests/Acl/Domain/SecurityIdentityRetrievalStrategyTest.php +++ b/Tests/Acl/Domain/SecurityIdentityRetrievalStrategyTest.php @@ -116,7 +116,6 @@ class SecurityIdentityRetrievalStrategyTest extends \PHPUnit_Framework_TestCase ->will($this->returnValue($username)) ; - return $account; } @@ -177,7 +176,6 @@ class SecurityIdentityRetrievalStrategyTest extends \PHPUnit_Framework_TestCase ; } - return new SecurityIdentityRetrievalStrategy($roleHierarchy, $trustResolver); } } diff --git a/Tests/Acl/Domain/UserSecurityIdentityTest.php b/Tests/Acl/Domain/UserSecurityIdentityTest.php index 9650803..1d6a3c5 100644 --- a/Tests/Acl/Domain/UserSecurityIdentityTest.php +++ b/Tests/Acl/Domain/UserSecurityIdentityTest.php @@ -25,7 +25,7 @@ class UserSecurityIdentityTest extends \PHPUnit_Framework_TestCase } // Test that constructor never changes the type, even for proxies - public function testContructorWithProxy() + public function testConstructorWithProxy() { $id = new UserSecurityIdentity('foo', 'Acme\DemoBundle\Proxy\__CG__\Symfony\Component\Security\Tests\Acl\Domain\Foo'); diff --git a/Tests/Core/Authentication/AuthenticationProviderManagerTest.php b/Tests/Core/Authentication/AuthenticationProviderManagerTest.php index c57967b..12eb568 100644 --- a/Tests/Core/Authentication/AuthenticationProviderManagerTest.php +++ b/Tests/Core/Authentication/AuthenticationProviderManagerTest.php @@ -37,7 +37,7 @@ class AuthenticationProviderManagerTest extends \PHPUnit_Framework_TestCase $manager->authenticate($token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')); $this->fail(); } catch (ProviderNotFoundException $e) { - $this->assertSame($token, $e->getExtraInformation()); + $this->assertSame($token, $e->getToken()); } } @@ -51,7 +51,7 @@ class AuthenticationProviderManagerTest extends \PHPUnit_Framework_TestCase $manager->authenticate($token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')); $this->fail(); } catch (AccountStatusException $e) { - $this->assertSame($token, $e->getExtraInformation()); + $this->assertSame($token, $e->getToken()); } } @@ -65,7 +65,7 @@ class AuthenticationProviderManagerTest extends \PHPUnit_Framework_TestCase $manager->authenticate($token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')); $this->fail(); } catch (AuthenticationException $e) { - $this->assertSame($token, $e->getExtraInformation()); + $this->assertSame($token, $e->getToken()); } } diff --git a/Tests/Core/Authentication/Provider/AnonymousAuthenticationProviderTest.php b/Tests/Core/Authentication/Provider/AnonymousAuthenticationProviderTest.php index 0a76724..d0da147 100644 --- a/Tests/Core/Authentication/Provider/AnonymousAuthenticationProviderTest.php +++ b/Tests/Core/Authentication/Provider/AnonymousAuthenticationProviderTest.php @@ -31,7 +31,7 @@ class AnonymousAuthenticationProviderTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Core\Exception\BadCredentialsException + * @expectedException \Symfony\Component\Security\Core\Exception\BadCredentialsException */ public function testAuthenticateWhenKeyIsNotValid() { diff --git a/Tests/Core/Authentication/Provider/DaoAuthenticationProviderTest.php b/Tests/Core/Authentication/Provider/DaoAuthenticationProviderTest.php index 8bff354..8b27061 100644 --- a/Tests/Core/Authentication/Provider/DaoAuthenticationProviderTest.php +++ b/Tests/Core/Authentication/Provider/DaoAuthenticationProviderTest.php @@ -11,7 +11,6 @@ namespace Symfony\Component\Security\Tests\Core\Authentication\Provider; - use Symfony\Component\Security\Core\Encoder\PlaintextPasswordEncoder; use Symfony\Component\Security\Core\Authentication\Provider\DaoAuthenticationProvider; @@ -19,7 +18,7 @@ use Symfony\Component\Security\Core\Authentication\Provider\DaoAuthenticationPro class DaoAuthenticationProviderTest extends \PHPUnit_Framework_TestCase { /** - * @expectedException Symfony\Component\Security\Core\Exception\AuthenticationServiceException + * @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationServiceException */ public function testRetrieveUserWhenProviderDoesNotReturnAnUserInterface() { @@ -31,7 +30,7 @@ class DaoAuthenticationProviderTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Core\Exception\UsernameNotFoundException + * @expectedException \Symfony\Component\Security\Core\Exception\UsernameNotFoundException */ public function testRetrieveUserWhenUsernameIsNotFound() { @@ -49,7 +48,7 @@ class DaoAuthenticationProviderTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Core\Exception\AuthenticationServiceException + * @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationServiceException */ public function testRetrieveUserWhenAnExceptionOccurs() { @@ -106,7 +105,7 @@ class DaoAuthenticationProviderTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Core\Exception\BadCredentialsException + * @expectedException \Symfony\Component\Security\Core\Exception\BadCredentialsException */ public function testCheckAuthenticationWhenCredentialsAreEmpty() { @@ -162,7 +161,7 @@ class DaoAuthenticationProviderTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Core\Exception\BadCredentialsException + * @expectedException \Symfony\Component\Security\Core\Exception\BadCredentialsException */ public function testCheckAuthenticationWhenCredentialsAreNotValid() { @@ -186,7 +185,7 @@ class DaoAuthenticationProviderTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Core\Exception\BadCredentialsException + * @expectedException \Symfony\Component\Security\Core\Exception\BadCredentialsException */ public function testCheckAuthenticationDoesNotReauthenticateWhenPasswordHasChanged() { diff --git a/Tests/Core/Authentication/Provider/PreAuthenticatedAuthenticationProviderTest.php b/Tests/Core/Authentication/Provider/PreAuthenticatedAuthenticationProviderTest.php index 9476c0d..f7ffb1e 100644 --- a/Tests/Core/Authentication/Provider/PreAuthenticatedAuthenticationProviderTest.php +++ b/Tests/Core/Authentication/Provider/PreAuthenticatedAuthenticationProviderTest.php @@ -42,7 +42,7 @@ class PreAuthenticatedAuthenticationProviderTest extends \PHPUnit_Framework_Test } /** - * @expectedException Symfony\Component\Security\Core\Exception\BadCredentialsException + * @expectedException \Symfony\Component\Security\Core\Exception\BadCredentialsException */ public function testAuthenticateWhenNoUserIsSet() { @@ -70,7 +70,7 @@ class PreAuthenticatedAuthenticationProviderTest extends \PHPUnit_Framework_Test } /** - * @expectedException Symfony\Component\Security\Core\Exception\LockedException + * @expectedException \Symfony\Component\Security\Core\Exception\LockedException */ public function testAuthenticateWhenUserCheckerThrowsException() { diff --git a/Tests/Core/Authentication/Provider/RememberMeAuthenticationProviderTest.php b/Tests/Core/Authentication/Provider/RememberMeAuthenticationProviderTest.php index fcc2514..5e250e0 100644 --- a/Tests/Core/Authentication/Provider/RememberMeAuthenticationProviderTest.php +++ b/Tests/Core/Authentication/Provider/RememberMeAuthenticationProviderTest.php @@ -34,7 +34,7 @@ class RememberMeAuthenticationProviderTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Core\Exception\BadCredentialsException + * @expectedException \Symfony\Component\Security\Core\Exception\BadCredentialsException */ public function testAuthenticateWhenKeysDoNotMatch() { @@ -45,7 +45,7 @@ class RememberMeAuthenticationProviderTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Core\Exception\AccountExpiredException + * @expectedException \Symfony\Component\Security\Core\Exception\AccountExpiredException */ public function testAuthenticateWhenPostChecksFails() { diff --git a/Tests/Core/Authentication/Provider/UserAuthenticationProviderTest.php b/Tests/Core/Authentication/Provider/UserAuthenticationProviderTest.php index 1b68531..1516a5f 100644 --- a/Tests/Core/Authentication/Provider/UserAuthenticationProviderTest.php +++ b/Tests/Core/Authentication/Provider/UserAuthenticationProviderTest.php @@ -33,7 +33,7 @@ class UserAuthenticationProviderTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Core\Exception\UsernameNotFoundException + * @expectedException \Symfony\Component\Security\Core\Exception\UsernameNotFoundException */ public function testAuthenticateWhenUsernameIsNotFound() { @@ -47,7 +47,7 @@ class UserAuthenticationProviderTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Core\Exception\BadCredentialsException + * @expectedException \Symfony\Component\Security\Core\Exception\BadCredentialsException */ public function testAuthenticateWhenUsernameIsNotFoundAndHideIsTrue() { @@ -61,7 +61,7 @@ class UserAuthenticationProviderTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Core\Exception\AuthenticationServiceException + * @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationServiceException */ public function testAuthenticateWhenProviderDoesNotReturnAnUserInterface() { @@ -75,7 +75,7 @@ class UserAuthenticationProviderTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Core\Exception\CredentialsExpiredException + * @expectedException \Symfony\Component\Security\Core\Exception\CredentialsExpiredException */ public function testAuthenticateWhenPreChecksFails() { @@ -95,7 +95,7 @@ class UserAuthenticationProviderTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Core\Exception\AccountExpiredException + * @expectedException \Symfony\Component\Security\Core\Exception\AccountExpiredException */ public function testAuthenticateWhenPostChecksFails() { @@ -115,7 +115,7 @@ class UserAuthenticationProviderTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Core\Exception\BadCredentialsException + * @expectedException \Symfony\Component\Security\Core\Exception\BadCredentialsException * @expectedExceptionMessage Bad credentials */ public function testAuthenticateWhenPostCheckAuthenticationFails() @@ -134,7 +134,7 @@ class UserAuthenticationProviderTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Core\Exception\BadCredentialsException + * @expectedException \Symfony\Component\Security\Core\Exception\BadCredentialsException * @expectedExceptionMessage Foo */ public function testAuthenticateWhenPostCheckAuthenticationFailsWithHideFalse() diff --git a/Tests/Core/Authentication/RememberMe/InMemoryTokenProviderTest.php b/Tests/Core/Authentication/RememberMe/InMemoryTokenProviderTest.php index 3944fb1..1739714 100644 --- a/Tests/Core/Authentication/RememberMe/InMemoryTokenProviderTest.php +++ b/Tests/Core/Authentication/RememberMe/InMemoryTokenProviderTest.php @@ -27,7 +27,7 @@ class InMemoryTokenProviderTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Core\Exception\TokenNotFoundException + * @expectedException \Symfony\Component\Security\Core\Exception\TokenNotFoundException */ public function testLoadTokenBySeriesThrowsNotFoundException() { @@ -49,7 +49,7 @@ class InMemoryTokenProviderTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Core\Exception\TokenNotFoundException + * @expectedException \Symfony\Component\Security\Core\Exception\TokenNotFoundException */ public function testDeleteToken() { diff --git a/Tests/Core/Encoder/BCryptPasswordEncoderTest.php b/Tests/Core/Encoder/BCryptPasswordEncoderTest.php new file mode 100644 index 0000000..bfaf5fc --- /dev/null +++ b/Tests/Core/Encoder/BCryptPasswordEncoderTest.php @@ -0,0 +1,112 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Tests\Core\Encoder; + +use Symfony\Component\Security\Core\Encoder\BCryptPasswordEncoder; + +/** + * @author Elnur Abdurrakhimov <elnur@elnur.pro> + */ +class BCryptPasswordEncoderTest extends \PHPUnit_Framework_TestCase +{ + const PASSWORD = 'password'; + const BYTES = '0123456789abcdef'; + const VALID_COST = '04'; + + const SECURE_RANDOM_INTERFACE = 'Symfony\Component\Security\Core\Util\SecureRandomInterface'; + + /** + * @var \PHPUnit_Framework_MockObject_MockObject + */ + private $secureRandom; + + protected function setUp() + { + $this->secureRandom = $this->getMock(self::SECURE_RANDOM_INTERFACE); + + $this->secureRandom + ->expects($this->any()) + ->method('nextBytes') + ->will($this->returnValue(self::BYTES)) + ; + } + + /** + * @expectedException \InvalidArgumentException + */ + public function testCostBelowRange() + { + new BCryptPasswordEncoder($this->secureRandom, 3); + } + + /** + * @expectedException \InvalidArgumentException + */ + public function testCostAboveRange() + { + new BCryptPasswordEncoder($this->secureRandom, 32); + } + + public function testCostInRange() + { + for ($cost = 4; $cost <= 31; $cost++) { + new BCryptPasswordEncoder($this->secureRandom, $cost); + } + } + + public function testResultLength() + { + $encoder = new BCryptPasswordEncoder($this->secureRandom, self::VALID_COST); + $result = $encoder->encodePassword(self::PASSWORD, null); + $this->assertEquals(60, strlen($result)); + } + + public function testValidation() + { + $encoder = new BCryptPasswordEncoder($this->secureRandom, self::VALID_COST); + $result = $encoder->encodePassword(self::PASSWORD, null); + $this->assertTrue($encoder->isPasswordValid($result, self::PASSWORD, null)); + $this->assertFalse($encoder->isPasswordValid($result, 'anotherPassword', null)); + } + + public function testValidationKnownPassword() + { + $encoder = new BCryptPasswordEncoder($this->secureRandom, self::VALID_COST); + $prefix = '$'.(version_compare(phpversion(), '5.3.7', '>=') + ? '2y' : '2a').'$'; + + $encrypted = $prefix.'04$ABCDEFGHIJKLMNOPQRSTU.uTmwd4KMSHxbUsG7bng8x7YdA0PM1iq'; + $this->assertTrue($encoder->isPasswordValid($encrypted, self::PASSWORD, null)); + } + + public function testSecureRandomIsUsed() + { + if (function_exists('mcrypt_create_iv')) { + return; + } + + $this->secureRandom + ->expects($this->atLeastOnce()) + ->method('nextBytes') + ; + + $encoder = new BCryptPasswordEncoder($this->secureRandom, self::VALID_COST); + $result = $encoder->encodePassword(self::PASSWORD, null); + + $prefix = '$'.(version_compare(phpversion(), '5.3.7', '>=') + ? '2y' : '2a').'$'; + $salt = 'MDEyMzQ1Njc4OWFiY2RlZe'; + $expected = crypt(self::PASSWORD, $prefix . self::VALID_COST . '$' . $salt); + + $this->assertEquals($expected, $result); + } +} diff --git a/Tests/Core/Encoder/Pbkdf2PasswordEncoderTest.php b/Tests/Core/Encoder/Pbkdf2PasswordEncoderTest.php new file mode 100644 index 0000000..2c98543 --- /dev/null +++ b/Tests/Core/Encoder/Pbkdf2PasswordEncoderTest.php @@ -0,0 +1,45 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Tests\Core\Encoder; + +use Symfony\Component\Security\Core\Encoder\Pbkdf2PasswordEncoder; + +class Pbkdf2PasswordEncoderTest extends \PHPUnit_Framework_TestCase +{ + public function testIsPasswordValid() + { + $encoder = new Pbkdf2PasswordEncoder('sha256', false, 1, 40); + + $this->assertTrue($encoder->isPasswordValid('c1232f10f62715fda06ae7c0a2037ca19b33cf103b727ba56d870c11f290a2ab106974c75607c8a3', 'password', '')); + } + + public function testEncodePassword() + { + $encoder = new Pbkdf2PasswordEncoder('sha256', false, 1, 40); + $this->assertSame('c1232f10f62715fda06ae7c0a2037ca19b33cf103b727ba56d870c11f290a2ab106974c75607c8a3', $encoder->encodePassword('password', '')); + + $encoder = new Pbkdf2PasswordEncoder('sha256', true, 1, 40); + $this->assertSame('wSMvEPYnFf2gaufAogN8oZszzxA7cnulbYcMEfKQoqsQaXTHVgfIow==', $encoder->encodePassword('password', '')); + + $encoder = new Pbkdf2PasswordEncoder('sha256', false, 2, 40); + $this->assertSame('8bc2f9167a81cdcfad1235cd9047f1136271c1f978fcfcb35e22dbeafa4634f6fd2214218ed63ebb', $encoder->encodePassword('password', '')); + } + + /** + * @expectedException LogicException + */ + public function testEncodePasswordAlgorithmDoesNotExist() + { + $encoder = new Pbkdf2PasswordEncoder('foobar'); + $encoder->encodePassword('password', ''); + } +} diff --git a/Tests/Core/SecurityContextTest.php b/Tests/Core/SecurityContextTest.php index 66a4b13..124ebf9 100644 --- a/Tests/Core/SecurityContextTest.php +++ b/Tests/Core/SecurityContextTest.php @@ -41,7 +41,7 @@ class SecurityContextTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException + * @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException */ public function testVoteWithoutAuthenticationToken() { diff --git a/Tests/Core/User/AccountCheckerTest.php b/Tests/Core/User/AccountCheckerTest.php index 315e0d4..f28067f 100644 --- a/Tests/Core/User/AccountCheckerTest.php +++ b/Tests/Core/User/AccountCheckerTest.php @@ -33,7 +33,7 @@ class UserCheckerTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Core\Exception\CredentialsExpiredException + * @expectedException \Symfony\Component\Security\Core\Exception\CredentialsExpiredException */ public function testCheckPreAuthCredentialsExpired() { @@ -65,7 +65,7 @@ class UserCheckerTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Core\Exception\LockedException + * @expectedException \Symfony\Component\Security\Core\Exception\LockedException */ public function testCheckPostAuthAccountLocked() { @@ -78,7 +78,7 @@ class UserCheckerTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Core\Exception\DisabledException + * @expectedException \Symfony\Component\Security\Core\Exception\DisabledException */ public function testCheckPostAuthDisabled() { @@ -92,7 +92,7 @@ class UserCheckerTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Core\Exception\AccountExpiredException + * @expectedException \Symfony\Component\Security\Core\Exception\AccountExpiredException */ public function testCheckPostAuthAccountExpired() { diff --git a/Tests/Core/User/ChainUserProviderTest.php b/Tests/Core/User/ChainUserProviderTest.php index 5edbbed..0fddcd6 100644 --- a/Tests/Core/User/ChainUserProviderTest.php +++ b/Tests/Core/User/ChainUserProviderTest.php @@ -42,7 +42,7 @@ class ChainUserProviderTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Core\Exception\UsernameNotFoundException + * @expectedException \Symfony\Component\Security\Core\Exception\UsernameNotFoundException */ public function testLoadUserByUsernameThrowsUsernameNotFoundException() { @@ -107,7 +107,7 @@ class ChainUserProviderTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Core\Exception\UnsupportedUserException + * @expectedException \Symfony\Component\Security\Core\Exception\UnsupportedUserException */ public function testRefreshUserThrowsUnsupportedUserException() { diff --git a/Tests/Core/User/InMemoryProviderTest.php b/Tests/Core/User/InMemoryProviderTest.php index 9230be4..5197a29 100644 --- a/Tests/Core/User/InMemoryProviderTest.php +++ b/Tests/Core/User/InMemoryProviderTest.php @@ -52,7 +52,7 @@ class InMemoryUserProviderTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Core\Exception\UsernameNotFoundException + * @expectedException \Symfony\Component\Security\Core\Exception\UsernameNotFoundException */ public function testLoadUserByUsernameDoesNotExist() { diff --git a/Tests/Core/Util/ClassUtilsTest.php b/Tests/Core/Util/ClassUtilsTest.php index 16378a6..8359236 100644 --- a/Tests/Core/Util/ClassUtilsTest.php +++ b/Tests/Core/Util/ClassUtilsTest.php @@ -1,12 +1,21 @@ <?php +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + namespace Symfony\Component\Security\Tests\Core\Util { use Symfony\Component\Security\Core\Util\ClassUtils; class ClassUtilsTest extends \PHPUnit_Framework_TestCase { - static public function dataGetClass() + public static function dataGetClass() { return array( array('stdClass', 'stdClass'), diff --git a/Tests/Core/Util/SecureRandomTest.php b/Tests/Core/Util/SecureRandomTest.php new file mode 100755 index 0000000..c7ed016 --- /dev/null +++ b/Tests/Core/Util/SecureRandomTest.php @@ -0,0 +1,201 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Tests\Core\Util; + +use Symfony\Component\Security\Core\Util\SecureRandom; + +class SecureRandomTest extends \PHPUnit_Framework_TestCase +{ + /** + * T1: Monobit test + * + * @dataProvider getSecureRandoms + */ + public function testMonobit($secureRandom) + { + $nbOnBits = substr_count($this->getBitSequence($secureRandom, 20000), '1'); + $this->assertTrue($nbOnBits > 9654 && $nbOnBits < 10346, 'Monobit test failed, number of turned on bits: '.$nbOnBits); + } + + /** + * T2: Chi-square test with 15 degrees of freedom (chi-Quadrat-Anpassungstest) + * + * @dataProvider getSecureRandoms + */ + public function testPoker($secureRandom) + { + $b = $this->getBitSequence($secureRandom, 20000); + $c = array(); + for ($i = 0; $i <= 15; $i++) { + $c[$i] = 0; + } + + for ($j = 1; $j <= 5000; $j++) { + $k = 4 * $j - 1; + $c[8 * $b[$k - 3] + 4 * $b[$k - 2] + 2 * $b[$k - 1] + $b[$k]] += 1; + } + + $f = 0; + for ($i = 0; $i <= 15; $i++) { + $f += $c[$i] * $c[$i]; + } + + $Y = 16/5000 * $f - 5000; + + $this->assertTrue($Y > 1.03 && $Y < 57.4, 'Poker test failed, Y = '.$Y); + } + + /** + * Run test + * + * @dataProvider getSecureRandoms + */ + public function testRun($secureRandom) + { + $b = $this->getBitSequence($secureRandom, 20000); + + $runs = array(); + for ($i = 1; $i <= 6; $i++) { + $runs[$i] = 0; + } + + $addRun = function($run) use (&$runs) { + if ($run > 6) { + $run = 6; + } + + $runs[$run] += 1; + }; + + $currentRun = 0; + $lastBit = null; + for ($i = 0; $i < 20000; $i++) { + if ($lastBit === $b[$i]) { + $currentRun += 1; + } else { + if ($currentRun > 0) { + $addRun($currentRun); + } + + $lastBit = $b[$i]; + $currentRun = 0; + } + } + if ($currentRun > 0) { + $addRun($currentRun); + } + + $this->assertTrue($runs[1] > 2267 && $runs[1] < 2733, 'Runs of length 1 outside of defined interval: '.$runs[1]); + $this->assertTrue($runs[2] > 1079 && $runs[2] < 1421, 'Runs of length 2 outside of defined interval: '.$runs[2]); + $this->assertTrue($runs[3] > 502 && $runs[3] < 748, 'Runs of length 3 outside of defined interval: '.$runs[3]); + $this->assertTrue($runs[4] > 233 && $runs[4] < 402, 'Runs of length 4 outside of defined interval: '.$runs[4]); + $this->assertTrue($runs[5] > 90 && $runs[5] < 223, 'Runs of length 5 outside of defined interval: '.$runs[5]); + $this->assertTrue($runs[6] > 90 && $runs[6] < 233, 'Runs of length 6 outside of defined interval: '.$runs[6]); + } + + /** + * Long-run test + * + * @dataProvider getSecureRandoms + */ + public function testLongRun($secureRandom) + { + $b = $this->getBitSequence($secureRandom, 20000); + + $longestRun = 0; + $currentRun = $lastBit = null; + for ($i = 0; $i < 20000; $i++) { + if ($lastBit === $b[$i]) { + $currentRun += 1; + } else { + if ($currentRun > $longestRun) { + $longestRun = $currentRun; + } + $lastBit = $b[$i]; + $currentRun = 0; + } + } + if ($currentRun > $longestRun) { + $longestRun = $currentRun; + } + + $this->assertTrue($longestRun < 34, 'Failed longest run test: '.$longestRun); + } + + /** + * Serial Correlation (Autokorrelationstest) + * + * @dataProvider getSecureRandoms + */ + public function testSerialCorrelation($secureRandom) + { + $shift = rand(1, 5000); + $b = $this->getBitSequence($secureRandom, 20000); + + $Z = 0; + for ($i = 0; $i < 5000; $i++) { + $Z += $b[$i] === $b[$i + $shift] ? 1 : 0; + } + + $this->assertTrue($Z > 2326 && $Z < 2674, 'Failed serial correlation test: '.$Z); + } + + public function getSecureRandoms() + { + $secureRandoms = array(); + + // only add if openssl is indeed present + $secureRandom = new SecureRandom(); + if ($this->hasOpenSsl($secureRandom)) { + $secureRandoms[] = array($secureRandom); + } + + // no-openssl with custom seed provider + $secureRandom = new SecureRandom(sys_get_temp_dir().'/_sf2.seed'); + $this->disableOpenSsl($secureRandom); + $secureRandoms[] = array($secureRandom); + + return $secureRandoms; + } + + protected function disableOpenSsl($secureRandom) + { + $ref = new \ReflectionProperty($secureRandom, 'useOpenSsl'); + $ref->setAccessible(true); + $ref->setValue($secureRandom, false); + $ref->setAccessible(false); + } + + protected function hasOpenSsl($secureRandom) + { + $ref = new \ReflectionProperty($secureRandom, 'useOpenSsl'); + $ref->setAccessible(true); + + $ret = $ref->getValue($secureRandom); + + $ref->setAccessible(false); + + return $ret; + } + + private function getBitSequence($secureRandom, $length) + { + $bitSequence = ''; + for ($i = 0; $i < $length; $i += 40) { + $value = unpack('H*', $secureRandom->nextBytes(5)); + $value = str_pad(base_convert($value[1], 16, 2), 40, '0', STR_PAD_LEFT); + $bitSequence .= $value; + } + + return substr($bitSequence, 0, $length); + } +} diff --git a/Tests/Core/Util/StringUtilsTest.php b/Tests/Core/Util/StringUtilsTest.php new file mode 100755 index 0000000..aac4139 --- /dev/null +++ b/Tests/Core/Util/StringUtilsTest.php @@ -0,0 +1,23 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Tests\Core\Util; + +use Symfony\Component\Security\Core\Util\StringUtils; + +class StringUtilsTest extends \PHPUnit_Framework_TestCase +{ + public function testEquals() + { + $this->assertTrue(StringUtils::equals('password', 'password')); + $this->assertFalse(StringUtils::equals('password', 'foo')); + } +} diff --git a/Tests/Core/Validator/Constraints/UserPasswordValidatorTest.php b/Tests/Core/Validator/Constraints/UserPasswordValidatorTest.php new file mode 100644 index 0000000..c3a8370 --- /dev/null +++ b/Tests/Core/Validator/Constraints/UserPasswordValidatorTest.php @@ -0,0 +1,161 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Tests\Core\Validator\Constraints; + +use Symfony\Component\Security\Core\Validator\Constraints\UserPassword; +use Symfony\Component\Security\Core\Validator\Constraints\UserPasswordValidator; + +class UserPasswordValidatorTest extends \PHPUnit_Framework_TestCase +{ + const PASSWORD_VALID = true; + const PASSWORD_INVALID = false; + + protected $context; + + protected function setUp() + { + if (false === class_exists('Symfony\Component\Validator\Validator')) { + $this->markTestSkipped('The Validator component is required for this test.'); + } + + $this->context = $this->getMock('Symfony\Component\Validator\ExecutionContext', array(), array(), '', false); + } + + protected function tearDown() + { + $this->context = null; + } + + public function testPasswordIsValid() + { + $user = $this->createUser(); + $securityContext = $this->createSecurityContext($user); + + $encoder = $this->createPasswordEncoder(static::PASSWORD_VALID); + $encoderFactory = $this->createEncoderFactory($encoder); + + $validator = new UserPasswordValidator($securityContext, $encoderFactory); + $validator->initialize($this->context); + + $this + ->context + ->expects($this->never()) + ->method('addViolation') + ; + + $validator->validate('secret', new UserPassword()); + } + + public function testPasswordIsNotValid() + { + $user = $this->createUser(); + $securityContext = $this->createSecurityContext($user); + + $encoder = $this->createPasswordEncoder(static::PASSWORD_INVALID); + $encoderFactory = $this->createEncoderFactory($encoder); + + $validator = new UserPasswordValidator($securityContext, $encoderFactory); + $validator->initialize($this->context); + + $this + ->context + ->expects($this->once()) + ->method('addViolation') + ; + + $validator->validate('secret', new UserPassword()); + } + + public function testUserIsNotValid() + { + $this->setExpectedException('Symfony\Component\Validator\Exception\ConstraintDefinitionException'); + + $user = $this->getMock('Foo\Bar\User'); + $encoderFactory = $this->getMock('Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface'); + $securityContext = $this->createSecurityContext($user); + + $validator = new UserPasswordValidator($securityContext, $encoderFactory); + $validator->initialize($this->context); + $validator->validate('secret', new UserPassword()); + } + + protected function createUser() + { + $mock = $this->getMock('Symfony\Component\Security\Core\User\UserInterface'); + + $mock + ->expects($this->once()) + ->method('getPassword') + ->will($this->returnValue('s3Cr3t')) + ; + + $mock + ->expects($this->once()) + ->method('getSalt') + ->will($this->returnValue('^S4lt$')) + ; + + return $mock; + } + + protected function createPasswordEncoder($isPasswordValid = true) + { + $mock = $this->getMock('Symfony\Component\Security\Core\Encoder\PasswordEncoderInterface'); + + $mock + ->expects($this->once()) + ->method('isPasswordValid') + ->will($this->returnValue($isPasswordValid)) + ; + + return $mock; + } + + protected function createEncoderFactory($encoder = null) + { + $mock = $this->getMock('Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface'); + + $mock + ->expects($this->once()) + ->method('getEncoder') + ->will($this->returnValue($encoder)) + ; + + return $mock; + } + + protected function createSecurityContext($user = null) + { + $token = $this->createAuthenticationToken($user); + + $mock = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); + $mock + ->expects($this->once()) + ->method('getToken') + ->will($this->returnValue($token)) + ; + + return $mock; + } + + protected function createAuthenticationToken($user = null) + { + $mock = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); + $mock + ->expects($this->once()) + ->method('getUser') + ->will($this->returnValue($user)) + ; + + return $mock; + } +} diff --git a/Tests/Http/EntryPoint/BasicAuthenticationEntryPointTest.php b/Tests/Http/EntryPoint/BasicAuthenticationEntryPointTest.php index b442309..b9e289d 100644 --- a/Tests/Http/EntryPoint/BasicAuthenticationEntryPointTest.php +++ b/Tests/Http/EntryPoint/BasicAuthenticationEntryPointTest.php @@ -34,7 +34,6 @@ class BasicAuthenticationEntryPointTest extends \PHPUnit_Framework_TestCase $this->assertEquals('Basic realm="TheRealmName"', $response->headers->get('WWW-Authenticate')); $this->assertEquals(401, $response->getStatusCode()); - $this->assertAttributeEquals('The exception message', 'statusText', $response); } public function testStartWithoutAuthException() @@ -47,6 +46,5 @@ class BasicAuthenticationEntryPointTest extends \PHPUnit_Framework_TestCase $this->assertEquals('Basic realm="TheRealmName"', $response->headers->get('WWW-Authenticate')); $this->assertEquals(401, $response->getStatusCode()); - $this->assertAttributeEquals('Unauthorized', 'statusText', $response); } } diff --git a/Tests/Http/EntryPoint/DigestAuthenticationEntryPointTest.php b/Tests/Http/EntryPoint/DigestAuthenticationEntryPointTest.php index ae0e3cc..8dfd618 100644 --- a/Tests/Http/EntryPoint/DigestAuthenticationEntryPointTest.php +++ b/Tests/Http/EntryPoint/DigestAuthenticationEntryPointTest.php @@ -34,7 +34,6 @@ class DigestAuthenticationEntryPointTest extends \PHPUnit_Framework_TestCase $response = $entryPoint->start($request, $authenticationException); $this->assertEquals(401, $response->getStatusCode()); - $this->assertAttributeEquals('TheAuthenticationExceptionMessage', 'statusText', $response); $this->assertRegExp('/^Digest realm="TheRealmName", qop="auth", nonce="[a-zA-Z0-9\/+]+={0,2}"$/', $response->headers->get('WWW-Authenticate')); } @@ -46,7 +45,6 @@ class DigestAuthenticationEntryPointTest extends \PHPUnit_Framework_TestCase $response = $entryPoint->start($request); $this->assertEquals(401, $response->getStatusCode()); - $this->assertAttributeEquals('Unauthorized', 'statusText', $response); $this->assertRegExp('/^Digest realm="TheRealmName", qop="auth", nonce="[a-zA-Z0-9\/+]+={0,2}"$/', $response->headers->get('WWW-Authenticate')); } @@ -60,7 +58,6 @@ class DigestAuthenticationEntryPointTest extends \PHPUnit_Framework_TestCase $response = $entryPoint->start($request, $nonceExpiredException); $this->assertEquals(401, $response->getStatusCode()); - $this->assertAttributeEquals('TheNonceExpiredExceptionMessage', 'statusText', $response); $this->assertRegExp('/^Digest realm="TheRealmName", qop="auth", nonce="[a-zA-Z0-9\/+]+={0,2}", stale="true"$/', $response->headers->get('WWW-Authenticate')); } } diff --git a/Tests/Http/EntryPoint/FormAuthenticationEntryPointTest.php b/Tests/Http/EntryPoint/FormAuthenticationEntryPointTest.php index 2e72340..1cf2c2d 100644 --- a/Tests/Http/EntryPoint/FormAuthenticationEntryPointTest.php +++ b/Tests/Http/EntryPoint/FormAuthenticationEntryPointTest.php @@ -64,7 +64,7 @@ class FormAuthenticationEntryPointTest extends \PHPUnit_Framework_TestCase $httpKernel ->expects($this->once()) ->method('handle') - ->with($this->equalTo($request), $this->equalTo(HttpKernelInterface::SUB_REQUEST)) + ->with($this->equalTo($subRequest), $this->equalTo(HttpKernelInterface::SUB_REQUEST)) ->will($this->returnValue($response)) ; diff --git a/Tests/Http/Firewall/AccessListenerTest.php b/Tests/Http/Firewall/AccessListenerTest.php index e3ffbfc..53ab350 100644 --- a/Tests/Http/Firewall/AccessListenerTest.php +++ b/Tests/Http/Firewall/AccessListenerTest.php @@ -31,7 +31,7 @@ class AccessListenerTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Core\Exception\AccessDeniedException + * @expectedException \Symfony\Component\Security\Core\Exception\AccessDeniedException */ public function testHandleWhenTheAccessDecisionManagerDecidesToRefuseAccess() { @@ -198,7 +198,7 @@ class AccessListenerTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException + * @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException */ public function testHandleWhenTheSecurityContextHasNoToken() { diff --git a/Tests/Http/Firewall/ContextListenerTest.php b/Tests/Http/Firewall/ContextListenerTest.php index 646ed23..ffe6195 100644 --- a/Tests/Http/Firewall/ContextListenerTest.php +++ b/Tests/Http/Firewall/ContextListenerTest.php @@ -9,7 +9,7 @@ * file that was distributed with this source code. */ -namespace Symfony\Test\Component\Security\Http\Firewall; +namespace Symfony\Component\Security\Tests\Http\Firewall; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; @@ -82,17 +82,30 @@ class ContextListenerTest extends \PHPUnit_Framework_TestCase $this->assertFalse($session->has('_security_session')); } - protected function runSessionOnKernelResponse($newToken, $original = null) + public function testOnKernelResponseWithoutSession() { + $this->securityContext->setToken(new UsernamePasswordToken('test1', 'pass1', 'phpunit')); + $request = new Request(); $session = new Session(new MockArraySessionStorage()); + $request->setSession($session); - if ($original !== null) { - $session->set('_security_session', $original); - } + $event = new FilterResponseEvent( + $this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface'), + $request, + HttpKernelInterface::MASTER_REQUEST, + new Response() + ); - $this->securityContext->setToken($newToken); + $listener = new ContextListener($this->securityContext, array(), 'session'); + $listener->onKernelResponse($event); + $this->assertTrue($session->isStarted()); + } + + public function testOnKernelResponseWithoutSessionNorToken() + { $request = new Request(); + $session = new Session(new MockArraySessionStorage()); $request->setSession($session); $event = new FilterResponseEvent( @@ -105,13 +118,65 @@ class ContextListenerTest extends \PHPUnit_Framework_TestCase $listener = new ContextListener($this->securityContext, array(), 'session'); $listener->onKernelResponse($event); - return $session; + $this->assertFalse($session->isStarted()); } - public function testOnKernelResponseWithoutSession() + /** + * @dataProvider provideInvalidToken + */ + public function testInvalidTokenInSession($token) { - $this->securityContext->setToken(new UsernamePasswordToken('test1', 'pass1', 'phpunit')); + $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); + $event = $this->getMockBuilder('Symfony\Component\HttpKernel\Event\GetResponseEvent') + ->disableOriginalConstructor() + ->getMock(); + $request = $this->getMock('Symfony\Component\HttpFoundation\Request'); + $session = $this->getMockBuilder('Symfony\Component\HttpFoundation\Session\Session') + ->disableOriginalConstructor() + ->getMock(); + + $event->expects($this->any()) + ->method('getRequest') + ->will($this->returnValue($request)); + $request->expects($this->any()) + ->method('hasPreviousSession') + ->will($this->returnValue(true)); + $request->expects($this->any()) + ->method('getSession') + ->will($this->returnValue($session)); + $session->expects($this->any()) + ->method('get') + ->with('_security_key123') + ->will($this->returnValue(serialize($token))); + $context->expects($this->once()) + ->method('setToken') + ->with(null); + + $listener = new ContextListener($context, array(), 'key123'); + $listener->handle($event); + } + + public function provideInvalidToken() + { + return array( + array(new \__PHP_Incomplete_Class()), + array(null), + ); + } + + protected function runSessionOnKernelResponse($newToken, $original = null) + { + $session = new Session(new MockArraySessionStorage()); + + if ($original !== null) { + $session->set('_security_session', $original); + } + + $this->securityContext->setToken($newToken); + $request = new Request(); + $request->setSession($session); + $request->cookies->set('MOCKSESSID', true); $event = new FilterResponseEvent( $this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface'), @@ -123,6 +188,5 @@ class ContextListenerTest extends \PHPUnit_Framework_TestCase $listener = new ContextListener($this->securityContext, array(), 'session'); $listener->onKernelResponse($event); - $this->assertFalse($request->hasSession()); - } -} + return $session; + }} diff --git a/Tests/Http/Firewall/DigestDataTest.php b/Tests/Http/Firewall/DigestDataTest.php new file mode 100644 index 0000000..cfb929c --- /dev/null +++ b/Tests/Http/Firewall/DigestDataTest.php @@ -0,0 +1,181 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Tests\Http\Firewall; + +use Symfony\Component\Security\Http\Firewall\DigestData; + +class DigestDataTest extends \PHPUnit_Framework_TestCase +{ + public function testGetResponse() + { + $digestAuth = new DigestData( + 'username="user", realm="Welcome, robot!", ' . + 'nonce="MTM0NzMyMTgyMy42NzkzOmRlZjM4NmIzOGNjMjE0OWJiNDU0MDAxNzJmYmM1MmZl", ' . + 'uri="/path/info?p1=5&p2=5", cnonce="MDIwODkz", nc=00000001, qop="auth", ' . + 'response="b52938fc9e6d7c01be7702ece9031b42"' + ); + + $this->assertEquals('b52938fc9e6d7c01be7702ece9031b42', $digestAuth->getResponse()); + } + + public function testGetUsername() + { + $digestAuth = new DigestData( + 'username="user", realm="Welcome, robot!", ' . + 'nonce="MTM0NzMyMTgyMy42NzkzOmRlZjM4NmIzOGNjMjE0OWJiNDU0MDAxNzJmYmM1MmZl", ' . + 'uri="/path/info?p1=5&p2=5", cnonce="MDIwODkz", nc=00000001, qop="auth", ' . + 'response="b52938fc9e6d7c01be7702ece9031b42"' + ); + + $this->assertEquals('user', $digestAuth->getUsername()); + } + + public function testGetUsernameWithQuote() + { + $digestAuth = new DigestData( + 'username="\"user\"", realm="Welcome, robot!", ' . + 'nonce="MTM0NzMyMTgyMy42NzkzOmRlZjM4NmIzOGNjMjE0OWJiNDU0MDAxNzJmYmM1MmZl", ' . + 'uri="/path/info?p1=5&p2=5", cnonce="MDIwODkz", nc=00000001, qop="auth", ' . + 'response="b52938fc9e6d7c01be7702ece9031b42"' + ); + + $this->assertEquals('"user"', $digestAuth->getUsername()); + } + + public function testGetUsernameWithQuoteAndEscape() + { + $digestAuth = new DigestData( + 'username="\"u\\\\\"ser\"", realm="Welcome, robot!", ' . + 'nonce="MTM0NzMyMTgyMy42NzkzOmRlZjM4NmIzOGNjMjE0OWJiNDU0MDAxNzJmYmM1MmZl", ' . + 'uri="/path/info?p1=5&p2=5", cnonce="MDIwODkz", nc=00000001, qop="auth", ' . + 'response="b52938fc9e6d7c01be7702ece9031b42"' + ); + + $this->assertEquals('"u\\"ser"', $digestAuth->getUsername()); + } + + public function testGetUsernameWithSingleQuote() + { + $digestAuth = new DigestData( + 'username="\"u\'ser\"", realm="Welcome, robot!", ' . + 'nonce="MTM0NzMyMTgyMy42NzkzOmRlZjM4NmIzOGNjMjE0OWJiNDU0MDAxNzJmYmM1MmZl", ' . + 'uri="/path/info?p1=5&p2=5", cnonce="MDIwODkz", nc=00000001, qop="auth", ' . + 'response="b52938fc9e6d7c01be7702ece9031b42"' + ); + + $this->assertEquals('"u\'ser"', $digestAuth->getUsername()); + } + + public function testGetUsernameWithSingleQuoteAndEscape() + { + $digestAuth = new DigestData( + 'username="\"u\\\'ser\"", realm="Welcome, robot!", ' . + 'nonce="MTM0NzMyMTgyMy42NzkzOmRlZjM4NmIzOGNjMjE0OWJiNDU0MDAxNzJmYmM1MmZl", ' . + 'uri="/path/info?p1=5&p2=5", cnonce="MDIwODkz", nc=00000001, qop="auth", ' . + 'response="b52938fc9e6d7c01be7702ece9031b42"' + ); + + $this->assertEquals('"u\\\'ser"', $digestAuth->getUsername()); + } + + public function testGetUsernameWithEscape() + { + $digestAuth = new DigestData( + 'username="\"u\\ser\"", realm="Welcome, robot!", ' . + 'nonce="MTM0NzMyMTgyMy42NzkzOmRlZjM4NmIzOGNjMjE0OWJiNDU0MDAxNzJmYmM1MmZl", ' . + 'uri="/path/info?p1=5&p2=5", cnonce="MDIwODkz", nc=00000001, qop="auth", ' . + 'response="b52938fc9e6d7c01be7702ece9031b42"' + ); + + $this->assertEquals('"u\\ser"', $digestAuth->getUsername()); + } + + public function testValidateAndDecode() + { + $time = microtime(true); + $key = 'ThisIsAKey'; + $nonce = base64_encode($time . ':' . md5($time . ':' . $key)); + + $digestAuth = new DigestData( + 'username="user", realm="Welcome, robot!", nonce="' . $nonce . '", ' . + 'uri="/path/info?p1=5&p2=5", cnonce="MDIwODkz", nc=00000001, qop="auth", ' . + 'response="b52938fc9e6d7c01be7702ece9031b42"' + ); + + try { + $digestAuth->validateAndDecode($key, 'Welcome, robot!'); + } catch (\Exception $e) { + $this->fail(sprintf('testValidateAndDecode fail with message: %s', $e->getMessage())); + } + } + + public function testCalculateServerDigest() + { + $this->calculateServerDigest('user', 'Welcome, robot!', 'pass,word=password', 'ThisIsAKey', '00000001', 'MDIwODkz', 'auth', 'GET', '/path/info?p1=5&p2=5'); + } + + public function testCalculateServerDigestWithQuote() + { + $this->calculateServerDigest('\"user\"', 'Welcome, \"robot\"!', 'pass,word=password', 'ThisIsAKey', '00000001', 'MDIwODkz', 'auth', 'GET', '/path/info?p1=5&p2=5'); + } + + public function testCalculateServerDigestWithQuoteAndEscape() + { + $this->calculateServerDigest('\"u\\\\\"ser\"', 'Welcome, \"robot\"!', 'pass,word=password', 'ThisIsAKey', '00000001', 'MDIwODkz', 'auth', 'GET', '/path/info?p1=5&p2=5'); + } + + public function testCalculateServerDigestEscape() + { + $this->calculateServerDigest('\"u\\ser\"', 'Welcome, \"robot\"!', 'pass,word=password', 'ThisIsAKey', '00000001', 'MDIwODkz', 'auth', 'GET', '/path/info?p1=5&p2=5'); + $this->calculateServerDigest('\"u\\ser\\\\\"', 'Welcome, \"robot\"!', 'pass,word=password', 'ThisIsAKey', '00000001', 'MDIwODkz', 'auth', 'GET', '/path/info?p1=5&p2=5'); + } + + public function testIsNonceExpired() + { + $time = microtime(true) + 10; + $key = 'ThisIsAKey'; + $nonce = base64_encode($time . ':' . md5($time . ':' . $key)); + + $digestAuth = new DigestData( + 'username="user", realm="Welcome, robot!", nonce="' . $nonce . '", ' . + 'uri="/path/info?p1=5&p2=5", cnonce="MDIwODkz", nc=00000001, qop="auth", ' . + 'response="b52938fc9e6d7c01be7702ece9031b42"' + ); + + $digestAuth->validateAndDecode($key, 'Welcome, robot!'); + + $this->assertFalse($digestAuth->isNonceExpired()); + } + + protected function setUp() + { + class_exists('Symfony\Component\Security\Http\Firewall\DigestAuthenticationListener', true); + } + + private function calculateServerDigest($username, $realm, $password, $key, $nc, $cnonce, $qop, $method, $uri) + { + $time = microtime(true); + $nonce = base64_encode($time . ':' . md5($time . ':' . $key)); + + $response = md5( + md5($username . ':' . $realm . ':' . $password) . ':' . $nonce . ':' . $nc . ':' . $cnonce . ':' . $qop . ':' . md5($method . ':' . $uri) + ); + + $digest = sprintf('username="%s", realm="%s", nonce="%s", uri="%s", cnonce="%s", nc=%s, qop="%s", response="%s"', + $username, $realm, $nonce, $uri, $cnonce, $nc, $qop, $response + ); + + $digestAuth = new DigestData($digest); + + $this->assertEquals($digestAuth->getResponse(), $digestAuth->calculateServerDigest($password, $method)); + } +} diff --git a/Tests/Http/Firewall/LogoutListenerTest.php b/Tests/Http/Firewall/LogoutListenerTest.php index 6ffeed9..ba94b6e 100644 --- a/Tests/Http/Firewall/LogoutListenerTest.php +++ b/Tests/Http/Firewall/LogoutListenerTest.php @@ -103,7 +103,9 @@ class LogoutListenerTest extends \PHPUnit_Framework_TestCase public function testHandleMatchedPathWithoutSuccessHandlerAndCsrfValidation() { - list($listener, $context, $httpUtils, $options) = $this->getListener(); + $successHandler = $this->getSuccessHandler(); + + list($listener, $context, $httpUtils, $options) = $this->getListener($successHandler); list($event, $request) = $this->getGetResponseEvent(); @@ -112,9 +114,9 @@ class LogoutListenerTest extends \PHPUnit_Framework_TestCase ->with($request, $options['logout_path']) ->will($this->returnValue(true)); - $httpUtils->expects($this->once()) - ->method('createRedirectResponse') - ->with($request, $options['target_url']) + $successHandler->expects($this->once()) + ->method('onLogoutSuccess') + ->with($request) ->will($this->returnValue($response = new Response())); $context->expects($this->once()) @@ -164,7 +166,7 @@ class LogoutListenerTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Core\Exception\LogoutException + * @expectedException \Symfony\Component\Security\Core\Exception\LogoutException */ public function testCsrfValidationFails() { @@ -231,13 +233,13 @@ class LogoutListenerTest extends \PHPUnit_Framework_TestCase $listener = new LogoutListener( $context = $this->getContext(), $httpUtils = $this->getHttpUtils(), + $successHandler ?: $this->getSuccessHandler(), $options = array( 'csrf_parameter' => '_csrf_token', 'intention' => 'logout', 'logout_path' => '/logout', 'target_url' => '/', ), - $successHandler, $csrfProvider ); diff --git a/Tests/Http/Firewall/RememberMeListenerTest.php b/Tests/Http/Firewall/RememberMeListenerTest.php index 5f31273..8ad4c55 100644 --- a/Tests/Http/Firewall/RememberMeListenerTest.php +++ b/Tests/Http/Firewall/RememberMeListenerTest.php @@ -177,7 +177,7 @@ class RememberMeListenerTest extends \PHPUnit_Framework_TestCase protected function getLogger() { - return $this->getMock('Symfony\Component\HttpKernel\Log\LoggerInterface'); + return $this->getMock('Psr\Log\LoggerInterface'); } protected function getManager() diff --git a/Tests/Http/HttpUtilsTest.php b/Tests/Http/HttpUtilsTest.php index a30051f..bf078da 100644 --- a/Tests/Http/HttpUtilsTest.php +++ b/Tests/Http/HttpUtilsTest.php @@ -97,6 +97,11 @@ class HttpUtilsTest extends \PHPUnit_Framework_TestCase $this->assertTrue($utils->checkRequestPath($this->getRequest(), '/')); $this->assertFalse($utils->checkRequestPath($this->getRequest(), '/foo')); + $this->assertTrue($utils->checkRequestPath($this->getRequest('/foo%20bar'), '/foo bar')); + // Plus must not decoded to space + $this->assertTrue($utils->checkRequestPath($this->getRequest('/foo+bar'), '/foo+bar')); + // Checking unicode + $this->assertTrue($utils->checkRequestPath($this->getRequest(urlencode('/вход')), '/вход')); $urlMatcher = $this->getMock('Symfony\Component\Routing\Matcher\UrlMatcherInterface'); $urlMatcher @@ -132,13 +137,25 @@ class HttpUtilsTest extends \PHPUnit_Framework_TestCase $utils->checkRequestPath($this->getRequest(), 'foobar'); } - private function getUrlGenerator() + public function testGenerateUriRemovesQueryString() + { + $method = new \ReflectionMethod('Symfony\Component\Security\Http\HttpUtils', 'generateUri'); + $method->setAccessible(true); + + $utils = new HttpUtils($this->getUrlGenerator()); + $this->assertEquals('/foo/bar', $method->invoke($utils, new Request(), 'route_name')); + + $utils = new HttpUtils($this->getUrlGenerator('/foo/bar?param=value')); + $this->assertEquals('/foo/bar', $method->invoke($utils, new Request(), 'route_name')); + } + + private function getUrlGenerator($generatedUrl = '/foo/bar') { $urlGenerator = $this->getMock('Symfony\Component\Routing\Generator\UrlGeneratorInterface'); $urlGenerator ->expects($this->any()) ->method('generate') - ->will($this->returnValue('/foo/bar')) + ->will($this->returnValue($generatedUrl)) ; return $urlGenerator; diff --git a/Tests/Http/RememberMe/AbstractRememberMeServicesTest.php b/Tests/Http/RememberMe/AbstractRememberMeServicesTest.php index fc8dffb..8571686 100644 --- a/Tests/Http/RememberMe/AbstractRememberMeServicesTest.php +++ b/Tests/Http/RememberMe/AbstractRememberMeServicesTest.php @@ -39,7 +39,7 @@ class AbstractRememberMeServicesTest extends \PHPUnit_Framework_TestCase public function testAutoLoginReturnsNullWhenNoCookie() { - $service = $this->getService(null, array('name' => 'foo')); + $service = $this->getService(null, array('name' => 'foo', 'path' => null, 'domain' => null)); $this->assertNull($service->autoLogin(new Request())); } @@ -49,7 +49,7 @@ class AbstractRememberMeServicesTest extends \PHPUnit_Framework_TestCase */ public function testAutoLoginThrowsExceptionWhenImplementationDoesNotReturnUserInterface() { - $service = $this->getService(null, array('name' => 'foo')); + $service = $this->getService(null, array('name' => 'foo', 'path' => null, 'domain' => null)); $request = new Request; $request->cookies->set('foo', 'foo'); @@ -64,7 +64,7 @@ class AbstractRememberMeServicesTest extends \PHPUnit_Framework_TestCase public function testAutoLogin() { - $service = $this->getService(null, array('name' => 'foo')); + $service = $this->getService(null, array('name' => 'foo', 'path' => null, 'domain' => null)); $request = new Request(); $request->cookies->set('foo', 'foo'); @@ -112,7 +112,7 @@ class AbstractRememberMeServicesTest extends \PHPUnit_Framework_TestCase public function testLoginSuccessIsNotProcessedWhenTokenDoesNotContainUserInterfaceImplementation() { - $service = $this->getService(null, array('name' => 'foo', 'always_remember_me' => true)); + $service = $this->getService(null, array('name' => 'foo', 'always_remember_me' => true, 'path' => null, 'domain' => null)); $request = new Request; $response = new Response; $account = $this->getMock('Symfony\Component\Security\Core\User\UserInterface'); @@ -135,7 +135,7 @@ class AbstractRememberMeServicesTest extends \PHPUnit_Framework_TestCase public function testLoginSuccessIsNotProcessedWhenRememberMeIsNotRequested() { - $service = $this->getService(null, array('name' => 'foo', 'always_remember_me' => false, 'remember_me_parameter' => 'foo')); + $service = $this->getService(null, array('name' => 'foo', 'always_remember_me' => false, 'remember_me_parameter' => 'foo', 'path' => null, 'domain' => null)); $request = new Request; $response = new Response; $account = $this->getMock('Symfony\Component\Security\Core\User\UserInterface'); @@ -159,7 +159,7 @@ class AbstractRememberMeServicesTest extends \PHPUnit_Framework_TestCase public function testLoginSuccessWhenRememberMeAlwaysIsTrue() { - $service = $this->getService(null, array('name' => 'foo', 'always_remember_me' => true)); + $service = $this->getService(null, array('name' => 'foo', 'always_remember_me' => true, 'path' => null, 'domain' => null)); $request = new Request; $response = new Response; $account = $this->getMock('Symfony\Component\Security\Core\User\UserInterface'); @@ -184,7 +184,7 @@ class AbstractRememberMeServicesTest extends \PHPUnit_Framework_TestCase */ public function testLoginSuccessWhenRememberMeParameterWithPathIsPositive($value) { - $service = $this->getService(null, array('name' => 'foo', 'always_remember_me' => false, 'remember_me_parameter' => 'foo[bar]')); + $service = $this->getService(null, array('name' => 'foo', 'always_remember_me' => false, 'remember_me_parameter' => 'foo[bar]', 'path' => null, 'domain' => null)); $request = new Request; $request->request->set('foo', array('bar' => $value)); @@ -211,7 +211,7 @@ class AbstractRememberMeServicesTest extends \PHPUnit_Framework_TestCase */ public function testLoginSuccessWhenRememberMeParameterIsPositive($value) { - $service = $this->getService(null, array('name' => 'foo', 'always_remember_me' => false, 'remember_me_parameter' => 'foo')); + $service = $this->getService(null, array('name' => 'foo', 'always_remember_me' => false, 'remember_me_parameter' => 'foo', 'path' => null, 'domain' => null)); $request = new Request; $request->request->set('foo', $value); diff --git a/Tests/Http/RememberMe/PersistentTokenBasedRememberMeServicesTest.php b/Tests/Http/RememberMe/PersistentTokenBasedRememberMeServicesTest.php index 3b3691d..7fc3021 100644 --- a/Tests/Http/RememberMe/PersistentTokenBasedRememberMeServicesTest.php +++ b/Tests/Http/RememberMe/PersistentTokenBasedRememberMeServicesTest.php @@ -22,6 +22,7 @@ use Symfony\Component\HttpFoundation\ResponseHeaderBag; use Symfony\Component\Security\Http\RememberMe\PersistentTokenBasedRememberMeServices; use Symfony\Component\Security\Core\Exception\TokenNotFoundException; use Symfony\Component\Security\Core\Exception\CookieTheftException; +use Symfony\Component\Security\Core\Util\SecureRandom; class PersistentTokenBasedRememberMeServicesTest extends \PHPUnit_Framework_TestCase { @@ -318,7 +319,7 @@ class PersistentTokenBasedRememberMeServicesTest extends \PHPUnit_Framework_Test $userProvider = $this->getProvider(); } - return new PersistentTokenBasedRememberMeServices(array($userProvider), 'fookey', 'fookey', $options, $logger); + return new PersistentTokenBasedRememberMeServices(array($userProvider), 'fookey', 'fookey', $options, $logger, new SecureRandom(sys_get_temp_dir().'/_sf2.seed')); } protected function getProvider() diff --git a/Tests/Http/RememberMe/TokenBasedRememberMeServicesTest.php b/Tests/Http/RememberMe/TokenBasedRememberMeServicesTest.php index 407db02..6de69f1 100644 --- a/Tests/Http/RememberMe/TokenBasedRememberMeServicesTest.php +++ b/Tests/Http/RememberMe/TokenBasedRememberMeServicesTest.php @@ -179,7 +179,7 @@ class TokenBasedRememberMeServicesTest extends \PHPUnit_Framework_TestCase public function testLoginSuccessIgnoresTokensWhichDoNotContainAnUserInterfaceImplementation() { - $service = $this->getService(null, array('name' => 'foo', 'always_remember_me' => true)); + $service = $this->getService(null, array('name' => 'foo', 'always_remember_me' => true, 'path' => null, 'domain' => null)); $request = new Request; $response = new Response; $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); diff --git a/Tests/bootstrap.php b/Tests/bootstrap.php deleted file mode 100644 index 84ae3a6..0000000 --- a/Tests/bootstrap.php +++ /dev/null @@ -1,22 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -spl_autoload_register(function ($class) { - if (0 === strpos(ltrim($class, '/'), 'Symfony\Component\Security')) { - if (file_exists($file = __DIR__.'/../'.substr(str_replace('\\', '/', $class), strlen('Symfony\Component\Security')).'.php')) { - require_once $file; - } - } -}); - -if (file_exists($loader = __DIR__.'/../vendor/autoload.php')) { - require_once $loader; -} |