diff options
| author | Horus3 | 2014-02-24 16:42:14 +0100 |
|---|---|---|
| committer | Horus3 | 2014-02-24 16:42:14 +0100 |
| commit | 06f945f27840b53e57795dadbc38e76f7e11ab1c (patch) | |
| tree | 689d5c7f4ffa15460c7e90f47c6a7dd59ce4e8bd /zend/tests/Zend/Gdata/AuthSubTest.php | |
| download | random-06f945f27840b53e57795dadbc38e76f7e11ab1c.tar.gz | |
init
Diffstat (limited to 'zend/tests/Zend/Gdata/AuthSubTest.php')
| -rwxr-xr-x | zend/tests/Zend/Gdata/AuthSubTest.php | 275 |
1 files changed, 275 insertions, 0 deletions
diff --git a/zend/tests/Zend/Gdata/AuthSubTest.php b/zend/tests/Zend/Gdata/AuthSubTest.php new file mode 100755 index 0000000..b7140b2 --- /dev/null +++ b/zend/tests/Zend/Gdata/AuthSubTest.php @@ -0,0 +1,275 @@ +<?php +/** + * Zend Framework + * + * LICENSE + * + * This source file is subject to the new BSD license that is bundled + * with this package in the file LICENSE.txt. + * It is also available through the world-wide-web at this URL: + * http://framework.zend.com/license/new-bsd + * If you did not receive a copy of the license and are unable to + * obtain it through the world-wide-web, please send an email + * to license@zend.com so we can send you a copy immediately. + * + * @category Zend + * @package Zend_Gdata + * @subpackage UnitTests + * @copyright Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com) + * @license http://framework.zend.com/license/new-bsd New BSD License + * @version $Id $ + */ + +require_once 'Zend/Gdata/AuthSub.php'; +require_once 'Zend/Gdata/HttpClient.php'; + +/** + * @category Zend + * @package Zend_Gdata + * @subpackage UnitTests + * @copyright Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com) + * @license http://framework.zend.com/license/new-bsd New BSD License + * @group Zend_Gdata + * @group Zend_Gdata_AuthSub + */ +class Zend_Gdata_AuthSubTest extends PHPUnit_Framework_TestCase +{ + /** + * Dummy token used during testing + * @var type string + */ + protected $token = 'DQAAFPHOW7DCTN'; + + + public function setUp() + { + } + + public function testNormalGetAuthSubTokenUri() + { + $uri = Zend_Gdata_AuthSub::getAuthSubTokenUri( + 'http://www.example.com/foo.php', //next + 'http://www.google.com/calendar/feeds', //scope + 0, //secure + 1); //session + + // Note: the scope here is not encoded. It should be encoded, + // but the method getAuthSubTokenUri calls urldecode($scope). + // This currently works (no reported bugs) as web browsers will + // handle the encoding in most cases. + $this->assertEquals('https://www.google.com/accounts/AuthSubRequest?next=http%3A%2F%2Fwww.example.com%2Ffoo.php&scope=http://www.google.com/calendar/feeds&secure=0&session=1', $uri); + } + + public function testGetAuthSubTokenUriModifiedBase() + { + $uri = Zend_Gdata_AuthSub::getAuthSubTokenUri( + 'http://www.example.com/foo.php', //next + 'http://www.google.com/calendar/feeds', //scope + 0, //secure + 1, //session + 'http://www.otherauthservice.com/accounts/AuthSubRequest'); + + // Note: the scope here is not encoded. It should be encoded, + // but the method getAuthSubTokenUri calls urldecode($scope). + // This currently works (no reported bugs) as web browsers will + // handle the encoding in most cases. + $this->assertEquals('http://www.otherauthservice.com/accounts/AuthSubRequest?next=http%3A%2F%2Fwww.example.com%2Ffoo.php&scope=http://www.google.com/calendar/feeds&secure=0&session=1', $uri); + } + + public function testSecureAuthSubSigning() + { + if (!extension_loaded('openssl')) { + $this->markTestSkipped('The openssl extension is not available'); + } else { + $c = new Zend_Gdata_HttpClient(); + $c->setAuthSubPrivateKeyFile("Zend/Gdata/_files/RsaKey.pem", + null, true); + $c->setAuthSubToken('abcdefg'); + $requestData = $c->filterHttpRequest('POST', + 'http://www.example.com/feed', + array(), + 'foo bar', + 'text/plain'); + + $authHeaderCheckPassed = false; + $headers = $requestData['headers']; + foreach ($headers as $headerName => $headerValue) { + if (strtolower($headerName) == 'authorization') { + preg_match('/data="([^"]*)"/', $headerValue, $matches); + $dataToSign = $matches[1]; + preg_match('/sig="([^"]*)"/', $headerValue, $matches); + $sig = $matches[1]; + if (function_exists('openssl_verify')) { + $fp = fopen('Zend/Gdata/_files/RsaCert.pem', 'r', true); + $cert = ''; + while (!feof($fp)) { + $cert .= fread($fp, 8192); + } + fclose($fp); + $pubkeyid = openssl_get_publickey($cert); + $verified = openssl_verify($dataToSign, + base64_decode($sig), $pubkeyid); + $this->assertEquals( + 1, $verified, + 'The generated signature was unable ' . + 'to be verified.'); + $authHeaderCheckPassed = true; + } + } + } + $this->assertEquals(true, $authHeaderCheckPassed, + 'Auth header not found for sig verification.'); + } + } + + public function testPrivateKeyNotFound() + { + $this->setExpectedException('Zend_Gdata_App_InvalidArgumentException'); + + if (!extension_loaded('openssl')) { + $this->markTestSkipped('The openssl extension is not available'); + } else { + $c = new Zend_Gdata_HttpClient(); + $c->setAuthSubPrivateKeyFile("zendauthsubfilenotfound", null, true); + } + } + + public function testAuthSubSessionTokenReceivesSuccessfulResult() + { + $adapter = new Zend_Http_Client_Adapter_Test(); + $adapter->setResponse("HTTP/1.1 200 OK\r\n\r\nToken={$this->token}\r\nExpiration=20201004T123456Z"); + + $client = new Zend_Gdata_HttpClient(); + $client->setUri('http://example.com/AuthSub'); + $client->setAdapter($adapter); + + $respToken = Zend_Gdata_AuthSub::getAuthSubSessionToken($this->token, $client); + $this->assertEquals($this->token, $respToken); + } + + /** + * @expectedException Zend_Gdata_App_AuthException + */ + public function testAuthSubSessionTokenCatchesFailedResult() + { + $adapter = new Zend_Http_Client_Adapter_Test(); + $adapter->setResponse("HTTP/1.1 500 Internal Server Error\r\n\r\nInternal Server Error"); + + $client = new Zend_Gdata_HttpClient(); + $client->setUri('http://example.com/AuthSub'); + $client->setAdapter($adapter); + + $newtok = Zend_Gdata_AuthSub::getAuthSubSessionToken($this->token, $client); + } + + /** + * @expectedException Zend_Gdata_App_HttpException + */ + public function testAuthSubSessionTokenCatchesHttpClientException() + { + $adapter = new Zend_Http_Client_Adapter_Test(); + $adapter->setNextRequestWillFail(true); + + $client = new Zend_Gdata_HttpClient(); + $client->setUri('http://example.com/AuthSub'); + $client->setAdapter($adapter); + + $newtok = Zend_Gdata_AuthSub::getAuthSubSessionToken($this->token, $client); + } + + public function testAuthSubRevokeTokenReceivesSuccessfulResult() + { + $adapter = new Zend_Http_Client_Adapter_Test(); + $adapter->setResponse("HTTP/1.1 200 OK"); + + $client = new Zend_Gdata_HttpClient(); + $client->setUri('http://example.com/AuthSub'); + $client->setAdapter($adapter); + + $revoked = Zend_Gdata_AuthSub::AuthSubRevokeToken($this->token, $client); + $this->assertTrue($revoked); + } + + public function testAuthSubRevokeTokenCatchesFailedResult() + { + $adapter = new Zend_Http_Client_Adapter_Test(); + $adapter->setResponse("HTTP/1.1 500 Not Successful"); + + $client = new Zend_Gdata_HttpClient(); + $client->setUri('http://example.com/AuthSub'); + $client->setAdapter($adapter); + + $revoked = Zend_Gdata_AuthSub::AuthSubRevokeToken($this->token, $client); + $this->assertFalse($revoked); + } + + /** + * @expectedException Zend_Gdata_App_HttpException + */ + public function testAuthSubRevokeTokenCatchesHttpClientException() + { + $adapter = new Zend_Http_Client_Adapter_Test(); + $adapter->setNextRequestWillFail(true); + + $client = new Zend_Gdata_HttpClient(); + $client->setUri('http://example.com/AuthSub'); + $client->setAdapter($adapter); + + $revoked = Zend_Gdata_AuthSub::AuthSubRevokeToken($this->token, $client); + } + + public function testGetAuthSubTokenInfoReceivesSuccessfulResult() + { + $adapter = new Zend_Http_Client_Adapter_Test(); + $adapter->setResponse("HTTP/1.1 200 OK + +Target=http://example.com +Scope=http://example.com +Secure=false"); + + $client = new Zend_Gdata_HttpClient(); + $client->setUri('http://example.com/AuthSub'); + $client->setAdapter($adapter); + + $respBody = Zend_Gdata_AuthSub::getAuthSubTokenInfo($this->token, $client); + + $this->assertContains("Target=http://example.com", $respBody); + $this->assertContains("Scope=http://example.com", $respBody); + $this->assertContains("Secure=false", $respBody); + } + + /** + * @expectedException Zend_Gdata_App_HttpException + */ + public function testGetAuthSubTokenInfoCatchesHttpClientException() + { + $adapter = new Zend_Http_Client_Adapter_Test(); + $adapter->setNextRequestWillFail(true); + + $client = new Zend_Gdata_HttpClient(); + $client->setUri('http://example.com/AuthSub'); + $client->setAdapter($adapter); + + $revoked = Zend_Gdata_AuthSub::getAuthSubTokenInfo($this->token, $client); + } + + public function testGetHttpClientProvidesNewClientWhenNullPassed() + { + $client = Zend_Gdata_AuthSub::getHttpClient($this->token); + $this->assertTrue($client instanceof Zend_Gdata_HttpClient ); + $this->assertEquals($this->token, $client->getAuthSubToken()); + } + + /** + * @group ZF-11351 + * @expectedException Zend_Gdata_App_HttpException + */ + public function testAuthSubGetHttpClientShouldThrowExceptionOnVanillaHttpClient() + { + $client = new Zend_Http_Client(); + $client->setUri('http://example.com/AuthSub'); + $gdclient = Zend_Gdata_AuthSub::getHttpClient('FakeToken', $client); + $this->fail('Expected exception Zend_Gdata_App_HttpException not raised!'); + } + +} |