171 lines
5.6 KiB
PHP
171 lines
5.6 KiB
PHP
|
<?php
|
||
|
|
||
|
/*
|
||
|
* This file is part of the Symfony package.
|
||
|
*
|
||
|
* (c) Fabien Potencier <fabien@symfony.com>
|
||
|
*
|
||
|
* For the full copyright and license information, please view the LICENSE
|
||
|
* file that was distributed with this source code.
|
||
|
*/
|
||
|
|
||
|
namespace Symfony\Component\HttpFoundation\Tests;
|
||
|
|
||
|
use PHPUnit\Framework\TestCase;
|
||
|
use Symfony\Component\HttpFoundation\ServerBag;
|
||
|
|
||
|
/**
|
||
|
* ServerBagTest.
|
||
|
*
|
||
|
* @author Bulat Shakirzyanov <mallluhuct@gmail.com>
|
||
|
*/
|
||
|
class ServerBagTest extends TestCase
|
||
|
{
|
||
|
public function testShouldExtractHeadersFromServerArray()
|
||
|
{
|
||
|
$server = array(
|
||
|
'SOME_SERVER_VARIABLE' => 'value',
|
||
|
'SOME_SERVER_VARIABLE2' => 'value',
|
||
|
'ROOT' => 'value',
|
||
|
'HTTP_CONTENT_TYPE' => 'text/html',
|
||
|
'HTTP_CONTENT_LENGTH' => '0',
|
||
|
'HTTP_ETAG' => 'asdf',
|
||
|
'PHP_AUTH_USER' => 'foo',
|
||
|
'PHP_AUTH_PW' => 'bar',
|
||
|
);
|
||
|
|
||
|
$bag = new ServerBag($server);
|
||
|
|
||
|
$this->assertEquals(array(
|
||
|
'CONTENT_TYPE' => 'text/html',
|
||
|
'CONTENT_LENGTH' => '0',
|
||
|
'ETAG' => 'asdf',
|
||
|
'AUTHORIZATION' => 'Basic '.base64_encode('foo:bar'),
|
||
|
'PHP_AUTH_USER' => 'foo',
|
||
|
'PHP_AUTH_PW' => 'bar',
|
||
|
), $bag->getHeaders());
|
||
|
}
|
||
|
|
||
|
public function testHttpPasswordIsOptional()
|
||
|
{
|
||
|
$bag = new ServerBag(array('PHP_AUTH_USER' => 'foo'));
|
||
|
|
||
|
$this->assertEquals(array(
|
||
|
'AUTHORIZATION' => 'Basic '.base64_encode('foo:'),
|
||
|
'PHP_AUTH_USER' => 'foo',
|
||
|
'PHP_AUTH_PW' => '',
|
||
|
), $bag->getHeaders());
|
||
|
}
|
||
|
|
||
|
public function testHttpBasicAuthWithPhpCgi()
|
||
|
{
|
||
|
$bag = new ServerBag(array('HTTP_AUTHORIZATION' => 'Basic '.base64_encode('foo:bar')));
|
||
|
|
||
|
$this->assertEquals(array(
|
||
|
'AUTHORIZATION' => 'Basic '.base64_encode('foo:bar'),
|
||
|
'PHP_AUTH_USER' => 'foo',
|
||
|
'PHP_AUTH_PW' => 'bar',
|
||
|
), $bag->getHeaders());
|
||
|
}
|
||
|
|
||
|
public function testHttpBasicAuthWithPhpCgiBogus()
|
||
|
{
|
||
|
$bag = new ServerBag(array('HTTP_AUTHORIZATION' => 'Basic_'.base64_encode('foo:bar')));
|
||
|
|
||
|
// Username and passwords should not be set as the header is bogus
|
||
|
$headers = $bag->getHeaders();
|
||
|
$this->assertArrayNotHasKey('PHP_AUTH_USER', $headers);
|
||
|
$this->assertArrayNotHasKey('PHP_AUTH_PW', $headers);
|
||
|
}
|
||
|
|
||
|
public function testHttpBasicAuthWithPhpCgiRedirect()
|
||
|
{
|
||
|
$bag = new ServerBag(array('REDIRECT_HTTP_AUTHORIZATION' => 'Basic '.base64_encode('username:pass:word')));
|
||
|
|
||
|
$this->assertEquals(array(
|
||
|
'AUTHORIZATION' => 'Basic '.base64_encode('username:pass:word'),
|
||
|
'PHP_AUTH_USER' => 'username',
|
||
|
'PHP_AUTH_PW' => 'pass:word',
|
||
|
), $bag->getHeaders());
|
||
|
}
|
||
|
|
||
|
public function testHttpBasicAuthWithPhpCgiEmptyPassword()
|
||
|
{
|
||
|
$bag = new ServerBag(array('HTTP_AUTHORIZATION' => 'Basic '.base64_encode('foo:')));
|
||
|
|
||
|
$this->assertEquals(array(
|
||
|
'AUTHORIZATION' => 'Basic '.base64_encode('foo:'),
|
||
|
'PHP_AUTH_USER' => 'foo',
|
||
|
'PHP_AUTH_PW' => '',
|
||
|
), $bag->getHeaders());
|
||
|
}
|
||
|
|
||
|
public function testHttpDigestAuthWithPhpCgi()
|
||
|
{
|
||
|
$digest = 'Digest username="foo", realm="acme", nonce="'.md5('secret').'", uri="/protected, qop="auth"';
|
||
|
$bag = new ServerBag(array('HTTP_AUTHORIZATION' => $digest));
|
||
|
|
||
|
$this->assertEquals(array(
|
||
|
'AUTHORIZATION' => $digest,
|
||
|
'PHP_AUTH_DIGEST' => $digest,
|
||
|
), $bag->getHeaders());
|
||
|
}
|
||
|
|
||
|
public function testHttpDigestAuthWithPhpCgiBogus()
|
||
|
{
|
||
|
$digest = 'Digest_username="foo", realm="acme", nonce="'.md5('secret').'", uri="/protected, qop="auth"';
|
||
|
$bag = new ServerBag(array('HTTP_AUTHORIZATION' => $digest));
|
||
|
|
||
|
// Username and passwords should not be set as the header is bogus
|
||
|
$headers = $bag->getHeaders();
|
||
|
$this->assertArrayNotHasKey('PHP_AUTH_USER', $headers);
|
||
|
$this->assertArrayNotHasKey('PHP_AUTH_PW', $headers);
|
||
|
}
|
||
|
|
||
|
public function testHttpDigestAuthWithPhpCgiRedirect()
|
||
|
{
|
||
|
$digest = 'Digest username="foo", realm="acme", nonce="'.md5('secret').'", uri="/protected, qop="auth"';
|
||
|
$bag = new ServerBag(array('REDIRECT_HTTP_AUTHORIZATION' => $digest));
|
||
|
|
||
|
$this->assertEquals(array(
|
||
|
'AUTHORIZATION' => $digest,
|
||
|
'PHP_AUTH_DIGEST' => $digest,
|
||
|
), $bag->getHeaders());
|
||
|
}
|
||
|
|
||
|
public function testOAuthBearerAuth()
|
||
|
{
|
||
|
$headerContent = 'Bearer L-yLEOr9zhmUYRkzN1jwwxwQ-PBNiKDc8dgfB4hTfvo';
|
||
|
$bag = new ServerBag(array('HTTP_AUTHORIZATION' => $headerContent));
|
||
|
|
||
|
$this->assertEquals(array(
|
||
|
'AUTHORIZATION' => $headerContent,
|
||
|
), $bag->getHeaders());
|
||
|
}
|
||
|
|
||
|
public function testOAuthBearerAuthWithRedirect()
|
||
|
{
|
||
|
$headerContent = 'Bearer L-yLEOr9zhmUYRkzN1jwwxwQ-PBNiKDc8dgfB4hTfvo';
|
||
|
$bag = new ServerBag(array('REDIRECT_HTTP_AUTHORIZATION' => $headerContent));
|
||
|
|
||
|
$this->assertEquals(array(
|
||
|
'AUTHORIZATION' => $headerContent,
|
||
|
), $bag->getHeaders());
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* @see https://github.com/symfony/symfony/issues/17345
|
||
|
*/
|
||
|
public function testItDoesNotOverwriteTheAuthorizationHeaderIfItIsAlreadySet()
|
||
|
{
|
||
|
$headerContent = 'Bearer L-yLEOr9zhmUYRkzN1jwwxwQ-PBNiKDc8dgfB4hTfvo';
|
||
|
$bag = new ServerBag(array('PHP_AUTH_USER' => 'foo', 'HTTP_AUTHORIZATION' => $headerContent));
|
||
|
|
||
|
$this->assertEquals(array(
|
||
|
'AUTHORIZATION' => $headerContent,
|
||
|
'PHP_AUTH_USER' => 'foo',
|
||
|
'PHP_AUTH_PW' => '',
|
||
|
), $bag->getHeaders());
|
||
|
}
|
||
|
}
|