|
| 1 | +<?php |
| 2 | + |
| 3 | +namespace Symfony\Component\Security\Http\Tests\Firewall; |
| 4 | + |
| 5 | +use Symfony\Component\HttpFoundation\Request; |
| 6 | +use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken; |
| 7 | +use Symfony\Component\Security\Http\EntryPoint\DigestAuthenticationEntryPoint; |
| 8 | +use Symfony\Component\Security\Http\Firewall\DigestAuthenticationListener; |
| 9 | + |
| 10 | +class DigestAuthenticationListenerTest extends \PHPUnit_Framework_TestCase |
| 11 | +{ |
| 12 | + public function testHandleWithValidDigest() |
| 13 | + { |
| 14 | + $time = microtime(true) + 1000; |
| 15 | + $secret = 'ThisIsASecret'; |
| 16 | + $nonce = base64_encode($time.':'.md5($time.':'.$secret)); |
| 17 | + $username = 'user'; |
| 18 | + $password = 'password'; |
| 19 | + $realm = 'Welcome, robot!'; |
| 20 | + $cnonce = 'MDIwODkz'; |
| 21 | + $nc = '00000001'; |
| 22 | + $qop = 'auth'; |
| 23 | + $uri = '/path/info?p1=5&p2=5'; |
| 24 | + |
| 25 | + $serverDigest = $this->calculateServerDigest($username, $realm, $password, $nc, $nonce, $cnonce, $qop, 'GET', $uri); |
| 26 | + |
| 27 | + $digestData = |
| 28 | + 'username="'.$username.'", realm="'.$realm.'", nonce="'.$nonce.'", '. |
| 29 | + 'uri="'.$uri.'", cnonce="'.$cnonce.'", nc='.$nc.', qop="'.$qop.'", '. |
| 30 | + 'response="'.$serverDigest.'"' |
| 31 | + ; |
| 32 | + |
| 33 | + $request = new Request(array(), array(), array(), array(), array(), array('PHP_AUTH_DIGEST' => $digestData)); |
| 34 | + |
| 35 | + $entryPoint = new DigestAuthenticationEntryPoint($realm, $secret); |
| 36 | + |
| 37 | + $user = $this->getMock('Symfony\Component\Security\Core\User\UserInterface'); |
| 38 | + $user->method('getPassword')->willReturn($password); |
| 39 | + |
| 40 | + $providerKey = 'TheProviderKey'; |
| 41 | + |
| 42 | + $tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); |
| 43 | + $tokenStorage |
| 44 | + ->expects($this->once()) |
| 45 | + ->method('getToken') |
| 46 | + ->will($this->returnValue(null)) |
| 47 | + ; |
| 48 | + $tokenStorage |
| 49 | + ->expects($this->once()) |
| 50 | + ->method('setToken') |
| 51 | + ->with($this->equalTo(new UsernamePasswordToken($user, $password, $providerKey))) |
| 52 | + ; |
| 53 | + |
| 54 | + $userProvider = $this->getMock('Symfony\Component\Security\Core\User\UserProviderInterface'); |
| 55 | + $userProvider->method('loadUserByUsername')->willReturn($user); |
| 56 | + |
| 57 | + $listener = new DigestAuthenticationListener($tokenStorage, $userProvider, $providerKey, $entryPoint); |
| 58 | + |
| 59 | + $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false); |
| 60 | + $event |
| 61 | + ->expects($this->any()) |
| 62 | + ->method('getRequest') |
| 63 | + ->will($this->returnValue($request)) |
| 64 | + ; |
| 65 | + |
| 66 | + $listener->handle($event); |
| 67 | + } |
| 68 | + |
| 69 | + private function calculateServerDigest($username, $realm, $password, $nc, $nonce, $cnonce, $qop, $method, $uri) |
| 70 | + { |
| 71 | + $response = md5( |
| 72 | + md5($username.':'.$realm.':'.$password).':'.$nonce.':'.$nc.':'.$cnonce.':'.$qop.':'.md5($method.':'.$uri) |
| 73 | + ); |
| 74 | + |
| 75 | + return sprintf('username="%s", realm="%s", nonce="%s", uri="%s", cnonce="%s", nc=%s, qop="%s", response="%s"', |
| 76 | + $username, $realm, $nonce, $uri, $cnonce, $nc, $qop, $response |
| 77 | + ); |
| 78 | + } |
| 79 | +} |
0 commit comments