2019-12-08 22:45:34 +01:00
|
|
|
<?php
|
2020-02-09 15:45:36 +01:00
|
|
|
/**
|
2021-03-29 08:40:20 +02:00
|
|
|
* @copyright Copyright (C) 2010-2021, the Friendica project
|
2020-02-09 15:45:36 +01:00
|
|
|
*
|
|
|
|
* @license GNU AGPL version 3 or any later version
|
|
|
|
*
|
|
|
|
* This program is free software: you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU Affero General Public License as
|
|
|
|
* published by the Free Software Foundation, either version 3 of the
|
|
|
|
* License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU Affero General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU Affero General Public License
|
|
|
|
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
|
|
*
|
|
|
|
*/
|
2019-12-08 22:45:34 +01:00
|
|
|
|
2020-09-17 22:15:33 +02:00
|
|
|
namespace Friendica\Test\src\Model\User;
|
2019-12-08 22:45:34 +01:00
|
|
|
|
2019-12-11 20:49:53 +01:00
|
|
|
use Friendica\App\BaseURL;
|
2020-01-19 21:29:36 +01:00
|
|
|
use Friendica\Core\Config\IConfig;
|
2019-12-08 22:45:34 +01:00
|
|
|
use Friendica\Model\User\Cookie;
|
2020-09-17 22:15:33 +02:00
|
|
|
use Friendica\Test\MockedTest;
|
2019-12-09 22:47:08 +01:00
|
|
|
use Friendica\Test\Util\StaticCookie;
|
2019-12-08 22:45:34 +01:00
|
|
|
use Mockery\MockInterface;
|
|
|
|
|
2020-09-17 22:15:33 +02:00
|
|
|
class CookieTest extends MockedTest
|
2019-12-08 22:45:34 +01:00
|
|
|
{
|
2020-01-19 21:29:36 +01:00
|
|
|
/** @var MockInterface|IConfig */
|
2019-12-08 22:45:34 +01:00
|
|
|
private $config;
|
2019-12-11 20:49:53 +01:00
|
|
|
/** @var MockInterface|BaseURL */
|
|
|
|
private $baseUrl;
|
2019-12-08 22:45:34 +01:00
|
|
|
|
2021-04-01 23:04:30 +02:00
|
|
|
protected function setUp(): void
|
2019-12-08 22:45:34 +01:00
|
|
|
{
|
2019-12-09 22:47:08 +01:00
|
|
|
StaticCookie::clearStatic();
|
|
|
|
|
|
|
|
parent::setUp();
|
2019-12-08 22:45:34 +01:00
|
|
|
|
2020-01-19 21:29:36 +01:00
|
|
|
$this->config = \Mockery::mock(IConfig::class);
|
2019-12-11 20:49:53 +01:00
|
|
|
$this->baseUrl = \Mockery::mock(BaseURL::class);
|
2019-12-08 22:45:34 +01:00
|
|
|
}
|
|
|
|
|
2021-04-01 23:04:30 +02:00
|
|
|
protected function tearDown(): void
|
2019-12-09 22:47:08 +01:00
|
|
|
{
|
|
|
|
StaticCookie::clearStatic();
|
2020-10-18 20:31:57 +02:00
|
|
|
|
|
|
|
parent::tearDown();
|
2019-12-09 22:47:08 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Test if we can create a basic cookie instance
|
|
|
|
*/
|
2019-12-08 22:45:34 +01:00
|
|
|
public function testInstance()
|
|
|
|
{
|
2019-12-11 20:49:53 +01:00
|
|
|
$this->baseUrl->shouldReceive('getSSLPolicy')->andReturn(true)->once();
|
2019-12-08 22:45:34 +01:00
|
|
|
$this->config->shouldReceive('get')->with('system', 'site_prvkey')->andReturn('1235')->once();
|
|
|
|
$this->config->shouldReceive('get')->with('system', 'auth_cookie_lifetime', Cookie::DEFAULT_EXPIRE)->andReturn('7')->once();
|
|
|
|
|
2019-12-11 20:49:53 +01:00
|
|
|
$cookie = new Cookie($this->config, $this->baseUrl);
|
2020-10-17 14:19:57 +02:00
|
|
|
self::assertInstanceOf(Cookie::class, $cookie);
|
2019-12-08 22:45:34 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
public function dataGet()
|
|
|
|
{
|
|
|
|
return [
|
|
|
|
'default' => [
|
|
|
|
'cookieData' => [
|
|
|
|
Cookie::NAME => json_encode([
|
|
|
|
'uid' => -1,
|
|
|
|
'hash' => 12345,
|
|
|
|
'ip' => '127.0.0.1',
|
|
|
|
])
|
|
|
|
],
|
|
|
|
'hasValues' => true,
|
|
|
|
'uid' => -1,
|
|
|
|
'hash' => 12345,
|
|
|
|
'ip' => '127.0.0.1',
|
|
|
|
],
|
|
|
|
'missing' => [
|
|
|
|
'cookieData' => [
|
|
|
|
|
|
|
|
],
|
|
|
|
'hasValues' => false,
|
|
|
|
'uid' => null,
|
|
|
|
'hash' => null,
|
|
|
|
'ip' => null,
|
|
|
|
],
|
|
|
|
'invalid' => [
|
|
|
|
'cookieData' => [
|
|
|
|
Cookie::NAME => 'test',
|
|
|
|
],
|
|
|
|
'hasValues' => false,
|
|
|
|
'uid' => null,
|
|
|
|
'hash' => null,
|
|
|
|
'ip' => null,
|
|
|
|
],
|
|
|
|
'incomplete' => [
|
|
|
|
'cookieData' => [
|
|
|
|
Cookie::NAME => json_encode([
|
|
|
|
'uid' => -1,
|
|
|
|
'hash' => 12345,
|
|
|
|
])
|
|
|
|
],
|
|
|
|
'hasValues' => true,
|
|
|
|
'uid' => -1,
|
|
|
|
'hash' => 12345,
|
|
|
|
'ip' => null,
|
|
|
|
],
|
|
|
|
];
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2019-12-09 22:47:08 +01:00
|
|
|
* Test the get() method of the cookie class
|
|
|
|
*
|
2019-12-08 22:45:34 +01:00
|
|
|
* @dataProvider dataGet
|
|
|
|
*/
|
|
|
|
public function testGet(array $cookieData, bool $hasValues, $uid, $hash, $ip)
|
|
|
|
{
|
2019-12-11 20:49:53 +01:00
|
|
|
$this->baseUrl->shouldReceive('getSSLPolicy')->andReturn(true)->once();
|
2019-12-08 22:45:34 +01:00
|
|
|
$this->config->shouldReceive('get')->with('system', 'site_prvkey')->andReturn('1235')->once();
|
|
|
|
$this->config->shouldReceive('get')->with('system', 'auth_cookie_lifetime', Cookie::DEFAULT_EXPIRE)->andReturn('7')->once();
|
|
|
|
|
2019-12-11 20:49:53 +01:00
|
|
|
$cookie = new Cookie($this->config, $this->baseUrl, [], $cookieData);
|
2020-10-17 14:19:57 +02:00
|
|
|
self::assertInstanceOf(Cookie::class, $cookie);
|
2019-12-08 22:45:34 +01:00
|
|
|
|
2021-01-17 23:30:18 +01:00
|
|
|
if (isset($uid)) {
|
|
|
|
self::assertEquals($uid, $cookie->get('uid'));
|
|
|
|
} else {
|
|
|
|
self::assertNull($cookie->get('uid'));
|
|
|
|
}
|
|
|
|
if (isset($hash)) {
|
|
|
|
self::assertEquals($hash, $cookie->get('hash'));
|
2019-12-08 22:45:34 +01:00
|
|
|
} else {
|
2021-01-17 23:30:18 +01:00
|
|
|
self::assertNull($cookie->get('hash'));
|
|
|
|
}
|
|
|
|
if (isset($ip)) {
|
|
|
|
self::assertEquals($ip, $cookie->get('ip'));
|
|
|
|
} else {
|
|
|
|
self::assertNull($cookie->get('ip'));
|
2019-12-08 22:45:34 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
public function dataCheck()
|
|
|
|
{
|
|
|
|
return [
|
|
|
|
'default' => [
|
|
|
|
'serverPrivateKey' => 'serverkey',
|
|
|
|
'userPrivateKey' => 'userkey',
|
|
|
|
'password' => 'test',
|
|
|
|
'assertHash' => 'e9b4eb16275a2907b5659d22905b248221d0517dde4a9d5c320b8fe051b1267b',
|
|
|
|
'assertTrue' => true,
|
|
|
|
],
|
|
|
|
'emptyUser' => [
|
|
|
|
'serverPrivateKey' => 'serverkey',
|
|
|
|
'userPrivateKey' => '',
|
|
|
|
'password' => '',
|
|
|
|
'assertHash' => '',
|
|
|
|
'assertTrue' => false,
|
|
|
|
],
|
2019-12-09 22:47:08 +01:00
|
|
|
'invalid' => [
|
2019-12-08 22:45:34 +01:00
|
|
|
'serverPrivateKey' => 'serverkey',
|
|
|
|
'userPrivateKey' => 'bla',
|
|
|
|
'password' => 'nope',
|
|
|
|
'assertHash' => 'real wrong!',
|
|
|
|
'assertTrue' => false,
|
|
|
|
]
|
|
|
|
];
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2019-12-09 22:47:08 +01:00
|
|
|
* Test the check() method of the cookie class
|
|
|
|
*
|
2019-12-08 22:45:34 +01:00
|
|
|
* @dataProvider dataCheck
|
|
|
|
*/
|
|
|
|
public function testCheck(string $serverPrivateKey, string $userPrivateKey, string $password, string $assertHash, bool $assertTrue)
|
|
|
|
{
|
2019-12-11 20:49:53 +01:00
|
|
|
$this->baseUrl->shouldReceive('getSSLPolicy')->andReturn(true)->once();
|
2019-12-08 22:45:34 +01:00
|
|
|
$this->config->shouldReceive('get')->with('system', 'site_prvkey')->andReturn($serverPrivateKey)->once();
|
|
|
|
$this->config->shouldReceive('get')->with('system', 'auth_cookie_lifetime', Cookie::DEFAULT_EXPIRE)->andReturn('7')->once();
|
|
|
|
|
2019-12-11 20:49:53 +01:00
|
|
|
$cookie = new Cookie($this->config, $this->baseUrl);
|
2020-10-17 14:19:57 +02:00
|
|
|
self::assertInstanceOf(Cookie::class, $cookie);
|
2019-12-08 22:45:34 +01:00
|
|
|
|
2021-01-17 23:30:18 +01:00
|
|
|
self::assertEquals($assertTrue, $cookie->comparePrivateDataHash($assertHash, $password, $userPrivateKey));
|
2019-12-08 22:45:34 +01:00
|
|
|
}
|
|
|
|
|
2019-12-09 22:47:08 +01:00
|
|
|
public function dataSet()
|
|
|
|
{
|
|
|
|
return [
|
|
|
|
'default' => [
|
|
|
|
'serverKey' => 23,
|
|
|
|
'uid' => 0,
|
|
|
|
'password' => '234',
|
|
|
|
'privateKey' => '124',
|
|
|
|
'assertHash' => 'b657a15cfe7ed1f7289c9aa51af14a9a26c966f4ddd74e495fba103d8e872a39',
|
|
|
|
'remoteIp' => '0.0.0.0',
|
|
|
|
'serverArray' => [],
|
|
|
|
],
|
|
|
|
'withServerArray' => [
|
|
|
|
'serverKey' => 23,
|
|
|
|
'uid' => 0,
|
|
|
|
'password' => '234',
|
|
|
|
'privateKey' => '124',
|
|
|
|
'assertHash' => 'b657a15cfe7ed1f7289c9aa51af14a9a26c966f4ddd74e495fba103d8e872a39',
|
|
|
|
'remoteIp' => '1.2.3.4',
|
|
|
|
'serverArray' => ['REMOTE_ADDR' => '1.2.3.4',],
|
|
|
|
],
|
|
|
|
];
|
|
|
|
}
|
|
|
|
|
2021-01-17 23:30:18 +01:00
|
|
|
public function assertCookie($uid, $hash, $remoteIp)
|
2019-12-08 22:45:34 +01:00
|
|
|
{
|
2020-10-17 14:19:57 +02:00
|
|
|
self::assertArrayHasKey(Cookie::NAME, StaticCookie::$_COOKIE);
|
2019-12-09 22:47:08 +01:00
|
|
|
|
|
|
|
$data = json_decode(StaticCookie::$_COOKIE[Cookie::NAME]);
|
|
|
|
|
2020-10-17 14:19:57 +02:00
|
|
|
self::assertObjectHasAttribute('uid', $data);
|
|
|
|
self::assertEquals($uid, $data->uid);
|
|
|
|
self::assertObjectHasAttribute('hash', $data);
|
|
|
|
self::assertEquals($hash, $data->hash);
|
|
|
|
self::assertObjectHasAttribute('ip', $data);
|
|
|
|
self::assertEquals($remoteIp, $data->ip);
|
2019-12-09 22:47:08 +01:00
|
|
|
|
2021-01-17 23:30:18 +01:00
|
|
|
self::assertLessThanOrEqual(time() + Cookie::DEFAULT_EXPIRE * 24 * 60 * 60, StaticCookie::$_EXPIRE);
|
2019-12-08 22:45:34 +01:00
|
|
|
}
|
|
|
|
|
2019-12-09 22:47:08 +01:00
|
|
|
/**
|
|
|
|
* Test the set() method of the cookie class
|
|
|
|
*
|
|
|
|
* @dataProvider dataSet
|
|
|
|
*/
|
2021-01-17 23:30:18 +01:00
|
|
|
public function testSet($serverKey, $uid, $password, $privateKey, $assertHash, $remoteIp, $serverArray)
|
2019-12-09 22:47:08 +01:00
|
|
|
{
|
2019-12-11 20:49:53 +01:00
|
|
|
$this->baseUrl->shouldReceive('getSSLPolicy')->andReturn(true)->once();
|
2019-12-09 22:47:08 +01:00
|
|
|
$this->config->shouldReceive('get')->with('system', 'site_prvkey')->andReturn($serverKey)->once();
|
|
|
|
$this->config->shouldReceive('get')->with('system', 'auth_cookie_lifetime', Cookie::DEFAULT_EXPIRE)->andReturn(Cookie::DEFAULT_EXPIRE)->once();
|
|
|
|
|
2019-12-11 20:49:53 +01:00
|
|
|
$cookie = new StaticCookie($this->config, $this->baseUrl, $serverArray);
|
2020-10-17 14:19:57 +02:00
|
|
|
self::assertInstanceOf(Cookie::class, $cookie);
|
2019-12-09 22:47:08 +01:00
|
|
|
|
2021-01-17 23:30:18 +01:00
|
|
|
$cookie->setMultiple([
|
|
|
|
'uid' => $uid,
|
|
|
|
'hash' => $assertHash,
|
|
|
|
]);
|
2019-12-09 22:47:08 +01:00
|
|
|
|
2021-01-17 23:30:18 +01:00
|
|
|
self::assertCookie($uid, $assertHash, $remoteIp);
|
2019-12-09 22:47:08 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2021-01-17 23:30:18 +01:00
|
|
|
* Test the set() method of the cookie class
|
2019-12-09 22:47:08 +01:00
|
|
|
*
|
|
|
|
* @dataProvider dataSet
|
|
|
|
*/
|
2021-01-17 23:30:18 +01:00
|
|
|
public function testDoubleSet($serverKey, $uid, $password, $privateKey, $assertHash, $remoteIp, $serverArray)
|
2019-12-09 22:47:08 +01:00
|
|
|
{
|
2019-12-11 20:49:53 +01:00
|
|
|
$this->baseUrl->shouldReceive('getSSLPolicy')->andReturn(true)->once();
|
2019-12-09 22:47:08 +01:00
|
|
|
$this->config->shouldReceive('get')->with('system', 'site_prvkey')->andReturn($serverKey)->once();
|
|
|
|
$this->config->shouldReceive('get')->with('system', 'auth_cookie_lifetime', Cookie::DEFAULT_EXPIRE)->andReturn(Cookie::DEFAULT_EXPIRE)->once();
|
|
|
|
|
2019-12-11 20:49:53 +01:00
|
|
|
$cookie = new StaticCookie($this->config, $this->baseUrl, $serverArray);
|
2020-10-17 14:19:57 +02:00
|
|
|
self::assertInstanceOf(Cookie::class, $cookie);
|
2019-12-09 22:47:08 +01:00
|
|
|
|
2021-01-17 23:30:18 +01:00
|
|
|
$cookie->set('uid', $uid);
|
|
|
|
$cookie->set('hash', $assertHash);
|
2019-12-09 22:47:08 +01:00
|
|
|
|
2021-01-17 23:30:18 +01:00
|
|
|
self::assertCookie($uid, $assertHash, $remoteIp);
|
2019-12-09 22:47:08 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Test the clear() method of the cookie class
|
|
|
|
*/
|
2019-12-08 22:45:34 +01:00
|
|
|
public function testClear()
|
|
|
|
{
|
2019-12-09 22:47:08 +01:00
|
|
|
StaticCookie::$_COOKIE = [
|
|
|
|
Cookie::NAME => 'test'
|
|
|
|
];
|
|
|
|
|
2019-12-11 20:49:53 +01:00
|
|
|
$this->baseUrl->shouldReceive('getSSLPolicy')->andReturn(true)->once();
|
2019-12-09 22:47:08 +01:00
|
|
|
$this->config->shouldReceive('get')->with('system', 'site_prvkey')->andReturn(24)->once();
|
|
|
|
$this->config->shouldReceive('get')->with('system', 'auth_cookie_lifetime', Cookie::DEFAULT_EXPIRE)->andReturn(Cookie::DEFAULT_EXPIRE)->once();
|
|
|
|
|
2019-12-11 20:49:53 +01:00
|
|
|
$cookie = new StaticCookie($this->config, $this->baseUrl);
|
2020-10-17 14:19:57 +02:00
|
|
|
self::assertInstanceOf(Cookie::class, $cookie);
|
2019-12-09 22:47:08 +01:00
|
|
|
|
2020-10-17 14:19:57 +02:00
|
|
|
self::assertEquals('test', StaticCookie::$_COOKIE[Cookie::NAME]);
|
|
|
|
self::assertEquals(null, StaticCookie::$_EXPIRE);
|
2019-12-09 22:47:08 +01:00
|
|
|
|
|
|
|
$cookie->clear();
|
|
|
|
|
2020-10-17 14:19:57 +02:00
|
|
|
self::assertEmpty(StaticCookie::$_COOKIE[Cookie::NAME]);
|
|
|
|
self::assertEquals(-3600, StaticCookie::$_EXPIRE);
|
2019-12-08 22:45:34 +01:00
|
|
|
}
|
|
|
|
}
|