]>
Commit | Line | Data |
---|---|---|
68c6f1bd NL |
1 | <?php |
2 | ||
3 | namespace Wallabag\CoreBundle\Tests\Controller; | |
4 | ||
874e3e10 | 5 | use Wallabag\CoreBundle\Tests\WallabagTestCase; |
68c6f1bd | 6 | |
874e3e10 | 7 | class WallabagRestControllerTest extends WallabagTestCase |
68c6f1bd | 8 | { |
19aee7cd NL |
9 | /** |
10 | * Generate HTTP headers for authenticate user on API | |
11 | * | |
12 | * @param $username | |
13 | * @param $password | |
14 | * @param $salt | |
15 | * | |
16 | * @return array | |
17 | */ | |
18 | private function generateHeaders($username, $password, $salt) | |
19 | { | |
20 | $encryptedPassword = sha1($password.$username.$salt); | |
21 | $nonce = substr(md5(uniqid('nonce_', true)), 0, 16); | |
22 | ||
23 | $now = new \DateTime('now', new \DateTimeZone('UTC')); | |
24 | $created = (string) $now->format('Y-m-d\TH:i:s\Z'); | |
25 | $digest = base64_encode(sha1(base64_decode($nonce).$created.$encryptedPassword, true)); | |
26 | ||
27 | return array( | |
19aee7cd NL |
28 | 'HTTP_AUTHORIZATION' => 'Authorization profile="UsernameToken"', |
29 | 'HTTP_x-wsse' => 'X-WSSE: UsernameToken Username="'.$username.'", PasswordDigest="'.$digest.'", Nonce="'.$nonce.'", Created="'.$created.'"', | |
30 | ); | |
31 | } | |
32 | ||
f5deb024 NL |
33 | public function testGetSalt() |
34 | { | |
35 | $client = $this->createClient(); | |
36 | $client->request('GET', '/api/salts/admin.json'); | |
37 | $this->assertEquals(200, $client->getResponse()->getStatusCode()); | |
f170f315 | 38 | $this->assertNotEmpty(json_decode($client->getResponse()->getContent())); |
f5deb024 NL |
39 | |
40 | $client->request('GET', '/api/salts/notfound.json'); | |
41 | $this->assertEquals(404, $client->getResponse()->getStatusCode()); | |
42 | } | |
43 | ||
59f18f9a NL |
44 | public function testWithBadHeaders() |
45 | { | |
46 | $client = $this->createClient(); | |
47 | $client->request('GET', '/api/salts/admin.json'); | |
48 | $salt = json_decode($client->getResponse()->getContent()); | |
49 | ||
50 | $headers = $this->generateHeaders('admin', 'test', $salt[0]); | |
51 | ||
52 | $entry = $client->getContainer() | |
53 | ->get('doctrine.orm.entity_manager') | |
54 | ->getRepository('WallabagCoreBundle:Entry') | |
55 | ->findOneByIsArchived(false); | |
56 | ||
57 | if (!$entry) { | |
58 | $this->markTestSkipped('No content found in db.'); | |
59 | } | |
60 | ||
61 | $badHeaders = array( | |
62 | 'HTTP_AUTHORIZATION' => 'Authorization profile="UsernameToken"', | |
63 | 'HTTP_x-wsse' => 'X-WSSE: UsernameToken Username="admin", PasswordDigest="Wr0ngDig3st", Nonce="n0Nc3", Created="2015-01-01T13:37:00Z"', | |
64 | ); | |
65 | ||
66 | $client->request('GET', '/api/entries/'.$entry->getId().'.json', array(), array(), $badHeaders); | |
67 | $this->assertEquals(403, $client->getResponse()->getStatusCode()); | |
68 | } | |
69 | ||
19aee7cd | 70 | public function testGetOneEntry() |
f5deb024 | 71 | { |
68c6f1bd | 72 | $client = $this->createClient(); |
e1dd7f70 | 73 | $client->request('GET', '/api/salts/admin.json'); |
c9fa9677 | 74 | $salt = json_decode($client->getResponse()->getContent()); |
e1dd7f70 | 75 | |
c9fa9677 | 76 | $headers = $this->generateHeaders('admin', 'test', $salt[0]); |
e1dd7f70 | 77 | |
c9fa9677 NL |
78 | $entry = $client->getContainer() |
79 | ->get('doctrine.orm.entity_manager') | |
80 | ->getRepository('WallabagCoreBundle:Entry') | |
81 | ->findOneByIsArchived(false); | |
82 | ||
83 | if (!$entry) { | |
84 | $this->markTestSkipped('No content found in db.'); | |
85 | } | |
86 | ||
87 | $client->request('GET', '/api/entries/'.$entry->getId().'.json', array(), array(), $headers); | |
88 | $this->assertContains($entry->getTitle(), $client->getResponse()->getContent()); | |
e1dd7f70 | 89 | |
19aee7cd NL |
90 | $this->assertTrue( |
91 | $client->getResponse()->headers->contains( | |
92 | 'Content-Type', | |
93 | 'application/json' | |
94 | ) | |
e1dd7f70 | 95 | ); |
19aee7cd NL |
96 | } |
97 | ||
98 | public function testGetEntries() | |
99 | { | |
100 | $client = $this->createClient(); | |
101 | $client->request('GET', '/api/salts/admin.json'); | |
c9fa9677 | 102 | $salt = json_decode($client->getResponse()->getContent()); |
19aee7cd | 103 | |
c9fa9677 | 104 | $headers = $this->generateHeaders('admin', 'test', $salt[0]); |
e1dd7f70 NL |
105 | |
106 | $client->request('GET', '/api/entries', array(), array(), $headers); | |
d9b71755 NL |
107 | |
108 | $this->assertEquals(200, $client->getResponse()->getStatusCode()); | |
109 | ||
d9b71755 NL |
110 | $this->assertGreaterThanOrEqual(1, count(json_decode($client->getResponse()->getContent()))); |
111 | ||
e1dd7f70 | 112 | $this->assertContains('Mailjet', $client->getResponse()->getContent()); |
68c6f1bd NL |
113 | |
114 | $this->assertTrue( | |
115 | $client->getResponse()->headers->contains( | |
116 | 'Content-Type', | |
117 | 'application/json' | |
118 | ) | |
119 | ); | |
68c6f1bd | 120 | } |
c9fa9677 NL |
121 | |
122 | public function testDeleteEntry() | |
123 | { | |
124 | $client = $this->createClient(); | |
125 | $client->request('GET', '/api/salts/admin.json'); | |
126 | $salt = json_decode($client->getResponse()->getContent()); | |
127 | ||
128 | $headers = $this->generateHeaders('admin', 'test', $salt[0]); | |
129 | ||
130 | $entry = $client->getContainer() | |
131 | ->get('doctrine.orm.entity_manager') | |
132 | ->getRepository('WallabagCoreBundle:Entry') | |
133 | ->findOneByIsDeleted(false); | |
134 | ||
135 | if (!$entry) { | |
136 | $this->markTestSkipped('No content found in db.'); | |
137 | } | |
138 | ||
139 | $client->request('DELETE', '/api/entries/'.$entry->getId().'.json', array(), array(), $headers); | |
140 | ||
141 | $this->assertEquals(200, $client->getResponse()->getStatusCode()); | |
142 | ||
143 | $res = $client->getContainer() | |
144 | ->get('doctrine.orm.entity_manager') | |
145 | ->getRepository('WallabagCoreBundle:Entry') | |
146 | ->findOneById($entry->getId()); | |
147 | $this->assertEquals($res->isDeleted(), true); | |
148 | } | |
2734044a | 149 | } |