]>
Commit | Line | Data |
---|---|---|
68c6f1bd NL |
1 | <?php |
2 | ||
3 | namespace Wallabag\CoreBundle\Tests\Controller; | |
4 | ||
874e3e10 | 5 | use Wallabag\CoreBundle\Tests\WallabagTestCase; |
68c6f1bd | 6 | |
874e3e10 | 7 | class WallabagRestControllerTest extends WallabagTestCase |
68c6f1bd | 8 | { |
19aee7cd NL |
9 | /** |
10 | * Generate HTTP headers for authenticate user on API | |
11 | * | |
12 | * @param $username | |
13 | * @param $password | |
14 | * @param $salt | |
15 | * | |
16 | * @return array | |
17 | */ | |
18 | private function generateHeaders($username, $password, $salt) | |
19 | { | |
20 | $encryptedPassword = sha1($password.$username.$salt); | |
21 | $nonce = substr(md5(uniqid('nonce_', true)), 0, 16); | |
22 | ||
23 | $now = new \DateTime('now', new \DateTimeZone('UTC')); | |
24 | $created = (string) $now->format('Y-m-d\TH:i:s\Z'); | |
25 | $digest = base64_encode(sha1(base64_decode($nonce).$created.$encryptedPassword, true)); | |
26 | ||
27 | return array( | |
19aee7cd NL |
28 | 'HTTP_AUTHORIZATION' => 'Authorization profile="UsernameToken"', |
29 | 'HTTP_x-wsse' => 'X-WSSE: UsernameToken Username="'.$username.'", PasswordDigest="'.$digest.'", Nonce="'.$nonce.'", Created="'.$created.'"', | |
30 | ); | |
31 | } | |
32 | ||
f5deb024 NL |
33 | public function testGetSalt() |
34 | { | |
35 | $client = $this->createClient(); | |
36 | $client->request('GET', '/api/salts/admin.json'); | |
37 | $this->assertEquals(200, $client->getResponse()->getStatusCode()); | |
f170f315 | 38 | $this->assertNotEmpty(json_decode($client->getResponse()->getContent())); |
f5deb024 NL |
39 | |
40 | $client->request('GET', '/api/salts/notfound.json'); | |
41 | $this->assertEquals(404, $client->getResponse()->getStatusCode()); | |
42 | } | |
43 | ||
19aee7cd | 44 | public function testGetOneEntry() |
f5deb024 | 45 | { |
68c6f1bd | 46 | $client = $this->createClient(); |
e1dd7f70 | 47 | $client->request('GET', '/api/salts/admin.json'); |
c9fa9677 | 48 | $salt = json_decode($client->getResponse()->getContent()); |
e1dd7f70 | 49 | |
c9fa9677 | 50 | $headers = $this->generateHeaders('admin', 'test', $salt[0]); |
e1dd7f70 | 51 | |
c9fa9677 NL |
52 | $entry = $client->getContainer() |
53 | ->get('doctrine.orm.entity_manager') | |
54 | ->getRepository('WallabagCoreBundle:Entry') | |
55 | ->findOneByIsArchived(false); | |
56 | ||
57 | if (!$entry) { | |
58 | $this->markTestSkipped('No content found in db.'); | |
59 | } | |
60 | ||
61 | $client->request('GET', '/api/entries/'.$entry->getId().'.json', array(), array(), $headers); | |
62 | $this->assertContains($entry->getTitle(), $client->getResponse()->getContent()); | |
e1dd7f70 | 63 | |
19aee7cd NL |
64 | $this->assertTrue( |
65 | $client->getResponse()->headers->contains( | |
66 | 'Content-Type', | |
67 | 'application/json' | |
68 | ) | |
e1dd7f70 | 69 | ); |
9ca5fd43 NL |
70 | |
71 | // Now testing with bad headers | |
72 | $badHeaders = array( | |
73 | 'HTTP_AUTHORIZATION' => 'Authorization profile="UsernameToken"', | |
74 | 'HTTP_x-wsse' => 'X-WSSE: UsernameToken Username="admin", PasswordDigest="Wr0ngDig3st", Nonce="n0Nc3", Created="2015-01-01T13:37:00Z"', | |
75 | ); | |
76 | ||
77 | $client->request('GET', '/api/entries/'.$entry->getId().'.json', array(), array(), $badHeaders); | |
78 | $this->assertEquals(403, $client->getResponse()->getStatusCode()); | |
19aee7cd NL |
79 | } |
80 | ||
81 | public function testGetEntries() | |
82 | { | |
83 | $client = $this->createClient(); | |
84 | $client->request('GET', '/api/salts/admin.json'); | |
c9fa9677 | 85 | $salt = json_decode($client->getResponse()->getContent()); |
19aee7cd | 86 | |
c9fa9677 | 87 | $headers = $this->generateHeaders('admin', 'test', $salt[0]); |
e1dd7f70 NL |
88 | |
89 | $client->request('GET', '/api/entries', array(), array(), $headers); | |
90 | $this->assertContains('Mailjet', $client->getResponse()->getContent()); | |
68c6f1bd NL |
91 | |
92 | $this->assertTrue( | |
93 | $client->getResponse()->headers->contains( | |
94 | 'Content-Type', | |
95 | 'application/json' | |
96 | ) | |
97 | ); | |
68c6f1bd | 98 | } |
c9fa9677 NL |
99 | |
100 | public function testDeleteEntry() | |
101 | { | |
102 | $client = $this->createClient(); | |
103 | $client->request('GET', '/api/salts/admin.json'); | |
104 | $salt = json_decode($client->getResponse()->getContent()); | |
105 | ||
106 | $headers = $this->generateHeaders('admin', 'test', $salt[0]); | |
107 | ||
108 | $entry = $client->getContainer() | |
109 | ->get('doctrine.orm.entity_manager') | |
110 | ->getRepository('WallabagCoreBundle:Entry') | |
111 | ->findOneByIsDeleted(false); | |
112 | ||
113 | if (!$entry) { | |
114 | $this->markTestSkipped('No content found in db.'); | |
115 | } | |
116 | ||
117 | $client->request('DELETE', '/api/entries/'.$entry->getId().'.json', array(), array(), $headers); | |
118 | ||
119 | $this->assertEquals(200, $client->getResponse()->getStatusCode()); | |
120 | ||
121 | $res = $client->getContainer() | |
122 | ->get('doctrine.orm.entity_manager') | |
123 | ->getRepository('WallabagCoreBundle:Entry') | |
124 | ->findOneById($entry->getId()); | |
125 | $this->assertEquals($res->isDeleted(), true); | |
126 | } | |
2734044a | 127 | } |