]>
Commit | Line | Data |
---|---|---|
ebd650c0 | 1 | <?php |
dd883aaf V |
2 | require_once 'tests/utils/FakeConfigManager.php'; |
3 | ||
fd7d8461 V |
4 | // Initialize reference data _before_ PHPUnit starts a session |
5 | require_once 'tests/utils/ReferenceSessionIdHashes.php'; | |
6 | ReferenceSessionIdHashes::genAllHashes(); | |
ebd650c0 | 7 | |
fd7d8461 | 8 | use \Shaarli\SessionManager; |
ebd650c0 V |
9 | use \PHPUnit\Framework\TestCase; |
10 | ||
fd7d8461 | 11 | |
ebd650c0 V |
12 | /** |
13 | * Test coverage for SessionManager | |
14 | */ | |
15 | class SessionManagerTest extends TestCase | |
16 | { | |
fd7d8461 V |
17 | // Session ID hashes |
18 | protected static $sidHashes = null; | |
19 | ||
dd883aaf V |
20 | // Fake ConfigManager |
21 | protected static $conf = null; | |
22 | ||
fd7d8461 V |
23 | /** |
24 | * Assign reference data | |
25 | */ | |
26 | public static function setUpBeforeClass() | |
27 | { | |
28 | self::$sidHashes = ReferenceSessionIdHashes::getHashes(); | |
dd883aaf | 29 | self::$conf = new FakeConfigManager(); |
fd7d8461 V |
30 | } |
31 | ||
ebd650c0 V |
32 | /** |
33 | * Generate a session token | |
34 | */ | |
35 | public function testGenerateToken() | |
36 | { | |
37 | $session = []; | |
dd883aaf | 38 | $sessionManager = new SessionManager($session, self::$conf); |
ebd650c0 V |
39 | |
40 | $token = $sessionManager->generateToken(); | |
41 | ||
42 | $this->assertEquals(1, $session['tokens'][$token]); | |
43 | $this->assertEquals(40, strlen($token)); | |
44 | } | |
45 | ||
ae7c954b V |
46 | /** |
47 | * Check a session token | |
48 | */ | |
49 | public function testCheckToken() | |
50 | { | |
51 | $token = '4dccc3a45ad9d03e5542b90c37d8db6d10f2b38b'; | |
52 | $session = [ | |
53 | 'tokens' => [ | |
54 | $token => 1, | |
55 | ], | |
56 | ]; | |
dd883aaf | 57 | $sessionManager = new SessionManager($session, self::$conf); |
ae7c954b V |
58 | |
59 | // check and destroy the token | |
60 | $this->assertTrue($sessionManager->checkToken($token)); | |
61 | $this->assertFalse(isset($session['tokens'][$token])); | |
62 | ||
63 | // ensure the token has been destroyed | |
64 | $this->assertFalse($sessionManager->checkToken($token)); | |
65 | } | |
66 | ||
ebd650c0 V |
67 | /** |
68 | * Generate and check a session token | |
69 | */ | |
70 | public function testGenerateAndCheckToken() | |
71 | { | |
72 | $session = []; | |
dd883aaf | 73 | $sessionManager = new SessionManager($session, self::$conf); |
ebd650c0 V |
74 | |
75 | $token = $sessionManager->generateToken(); | |
76 | ||
77 | // ensure a token has been generated | |
78 | $this->assertEquals(1, $session['tokens'][$token]); | |
79 | $this->assertEquals(40, strlen($token)); | |
80 | ||
81 | // check and destroy the token | |
82 | $this->assertTrue($sessionManager->checkToken($token)); | |
83 | $this->assertFalse(isset($session['tokens'][$token])); | |
84 | ||
85 | // ensure the token has been destroyed | |
86 | $this->assertFalse($sessionManager->checkToken($token)); | |
87 | } | |
88 | ||
89 | /** | |
90 | * Check an invalid session token | |
91 | */ | |
92 | public function testCheckInvalidToken() | |
93 | { | |
94 | $session = []; | |
dd883aaf | 95 | $sessionManager = new SessionManager($session, self::$conf); |
ebd650c0 V |
96 | |
97 | $this->assertFalse($sessionManager->checkToken('4dccc3a45ad9d03e5542b90c37d8db6d10f2b38b')); | |
98 | } | |
fd7d8461 V |
99 | |
100 | /** | |
101 | * Test SessionManager::checkId with a valid ID - TEST ALL THE HASHES! | |
102 | * | |
103 | * This tests extensively covers all hash algorithms / bit representations | |
104 | */ | |
105 | public function testIsAnyHashSessionIdValid() | |
106 | { | |
107 | foreach (self::$sidHashes as $algo => $bpcs) { | |
108 | foreach ($bpcs as $bpc => $hash) { | |
109 | $this->assertTrue(SessionManager::checkId($hash)); | |
110 | } | |
111 | } | |
112 | } | |
113 | ||
114 | /** | |
115 | * Test checkId with a valid ID - SHA-1 hashes | |
116 | */ | |
117 | public function testIsSha1SessionIdValid() | |
118 | { | |
119 | $this->assertTrue(SessionManager::checkId(sha1('shaarli'))); | |
120 | } | |
121 | ||
122 | /** | |
123 | * Test checkId with a valid ID - SHA-256 hashes | |
124 | */ | |
125 | public function testIsSha256SessionIdValid() | |
126 | { | |
127 | $this->assertTrue(SessionManager::checkId(hash('sha256', 'shaarli'))); | |
128 | } | |
129 | ||
130 | /** | |
131 | * Test checkId with a valid ID - SHA-512 hashes | |
132 | */ | |
133 | public function testIsSha512SessionIdValid() | |
134 | { | |
135 | $this->assertTrue(SessionManager::checkId(hash('sha512', 'shaarli'))); | |
136 | } | |
137 | ||
138 | /** | |
139 | * Test checkId with invalid IDs. | |
140 | */ | |
141 | public function testIsSessionIdInvalid() | |
142 | { | |
143 | $this->assertFalse(SessionManager::checkId('')); | |
144 | $this->assertFalse(SessionManager::checkId([])); | |
145 | $this->assertFalse( | |
146 | SessionManager::checkId('c0ZqcWF3VFE2NmJBdm1HMVQ0ZHJ3UmZPbTFsNGhkNHI=') | |
147 | ); | |
148 | } | |
ebd650c0 | 149 | } |