src/Wallabag/CoreBundle/Tests/Controller/WallabagRestControllerTest.php

   1 <?php
   2
   3 namespace Wallabag\CoreBundle\Tests\Controller;
   4
   5 use Wallabag\CoreBundle\Tests\WallabagTestCase;
   6
   7 class WallabagRestControllerTest extends WallabagTestCase
   8 {
   9     /**
  10      * Generate HTTP headers for authenticate user on API
  11      *
  12      * @param $username
  13      * @param $password
  14      * @param $salt
  15      *
  16      * @return array
  17      */
  18     private function generateHeaders($username, $password, $salt)
  19     {
  20         $encryptedPassword = sha1($password.$username.$salt);
  21         $nonce = substr(md5(uniqid('nonce_', true)), 0, 16);
  22
  23         $now = new \DateTime('now', new \DateTimeZone('UTC'));
  24         $created = (string) $now->format('Y-m-d\TH:i:s\Z');
  25         $digest = base64_encode(sha1(base64_decode($nonce).$created.$encryptedPassword, true));
  26
  27         return array(
  28             'HTTP_AUTHORIZATION' => 'Authorization profile="UsernameToken"',
  29             'HTTP_x-wsse' => 'X-WSSE: UsernameToken Username="'.$username.'", PasswordDigest="'.$digest.'", Nonce="'.$nonce.'", Created="'.$created.'"',
  30         );
  31     }
  32
  33     public function testGetSalt()
  34     {
  35         $client = $this->createClient();
  36         $client->request('GET', '/api/salts/admin.json');
  37         $this->assertEquals(200, $client->getResponse()->getStatusCode());
  38         $this->assertNotEmpty(json_decode($client->getResponse()->getContent()));
  39
  40         $client->request('GET', '/api/salts/notfound.json');
  41         $this->assertEquals(404, $client->getResponse()->getStatusCode());
  42     }
  43
  44     public function testGetOneEntry()
  45     {
  46         $client = $this->createClient();
  47         $client->request('GET', '/api/salts/admin.json');
  48         $salt = json_decode($client->getResponse()->getContent());
  49
  50         $headers = $this->generateHeaders('admin', 'test', $salt[0]);
  51
  52         $entry = $client->getContainer()
  53             ->get('doctrine.orm.entity_manager')
  54             ->getRepository('WallabagCoreBundle:Entry')
  55             ->findOneByIsArchived(false);
  56
  57         if (!$entry) {
  58             $this->markTestSkipped('No content found in db.');
  59         }
  60
  61         $client->request('GET', '/api/entries/'.$entry->getId().'.json', array(), array(), $headers);
  62         $this->assertContains($entry->getTitle(), $client->getResponse()->getContent());
  63
  64         $this->assertTrue(
  65             $client->getResponse()->headers->contains(
  66                 'Content-Type',
  67                 'application/json'
  68             )
  69         );
  70
  71         // Now testing with bad headers
  72         $badHeaders = array(
  73             'HTTP_AUTHORIZATION' => 'Authorization profile="UsernameToken"',
  74             'HTTP_x-wsse' => 'X-WSSE: UsernameToken Username="admin", PasswordDigest="Wr0ngDig3st", Nonce="n0Nc3", Created="2015-01-01T13:37:00Z"',
  75         );
  76
  77         $client->request('GET', '/api/entries/'.$entry->getId().'.json', array(), array(), $badHeaders);
  78         $this->assertEquals(403, $client->getResponse()->getStatusCode());
  79     }
  80
  81     public function testGetEntries()
  82     {
  83         $client = $this->createClient();
  84         $client->request('GET', '/api/salts/admin.json');
  85         $salt = json_decode($client->getResponse()->getContent());
  86
  87         $headers = $this->generateHeaders('admin', 'test', $salt[0]);
  88
  89         $client->request('GET', '/api/entries', array(), array(), $headers);
  90         $this->assertContains('Mailjet', $client->getResponse()->getContent());
  91
  92         $this->assertTrue(
  93             $client->getResponse()->headers->contains(
  94                 'Content-Type',
  95                 'application/json'
  96             )
  97         );
  98     }
  99
 100     public function testDeleteEntry()
 101     {
 102         $client = $this->createClient();
 103         $client->request('GET', '/api/salts/admin.json');
 104         $salt = json_decode($client->getResponse()->getContent());
 105
 106         $headers = $this->generateHeaders('admin', 'test', $salt[0]);
 107
 108         $entry = $client->getContainer()
 109             ->get('doctrine.orm.entity_manager')
 110             ->getRepository('WallabagCoreBundle:Entry')
 111             ->findOneByIsDeleted(false);
 112
 113         if (!$entry) {
 114             $this->markTestSkipped('No content found in db.');
 115         }
 116
 117         $client->request('DELETE', '/api/entries/'.$entry->getId().'.json', array(), array(), $headers);
 118
 119         $this->assertEquals(200, $client->getResponse()->getStatusCode());
 120
 121         $res = $client->getContainer()
 122             ->get('doctrine.orm.entity_manager')
 123             ->getRepository('WallabagCoreBundle:Entry')
 124             ->findOneById($entry->getId());
 125         $this->assertEquals($res->isDeleted(), true);
 126     }
 127 }