2 // Initialize reference data _before_ PHPUnit starts a session
3 require_once 'tests/utils/ReferenceSessionIdHashes.php';
4 ReferenceSessionIdHashes
::genAllHashes();
6 use \Shaarli\SessionManager
;
7 use \PHPUnit\Framework\TestCase
;
13 class FakeConfigManager
15 public static function get($key)
23 * Test coverage for SessionManager
25 class SessionManagerTest
extends TestCase
28 protected static $sidHashes = null;
31 * Assign reference data
33 public static function setUpBeforeClass()
35 self
::$sidHashes = ReferenceSessionIdHashes
::getHashes();
39 * Generate a session token
41 public function testGenerateToken()
44 $conf = new FakeConfigManager();
45 $sessionManager = new SessionManager($session, $conf);
47 $token = $sessionManager->generateToken();
49 $this->assertEquals(1, $session['tokens'][$token]);
50 $this->assertEquals(40, strlen($token));
54 * Generate and check a session token
56 public function testGenerateAndCheckToken()
59 $conf = new FakeConfigManager();
60 $sessionManager = new SessionManager($session, $conf);
62 $token = $sessionManager->generateToken();
64 // ensure a token has been generated
65 $this->assertEquals(1, $session['tokens'][$token]);
66 $this->assertEquals(40, strlen($token));
68 // check and destroy the token
69 $this->assertTrue($sessionManager->checkToken($token));
70 $this->assertFalse(isset($session['tokens'][$token]));
72 // ensure the token has been destroyed
73 $this->assertFalse($sessionManager->checkToken($token));
77 * Check an invalid session token
79 public function testCheckInvalidToken()
82 $conf = new FakeConfigManager();
83 $sessionManager = new SessionManager($session, $conf);
85 $this->assertFalse($sessionManager->checkToken('4dccc3a45ad9d03e5542b90c37d8db6d10f2b38b'));
89 * Test SessionManager::checkId with a valid ID - TEST ALL THE HASHES!
91 * This tests extensively covers all hash algorithms / bit representations
93 public function testIsAnyHashSessionIdValid()
95 foreach (self
::$sidHashes as $algo => $bpcs) {
96 foreach ($bpcs as $bpc => $hash) {
97 $this->assertTrue(SessionManager
::checkId($hash));
103 * Test checkId with a valid ID - SHA-1 hashes
105 public function testIsSha1SessionIdValid()
107 $this->assertTrue(SessionManager
::checkId(sha1('shaarli')));
111 * Test checkId with a valid ID - SHA-256 hashes
113 public function testIsSha256SessionIdValid()
115 $this->assertTrue(SessionManager
::checkId(hash('sha256', 'shaarli')));
119 * Test checkId with a valid ID - SHA-512 hashes
121 public function testIsSha512SessionIdValid()
123 $this->assertTrue(SessionManager
::checkId(hash('sha512', 'shaarli')));
127 * Test checkId with invalid IDs.
129 public function testIsSessionIdInvalid()
131 $this->assertFalse(SessionManager
::checkId(''));
132 $this->assertFalse(SessionManager
::checkId([]));
134 SessionManager
::checkId('c0ZqcWF3VFE2NmJBdm1HMVQ0ZHJ3UmZPbTFsNGhkNHI=')