2 // Initialize reference data _before_ PHPUnit starts a session
3 require_once 'tests/utils/ReferenceSessionIdHashes.php';
4 ReferenceSessionIdHashes
::genAllHashes();
6 use \Shaarli\SessionManager
;
7 use \PHPUnit\Framework\TestCase
;
13 class FakeConfigManager
15 public static function get($key)
23 * Test coverage for SessionManager
25 class SessionManagerTest
extends TestCase
28 protected static $sidHashes = null;
31 * Assign reference data
33 public static function setUpBeforeClass()
35 self
::$sidHashes = ReferenceSessionIdHashes
::getHashes();
39 * Generate a session token
41 public function testGenerateToken()
44 $conf = new FakeConfigManager();
45 $sessionManager = new SessionManager($session, $conf);
47 $token = $sessionManager->generateToken();
49 $this->assertEquals(1, $session['tokens'][$token]);
50 $this->assertEquals(40, strlen($token));
54 * Check a session token
56 public function testCheckToken()
58 $token = '4dccc3a45ad9d03e5542b90c37d8db6d10f2b38b';
64 $conf = new FakeConfigManager();
65 $sessionManager = new SessionManager($session, $conf);
68 // check and destroy the token
69 $this->assertTrue($sessionManager->checkToken($token));
70 $this->assertFalse(isset($session['tokens'][$token]));
72 // ensure the token has been destroyed
73 $this->assertFalse($sessionManager->checkToken($token));
77 * Generate and check a session token
79 public function testGenerateAndCheckToken()
82 $conf = new FakeConfigManager();
83 $sessionManager = new SessionManager($session, $conf);
85 $token = $sessionManager->generateToken();
87 // ensure a token has been generated
88 $this->assertEquals(1, $session['tokens'][$token]);
89 $this->assertEquals(40, strlen($token));
91 // check and destroy the token
92 $this->assertTrue($sessionManager->checkToken($token));
93 $this->assertFalse(isset($session['tokens'][$token]));
95 // ensure the token has been destroyed
96 $this->assertFalse($sessionManager->checkToken($token));
100 * Check an invalid session token
102 public function testCheckInvalidToken()
105 $conf = new FakeConfigManager();
106 $sessionManager = new SessionManager($session, $conf);
108 $this->assertFalse($sessionManager->checkToken('4dccc3a45ad9d03e5542b90c37d8db6d10f2b38b'));
112 * Test SessionManager::checkId with a valid ID - TEST ALL THE HASHES!
114 * This tests extensively covers all hash algorithms / bit representations
116 public function testIsAnyHashSessionIdValid()
118 foreach (self
::$sidHashes as $algo => $bpcs) {
119 foreach ($bpcs as $bpc => $hash) {
120 $this->assertTrue(SessionManager
::checkId($hash));
126 * Test checkId with a valid ID - SHA-1 hashes
128 public function testIsSha1SessionIdValid()
130 $this->assertTrue(SessionManager
::checkId(sha1('shaarli')));
134 * Test checkId with a valid ID - SHA-256 hashes
136 public function testIsSha256SessionIdValid()
138 $this->assertTrue(SessionManager
::checkId(hash('sha256', 'shaarli')));
142 * Test checkId with a valid ID - SHA-512 hashes
144 public function testIsSha512SessionIdValid()
146 $this->assertTrue(SessionManager
::checkId(hash('sha512', 'shaarli')));
150 * Test checkId with invalid IDs.
152 public function testIsSessionIdInvalid()
154 $this->assertFalse(SessionManager
::checkId(''));
155 $this->assertFalse(SessionManager
::checkId([]));
157 SessionManager
::checkId('c0ZqcWF3VFE2NmJBdm1HMVQ0ZHJ3UmZPbTFsNGhkNHI=')