2 require_once 'tests/utils/FakeConfigManager.php';
4 // Initialize reference data _before_ PHPUnit starts a session
5 require_once 'tests/utils/ReferenceSessionIdHashes.php';
6 ReferenceSessionIdHashes
::genAllHashes();
8 use \Shaarli\SessionManager
;
9 use \PHPUnit\Framework\TestCase
;
13 * Test coverage for SessionManager
15 class SessionManagerTest
extends TestCase
18 protected static $sidHashes = null;
21 protected static $conf = null;
24 * Assign reference data
26 public static function setUpBeforeClass()
28 self
::$sidHashes = ReferenceSessionIdHashes
::getHashes();
29 self
::$conf = new FakeConfigManager();
33 * Generate a session token
35 public function testGenerateToken()
38 $sessionManager = new SessionManager($session, self
::$conf);
40 $token = $sessionManager->generateToken();
42 $this->assertEquals(1, $session['tokens'][$token]);
43 $this->assertEquals(40, strlen($token));
47 * Check a session token
49 public function testCheckToken()
51 $token = '4dccc3a45ad9d03e5542b90c37d8db6d10f2b38b';
57 $sessionManager = new SessionManager($session, self
::$conf);
59 // check and destroy the token
60 $this->assertTrue($sessionManager->checkToken($token));
61 $this->assertFalse(isset($session['tokens'][$token]));
63 // ensure the token has been destroyed
64 $this->assertFalse($sessionManager->checkToken($token));
68 * Generate and check a session token
70 public function testGenerateAndCheckToken()
73 $sessionManager = new SessionManager($session, self
::$conf);
75 $token = $sessionManager->generateToken();
77 // ensure a token has been generated
78 $this->assertEquals(1, $session['tokens'][$token]);
79 $this->assertEquals(40, strlen($token));
81 // check and destroy the token
82 $this->assertTrue($sessionManager->checkToken($token));
83 $this->assertFalse(isset($session['tokens'][$token]));
85 // ensure the token has been destroyed
86 $this->assertFalse($sessionManager->checkToken($token));
90 * Check an invalid session token
92 public function testCheckInvalidToken()
95 $sessionManager = new SessionManager($session, self
::$conf);
97 $this->assertFalse($sessionManager->checkToken('4dccc3a45ad9d03e5542b90c37d8db6d10f2b38b'));
101 * Test SessionManager::checkId with a valid ID - TEST ALL THE HASHES!
103 * This tests extensively covers all hash algorithms / bit representations
105 public function testIsAnyHashSessionIdValid()
107 foreach (self
::$sidHashes as $algo => $bpcs) {
108 foreach ($bpcs as $bpc => $hash) {
109 $this->assertTrue(SessionManager
::checkId($hash));
115 * Test checkId with a valid ID - SHA-1 hashes
117 public function testIsSha1SessionIdValid()
119 $this->assertTrue(SessionManager
::checkId(sha1('shaarli')));
123 * Test checkId with a valid ID - SHA-256 hashes
125 public function testIsSha256SessionIdValid()
127 $this->assertTrue(SessionManager
::checkId(hash('sha256', 'shaarli')));
131 * Test checkId with a valid ID - SHA-512 hashes
133 public function testIsSha512SessionIdValid()
135 $this->assertTrue(SessionManager
::checkId(hash('sha512', 'shaarli')));
139 * Test checkId with invalid IDs.
141 public function testIsSessionIdInvalid()
143 $this->assertFalse(SessionManager
::checkId(''));
144 $this->assertFalse(SessionManager
::checkId([]));
146 SessionManager
::checkId('c0ZqcWF3VFE2NmJBdm1HMVQ0ZHJ3UmZPbTFsNGhkNHI=')