[github/shaarli/Shaarli.git] / tests / SessionManagerTest.php

<?php
// Initialize reference data _before_ PHPUnit starts a session
require_once 'tests/utils/ReferenceSessionIdHashes.php';
ReferenceSessionIdHashes::genAllHashes();

use \Shaarli\SessionManager;
use \PHPUnit\Framework\TestCase;


/**
 * Fake ConfigManager
 */
class FakeConfigManager
{
    public static function get($key)
    {
        return $key;
    }
}


/**
 * Test coverage for SessionManager
 */
class SessionManagerTest extends TestCase
{
    // Session ID hashes
    protected static $sidHashes = null;

    /**
     * Assign reference data
     */
    public static function setUpBeforeClass()
    {
        self::$sidHashes = ReferenceSessionIdHashes::getHashes();
    }

    /**
     * Generate a session token
     */
    public function testGenerateToken()
    {
        $session = [];
        $conf = new FakeConfigManager();
        $sessionManager = new SessionManager($session, $conf);

        $token = $sessionManager->generateToken();

        $this->assertEquals(1, $session['tokens'][$token]);
        $this->assertEquals(40, strlen($token));
    }

    /**
     * Generate and check a session token
     */
    public function testGenerateAndCheckToken()
    {
        $session = [];
        $conf = new FakeConfigManager();
        $sessionManager = new SessionManager($session, $conf);

        $token = $sessionManager->generateToken();

        // ensure a token has been generated
        $this->assertEquals(1, $session['tokens'][$token]);
        $this->assertEquals(40, strlen($token));

        // check and destroy the token
        $this->assertTrue($sessionManager->checkToken($token));
        $this->assertFalse(isset($session['tokens'][$token]));

        // ensure the token has been destroyed
        $this->assertFalse($sessionManager->checkToken($token));
    }

    /**
     * Check an invalid session token
     */
    public function testCheckInvalidToken()
    {
        $session = [];
        $conf = new FakeConfigManager();
        $sessionManager = new SessionManager($session, $conf);

        $this->assertFalse($sessionManager->checkToken('4dccc3a45ad9d03e5542b90c37d8db6d10f2b38b'));
    }

    /**
     * Test SessionManager::checkId with a valid ID - TEST ALL THE HASHES!
     *
     * This tests extensively covers all hash algorithms / bit representations
     */
    public function testIsAnyHashSessionIdValid()
    {
        foreach (self::$sidHashes as $algo => $bpcs) {
            foreach ($bpcs as $bpc => $hash) {
                $this->assertTrue(SessionManager::checkId($hash));
            }
        }
    }

    /**
     * Test checkId with a valid ID - SHA-1 hashes
     */
    public function testIsSha1SessionIdValid()
    {
        $this->assertTrue(SessionManager::checkId(sha1('shaarli')));
    }

    /**
     * Test checkId with a valid ID - SHA-256 hashes
     */
    public function testIsSha256SessionIdValid()
    {
        $this->assertTrue(SessionManager::checkId(hash('sha256', 'shaarli')));
    }

    /**
     * Test checkId with a valid ID - SHA-512 hashes
     */
    public function testIsSha512SessionIdValid()
    {
        $this->assertTrue(SessionManager::checkId(hash('sha512', 'shaarli')));
    }

    /**
     * Test checkId with invalid IDs.
     */
    public function testIsSessionIdInvalid()
    {
        $this->assertFalse(SessionManager::checkId(''));
        $this->assertFalse(SessionManager::checkId([]));
        $this->assertFalse(
            SessionManager::checkId('c0ZqcWF3VFE2NmJBdm1HMVQ0ZHJ3UmZPbTFsNGhkNHI=')
        );
    }
}
Commit	Line	Data
ebd650c0	1	<?php
fd7d8461 V	2	// Initialize reference data _before_ PHPUnit starts a session
	3	require_once 'tests/utils/ReferenceSessionIdHashes.php';
	4	ReferenceSessionIdHashes::genAllHashes();
ebd650c0	5
fd7d8461	6	use \Shaarli\SessionManager;
ebd650c0 V	7	use \PHPUnit\Framework\TestCase;
ebd650c0 V	8
fd7d8461	9
ebd650c0 V	10	/**
	11	* Fake ConfigManager
	12	*/
	13	class FakeConfigManager
	14	{
	15	public static function get($key)
	16	{
	17	return $key;
	18	}
	19	}
	20
	21
	22	/**
	23	* Test coverage for SessionManager
	24	*/
	25	class SessionManagerTest extends TestCase
	26	{
fd7d8461 V	27	// Session ID hashes
	28	protected static $sidHashes = null;
	29
	30	/**
	31	* Assign reference data
	32	*/
	33	public static function setUpBeforeClass()
	34	{
	35	self::$sidHashes = ReferenceSessionIdHashes::getHashes();
	36	}
	37
ebd650c0 V	38	/**
	39	* Generate a session token
	40	*/
	41	public function testGenerateToken()
	42	{
	43	$session = [];
	44	$conf = new FakeConfigManager();
	45	$sessionManager = new SessionManager($session, $conf);
	46
	47	$token = $sessionManager->generateToken();
	48
	49	$this->assertEquals(1, $session['tokens'][$token]);
	50	$this->assertEquals(40, strlen($token));
	51	}
	52
	53	/**
	54	* Generate and check a session token
	55	*/
	56	public function testGenerateAndCheckToken()
	57	{
	58	$session = [];
	59	$conf = new FakeConfigManager();
	60	$sessionManager = new SessionManager($session, $conf);
	61
	62	$token = $sessionManager->generateToken();
	63
	64	// ensure a token has been generated
	65	$this->assertEquals(1, $session['tokens'][$token]);
	66	$this->assertEquals(40, strlen($token));
	67
	68	// check and destroy the token
	69	$this->assertTrue($sessionManager->checkToken($token));
	70	$this->assertFalse(isset($session['tokens'][$token]));
	71
	72	// ensure the token has been destroyed
	73	$this->assertFalse($sessionManager->checkToken($token));
	74	}
	75
	76	/**
	77	* Check an invalid session token
	78	*/
	79	public function testCheckInvalidToken()
	80	{
	81	$session = [];
	82	$conf = new FakeConfigManager();
	83	$sessionManager = new SessionManager($session, $conf);
	84
	85	$this->assertFalse($sessionManager->checkToken('4dccc3a45ad9d03e5542b90c37d8db6d10f2b38b'));
	86	}
fd7d8461 V	87
	88	/**
	89	* Test SessionManager::checkId with a valid ID - TEST ALL THE HASHES!
	90	*
	91	* This tests extensively covers all hash algorithms / bit representations
	92	*/
	93	public function testIsAnyHashSessionIdValid()
	94	{
	95	foreach (self::$sidHashes as $algo => $bpcs) {
	96	foreach ($bpcs as $bpc => $hash) {
	97	$this->assertTrue(SessionManager::checkId($hash));
	98	}
	99	}
	100	}
	101
	102	/**
	103	* Test checkId with a valid ID - SHA-1 hashes
	104	*/
	105	public function testIsSha1SessionIdValid()
	106	{
	107	$this->assertTrue(SessionManager::checkId(sha1('shaarli')));
	108	}
	109
	110	/**
	111	* Test checkId with a valid ID - SHA-256 hashes
	112	*/
	113	public function testIsSha256SessionIdValid()
	114	{
	115	$this->assertTrue(SessionManager::checkId(hash('sha256', 'shaarli')));
	116	}
	117
	118	/**
	119	* Test checkId with a valid ID - SHA-512 hashes
	120	*/
	121	public function testIsSha512SessionIdValid()
	122	{
	123	$this->assertTrue(SessionManager::checkId(hash('sha512', 'shaarli')));
	124	}
	125
	126	/**
	127	* Test checkId with invalid IDs.
	128	*/
	129	public function testIsSessionIdInvalid()
	130	{
	131	$this->assertFalse(SessionManager::checkId(''));
	132	$this->assertFalse(SessionManager::checkId([]));
	133	$this->assertFalse(
	134	SessionManager::checkId('c0ZqcWF3VFE2NmJBdm1HMVQ0ZHJ3UmZPbTFsNGhkNHI=')
	135	);
	136	}
ebd650c0	137	}