Move session ID check to SessionManager

Relates to https://github.com/shaarli/Shaarli/issues/324 Changed: - `is_session_id_valid()` -> `SessionManager::checkId()` - update tests Signed-off-by: VirtualTam <virtualtam@flibidi.net>
author: VirtualTam <virtualtam@flibidi.net> 2017-10-22 19:54:44 +0200
committer: VirtualTam <virtualtam@flibidi.net> 2017-10-22 19:54:44 +0200
commit: fd7d84616d53486c3a276a42da869390e1d7f5eb (patch)
tree: 215f22ad244d734d77c3dd4a38f52da689fa6dd7 /tests/SessionManagerTest.php
parent: ebd650c06c67a67da2a0d099f625b6a7ec62ab2b (diff)
download: Shaarli-fd7d84616d53486c3a276a42da869390e1d7f5eb.tar.gz
Shaarli-fd7d84616d53486c3a276a42da869390e1d7f5eb.tar.zst
Shaarli-fd7d84616d53486c3a276a42da869390e1d7f5eb.zip
1 files changed, 66 insertions, 1 deletions
diff --git a/tests/SessionManagerTest.php b/tests/SessionManagerTest.php
index 3a270303..9fa60dc5 100644
--- a/tests/SessionManagerTest.php
+++ b/tests/SessionManagerTest.php
@@ -1,8 +1,12 @@
 <?php
-namespace Shaarli;
+// Initialize reference data _before_ PHPUnit starts a session
+require_once 'tests/utils/ReferenceSessionIdHashes.php';
+ReferenceSessionIdHashes::genAllHashes();
+use \Shaarli\SessionManager;
 use \PHPUnit\Framework\TestCase;
 /**
 * Fake ConfigManager
 */
@@ -20,6 +24,17 @@ class FakeConfigManager
 */
 class SessionManagerTest extends TestCase
 {
+    // Session ID hashes
+    protected static $sidHashes = null;
+    /**
+     * Assign reference data
+     */
+    public static function setUpBeforeClass()
+    {
+        self::$sidHashes = ReferenceSessionIdHashes::getHashes();
+    }
    /**
     * Generate a session token
     */
@@ -69,4 +84,54 @@ class SessionManagerTest extends TestCase
        $this->assertFalse($sessionManager->checkToken('4dccc3a45ad9d03e5542b90c37d8db6d10f2b38b'));
    }
+    /**
+     * Test SessionManager::checkId with a valid ID - TEST ALL THE HASHES!
+     *
+     * This tests extensively covers all hash algorithms / bit representations
+     */
+    public function testIsAnyHashSessionIdValid()
+    {
+        foreach (self::$sidHashes as $algo => $bpcs) {
+            foreach ($bpcs as $bpc => $hash) {
+                $this->assertTrue(SessionManager::checkId($hash));
+            }
+        }
+    }
+    /**
+     * Test checkId with a valid ID - SHA-1 hashes
+     */
+    public function testIsSha1SessionIdValid()
+    {
+        $this->assertTrue(SessionManager::checkId(sha1('shaarli')));
+    }
+    /**
+     * Test checkId with a valid ID - SHA-256 hashes
+     */
+    public function testIsSha256SessionIdValid()
+    {
+        $this->assertTrue(SessionManager::checkId(hash('sha256', 'shaarli')));
+    }
+    /**
+     * Test checkId with a valid ID - SHA-512 hashes
+     */
+    public function testIsSha512SessionIdValid()
+    {
+        $this->assertTrue(SessionManager::checkId(hash('sha512', 'shaarli')));
+    }
+    /**
+     * Test checkId with invalid IDs.
+     */
+    public function testIsSessionIdInvalid()
+    {
+        $this->assertFalse(SessionManager::checkId(''));
+        $this->assertFalse(SessionManager::checkId([]));
+        $this->assertFalse(
+            SessionManager::checkId('c0ZqcWF3VFE2NmJBdm1HMVQ0ZHJ3UmZPbTFsNGhkNHI=')
+        );
+    }
 }
author	VirtualTam <virtualtam@flibidi.net>	2017-10-22 19:54:44 +0200
committer	VirtualTam <virtualtam@flibidi.net>	2017-10-22 19:54:44 +0200
commit	fd7d84616d53486c3a276a42da869390e1d7f5eb (patch)
tree	215f22ad244d734d77c3dd4a38f52da689fa6dd7 /tests/SessionManagerTest.php
parent	ebd650c06c67a67da2a0d099f625b6a7ec62ab2b (diff)
download	Shaarli-fd7d84616d53486c3a276a42da869390e1d7f5eb.tar.gz Shaarli-fd7d84616d53486c3a276a42da869390e1d7f5eb.tar.zst Shaarli-fd7d84616d53486c3a276a42da869390e1d7f5eb.zip

diff --git a/tests/SessionManagerTest.php b/tests/SessionManagerTest.php index 3a270303..9fa60dc5 100644 --- a/tests/SessionManagerTest.php +++ b/tests/SessionManagerTest.php
@@ -1,8 +1,12 @@
1	<?php	1	<?php
2	namespace Shaarli;	2	// Initialize reference data _before_ PHPUnit starts a session
		3	require_once 'tests/utils/ReferenceSessionIdHashes.php';
		4	ReferenceSessionIdHashes::genAllHashes();
3		5
		6	use \Shaarli\SessionManager;
4	use \PHPUnit\Framework\TestCase;	7	use \PHPUnit\Framework\TestCase;
5		8
		9
6	/**	10	/**
7	* Fake ConfigManager	11	* Fake ConfigManager
8	*/	12	*/
@@ -20,6 +24,17 @@ class FakeConfigManager
20	*/	24	*/
21	class SessionManagerTest extends TestCase	25	class SessionManagerTest extends TestCase
22	{	26	{
		27	// Session ID hashes
		28	protected static $sidHashes = null;
		29
		30	/**
		31	* Assign reference data
		32	*/
		33	public static function setUpBeforeClass()
		34	{
		35	self::$sidHashes = ReferenceSessionIdHashes::getHashes();
		36	}
		37
23	/**	38	/**
24	* Generate a session token	39	* Generate a session token
25	*/	40	*/
@@ -69,4 +84,54 @@ class SessionManagerTest extends TestCase
69		84
70	$this->assertFalse($sessionManager->checkToken('4dccc3a45ad9d03e5542b90c37d8db6d10f2b38b'));	85	$this->assertFalse($sessionManager->checkToken('4dccc3a45ad9d03e5542b90c37d8db6d10f2b38b'));
71	}	86	}
		87
		88	/**
		89	* Test SessionManager::checkId with a valid ID - TEST ALL THE HASHES!
		90	*
		91	* This tests extensively covers all hash algorithms / bit representations
		92	*/
		93	public function testIsAnyHashSessionIdValid()
		94	{
		95	foreach (self::$sidHashes as $algo => $bpcs) {
		96	foreach ($bpcs as $bpc => $hash) {
		97	$this->assertTrue(SessionManager::checkId($hash));
		98	}
		99	}
		100	}
		101
		102	/**
		103	* Test checkId with a valid ID - SHA-1 hashes
		104	*/
		105	public function testIsSha1SessionIdValid()
		106	{
		107	$this->assertTrue(SessionManager::checkId(sha1('shaarli')));
		108	}
		109
		110	/**
		111	* Test checkId with a valid ID - SHA-256 hashes
		112	*/
		113	public function testIsSha256SessionIdValid()
		114	{
		115	$this->assertTrue(SessionManager::checkId(hash('sha256', 'shaarli')));
		116	}
		117
		118	/**
		119	* Test checkId with a valid ID - SHA-512 hashes
		120	*/
		121	public function testIsSha512SessionIdValid()
		122	{
		123	$this->assertTrue(SessionManager::checkId(hash('sha512', 'shaarli')));
		124	}
		125
		126	/**
		127	* Test checkId with invalid IDs.
		128	*/
		129	public function testIsSessionIdInvalid()
		130	{
		131	$this->assertFalse(SessionManager::checkId(''));
		132	$this->assertFalse(SessionManager::checkId([]));
		133	$this->assertFalse(
		134	SessionManager::checkId('c0ZqcWF3VFE2NmJBdm1HMVQ0ZHJ3UmZPbTFsNGhkNHI=')
		135	);
		136	}
72	}	137	}