aboutsummaryrefslogtreecommitdiffhomepage
path: root/tests/api/ApiUtilsTest.php
diff options
context:
space:
mode:
Diffstat (limited to 'tests/api/ApiUtilsTest.php')
-rw-r--r--tests/api/ApiUtilsTest.php76
1 files changed, 38 insertions, 38 deletions
diff --git a/tests/api/ApiUtilsTest.php b/tests/api/ApiUtilsTest.php
index 7efec9bb..7a143859 100644
--- a/tests/api/ApiUtilsTest.php
+++ b/tests/api/ApiUtilsTest.php
@@ -8,12 +8,12 @@ use Shaarli\Http\Base64Url;
8/** 8/**
9 * Class ApiUtilsTest 9 * Class ApiUtilsTest
10 */ 10 */
11class ApiUtilsTest extends \PHPUnit\Framework\TestCase 11class ApiUtilsTest extends \Shaarli\TestCase
12{ 12{
13 /** 13 /**
14 * Force the timezone for ISO datetimes. 14 * Force the timezone for ISO datetimes.
15 */ 15 */
16 public static function setUpBeforeClass() 16 public static function setUpBeforeClass(): void
17 { 17 {
18 date_default_timezone_set('UTC'); 18 date_default_timezone_set('UTC');
19 } 19 }
@@ -66,143 +66,143 @@ class ApiUtilsTest extends \PHPUnit\Framework\TestCase
66 66
67 /** 67 /**
68 * Test validateJwtToken() with a malformed JWT token. 68 * Test validateJwtToken() with a malformed JWT token.
69 *
70 * @expectedException \Shaarli\Api\Exceptions\ApiAuthorizationException
71 * @expectedExceptionMessage Malformed JWT token
72 */ 69 */
73 public function testValidateJwtTokenMalformed() 70 public function testValidateJwtTokenMalformed()
74 { 71 {
72 $this->expectException(\Shaarli\Api\Exceptions\ApiAuthorizationException::class);
73 $this->expectExceptionMessage('Malformed JWT token');
74
75 $token = 'ABC.DEF'; 75 $token = 'ABC.DEF';
76 ApiUtils::validateJwtToken($token, 'foo'); 76 ApiUtils::validateJwtToken($token, 'foo');
77 } 77 }
78 78
79 /** 79 /**
80 * Test validateJwtToken() with an empty JWT token. 80 * Test validateJwtToken() with an empty JWT token.
81 *
82 * @expectedException \Shaarli\Api\Exceptions\ApiAuthorizationException
83 * @expectedExceptionMessage Malformed JWT token
84 */ 81 */
85 public function testValidateJwtTokenMalformedEmpty() 82 public function testValidateJwtTokenMalformedEmpty()
86 { 83 {
84 $this->expectException(\Shaarli\Api\Exceptions\ApiAuthorizationException::class);
85 $this->expectExceptionMessage('Malformed JWT token');
86
87 $token = false; 87 $token = false;
88 ApiUtils::validateJwtToken($token, 'foo'); 88 ApiUtils::validateJwtToken($token, 'foo');
89 } 89 }
90 90
91 /** 91 /**
92 * Test validateJwtToken() with a JWT token without header. 92 * Test validateJwtToken() with a JWT token without header.
93 *
94 * @expectedException \Shaarli\Api\Exceptions\ApiAuthorizationException
95 * @expectedExceptionMessage Malformed JWT token
96 */ 93 */
97 public function testValidateJwtTokenMalformedEmptyHeader() 94 public function testValidateJwtTokenMalformedEmptyHeader()
98 { 95 {
96 $this->expectException(\Shaarli\Api\Exceptions\ApiAuthorizationException::class);
97 $this->expectExceptionMessage('Malformed JWT token');
98
99 $token = '.payload.signature'; 99 $token = '.payload.signature';
100 ApiUtils::validateJwtToken($token, 'foo'); 100 ApiUtils::validateJwtToken($token, 'foo');
101 } 101 }
102 102
103 /** 103 /**
104 * Test validateJwtToken() with a JWT token without payload 104 * Test validateJwtToken() with a JWT token without payload
105 *
106 * @expectedException \Shaarli\Api\Exceptions\ApiAuthorizationException
107 * @expectedExceptionMessage Malformed JWT token
108 */ 105 */
109 public function testValidateJwtTokenMalformedEmptyPayload() 106 public function testValidateJwtTokenMalformedEmptyPayload()
110 { 107 {
108 $this->expectException(\Shaarli\Api\Exceptions\ApiAuthorizationException::class);
109 $this->expectExceptionMessage('Malformed JWT token');
110
111 $token = 'header..signature'; 111 $token = 'header..signature';
112 ApiUtils::validateJwtToken($token, 'foo'); 112 ApiUtils::validateJwtToken($token, 'foo');
113 } 113 }
114 114
115 /** 115 /**
116 * Test validateJwtToken() with a JWT token with an empty signature. 116 * Test validateJwtToken() with a JWT token with an empty signature.
117 *
118 * @expectedException \Shaarli\Api\Exceptions\ApiAuthorizationException
119 * @expectedExceptionMessage Invalid JWT signature
120 */ 117 */
121 public function testValidateJwtTokenInvalidSignatureEmpty() 118 public function testValidateJwtTokenInvalidSignatureEmpty()
122 { 119 {
120 $this->expectException(\Shaarli\Api\Exceptions\ApiAuthorizationException::class);
121 $this->expectExceptionMessage('Invalid JWT signature');
122
123 $token = 'header.payload.'; 123 $token = 'header.payload.';
124 ApiUtils::validateJwtToken($token, 'foo'); 124 ApiUtils::validateJwtToken($token, 'foo');
125 } 125 }
126 126
127 /** 127 /**
128 * Test validateJwtToken() with a JWT token with an invalid signature. 128 * Test validateJwtToken() with a JWT token with an invalid signature.
129 *
130 * @expectedException \Shaarli\Api\Exceptions\ApiAuthorizationException
131 * @expectedExceptionMessage Invalid JWT signature
132 */ 129 */
133 public function testValidateJwtTokenInvalidSignature() 130 public function testValidateJwtTokenInvalidSignature()
134 { 131 {
132 $this->expectException(\Shaarli\Api\Exceptions\ApiAuthorizationException::class);
133 $this->expectExceptionMessage('Invalid JWT signature');
134
135 $token = 'header.payload.nope'; 135 $token = 'header.payload.nope';
136 ApiUtils::validateJwtToken($token, 'foo'); 136 ApiUtils::validateJwtToken($token, 'foo');
137 } 137 }
138 138
139 /** 139 /**
140 * Test validateJwtToken() with a JWT token with a signature generated with the wrong API secret. 140 * Test validateJwtToken() with a JWT token with a signature generated with the wrong API secret.
141 *
142 * @expectedException \Shaarli\Api\Exceptions\ApiAuthorizationException
143 * @expectedExceptionMessage Invalid JWT signature
144 */ 141 */
145 public function testValidateJwtTokenInvalidSignatureSecret() 142 public function testValidateJwtTokenInvalidSignatureSecret()
146 { 143 {
144 $this->expectException(\Shaarli\Api\Exceptions\ApiAuthorizationException::class);
145 $this->expectExceptionMessage('Invalid JWT signature');
146
147 ApiUtils::validateJwtToken(self::generateValidJwtToken('foo'), 'bar'); 147 ApiUtils::validateJwtToken(self::generateValidJwtToken('foo'), 'bar');
148 } 148 }
149 149
150 /** 150 /**
151 * Test validateJwtToken() with a JWT token with a an invalid header (not JSON). 151 * Test validateJwtToken() with a JWT token with a an invalid header (not JSON).
152 *
153 * @expectedException \Shaarli\Api\Exceptions\ApiAuthorizationException
154 * @expectedExceptionMessage Invalid JWT header
155 */ 152 */
156 public function testValidateJwtTokenInvalidHeader() 153 public function testValidateJwtTokenInvalidHeader()
157 { 154 {
155 $this->expectException(\Shaarli\Api\Exceptions\ApiAuthorizationException::class);
156 $this->expectExceptionMessage('Invalid JWT header');
157
158 $token = $this->generateCustomJwtToken('notJSON', '{"JSON":1}', 'secret'); 158 $token = $this->generateCustomJwtToken('notJSON', '{"JSON":1}', 'secret');
159 ApiUtils::validateJwtToken($token, 'secret'); 159 ApiUtils::validateJwtToken($token, 'secret');
160 } 160 }
161 161
162 /** 162 /**
163 * Test validateJwtToken() with a JWT token with a an invalid payload (not JSON). 163 * Test validateJwtToken() with a JWT token with a an invalid payload (not JSON).
164 *
165 * @expectedException \Shaarli\Api\Exceptions\ApiAuthorizationException
166 * @expectedExceptionMessage Invalid JWT payload
167 */ 164 */
168 public function testValidateJwtTokenInvalidPayload() 165 public function testValidateJwtTokenInvalidPayload()
169 { 166 {
167 $this->expectException(\Shaarli\Api\Exceptions\ApiAuthorizationException::class);
168 $this->expectExceptionMessage('Invalid JWT payload');
169
170 $token = $this->generateCustomJwtToken('{"JSON":1}', 'notJSON', 'secret'); 170 $token = $this->generateCustomJwtToken('{"JSON":1}', 'notJSON', 'secret');
171 ApiUtils::validateJwtToken($token, 'secret'); 171 ApiUtils::validateJwtToken($token, 'secret');
172 } 172 }
173 173
174 /** 174 /**
175 * Test validateJwtToken() with a JWT token without issued time. 175 * Test validateJwtToken() with a JWT token without issued time.
176 *
177 * @expectedException \Shaarli\Api\Exceptions\ApiAuthorizationException
178 * @expectedExceptionMessage Invalid JWT issued time
179 */ 176 */
180 public function testValidateJwtTokenInvalidTimeEmpty() 177 public function testValidateJwtTokenInvalidTimeEmpty()
181 { 178 {
179 $this->expectException(\Shaarli\Api\Exceptions\ApiAuthorizationException::class);
180 $this->expectExceptionMessage('Invalid JWT issued time');
181
182 $token = $this->generateCustomJwtToken('{"JSON":1}', '{"JSON":1}', 'secret'); 182 $token = $this->generateCustomJwtToken('{"JSON":1}', '{"JSON":1}', 'secret');
183 ApiUtils::validateJwtToken($token, 'secret'); 183 ApiUtils::validateJwtToken($token, 'secret');
184 } 184 }
185 185
186 /** 186 /**
187 * Test validateJwtToken() with an expired JWT token. 187 * Test validateJwtToken() with an expired JWT token.
188 *
189 * @expectedException \Shaarli\Api\Exceptions\ApiAuthorizationException
190 * @expectedExceptionMessage Invalid JWT issued time
191 */ 188 */
192 public function testValidateJwtTokenInvalidTimeExpired() 189 public function testValidateJwtTokenInvalidTimeExpired()
193 { 190 {
191 $this->expectException(\Shaarli\Api\Exceptions\ApiAuthorizationException::class);
192 $this->expectExceptionMessage('Invalid JWT issued time');
193
194 $token = $this->generateCustomJwtToken('{"JSON":1}', '{"iat":' . (time() - 600) . '}', 'secret'); 194 $token = $this->generateCustomJwtToken('{"JSON":1}', '{"iat":' . (time() - 600) . '}', 'secret');
195 ApiUtils::validateJwtToken($token, 'secret'); 195 ApiUtils::validateJwtToken($token, 'secret');
196 } 196 }
197 197
198 /** 198 /**
199 * Test validateJwtToken() with a JWT token issued in the future. 199 * Test validateJwtToken() with a JWT token issued in the future.
200 *
201 * @expectedException \Shaarli\Api\Exceptions\ApiAuthorizationException
202 * @expectedExceptionMessage Invalid JWT issued time
203 */ 200 */
204 public function testValidateJwtTokenInvalidTimeFuture() 201 public function testValidateJwtTokenInvalidTimeFuture()
205 { 202 {
203 $this->expectException(\Shaarli\Api\Exceptions\ApiAuthorizationException::class);
204 $this->expectExceptionMessage('Invalid JWT issued time');
205
206 $token = $this->generateCustomJwtToken('{"JSON":1}', '{"iat":' . (time() + 60) . '}', 'secret'); 206 $token = $this->generateCustomJwtToken('{"JSON":1}', '{"iat":' . (time() + 60) . '}', 'secret');
207 ApiUtils::validateJwtToken($token, 'secret'); 207 ApiUtils::validateJwtToken($token, 'secret');
208 } 208 }