diff options
Diffstat (limited to 'src/Wallabag')
-rw-r--r-- | src/Wallabag/CoreBundle/Tests/Controller/WallabagRestControllerTest.php | 57 |
1 files changed, 43 insertions, 14 deletions
diff --git a/src/Wallabag/CoreBundle/Tests/Controller/WallabagRestControllerTest.php b/src/Wallabag/CoreBundle/Tests/Controller/WallabagRestControllerTest.php index 274a816f..1240844b 100644 --- a/src/Wallabag/CoreBundle/Tests/Controller/WallabagRestControllerTest.php +++ b/src/Wallabag/CoreBundle/Tests/Controller/WallabagRestControllerTest.php | |||
@@ -6,6 +6,31 @@ use Symfony\Bundle\FrameworkBundle\Test\WebTestCase; | |||
6 | 6 | ||
7 | class WallabagRestControllerTest extends WebTestCase | 7 | class WallabagRestControllerTest extends WebTestCase |
8 | { | 8 | { |
9 | /** | ||
10 | * Generate HTTP headers for authenticate user on API | ||
11 | * | ||
12 | * @param $username | ||
13 | * @param $password | ||
14 | * @param $salt | ||
15 | * | ||
16 | * @return array | ||
17 | */ | ||
18 | private function generateHeaders($username, $password, $salt) | ||
19 | { | ||
20 | $encryptedPassword = sha1($password.$username.$salt); | ||
21 | $nonce = substr(md5(uniqid('nonce_', true)), 0, 16); | ||
22 | |||
23 | $now = new \DateTime('now', new \DateTimeZone('UTC')); | ||
24 | $created = (string) $now->format('Y-m-d\TH:i:s\Z'); | ||
25 | $digest = base64_encode(sha1(base64_decode($nonce).$created.$encryptedPassword, true)); | ||
26 | |||
27 | return array( | ||
28 | 'PHP_AUTH_USER' => 'username', | ||
29 | 'HTTP_AUTHORIZATION' => 'Authorization profile="UsernameToken"', | ||
30 | 'HTTP_x-wsse' => 'X-WSSE: UsernameToken Username="'.$username.'", PasswordDigest="'.$digest.'", Nonce="'.$nonce.'", Created="'.$created.'"', | ||
31 | ); | ||
32 | } | ||
33 | |||
9 | public function testGetSalt() | 34 | public function testGetSalt() |
10 | { | 35 | { |
11 | $client = $this->createClient(); | 36 | $client = $this->createClient(); |
@@ -16,28 +41,32 @@ class WallabagRestControllerTest extends WebTestCase | |||
16 | $this->assertEquals(404, $client->getResponse()->getStatusCode()); | 41 | $this->assertEquals(404, $client->getResponse()->getStatusCode()); |
17 | } | 42 | } |
18 | 43 | ||
19 | public function testGetEntries() | 44 | public function testGetOneEntry() |
20 | { | 45 | { |
21 | $client = $this->createClient(); | 46 | $client = $this->createClient(); |
22 | $client->request('GET', '/api/salts/admin.json'); | 47 | $client->request('GET', '/api/salts/admin.json'); |
23 | $content = json_decode($client->getResponse()->getContent()); | 48 | $content = json_decode($client->getResponse()->getContent()); |
24 | $salt = $content[0]; | ||
25 | 49 | ||
26 | $username = 'admin'; | 50 | $headers = $this->generateHeaders('admin', 'test', $content[0]); |
27 | $password = 'test'; | ||
28 | 51 | ||
29 | $encryptedPassword = sha1($password.$username.$salt); | 52 | $client->request('GET', '/api/entries/1.json', array(), array(), $headers); |
30 | $nonce = substr(md5(uniqid('nonce_', true)), 0, 16); | 53 | $this->assertContains('This is my content', $client->getResponse()->getContent()); |
31 | 54 | ||
32 | $now = new \DateTime('now', new \DateTimeZone('UTC')); | 55 | $this->assertTrue( |
33 | $created = (string) $now->format('Y-m-d\TH:i:s\Z'); | 56 | $client->getResponse()->headers->contains( |
34 | $digest = base64_encode(sha1(base64_decode($nonce).$created.$encryptedPassword, true)); | 57 | 'Content-Type', |
35 | 58 | 'application/json' | |
36 | $headers = array( | 59 | ) |
37 | 'PHP_AUTH_USER' => 'username', | ||
38 | 'HTTP_AUTHORIZATION' => 'Authorization profile="UsernameToken"', | ||
39 | 'HTTP_x-wsse' => 'X-WSSE: UsernameToken Username="'.$username.'", PasswordDigest="'.$digest.'", Nonce="'.$nonce.'", Created="'.$created.'"', | ||
40 | ); | 60 | ); |
61 | } | ||
62 | |||
63 | public function testGetEntries() | ||
64 | { | ||
65 | $client = $this->createClient(); | ||
66 | $client->request('GET', '/api/salts/admin.json'); | ||
67 | $content = json_decode($client->getResponse()->getContent()); | ||
68 | |||
69 | $headers = $this->generateHeaders('admin', 'test', $content[0]); | ||
41 | 70 | ||
42 | $client->request('GET', '/api/entries', array(), array(), $headers); | 71 | $client->request('GET', '/api/entries', array(), array(), $headers); |
43 | $this->assertContains('Mailjet', $client->getResponse()->getContent()); | 72 | $this->assertContains('Mailjet', $client->getResponse()->getContent()); |