2022-01-22 15:24:03 -05:00
|
|
|
<?php
|
|
|
|
/**
|
2023-01-01 09:36:24 -05:00
|
|
|
* @copyright Copyright (C) 2010-2023, the Friendica project
|
2022-01-22 15:24:03 -05:00
|
|
|
*
|
|
|
|
* @license GNU AGPL version 3 or any later version
|
|
|
|
*
|
|
|
|
* This program is free software: you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU Affero General Public License as
|
|
|
|
* published by the Free Software Foundation, either version 3 of the
|
|
|
|
* License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU Affero General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU Affero General Public License
|
|
|
|
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
|
|
|
namespace Friendica\Test\src\Security;
|
|
|
|
|
|
|
|
use Friendica\Security\BasicAuth;
|
|
|
|
use Friendica\Test\src\Module\Api\ApiTest;
|
|
|
|
|
|
|
|
class BasicAuthTest extends ApiTest
|
|
|
|
{
|
|
|
|
/**
|
|
|
|
* Test the api_source() function.
|
|
|
|
*
|
|
|
|
* @return void
|
|
|
|
*/
|
|
|
|
public function testApiSource()
|
|
|
|
{
|
|
|
|
self::assertEquals('api', BasicAuth::getCurrentApplicationToken()['name']);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Test the api_source() function with a Twidere user agent.
|
|
|
|
*
|
|
|
|
* @return void
|
|
|
|
*/
|
|
|
|
public function testApiSourceWithTwidere()
|
|
|
|
{
|
|
|
|
$_SERVER['HTTP_USER_AGENT'] = 'Twidere';
|
|
|
|
self::assertEquals('Twidere', BasicAuth::getCurrentApplicationToken()['name']);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Test the api_source() function with a GET parameter.
|
|
|
|
*
|
|
|
|
* @return void
|
|
|
|
*/
|
|
|
|
public function testApiSourceWithGet()
|
|
|
|
{
|
|
|
|
$_REQUEST['source'] = 'source_name';
|
|
|
|
self::assertEquals('source_name', BasicAuth::getCurrentApplicationToken()['name']);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Test the BasicAuth::getCurrentUserID() function without any login.
|
|
|
|
*/
|
|
|
|
public function testApiLoginWithoutLogin()
|
|
|
|
{
|
|
|
|
self::markTestIncomplete('Needs Refactoring of BasicAuth first.');
|
|
|
|
/*
|
|
|
|
BasicAuth::setCurrentUserID();
|
|
|
|
$this->expectException(\Friendica\Network\HTTPException\UnauthorizedException::class);
|
|
|
|
BasicAuth::getCurrentUserID(true);
|
|
|
|
*/
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Test the BasicAuth::getCurrentUserID() function with a bad login.
|
|
|
|
*/
|
|
|
|
public function testApiLoginWithBadLogin()
|
|
|
|
{
|
|
|
|
self::markTestIncomplete('Needs Refactoring of BasicAuth first.');
|
|
|
|
/*
|
|
|
|
BasicAuth::setCurrentUserID();
|
|
|
|
$this->expectException(\Friendica\Network\HTTPException\UnauthorizedException::class);
|
|
|
|
$_SERVER['PHP_AUTH_USER'] = 'user@server';
|
|
|
|
BasicAuth::getCurrentUserID(true);
|
|
|
|
*/
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Test the BasicAuth::getCurrentUserID() function with a correct login.
|
|
|
|
*/
|
|
|
|
public function testApiLoginWithCorrectLogin()
|
|
|
|
{
|
|
|
|
BasicAuth::setCurrentUserID();
|
|
|
|
$_SERVER['PHP_AUTH_USER'] = 'Test user';
|
|
|
|
$_SERVER['PHP_AUTH_PW'] = 'password';
|
|
|
|
self::assertEquals(parent::SELF_USER['id'], BasicAuth::getCurrentUserID(true));
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Test the BasicAuth::getCurrentUserID() function with a remote user.
|
|
|
|
*/
|
|
|
|
public function testApiLoginWithRemoteUser()
|
|
|
|
{
|
|
|
|
self::markTestIncomplete('Needs Refactoring of BasicAuth first.');
|
|
|
|
/*
|
|
|
|
BasicAuth::setCurrentUserID();
|
|
|
|
$this->expectException(\Friendica\Network\HTTPException\UnauthorizedException::class);
|
|
|
|
$_SERVER['REDIRECT_REMOTE_USER'] = '123456dXNlcjpwYXNzd29yZA==';
|
|
|
|
BasicAuth::getCurrentUserID(true);
|
|
|
|
*/
|
|
|
|
}
|
|
|
|
}
|