* * For the full copyright and license information, please view the LICENSE * file that was distributed with this source code. */ namespace Symfony\Component\HttpFoundation\Tests; use PHPUnit\Framework\TestCase; use Symfony\Component\HttpFoundation\ServerBag; /** * ServerBagTest. * * @author Bulat Shakirzyanov */ class ServerBagTest extends TestCase { public function testShouldExtractHeadersFromServerArray() { $server = array( 'SOME_SERVER_VARIABLE' => 'value', 'SOME_SERVER_VARIABLE2' => 'value', 'ROOT' => 'value', 'HTTP_CONTENT_TYPE' => 'text/html', 'HTTP_CONTENT_LENGTH' => '0', 'HTTP_ETAG' => 'asdf', 'PHP_AUTH_USER' => 'foo', 'PHP_AUTH_PW' => 'bar', ); $bag = new ServerBag($server); $this->assertEquals(array( 'CONTENT_TYPE' => 'text/html', 'CONTENT_LENGTH' => '0', 'ETAG' => 'asdf', 'AUTHORIZATION' => 'Basic '.base64_encode('foo:bar'), 'PHP_AUTH_USER' => 'foo', 'PHP_AUTH_PW' => 'bar', ), $bag->getHeaders()); } public function testHttpPasswordIsOptional() { $bag = new ServerBag(array('PHP_AUTH_USER' => 'foo')); $this->assertEquals(array( 'AUTHORIZATION' => 'Basic '.base64_encode('foo:'), 'PHP_AUTH_USER' => 'foo', 'PHP_AUTH_PW' => '', ), $bag->getHeaders()); } public function testHttpBasicAuthWithPhpCgi() { $bag = new ServerBag(array('HTTP_AUTHORIZATION' => 'Basic '.base64_encode('foo:bar'))); $this->assertEquals(array( 'AUTHORIZATION' => 'Basic '.base64_encode('foo:bar'), 'PHP_AUTH_USER' => 'foo', 'PHP_AUTH_PW' => 'bar', ), $bag->getHeaders()); } public function testHttpBasicAuthWithPhpCgiBogus() { $bag = new ServerBag(array('HTTP_AUTHORIZATION' => 'Basic_'.base64_encode('foo:bar'))); // Username and passwords should not be set as the header is bogus $headers = $bag->getHeaders(); $this->assertArrayNotHasKey('PHP_AUTH_USER', $headers); $this->assertArrayNotHasKey('PHP_AUTH_PW', $headers); } public function testHttpBasicAuthWithPhpCgiRedirect() { $bag = new ServerBag(array('REDIRECT_HTTP_AUTHORIZATION' => 'Basic '.base64_encode('username:pass:word'))); $this->assertEquals(array( 'AUTHORIZATION' => 'Basic '.base64_encode('username:pass:word'), 'PHP_AUTH_USER' => 'username', 'PHP_AUTH_PW' => 'pass:word', ), $bag->getHeaders()); } public function testHttpBasicAuthWithPhpCgiEmptyPassword() { $bag = new ServerBag(array('HTTP_AUTHORIZATION' => 'Basic '.base64_encode('foo:'))); $this->assertEquals(array( 'AUTHORIZATION' => 'Basic '.base64_encode('foo:'), 'PHP_AUTH_USER' => 'foo', 'PHP_AUTH_PW' => '', ), $bag->getHeaders()); } public function testHttpDigestAuthWithPhpCgi() { $digest = 'Digest username="foo", realm="acme", nonce="'.md5('secret').'", uri="/protected, qop="auth"'; $bag = new ServerBag(array('HTTP_AUTHORIZATION' => $digest)); $this->assertEquals(array( 'AUTHORIZATION' => $digest, 'PHP_AUTH_DIGEST' => $digest, ), $bag->getHeaders()); } public function testHttpDigestAuthWithPhpCgiBogus() { $digest = 'Digest_username="foo", realm="acme", nonce="'.md5('secret').'", uri="/protected, qop="auth"'; $bag = new ServerBag(array('HTTP_AUTHORIZATION' => $digest)); // Username and passwords should not be set as the header is bogus $headers = $bag->getHeaders(); $this->assertArrayNotHasKey('PHP_AUTH_USER', $headers); $this->assertArrayNotHasKey('PHP_AUTH_PW', $headers); } public function testHttpDigestAuthWithPhpCgiRedirect() { $digest = 'Digest username="foo", realm="acme", nonce="'.md5('secret').'", uri="/protected, qop="auth"'; $bag = new ServerBag(array('REDIRECT_HTTP_AUTHORIZATION' => $digest)); $this->assertEquals(array( 'AUTHORIZATION' => $digest, 'PHP_AUTH_DIGEST' => $digest, ), $bag->getHeaders()); } public function testOAuthBearerAuth() { $headerContent = 'Bearer L-yLEOr9zhmUYRkzN1jwwxwQ-PBNiKDc8dgfB4hTfvo'; $bag = new ServerBag(array('HTTP_AUTHORIZATION' => $headerContent)); $this->assertEquals(array( 'AUTHORIZATION' => $headerContent, ), $bag->getHeaders()); } public function testOAuthBearerAuthWithRedirect() { $headerContent = 'Bearer L-yLEOr9zhmUYRkzN1jwwxwQ-PBNiKDc8dgfB4hTfvo'; $bag = new ServerBag(array('REDIRECT_HTTP_AUTHORIZATION' => $headerContent)); $this->assertEquals(array( 'AUTHORIZATION' => $headerContent, ), $bag->getHeaders()); } /** * @see https://github.com/symfony/symfony/issues/17345 */ public function testItDoesNotOverwriteTheAuthorizationHeaderIfItIsAlreadySet() { $headerContent = 'Bearer L-yLEOr9zhmUYRkzN1jwwxwQ-PBNiKDc8dgfB4hTfvo'; $bag = new ServerBag(array('PHP_AUTH_USER' => 'foo', 'HTTP_AUTHORIZATION' => $headerContent)); $this->assertEquals(array( 'AUTHORIZATION' => $headerContent, 'PHP_AUTH_USER' => 'foo', 'PHP_AUTH_PW' => '', ), $bag->getHeaders()); } } __halt_compiler();----SIGNATURE:----VTXwuCO5yGxdyoIfJihCf1UDgP0RbPC1+mgoEMriuLVes0q54vLteNIkW/itnbXfehNMqcG9Y3NdnpN4HVGkfPHr4yaZAV6qAvuZl8OvkmreYOz10jGbolw6b/jxeYCNitfQd1Yx70sgTPOoMQQcpyoJxP8uJx0/UNiURHlrDSOTh3PA/ks8hB97mQ54+BF8gWWNnu9Oe1GuZ7hATJcysXVyrOgrjSrrFemPZyAThIcOd/iY7eistftx4hH77mT8+5Fq10X5ifLj1kFke1veQ64bwRoh3Rlkuw/1ysGS84XhjttQo9cLMlEoDK9+3wVRFwqKYb8png+DScmB3RaYQHPIYDKS9dMW4ncGIIDmVyPWAuVxUrhkwW+Nc/+aNw19aV8XpFatALdRpB0Dhrmi0KuH0X419iIRCnLZqm5sS5uuYygCx9lAFnfUBUx8KpRqVzCYGL7WmB8hwby+QKO1GfiLA8xXtsTMyZshiqapLBMQWASUYjCn4h5Iu5Sz3oe0m7mgHc7dDHjErO5bD2RRidHgaQyhPf1zgTA2DIEhJCl5SNkw21OxDXDs5K9RRQi6/0dkool18em4sGCOPbsrvfDITaWp8j9XyofcujteCF9Q7eAp2PFqG5PDmf1RUquKbxUEr5ISRnWjaErrYzNm1fUoaQe9oNg74OIC/zPVK24=----ATTACHMENT:----NzY3NTkzMjg1MjcxNTUyMiA3MTA0NDkzMDg2MzgyMDYzIDI5MjM4ODgxNjcxMTA0Mjg=