ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
ilWACTokenTest.php
Go to the documentation of this file.
1<?php
2// declare(strict_types=1);
3/*
4 +-----------------------------------------------------------------------------+
5 | ILIAS open source |
6 +-----------------------------------------------------------------------------+
7 | Copyright (c) 1998-2009 ILIAS open source, University of Cologne |
8 | |
9 | This program is free software; you can redistribute it and/or |
10 | modify it under the terms of the GNU General Public License |
11 | as published by the Free Software Foundation; either version 2 |
12 | of the License, or (at your option) any later version. |
13 | |
14 | This program is distributed in the hope that it will be useful, |
15 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
17 | GNU General Public License for more details. |
18 | |
19 | You should have received a copy of the GNU General Public License |
20 | along with this program; if not, write to the Free Software |
21 | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
22 +-----------------------------------------------------------------------------+
23*/
24require_once('./libs/composer/vendor/autoload.php');
25
26require_once('./Services/WebAccessChecker/classes/class.ilWACSignedPath.php');
27require_once('./Services/WebAccessChecker/classes/class.ilWebAccessChecker.php');
28require_once('./Services/WebAccessChecker/classes/class.ilWACSignedPath.php');
29require_once('./Services/WebAccessChecker/classes/class.ilWACToken.php');
30
36use Mockery\Adapter\Phpunit\MockeryTestCase;
37use Mockery\MockInterface;
38use org\bovigo\vfs;
40
52class ilWACTokenTest extends MockeryTestCase
53{
54 const ADDITIONAL_TIME = 1;
55 const LIFETIME = 2;
56 const SALT = 'SALT';
57 const CLIENT_NAME = 'client_name';
61 protected $backupGlobals = false;
65 protected $file_one;
77 protected $file_two;
81 protected $file_three;
85 protected $file_four;
89 protected $root;
93 private $http;
98
99
103 protected function setUp()
104 {
105 parent::setUp();
106
107 $this->root = vfs\vfsStream::setup('ilias.de');
108 $this->file_one = vfs\vfsStream::newFile('data/client_name/mobs/mm_123/dummy.jpg')
109 ->at($this->root)->setContent('dummy');
110 $this->file_one_subfolder = vfs\vfsStream::newFile('data/client_name/mobs/mm_123/mobile/dummy.jpg')
111 ->at($this->root)->setContent('dummy');
112 $this->file_one_subfolder_two = vfs\vfsStream::newFile('data/client_name/mobs/mm_123/mobile/device/dummy.jpg')
113 ->at($this->root)->setContent('dummy');
114 $this->file_two = vfs\vfsStream::newFile('data/client_name/mobs/mm_123/dummy2.jpg')
115 ->at($this->root)->setContent('dummy2');
116 $this->file_three = vfs\vfsStream::newFile('data/client_name/mobs/mm_124/dummy.jpg')
117 ->at($this->root)->setContent('dummy');
118 $this->file_four = vfs\vfsStream::newFile('data/client_name/sec/ilBlog/mm_124/dummy.jpg')
119 ->at($this->root)->setContent('dummy');
120
121 //setup container for HttpServiceAware classes
122 $container = new \ILIAS\DI\Container();
123 $container['http'] = function ($c) {
124 return Mockery::mock(GlobalHttpState::class);
125 };
126
127 $this->http = $container['http'];
128
129
130 $GLOBALS["DIC"] = $container;
131
132 $this->cookieFactory = Mockery::mock(CookieFactoryImpl::class);
133
134 //because the cookie have no logic except cloning it self therefore it should be no problem to defer the function calls
135 $this->cookieFactory->shouldDeferMissing();
136
137 ilWACToken::setSALT(self::SALT);
138 }
139
140
141 public function testWithoutSigning()
142 {
143 $ilWACSignedPath = new ilWACSignedPath(new ilWACPath($this->file_one->url()), $this->http, $this->cookieFactory);
144
145 $cookieJar = Mockery::mock(CookieJar::class);
146
147 $cookieJar
148 ->shouldReceive('get')
149 ->times(6)
150 ->withAnyArgs()
151 ->andReturnNull();
152
153 $this->http->shouldReceive('cookieJar')
154 ->twice()
155 ->withNoArgs()
156 ->andReturn($cookieJar);
157
158 $this->assertFalse($ilWACSignedPath->isSignedPath());
159 $this->assertFalse($ilWACSignedPath->isSignedPathValid());
160 $this->assertFalse($ilWACSignedPath->isFolderSigned());
161 $this->assertFalse($ilWACSignedPath->isFolderTokenValid());
162 }
163
164
165 public function testSomeBasics()
166 {
167 $query = 'myparam=1234';
168 $ilWACSignedPath = new ilWACSignedPath(new ilWACPath($this->file_four->url() . '?'
169 . $query), $this->http, $this->cookieFactory);
170
171 $this->assertEquals('dummy.jpg', $ilWACSignedPath->getPathObject()->getFileName());
172 $this->assertEquals($query, $ilWACSignedPath->getPathObject()->getQuery());
173 $this->assertEquals('./data/' . self::CLIENT_NAME
174 . '/sec/ilBlog/mm_124/', $ilWACSignedPath->getPathObject()
175 ->getSecurePath());
176 $this->assertEquals('ilBlog', $ilWACSignedPath->getPathObject()->getSecurePathId());
177 $this->assertFalse($ilWACSignedPath->getPathObject()->isStreamable());
178 }
179
180
181 public function testTokenGeneration()
182 {
183 $ilWacPath = new ilWacPath($this->file_four->url());
184 $ilWACToken = new ilWACToken($ilWacPath->getPath(), self::CLIENT_NAME, 123456, 20);
185 $ilWACToken->generateToken();
186 $this->assertEquals('SALT-client_name-123456-20', $ilWACToken->getRawToken());
187 $this->assertEquals('./data/client_name/sec/ilBlog/mm_124/dummy.jpg', $ilWACToken->getId());
188
189 $this->assertEquals(self::SALT, ilWACToken::getSALT());
190 $ilWACToken = new ilWACToken($ilWacPath->getPath(), self::CLIENT_NAME, 123456, 20);
191 $this->assertEquals('b541e2bae42ee222f9be959b7ad2ab8844cbb05b', $ilWACToken->getToken());
192 $this->assertEquals('e45b98f267dc891c8206c844f7df29ea', $ilWACToken->getHashedId());
193 }
194
195
196 public function testCookieGeneration()
197 {
198 $expected_cookies = [
199 '19ab58dae37d8d8cf931727c35514642',
200 '19ab58dae37d8d8cf931727c35514642ts',
201 '19ab58dae37d8d8cf931727c35514642ttl',
202 ];
203
204 $cookieJar = Mockery::mock(CookieJar::class);
205
206 $response = Mockery::mock(ResponseInterface::class);
207
208 $this->http
209 ->shouldReceive('response')
210 ->times(3)
211 ->withNoArgs()
212 ->andReturn($response)
213 ->getMock()
214
215 ->shouldReceive('saveResponse')
216 ->times(3)
217 ->with($response);
218
219 $cookieJar
220 ->shouldReceive('with')
221 ->times(3)
222 ->with(Mockery::on(function (Cookie $cookie) use ($expected_cookies) {
223 return strcmp($cookie->getName(), $expected_cookies[0]) === 0;
224 }))
225 ->andReturnSelf()
226 ->getMock()
227
228 ->shouldReceive('with')
229 ->times(3)
230 ->with(Mockery::on(function (Cookie $cookie) use ($expected_cookies) {
231 return strcmp($cookie->getName(), $expected_cookies[1]) === 0;
232 }))
233 ->andReturnSelf()
234 ->getMock()
235
236 ->shouldReceive('with')
237 ->times(3)
238 ->with(Mockery::on(function (Cookie $cookie) use ($expected_cookies) {
239 return strcmp($cookie->getName(), $expected_cookies[2]) === 0;
240 }))
241 ->andReturnSelf()
242 ->getMock()
243
244 ->shouldReceive('renderIntoResponseHeader')
245 ->times(3)
246 ->withAnyArgs()
247 ->andReturn($response);
248
249 $this->http->shouldReceive('cookieJar')
250 ->times(3)
251 ->withNoArgs()
252 ->andReturn($cookieJar);
253
254 ilWACSignedPath::signFolderOfStartFile($this->file_one->url());
255
256 // in subfolder
257 ilWACSignedPath::signFolderOfStartFile($this->file_one_subfolder->url());
258
259 // in sub-subfolder
260 ilWACSignedPath::signFolderOfStartFile($this->file_one_subfolder->url());
261 }
262
263
264 public function testFileToken()
265 {
268
269 // Request within lifetime
270 $signed_path = ilWACSignedPath::signFile($this->file_one->url());
271 $ilWACSignedPath = new ilWACSignedPath(new ilWACPath($signed_path), $this->http, $this->cookieFactory);
272
273 $this->assertTrue($ilWACSignedPath->isSignedPath());
274 $this->assertTrue($ilWACSignedPath->isSignedPathValid());
275 $this->assertEquals($ilWACSignedPath->getPathObject()->getClient(), self::CLIENT_NAME);
276 $this->assertFalse($ilWACSignedPath->getPathObject()->isInSecFolder());
277 $this->assertTrue($ilWACSignedPath->getPathObject()->isImage());
278 $this->assertFalse($ilWACSignedPath->getPathObject()->isAudio());
279 $this->assertFalse($ilWACSignedPath->getPathObject()->isVideo());
280 $this->assertTrue($ilWACSignedPath->getPathObject()->hasTimestamp());
281 $this->assertTrue($ilWACSignedPath->getPathObject()->hasToken());
282
283 // Request after lifetime
284 $signed_path = ilWACSignedPath::signFile($this->file_four->url());
285 sleep($lifetime + self::ADDITIONAL_TIME);
286 $ilWACSignedPath = new ilWACSignedPath(new ilWACPath($signed_path), $this->http, $this->cookieFactory);
287 $this->assertTrue($ilWACSignedPath->isSignedPath());
288 $this->assertFalse($ilWACSignedPath->isSignedPathValid());
289 }
290
291
292
297 {
298 // self::markTestSkipped("WIP");
299 // return;
300 $ilWACSignedPath = new ilWACSignedPath(new ilWACPath($this->getModifiedSignedPath(0, 0)), $this->http, $this->cookieFactory);
301 $this->assertTrue($ilWACSignedPath->isSignedPath());
302 $this->assertTrue($ilWACSignedPath->isSignedPathValid());
303 }
304
305
310 {
311 // self::markTestSkipped("WIP");
312 // return;
313 $ilWACSignedPath = new ilWACSignedPath(new ilWACPath($this->getModifiedSignedPath(self::ADDITIONAL_TIME, 0)), $this->http, $this->cookieFactory);
314 $this->assertTrue($ilWACSignedPath->isSignedPath());
315 $this->assertFalse($ilWACSignedPath->isSignedPathValid());
316 }
317
318
320 {
321 // self::markTestSkipped("WIP");
322 // return;
323 $ilWACSignedPath = new ilWACSignedPath(new ilWACPath($this->getModifiedSignedPath(self::ADDITIONAL_TIME
324 * -1, 0)), $this->http, $this->cookieFactory);
325 $this->assertTrue($ilWACSignedPath->isSignedPath());
326 $this->assertFalse($ilWACSignedPath->isSignedPathValid());
327 }
328
329
330 public function testModifiedTTL()
331 {
332 // self::markTestSkipped("WIP");
333 // return;
334 $ilWACSignedPath = new ilWACSignedPath(new ilWACPath($this->getModifiedSignedPath(0, 1)), $this->http, $this->cookieFactory);
335 $this->assertTrue($ilWACSignedPath->isSignedPath());
336 $this->assertFalse($ilWACSignedPath->isSignedPathValid());
337 }
338
339
341 {
342 // self::markTestSkipped("WIP");
343 // return;
344 $ilWACSignedPath = new ilWACSignedPath(new ilWACPath($this->getModifiedSignedPath(1, 1)), $this->http, $this->cookieFactory);
345 $this->assertTrue($ilWACSignedPath->isSignedPath());
346 $this->assertFalse($ilWACSignedPath->isSignedPathValid());
347 }
348
349
350 public function testModifiedToken()
351 {
352 // self::markTestSkipped("WIP");
353 // return;
354 $ilWACSignedPath = new ilWACSignedPath(new ilWACPath($this->getModifiedSignedPath(0, 0, md5('LOREM'))), $this->http, $this->cookieFactory);
355 $this->assertTrue($ilWACSignedPath->isSignedPath());
356 $this->assertFalse($ilWACSignedPath->isSignedPathValid());
357 }
358
359
366 protected function getModifiedSignedPath($add_ttl = 0, $add_timestamp = 0, $override_token = null)
367 {
369 $signed_path = ilWACSignedPath::signFile($this->file_one->url());
370
371 $parts = parse_url($signed_path);
372 $path = $parts['path'];
373 $query = $parts['query'];
374 parse_str($query, $query_array);
375 $token = $override_token ? $override_token : $query_array['il_wac_token'];
376 $ttl = (int) $query_array['il_wac_ttl'];
377 $ts = (int) $query_array['il_wac_ts'];
378 $path_with_token = $path . '?il_wac_token=' . $token;
379
380 $modified_ttl = $ttl + $add_ttl;
381 $modified_ts = $ts + $add_timestamp;
382
383 return $path_with_token . '&il_wac_ttl=' . $modified_ttl . '&il_wac_ts=' . $modified_ts;
384 }
385}
$path
Definition: aliased.php:25
An exception for terminatinating execution or to throw for unit testing.
Class ilWACPath.
Class ilWACSignedPath.
static signFile($path_to_file)
static setTokenMaxLifetimeInSeconds($token_max_lifetime_in_seconds)
static signFolderOfStartFile($start_file_path)
static getTokenMaxLifetimeInSeconds()
TestCase for the ilWACTokenTest.
getModifiedSignedPath($add_ttl=0, $add_timestamp=0, $override_token=null)
testModifiedTimestampNoMod()
@Test
testModifiedTimestampAddTime()
@Test
Class ilWACToken.
static getSALT()
static setSALT($salt)
Interface GlobalHttpState.
Representation of an outgoing, server-side response.
$GLOBALS['JPEG_Segment_Names']
Global Variable: XMP_tag_captions.
static http()
Fetches the global http state from ILIAS.
on($eventName, callable $callBack, $priority=100)
Subscribe to an event.
$query
$response
$container
Definition: wac.php:13