ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
Public Member Functions | Data Fields | Private Member Functions | Private Attributes
Sabre\HTTP\Auth\DigestTest Class Reference
+ Inheritance diagram for Sabre\HTTP\Auth\DigestTest:
+ Collaboration diagram for Sabre\HTTP\Auth\DigestTest:

Public Member Functions

 setUp ()
 
 testDigest ()
 
 testInvalidDigest ()
 
 testInvalidDigest2 ()
 
 testDigestAuthInt ()
 
 testDigestAuthBoth ()
 

Data Fields

const REALM = 'SabreDAV unittest'
 

Private Member Functions

 getServerTokens ($qop=Digest::QOP_AUTH)
 

Private Attributes

 $response
 
 $request
 
 $auth
 

Detailed Description

Definition at line 8 of file DigestTest.php.

Member Function Documentation

◆ getServerTokens()

Sabre\HTTP\Auth\DigestTest::getServerTokens (   $qop = Digest::QOP_AUTH)
private

Definition at line 165 of file DigestTest.php.

References $test, Sabre\HTTP\Auth\Digest\QOP_AUTH, Sabre\HTTP\Auth\Digest\QOP_AUTHINT, and Sabre\HTTP\Auth\DigestTest\setUp().

Referenced by Sabre\HTTP\Auth\DigestTest\testDigest(), Sabre\HTTP\Auth\DigestTest\testDigestAuthBoth(), Sabre\HTTP\Auth\DigestTest\testDigestAuthInt(), and Sabre\HTTP\Auth\DigestTest\testInvalidDigest().

165  {
166 
167  $this->auth->requireLogin();
168 
169  switch ($qop) {
170  case Digest::QOP_AUTH : $qopstr = 'auth'; break;
171  case Digest::QOP_AUTHINT : $qopstr = 'auth-int'; break;
172  default : $qopstr = 'auth,auth-int'; break;
173  }
174 
175  $test = preg_match('/Digest realm="' . self::REALM . '",qop="' . $qopstr . '",nonce="([0-9a-f]*)",opaque="([0-9a-f]*)"/',
176  $this->response->getHeader('WWW-Authenticate'), $matches);
177 
178  $this->assertTrue($test == true, 'The WWW-Authenticate response didn\'t match our pattern. We received: ' . $this->response->getHeader('WWW-Authenticate'));
179 
180  $nonce = $matches[1];
181  $opaque = $matches[2];
182 
183  // Reset our environment
184  $this->setUp();
185  $this->auth->setQOP($qop);
186 
187  return [$nonce,$opaque];
188 
189  }
Sabre\HTTP\Auth\Digest\QOP_AUTH
const QOP_AUTH
These constants are used in setQOP();.
Definition: Digest.php:35
$test
$test
Definition: Utf8Test.php:84
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ setUp()

Sabre\HTTP\Auth\DigestTest::setUp ( )

Definition at line 29 of file DigestTest.php.

Referenced by Sabre\HTTP\Auth\DigestTest\getServerTokens().

29  {
30 
31  $this->response = new Response();
32  $this->request = new Request();
33  $this->auth = new Digest(self::REALM, $this->request, $this->response);
34 
35 
36  }
+ Here is the caller graph for this function:

◆ testDigest()

Sabre\HTTP\Auth\DigestTest::testDigest ( )

Definition at line 38 of file DigestTest.php.

References $password, and Sabre\HTTP\Auth\DigestTest\getServerTokens().

38  {
39 
40  list($nonce, $opaque) = $this->getServerTokens();
41 
42  $username = 'admin';
43  $password = 12345;
44  $nc = '00002';
45  $cnonce = uniqid();
46 
47  $digestHash = md5(
48  md5($username . ':' . self::REALM . ':' . $password) . ':' .
49  $nonce . ':' .
50  $nc . ':' .
51  $cnonce . ':' .
52  'auth:' .
53  md5('GET' . ':' . '/')
54  );
55 
56  $this->request->setMethod('GET');
57  $this->request->setHeader('Authorization', 'Digest username="' . $username . '", realm="' . self::REALM . '", nonce="' . $nonce . '", uri="/", response="' . $digestHash . '", opaque="' . $opaque . '", qop=auth,nc=' . $nc . ',cnonce="' . $cnonce . '"');
58 
59  $this->auth->init();
60 
61  $this->assertEquals($username, $this->auth->getUsername());
62  $this->assertEquals(self::REALM, $this->auth->getRealm());
63  $this->assertTrue($this->auth->validateA1(md5($username . ':' . self::REALM . ':' . $password)), 'Authentication is deemed invalid through validateA1');
64  $this->assertTrue($this->auth->validatePassword($password), 'Authentication is deemed invalid through validatePassword');
65 
66  }
Sabre\HTTP\Auth\DigestTest\getServerTokens
getServerTokens($qop=Digest::QOP_AUTH)
Definition: DigestTest.php:165
$password
$password
Definition: cron.php:14
+ Here is the call graph for this function:

◆ testDigestAuthBoth()

Sabre\HTTP\Auth\DigestTest::testDigestAuthBoth ( )

Definition at line 135 of file DigestTest.php.

References $password, Sabre\HTTP\Auth\DigestTest\getServerTokens(), Sabre\HTTP\Auth\Digest\QOP_AUTH, and Sabre\HTTP\Auth\Digest\QOP_AUTHINT.

135  {
136 
137  $this->auth->setQOP(Digest::QOP_AUTHINT | Digest::QOP_AUTH);
138  list($nonce, $opaque) = $this->getServerTokens(Digest::QOP_AUTHINT | Digest::QOP_AUTH);
139 
140  $username = 'admin';
141  $password = 12345;
142  $nc = '00003';
143  $cnonce = uniqid();
144 
145  $digestHash = md5(
146  md5($username . ':' . self::REALM . ':' . $password) . ':' .
147  $nonce . ':' .
148  $nc . ':' .
149  $cnonce . ':' .
150  'auth-int:' .
151  md5('POST' . ':' . '/' . ':' . md5('body'))
152  );
153 
154  $this->request->setMethod('POST');
155  $this->request->setHeader('Authorization', 'Digest username="' . $username . '", realm="' . self::REALM . '", nonce="' . $nonce . '", uri="/", response="' . $digestHash . '", opaque="' . $opaque . '", qop=auth-int,nc=' . $nc . ',cnonce="' . $cnonce . '"');
156  $this->request->setBody('body');
157 
158  $this->auth->init();
159 
160  $this->assertTrue($this->auth->validateA1(md5($username . ':' . self::REALM . ':' . $password)), 'Authentication is deemed invalid through validateA1');
161 
162  }
Sabre\HTTP\Auth\Digest\QOP_AUTH
const QOP_AUTH
These constants are used in setQOP();.
Definition: Digest.php:35
Sabre\HTTP\Auth\DigestTest\getServerTokens
getServerTokens($qop=Digest::QOP_AUTH)
Definition: DigestTest.php:165
$password
$password
Definition: cron.php:14
+ Here is the call graph for this function:

◆ testDigestAuthInt()

Sabre\HTTP\Auth\DigestTest::testDigestAuthInt ( )

Definition at line 106 of file DigestTest.php.

References $password, Sabre\HTTP\Auth\DigestTest\getServerTokens(), and Sabre\HTTP\Auth\Digest\QOP_AUTHINT.

106  {
107 
108  $this->auth->setQOP(Digest::QOP_AUTHINT);
109  list($nonce, $opaque) = $this->getServerTokens(Digest::QOP_AUTHINT);
110 
111  $username = 'admin';
112  $password = 12345;
113  $nc = '00003';
114  $cnonce = uniqid();
115 
116  $digestHash = md5(
117  md5($username . ':' . self::REALM . ':' . $password) . ':' .
118  $nonce . ':' .
119  $nc . ':' .
120  $cnonce . ':' .
121  'auth-int:' .
122  md5('POST' . ':' . '/' . ':' . md5('body'))
123  );
124 
125  $this->request->setMethod('POST');
126  $this->request->setHeader('Authorization', 'Digest username="' . $username . '", realm="' . self::REALM . '", nonce="' . $nonce . '", uri="/", response="' . $digestHash . '", opaque="' . $opaque . '", qop=auth-int,nc=' . $nc . ',cnonce="' . $cnonce . '"');
127  $this->request->setBody('body');
128 
129  $this->auth->init();
130 
131  $this->assertTrue($this->auth->validateA1(md5($username . ':' . self::REALM . ':' . $password)), 'Authentication is deemed invalid through validateA1');
132 
133  }
Sabre\HTTP\Auth\DigestTest\getServerTokens
getServerTokens($qop=Digest::QOP_AUTH)
Definition: DigestTest.php:165
$password
$password
Definition: cron.php:14
+ Here is the call graph for this function:

◆ testInvalidDigest()

Sabre\HTTP\Auth\DigestTest::testInvalidDigest ( )

Definition at line 68 of file DigestTest.php.

References $password, and Sabre\HTTP\Auth\DigestTest\getServerTokens().

68  {
69 
70  list($nonce, $opaque) = $this->getServerTokens();
71 
72  $username = 'admin';
73  $password = 12345;
74  $nc = '00002';
75  $cnonce = uniqid();
76 
77  $digestHash = md5(
78  md5($username . ':' . self::REALM . ':' . $password) . ':' .
79  $nonce . ':' .
80  $nc . ':' .
81  $cnonce . ':' .
82  'auth:' .
83  md5('GET' . ':' . '/')
84  );
85 
86  $this->request->setMethod('GET');
87  $this->request->setHeader('Authorization', 'Digest username="' . $username . '", realm="' . self::REALM . '", nonce="' . $nonce . '", uri="/", response="' . $digestHash . '", opaque="' . $opaque . '", qop=auth,nc=' . $nc . ',cnonce="' . $cnonce . '"');
88 
89  $this->auth->init();
90 
91  $this->assertFalse($this->auth->validateA1(md5($username . ':' . self::REALM . ':' . ($password . 'randomness'))), 'Authentication is deemed invalid through validateA1');
92 
93  }
Sabre\HTTP\Auth\DigestTest\getServerTokens
getServerTokens($qop=Digest::QOP_AUTH)
Definition: DigestTest.php:165
$password
$password
Definition: cron.php:14
+ Here is the call graph for this function:

◆ testInvalidDigest2()

Sabre\HTTP\Auth\DigestTest::testInvalidDigest2 ( )

Definition at line 95 of file DigestTest.php.

95  {
96 
97  $this->request->setMethod('GET');
98  $this->request->setHeader('Authorization', 'basic blablabla');
99 
100  $this->auth->init();
101  $this->assertFalse($this->auth->validateA1(md5('user:realm:password')));
102 
103  }

Field Documentation

◆ $auth

Sabre\HTTP\Auth\DigestTest::$auth
private

Definition at line 25 of file DigestTest.php.

◆ $request

Sabre\HTTP\Auth\DigestTest::$request
private

Definition at line 20 of file DigestTest.php.

◆ $response

Sabre\HTTP\Auth\DigestTest::$response
private

Definition at line 13 of file DigestTest.php.

◆ REALM

const Sabre\HTTP\Auth\DigestTest::REALM = 'SabreDAV unittest'

Definition at line 27 of file DigestTest.php.

The documentation for this class was generated from the following file: