ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
FigCookiesTest.php
Go to the documentation of this file.
1 <?php
2 
3 namespace Dflydev\FigCookies;
4 
5 class FigCookiesTest extends \PHPUnit_Framework_TestCase
6 {
10  public function it_encrypts_and_decrypts_cookies()
11  {
12  // Simulate a request coming in with several cookies.
13  $request = (new FigCookieTestingRequest())
14  ->withHeader(Cookies::COOKIE_HEADER, 'theme=light; sessionToken=RAPELCGRQ; hello=world')
15  ;
16 
17  // "Before" Middleware Example
18  //
19  // Get our token from an encrypted cookie value, "decrypt" it, and replace the cookie on the request.
20  // From here on out, any part of the system that gets our token will be able to see the contents
21  // in plaintext.
22  $request = FigRequestCookies::modify($request, 'sessionToken', function (Cookie $cookie) {
23  return $cookie->withValue(str_rot13($cookie->getValue()));
24  });
25 
26  // Even though the sessionToken initially comes in "encrypted", at this point (and any point in
27  // the future) the sessionToken cookie will be available in plaintext.
28  $this->assertEquals(
29  'theme=light; sessionToken=ENCRYPTED; hello=world',
30  $request->getHeaderLine(Cookies::COOKIE_HEADER)
31  );
32 
33  // Simulate a response going out.
34  $response = (new FigCookieTestingResponse());
35 
36  // Various parts of the system will add set cookies to the response. In this case, we are
37  // going to show that the rest of the system interacts with the session token using
38  // plaintext.
39  $response = $response
40  ->withAddedHeader(SetCookies::SET_COOKIE_HEADER, SetCookie::create('theme', 'light'))
41  ->withAddedHeader(SetCookies::SET_COOKIE_HEADER, SetCookie::create('sessionToken', 'ENCRYPTED'))
42  ->withAddedHeader(SetCookies::SET_COOKIE_HEADER, SetCookie::create('hello', 'world'))
43  ;
44 
45  // "After" Middleware Example
46  //
47  // Get our token from an unencrypted set cookie value, "encrypt" it, and replace the cook on the response.
48  // From here on out, any part of the system that gets our token will only be able to see the encrypted
49  // value.
50  $response = FigResponseCookies::modify($response, 'sessionToken', function (SetCookie $setCookie) {
51  return $setCookie->withValue(str_rot13($setCookie->getValue()));
52  });
53 
54  // Even though the sessionToken intiially went out "decrypted", at this point (and at any point
55  // in the future) the sessionToken cookie will remain "encrypted."
56  $this->assertEquals(
57  ['theme=light', 'sessionToken=RAPELCGRQ', 'hello=world'],
58  $response->getHeader(SetCookies::SET_COOKIE_HEADER)
59  );
60  }
61 }
$request
foreach($paths as $path) $request
Definition: asyncclient.php:32
PHPUnit_Framework_TestCase
Dflydev\FigCookies\SetCookie\create
static create($name, $value=null)
Definition: SetCookie.php:173
Dflydev\FigCookies\SetCookies\SET_COOKIE_HEADER
const SET_COOKIE_HEADER
The name of the Set-Cookie header.
Definition: SetCookies.php:12
Dflydev\FigCookies\Cookies\COOKIE_HEADER
const COOKIE_HEADER
The name of the Cookie header.
Definition: Cookies.php:12
Dflydev\FigCookies\FigResponseCookies\modify
static modify(ResponseInterface $response, $name, $modify)
Definition: FigResponseCookies.php:59
Dflydev\FigCookies\FigRequestCookies\modify
static modify(RequestInterface $request, $name, $modify)
Definition: FigRequestCookies.php:48
$response
$response
Definition: proxy_ylocal.php:39
Dflydev\FigCookies\Cookie\withValue
withValue($value=null)
Definition: Cookie.php:47