ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
FigCookiesTest.php
Go to the documentation of this file.
1<?php
2
3namespace Dflydev\FigCookies;
4
5class FigCookiesTest extends \PHPUnit_Framework_TestCase
6{
10 public function it_encrypts_and_decrypts_cookies()
11 {
12 // Simulate a request coming in with several cookies.
13 $request = (new FigCookieTestingRequest())
14 ->withHeader(Cookies::COOKIE_HEADER, 'theme=light; sessionToken=RAPELCGRQ; hello=world')
15 ;
16
17 // "Before" Middleware Example
18 //
19 // Get our token from an encrypted cookie value, "decrypt" it, and replace the cookie on the request.
20 // From here on out, any part of the system that gets our token will be able to see the contents
21 // in plaintext.
22 $request = FigRequestCookies::modify($request, 'sessionToken', function (Cookie $cookie) {
23 return $cookie->withValue(str_rot13($cookie->getValue()));
24 });
25
26 // Even though the sessionToken initially comes in "encrypted", at this point (and any point in
27 // the future) the sessionToken cookie will be available in plaintext.
28 $this->assertEquals(
29 'theme=light; sessionToken=ENCRYPTED; hello=world',
30 $request->getHeaderLine(Cookies::COOKIE_HEADER)
31 );
32
33 // Simulate a response going out.
34 $response = (new FigCookieTestingResponse());
35
36 // Various parts of the system will add set cookies to the response. In this case, we are
37 // going to show that the rest of the system interacts with the session token using
38 // plaintext.
39 $response = $response
40 ->withAddedHeader(SetCookies::SET_COOKIE_HEADER, SetCookie::create('theme', 'light'))
41 ->withAddedHeader(SetCookies::SET_COOKIE_HEADER, SetCookie::create('sessionToken', 'ENCRYPTED'))
42 ->withAddedHeader(SetCookies::SET_COOKIE_HEADER, SetCookie::create('hello', 'world'))
43 ;
44
45 // "After" Middleware Example
46 //
47 // Get our token from an unencrypted set cookie value, "encrypt" it, and replace the cook on the response.
48 // From here on out, any part of the system that gets our token will only be able to see the encrypted
49 // value.
50 $response = FigResponseCookies::modify($response, 'sessionToken', function (SetCookie $setCookie) {
51 return $setCookie->withValue(str_rot13($setCookie->getValue()));
52 });
53
54 // Even though the sessionToken intiially went out "decrypted", at this point (and at any point
55 // in the future) the sessionToken cookie will remain "encrypted."
56 $this->assertEquals(
57 ['theme=light', 'sessionToken=RAPELCGRQ', 'hello=world'],
58 $response->getHeader(SetCookies::SET_COOKIE_HEADER)
59 );
60 }
61}
$request
foreach($paths as $path) $request
Definition: asyncclient.php:32
php
An exception for terminatinating execution or to throw for unit testing.
Dflydev\FigCookies\Cookie\withValue
withValue($value=null)
Definition: Cookie.php:47
Dflydev\FigCookies\Cookies\COOKIE_HEADER
const COOKIE_HEADER
The name of the Cookie header.
Definition: Cookies.php:12
Dflydev\FigCookies\FigRequestCookies\modify
static modify(RequestInterface $request, $name, $modify)
Definition: FigRequestCookies.php:48
Dflydev\FigCookies\FigResponseCookies\modify
static modify(ResponseInterface $response, $name, $modify)
Definition: FigResponseCookies.php:59
Dflydev\FigCookies\SetCookie\create
static create($name, $value=null)
Definition: SetCookie.php:173
Dflydev\FigCookies\SetCookies\SET_COOKIE_HEADER
const SET_COOKIE_HEADER
The name of the Set-Cookie header.
Definition: SetCookies.php:12
PHPUnit_Framework_TestCase
$response
$response
Definition: proxy_ylocal.php:39