ILIAS  release_7 Revision v7.30-3-g800a261c036
All Data Structures Namespaces Files Functions Variables Modules Pages
ilWACTokenTest.php
Go to the documentation of this file.
1 <?php
18 // declare(strict_types=1);
19 require_once('./libs/composer/vendor/autoload.php');
20 
21 require_once('./Services/WebAccessChecker/classes/class.ilWACSignedPath.php');
22 require_once('./Services/WebAccessChecker/classes/class.ilWebAccessChecker.php');
23 require_once('./Services/WebAccessChecker/classes/class.ilWACSignedPath.php');
24 require_once('./Services/WebAccessChecker/classes/class.ilWACToken.php');
25 
26 use ILIAS\HTTP\Cookies\Cookie;
27 use ILIAS\HTTP\Cookies\CookieFactory;
28 use ILIAS\HTTP\Cookies\CookieFactoryImpl;
29 use ILIAS\HTTP\Cookies\CookieJar;
30 use ILIAS\HTTP\GlobalHttpState;
31 use Mockery\Adapter\Phpunit\MockeryTestCase;
32 use Mockery\MockInterface;
33 use org\bovigo\vfs;
34 use Psr\Http\Message\ResponseInterface;
35 use ILIAS\HTTP\Cookies\CookieWrapper;
36 use Dflydev\FigCookies\SetCookie;
37 
48 class ilWACTokenTest extends MockeryTestCase
49 {
50  const ADDITIONAL_TIME = 1;
51  const LIFETIME = 2;
52  const SALT = 'SALT';
53  const CLIENT_NAME = 'client_name';
57  protected $backupGlobals = false;
61  protected $file_one;
65  protected $file_one_subfolder;
69  protected $file_one_subfolder_two;
73  protected $file_two;
77  protected $file_three;
81  protected $file_four;
85  protected $root;
89  private $http;
93  private $cookieFactory;
94 
95 
99  protected function setUp() : void
100  {
101  parent::setUp();
102 
103  $this->root = vfs\vfsStream::setup('ilias.de');
104  $this->file_one = vfs\vfsStream::newFile('data/client_name/mobs/mm_123/dummy.jpg')
105  ->at($this->root)->setContent('dummy');
106  $this->file_one_subfolder = vfs\vfsStream::newFile('data/client_name/mobs/mm_123/mobile/dummy.jpg')
107  ->at($this->root)->setContent('dummy');
108  $this->file_one_subfolder_two = vfs\vfsStream::newFile('data/client_name/mobs/mm_123/mobile/device/dummy.jpg')
109  ->at($this->root)->setContent('dummy');
110  $this->file_two = vfs\vfsStream::newFile('data/client_name/mobs/mm_123/dummy2.jpg')
111  ->at($this->root)->setContent('dummy2');
112  $this->file_three = vfs\vfsStream::newFile('data/client_name/mobs/mm_124/dummy.jpg')
113  ->at($this->root)->setContent('dummy');
114  $this->file_four = vfs\vfsStream::newFile('data/client_name/sec/ilBlog/mm_124/dummy.jpg')
115  ->at($this->root)->setContent('dummy');
116 
117  //setup container for HttpServiceAware classes
118  $container = new \ILIAS\DI\Container();
119  $container['http'] = function ($c) {
120  return Mockery::mock(GlobalHttpState::class);
121  };
122 
123  $this->http = $container['http'];
124 
125 
126  $GLOBALS["DIC"] = $container;
127 
128  $this->cookieFactory = Mockery::mock(CookieFactoryImpl::class);
129 
130  //because the cookie have no logic except cloning it self therefore it should be no problem to defer the function calls
131  $this->cookieFactory->shouldDeferMissing();
132 
133  ilWACToken::setSALT(self::SALT);
134  }
135 
136 
137  public function testWithoutSigning()
138  {
139  $ilWACSignedPath = new ilWACSignedPath(new ilWACPath($this->file_one->url(), false), $this->http, $this->cookieFactory);
140 
141  $cookieJar = Mockery::mock(CookieJar::class);
142 
143  $cookieJar
144  ->shouldReceive('getAll')
145  ->times(2)
146  ->withAnyArgs()
147  ->andReturn([]);
148 
149  $this->http->shouldReceive('cookieJar')
150  ->twice()
151  ->withNoArgs()
152  ->andReturn($cookieJar);
153 
154  $request = Mockery::mock(Psr\Http\Message\RequestInterface::class);
155  $request->shouldReceive('getCookieParams')
156  ->andReturn([]);
157 
158  $this->http->shouldReceive('request')
159  ->withNoArgs()
160  ->andReturn($request);
161 
162  $this->assertFalse($ilWACSignedPath->isSignedPath());
163  $this->assertFalse($ilWACSignedPath->isSignedPathValid());
164  $this->assertFalse($ilWACSignedPath->isFolderSigned());
165  $this->assertFalse($ilWACSignedPath->isFolderTokenValid());
166  }
167 
168 
169  public function testSomeBasics()
170  {
171  $query = 'myparam=1234';
172  $ilWACSignedPath = new ilWACSignedPath(new ilWACPath($this->file_four->url() . '?'
173  . $query, false), $this->http, $this->cookieFactory);
174 
175  $this->assertEquals('dummy.jpg', $ilWACSignedPath->getPathObject()->getFileName());
176  $this->assertEquals($query, $ilWACSignedPath->getPathObject()->getQuery());
177  $this->assertEquals('./data/' . self::CLIENT_NAME
178  . '/sec/ilBlog/mm_124/', $ilWACSignedPath->getPathObject()
179  ->getSecurePath());
180  $this->assertEquals('ilBlog', $ilWACSignedPath->getPathObject()->getSecurePathId());
181  $this->assertFalse($ilWACSignedPath->getPathObject()->isStreamable());
182  }
183 
184 
185  public function testTokenGeneration()
186  {
187  $ilWacPath = new ilWacPath($this->file_four->url(), false);
188  $ilWACToken = new ilWACToken($ilWacPath->getPath(), self::CLIENT_NAME, 123456, 20);
189  $ilWACToken->generateToken();
190  $this->assertEquals('SALT-client_name-123456-20', $ilWACToken->getRawToken());
191  $this->assertEquals('./data/client_name/sec/ilBlog/mm_124/dummy.jpg', $ilWACToken->getId());
192 
193  $this->assertEquals(self::SALT, ilWACToken::getSALT());
194  $ilWACToken = new ilWACToken($ilWacPath->getPath(), self::CLIENT_NAME, 123456, 20);
195  $this->assertEquals('b541e2bae42ee222f9be959b7ad2ab8844cbb05b', $ilWACToken->getToken());
196  $this->assertEquals('e45b98f267dc891c8206c844f7df29ea', $ilWACToken->getHashedId());
197  }
198 
199 
200  public function testCookieGeneration()
201  {
202  $this->markTestSkipped('unable to use http cookies at this point');
203  $expected_cookies = [
204  '19ab58dae37d8d8cf931727c35514642',
205  '19ab58dae37d8d8cf931727c35514642ts',
206  '19ab58dae37d8d8cf931727c35514642ttl',
207  ];
208 
209  $cookieJar = Mockery::mock(CookieJar::class);
210 
211  $response = Mockery::mock(ResponseInterface::class);
212 
213  $this->http
214  ->shouldReceive('response')
215  ->times(3)
216  ->withNoArgs()
217  ->andReturn($response)
218  ->getMock();
219 
220  $cookieJar
221  ->shouldReceive('with')
222  ->times(3)
223  ->with(new CookieWrapper(SetCookie::create('')))
224  ->andReturnSelf()
225  ->getMock()
226 
227  ->shouldReceive('with')
228  ->times(3)
229  ->with(new CookieWrapper(SetCookie::create('')))
230  ->andReturnSelf()
231  ->getMock()
232 
233  ->shouldReceive('with')
234  ->times(3)
235  ->with(new CookieWrapper(SetCookie::create('')))
236  ->andReturnSelf()
237  ->getMock();
238 
239  $this->http->shouldReceive('cookieJar')
240  ->withNoArgs()
241  ->andReturn($cookieJar);
242 
243  ilWACSignedPath::signFolderOfStartFile($this->file_one->url());
244 
245  // in subfolder
246  ilWACSignedPath::signFolderOfStartFile($this->file_one_subfolder->url());
247 
248  // in sub-subfolder
249  ilWACSignedPath::signFolderOfStartFile($this->file_one_subfolder->url());
250  }
251 
252 
253  public function testFileToken()
254  {
255  ilWACSignedPath::setTokenMaxLifetimeInSeconds(self::LIFETIME);
256  $lifetime = ilWACSignedPath::getTokenMaxLifetimeInSeconds();
257 
258  // Request within lifetime
259  $signed_path = ilWACSignedPath::signFile($this->file_one->url());
260  $ilWACSignedPath = new ilWACSignedPath(new ilWACPath($signed_path, false), $this->http, $this->cookieFactory);
261 
262  $this->assertTrue($ilWACSignedPath->isSignedPath());
263  $this->assertTrue($ilWACSignedPath->isSignedPathValid());
264  $this->assertEquals($ilWACSignedPath->getPathObject()->getClient(), self::CLIENT_NAME);
265  $this->assertFalse($ilWACSignedPath->getPathObject()->isInSecFolder());
266  $this->assertTrue($ilWACSignedPath->getPathObject()->isImage());
267  $this->assertFalse($ilWACSignedPath->getPathObject()->isAudio());
268  $this->assertFalse($ilWACSignedPath->getPathObject()->isVideo());
269  $this->assertTrue($ilWACSignedPath->getPathObject()->hasTimestamp());
270  $this->assertTrue($ilWACSignedPath->getPathObject()->hasToken());
271 
272  // Request after lifetime
273  $signed_path = ilWACSignedPath::signFile($this->file_four->url());
274  sleep($lifetime + self::ADDITIONAL_TIME);
275  $ilWACSignedPath = new ilWACSignedPath(new ilWACPath($signed_path, false), $this->http, $this->cookieFactory);
276  $this->assertTrue($ilWACSignedPath->isSignedPath());
277  $this->assertFalse($ilWACSignedPath->isSignedPathValid());
278  }
279 
280 
281 
285  public function testModifiedTimestampNoMod()
286  {
287  // self::markTestSkipped("WIP");
288  // return;
289  $ilWACSignedPath = new ilWACSignedPath(new ilWACPath($this->getModifiedSignedPath(0, 0), false), $this->http, $this->cookieFactory);
290  $this->assertTrue($ilWACSignedPath->isSignedPath());
291  $this->assertTrue($ilWACSignedPath->isSignedPathValid());
292  }
293 
294 
298  public function testModifiedTimestampAddTime()
299  {
300  // self::markTestSkipped("WIP");
301  // return;
302  $ilWACSignedPath = new ilWACSignedPath(new ilWACPath($this->getModifiedSignedPath(self::ADDITIONAL_TIME, 0), false), $this->http, $this->cookieFactory);
303  $this->assertTrue($ilWACSignedPath->isSignedPath());
304  $this->assertFalse($ilWACSignedPath->isSignedPathValid());
305  }
306 
307 
308  public function testModifiedTimestampSubTime()
309  {
310  // self::markTestSkipped("WIP");
311  // return;
312  $ilWACSignedPath = new ilWACSignedPath(new ilWACPath($this->getModifiedSignedPath(self::ADDITIONAL_TIME
313  * -1, 0), false), $this->http, $this->cookieFactory);
314  $this->assertTrue($ilWACSignedPath->isSignedPath());
315  $this->assertFalse($ilWACSignedPath->isSignedPathValid());
316  }
317 
318 
319  public function testModifiedTTL()
320  {
321  // self::markTestSkipped("WIP");
322  // return;
323  $ilWACSignedPath = new ilWACSignedPath(new ilWACPath($this->getModifiedSignedPath(0, 1), false), $this->http, $this->cookieFactory);
324  $this->assertTrue($ilWACSignedPath->isSignedPath());
325  $this->assertFalse($ilWACSignedPath->isSignedPathValid());
326  }
327 
328 
329  public function testModifiedTTLAndTimestamp()
330  {
331  // self::markTestSkipped("WIP");
332  // return;
333  $ilWACSignedPath = new ilWACSignedPath(new ilWACPath($this->getModifiedSignedPath(1, 1), false), $this->http, $this->cookieFactory);
334  $this->assertTrue($ilWACSignedPath->isSignedPath());
335  $this->assertFalse($ilWACSignedPath->isSignedPathValid());
336  }
337 
338 
339  public function testModifiedToken()
340  {
341  // self::markTestSkipped("WIP");
342  // return;
343  $ilWACSignedPath = new ilWACSignedPath(new ilWACPath($this->getModifiedSignedPath(0, 0, md5('LOREM')), false), $this->http, $this->cookieFactory);
344  $this->assertTrue($ilWACSignedPath->isSignedPath());
345  $this->assertFalse($ilWACSignedPath->isSignedPathValid());
346  }
347 
348 
355  protected function getModifiedSignedPath($add_ttl = 0, $add_timestamp = 0, $override_token = null)
356  {
357  ilWACSignedPath::setTokenMaxLifetimeInSeconds(self::LIFETIME);
358  $signed_path = ilWACSignedPath::signFile($this->file_one->url());
359 
360  $parts = parse_url($signed_path);
361  $path = $parts['path'];
362  $query = $parts['query'];
363  parse_str($query, $query_array);
364  $token = $override_token ? $override_token : $query_array['il_wac_token'];
365  $ttl = (int) $query_array['il_wac_ttl'];
366  $ts = (int) $query_array['il_wac_ts'];
367  $path_with_token = $path . '?il_wac_token=' . $token;
368 
369  $modified_ttl = $ttl + $add_ttl;
370  $modified_ts = $ts + $add_timestamp;
371 
372  return $path_with_token . '&il_wac_ttl=' . $modified_ttl . '&il_wac_ts=' . $modified_ts;
373  }
374 }
$c
$c
Definition: cli.php:37
ilWACTokenTest\getModifiedSignedPath
getModifiedSignedPath($add_ttl=0, $add_timestamp=0, $override_token=null)
Definition: ilWACTokenTest.php:355
CLIENT_NAME
const CLIENT_NAME
Definition: constants.php:40
ilWACPath
Class ilWACPath.
Definition: class.ilWACPath.php:26
GlobalHttpState
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
$container
$container
Definition: wac.php:13
ilWACTokenTest
TestCase for the ilWACTokenTest.
Definition: ilWACTokenTest.php:48
ilWACSignedPath\signFolderOfStartFile
static signFolderOfStartFile($start_file_path)
Definition: class.ilWACSignedPath.php:297
ILIAS\FileDelivery\http
static http()
Fetches the global http state from ILIAS.
Definition: HttpServiceAware.php:36
$token
$token
Definition: xapitoken.php:52
ilWACSignedPath
Class ilWACSignedPath.
Definition: class.ilWACSignedPath.php:37
$GLOBALS
if(!defined('PATH_SEPARATOR')) $GLOBALS['_PEAR_default_error_mode']
Definition: PEAR.php:64
ilWACToken\getSALT
static getSALT()
Definition: class.ilWACToken.php:278
$query
$query
Definition: proxy_ylocal.php:13
ilWACSignedPath\signFile
static signFile($path_to_file)
Definition: class.ilWACSignedPath.php:276
ilWACToken
Class ilWACToken.
Definition: class.ilWACToken.php:12
ilWACToken\setSALT
static setSALT($salt)
Definition: class.ilWACToken.php:288
CookieFactory
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
ilWACSignedPath\setTokenMaxLifetimeInSeconds
static setTokenMaxLifetimeInSeconds($token_max_lifetime_in_seconds)
Definition: class.ilWACSignedPath.php:460
ilWACSignedPath\getTokenMaxLifetimeInSeconds
static getTokenMaxLifetimeInSeconds()
Definition: class.ilWACSignedPath.php:448
Cookie
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
$response
$response
Definition: proxy_ylocal.php:39