* @license http://www.apache.org/licenses/LICENSE-2.0 * @link http://phpsx.org */ class DigestAuthenticationTest extends FilterTestCase { public function testSuccessful() { $store = new MemoryStore(); $handle = $this->makeHandshake($store); $handle->onSuccess(function () { // success }); $username = 'test'; $password = 'test'; $container = $store->toArray(); /** @var Digest $digest */ $digest = array_shift($container); $nonce = $digest->getNonce(); $opaque = $digest->getOpaque(); $cnonce = md5(uniqid()); $nc = '00000001'; $ha1 = md5($username . ':psx:' . $password); $ha2 = md5('GET:/index.php'); $response = md5($ha1 . ':' . $nonce . ':' . $nc . ':' . $cnonce . ':auth:' . $ha2); $params = array( 'username' => $username, 'realm' => 'psx', 'nonce' => $nonce, 'qop' => 'auth', 'nc' => $nc, 'cnonce' => $cnonce, 'response' => $response, 'opaque' => $opaque, ); $request = new Request(new Url('http://localhost/index.php'), 'GET', array('Authorization' => 'Digest ' . Authentication::encodeParameters($params))); $response = new Response(); $handle->handle($request, $response, $this->getFilterChain(true, $request, $response)); } public function testFailure() { $this->expectException(BadRequestException::class); $store = new MemoryStore(); $handle = $this->makeHandshake($store); $username = 'test'; $password = 'bar'; $container = $store->toArray(); /** @var Digest $digest */ $digest = array_shift($container); $nonce = $digest->getNonce(); $opaque = $digest->getOpaque(); $cnonce = md5(uniqid()); $nc = '00000001'; $ha1 = md5($username . ':psx:' . $password); $ha2 = md5('GET:/index.php'); $response = md5($ha1 . ':' . $nonce . ':' . $nc . ':' . $cnonce . ':auth:' . $ha2); $params = array( 'username' => $username, 'realm' => 'psx', 'nonce' => $nonce, 'qop' => 'auth', 'nc' => $nc, 'cnonce' => $cnonce, 'response' => $response, 'opaque' => $opaque, ); $request = new Request(new Url('http://localhost/index.php'), 'GET', array('Authorization' => 'Digest ' . Authentication::encodeParameters($params))); $response = new Response(); $handle->handle($request, $response, $this->getFilterChain(false)); } public function testMissing() { $store = new MemoryStore(); $handle = new DigestAuthentication(function ($username) { return md5($username . ':psx:test'); }, $store); $request = new Request(new Url('http://localhost/index.php'), 'GET'); $response = new Response(); try { $handle->handle($request, $response, $this->getFilterChain(false)); $this->fail('Must throw an Exception'); } catch (UnauthorizedException $e) { $this->assertEquals(401, $e->getStatusCode()); $this->assertEquals('Digest', $e->getType()); $params = $e->getParameters(); $this->assertEquals('auth,auth-int', $params['qop']); $this->assertTrue(strlen($params['nonce']) > 8); $this->assertTrue(strlen($params['opaque']) > 8); } } public function testMissingWrongType() { $store = new MemoryStore(); $handle = new DigestAuthentication(function ($username) { return md5($username . ':psx:test'); }, $store); $request = new Request(new Url('http://localhost'), 'GET', array('Authorization' => 'Foo')); $response = new Response(); try { $handle->handle($request, $response, $this->getFilterChain(false)); $this->fail('Must throw an Exception'); } catch (UnauthorizedException $e) { $this->assertEquals(401, $e->getStatusCode()); $this->assertEquals('Digest', $e->getType()); $params = $e->getParameters(); $this->assertEquals('auth,auth-int', $params['qop']); $this->assertTrue(strlen($params['nonce']) > 8); $this->assertTrue(strlen($params['opaque']) > 8); } } protected function makeHandshake(StoreInterface $store) { // first we make an normal request without authentication then we should // get an 401 response with the nonce and opaque then we can make an // authentication request $handle = new DigestAuthentication(function ($username) { return md5($username . ':psx:test'); }, $store); $request = new Request(new Url('http://localhost/index.php'), 'GET'); $response = new Response(); try { $handle->handle($request, $response, $this->getFilterChain(false)); $this->fail('Must throw an Exception'); } catch (UnauthorizedException $e) { $this->assertEquals(401, $e->getStatusCode()); $this->assertEquals('Digest', $e->getType()); $params = $e->getParameters(); $this->assertEquals('auth,auth-int', $params['qop']); $this->assertTrue(strlen($params['nonce']) > 8); $this->assertTrue(strlen($params['opaque']) > 8); } return $handle; } } __halt_compiler();----SIGNATURE:----ktjYUnEo1zA5qyY3ilEABNFV1mI5SmW3MCd5O/IWx8UssbCQSyGvdZgRJHwe699g//2tKO8mfIghFlG46K84Bub7IOVqEnOfD0x0h/WuEbxlWm++Z0NJQfG48NBIimVzubyweUChJCp9Gm+snNAhvu3iEne1ztjUTPznm1chmXr0UotZBiWnun1lem7jPywS/8e6ZrEceyUg6wyB7pehdOC5Wv2yJUdruuzstS8qdxP2m4+jEJFCKkjAIuyvFkB5ZmmmOYZP/bO2kVC5OLA51NH9U392teIWKBydX24QL3tXozit2AOS0g4Zc7RXF7v6kmL4HJsqyP9D52YRE4hX4GaIBeTYiD+BxnMx79nl9T7YeOSU4cQxZ5I6nAe5IeDY0OGmVQHV7Hgma3MFRkmUqTLqCCKF/A2jYbMw/CBfeOPwbNmrOyg8X+EJTZJ1JmzjPFEnoIfBSYErHPkoRvpEK9H0rJlJA2nLMVnCByoSbamwA46idAcHCupl1lo66nODcgdXxqaETtPvnmqzvqguUZlR2aepFOGPGjqmeM0M0yqWht0xPzkcOz1xPkiTfk8B7fVNd5AcI6ar8PvuNquJw7HTyW19oZpQRkmyV6cll6zhqyAoCj8KnQK4EF2HCDuZQev1bN4sl96dhtii8ZDt6r5bXomsXOQZ+Xu5e6uYxG8=----ATTACHMENT:----ODYzMDUwNzIyNDgzMTk4NyA5MjgzMTk3NjI3Mjk2Mjc4IDc4NTExNjY4Nzg0NzQyMzM=