ServerBagTest.php 5.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170
  1. <?php
  2. /*
  3. * This file is part of the Symfony package.
  4. *
  5. * (c) Fabien Potencier <fabien@symfony.com>
  6. *
  7. * For the full copyright and license information, please view the LICENSE
  8. * file that was distributed with this source code.
  9. */
  10. namespace Symfony\Component\HttpFoundation\Tests;
  11. use Symfony\Component\HttpFoundation\ServerBag;
  12. /**
  13. * ServerBagTest.
  14. *
  15. * @author Bulat Shakirzyanov <mallluhuct@gmail.com>
  16. */
  17. class ServerBagTest extends \PHPUnit_Framework_TestCase
  18. {
  19. public function testShouldExtractHeadersFromServerArray()
  20. {
  21. $server = array(
  22. 'SOME_SERVER_VARIABLE' => 'value',
  23. 'SOME_SERVER_VARIABLE2' => 'value',
  24. 'ROOT' => 'value',
  25. 'HTTP_CONTENT_TYPE' => 'text/html',
  26. 'HTTP_CONTENT_LENGTH' => '0',
  27. 'HTTP_ETAG' => 'asdf',
  28. 'PHP_AUTH_USER' => 'foo',
  29. 'PHP_AUTH_PW' => 'bar',
  30. );
  31. $bag = new ServerBag($server);
  32. $this->assertEquals(array(
  33. 'CONTENT_TYPE' => 'text/html',
  34. 'CONTENT_LENGTH' => '0',
  35. 'ETAG' => 'asdf',
  36. 'AUTHORIZATION' => 'Basic '.base64_encode('foo:bar'),
  37. 'PHP_AUTH_USER' => 'foo',
  38. 'PHP_AUTH_PW' => 'bar',
  39. ), $bag->getHeaders());
  40. }
  41. public function testHttpPasswordIsOptional()
  42. {
  43. $bag = new ServerBag(array('PHP_AUTH_USER' => 'foo'));
  44. $this->assertEquals(array(
  45. 'AUTHORIZATION' => 'Basic '.base64_encode('foo:'),
  46. 'PHP_AUTH_USER' => 'foo',
  47. 'PHP_AUTH_PW' => '',
  48. ), $bag->getHeaders());
  49. }
  50. public function testHttpBasicAuthWithPhpCgi()
  51. {
  52. $bag = new ServerBag(array('HTTP_AUTHORIZATION' => 'Basic '.base64_encode('foo:bar')));
  53. $this->assertEquals(array(
  54. 'AUTHORIZATION' => 'Basic '.base64_encode('foo:bar'),
  55. 'PHP_AUTH_USER' => 'foo',
  56. 'PHP_AUTH_PW' => 'bar',
  57. ), $bag->getHeaders());
  58. }
  59. public function testHttpBasicAuthWithPhpCgiBogus()
  60. {
  61. $bag = new ServerBag(array('HTTP_AUTHORIZATION' => 'Basic_'.base64_encode('foo:bar')));
  62. // Username and passwords should not be set as the header is bogus
  63. $headers = $bag->getHeaders();
  64. $this->assertFalse(isset($headers['PHP_AUTH_USER']));
  65. $this->assertFalse(isset($headers['PHP_AUTH_PW']));
  66. }
  67. public function testHttpBasicAuthWithPhpCgiRedirect()
  68. {
  69. $bag = new ServerBag(array('REDIRECT_HTTP_AUTHORIZATION' => 'Basic '.base64_encode('username:pass:word')));
  70. $this->assertEquals(array(
  71. 'AUTHORIZATION' => 'Basic '.base64_encode('username:pass:word'),
  72. 'PHP_AUTH_USER' => 'username',
  73. 'PHP_AUTH_PW' => 'pass:word',
  74. ), $bag->getHeaders());
  75. }
  76. public function testHttpBasicAuthWithPhpCgiEmptyPassword()
  77. {
  78. $bag = new ServerBag(array('HTTP_AUTHORIZATION' => 'Basic '.base64_encode('foo:')));
  79. $this->assertEquals(array(
  80. 'AUTHORIZATION' => 'Basic '.base64_encode('foo:'),
  81. 'PHP_AUTH_USER' => 'foo',
  82. 'PHP_AUTH_PW' => '',
  83. ), $bag->getHeaders());
  84. }
  85. public function testHttpDigestAuthWithPhpCgi()
  86. {
  87. $digest = 'Digest username="foo", realm="acme", nonce="'.md5('secret').'", uri="/protected, qop="auth"';
  88. $bag = new ServerBag(array('HTTP_AUTHORIZATION' => $digest));
  89. $this->assertEquals(array(
  90. 'AUTHORIZATION' => $digest,
  91. 'PHP_AUTH_DIGEST' => $digest,
  92. ), $bag->getHeaders());
  93. }
  94. public function testHttpDigestAuthWithPhpCgiBogus()
  95. {
  96. $digest = 'Digest_username="foo", realm="acme", nonce="'.md5('secret').'", uri="/protected, qop="auth"';
  97. $bag = new ServerBag(array('HTTP_AUTHORIZATION' => $digest));
  98. // Username and passwords should not be set as the header is bogus
  99. $headers = $bag->getHeaders();
  100. $this->assertFalse(isset($headers['PHP_AUTH_USER']));
  101. $this->assertFalse(isset($headers['PHP_AUTH_PW']));
  102. }
  103. public function testHttpDigestAuthWithPhpCgiRedirect()
  104. {
  105. $digest = 'Digest username="foo", realm="acme", nonce="'.md5('secret').'", uri="/protected, qop="auth"';
  106. $bag = new ServerBag(array('REDIRECT_HTTP_AUTHORIZATION' => $digest));
  107. $this->assertEquals(array(
  108. 'AUTHORIZATION' => $digest,
  109. 'PHP_AUTH_DIGEST' => $digest,
  110. ), $bag->getHeaders());
  111. }
  112. public function testOAuthBearerAuth()
  113. {
  114. $headerContent = 'Bearer L-yLEOr9zhmUYRkzN1jwwxwQ-PBNiKDc8dgfB4hTfvo';
  115. $bag = new ServerBag(array('HTTP_AUTHORIZATION' => $headerContent));
  116. $this->assertEquals(array(
  117. 'AUTHORIZATION' => $headerContent,
  118. ), $bag->getHeaders());
  119. }
  120. public function testOAuthBearerAuthWithRedirect()
  121. {
  122. $headerContent = 'Bearer L-yLEOr9zhmUYRkzN1jwwxwQ-PBNiKDc8dgfB4hTfvo';
  123. $bag = new ServerBag(array('REDIRECT_HTTP_AUTHORIZATION' => $headerContent));
  124. $this->assertEquals(array(
  125. 'AUTHORIZATION' => $headerContent,
  126. ), $bag->getHeaders());
  127. }
  128. /**
  129. * @see https://github.com/symfony/symfony/issues/17345
  130. */
  131. public function testItDoesNotOverwriteTheAuthorizationHeaderIfItIsAlreadySet()
  132. {
  133. $headerContent = 'Bearer L-yLEOr9zhmUYRkzN1jwwxwQ-PBNiKDc8dgfB4hTfvo';
  134. $bag = new ServerBag(array('PHP_AUTH_USER' => 'foo', 'HTTP_AUTHORIZATION' => $headerContent));
  135. $this->assertEquals(array(
  136. 'AUTHORIZATION' => $headerContent,
  137. 'PHP_AUTH_USER' => 'foo',
  138. 'PHP_AUTH_PW' => '',
  139. ), $bag->getHeaders());
  140. }
  141. }