diff options
Diffstat (limited to 'poc/poc02-compiling-cake/src/vendor/cakephp-2.2.1-0-gcc44130/lib/Cake/Test/Case/Controller/Component/Auth/BasicAuthenticateTest.php')
-rw-r--r-- | poc/poc02-compiling-cake/src/vendor/cakephp-2.2.1-0-gcc44130/lib/Cake/Test/Case/Controller/Component/Auth/BasicAuthenticateTest.php | 206 |
1 files changed, 206 insertions, 0 deletions
diff --git a/poc/poc02-compiling-cake/src/vendor/cakephp-2.2.1-0-gcc44130/lib/Cake/Test/Case/Controller/Component/Auth/BasicAuthenticateTest.php b/poc/poc02-compiling-cake/src/vendor/cakephp-2.2.1-0-gcc44130/lib/Cake/Test/Case/Controller/Component/Auth/BasicAuthenticateTest.php new file mode 100644 index 0000000..b1affff --- /dev/null +++ b/poc/poc02-compiling-cake/src/vendor/cakephp-2.2.1-0-gcc44130/lib/Cake/Test/Case/Controller/Component/Auth/BasicAuthenticateTest.php @@ -0,0 +1,206 @@ +<?php +/** + * BasicAuthenticateTest file + * + * PHP 5 + * + * CakePHP(tm) : Rapid Development Framework (http://cakephp.org) + * Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org) + * + * Licensed under The MIT License + * Redistributions of files must retain the above copyright notice. + * + * @copyright Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org) + * @link http://cakephp.org CakePHP(tm) Project + * @package Cake.Test.Case.Controller.Component.Auth + * @since CakePHP(tm) v 2.0 + * @license MIT License (http://www.opensource.org/licenses/mit-license.php) + */ + +App::uses('AuthComponent', 'Controller/Component'); +App::uses('BasicAuthenticate', 'Controller/Component/Auth'); +App::uses('AppModel', 'Model'); +App::uses('CakeRequest', 'Network'); +App::uses('CakeResponse', 'Network'); + + +require_once CAKE . 'Test' . DS . 'Case' . DS . 'Model' . DS . 'models.php'; + +/** + * Test case for BasicAuthentication + * + * @package Cake.Test.Case.Controller.Component.Auth + */ +class BasicAuthenticateTest extends CakeTestCase { + + public $fixtures = array('core.user', 'core.auth_user'); + +/** + * setup + * + * @return void + */ + public function setUp() { + parent::setUp(); + $this->Collection = $this->getMock('ComponentCollection'); + $this->auth = new BasicAuthenticate($this->Collection, array( + 'fields' => array('username' => 'user', 'password' => 'password'), + 'userModel' => 'User', + 'realm' => 'localhost', + 'recursive' => 0 + )); + + $password = Security::hash('password', null, true); + $User = ClassRegistry::init('User'); + $User->updateAll(array('password' => $User->getDataSource()->value($password))); + $this->response = $this->getMock('CakeResponse'); + } + +/** + * test applying settings in the constructor + * + * @return void + */ + public function testConstructor() { + $object = new BasicAuthenticate($this->Collection, array( + 'userModel' => 'AuthUser', + 'fields' => array('username' => 'user', 'password' => 'password') + )); + $this->assertEquals('AuthUser', $object->settings['userModel']); + $this->assertEquals(array('username' => 'user', 'password' => 'password'), $object->settings['fields']); + $this->assertEquals(env('SERVER_NAME'), $object->settings['realm']); + } + +/** + * test the authenticate method + * + * @return void + */ + public function testAuthenticateNoData() { + $request = new CakeRequest('posts/index', false); + + $this->response->expects($this->once()) + ->method('header') + ->with('WWW-Authenticate: Basic realm="localhost"'); + + $this->assertFalse($this->auth->authenticate($request, $this->response)); + } + +/** + * test the authenticate method + * + * @return void + */ + public function testAuthenticateNoUsername() { + $request = new CakeRequest('posts/index', false); + $_SERVER['PHP_AUTH_PW'] = 'foobar'; + + $this->response->expects($this->once()) + ->method('header') + ->with('WWW-Authenticate: Basic realm="localhost"'); + + $this->assertFalse($this->auth->authenticate($request, $this->response)); + } + +/** + * test the authenticate method + * + * @return void + */ + public function testAuthenticateNoPassword() { + $request = new CakeRequest('posts/index', false); + $_SERVER['PHP_AUTH_USER'] = 'mariano'; + $_SERVER['PHP_AUTH_PW'] = null; + + $this->response->expects($this->once()) + ->method('header') + ->with('WWW-Authenticate: Basic realm="localhost"'); + + $this->assertFalse($this->auth->authenticate($request, $this->response)); + } + +/** + * test the authenticate method + * + * @return void + */ + public function testAuthenticateInjection() { + $request = new CakeRequest('posts/index', false); + $request->addParams(array('pass' => array(), 'named' => array())); + + $_SERVER['PHP_AUTH_USER'] = '> 1'; + $_SERVER['PHP_AUTH_PW'] = "' OR 1 = 1"; + + $this->assertFalse($this->auth->authenticate($request, $this->response)); + } + +/** + * test that challenge headers are sent when no credentials are found. + * + * @return void + */ + public function testAuthenticateChallenge() { + $request = new CakeRequest('posts/index', false); + $request->addParams(array('pass' => array(), 'named' => array())); + + $this->response->expects($this->at(0)) + ->method('header') + ->with('WWW-Authenticate: Basic realm="localhost"'); + + $this->response->expects($this->at(1)) + ->method('send'); + + $result = $this->auth->authenticate($request, $this->response); + $this->assertFalse($result); + } + +/** + * test authenticate sucesss + * + * @return void + */ + public function testAuthenticateSuccess() { + $request = new CakeRequest('posts/index', false); + $request->addParams(array('pass' => array(), 'named' => array())); + + $_SERVER['PHP_AUTH_USER'] = 'mariano'; + $_SERVER['PHP_AUTH_PW'] = 'password'; + + $result = $this->auth->authenticate($request, $this->response); + $expected = array( + 'id' => 1, + 'user' => 'mariano', + 'created' => '2007-03-17 01:16:23', + 'updated' => '2007-03-17 01:18:31' + ); + $this->assertEquals($expected, $result); + } + +/** + * test scope failure. + * + * @return void + */ + public function testAuthenticateFailReChallenge() { + $this->auth->settings['scope'] = array('user' => 'nate'); + $request = new CakeRequest('posts/index', false); + $request->addParams(array('pass' => array(), 'named' => array())); + + $_SERVER['PHP_AUTH_USER'] = 'mariano'; + $_SERVER['PHP_AUTH_PW'] = 'password'; + + $this->response->expects($this->at(0)) + ->method('header') + ->with('WWW-Authenticate: Basic realm="localhost"'); + + $this->response->expects($this->at(1)) + ->method('statusCode') + ->with(401); + + $this->response->expects($this->at(2)) + ->method('send'); + + $this->assertFalse($this->auth->authenticate($request, $this->response)); + } + +} |