[ Index ]

PHP Cross Reference of YOURLS

title

Body

[close]

/tests/tests/auth/ -> nonces.php (source)

   1  <?php
   2  /**
   3   * Nonce tests
   4   *
   5   * @group auth
   6   * @group nonces
   7   * @since 0.1
   8   */
   9  class Auth_Nonce_Tests extends PHPUnit\Framework\TestCase {
  10  
  11      protected function tearDown(): void {
  12          yourls_remove_all_actions('pre_yourls_die');
  13      }
  14  
  15      /**
  16       * Check for valid nonce life
  17       */
  18  	public function test_nonce_life() {
  19          $this->assertTrue( is_int(yourls_get_cookie_life()) );
  20      }
  21  
  22      /**
  23       * Check for valid tick
  24       */
  25  	public function test_tick() {
  26          $this->assertTrue( is_float(yourls_tick()) );
  27      }
  28  
  29      /**
  30       * Check nonce creation
  31       */
  32  	public function test_create_nonce() {
  33          $this->assertTrue( is_string(yourls_create_nonce(rand_str(), rand_str())) );
  34      }
  35  
  36      /**
  37       * Check nonce field creation and output
  38       */
  39  	public function test_create_nonce_field_echo() {
  40          $action = rand_str();
  41          $name = rand_str();
  42          $user = rand_str();
  43          $field = yourls_nonce_field( $action, $name, $user, false );
  44          $this->assertTrue( is_string($field) );
  45          $this->expectOutputString( $field . "\n" );
  46          $field = yourls_nonce_field( $action, $name, $user, true );
  47      }
  48  
  49      /**
  50       * Check nonce URL creation
  51       */
  52  	public function test_create_nonce_url() {
  53          $url = yourls_nonce_url( rand_str(), rand_str(), rand_str(), rand_str() );
  54          $this->assertTrue( is_string($url) );
  55      }
  56  
  57      /**
  58       * Test valid nonce
  59       */
  60  	public function test_valid_nonce() {
  61          $action = rand_str();
  62          $user   = rand_str();
  63  
  64          // what nonce should be
  65          $valid = yourls_create_nonce( $action, $user );
  66  
  67          $this->assertTrue(yourls_verify_nonce($action, $valid, $user));
  68      }
  69  
  70      /**
  71       * Test invalid nonce
  72       */
  73  	public function test_invalid_nonce() {
  74          $this->expectException(Exception::class);
  75          $this->expectExceptionMessage('I have died');
  76  
  77          // intercept yourls_die() before it actually dies
  78          yourls_add_action( 'pre_yourls_die', function() { throw new Exception( 'I have died' ); } );
  79  
  80          // This should trigger yourls_die()
  81          $this->assertTrue(yourls_verify_nonce(rand_str(), rand_str(), rand_str()));
  82      }
  83  
  84      /**
  85       * Check nonces are different for different actions & users
  86       */
  87      public function test_nonce_different_for_different_actions_and_users() {
  88          $action1 = rand_str();
  89          $action2 = rand_str();
  90          $user1 = rand_str();
  91          $user2 = rand_str();
  92  
  93          $nonce_a1 = yourls_create_nonce($action1);
  94          $nonce_a2 = yourls_create_nonce($action2);
  95          $nonce_a1_u1 = yourls_create_nonce($action1, $user1);
  96          $nonce_a1_u2 = yourls_create_nonce($action1, $user2);
  97  
  98          $this->assertNotEquals($nonce_a1, $nonce_a2);
  99          $this->assertNotEquals($nonce_a1_u1, $nonce_a1_u2);
 100          $this->assertNotEquals($nonce_a1, $nonce_a1_u1);
 101      }
 102  
 103  }


Generated: Wed Sep 28 05:10:02 2022 Cross-referenced by PHPXref 0.7.1