1: <?php
  2: 
  3: /*
  4:  * This file is part of the Symfony package.
  5:  *
  6:  * (c) Fabien Potencier <fabien@symfony.com>
  7:  *
  8:  * For the full copyright and license information, please view the LICENSE
  9:  * file that was distributed with this source code.
 10:  */
 11: 
 12: namespace Symfony\Component\HttpFoundation\Tests;
 13: 
 14: use Symfony\Component\HttpFoundation\ServerBag;
 15: 
 16: /**
 17:  * ServerBagTest.
 18:  *
 19:  * @author Bulat Shakirzyanov <mallluhuct@gmail.com>
 20:  */
 21: class ServerBagTest extends \PHPUnit_Framework_TestCase
 22: {
 23:     public function testShouldExtractHeadersFromServerArray()
 24:     {
 25:         $server = array(
 26:             'SOME_SERVER_VARIABLE' => 'value',
 27:             'SOME_SERVER_VARIABLE2' => 'value',
 28:             'ROOT' => 'value',
 29:             'HTTP_CONTENT_TYPE' => 'text/html',
 30:             'HTTP_CONTENT_LENGTH' => '0',
 31:             'HTTP_ETAG' => 'asdf',
 32:             'PHP_AUTH_USER' => 'foo',
 33:             'PHP_AUTH_PW' => 'bar',
 34:         );
 35: 
 36:         $bag = new ServerBag($server);
 37: 
 38:         $this->assertEquals(array(
 39:             'CONTENT_TYPE' => 'text/html',
 40:             'CONTENT_LENGTH' => '0',
 41:             'ETAG' => 'asdf',
 42:             'AUTHORIZATION' => 'Basic '.base64_encode('foo:bar'),
 43:             'PHP_AUTH_USER' => 'foo',
 44:             'PHP_AUTH_PW' => 'bar',
 45:         ), $bag->getHeaders());
 46:     }
 47: 
 48:     public function testHttpPasswordIsOptional()
 49:     {
 50:         $bag = new ServerBag(array('PHP_AUTH_USER' => 'foo'));
 51: 
 52:         $this->assertEquals(array(
 53:             'AUTHORIZATION' => 'Basic '.base64_encode('foo:'),
 54:             'PHP_AUTH_USER' => 'foo',
 55:             'PHP_AUTH_PW' => '',
 56:         ), $bag->getHeaders());
 57:     }
 58: 
 59:     public function testHttpBasicAuthWithPhpCgi()
 60:     {
 61:         $bag = new ServerBag(array('HTTP_AUTHORIZATION' => 'Basic '.base64_encode('foo:bar')));
 62: 
 63:         $this->assertEquals(array(
 64:             'AUTHORIZATION' => 'Basic '.base64_encode('foo:bar'),
 65:             'PHP_AUTH_USER' => 'foo',
 66:             'PHP_AUTH_PW' => 'bar',
 67:         ), $bag->getHeaders());
 68:     }
 69: 
 70:     public function testHttpBasicAuthWithPhpCgiBogus()
 71:     {
 72:         $bag = new ServerBag(array('HTTP_AUTHORIZATION' => 'Basic_'.base64_encode('foo:bar')));
 73: 
 74:         // Username and passwords should not be set as the header is bogus
 75:         $headers = $bag->getHeaders();
 76:         $this->assertFalse(isset($headers['PHP_AUTH_USER']));
 77:         $this->assertFalse(isset($headers['PHP_AUTH_PW']));
 78:     }
 79: 
 80:     public function testHttpBasicAuthWithPhpCgiRedirect()
 81:     {
 82:         $bag = new ServerBag(array('REDIRECT_HTTP_AUTHORIZATION' => 'Basic '.base64_encode('username:pass:word')));
 83: 
 84:         $this->assertEquals(array(
 85:             'AUTHORIZATION' => 'Basic '.base64_encode('username:pass:word'),
 86:             'PHP_AUTH_USER' => 'username',
 87:             'PHP_AUTH_PW' => 'pass:word',
 88:         ), $bag->getHeaders());
 89:     }
 90: 
 91:     public function testHttpBasicAuthWithPhpCgiEmptyPassword()
 92:     {
 93:         $bag = new ServerBag(array('HTTP_AUTHORIZATION' => 'Basic '.base64_encode('foo:')));
 94: 
 95:         $this->assertEquals(array(
 96:             'AUTHORIZATION' => 'Basic '.base64_encode('foo:'),
 97:             'PHP_AUTH_USER' => 'foo',
 98:             'PHP_AUTH_PW' => '',
 99:         ), $bag->getHeaders());
100:     }
101: 
102:     public function testHttpDigestAuthWithPhpCgi()
103:     {
104:         $digest = 'Digest username="foo", realm="acme", nonce="'.md5('secret').'", uri="/protected, qop="auth"';
105:         $bag = new ServerBag(array('HTTP_AUTHORIZATION' => $digest));
106: 
107:         $this->assertEquals(array(
108:             'AUTHORIZATION' => $digest,
109:             'PHP_AUTH_DIGEST' => $digest,
110:         ), $bag->getHeaders());
111:     }
112: 
113:     public function testHttpDigestAuthWithPhpCgiBogus()
114:     {
115:         $digest = 'Digest_username="foo", realm="acme", nonce="'.md5('secret').'", uri="/protected, qop="auth"';
116:         $bag = new ServerBag(array('HTTP_AUTHORIZATION' => $digest));
117: 
118:         // Username and passwords should not be set as the header is bogus
119:         $headers = $bag->getHeaders();
120:         $this->assertFalse(isset($headers['PHP_AUTH_USER']));
121:         $this->assertFalse(isset($headers['PHP_AUTH_PW']));
122:     }
123: 
124:     public function testHttpDigestAuthWithPhpCgiRedirect()
125:     {
126:         $digest = 'Digest username="foo", realm="acme", nonce="'.md5('secret').'", uri="/protected, qop="auth"';
127:         $bag = new ServerBag(array('REDIRECT_HTTP_AUTHORIZATION' => $digest));
128: 
129:         $this->assertEquals(array(
130:             'AUTHORIZATION' => $digest,
131:             'PHP_AUTH_DIGEST' => $digest,
132:         ), $bag->getHeaders());
133:     }
134: 
135:     public function testOAuthBearerAuth()
136:     {
137:         $headerContent = 'Bearer L-yLEOr9zhmUYRkzN1jwwxwQ-PBNiKDc8dgfB4hTfvo';
138:         $bag = new ServerBag(array('HTTP_AUTHORIZATION' => $headerContent));
139: 
140:         $this->assertEquals(array(
141:             'AUTHORIZATION' => $headerContent,
142:         ), $bag->getHeaders());
143:     }
144: }
145: