1<?php 2 3class fetch_imagetoken_test extends DokuWikiTest { 4 5 private $media = 'wiki:dokuwiki-128.png'; 6 private $width = 200; 7 private $height = 0; 8 9 function setUp() : void { 10 // check we can carry out these tests 11 if (!file_exists(mediaFN($this->media))) { 12 $this->markTestSkipped('Source image required for test'); 13 } 14 15 header('X-Test: check headers working'); 16 $header_check = function_exists('xdebug_get_headers') ? xdebug_get_headers() : headers_list(); 17 if (empty($header_check)) { 18 $this->markTestSkipped('headers not returned, perhaps your sapi does not return headers, try xdebug'); 19 } else { 20 header_remove('X-Test'); 21 } 22 23 parent::setUp(); 24 25 global $conf; 26 $conf['xsendfile'] = 0; 27 28 global $MIME, $EXT, $CACHE, $INPUT; // variables fetch creates in global scope -- should this be in fetch? 29 } 30 31 function getUri() { 32 $w = $this->width ? 'w='.$this->width.'&' : ''; 33 $h = $this->height ? 'h='.$this->height.'&' : ''; 34 35 return '/lib/exe/fetch.php?'.$w.$h.'{%token%}media='.$this->media; 36 } 37 38 function fetchResponse($token){ 39 $request = new TestRequest(); 40 return $request->get(array(),str_replace('{%token%}',$token,$this->getUri())); 41 } 42 43 /** 44 * modified image request with valid token 45 * expect: header with mime-type 46 * expect: content 47 * expect: no error response 48 */ 49 function test_valid_token(){ 50 $valid_token = 'tok='.media_get_token($this->media, $this->width, $this->height).'&'; 51 $response = $this->fetchResponse($valid_token); 52 $this->assertTrue((bool)$response->getHeader('Content-Type')); 53 $this->assertTrue((bool)($response->getContent())); 54 55 $status_code = $response->getStatusCode(); 56 $this->assertTrue(is_null($status_code) || (200 == $status_code)); 57 } 58 59 /** 60 * fit=1 does not affect token validation; token is hashed over (id, w, h) 61 * only, so an existing token must still pass when the request adds fit=1. 62 */ 63 function test_fit_does_not_invalidate_token(){ 64 $this->width = $this->height = 100; // both dims -> would normally be crop; fit=1 routes to bbox resize 65 $valid_token = 'tok='.media_get_token($this->media, $this->width, $this->height).'&fit=1&'; 66 $response = $this->fetchResponse($valid_token); 67 $status_code = $response->getStatusCode(); 68 $this->assertTrue(is_null($status_code) || (200 == $status_code)); 69 } 70 71 /** 72 * modified image request with invalid token 73 * expect: 412 status code 74 */ 75 function test_invalid_token(){ 76 $invalid_token = 'tok='.media_get_token('junk',200,100).'&'; 77 $this->assertEquals(412,$this->fetchResponse($invalid_token)->getStatusCode()); 78 } 79 80 /** 81 * modified image request with no token 82 * expect: 412 status code 83 */ 84 function test_missing_token(){ 85 $no_token = ''; 86 $this->assertEquals(412,$this->fetchResponse($no_token)->getStatusCode()); 87 } 88 89 /** 90 * native image request which doesn't require a token 91 * try: with a token & without a token 92 * expect: (for both) header with mime-type, content matching source image filesize & no error response 93 */ 94 function test_no_token_required(){ 95 $this->width = $this->height = 0; // no width & height, means image request at native dimensions 96 $any_token = 'tok='.media_get_token('junk',200,100).'&'; 97 $no_token = ''; 98 $bytes = filesize(mediaFN($this->media)); 99 100 foreach(array($any_token, $no_token) as $token) { 101 $response = $this->fetchResponse($token); 102 $this->assertTrue((bool)$response->getHeader('Content-Type')); 103 $this->assertEquals(strlen($response->getContent()), $bytes); 104 105 $status_code = $response->getStatusCode(); 106 $this->assertTrue(is_null($status_code) || (200 == $status_code)); 107 } 108 } 109 110} 111//Setup VIM: ex: et ts=4 : 112