1<?php
2
3namespace Sabre\DAV\Auth\Backend;
4
5use Sabre\DAV;
6use Sabre\HTTP;
7
8class AbstractDigestTest extends \PHPUnit_Framework_TestCase {
9
10    function testCheckNoHeaders() {
11
12        $request = new HTTP\Request();
13        $response = new HTTP\Response();
14
15        $backend = new AbstractDigestMock();
16        $this->assertFalse(
17            $backend->check($request, $response)[0]
18        );
19
20    }
21
22    function testCheckBadGetUserInfoResponse() {
23
24        $header = 'username=null, realm=myRealm, nonce=12345, uri=/, response=HASH, opaque=1, qop=auth, nc=1, cnonce=1';
25        $request = HTTP\Sapi::createFromServerArray([
26            'PHP_AUTH_DIGEST' => $header,
27        ]);
28        $response = new HTTP\Response();
29
30        $backend = new AbstractDigestMock();
31        $this->assertFalse(
32            $backend->check($request, $response)[0]
33        );
34
35    }
36
37    /**
38     * @expectedException Sabre\DAV\Exception
39     */
40    function testCheckBadGetUserInfoResponse2() {
41
42        $header = 'username=array, realm=myRealm, nonce=12345, uri=/, response=HASH, opaque=1, qop=auth, nc=1, cnonce=1';
43        $request = HTTP\Sapi::createFromServerArray([
44            'PHP_AUTH_DIGEST' => $header,
45        ]);
46
47        $response = new HTTP\Response();
48
49        $backend = new AbstractDigestMock();
50        $this->assertNull(
51            $backend->check($request, $response)
52        );
53
54        $backend = new AbstractDigestMock();
55        $backend->check($request, $response);
56
57    }
58
59    function testCheckUnknownUser() {
60
61        $header = 'username=false, realm=myRealm, nonce=12345, uri=/, response=HASH, opaque=1, qop=auth, nc=1, cnonce=1';
62        $request = HTTP\Sapi::createFromServerArray([
63            'PHP_AUTH_DIGEST' => $header,
64        ]);
65
66        $response = new HTTP\Response();
67
68        $backend = new AbstractDigestMock();
69        $this->assertFalse(
70            $backend->check($request, $response)[0]
71        );
72
73    }
74
75    function testCheckBadPassword() {
76
77        $header = 'username=user, realm=myRealm, nonce=12345, uri=/, response=HASH, opaque=1, qop=auth, nc=1, cnonce=1';
78        $request = HTTP\Sapi::createFromServerArray([
79            'PHP_AUTH_DIGEST' => $header,
80            'REQUEST_METHOD'  => 'PUT',
81        ]);
82
83        $response = new HTTP\Response();
84
85        $backend = new AbstractDigestMock();
86        $this->assertFalse(
87            $backend->check($request, $response)[0]
88        );
89
90    }
91
92    function testCheck() {
93
94        $digestHash = md5('HELLO:12345:1:1:auth:' . md5('GET:/'));
95        $header = 'username=user, realm=myRealm, nonce=12345, uri=/, response='.$digestHash.', opaque=1, qop=auth, nc=1, cnonce=1';
96        $request = HTTP\Sapi::createFromServerArray(array(
97            'REQUEST_METHOD'  => 'GET',
98            'PHP_AUTH_DIGEST' => $header,
99            'REQUEST_URI'     => '/',
100        ));
101
102        $response = new HTTP\Response();
103
104        $backend = new AbstractDigestMock();
105        $this->assertEquals(
106            [true, 'principals/user'],
107            $backend->check($request, $response)
108        );
109
110    }
111
112    function testRequireAuth() {
113
114        $request = new HTTP\Request();
115        $response = new HTTP\Response();
116
117        $backend = new AbstractDigestMock();
118        $backend->setRealm('writing unittests on a saturday night');
119        $backend->challenge($request, $response);
120
121        $this->assertStringStartsWith(
122            'Digest realm="writing unittests on a saturday night"',
123            $response->getHeader('WWW-Authenticate')
124        );
125
126    }
127
128}
129
130
131class AbstractDigestMock extends AbstractDigest {
132
133    function getDigestHash($realm, $userName) {
134
135        switch($userName) {
136            case 'null' : return null;
137            case 'false' : return false;
138            case 'array' : return array();
139            case 'user'  : return 'HELLO';
140        }
141
142    }
143
144}
145