1<?php
2
3namespace dokuwiki\test;
4
5use dokuwiki\JWT;
6
7class JWTTest extends \DokuWikiTest
8{
9
10
11    public function testCreation()
12    {
13        // no token file yet
14        $file = JWT::getStorageFile('test');
15        $this->assertFileDoesNotExist($file);
16
17        // initialize a new token
18        $jwt = JWT::fromUser('test');
19        $this->assertFileExists($file);
20        $this->assertEquals('test', $jwt->getUser());
21        $token = $jwt->getToken();
22        $issued = $jwt->getIssued();
23
24        // validate the token
25        $jwt = JWT::validate($token);
26        $this->assertEquals('test', $jwt->getUser());
27        $this->assertEquals($issued, $jwt->getIssued());
28
29
30        // next access should get the same token
31        $jwt = JWT::fromUser('test');
32        $this->assertEquals($token, $jwt->getToken());
33        $this->assertEquals($issued, $jwt->getIssued());
34
35        // saving should create a new token
36        sleep(1); // make sure we have a new timestamp
37        $jwt->save();
38        $this->assertNotEquals($token, $jwt->getToken());
39        $this->assertNotEquals($issued, $jwt->getIssued());
40    }
41
42    public function testValidationFail()
43    {
44        $this->expectException(\Exception::class);
45        $this->expectExceptionMessage('Invalid JWT signature');
46        JWT::validate('invalid');
47    }
48
49    public function testLoadFail()
50    {
51        $jwt = JWT::fromUser('test');
52        $token = $jwt->getToken();
53        $file = JWT::getStorageFile('test');
54        unlink($file);
55
56        $this->expectException(\Exception::class);
57        $this->expectExceptionMessage('JWT not found, maybe it expired?');
58        JWT::validate($token);
59    }
60
61    public function testLoadExpireFail()
62    {
63        $jwt = JWT::fromUser('test');
64        $token = $jwt->getToken();
65        sleep(1); // make sure we have a new timestamp
66        $jwt->save();
67
68        $this->expectException(\Exception::class);
69        $this->expectExceptionMessage('JWT invalid, maybe it expired?');
70        JWT::validate($token);
71    }
72
73    public function testLogin()
74    {
75        $_SERVER['HTTP_AUTHORIZATION'] =  'Bearer ' . JWT::fromUser('testuser')->getToken();
76
77        $this->assertArrayNotHasKey('REMOTE_USER', $_SERVER);
78        auth_tokenlogin();
79        $this->assertEquals('testuser', $_SERVER['REMOTE_USER']);
80        unset($_SERVER['HTTP_AUTHORIZATION']);
81    }
82
83    public function testLoginAlternativeHeader()
84    {
85        $_SERVER['HTTP_X-DOKUWIKI-TOKEN'] =  JWT::fromUser('testuser')->getToken();
86
87        $this->assertArrayNotHasKey('REMOTE_USER', $_SERVER);
88        auth_tokenlogin();
89        $this->assertEquals('testuser', $_SERVER['REMOTE_USER']);
90        unset($_SERVER['HTTP_X-DOKUWIKI-TOKEN']);
91    }
92}
93