1*403d6a9fSAndreas Gohr<?php 2*403d6a9fSAndreas Gohr 3*403d6a9fSAndreas Gohrnamespace dokuwiki\test; 4*403d6a9fSAndreas Gohr 5*403d6a9fSAndreas Gohruse dokuwiki\JWT; 6*403d6a9fSAndreas Gohr 7*403d6a9fSAndreas Gohrclass JWTTest extends \DokuWikiTest 8*403d6a9fSAndreas Gohr{ 9*403d6a9fSAndreas Gohr 10*403d6a9fSAndreas Gohr 11*403d6a9fSAndreas Gohr public function testCreation() 12*403d6a9fSAndreas Gohr { 13*403d6a9fSAndreas Gohr // no token file yet 14*403d6a9fSAndreas Gohr $file = JWT::getStorageFile('test'); 15*403d6a9fSAndreas Gohr $this->assertFileNotExists($file); 16*403d6a9fSAndreas Gohr 17*403d6a9fSAndreas Gohr // initialize a new token 18*403d6a9fSAndreas Gohr $jwt = JWT::fromUser('test'); 19*403d6a9fSAndreas Gohr $this->assertFileExists($file); 20*403d6a9fSAndreas Gohr $this->assertEquals('test', $jwt->getUser()); 21*403d6a9fSAndreas Gohr $token = $jwt->getToken(); 22*403d6a9fSAndreas Gohr $issued = $jwt->getIssued(); 23*403d6a9fSAndreas Gohr 24*403d6a9fSAndreas Gohr // validate the token 25*403d6a9fSAndreas Gohr $jwt = JWT::validate($token); 26*403d6a9fSAndreas Gohr $this->assertEquals('test', $jwt->getUser()); 27*403d6a9fSAndreas Gohr $this->assertEquals($issued, $jwt->getIssued()); 28*403d6a9fSAndreas Gohr 29*403d6a9fSAndreas Gohr 30*403d6a9fSAndreas Gohr // next access should get the same token 31*403d6a9fSAndreas Gohr $jwt = JWT::fromUser('test'); 32*403d6a9fSAndreas Gohr $this->assertEquals($token, $jwt->getToken()); 33*403d6a9fSAndreas Gohr $this->assertEquals($issued, $jwt->getIssued()); 34*403d6a9fSAndreas Gohr 35*403d6a9fSAndreas Gohr // saving should create a new token 36*403d6a9fSAndreas Gohr sleep(1); // make sure we have a new timestamp 37*403d6a9fSAndreas Gohr $jwt->save(); 38*403d6a9fSAndreas Gohr $this->assertNotEquals($token, $jwt->getToken()); 39*403d6a9fSAndreas Gohr $this->assertNotEquals($issued, $jwt->getIssued()); 40*403d6a9fSAndreas Gohr } 41*403d6a9fSAndreas Gohr 42*403d6a9fSAndreas Gohr public function testValidationFail() 43*403d6a9fSAndreas Gohr { 44*403d6a9fSAndreas Gohr $this->expectException(\Exception::class); 45*403d6a9fSAndreas Gohr $this->expectExceptionMessage('Invalid JWT signature'); 46*403d6a9fSAndreas Gohr JWT::validate('invalid'); 47*403d6a9fSAndreas Gohr } 48*403d6a9fSAndreas Gohr 49*403d6a9fSAndreas Gohr public function testLoadFail() 50*403d6a9fSAndreas Gohr { 51*403d6a9fSAndreas Gohr $jwt = JWT::fromUser('test'); 52*403d6a9fSAndreas Gohr $token = $jwt->getToken(); 53*403d6a9fSAndreas Gohr $file = JWT::getStorageFile('test'); 54*403d6a9fSAndreas Gohr unlink($file); 55*403d6a9fSAndreas Gohr 56*403d6a9fSAndreas Gohr $this->expectException(\Exception::class); 57*403d6a9fSAndreas Gohr $this->expectExceptionMessage('JWT not found, maybe it expired?'); 58*403d6a9fSAndreas Gohr JWT::validate($token); 59*403d6a9fSAndreas Gohr } 60*403d6a9fSAndreas Gohr 61*403d6a9fSAndreas Gohr public function testLoadExpireFail() 62*403d6a9fSAndreas Gohr { 63*403d6a9fSAndreas Gohr $jwt = JWT::fromUser('test'); 64*403d6a9fSAndreas Gohr $token = $jwt->getToken(); 65*403d6a9fSAndreas Gohr sleep(1); // make sure we have a new timestamp 66*403d6a9fSAndreas Gohr $jwt->save(); 67*403d6a9fSAndreas Gohr 68*403d6a9fSAndreas Gohr $this->expectException(\Exception::class); 69*403d6a9fSAndreas Gohr $this->expectExceptionMessage('JWT invalid, maybe it expired?'); 70*403d6a9fSAndreas Gohr JWT::validate($token); 71*403d6a9fSAndreas Gohr } 72*403d6a9fSAndreas Gohr 73*403d6a9fSAndreas Gohr public function testLogin() 74*403d6a9fSAndreas Gohr { 75*403d6a9fSAndreas Gohr $_SERVER['HTTP_AUTHORIZATION'] = 'Bearer ' . JWT::fromUser('testuser')->getToken(); 76*403d6a9fSAndreas Gohr 77*403d6a9fSAndreas Gohr $this->assertArrayNotHasKey('REMOTE_USER', $_SERVER); 78*403d6a9fSAndreas Gohr auth_tokenlogin(); 79*403d6a9fSAndreas Gohr $this->assertEquals('testuser', $_SERVER['REMOTE_USER']); 80*403d6a9fSAndreas Gohr unset($_SERVER['HTTP_AUTHORIZATION']); 81*403d6a9fSAndreas Gohr } 82*403d6a9fSAndreas Gohr} 83