xref: /dokuwiki/_test/tests/lib/exe/fetch_imagetoken.test.php (revision dd9e8e5ea54469964faab99223a61bd48146ac42) 
1f56bb251SChristopher Smith<?php
2f56bb251SChristopher Smith
3f56bb251SChristopher Smithclass fetch_imagetoken_test extends DokuWikiTest {
4f56bb251SChristopher Smith
5f56bb251SChristopher Smith    private $media = 'wiki:dokuwiki-128.png';
6f56bb251SChristopher Smith    private $width = 200;
7f56bb251SChristopher Smith    private $height = 0;
8f56bb251SChristopher Smith
91c33cec3SAndreas Gohr    function setUp() : void {
103e8bad3aSChristopher Smith        // check we can carry out these tests
113e8bad3aSChristopher Smith        if (!file_exists(mediaFN($this->media))) {
123e8bad3aSChristopher Smith            $this->markTestSkipped('Source image required for test');
133e8bad3aSChristopher Smith        }
143e8bad3aSChristopher Smith
153e8bad3aSChristopher Smith        header('X-Test: check headers working');
163e8bad3aSChristopher Smith        $header_check = function_exists('xdebug_get_headers') ? xdebug_get_headers() : headers_list();
173e8bad3aSChristopher Smith        if (empty($header_check)) {
183e8bad3aSChristopher Smith            $this->markTestSkipped('headers not returned, perhaps your sapi does not return headers, try xdebug');
193e8bad3aSChristopher Smith        } else {
203e8bad3aSChristopher Smith            header_remove('X-Test');
213e8bad3aSChristopher Smith        }
223e8bad3aSChristopher Smith
23f56bb251SChristopher Smith        parent::setUp();
24f56bb251SChristopher Smith
25f56bb251SChristopher Smith        global $conf;
26a38a6f25SKlap-in        $conf['xsendfile'] = 0;
27f56bb251SChristopher Smith
28f56bb251SChristopher Smith        global $MIME, $EXT, $CACHE, $INPUT;    // variables fetch creates in global scope -- should this be in fetch?
29f56bb251SChristopher Smith    }
30f56bb251SChristopher Smith
31f56bb251SChristopher Smith    function getUri() {
32f56bb251SChristopher Smith       $w = $this->width ? 'w='.$this->width.'&' : '';
33f56bb251SChristopher Smith       $h = $this->height ? 'h='.$this->height.'&' : '';
34f56bb251SChristopher Smith
35f56bb251SChristopher Smith       return '/lib/exe/fetch.php?'.$w.$h.'{%token%}media='.$this->media;
36f56bb251SChristopher Smith    }
37f56bb251SChristopher Smith
38f56bb251SChristopher Smith    function fetchResponse($token){
39f56bb251SChristopher Smith        $request = new TestRequest();
40f56bb251SChristopher Smith        return $request->get(array(),str_replace('{%token%}',$token,$this->getUri()));
41f56bb251SChristopher Smith    }
42f56bb251SChristopher Smith
43f56bb251SChristopher Smith    /**
44f56bb251SChristopher Smith     *  modified image request with valid token
45f56bb251SChristopher Smith     *  expect: header with mime-type
46f56bb251SChristopher Smith     *  expect: content
47f56bb251SChristopher Smith     *  expect: no error response
48f56bb251SChristopher Smith     */
49f56bb251SChristopher Smith    function test_valid_token(){
50f56bb251SChristopher Smith        $valid_token = 'tok='.media_get_token($this->media, $this->width, $this->height).'&';
51f56bb251SChristopher Smith        $response = $this->fetchResponse($valid_token);
52f56bb251SChristopher Smith        $this->assertTrue((bool)$response->getHeader('Content-Type'));
53f56bb251SChristopher Smith        $this->assertTrue((bool)($response->getContent()));
54f56bb251SChristopher Smith
55f56bb251SChristopher Smith        $status_code = $response->getStatusCode();
56f56bb251SChristopher Smith        $this->assertTrue(is_null($status_code) || (200 == $status_code));
57f56bb251SChristopher Smith    }
58f56bb251SChristopher Smith
59f56bb251SChristopher Smith    /**
60*dd9e8e5eSAndreas Gohr     *  fit=1 does not affect token validation; token is hashed over (id, w, h)
61*dd9e8e5eSAndreas Gohr     *  only, so an existing token must still pass when the request adds fit=1.
62*dd9e8e5eSAndreas Gohr     */
63*dd9e8e5eSAndreas Gohr    function test_fit_does_not_invalidate_token(){
64*dd9e8e5eSAndreas Gohr        $this->width = $this->height = 100; // both dims -> would normally be crop; fit=1 routes to bbox resize
65*dd9e8e5eSAndreas Gohr        $valid_token = 'tok='.media_get_token($this->media, $this->width, $this->height).'&fit=1&';
66*dd9e8e5eSAndreas Gohr        $response = $this->fetchResponse($valid_token);
67*dd9e8e5eSAndreas Gohr        $status_code = $response->getStatusCode();
68*dd9e8e5eSAndreas Gohr        $this->assertTrue(is_null($status_code) || (200 == $status_code));
69*dd9e8e5eSAndreas Gohr    }
70*dd9e8e5eSAndreas Gohr
71*dd9e8e5eSAndreas Gohr    /**
72f56bb251SChristopher Smith     *  modified image request with invalid token
73f56bb251SChristopher Smith     *  expect: 412 status code
74f56bb251SChristopher Smith     */
75f56bb251SChristopher Smith    function test_invalid_token(){
76f56bb251SChristopher Smith        $invalid_token = 'tok='.media_get_token('junk',200,100).'&';
77f56bb251SChristopher Smith        $this->assertEquals(412,$this->fetchResponse($invalid_token)->getStatusCode());
78f56bb251SChristopher Smith    }
79f56bb251SChristopher Smith
80f56bb251SChristopher Smith    /**
81f56bb251SChristopher Smith     *  modified image request with no token
82f56bb251SChristopher Smith     *  expect: 412 status code
83f56bb251SChristopher Smith     */
84f56bb251SChristopher Smith    function test_missing_token(){
85f56bb251SChristopher Smith        $no_token = '';
86a38a6f25SKlap-in        $this->assertEquals(412,$this->fetchResponse($no_token)->getStatusCode());
87f56bb251SChristopher Smith    }
88f56bb251SChristopher Smith
89f56bb251SChristopher Smith    /**
90f56bb251SChristopher Smith     *  native image request which doesn't require a token
913e8bad3aSChristopher Smith     *  try: with a token & without a token
923e8bad3aSChristopher Smith     *  expect: (for both) header with mime-type, content matching source image filesize & no error response
93f56bb251SChristopher Smith     */
94f56bb251SChristopher Smith    function test_no_token_required(){
95f56bb251SChristopher Smith        $this->width = $this->height = 0;   // no width & height, means image request at native dimensions
96f56bb251SChristopher Smith        $any_token = 'tok='.media_get_token('junk',200,100).'&';
97f56bb251SChristopher Smith        $no_token = '';
983e8bad3aSChristopher Smith        $bytes = filesize(mediaFN($this->media));
99f56bb251SChristopher Smith
100f56bb251SChristopher Smith        foreach(array($any_token, $no_token) as $token) {
101f56bb251SChristopher Smith            $response = $this->fetchResponse($token);
102f56bb251SChristopher Smith            $this->assertTrue((bool)$response->getHeader('Content-Type'));
1033e8bad3aSChristopher Smith            $this->assertEquals(strlen($response->getContent()), $bytes);
104f56bb251SChristopher Smith
105f56bb251SChristopher Smith            $status_code = $response->getStatusCode();
106f56bb251SChristopher Smith            $this->assertTrue(is_null($status_code) || (200 == $status_code));
107f56bb251SChristopher Smith        }
108f56bb251SChristopher Smith    }
109f56bb251SChristopher Smith
110f56bb251SChristopher Smith}
111f56bb251SChristopher Smith//Setup VIM: ex: et ts=4 :
112