/**
* @return \Acquia\Hmac\Guzzle3\HmacAuthPlugin
*/
public function getPlugin()
{
$signer = new RequestSigner();
$signer->addCustomHeader('Custom1');
$plugin = new HmacAuthPlugin($signer, '1', 'secret-key');
return $plugin;
}
/**
* @expectedException \Acquia\Hmac\Exception\InvalidSignatureException
*/
public function testInvalidSignature()
{
$signer = new RequestSigner();
$signer->addCustomHeader('Custom1');
$request = new DummyRequest();
$request->headers = array('Content-Type' => 'text/plain', 'Date' => 'Fri, 19 Mar 1982 00:00:04 GMT', 'Authorization' => 'Acquia 1:badsignature', 'Custom1' => 'Value1');
$authenticator = new RequestAuthenticator($signer, 0);
$authenticator->authenticate($request, new DummyKeyLoader());
}
/**
* @expectedException \Acquia\Hmac\Exception\InvalidSignatureException
*/
public function testInvalidSignature()
{
$signer = new RequestSigner();
$signer->addCustomHeader('Custom1');
$headers = array('Content-Type' => 'text/plain', 'Date' => 'Fri, 19 Mar 1982 00:00:04 GMT', 'Authorization' => 'Acquia 1:badsignature', 'Custom1' => 'Value1');
$request = $this->newRequest();
// Add headers
foreach ($headers as $header => $value) {
$request = $request->withHeader($header, $value);
}
$authenticator = new RequestAuthenticator($signer, 0);
$keyLoader = new DummyKeyLoader();
$authenticator = new RequestAuthenticatorAdapter($authenticator, $keyLoader);
$authenticator($request, $this->response);
}
public function testGetMessage()
{
$signer = new RequestSigner();
$signer->addCustomHeader('Custom1');
$request = new DummyRequest();
$request->headers = array('Content-Type' => 'text/plain', 'Date' => 'Fri, 19 Mar 1982 00:00:04 GMT', 'Custom1' => 'Value1');
$digest = new Digest();
$this->assertEquals(self::EXPECTED_HASH, $digest->get($signer, $request, 'secret-key'));
// Change the secret key
$this->assertNotEquals(self::EXPECTED_HASH, $digest->get($signer, $request, 'bad-key'));
// Test case insensitive method.
$request->method = 'gEt';
$this->assertEquals(self::EXPECTED_HASH, $digest->get($signer, $request, 'secret-key'));
// Test case insensitive content type.
$request->headers['Content-Type'] = 'TeXt/PlAiN';
$this->assertEquals(self::EXPECTED_HASH, $digest->get($signer, $request, 'secret-key'));
// Test changing the algorithm
$digest->setAlgorithm('sha256');
$this->assertNotEquals(self::EXPECTED_HASH, $digest->get($signer, $request, 'secret-key'));
}
/**
* Validate the HMAC Token
*
* @return boolean
*/
public function authenticate()
{
$signer = new RequestSigner();
$signer->setProvider('USF');
$authenticator = new RequestAuthenticator($signer, $this->_timeout);
$key = $authenticator->authenticate($this->_requestWrapper, $this->_keyLoader);
if ($key) {
$this->principal = "[HMAC]" . $key->getId();
$this->attributes = [];
return true;
}
return false;
}
/**
* Ensures the X-Authorization-Content-SHA256 header is not set if there is no request body.
*/
public function testAuthorizationContentSha256NoBody()
{
$signer = new RequestSigner($this->authKey, $this->realm);
$request = new Request('GET', 'https://example.acquiapipet.net/v1.0/task-status/133?limit=10');
$contentHashedRequest = $signer->getContentHashedRequest($request);
$this->assertFalse($contentHashedRequest->hasHeader('X-Authorization-Content-SHA256'));
}
/**
* Initializes the request signer with a key, realm, and auth header.
*
* @param \Acquia\Hmac\KeyInterface $key
* The key to sign requests with.
* @param string $realm
* The API realm/provider
* @param \Acquia\Hmac\Digest\DigestInterface $digest
* The message digest to use when signing requests.
* @param \Acquia\Hmac\AuthorizationHeaderInterface $authHeader
* The custom authorization header.
*/
public function __construct(KeyInterface $key, $realm, DigestInterface $digest, AuthorizationHeaderInterface $authHeader)
{
parent::__construct($key, $realm, $digest);
$this->authHeader = $authHeader;
}
public function testgetAuthorization()
{
$signer = new RequestSigner();
$signer->addCustomHeader('Custom1');
$request = new DummyRequest();
$request->headers = array('Content-Type' => 'text/plain', 'Date' => 'Fri, 19 Mar 1982 00:00:04 GMT', 'Custom1' => 'Value1');
$expected = 'Acquia 1:' . DigestVersion1Test::EXPECTED_HASH;
$this->assertEquals($expected, $signer->getAuthorization($request, '1', 'secret-key'));
}
/**
* @return \Acquia\Hmac\Guzzle\HmacAuthMiddleware
*/
public function getMiddleware()
{
$signer = new RequestSigner();
$signer->addCustomHeader('Custom1');
return new HmacAuthMiddleware($signer, '1', 'secret-key');
}
public function testUsfAuthHmacGoodTokenTest()
{
Utils::setMethod('GET');
Utils::setRequestHeader('key1', 'value1');
Utils::setRequestHeader('key2', 'value2');
Utils::setRequestHeader('Content-Type', 'text/plain');
Utils::setRequestHeader('Date', date('r'));
Utils::setBody('This is the body.');
Utils::setResourceUri('/test.php');
$signer = new RequestSigner();
$signer->setProvider('USF');
$signature = $signer->getAuthorization(new SimpleRequest(), 'testId', 'testSecret');
Utils::setRequestHeader('Authorization', $signature);
$keyArray = ["testId" => "testSecret"];
$usfAuthHmac = new UsfAuthHmac($keyArray, "+30 minutes");
$usfAuthHmac->setRequestWrapper(new SimpleRequest());
$result = $usfAuthHmac->authenticate();
$this->assertTrue($result);
}
