/**
* Starts the authentication: Redirect to login page
*
* @param \TYPO3\FLOW3\Http\Request $request The current request
* @param \TYPO3\FLOW3\Http\Response $response The current response
* @return void
* @throws \TYPO3\FLOW3\Security\Exception\RequestTypeNotSupportedException
* @throws \TYPO3\FLOW3\Security\Exception\MissingConfigurationException
*/
public function startAuthentication(Request $request, Response $response)
{
if (!isset($this->options['uri'])) {
throw new \TYPO3\FLOW3\Security\Exception\MissingConfigurationException('The configuration for the WebRedirect authentication entry point is incorrect or missing.', 1237282583);
}
$plainUri = strpos('://', $this->options['uri'] !== FALSE) ? $this->options['uri'] : $request->getBaseUri() . $this->options['uri'];
$escapedUri = htmlentities($plainUri, ENT_QUOTES, 'utf-8');
$response->setContent('<html><head><meta http-equiv="refresh" content="0;url=' . $escapedUri . '"/></head></html>');
$response->setStatus(303);
$response->setHeader('Location', $plainUri);
}
/**
* @test
*/
public function dispatchContinuesWithNextRequestFoundInAForwardException()
{
$httpRequest = Request::create(new Uri('http://localhost'));
$httpResponse = new Response();
$mainRequest = $httpRequest->createActionRequest();
$subRequest = new ActionRequest($mainRequest);
$nextRequest = $httpRequest->createActionRequest();
$mainRequest->setDispatched(TRUE);
$mainRequest->setControllerSubPackageKey('main');
$subRequest->setControllerSubPackageKey('sub');
$nextRequest->setControllerSubPackageKey('next');
$mockController = $this->getMock('TYPO3\\FLOW3\\Mvc\\Controller\\ControllerInterface', array('processRequest'));
$mockController->expects($this->at(0))->method('processRequest')->will($this->returnCallback(function (ActionRequest $request) use($nextRequest) {
$request->setDispatched(TRUE);
$forwardException = new ForwardException();
$forwardException->setNextRequest($nextRequest);
throw $forwardException;
}));
$mockController->expects($this->at(1))->method('processRequest')->will($this->returnCallback(function (ActionRequest $request) use($nextRequest) {
// NOTE: PhpUnit creates a clone of $nextRequest, thus $request is not the same instance as expected.
if ($request == $nextRequest) {
$nextRequest->setDispatched(TRUE);
}
}));
$dispatcher = $this->getMock('TYPO3\\FLOW3\\Mvc\\Dispatcher', array('resolveController', 'emitAfterControllerInvocation'), array(), '', FALSE);
$dispatcher->expects($this->any())->method('resolveController')->will($this->returnValue($mockController));
$dispatcher->dispatch($subRequest, $httpResponse);
}
/**
* @test
*/
public function forwardAuthenticationRequiredExceptionsToAnAuthenticationEntryPointBasicallyWorks()
{
$request = Request::create(new Uri('http://robertlemke.com/admin'))->createActionRequest();
$response = new Response();
$exception = new \TYPO3\FLOW3\Security\Exception\AuthenticationRequiredException('AuthenticationRequired Exception! Bad...', 1237212410);
$getMethodArgumentCallback = function () use(&$request, &$response) {
$args = func_get_args();
if ($args[0] === 'request') {
return $request;
} elseif ($args[0] === 'response') {
return $response;
}
};
$getExceptionCallback = function () use(&$exception) {
return $exception;
};
$mockSecurityLogger = $this->getMock('TYPO3\\FLOW3\\Log\\SecurityLoggerInterface', array(), array(), '', FALSE);
$mockJoinPoint = $this->getMock('TYPO3\\FLOW3\\Aop\\JoinPointInterface', array(), array(), '', FALSE);
$mockFirewall = $this->getMock('TYPO3\\FLOW3\\Security\\Authorization\\FirewallInterface');
$mockContext = $this->getMock('TYPO3\\FLOW3\\Security\\Context', array(), array(), '', FALSE);
$mockToken = $this->getMock('TYPO3\\FLOW3\\Security\\Authentication\\TokenInterface', array(), array(), '', FALSE);
$mockEntryPoint = $this->getMock('TYPO3\\FLOW3\\Security\\Authentication\\EntryPointInterface', array(), array(), '', FALSE);
$mockException = $this->getMock('TYPO3\\FLOW3\\Security\\Exception\\AuthenticationRequiredException', array(), array(), '', FALSE);
$mockAdviceChain = $this->getMock('TYPO3\\FLOW3\\Aop\\Advice\\AdviceChain', array(), array(), '', FALSE);
$mockAdviceChain->expects($this->once())->method('proceed')->will($this->throwException($mockException));
$mockJoinPoint->expects($this->any())->method('getAdviceChain')->will($this->returnValue($mockAdviceChain));
$mockJoinPoint->expects($this->any())->method('getMethodArgument')->will($this->returnCallback($getMethodArgumentCallback));
$mockJoinPoint->expects($this->any())->method('getException')->will($this->returnCallback($getExceptionCallback));
$mockContext->expects($this->atLeastOnce())->method('getAuthenticationTokens')->will($this->returnValue(array($mockToken)));
$mockToken->expects($this->once())->method('getAuthenticationEntryPoint')->will($this->returnValue($mockEntryPoint));
$mockEntryPoint->expects($this->once())->method('startAuthentication')->with($this->equalTo($request->getHttpRequest()), $this->equalTo($response));
$dispatchingAspect = new \TYPO3\FLOW3\Security\Aspect\RequestDispatchingAspect($mockContext, $mockFirewall, $mockSecurityLogger);
$dispatchingAspect->blockIllegalRequestsAndForwardToAuthenticationEntryPoints($mockJoinPoint);
}
/**
* Sets up the test case
*
*/
public function setUp()
{
$httpRequest = HttpRequest::create(new Uri('http://localhost'));
$this->mockRouter = $this->getMock('TYPO3\\FLOW3\\Mvc\\Routing\\RouterInterface');
$this->mockMainRequest = $this->getMock('TYPO3\\FLOW3\\Mvc\\ActionRequest', array(), array($httpRequest));
$this->mockMainRequest->expects($this->any())->method('getHttpRequest')->will($this->returnValue($httpRequest));
$this->mockMainRequest->expects($this->any())->method('getParentRequest')->will($this->returnValue($httpRequest));
$this->mockMainRequest->expects($this->any())->method('getMainRequest')->will($this->returnValue($this->mockMainRequest));
$this->mockMainRequest->expects($this->any())->method('isMainRequest')->will($this->returnValue(TRUE));
$this->mockMainRequest->expects($this->any())->method('getArgumentNamespace')->will($this->returnValue(''));
$this->mockSubRequest = $this->getMock('TYPO3\\FLOW3\\Mvc\\ActionRequest', array(), array($this->mockMainRequest));
$this->mockSubRequest->expects($this->any())->method('getHttpRequest')->will($this->returnValue($httpRequest));
$this->mockSubRequest->expects($this->any())->method('getMainRequest')->will($this->returnValue($this->mockMainRequest));
$this->mockSubRequest->expects($this->any())->method('isMainRequest')->will($this->returnValue(FALSE));
$this->mockSubRequest->expects($this->any())->method('getParentRequest')->will($this->returnValue($this->mockMainRequest));
$this->mockSubRequest->expects($this->any())->method('getArgumentNamespace')->will($this->returnValue('SubNamespace'));
$this->mockSubSubRequest = $this->getMock('TYPO3\\FLOW3\\Mvc\\ActionRequest', array(), array($this->mockSubRequest));
$this->mockSubSubRequest->expects($this->any())->method('getHttpRequest')->will($this->returnValue($httpRequest));
$this->mockSubSubRequest->expects($this->any())->method('getMainRequest')->will($this->returnValue($this->mockMainRequest));
$this->mockSubSubRequest->expects($this->any())->method('isMainRequest')->will($this->returnValue(FALSE));
$this->mockSubSubRequest->expects($this->any())->method('getParentRequest')->will($this->returnValue($this->mockSubRequest));
$environment = $this->getMock('TYPO3\\FLOW3\\Utility\\Environment', array('isRewriteEnabled'), array(), '', FALSE);
$environment->expects($this->any())->method('isRewriteEnabled')->will($this->returnValue(TRUE));
$this->uriBuilder = new \TYPO3\FLOW3\Mvc\Routing\UriBuilder();
$this->uriBuilder->injectRouter($this->mockRouter);
$this->uriBuilder->injectEnvironment($environment);
$this->uriBuilder->setRequest($this->mockMainRequest);
}
/**
* @test
*/
public function updateCredentialsSetsTheCorrectAuthenticationStatusIfNoCredentialsArrived()
{
$request = Request::create(new Uri('http://foo.com'));
$actionRequest = $request->createActionRequest();
$token = new UsernamePasswordHttpBasic();
$token->updateCredentials($actionRequest);
$this->assertSame(TokenInterface::NO_CREDENTIALS_GIVEN, $token->getAuthenticationStatus());
}
/**
* @test
*/
public function requestMatchingBasicallyWorks()
{
$uri = new \TYPO3\FLOW3\Http\Uri('http://typo3.org/some/nice/path/to/index.php');
$request = Request::create($uri)->createActionRequest();
$requestPattern = new \TYPO3\FLOW3\Security\RequestPattern\Uri();
$requestPattern->setPattern('/some/nice/.*');
$this->assertEquals('/some/nice/.*', $requestPattern->getPattern());
$this->assertTrue($requestPattern->matchRequest($request));
}
/**
* @test
*/
public function startAuthenticationSetsTheCorrectValuesInTheResponseObject()
{
$request = Request::create(new Uri('http://robertlemke.com/admin'))->createActionRequest();
$response = new Response();
$entryPoint = new WebRedirect();
$entryPoint->setOptions(array('uri' => 'some/page'));
$entryPoint->startAuthentication($request->getHttpRequest(), $response);
$this->assertEquals('303', substr($response->getStatus(), 0, 3));
$this->assertEquals('http://robertlemke.com/some/page', $response->getHeader('Location'));
$this->assertEquals(array('uri' => 'some/page'), $entryPoint->getOptions());
}
/**
* @test
*/
public function tokenCanBeCastToString()
{
$arguments = array();
$arguments['__authentication']['TYPO3']['FLOW3']['Security']['Authentication']['Token']['UsernamePassword']['username'] = '******';
$arguments['__authentication']['TYPO3']['FLOW3']['Security']['Authentication']['Token']['UsernamePassword']['password'] = '******';
$request = Request::create(new Uri('http://robertlemke.com/login'), 'POST', $arguments);
$actionRequest = $request->createActionRequest();
$token = new UsernamePassword();
$token->updateCredentials($actionRequest);
$this->assertEquals('Username: "******"', (string) $token);
}
/**
* @test
*/
public function startAuthenticationSetsTheCorrectValuesInTheResponseObject()
{
$request = Request::create(new Uri('http://robertlemke.com/admin'))->createActionRequest();
$response = new Response();
$entryPoint = new HttpBasic();
$entryPoint->setOptions(array('realm' => 'realm string'));
$entryPoint->startAuthentication($request->getHttpRequest(), $response);
$this->assertEquals('401', substr($response->getStatus(), 0, 3));
$this->assertEquals('Basic realm="realm string"', $response->getHeader('WWW-Authenticate'));
$this->assertEquals('Authorization required', $response->getContent());
$this->assertEquals(array('realm' => 'realm string'), $entryPoint->getOptions());
}
public function setUp()
{
\vfsStreamWrapper::register();
\vfsStreamWrapper::setRoot(new \vfsStreamDirectory('testDirectory'));
$this->view = $this->getMock('TYPO3\\FLOW3\\Mvc\\View\\NotFoundView', array('getTemplatePathAndFilename'));
$httpRequest = \TYPO3\FLOW3\Http\Request::create(new \TYPO3\FLOW3\Http\Uri('http://typo3.org'));
$this->request = $httpRequest->createActionRequest();
$this->response = new \TYPO3\FLOW3\Http\Response();
$this->controllerContext = $this->getMock('TYPO3\\FLOW3\\Mvc\\Controller\\ControllerContext', array('getRequest', 'getResponse'), array(), '', FALSE);
$this->controllerContext->expects($this->any())->method('getRequest')->will($this->returnValue($this->request));
$this->controllerContext->expects($this->any())->method('getResponse')->will($this->returnValue($this->response));
$this->view->setControllerContext($this->controllerContext);
}
/**
* @test
*/
public function updateCredentialsIgnoresAnythingOtherThanPostRequests()
{
$arguments = array();
$arguments['__authentication']['TYPO3']['FLOW3']['Security']['Authentication']['Token']['PasswordToken']['password'] = '******';
$actionRequest = Request::create(new Uri('http://robertlemke.com/login'), 'POST', $arguments)->createActionRequest();
$token = new PasswordToken();
$token->updateCredentials($actionRequest);
$this->assertEquals(array('password' => 'verysecurepassword'), $token->getCredentials());
$actionRequest = Request::create(new Uri('http://robertlemke.com/login'), 'GET', $arguments)->createActionRequest();
$token = new PasswordToken();
$token->updateCredentials($actionRequest);
$this->assertEquals(array('password' => ''), $token->getCredentials());
}
/**
* Handles a HTTP request
*
* @return void
*/
public function handleRequest()
{
// Create the request very early so the Resource Management has a chance to grab it:
$this->request = Request::createFromEnvironment();
$this->response = new Response();
$this->boot();
$this->resolveDependencies();
$this->request->injectSettings($this->settings);
$this->router->setRoutesConfiguration($this->routesConfiguration);
$actionRequest = $this->router->route($this->request);
$this->securityContext->injectRequest($actionRequest);
$this->dispatcher->dispatch($actionRequest, $this->response);
$this->response->makeStandardsCompliant($this->request);
$this->response->send();
$this->bootstrap->shutdown('Runtime');
$this->exit->__invoke();
}
/**
* @param string $requestUri request URI
* @param string $expectedMatchingRouteName expected route
* @param string $expectedControllerObjectName expected controller object name
* @param array $expectedArguments expected request arguments after routing or NULL if this should not be checked
* @test
* @dataProvider routeTestsDataProvider
*/
public function routeTests($requestUri, $expectedMatchingRouteName, $expectedControllerObjectName = NULL, array $expectedArguments = NULL)
{
$request = \TYPO3\FLOW3\Http\Request::create(new \TYPO3\FLOW3\Http\Uri($requestUri));
$actionRequest = $this->router->route($request);
$matchedRoute = $this->router->getLastMatchedRoute();
if ($expectedMatchingRouteName === NULL) {
if ($matchedRoute !== NULL) {
$this->fail('Expected no route to match URI "' . $requestUri . '" but route "' . $matchedRoute->getName() . '" matched');
}
} else {
if ($matchedRoute === NULL) {
$this->fail('Expected route "' . $expectedMatchingRouteName . '" to match, but no route matched request URI "' . $requestUri . '"');
} else {
$this->assertEquals('FLOW3 :: Functional Test: ' . $expectedMatchingRouteName, $matchedRoute->getName());
}
}
$this->assertEquals($expectedControllerObjectName, $actionRequest->getControllerObjectName());
if ($expectedArguments !== NULL) {
$this->assertEquals($expectedArguments, $actionRequest->getArguments());
}
}
/**
* @test
*/
public function argumentsOfPutRequestWithJsonOrXmlTypeAreAlsoPassedToAction()
{
$request = Request::create(new Uri('http://localhost/test/mvc/actioncontrollertesta/put?getArgument=getValue'), 'PUT');
$request->setHeader('Content-Type', 'application/json');
$request->setHeader('Content-Length', 29);
$request->setContent('{"putArgument":"first value"}');
$response = $this->browser->sendRequest($request);
$this->assertEquals('putAction-first value-getValue', $response->getContent());
}
/**
* @test
* @expectedException \TYPO3\FLOW3\Security\Exception\AccessDeniedException
*/
public function ifRejectAllIsSetAndNoFilterExplicitlyAllowsTheRequestAPermissionDeniedExceptionIsThrown()
{
$request = Request::create(new Uri('http://robertlemke.com/admin'))->createActionRequest();
$mockFilter1 = $this->getMock('TYPO3\\FLOW3\\Security\\Authorization\\RequestFilter', array(), array(), '', FALSE);
$mockFilter1->expects($this->once())->method('filterRequest')->with($request)->will($this->returnValue(FALSE));
$mockFilter2 = $this->getMock('TYPO3\\FLOW3\\Security\\Authorization\\RequestFilter', array(), array(), '', FALSE);
$mockFilter2->expects($this->once())->method('filterRequest')->with($request)->will($this->returnValue(FALSE));
$mockFilter3 = $this->getMock('TYPO3\\FLOW3\\Security\\Authorization\\RequestFilter', array(), array(), '', FALSE);
$mockFilter3->expects($this->once())->method('filterRequest')->with($request)->will($this->returnValue(FALSE));
$firewall = $this->getAccessibleMock('TYPO3\\FLOW3\\Security\\Authorization\\FilterFirewall', array('dummy'), array(), '', FALSE);
$firewall->_set('filters', array($mockFilter1, $mockFilter2, $mockFilter3));
$firewall->_set('rejectAll', TRUE);
$firewall->blockIllegalRequests($request);
}
/**
* Analyzes this response, considering the given request and makes additions
* or removes certain headers in order to make the response compliant to
* RFC 2616 and related standards.
*
* It is recommended to call this method before the response is sent and FLOW3
* does so by default in its built-in HTTP request handler.
*
* @param \TYPO3\FLOW3\Http\Request $request The corresponding request
* @return void
* @api
*/
public function makeStandardsCompliant(Request $request)
{
if ($request->hasHeader('If-Modified-Since') && $this->headers->has('Last-Modified') && $this->statusCode === 200) {
$ifModifiedSinceDate = $request->getHeader('If-Modified-Since');
$lastModifiedDate = $this->headers->get('Last-Modified');
if ($lastModifiedDate <= $ifModifiedSinceDate) {
$this->setStatus(304);
$this->content = '';
}
} elseif ($request->hasHeader('If-Unmodified-Since') && $this->headers->has('Last-Modified') && ($this->statusCode >= 200 && $this->statusCode <= 299 || $this->statusCode === 412)) {
$unmodifiedSinceDate = $request->getHeader('If-Unmodified-Since');
$lastModifiedDate = $this->headers->get('Last-Modified');
if ($lastModifiedDate > $unmodifiedSinceDate) {
$this->setStatus(412);
}
}
if (in_array($this->statusCode, array(100, 101, 204, 304))) {
$this->content = '';
}
if ($this->headers->getCacheControlDirective('no-cache') !== NULL || $this->headers->has('Expires')) {
$this->headers->removeCacheControlDirective('max-age');
}
if ($request->getMethod() === 'HEAD') {
if (!$this->headers->has('Content-Length')) {
$this->headers->set('Content-Length', strlen($this->content));
}
$this->content = '';
}
if (!$this->headers->has('Content-Length')) {
$this->headers->set('Content-Length', strlen($this->content));
}
if ($this->headers->has('Transfer-Encoding')) {
$this->headers->remove('Content-Length');
}
}
/**
* @test
* @expectedException TYPO3\FLOW3\Mvc\Exception\RequiredArgumentMissingException
*/
public function mapRequestArgumentsToControllerArgumentsThrowsExceptionIfRequiredArgumentWasNotSet()
{
$httpRequest = HttpRequest::create(new Uri('http://localhost/'));
$request = $httpRequest->createActionRequest();
$response = new HttpResponse();
$controllerArguments = new Arguments();
$controllerArguments->addNewArgument('foo', 'string', TRUE);
$controller = $this->getAccessibleMock('TYPO3\\FLOW3\\Mvc\\Controller\\AbstractController', array('processRequest'));
$this->inject($controller, 'flashMessageContainer', new FlashMessageContainer());
$controller->_call('initializeController', $request, $response);
$controller->_set('arguments', $controllerArguments);
$controller->_call('mapRequestArgumentsToControllerArguments');
}
/**
* Parse TypoScript
* @param string $additionalTypoScriptFile
* @return \TYPO3\TypoScript\Core\Runtime
*/
protected function parseTypoScript($additionalTypoScriptFile = NULL)
{
$typoScript = file_get_contents(__DIR__ . '/Fixtures/PredefinedTypoScript.ts2');
$typoScript .= chr(10) . chr(10) . file_get_contents(__DIR__ . '/Fixtures/BaseTypoScript.ts2');
$fixtureDirectory = \TYPO3\FLOW3\Utility\Files::concatenatePaths(array(__DIR__, 'Fixtures'));
if ($additionalTypoScriptFile !== NULL) {
$typoScript .= chr(10) . chr(10) . file_get_contents(\TYPO3\FLOW3\Utility\Files::concatenatePaths(array($fixtureDirectory, $additionalTypoScriptFile)));
}
$typoScript = str_replace('FIXTURE_DIRECTORY', $fixtureDirectory, $typoScript);
$parser = new \TYPO3\TypoScript\Core\Parser();
$typoScriptConfiguration = $parser->parse($typoScript);
$httpRequest = \TYPO3\FLOW3\Http\Request::create(new \TYPO3\FLOW3\Http\Uri('http://foo.bar/bazfoo'));
$request = $httpRequest->createActionRequest();
$response = new \TYPO3\FLOW3\Http\Response();
$controllerContext = new \TYPO3\FLOW3\Mvc\Controller\ControllerContext($request, $response, $this->getMock('TYPO3\\FLOW3\\Mvc\\Controller\\Arguments', array(), array(), '', FALSE), $this->getMock('TYPO3\\FLOW3\\Mvc\\Routing\\UriBuilder'), $this->getMock('TYPO3\\FLOW3\\Mvc\\FlashMessageContainer'));
return new \TYPO3\TypoScript\Core\Runtime($typoScriptConfiguration, $controllerContext);
}
/**
* Sets up a virtual browser and web environment for seamless HTTP and MVC
* related tests.
*
* @return void
*/
protected function setupHttp()
{
$_GET = array();
$_POST = array();
$_COOKIE = array();
$_FILES = array();
$_SERVER = array('REDIRECT_FLOW3_CONTEXT' => 'Development', 'REDIRECT_FLOW3_REWRITEURLS' => '1', 'REDIRECT_STATUS' => '200', 'FLOW3_CONTEXT' => 'Testing', 'FLOW3_REWRITEURLS' => '1', 'HTTP_HOST' => 'localhost', 'HTTP_USER_AGENT' => 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_2) AppleWebKit/534.52.7 (KHTML, like Gecko) Version/5.1.2 Safari/534.52.7', 'HTTP_ACCEPT' => 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8', 'HTTP_ACCEPT_LANGUAGE' => 'en-us', 'HTTP_ACCEPT_ENCODING' => 'gzip, deflate', 'HTTP_CONNECTION' => 'keep-alive', 'PATH' => '/usr/bin:/bin:/usr/sbin:/sbin', 'SERVER_SIGNATURE' => '', 'SERVER_SOFTWARE' => 'Apache/2.2.21 (Unix) mod_ssl/2.2.21 OpenSSL/1.0.0e DAV/2 PHP/5.3.8', 'SERVER_NAME' => 'localhost', 'SERVER_ADDR' => '127.0.0.1', 'SERVER_PORT' => '80', 'REMOTE_ADDR' => '127.0.0.1', 'DOCUMENT_ROOT' => '/opt/local/apache2/htdocs/', 'SERVER_ADMIN' => 'george@localhost', 'SCRIPT_FILENAME' => '/opt/local/apache2/htdocs/Web/index.php', 'REMOTE_PORT' => '51439', 'REDIRECT_QUERY_STRING' => '', 'REDIRECT_URL' => '', 'GATEWAY_INTERFACE' => 'CGI/1.1', 'SERVER_PROTOCOL' => 'HTTP/1.1', 'REQUEST_METHOD' => 'GET', 'QUERY_STRING' => '', 'REQUEST_URI' => '', 'SCRIPT_NAME' => '/index.php', 'PHP_SELF' => '/index.php', 'REQUEST_TIME' => 1326472534);
$this->browser = new \TYPO3\FLOW3\Http\Client\Browser();
$this->router = $this->browser->getRequestEngine()->getRouter();
$requestHandler = self::$bootstrap->getActiveRequestHandler();
$requestHandler->setHttpRequest(\TYPO3\FLOW3\Http\Request::create(new \TYPO3\FLOW3\Http\Uri('http://localhost')));
}
/**
* RFC 2616 / 9.1.1
*
* @test
*/
public function isMethodSafeReturnsTrueIfTheRequestMethodIsGetOrHead()
{
$request = Request::create(new Uri('http://acme.com'), 'GET');
$this->assertTrue($request->isMethodSafe());
$request = Request::create(new Uri('http://acme.com'), 'HEAD');
$this->assertTrue($request->isMethodSafe());
$request = Request::create(new Uri('http://acme.com'), 'POST');
$this->assertFalse($request->isMethodSafe());
$request = Request::create(new Uri('http://acme.com'), 'PUT');
$this->assertFalse($request->isMethodSafe());
$request = Request::create(new Uri('http://acme.com'), 'DELETE');
$this->assertFalse($request->isMethodSafe());
}
/**
* Routes the specified web request by setting the controller name, action and possible
* parameters. If the request could not be routed, it will be left untouched.
*
* @param \TYPO3\FLOW3\Http\Request $httpRequest The web request to be analyzed. Will be modified by the router.
* @return \TYPO3\FLOW3\Mvc\ActionRequest
*/
public function route(\TYPO3\FLOW3\Http\Request $httpRequest)
{
$this->actionRequest = $httpRequest->createActionRequest();
$routePath = substr($httpRequest->getUri()->getPath(), strlen($httpRequest->getBaseUri()->getPath()));
$matchResults = $this->findMatchResults($routePath);
if ($matchResults !== NULL) {
$requestArguments = $this->actionRequest->getArguments();
$mergedArguments = Arrays::arrayMergeRecursiveOverrule($requestArguments, $matchResults);
$this->actionRequest->setArguments($mergedArguments);
}
$this->setDefaultControllerAndActionNameIfNoneSpecified();
return $this->actionRequest;
}
/**
* @test
*/
public function isCsrfProtectionTokenValidChecksIfTheGivenTokenIsExistingInTheContextAndUnsetsItIfTheCsrfStrategyIsOnePerUri()
{
$request = Request::create(new Uri('http://robertlemke.com/admin'))->createActionRequest();
$mockAuthenticationManager = $this->getMock('TYPO3\\FLOW3\\Security\\Authentication\\AuthenticationManagerInterface');
$existingTokens = array('csrfToken12345' => TRUE);
$securityContext = $this->getAccessibleMock('TYPO3\\FLOW3\\Security\\Context', array('initialize'), array(), '', FALSE);
$securityContext->injectRequest($request);
$securityContext->_set('authenticationManager', $mockAuthenticationManager);
$securityContext->_set('csrfTokens', $existingTokens);
$securityContext->_set('csrfStrategy', \TYPO3\FLOW3\Security\Context::CSRF_ONE_PER_URI);
$this->assertTrue($securityContext->isCsrfProtectionTokenValid('csrfToken12345'));
$this->assertFalse($securityContext->isCsrfProtectionTokenValid('csrfToken12345'));
}
/**
* Parses a RFC 2616 content negotiation header field by evaluating the Quality
* Values and splitting the options into an array list, ordered by user preference.
*
* @param string $rawValues The raw Accept* Header field value
* @return array The parsed list of field values, ordered by user preference
*/
public static function parseContentNegotiationQualityValues($rawValues)
{
$acceptedTypes = array_map(function ($acceptType) {
$typeAndQuality = preg_split('/;\\s*q=/', $acceptType);
return array($typeAndQuality[0], isset($typeAndQuality[1]) ? (double) $typeAndQuality[1] : '');
}, preg_split('/,\\s*/', $rawValues));
$flattenedAcceptedTypes = array();
$valuesWithoutQualityValue = array(array(), array(), array(), array());
foreach ($acceptedTypes as $typeAndQuality) {
if ($typeAndQuality[1] === '') {
$parsedType = Request::parseMediaType($typeAndQuality[0]);
if ($parsedType['type'] === '*') {
$valuesWithoutQualityValue[3][$typeAndQuality[0]] = TRUE;
} elseif ($parsedType['subtype'] === '*') {
$valuesWithoutQualityValue[2][$typeAndQuality[0]] = TRUE;
} elseif ($parsedType['parameters'] === array()) {
$valuesWithoutQualityValue[1][$typeAndQuality[0]] = TRUE;
} else {
$valuesWithoutQualityValue[0][$typeAndQuality[0]] = TRUE;
}
} else {
$flattenedAcceptedTypes[$typeAndQuality[0]] = $typeAndQuality[1];
}
}
$valuesWithoutQualityValue = array_merge(array_keys($valuesWithoutQualityValue[0]), array_keys($valuesWithoutQualityValue[1]), array_keys($valuesWithoutQualityValue[2]), array_keys($valuesWithoutQualityValue[3]));
arsort($flattenedAcceptedTypes);
$parsedValues = array_merge($valuesWithoutQualityValue, array_keys($flattenedAcceptedTypes));
return $parsedValues;
}
/**
* @test
*/
public function setDispatchedEmitsSignalIfDispatched()
{
$httpRequest = HttpRequest::create(new Uri('http://robertlemke.com/blog'));
$actionRequest = new ActionRequest($httpRequest);
$mockDispatcher = $this->getMock('TYPO3\\FLOW3\\SignalSlot\\Dispatcher');
$mockDispatcher->expects($this->once())->method('dispatch')->with('TYPO3\\FLOW3\\Mvc\\ActionRequest', 'requestDispatched', array($actionRequest));
$mockObjectManager = $this->getMock('TYPO3\\FLOW3\\Object\\ObjectManagerInterface');
$mockObjectManager->expects($this->any())->method('get')->will($this->returnValue($mockDispatcher));
$this->inject($actionRequest, 'objectManager', $mockObjectManager);
$actionRequest->setDispatched(TRUE);
}
/**
* @test
*/
public function initializeObjectSetsTheCurrentSiteToTheFirstSiteFoundIfNoDomainsMatchedTheCurrentRequest()
{
$mockHttpRequestHandler = $this->getMock('TYPO3\\FLOW3\\Http\\HttpRequestHandlerInterface');
$mockHttpRequestHandler->expects($this->any())->method('getHttpRequest')->will($this->returnValue(\TYPO3\FLOW3\Http\Request::create(new \TYPO3\FLOW3\Http\Uri('http://myhost/'))));
$mockBootstrap = $this->getMock('TYPO3\\FLOW3\\Core\\Bootstrap', array('getActiveRequestHandler'), array(), '', FALSE);
$mockBootstrap->expects($this->any())->method('getActiveRequestHandler')->will($this->returnValue($mockHttpRequestHandler));
$mockSites = array($this->getMock('TYPO3\\TYPO3\\Domain\\Model\\Site', array(), array(), '', FALSE), $this->getMock('TYPO3\\TYPO3\\Domain\\Model\\Site', array(), array(), '', FALSE));
$mockSiteRepository = $this->getMock('TYPO3\\TYPO3\\Domain\\Repository\\SiteRepository', array('findFirst'), array(), '', FALSE);
$mockSiteRepository->expects($this->once())->method('findFirst')->will($this->returnValue($mockSites[0]));
$mockDomainRepository = $this->getMock('TYPO3\\TYPO3\\Domain\\Repository\\DomainRepository', array(), array(), '', FALSE);
$mockDomainRepository->expects($this->once())->method('findByHost')->with('myhost')->will($this->returnValue(array()));
$mockObjectManager = $this->getMock('TYPO3\\FLOW3\\Object\\ObjectManagerInterface');
$contentContext = $this->getMock($this->buildAccessibleProxy('TYPO3\\TYPO3\\Domain\\Service\\ContentContext'), array('dummy'), array('live'));
$contentContext->_set('objectManager', $mockObjectManager);
$contentContext->_set('domainRepository', $mockDomainRepository);
$contentContext->_set('siteRepository', $mockSiteRepository);
$contentContext->_set('bootstrap', $mockBootstrap);
$contentContext->initializeObject();
$this->assertSame(NULL, $contentContext->getCurrentDomain());
$this->assertSame($mockSites[0], $contentContext->getCurrentSite());
}
/**
* @test
*/
public function detectResourcesBaseUriDetectsUriWithSubDirectoryCorrectly()
{
$expectedBaseUri = 'http://www.sarkosh.dk/_Resources/';
$uri = new \TYPO3\FLOW3\Http\Uri('http://www.sarkosh.dk/cdcollection/albums');
$httpRequest = \TYPO3\FLOW3\Http\Request::create($uri);
$requestHandler = $this->getMock('TYPO3\\FLOW3\\Http\\HttpRequestHandlerInterface');
$requestHandler->expects($this->any())->method('getHttpRequest')->will($this->returnValue($httpRequest));
$bootstrap = $this->getMock('TYPO3\\FLOW3\\Core\\Bootstrap', array('getActiveRequestHandler'), array(), '', FALSE);
$bootstrap->expects($this->any())->method('getActiveRequestHandler')->will($this->returnValue($requestHandler));
$publishingTarget = $this->getAccessibleMock('TYPO3\\FLOW3\\Resource\\Publishing\\FileSystemPublishingTarget', array('dummy'));
$publishingTarget->_set('resourcesPublishingPath', FLOW3_PATH_WEB . '_Resources/');
$publishingTarget->injectBootstrap($bootstrap);
$publishingTarget->_call('detectResourcesBaseUri');
$actualBaseUri = $publishingTarget->_get('resourcesBaseUri');
$this->assertSame($expectedBaseUri, $actualBaseUri);
}
/**
* Returns the DOM crawler which can be used to interact with the web page
* structure, submit forms, click links or fetch specific parts of the
* website's contents.
*
* The returned DOM crawler is bound to the response of the last executed
* request.
*
* @return \Symfony\Component\DomCrawler\Crawler
* @api
*/
public function getCrawler()
{
$crawler = new Crawler(NULL, $this->lastRequest->getBaseUri());
$crawler->addContent($this->lastResponse->getContent(), $this->lastResponse->getHeader('Content-Type'));
return $crawler;
}
/**
* RFC 2616 / 14.28 (If-Unmodified-Since)
*
* @test
*/
public function makeStandardsCompliantReturns412StatusIfUnmodifiedSinceDoesNotMatch()
{
$request = Request::create(new Uri('http://localhost'));
$response = new Response();
$unmodifiedSince = \DateTime::createFromFormat(DATE_RFC2822, 'Tue, 15 May 2012 09:00:00 GMT');
$lastModified = \DateTime::createFromFormat(DATE_RFC2822, 'Sun, 20 May 2012 08:00:00 UTC');
$request->setHeader('If-Unmodified-Since', $unmodifiedSince);
$response->setHeader('Last-Modified', $lastModified);
$response->makeStandardsCompliant($request);
$this->assertSame(412, $response->getStatusCode());
$response = new Response();
$unmodifiedSince = \DateTime::createFromFormat(DATE_RFC2822, 'Tue, 15 May 2012 09:00:00 GMT');
$lastModified = \DateTime::createFromFormat(DATE_RFC2822, 'Tue, 15 May 2012 08:00:00 UTC');
$request->setHeader('If-Unmodified-Since', $unmodifiedSince);
$response->setHeader('Last-Modified', $lastModified);
$response->makeStandardsCompliant($request);
$this->assertSame(200, $response->getStatusCode());
}
