/**
* Class constructor
*
* @return void
*/
public function __construct()
{
$this->_headers = Utils::getRequestHeaders();
$this->_resource = Utils::getResourceUri();
$this->_method = Utils::getMethod();
$this->_body = Utils::getBody();
}
public function testCORSconfig()
{
$tokenObject = new UsfAuthToken('abc123', 'http://localhost/tokenAuth/');
//CORS config
$defaultCorsConfig = ['origin' => '', 'methods' => 'GET, POST, PUT, DELETE, OPTIONS', 'allowCredentials' => true, 'maxAge' => 86400, 'allowHeaders' => 'X-Requested-With'];
$defCorsConfig = Utility::getNonPublicPropertyValue($tokenObject, "_corsConfig");
$this->assertEquals($defaultCorsConfig, $defCorsConfig);
// empty CORS config
$customCorsConfig = [];
$tokenObject->setCorsConfig($customCorsConfig);
$tokenObject->setRequestMethod('OPTIONS');
$tokenObject->addCorsHeaders();
$correctHeaders = ["Access-Control-Allow-Origin: '*'", "Access-Control-Allow-Credentials: true", "Access-Control-Max-Age: 86400", "Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS", "Access-Control-Allow-Headers: X-Requested-With"];
$this->assertEquals($correctHeaders, Utils::headers_list());
}
/**
* Add the CORS headers to the response.
*
* @return void
*/
public function addCorsHeaders()
{
if (isset($this->_corsConfig['origin'])) {
Utils::header("Access-Control-Allow-Origin: " . $this->_corsConfig['origin']);
} else {
Utils::header("Access-Control-Allow-Origin: '*'");
}
if (isset($this->_corsConfig['allowCredentials'])) {
Utils::header("Access-Control-Allow-Credentials: " . $this->_corsConfig['allowCredentials']);
} else {
Utils::header('Access-Control-Allow-Credentials: true');
}
if (isset($this->_corsConfig['maxAge'])) {
Utils::header("Access-Control-Max-Age: " . $this->_corsConfig['maxAge']);
} else {
Utils::header('Access-Control-Max-Age: 86400');
// cache for 1 day
}
// Access-Control headers are sent during OPTIONS requests
if ($this->_requestMethod == 'OPTIONS') {
if (isset($this->_corsConfig['methods'])) {
Utils::header("Access-Control-Allow-Methods: " . $this->_corsConfig['methods']);
} else {
Utils::header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS');
}
if (isset($this->_corsConfig['allowHeaders'])) {
Utils::header("Access-Control-Allow-Headers: " . $this->_corsConfig['allowHeaders']);
} else {
Utils::header('Access-Control-Allow-Headers: X-Requested-With');
}
}
}
public function testUsfAuthHmacGoodTokenTest()
{
Utils::setMethod('GET');
Utils::setRequestHeader('key1', 'value1');
Utils::setRequestHeader('key2', 'value2');
Utils::setRequestHeader('Content-Type', 'text/plain');
Utils::setRequestHeader('Date', date('r'));
Utils::setBody('This is the body.');
Utils::setResourceUri('/test.php');
$signer = new RequestSigner();
$signer->setProvider('USF');
$signature = $signer->getAuthorization(new SimpleRequest(), 'testId', 'testSecret');
Utils::setRequestHeader('Authorization', $signature);
$keyArray = ["testId" => "testSecret"];
$usfAuthHmac = new UsfAuthHmac($keyArray, "+30 minutes");
$usfAuthHmac->setRequestWrapper(new SimpleRequest());
$result = $usfAuthHmac->authenticate();
$this->assertTrue($result);
}
