/** * Class constructor * * @return void */ public function __construct() { $this->_headers = Utils::getRequestHeaders(); $this->_resource = Utils::getResourceUri(); $this->_method = Utils::getMethod(); $this->_body = Utils::getBody(); }
public function testCORSconfig() { $tokenObject = new UsfAuthToken('abc123', 'http://localhost/tokenAuth/'); //CORS config $defaultCorsConfig = ['origin' => '', 'methods' => 'GET, POST, PUT, DELETE, OPTIONS', 'allowCredentials' => true, 'maxAge' => 86400, 'allowHeaders' => 'X-Requested-With']; $defCorsConfig = Utility::getNonPublicPropertyValue($tokenObject, "_corsConfig"); $this->assertEquals($defaultCorsConfig, $defCorsConfig); // empty CORS config $customCorsConfig = []; $tokenObject->setCorsConfig($customCorsConfig); $tokenObject->setRequestMethod('OPTIONS'); $tokenObject->addCorsHeaders(); $correctHeaders = ["Access-Control-Allow-Origin: '*'", "Access-Control-Allow-Credentials: true", "Access-Control-Max-Age: 86400", "Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS", "Access-Control-Allow-Headers: X-Requested-With"]; $this->assertEquals($correctHeaders, Utils::headers_list()); }
/** * Add the CORS headers to the response. * * @return void */ public function addCorsHeaders() { if (isset($this->_corsConfig['origin'])) { Utils::header("Access-Control-Allow-Origin: " . $this->_corsConfig['origin']); } else { Utils::header("Access-Control-Allow-Origin: '*'"); } if (isset($this->_corsConfig['allowCredentials'])) { Utils::header("Access-Control-Allow-Credentials: " . $this->_corsConfig['allowCredentials']); } else { Utils::header('Access-Control-Allow-Credentials: true'); } if (isset($this->_corsConfig['maxAge'])) { Utils::header("Access-Control-Max-Age: " . $this->_corsConfig['maxAge']); } else { Utils::header('Access-Control-Max-Age: 86400'); // cache for 1 day } // Access-Control headers are sent during OPTIONS requests if ($this->_requestMethod == 'OPTIONS') { if (isset($this->_corsConfig['methods'])) { Utils::header("Access-Control-Allow-Methods: " . $this->_corsConfig['methods']); } else { Utils::header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS'); } if (isset($this->_corsConfig['allowHeaders'])) { Utils::header("Access-Control-Allow-Headers: " . $this->_corsConfig['allowHeaders']); } else { Utils::header('Access-Control-Allow-Headers: X-Requested-With'); } } }
public function testUsfAuthHmacGoodTokenTest() { Utils::setMethod('GET'); Utils::setRequestHeader('key1', 'value1'); Utils::setRequestHeader('key2', 'value2'); Utils::setRequestHeader('Content-Type', 'text/plain'); Utils::setRequestHeader('Date', date('r')); Utils::setBody('This is the body.'); Utils::setResourceUri('/test.php'); $signer = new RequestSigner(); $signer->setProvider('USF'); $signature = $signer->getAuthorization(new SimpleRequest(), 'testId', 'testSecret'); Utils::setRequestHeader('Authorization', $signature); $keyArray = ["testId" => "testSecret"]; $usfAuthHmac = new UsfAuthHmac($keyArray, "+30 minutes"); $usfAuthHmac->setRequestWrapper(new SimpleRequest()); $result = $usfAuthHmac->authenticate(); $this->assertTrue($result); }