/**
  * Ensures an exception is thrown if the request has expired.
  *
  * @expectedException \Acquia\Hmac\Exception\TimestampOutOfRangeException
  */
 public function testExpiredRequest()
 {
     $authId = key($this->keys);
     $headers = ['Content-Type' => 'text/plain', 'X-Authorization-Timestamp' => 1, 'Authorization' => 'acquia-http-hmac realm="Pipet service",' . 'id="' . $authId . '",' . 'nonce="d1954337-5319-4821-8427-115542e08d10",' . 'version="2.0",' . 'headers="",' . 'signature="bRlPr/Z1WQz2sMthcaEqETRMw4gPYXlPcTpaLWS2gcc="'];
     $request = new Request('GET', 'https://example.com/test', $headers);
     $authHeader = AuthorizationHeader::createFromRequest($request);
     $authenticator = new MockRequestAuthenticator(new MockKeyLoader($this->keys), $authHeader);
     $authenticator->authenticate($request);
 }
Exemplo n.º 2
0
 /**
  * @dataProvider specFixtureProvider
  */
 public function testSpec($input, $expectations)
 {
     $key = new Key($input['id'], $input['secret']);
     $digest = new Digest();
     $headers = ['X-Authorization-Timestamp' => $input['timestamp'], 'Content-Type' => $input['content_type']];
     foreach ($input['headers'] as $header => $value) {
         $headers[$header] = $value;
     }
     $body = !empty($input['content_body']) ? $input['content_body'] : null;
     $request = new Request($input['method'], $input['url'], $headers, $body);
     $authHeaderBuilder = new AuthorizationHeaderBuilder($request, $key);
     $authHeaderBuilder->setRealm($input['realm']);
     $authHeaderBuilder->setId($input['id']);
     $authHeaderBuilder->setNonce($input['nonce']);
     $authHeaderBuilder->setVersion('2.0');
     $authHeaderBuilder->setCustomHeaders($input['signed_headers']);
     $authHeader = $authHeaderBuilder->getAuthorizationHeader();
     $requestSigner = new MockRequestSigner($key, $input['realm'], $digest, $authHeader);
     $signedRequest = $requestSigner->signRequest($request, $input['signed_headers']);
     $signedAuthHeader = $signedRequest->getHeaderLine('Authorization');
     $this->assertContains('id="' . $input['id'] . '"', $signedAuthHeader);
     $this->assertContains('nonce="' . $input['nonce'] . '"', $signedAuthHeader);
     $this->assertContains('realm="' . rawurlencode($input['realm']) . '"', $signedAuthHeader);
     $this->assertContains('signature="' . $expectations['message_signature'] . '"', $signedAuthHeader);
     $this->assertContains('version="2.0"', $signedAuthHeader);
     // Prove that the digest generates the correct signature.
     $signedMessage = $digest->sign($expectations['signable_message'], $input['secret']);
     $this->assertEquals($expectations['message_signature'], $signedMessage);
     // Prove that the authenticator can authenticate the request.
     $keyLoader = new MockKeyLoader([$input['id'] => $input['secret']] + $this->keys);
     $authenticator = new MockRequestAuthenticator($keyLoader, null, $input['timestamp']);
     $compareKey = $authenticator->authenticate($signedRequest);
     $this->assertEquals($compareKey->getId(), $input['id']);
     // Prove that the response signer generates the correct signature.
     $response = new Response(200, [], $expectations['response_body']);
     $responseSigner = new ResponseSigner($key, $signedRequest);
     $response = $responseSigner->signResponse($response);
     $this->assertTrue($response->hasHeader('X-Server-Authorization-HMAC-SHA256'));
     $this->assertEquals($expectations['response_signature'], $response->getHeaderLine('X-Server-Authorization-HMAC-SHA256'));
 }