public function testAuthorizationToStringReturnsHeaderFormattedString() { $this->markTestIncomplete('Authorization needs to be completed'); $authorizationHeader = new Authorization(); // @todo set some values, then test output $this->assertEmpty('Authorization: xxx', $authorizationHeader->toString()); }
public function testLogin() { $user_model = $this->getApplicationServiceLocator()->get('Core\\Model\\User'); $authentication = $this->getApplicationServiceLocator()->get('API\\Service\\AuthenticationService'); //1 - create user record $uid = md5(time() . rand()); $id = $user_model->insert(array('username' => $uid, 'password' => md5($uid), 'email' => $uid . '@yahoo.com', 'status' => 'active', 'default_role' => 'root')); //test if user was created $this->assertTrue((bool) $id, 'User not created for authentication tests.'); //2 - send login request - incorrect $response = $this->api('login', array('username' => $uid)); $this->assertArrayHasKey('error', $response); $this->assertArrayHasKey('password', (array) $response['error']); $response = (array) $response['error']; $response = (array) $response['password']; $this->assertArrayHasKey('isEmpty', (array) $response); //2 - send login request - correct $response = $this->api('login', array('username' => $uid, 'password' => $uid)); //test if login was successful $this->assertArrayHasKey('error', $response, 'API response do not returned "error" key.'); $this->assertFalse($response['error'], '"error" key should be false.'); $this->assertArrayHasKey('response', $response, 'API response do not returned "response" key.'); $token = (array) $response['response']; $this->assertArrayHasKey('$token', $token, '"token" not returned as a key.'); $token = $token['$token']; $this->assertEquals(32, strlen($token), 'Not a proper MD5 token.'); //3 - get storage and test it with login request data $storage = $authentication->getStorage()->read(); $this->assertEquals($id, $storage->id); $this->assertEquals($uid, (string) $storage->username); $this->assertEquals($token, (string) $storage->token); $this->assertEquals('active', (string) $storage->status); //32 - test session mehod $headers = new Headers(); $headers->addHeader(Authorization::fromString('Authorization: Token ' . $token)); $this->getRequest()->setHeaders($headers); $response = $this->api('session'); $this->assertArrayHasKey('error', $response); $this->assertFalse($response['error']); $this->assertArrayHasKey('response', $response); $this->assertArrayHasKey('$user', (array) $response['response']); $response = (array) $response['response']; $this->assertEquals($id, $response['$user']->id); $this->assertEquals($uid, (string) $response['$user']->username); //4 - logout - without authentication $this->reset(); $response = $this->api('logout'); $this->assertArrayHasKey('error', $response); $this->assertEquals($response['error'], 'authentication-required'); $this->assertArrayHasKey('response', $response); $this->assertNull($response['response']); //5 - logout - with authentication $this->reset(); $headers = new Headers(); //print_r($token); $headers->addHeader(Authorization::fromString('Authorization: Token ' . $token)); $this->getRequest()->setHeaders($headers); $response = $this->api('logout'); $this->assertArrayHasKey('error', $response); $this->assertFalse($response['error']); $this->assertArrayHasKey('response', $response); $this->assertTrue($response['response']); //6 - repeat previous request $response = $this->api('logout'); $this->assertArrayHasKey('error', $response); $this->assertEquals($response['error'], 'authentication-required'); $this->assertArrayHasKey('response', $response); $this->assertNull($response['response']); //delete the user created for testing $this->assertTrue((bool) $user_model->delete(array('id' => $id)), 'Testing user was not deleted.'); }
/** * @param \Zend\Http\Request $request * @param \Zend\Http\Header\Authorization $authorizationHeader */ public function it_should_not_create_token_on_invalid_requests($request, $authorizationHeader) { $this->setRequest($request); // Invalid query params: $request->getQuery('token', [])->willReturn([]); $this->shouldThrow('Phpro\\MvcAuthToken\\Exception\\TokenException')->duringCreateTokenFromQueryParams(); // No authentication header was set $request->getHeader('Authorization')->willReturn(null); $this->shouldThrow('Phpro\\MvcAuthToken\\Exception\\TokenException')->duringCreateToken(); // Invalid authentication type $authorizationHeader->getFieldValue()->willReturn('Basic base64_user_and_password'); $request->getHeader('Authorization')->willReturn($authorizationHeader); $this->shouldThrow('Phpro\\MvcAuthToken\\Exception\\TokenException')->duringCreateToken(); }