public function testGenerateHmac() { $generator = new KeyPairGenerator(); $key = $generator->generateHmac(); $this->assertEqualsMatrix([[128, strlen($key->getPublicId())], [128, strlen($key->getSecretKey())], [KeyPairTypes::TYPE_HMAC, $key->getType()], [[], $key->getData()]]); $generator2 = new KeyPairGenerator(); $key2 = $generator2->generateHmac(256, 512, 'md5'); $this->assertEqualsMatrix([[32, strlen($key2->getPublicId())], [32, strlen($key2->getSecretKey())], [KeyPairTypes::TYPE_HMAC, $key2->getType()], [[], $key2->getData()]]); }
public function testHandleWithMissingAuthorization() { $generator = new KeyPairGenerator(); $hasher = new HmacHasher(); $pair = $generator->generateHmac(); $content = json_encode(['doge' => 'much secret']); $brokenRequest = Request::create('/auth/something/important/dont/hax/pls', 'POST', [], [], [], [], $content); $brokenRequest->headers->set('Content-Hash', $hasher->hash($content, $pair->getSecretKey())); $finder = m::mock(KeyPairFinderInterface::class); $finder->shouldReceive('byPublicId')->with($pair->getPublicId(), KeyPairTypes::TYPE_HMAC)->once()->andReturn($pair); $instance = new HmacMiddleware($finder); $response = $instance->handle($brokenRequest, function () { // }); $body = Std::jsonDecode($response->getContent()); $this->assertEqualsMatrix([['One or more fields are invalid. Please check your input.', $body['messages'][0]], [['authorization'], $body['missing']]]); }