<?php
/** DomFramework - Tests
  * @package domframework
  * @author Dominique Fournier <dominique@fournier38.fr>
  */

/** Test the authjwt.php file */
class authjwtTest extends PHPUnit_Framework_TestCase
{
  public function __construct ()
  {
    $this->cacheDir  = "/tmp/testDFWJWT-".time ();
    $this->serverKey = "123456789012345678901234";
    $this->cipherKey = "EC17kIvjD66fBJHbQRkPguhu";
    $this->token = null;
  }

  public function __destruct ()
  {
    exec ("rm -rf $this->cacheDir");
  }

  /** Create a valid token as email is provided
    * payload = ["email" => "toto@example.com", "password" => "ToTo"];
    */
  public function testJWT1 ()
  // {{{
  {
    $authjwt = new authjwt ();
    $authjwt->cacheDir  = $this->cacheDir;
    $authjwt->serverKey = $this->serverKey;
    $authjwt->cipherKey = $this->cipherKey;
    $auth = ["email" => "toto@example.com", "password" => "ToTo"];
    $this->token = $authjwt->createJwtToken ($auth);
    $this->assertSame (strlen ($this->token), 145);
  }
  // }}}

  /** Check if the authentication work
    */
  public function testAuthValid1 ()
  // {{{
  {
    $authjwt = new authjwt ();
    $_SERVER["HTTP_AUTHENTICATION"] = "Bearer ".$this->token;
    $authjwt->cacheDir  = $this->cacheDir;
    $authjwt->serverKey = $this->serverKey;
    $authjwt->cipherKey = $this->cipherKey;
    $authjwt->authentication ("unused", "unused");
    $res = $authjwt->getdetails ();
    $this->assertSame ($res,
      ["email" => "toto@example.com", "password" => "ToTo"]);
  }
  // }}}

  /** Invalid Token : reject with invalid signature
    */
  public function testInvalidToken1 ()
  // {{{
  {
    $this->expectException ("Exception", "JWT Signature not readable", 403);
    $authjwt = new authjwt ();
    $_SERVER["HTTP_AUTHENTICATION"] = "Bearer ".$this->token."NO";
    $authjwt->cacheDir  = $this->cacheDir;
    $authjwt->serverKey = $this->serverKey;
    $authjwt->cipherKey = $this->cipherKey;
    $authjwt->authentication ("unused", "unused");
    $res = $authjwt->getdetails ();
  }
  // }}}

  /** Invalid Token : reject with bad algorithm
    */
  public function testInvalidToken2 ()
  // {{{
  {
    $this->expectException ("Exception", "JWT with Empty algorithm", 403);
    $authjwt = new authjwt ();
    $_SERVER["HTTP_AUTHENTICATION"] = "Bearer "."NO".$this->token;
    $authjwt->cacheDir  = $this->cacheDir;
    $authjwt->serverKey = $this->serverKey;
    $authjwt->cipherKey = $this->cipherKey;
    $authjwt->authentication ("unused", "unused");
    $res = $authjwt->getdetails ();
  }
  // }}}

  /** Invalid Token : No token provided
    */
  public function testInvalidToken3 ()
  // {{{
  {
    $this->expectException ("Exception", "No Authentication available", 401);
    $authjwt = new authjwt ();
    unset ($_SERVER["HTTP_AUTHENTICATION"]);
    $authjwt->cacheDir  = $this->cacheDir;
    $authjwt->serverKey = $this->serverKey;
    $authjwt->cipherKey = $this->cipherKey;
    $authjwt->authentication ("unused", "unused");
    $res = $authjwt->getdetails ();
  }
  // }}}

  /** Invalid Token : No Bearer authentication
    */
  public function testInvalidToken4 ()
  // {{{
  {
    $this->expectException ("Exception", "No Bearer Authentication available",
    401);
    $authjwt = new authjwt ();
    $_SERVER["HTTP_AUTHENTICATION"] = "Bearer";
    $authjwt->cacheDir  = $this->cacheDir;
    $authjwt->serverKey = $this->serverKey;
    $authjwt->cipherKey = $this->cipherKey;
    $authjwt->authentication ("unused", "unused");
    $res = $authjwt->getdetails ();
  }
  // }}}

  /** Invalid Token : no email in it
    */
  public function testInvalidToken5 ()
  // {{{
  {
    $this->expectException ("Exception",
    "AuthJWT : No email available in auth", 403);
    $auth = ["password" => "ToTo"];
    $authjwt = new authjwt ();
    $authjwt->cacheDir  = $this->cacheDir;
    $authjwt->serverKey = $this->serverKey;
    $authjwt->cipherKey = $this->cipherKey;
    $token = $authjwt->createJwtToken ($auth);
    $_SERVER["HTTP_AUTHENTICATION"] = "Bearer $token";
    $authjwt->authentication ("unused", "unused");
    $res = $authjwt->getdetails ();
  }
  // }}}

  /** Anonymous payload
    */
  public function testAnonymous1 ()
  // {{{
  {
    $this->expectException ("Exception",
    "AuthJWT : can not create token for anonymous", 403);
    $auth = ["email" => "anonymous"];
    $authjwt = new authjwt ();
    $authjwt->cacheDir  = $this->cacheDir;
    $authjwt->serverKey = $this->serverKey;
    $authjwt->cipherKey = $this->cipherKey;
    $token = $authjwt->createJwtToken ($auth);
    $_SERVER["HTTP_AUTHENTICATION"] = "Bearer $token";
    $authjwt->authentication ("unused", "unused");
    $res = $authjwt->getdetails ();
  }
  //  }}}

  /** Logout
    */
  public function testLogout1 ()
  // {{{
  {
    $authjwt = new authjwt ();
    $authjwt->cacheDir  = $this->cacheDir;
    $authjwt->serverKey = $this->serverKey;
    $authjwt->cipherKey = $this->cipherKey;
    $_SERVER["HTTP_AUTHENTICATION"] = "Bearer $this->token";
    $res = $authjwt->logout ();
  }
  // }}}

  /** Not needed function connect
    */
  public function testUnusedFunctions1 ()
  // {{{
  {
    $authjwt = new authjwt ();
    $res = $authjwt->connect ();
    $this->assertSame ($res, true);
  }
  // }}}

  /** Not needed function changepassword
    */
  public function testUnusedFunctions2 ()
  // {{{
  {
    $this->expectException ("Exception",
    "The password can't be change for JWT users", 405);
    $authjwt = new authjwt ();
    $res = $authjwt->changepassword ("unused", "unused");
  }
  // }}}

  /** Not needed function overwritepassword
    */
  public function testUnusedFunctions3 ()
  // {{{
  {
    $this->expectException ("Exception",
    "The password can't be overwrite for JWT users", 405);
    $authjwt = new authjwt ();
    $res = $authjwt->overwritepassword ("unused", "unused");
  }
  // }}}
}