<?php
/** DomFramework - Tests
  * @package domframework
  * @author Dominique Fournier <dominique@fournier38.fr>
  */

/** Test the authjwt.php file */
class authjwtTest extends PHPUnit_Framework_TestCase
{
  /** Generate a JWT valid token
    * payload = ["email" => "toto@example.com", "password" => "ToTo"];
    */
  public function testCreateKey1 ()
  // {{{
  {
    $jwt = new jwt ();
    $this->serverKey = $jwt->createKey ();
    $payload = ["email" => "toto@example.com", "password" => "ToTo"];
    $this->cipherKey = "123456789012345678901234";
    $this->token = $jwt->encode ($payload, $this->serverKey, "HS256",
      $this->cipherKey);
  }
  // }}}

  /** Check if the authentication work
    */
  public function testAuthValid1 ()
  // {{{
  {
    $authjwt = new authjwt ();
    $_SERVER["HTTP_AUTHENTICATION"] = "Bearer ".$this->token;
    $authjwt->serverKey = $this->serverKey;
    $authjwt->cipherKey = $this->cipherKey;
    $authjwt->authentication ("unused", "unused");
    $res = $authjwt->getdetails ();
    unset ($res["bearer"]);
    $this->assertSame ($res,
      ["email" => "toto@example.com", "password" => "ToTo"]);
  }
  // }}}

  /** Invalid Token : reject with invalid signature
    */
  public function testInvalidToken1 ()
  // {{{
  {
    $this->expectException ("Exception", "JWT Signature not readable", 403);
    $authjwt = new authjwt ();
    $_SERVER["HTTP_AUTHENTICATION"] = "Bearer ".$this->token."NO";
    $authjwt->serverKey = $this->serverKey;
    $authjwt->cipherKey = $this->cipherKey;
    $authjwt->authentication ("unused", "unused");
    $res = $authjwt->getdetails ();
  }
  // }}}

  /** Invalid Token : reject with bad algorithm
    */
  public function testInvalidToken2 ()
  // {{{
  {
    $this->expectException ("Exception", "JWT with Empty algorithm", 403);
    $authjwt = new authjwt ();
    $_SERVER["HTTP_AUTHENTICATION"] = "Bearer "."NO".$this->token;
    $authjwt->serverKey = $this->serverKey;
    $authjwt->cipherKey = $this->cipherKey;
    $authjwt->authentication ("unused", "unused");
    $res = $authjwt->getdetails ();
  }
  // }}}

  /** Invalid Token : No token provided
    */
  public function testInvalidToken3 ()
  // {{{
  {
    $this->expectException ("Exception", "No Authentication available", 401);
    $authjwt = new authjwt ();
    unset ($_SERVER["HTTP_AUTHENTICATION"]);
    $authjwt->serverKey = $this->serverKey;
    $authjwt->cipherKey = $this->cipherKey;
    $authjwt->authentication ("unused", "unused");
    $res = $authjwt->getdetails ();
  }
  // }}}

  /** Invalid Token : No Bearer authentication
    */
  public function testInvalidToken4 ()
  // {{{
  {
    $this->expectException ("Exception", "No Bearer Authentication available",
    401);
    $authjwt = new authjwt ();
    $_SERVER["HTTP_AUTHENTICATION"] = "Bearer";
    $authjwt->serverKey = $this->serverKey;
    $authjwt->cipherKey = $this->cipherKey;
    $authjwt->authentication ("unused", "unused");
    $res = $authjwt->getdetails ();
  }
  // }}}

  /** Invalid Token : no email in it
    */
  public function testInvalidToken5 ()
  // {{{
  {
    $this->expectException ("Exception", "No email available in Bearer", 403);
    $jwt = new jwt ();
    $payload = ["password" => "ToTo"];
    $token = $jwt->encode ($payload, $this->serverKey, "HS256",
      $this->cipherKey);
    $authjwt = new authjwt ();
    $_SERVER["HTTP_AUTHENTICATION"] = "Bearer $token";
    $authjwt->serverKey = $this->serverKey;
    $authjwt->cipherKey = $this->cipherKey;
    $authjwt->authentication ("unused", "unused");
    $res = $authjwt->getdetails ();
  }
  // }}}

  /** Anonymous payload
    */
  public function testAnonymous1 ()
  // {{{
  {
    $jwt = new jwt ();
    $payload = ["email" => "anonymous"];
    $token = $jwt->encode ($payload, $this->serverKey, "HS256",
      $this->cipherKey);
    $authjwt = new authjwt ();
    $_SERVER["HTTP_AUTHENTICATION"] = "Bearer $token";
    $authjwt->serverKey = $this->serverKey;
    $authjwt->cipherKey = $this->cipherKey;
    $authjwt->authentication ("unused", "unused");
    $res = $authjwt->getdetails ();
    $this->assertSame ($res,
      array ("lastname"  => "anonymous",
             "firstname" => "",
             "email"     => "anonymous"));
  }
  // }}}

  /** Not needed function connect
    */
  public function testUnusedFunctions1 ()
  // {{{
  {
    $authjwt = new authjwt ();
    $res = $authjwt->connect ();
    $this->assertSame ($res, true);
  }
  // }}}

  /** Not needed function changepassword
    */
  public function testUnusedFunctions2 ()
  // {{{
  {
    $this->expectException ("Exception",
    "The password can't be change for JWT users", 405);
    $authjwt = new authjwt ();
    $res = $authjwt->changepassword ("unused", "unused");
  }
  // }}}

  /** Not needed function overwritepassword
    */
  public function testUnusedFunctions3 ()
  // {{{
  {
    $this->expectException ("Exception",
    "The password can't be overwrite for JWT users", 405);
    $authjwt = new authjwt ();
    $res = $authjwt->overwritepassword ("unused", "unused");
  }
  // }}}

  /** Not needed function logout
    */
  public function testUnusedFunctions4 ()
  // {{{
  {
    $this->expectException ("Exception",
    "The logout is not available for JWT users", 405);
    $authjwt = new authjwt ();
    $res = $authjwt->logout ();
  }
  // }}}
}