DomFramework/Tests/JwtTest.php

<?php

/** DomFramework - Tests
  * @package domframework
  * @author Dominique Fournier <dominique@fournier38.fr>
  * @license BSD
  */

namespace Domframework\Tests;

use Domframework\Jwt;

/** Test the Jwt.php file */
class JwtTest extends \PHPUnit_Framework_TestCase
{
    public function test_createKey_1()
    {
        $jwt = new Jwt();
        $res = $jwt->createKey();
        $this->assertSame(40, strlen($res));
    }

    public function test_sign_1()
    {
        $jwt = new Jwt();
        $res = $this->invokeMethod(
            $jwt,
            "sign",
            "TEXT TO SIGN",
            "KEY TO USE",
            "HS384"
        );
        $this->assertSame(
            "cQB+yNVvIER+Nw53MZfU/PGPAJlkKUnjMikmXAwVB9tcaINQH5a88LCDi0PmI5mZ",
            base64_encode($res)
        );
    }

    public function test_sign_2()
    {
        $jwt = new Jwt();
        $res = $this->invokeMethod(
            $jwt,
            "sign",
            "text to sign",
            "KEY TO USE",
            "HS384"
        );
        $this->assertSame(
            "FLSkslsUGIpkP3xsJx5ephnCtH7K4jZSNxRxxCn3m7fsPK/MMfEIVr+h3heap80x",
            base64_encode($res)
        );
    }

    public function test_sign_3()
    {
        $jwt = new Jwt();
        $res = $this->invokeMethod(
            $jwt,
            "sign",
            "text to sign",
            "key to use",
            "HS384"
        );
        $this->assertSame(
            "lBLlXb5Xo3z9zoEuO0obZdhqGNUKr8DaEsL991TpSPWIdB2067ckR+AJ1FW6in2B",
            base64_encode($res)
        );
    }

    public function test_encode_1()
    {
        $jwt = new Jwt();
        $res = $jwt->encode(array ("payload" => "value"), "key to use", "HS384");
        $this->assertSame(
            "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9." .
            "eyJwYXlsb2FkIjoidmFsdWUifQ." .
            "0ByHaODQQjYEvmgU2u5LI034RRMc7CKJQ752ys19Fqj7QiTJO7-trerYKCxCyuge",
            $res
        );
    }

    public function test_decode_1()
    {
        $jwt = new Jwt();
        $res = $jwt->decode(
            "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9." .
            "eyJwYXlsb2FkIjoidmFsdWUifQ." .
            "0ByHaODQQjYEvmgU2u5LI034RRMc7CKJQ752ys19Fqj7QiTJO7-trerYKCxCyuge",
            "key to use"
        );
        $this->assertSame((object)array ("payload" => "value"), $res);
    }

    public function test_decode_2()
    {
        $GLOBALS["hash_equals"] = false;
        $jwt = new Jwt();
        $res = $jwt->decode(
            "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9." .
            "eyJwYXlsb2FkIjoidmFsdWUifQ." .
            "0ByHaODQQjYEvmgU2u5LI034RRMc7CKJQ752ys19Fqj7QiTJO7-trerYKCxCyuge",
            "key to use"
        );
        $this->assertSame((object)array ("payload" => "value"), $res);
    }

    public function test_decode_3()
    {
        $jwt = new Jwt();
        $this->expectException("Exception", "JWT with Empty algorithm");
        $res = $jwt->decode(
            "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUXXXXXJ9." .
            "eyJwYXlsb2FkIjoidmFsdWUifQ." .
            "0ByHaODQQjYEvmgU2u5LI034RRMc7CKJQ752ys19Fqj7QiTJO7-trerYKCxCyuge",
            "key to use"
        );
    }

    public function test_decode_4()
    {
        $jwt = new Jwt();
        $this->expectException("Exception", "JWT Payload not readable");
        $res = $jwt->decode(
            "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9." .
            "eyJwYXlsb2FkIjoiXXXXXXXXfQ." .
            "0ByHaODQQjYEvmgU2u5LI034RRMc7CKJQ752ys19Fqj7QiTJO7-trerYKCxCyuge",
            "key to use"
        );
    }

    public function test_decode_5()
    {
        $jwt = new Jwt();
        $this->expectException(
            "Exception",
            "JWT Signature verification failed"
        );
        $res = $jwt->decode(
            "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9." .
            "eyJwYXlsb2FkIjoidmFsdWUifQ." .
            "1ByHaODQQjYEvmgU2u5LI034RRMc7CKJQ752ys19Fqj7QiTJO7-trerYKCxCyuge",
            "key to use"
        );
    }

    public function test_decode_6()
    {
        $jwt = new Jwt();
        $this->expectException(
            "Exception",
            "JWT Signature not readable"
        );
        $res = $jwt->decode(
            "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9." .
            "eyJwYXlsb2FkIjoidmFsdWUifQ." .
            "0",
            "key to use"
        );
    }

    public function test_decode_7()
    {
        $jwt = new Jwt();
        $this->expectException(
            "Exception",
            "Malformed JWT Token"
        );
        $res = $jwt->decode(
            "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9." .
            "eyJwYXlsb2FkIjoidmFsdWUifQ",
            "key to use"
        );
    }

  ///////////////////////////////
  //    ENCRYPT THE PAYLOAD    //
  ///////////////////////////////
  /** Check the length of the otken with cipher
    */
    public function testEncrypt1()
    {
        $jwt = new Jwt();
        $key = $jwt->createKey();
        $res = $jwt->encode(
            ["email" => "toto@example.com", "password" => "ToTo"],
            $key,
            "HS256",
            "123456789012345678901234"
        );
        $this->assertSame(strlen($res), 156);
    }

  /** Check if the encrypt/decrypt process return the same result
    */
    public function testEncrypyt2()
    {
        $jwt = new Jwt();
        $key = $jwt->createKey();
        $payload = (object)["email" => "toto@example.com", "password" => "ToTo"];
        $token = $jwt->encode($payload, $key, "HS256", "123456789012345678901234");
        $res = $jwt->decode($token, $key, null, "123456789012345678901234");
        $this->assertSame($res, $payload);
    }

  /** Check if the encrypted part is well unreadable
    */
    public function testEncrypt3()
    {
        $jwt = new Jwt();
        $key = $jwt->createKey();
        $payload = (object)["email" => "toto@example.com", "password" => "ToTo"];
        $token = $jwt->encode($payload, $key, "HS256", "123456789012345678901234");
        list ($header, $payload, $signature) = explode(".", $token);
        $res = strpos(base64_decode($payload), "email");
        $this->assertSame($res, false);
    }
}