225 lines
6.0 KiB
PHP
225 lines
6.0 KiB
PHP
<?php
|
|
|
|
/**
|
|
* DomFramework - Tests
|
|
* @package domframework
|
|
* @author Dominique Fournier <dominique@fournier38.fr>
|
|
* @license BSD
|
|
*/
|
|
|
|
namespace Domframework\Tests;
|
|
|
|
use Domframework\Jwt;
|
|
|
|
/**
|
|
* Test the Jwt.php file
|
|
*/
|
|
class JwtTest extends \PHPUnit_Framework_TestCase
|
|
{
|
|
public function testCreateKey1()
|
|
{
|
|
$jwt = new Jwt();
|
|
$res = $jwt->createKey();
|
|
$this->assertSame(40, strlen($res));
|
|
}
|
|
|
|
public function testSign1()
|
|
{
|
|
$jwt = new Jwt();
|
|
$res = $this->invokeMethod(
|
|
$jwt,
|
|
"sign",
|
|
"TEXT TO SIGN",
|
|
"KEY TO USE",
|
|
"HS384"
|
|
);
|
|
$this->assertSame(
|
|
"cQB+yNVvIER+Nw53MZfU/PGPAJlkKUnjMikmXAwVB9tcaINQH5a88LCDi0PmI5mZ",
|
|
base64_encode($res)
|
|
);
|
|
}
|
|
|
|
public function testSign2()
|
|
{
|
|
$jwt = new Jwt();
|
|
$res = $this->invokeMethod(
|
|
$jwt,
|
|
"sign",
|
|
"text to sign",
|
|
"KEY TO USE",
|
|
"HS384"
|
|
);
|
|
$this->assertSame(
|
|
"FLSkslsUGIpkP3xsJx5ephnCtH7K4jZSNxRxxCn3m7fsPK/MMfEIVr+h3heap80x",
|
|
base64_encode($res)
|
|
);
|
|
}
|
|
|
|
public function testSign3()
|
|
{
|
|
$jwt = new Jwt();
|
|
$res = $this->invokeMethod(
|
|
$jwt,
|
|
"sign",
|
|
"text to sign",
|
|
"key to use",
|
|
"HS384"
|
|
);
|
|
$this->assertSame(
|
|
"lBLlXb5Xo3z9zoEuO0obZdhqGNUKr8DaEsL991TpSPWIdB2067ckR+AJ1FW6in2B",
|
|
base64_encode($res)
|
|
);
|
|
}
|
|
|
|
public function testEncode1()
|
|
{
|
|
$jwt = new Jwt();
|
|
$res = $jwt->encode(["payload" => "value"], "key to use", "HS384");
|
|
$this->assertSame(
|
|
"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9." .
|
|
"eyJwYXlsb2FkIjoidmFsdWUifQ." .
|
|
"0ByHaODQQjYEvmgU2u5LI034RRMc7CKJQ752ys19Fqj7QiTJO7-trerYKCxCyuge",
|
|
$res
|
|
);
|
|
}
|
|
|
|
public function testDecode1()
|
|
{
|
|
$jwt = new Jwt();
|
|
$res = $jwt->decode(
|
|
"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9." .
|
|
"eyJwYXlsb2FkIjoidmFsdWUifQ." .
|
|
"0ByHaODQQjYEvmgU2u5LI034RRMc7CKJQ752ys19Fqj7QiTJO7-trerYKCxCyuge",
|
|
"key to use"
|
|
);
|
|
$this->assertSame((object)["payload" => "value"], $res);
|
|
}
|
|
|
|
public function testDecode2()
|
|
{
|
|
$GLOBALS["hash_equals"] = false;
|
|
$jwt = new Jwt();
|
|
$res = $jwt->decode(
|
|
"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9." .
|
|
"eyJwYXlsb2FkIjoidmFsdWUifQ." .
|
|
"0ByHaODQQjYEvmgU2u5LI034RRMc7CKJQ752ys19Fqj7QiTJO7-trerYKCxCyuge",
|
|
"key to use"
|
|
);
|
|
$this->assertSame((object)["payload" => "value"], $res);
|
|
}
|
|
|
|
public function testDecode3()
|
|
{
|
|
$jwt = new Jwt();
|
|
$this->expectException("Exception", "JWT with Empty algorithm");
|
|
$res = $jwt->decode(
|
|
"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUXXXXXJ9." .
|
|
"eyJwYXlsb2FkIjoidmFsdWUifQ." .
|
|
"0ByHaODQQjYEvmgU2u5LI034RRMc7CKJQ752ys19Fqj7QiTJO7-trerYKCxCyuge",
|
|
"key to use"
|
|
);
|
|
}
|
|
|
|
public function testDecode4()
|
|
{
|
|
$jwt = new Jwt();
|
|
$this->expectException("Exception", "JWT Payload not readable");
|
|
$res = $jwt->decode(
|
|
"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9." .
|
|
"eyJwYXlsb2FkIjoiXXXXXXXXfQ." .
|
|
"0ByHaODQQjYEvmgU2u5LI034RRMc7CKJQ752ys19Fqj7QiTJO7-trerYKCxCyuge",
|
|
"key to use"
|
|
);
|
|
}
|
|
|
|
public function testDecode5()
|
|
{
|
|
$jwt = new Jwt();
|
|
$this->expectException(
|
|
"Exception",
|
|
"JWT Signature verification failed"
|
|
);
|
|
$res = $jwt->decode(
|
|
"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9." .
|
|
"eyJwYXlsb2FkIjoidmFsdWUifQ." .
|
|
"1ByHaODQQjYEvmgU2u5LI034RRMc7CKJQ752ys19Fqj7QiTJO7-trerYKCxCyuge",
|
|
"key to use"
|
|
);
|
|
}
|
|
|
|
public function testDecode6()
|
|
{
|
|
$jwt = new Jwt();
|
|
$this->expectException(
|
|
"Exception",
|
|
"JWT Signature not readable"
|
|
);
|
|
$res = $jwt->decode(
|
|
"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9." .
|
|
"eyJwYXlsb2FkIjoidmFsdWUifQ." .
|
|
"0",
|
|
"key to use"
|
|
);
|
|
}
|
|
|
|
public function testDecode7()
|
|
{
|
|
$jwt = new Jwt();
|
|
$this->expectException(
|
|
"Exception",
|
|
"Malformed JWT Token"
|
|
);
|
|
$res = $jwt->decode(
|
|
"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9." .
|
|
"eyJwYXlsb2FkIjoidmFsdWUifQ",
|
|
"key to use"
|
|
);
|
|
}
|
|
|
|
///////////////////////////////
|
|
// ENCRYPT THE PAYLOAD //
|
|
///////////////////////////////
|
|
/**
|
|
* Check the length of the otken with cipher
|
|
*/
|
|
public function testEncrypt1()
|
|
{
|
|
$jwt = new Jwt();
|
|
$key = $jwt->createKey();
|
|
$res = $jwt->encode(
|
|
["email" => "toto@example.com", "password" => "ToTo"],
|
|
$key,
|
|
"HS256",
|
|
"123456789012345678901234"
|
|
);
|
|
$this->assertSame(strlen($res), 156);
|
|
}
|
|
|
|
/**
|
|
* Check if the encrypt/decrypt process return the same result
|
|
*/
|
|
public function testEncrypyt2()
|
|
{
|
|
$jwt = new Jwt();
|
|
$key = $jwt->createKey();
|
|
$payload = (object)["email" => "toto@example.com", "password" => "ToTo"];
|
|
$token = $jwt->encode($payload, $key, "HS256", "123456789012345678901234");
|
|
$res = $jwt->decode($token, $key, null, "123456789012345678901234");
|
|
$this->assertSame($res, $payload);
|
|
}
|
|
|
|
/**
|
|
* Check if the encrypted part is well unreadable
|
|
*/
|
|
public function testEncrypt3()
|
|
{
|
|
$jwt = new Jwt();
|
|
$key = $jwt->createKey();
|
|
$payload = (object)["email" => "toto@example.com", "password" => "ToTo"];
|
|
$token = $jwt->encode($payload, $key, "HS256", "123456789012345678901234");
|
|
list($header, $payload, $signature) = explode(".", $token);
|
|
$res = strpos(base64_decode($payload), "email");
|
|
$this->assertSame($res, false);
|
|
}
|
|
}
|