mirror of
https://github.com/kamilwylegala/cakephp2-php8.git
synced 2025-09-04 18:42:40 +00:00
Basic tests for BasicAuthenticate are passing.
This commit is contained in:
mark_story
parent
67c4c9a693
commit
e8bf6ed176
2 changed files with 162 additions and 26 deletions
|
|
@ -13,15 +13,88 @@
|
|||
* @license MIT License (http://www.opensource.org/licenses/mit-license.php)
|
||||
*/
|
||||
App::import('Component', 'auth/base_authenticate');
|
||||
App::import('Core', 'String');
|
||||
|
||||
|
||||
class BasicAuthenticate extends BaseAuthenticate {
|
||||
/**
|
||||
* Settings for this object.
|
||||
*
|
||||
* - `fields` The fields to use to identify a user by.
|
||||
* - `userModel` The model name of the User, defaults to User.
|
||||
* - `scope` Additional conditions to use when looking up and authenticating users,
|
||||
* i.e. `array('User.is_active' => 1).`
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
public $settings = array(
|
||||
'fields' => array(
|
||||
'username' => 'username',
|
||||
'password' => 'password'
|
||||
),
|
||||
'userModel' => 'User',
|
||||
'scope' => array(),
|
||||
'realm' => '',
|
||||
);
|
||||
|
||||
/**
|
||||
* Constructor, completes configuration for basic authentication.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function __construct($settings) {
|
||||
parent::__construct($settings);
|
||||
if (empty($this->settings['realm'])) {
|
||||
$this->settings['realm'] = env('SERVER_NAME');
|
||||
}
|
||||
}
|
||||
/**
|
||||
* Authenticate a user using basic HTTP auth. Will use the configured User model and attempt a
|
||||
* login using basic HTTP auth.
|
||||
*
|
||||
* @param CakeRequest $request The request to authenticate with.
|
||||
* @param CakeResponse $response The response to add headers to.
|
||||
* @return mixed Either false on failure, or an array of user data on success.
|
||||
*/
|
||||
public function authenticate(CakeRequest $request) {
|
||||
|
||||
public function authenticate(CakeRequest $request, CakeResponse $response) {
|
||||
$username = env('PHP_AUTH_USER');
|
||||
$pass = env('PHP_AUTH_PW');
|
||||
if (empty($username) || empty($pass)) {
|
||||
$response->header($this->loginHeaders());
|
||||
return false;
|
||||
}
|
||||
$userModel = $this->settings['userModel'];
|
||||
list($plugin, $model) = pluginSplit($userModel);
|
||||
$fields = $this->settings['fields'];
|
||||
|
||||
$conditions = array(
|
||||
$model . '.' . $fields['username'] => $username,
|
||||
$model . '.' . $fields['password'] => $this->hash($pass),
|
||||
);
|
||||
if (!empty($this->settings['scope'])) {
|
||||
$conditions = array_merge($conditions, $this->settings['scope']);
|
||||
}
|
||||
$result = ClassRegistry::init($userModel)->find('first', array(
|
||||
'conditions' => $conditions,
|
||||
'recursive' => 0
|
||||
));
|
||||
if (empty($result) || empty($result[$model])) {
|
||||
$response->header($this->loginHeaders());
|
||||
$response->header('Location', Router::reverse($request));
|
||||
$response->statusCode(401);
|
||||
$response->send();
|
||||
return false;
|
||||
}
|
||||
unset($result[$model][$fields['password']]);
|
||||
return $result[$model];
|
||||
}
|
||||
|
||||
/**
|
||||
* Generate the login headers
|
||||
*
|
||||
* @return string Headers for logging in.
|
||||
*/
|
||||
public function loginHeaders() {
|
||||
return sprintf('WWW-Authenticate: Basic realm="%s"', $this->settings['realm']);
|
||||
}
|
||||
}
|
||||
|
|
@ -17,6 +17,8 @@
|
|||
App::import('Component', 'auth/basic_authenticate');
|
||||
App::import('Model', 'AppModel');
|
||||
App::import('Core', 'CakeRequest');
|
||||
App::import('Core', 'CakeResponse');
|
||||
|
||||
|
||||
require_once CAKE_TESTS . 'cases' . DS . 'libs' . DS . 'model' . DS . 'models.php';
|
||||
|
||||
|
|
@ -38,10 +40,24 @@ class BasicAuthenticateTest extends CakeTestCase {
|
|||
parent::setUp();
|
||||
$this->auth = new BasicAuthenticate(array(
|
||||
'fields' => array('username' => 'user', 'password' => 'password'),
|
||||
'userModel' => 'User'
|
||||
'userModel' => 'User',
|
||||
'realm' => 'localhost',
|
||||
));
|
||||
|
||||
$password = Security::hash('password', null, true);
|
||||
ClassRegistry::init('User')->updateAll(array('password' => '"' . $password . '"'));
|
||||
$this->server = $_SERVER;
|
||||
$this->response = $this->getMock('CakeResponse');
|
||||
}
|
||||
|
||||
/**
|
||||
* teardown
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
function tearDown() {
|
||||
parent::tearDown();
|
||||
$_SERVER = $this->server;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -56,6 +72,7 @@ class BasicAuthenticateTest extends CakeTestCase {
|
|||
));
|
||||
$this->assertEquals('AuthUser', $object->settings['userModel']);
|
||||
$this->assertEquals(array('username' => 'user', 'password' => 'password'), $object->settings['fields']);
|
||||
$this->assertEquals(env('SERVER_NAME'), $object->settings['realm']);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -65,8 +82,12 @@ class BasicAuthenticateTest extends CakeTestCase {
|
|||
*/
|
||||
function testAuthenticateNoData() {
|
||||
$request = new CakeRequest('posts/index', false);
|
||||
$request->data = array();
|
||||
$this->assertFalse($this->auth->authenticate($request));
|
||||
|
||||
$this->response->expects($this->once())
|
||||
->method('header')
|
||||
->with('WWW-Authenticate: Basic realm="localhost"');
|
||||
|
||||
$this->assertFalse($this->auth->authenticate($request, $this->response));
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -76,8 +97,13 @@ class BasicAuthenticateTest extends CakeTestCase {
|
|||
*/
|
||||
function testAuthenticateNoUsername() {
|
||||
$request = new CakeRequest('posts/index', false);
|
||||
$request->data = array('User' => array('password' => 'foobar'));
|
||||
$this->assertFalse($this->auth->authenticate($request));
|
||||
$_SERVER['PHP_AUTH_PW'] = 'foobar';
|
||||
|
||||
$this->response->expects($this->once())
|
||||
->method('header')
|
||||
->with('WWW-Authenticate: Basic realm="localhost"');
|
||||
|
||||
$this->assertFalse($this->auth->authenticate($request, $this->response));
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -87,8 +113,13 @@ class BasicAuthenticateTest extends CakeTestCase {
|
|||
*/
|
||||
function testAuthenticateNoPassword() {
|
||||
$request = new CakeRequest('posts/index', false);
|
||||
$request->data = array('User' => array('user' => 'mariano'));
|
||||
$this->assertFalse($this->auth->authenticate($request));
|
||||
$_SERVER['PHP_AUTH_USER'] = 'mariano';
|
||||
|
||||
$this->response->expects($this->once())
|
||||
->method('header')
|
||||
->with('WWW-Authenticate: Basic realm="localhost"');
|
||||
|
||||
$this->assertFalse($this->auth->authenticate($request, $this->response));
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -98,14 +129,30 @@ class BasicAuthenticateTest extends CakeTestCase {
|
|||
*/
|
||||
function testAuthenticateInjection() {
|
||||
$request = new CakeRequest('posts/index', false);
|
||||
$request->data = array(
|
||||
'User' => array(
|
||||
'user' => '> 1',
|
||||
'password' => "' OR 1 = 1"
|
||||
));
|
||||
$this->assertFalse($this->auth->authenticate($request));
|
||||
$request->addParams(array('pass' => array(), 'named' => array()));
|
||||
|
||||
$_SERVER['PHP_AUTH_USER'] = '> 1';
|
||||
$_SERVER['PHP_AUTH_PW'] = "' OR 1 = 1";
|
||||
|
||||
$this->assertFalse($this->auth->authenticate($request, $this->response));
|
||||
}
|
||||
|
||||
/**
|
||||
* test that challenge headers are sent when no credentials are found.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
function testAuthenticateChallenge() {
|
||||
$request = new CakeRequest('posts/index', false);
|
||||
$request->addParams(array('pass' => array(), 'named' => array()));
|
||||
|
||||
$this->response->expects($this->once())
|
||||
->method('header')
|
||||
->with('WWW-Authenticate: Basic realm="localhost"');
|
||||
|
||||
$result = $this->auth->authenticate($request, $this->response);
|
||||
$this->assertFalse($result);
|
||||
}
|
||||
/**
|
||||
* test authenticate sucesss
|
||||
*
|
||||
|
|
@ -113,11 +160,12 @@ class BasicAuthenticateTest extends CakeTestCase {
|
|||
*/
|
||||
function testAuthenticateSuccess() {
|
||||
$request = new CakeRequest('posts/index', false);
|
||||
$request->data = array('User' => array(
|
||||
'user' => 'mariano',
|
||||
'password' => 'password'
|
||||
));
|
||||
$result = $this->auth->authenticate($request);
|
||||
$request->addParams(array('pass' => array(), 'named' => array()));
|
||||
|
||||
$_SERVER['PHP_AUTH_USER'] = 'mariano';
|
||||
$_SERVER['PHP_AUTH_PW'] = 'password';
|
||||
|
||||
$result = $this->auth->authenticate($request, $this->response);
|
||||
$expected = array(
|
||||
'id' => 1,
|
||||
'user' => 'mariano',
|
||||
|
|
@ -132,15 +180,30 @@ class BasicAuthenticateTest extends CakeTestCase {
|
|||
*
|
||||
* @return void
|
||||
*/
|
||||
function testAuthenticateScopeFail() {
|
||||
function testAuthenticateFailReChallenge() {
|
||||
$this->auth->settings['scope'] = array('user' => 'nate');
|
||||
$request = new CakeRequest('posts/index', false);
|
||||
$request->data = array('User' => array(
|
||||
'user' => 'mariano',
|
||||
'password' => 'password'
|
||||
));
|
||||
$request->addParams(array('pass' => array(), 'named' => array()));
|
||||
|
||||
$this->assertFalse($this->auth->authenticate($request));
|
||||
$_SERVER['PHP_AUTH_USER'] = 'mariano';
|
||||
$_SERVER['PHP_AUTH_PW'] = 'password';
|
||||
|
||||
$this->response->expects($this->at(0))
|
||||
->method('header')
|
||||
->with('WWW-Authenticate: Basic realm="localhost"');
|
||||
|
||||
$this->response->expects($this->at(1))
|
||||
->method('header')
|
||||
->with('Location', Router::reverse($request));
|
||||
|
||||
$this->response->expects($this->at(2))
|
||||
->method('statusCode')
|
||||
->with(401);
|
||||
|
||||
$this->response->expects($this->at(3))
|
||||
->method('send');
|
||||
|
||||
$this->assertFalse($this->auth->authenticate($request, $this->response));
|
||||
}
|
||||
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue