index/tests/CSRFPTest.php

79 lines
3.6 KiB
PHP

<?php
// CSRFPTest.php
// Created: 2021-06-11
// Updated: 2022-02-03
declare(strict_types=1);
use PHPUnit\Framework\TestCase;
use Index\Security\CSRFP;
use Index\Security\CSRFPIdentity;
use Index\Security\CSRFPToken;
/**
* @covers CSRFP
* @covers CSRFPIdentity
* @covers CSRFPToken
*/
final class CSRFPTest extends TestCase {
private const SECRET_1 = 'pli4v2MgGI1DHP66hIBGEXyt6iCahANp';
private const SECRET_2 = 'WRp3MEWpb2vbcNBsx50184PXCg7tfH4D';
public function testCSRFP(): void {
$csrfp1 = new CSRFP(self::SECRET_1);
$csrfp2 = new CSRFP(self::SECRET_2);
$this->assertEquals(bin2hex($csrfp1->createHash('test', 1234, 12)), '965582c3bd762c22c18f99a5733cf9922166dbd2');
$this->assertEquals(bin2hex($csrfp2->createHash('test', 1234, 12)), '539b4e89e7313b91c66d5d18cc6e9ff6826cc7a2');
$token1 = $csrfp1->createToken('identity');
$token2 = $csrfp2->createToken('identity');
$token3 = $csrfp1->createToken('other');
$token4 = $csrfp2->createToken('other');
$this->assertTrue($csrfp1->verifyToken('identity', $token1));
$this->assertTrue($csrfp2->verifyToken('identity', $token2));
$this->assertTrue($csrfp1->verifyToken('other', $token3));
$this->assertTrue($csrfp2->verifyToken('other', $token4));
$this->assertFalse($csrfp2->verifyToken('identity', $token1));
$this->assertFalse($csrfp1->verifyToken('identity', $token2));
$this->assertFalse($csrfp2->verifyToken('other', $token3));
$this->assertFalse($csrfp1->verifyToken('other', $token4));
$this->assertFalse($csrfp1->verifyToken('other', $token1));
$this->assertFalse($csrfp2->verifyToken('other', $token2));
$this->assertFalse($csrfp1->verifyToken('identity', $token3));
$this->assertFalse($csrfp2->verifyToken('identity', $token4));
}
public function testTokenDecode(): void {
$token1 = CSRFPToken::decode('zCM1AAgHjTdDYLEcRgg5g0NHVsu69PTKurg'); // valid
$token2 = CSRFPToken::decode('AyQ1AAgHirhWJJJnQIwYKhWaF6zfv5NkhQ0'); // valid
$token3 = CSRFPToken::decode('KJFfkd39rrkf9Gs9g90sg90g3fdskfdsk34'); // random characters
$token4 = CSRFPToken::decode('zCM1AAgHjTdDY'); // incomplete data
$token5 = CSRFPToken::decode('AyQ'); // incomplete data
$token6 = CSRFPToken::decode(''); // empty
$this->assertEquals(bin2hex($token1->getHash()), '8d374360b11c46083983434756cbbaf4f4cabab8');
$this->assertEquals(bin2hex($token2->getHash()), '8ab856249267408c182a159a17acdfbf9364850d');
$this->assertEquals(bin2hex($token3->getHash()), 'aeb91ff46b3d83dd2c83dd20ddf76c91f76c937e');
$this->assertEquals(bin2hex($token4->getHash()), '8d3743'); // data may be incomplete, but there's still something
$this->assertEquals($token5->getHash(), '');
$this->assertEquals($token6->getHash(), '');
$this->assertEquals($token1->getTimestamp(), 3482572);
$this->assertEquals($token2->getTimestamp(), 3482627);
$this->assertEquals($token3->getTimestamp(), 2438959400);
$this->assertEquals($token4->getTimestamp(), 3482572);
$this->assertEquals($token5->getTimestamp(), -1);
$this->assertEquals($token6->getTimestamp(), -1);
$this->assertEquals($token1->getTolerance(), 1800);
$this->assertEquals($token2->getTolerance(), 1800);
$this->assertEquals($token3->getTolerance(), 64989);
$this->assertEquals($token4->getTolerance(), 1800);
$this->assertEquals($token5->getTolerance(), 0);
$this->assertEquals($token6->getTolerance(), 0);
}
}