3 * @copyright Copyright (C) 2020, Friendica
5 * @license GNU AGPL version 3 or any later version
7 * This program is free software: you can redistribute it and/or modify
8 * it under the terms of the GNU Affero General Public License as
9 * published by the Free Software Foundation, either version 3 of the
10 * License, or (at your option) any later version.
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU Affero General Public License for more details.
17 * You should have received a copy of the GNU Affero General Public License
18 * along with this program. If not, see <https://www.gnu.org/licenses/>.
22 namespace Friendica\Test\src\Model\User;
24 use Friendica\App\BaseURL;
25 use Friendica\Core\Config\IConfig;
26 use Friendica\Model\User\Cookie;
27 use Friendica\Test\MockedTest;
28 use Friendica\Test\Util\StaticCookie;
29 use Mockery\MockInterface;
31 class CookieTest extends MockedTest
33 /** @var MockInterface|IConfig */
35 /** @var MockInterface|BaseURL */
38 protected function setUp()
40 StaticCookie::clearStatic();
44 $this->config = \Mockery::mock(IConfig::class);
45 $this->baseUrl = \Mockery::mock(BaseURL::class);
48 protected function tearDown()
50 StaticCookie::clearStatic();
56 * Test if we can create a basic cookie instance
58 public function testInstance()
60 $this->baseUrl->shouldReceive('getSSLPolicy')->andReturn(true)->once();
61 $this->config->shouldReceive('get')->with('system', 'site_prvkey')->andReturn('1235')->once();
62 $this->config->shouldReceive('get')->with('system', 'auth_cookie_lifetime', Cookie::DEFAULT_EXPIRE)->andReturn('7')->once();
64 $cookie = new Cookie($this->config, $this->baseUrl);
65 self::assertInstanceOf(Cookie::class, $cookie);
68 public function dataGet()
73 Cookie::NAME => json_encode([
95 Cookie::NAME => 'test',
104 Cookie::NAME => json_encode([
118 * Test the get() method of the cookie class
120 * @dataProvider dataGet
122 public function testGet(array $cookieData, bool $hasValues, $uid, $hash, $ip)
124 $this->baseUrl->shouldReceive('getSSLPolicy')->andReturn(true)->once();
125 $this->config->shouldReceive('get')->with('system', 'site_prvkey')->andReturn('1235')->once();
126 $this->config->shouldReceive('get')->with('system', 'auth_cookie_lifetime', Cookie::DEFAULT_EXPIRE)->andReturn('7')->once();
128 $cookie = new Cookie($this->config, $this->baseUrl, [], $cookieData);
129 self::assertInstanceOf(Cookie::class, $cookie);
132 self::assertEquals($uid, $cookie->get('uid'));
134 self::assertNull($cookie->get('uid'));
137 self::assertEquals($hash, $cookie->get('hash'));
139 self::assertNull($cookie->get('hash'));
142 self::assertEquals($ip, $cookie->get('ip'));
144 self::assertNull($cookie->get('ip'));
148 public function dataCheck()
152 'serverPrivateKey' => 'serverkey',
153 'userPrivateKey' => 'userkey',
154 'password' => 'test',
155 'assertHash' => 'e9b4eb16275a2907b5659d22905b248221d0517dde4a9d5c320b8fe051b1267b',
156 'assertTrue' => true,
159 'serverPrivateKey' => 'serverkey',
160 'userPrivateKey' => '',
163 'assertTrue' => false,
166 'serverPrivateKey' => 'serverkey',
167 'userPrivateKey' => 'bla',
168 'password' => 'nope',
169 'assertHash' => 'real wrong!',
170 'assertTrue' => false,
176 * Test the check() method of the cookie class
178 * @dataProvider dataCheck
180 public function testCheck(string $serverPrivateKey, string $userPrivateKey, string $password, string $assertHash, bool $assertTrue)
182 $this->baseUrl->shouldReceive('getSSLPolicy')->andReturn(true)->once();
183 $this->config->shouldReceive('get')->with('system', 'site_prvkey')->andReturn($serverPrivateKey)->once();
184 $this->config->shouldReceive('get')->with('system', 'auth_cookie_lifetime', Cookie::DEFAULT_EXPIRE)->andReturn('7')->once();
186 $cookie = new Cookie($this->config, $this->baseUrl);
187 self::assertInstanceOf(Cookie::class, $cookie);
189 self::assertEquals($assertTrue, $cookie->comparePrivateDataHash($assertHash, $password, $userPrivateKey));
192 public function dataSet()
199 'privateKey' => '124',
200 'assertHash' => 'b657a15cfe7ed1f7289c9aa51af14a9a26c966f4ddd74e495fba103d8e872a39',
201 'remoteIp' => '0.0.0.0',
204 'withServerArray' => [
208 'privateKey' => '124',
209 'assertHash' => 'b657a15cfe7ed1f7289c9aa51af14a9a26c966f4ddd74e495fba103d8e872a39',
210 'remoteIp' => '1.2.3.4',
211 'serverArray' => ['REMOTE_ADDR' => '1.2.3.4',],
216 public function assertCookie($uid, $hash, $remoteIp)
218 self::assertArrayHasKey(Cookie::NAME, StaticCookie::$_COOKIE);
220 $data = json_decode(StaticCookie::$_COOKIE[Cookie::NAME]);
222 self::assertObjectHasAttribute('uid', $data);
223 self::assertEquals($uid, $data->uid);
224 self::assertObjectHasAttribute('hash', $data);
225 self::assertEquals($hash, $data->hash);
226 self::assertObjectHasAttribute('ip', $data);
227 self::assertEquals($remoteIp, $data->ip);
229 self::assertLessThanOrEqual(time() + Cookie::DEFAULT_EXPIRE * 24 * 60 * 60, StaticCookie::$_EXPIRE);
233 * Test the set() method of the cookie class
235 * @dataProvider dataSet
237 public function testSet($serverKey, $uid, $password, $privateKey, $assertHash, $remoteIp, $serverArray)
239 $this->baseUrl->shouldReceive('getSSLPolicy')->andReturn(true)->once();
240 $this->config->shouldReceive('get')->with('system', 'site_prvkey')->andReturn($serverKey)->once();
241 $this->config->shouldReceive('get')->with('system', 'auth_cookie_lifetime', Cookie::DEFAULT_EXPIRE)->andReturn(Cookie::DEFAULT_EXPIRE)->once();
243 $cookie = new StaticCookie($this->config, $this->baseUrl, $serverArray);
244 self::assertInstanceOf(Cookie::class, $cookie);
246 $cookie->setMultiple([
248 'hash' => $assertHash,
251 self::assertCookie($uid, $assertHash, $remoteIp);
255 * Test the set() method of the cookie class
257 * @dataProvider dataSet
259 public function testDoubleSet($serverKey, $uid, $password, $privateKey, $assertHash, $remoteIp, $serverArray)
261 $this->baseUrl->shouldReceive('getSSLPolicy')->andReturn(true)->once();
262 $this->config->shouldReceive('get')->with('system', 'site_prvkey')->andReturn($serverKey)->once();
263 $this->config->shouldReceive('get')->with('system', 'auth_cookie_lifetime', Cookie::DEFAULT_EXPIRE)->andReturn(Cookie::DEFAULT_EXPIRE)->once();
265 $cookie = new StaticCookie($this->config, $this->baseUrl, $serverArray);
266 self::assertInstanceOf(Cookie::class, $cookie);
268 $cookie->set('uid', $uid);
269 $cookie->set('hash', $assertHash);
271 self::assertCookie($uid, $assertHash, $remoteIp);
275 * Test the clear() method of the cookie class
277 public function testClear()
279 StaticCookie::$_COOKIE = [
280 Cookie::NAME => 'test'
283 $this->baseUrl->shouldReceive('getSSLPolicy')->andReturn(true)->once();
284 $this->config->shouldReceive('get')->with('system', 'site_prvkey')->andReturn(24)->once();
285 $this->config->shouldReceive('get')->with('system', 'auth_cookie_lifetime', Cookie::DEFAULT_EXPIRE)->andReturn(Cookie::DEFAULT_EXPIRE)->once();
287 $cookie = new StaticCookie($this->config, $this->baseUrl);
288 self::assertInstanceOf(Cookie::class, $cookie);
290 self::assertEquals('test', StaticCookie::$_COOKIE[Cookie::NAME]);
291 self::assertEquals(null, StaticCookie::$_EXPIRE);
295 self::assertEmpty(StaticCookie::$_COOKIE[Cookie::NAME]);
296 self::assertEquals(-3600, StaticCookie::$_EXPIRE);