3 namespace Friendica\Testsrc\Model\User;
5 use Friendica\App\BaseURL;
6 use Friendica\Core\Config\IConfiguration;
7 use Friendica\Model\User\Cookie;
8 use Friendica\Test\DatabaseTest;
9 use Friendica\Test\Util\StaticCookie;
10 use Mockery\MockInterface;
12 class CookieTest extends DatabaseTest
14 /** @var MockInterface|IConfiguration */
16 /** @var MockInterface|BaseURL */
19 protected function setUp()
21 StaticCookie::clearStatic();
25 $this->config = \Mockery::mock(IConfiguration::class);
26 $this->baseUrl = \Mockery::mock(BaseURL::class);
29 protected function tearDown()
31 StaticCookie::clearStatic();
35 * Test if we can create a basic cookie instance
37 public function testInstance()
39 $this->baseUrl->shouldReceive('getSSLPolicy')->andReturn(true)->once();
40 $this->config->shouldReceive('get')->with('system', 'site_prvkey')->andReturn('1235')->once();
41 $this->config->shouldReceive('get')->with('system', 'auth_cookie_lifetime', Cookie::DEFAULT_EXPIRE)->andReturn('7')->once();
43 $cookie = new Cookie($this->config, $this->baseUrl);
44 $this->assertInstanceOf(Cookie::class, $cookie);
47 public function dataGet()
52 Cookie::NAME => json_encode([
74 Cookie::NAME => 'test',
83 Cookie::NAME => json_encode([
97 * Test the get() method of the cookie class
99 * @dataProvider dataGet
101 public function testGet(array $cookieData, bool $hasValues, $uid, $hash, $ip)
103 $this->baseUrl->shouldReceive('getSSLPolicy')->andReturn(true)->once();
104 $this->config->shouldReceive('get')->with('system', 'site_prvkey')->andReturn('1235')->once();
105 $this->config->shouldReceive('get')->with('system', 'auth_cookie_lifetime', Cookie::DEFAULT_EXPIRE)->andReturn('7')->once();
107 $cookie = new Cookie($this->config, $this->baseUrl, [], $cookieData);
108 $this->assertInstanceOf(Cookie::class, $cookie);
110 $assertData = $cookie->getData();
113 $this->assertEmpty($assertData);
115 $this->assertNotEmpty($assertData);
117 $this->assertObjectHasAttribute('uid', $assertData);
118 $this->assertEquals($uid, $assertData->uid);
120 $this->assertObjectNotHasAttribute('uid', $assertData);
123 $this->assertObjectHasAttribute('hash', $assertData);
124 $this->assertEquals($hash, $assertData->hash);
126 $this->assertObjectNotHasAttribute('hash', $assertData);
129 $this->assertObjectHasAttribute('ip', $assertData);
130 $this->assertEquals($ip, $assertData->ip);
132 $this->assertObjectNotHasAttribute('ip', $assertData);
137 public function dataCheck()
141 'serverPrivateKey' => 'serverkey',
142 'userPrivateKey' => 'userkey',
143 'password' => 'test',
144 'assertHash' => 'e9b4eb16275a2907b5659d22905b248221d0517dde4a9d5c320b8fe051b1267b',
145 'assertTrue' => true,
148 'serverPrivateKey' => 'serverkey',
149 'userPrivateKey' => '',
152 'assertTrue' => false,
155 'serverPrivateKey' => 'serverkey',
156 'userPrivateKey' => 'bla',
157 'password' => 'nope',
158 'assertHash' => 'real wrong!',
159 'assertTrue' => false,
165 * Test the check() method of the cookie class
167 * @dataProvider dataCheck
169 public function testCheck(string $serverPrivateKey, string $userPrivateKey, string $password, string $assertHash, bool $assertTrue)
171 $this->baseUrl->shouldReceive('getSSLPolicy')->andReturn(true)->once();
172 $this->config->shouldReceive('get')->with('system', 'site_prvkey')->andReturn($serverPrivateKey)->once();
173 $this->config->shouldReceive('get')->with('system', 'auth_cookie_lifetime', Cookie::DEFAULT_EXPIRE)->andReturn('7')->once();
175 $cookie = new Cookie($this->config, $this->baseUrl);
176 $this->assertInstanceOf(Cookie::class, $cookie);
178 $this->assertEquals($assertTrue, $cookie->check($assertHash, $password, $userPrivateKey));
181 public function dataSet()
188 'privateKey' => '124',
189 'assertHash' => 'b657a15cfe7ed1f7289c9aa51af14a9a26c966f4ddd74e495fba103d8e872a39',
190 'remoteIp' => '0.0.0.0',
194 'withServerArray' => [
198 'privateKey' => '124',
199 'assertHash' => 'b657a15cfe7ed1f7289c9aa51af14a9a26c966f4ddd74e495fba103d8e872a39',
200 'remoteIp' => '1.2.3.4',
201 'serverArray' => ['REMOTE_ADDR' => '1.2.3.4',],
208 'privateKey' => '124',
209 'assertHash' => 'b657a15cfe7ed1f7289c9aa51af14a9a26c966f4ddd74e495fba103d8e872a39',
210 'remoteIp' => '1.2.3.4',
211 'serverArray' => ['REMOTE_ADDR' => '1.2.3.4',],
218 'privateKey' => '124',
219 'assertHash' => 'b657a15cfe7ed1f7289c9aa51af14a9a26c966f4ddd74e495fba103d8e872a39',
220 'remoteIp' => '1.2.3.4',
221 'serverArray' => ['REMOTE_ADDR' => '1.2.3.4',],
222 'lifetime' => 2 * 24 * 60 * 60,
227 public function assertCookie($uid, $hash, $remoteIp, $lifetime)
229 $this->assertArrayHasKey(Cookie::NAME, StaticCookie::$_COOKIE);
231 $data = json_decode(StaticCookie::$_COOKIE[Cookie::NAME]);
233 $this->assertObjectHasAttribute('uid', $data);
234 $this->assertEquals($uid, $data->uid);
235 $this->assertObjectHasAttribute('hash', $data);
236 $this->assertEquals($hash, $data->hash);
237 $this->assertObjectHasAttribute('ip', $data);
238 $this->assertEquals($remoteIp, $data->ip);
240 if (isset($lifetime) && $lifetime !== 0) {
241 $this->assertLessThanOrEqual(time() + $lifetime, StaticCookie::$_EXPIRE);
243 $this->assertLessThanOrEqual(time() + Cookie::DEFAULT_EXPIRE * 24 * 60 * 60, StaticCookie::$_EXPIRE);
248 * Test the set() method of the cookie class
250 * @dataProvider dataSet
252 public function testSet($serverKey, $uid, $password, $privateKey, $assertHash, $remoteIp, $serverArray, $lifetime)
254 $this->baseUrl->shouldReceive('getSSLPolicy')->andReturn(true)->once();
255 $this->config->shouldReceive('get')->with('system', 'site_prvkey')->andReturn($serverKey)->once();
256 $this->config->shouldReceive('get')->with('system', 'auth_cookie_lifetime', Cookie::DEFAULT_EXPIRE)->andReturn(Cookie::DEFAULT_EXPIRE)->once();
258 $cookie = new StaticCookie($this->config, $this->baseUrl, $serverArray);
259 $this->assertInstanceOf(Cookie::class, $cookie);
261 $cookie->set($uid, $password, $privateKey, $lifetime);
263 $this->assertCookie($uid, $assertHash, $remoteIp, $lifetime);
267 * Test two different set() of the cookie class (first set is invalid)
269 * @dataProvider dataSet
271 public function testDoubleSet($serverKey, $uid, $password, $privateKey, $assertHash, $remoteIp, $serverArray, $lifetime)
273 $this->baseUrl->shouldReceive('getSSLPolicy')->andReturn(true)->once();
274 $this->config->shouldReceive('get')->with('system', 'site_prvkey')->andReturn($serverKey)->once();
275 $this->config->shouldReceive('get')->with('system', 'auth_cookie_lifetime', Cookie::DEFAULT_EXPIRE)->andReturn(Cookie::DEFAULT_EXPIRE)->once();
277 $cookie = new StaticCookie($this->config, $this->baseUrl, $serverArray);
278 $this->assertInstanceOf(Cookie::class, $cookie);
280 // Invalid set, should get overwritten
281 $cookie->set(-1, 'invalid', 'nothing', -234);
283 $cookie->set($uid, $password, $privateKey, $lifetime);
285 $this->assertCookie($uid, $assertHash, $remoteIp, $lifetime);
289 * Test the clear() method of the cookie class
291 public function testClear()
293 StaticCookie::$_COOKIE = [
294 Cookie::NAME => 'test'
297 $this->baseUrl->shouldReceive('getSSLPolicy')->andReturn(true)->once();
298 $this->config->shouldReceive('get')->with('system', 'site_prvkey')->andReturn(24)->once();
299 $this->config->shouldReceive('get')->with('system', 'auth_cookie_lifetime', Cookie::DEFAULT_EXPIRE)->andReturn(Cookie::DEFAULT_EXPIRE)->once();
301 $cookie = new StaticCookie($this->config, $this->baseUrl);
302 $this->assertInstanceOf(Cookie::class, $cookie);
304 $this->assertEquals('test', StaticCookie::$_COOKIE[Cookie::NAME]);
305 $this->assertEquals(null, StaticCookie::$_EXPIRE);
309 $this->assertEmpty(StaticCookie::$_COOKIE[Cookie::NAME]);
310 $this->assertEquals(-3600, StaticCookie::$_EXPIRE);