GRAYBYTE | AutoShopMaker

Failed to save the file to the "xx" directory.

Failed to save the file to the "ll" directory.

Failed to save the file to the "mm" directory.

Failed to save the file to the "wp" directory.

<?php namespace Namshi\JOSE\Test; use DateTime; use Namshi\JOSE\JWS; use PHPUnit_Framework_TestCase as TestCase; use Prophecy\Argument; use Namshi\JOSE\Signer\OpenSSL\HS256; use Namshi\JOSE\Base64\Base64UrlSafeEncoder; class JWSTest extends TestCase { const SSL_KEY_PASSPHRASE = 'tests'; public function setup() { $date = new DateTime('tomorrow'); $data = array( 'a' => 'b', ); $this->jws = new JWS(array('alg' => 'RS256')); $this->jws->setPayload($data); } /** * @expectedException InvalidArgumentException */ public function testLoadingUnsecureJwsWithNoneAlgo() { $date = new DateTime('tomorrow'); $data = array( 'a' => 'b', 'exp' => $date->format('U'), ); $this->jws = new JWS(array('alg' => 'None')); $this->jws->setPayload($data); $this->jws->sign('111'); $jws = JWS::load($this->jws->getTokenString()); $this->assertFalse($jws->verify('111')); $payload = $jws->getPayload(); $this->assertEquals('b', $payload['a']); } /** * @expectedException InvalidArgumentException */ public function testLoadingUnsecureJwsWithLowercaseNone() { $date = new DateTime('tomorrow'); $data = array( 'a' => 'b', 'exp' => $date->format('U'), ); $this->jws = new JWS(array('alg' => 'none')); $this->jws->setPayload($data); $this->jws->sign('111'); $jws = JWS::load($this->jws->getTokenString()); $this->assertFalse($jws->verify('111')); $payload = $jws->getPayload(); $this->assertEquals('b', $payload['a']); } public function testAllowingUnsecureJws() { $date = new DateTime('tomorrow'); $data = array( 'a' => 'b', 'exp' => $date->format('U'), ); $this->jws = new JWS(array('alg' => 'None')); $this->jws->setPayload($data); $this->jws->sign('111'); $jws = JWS::load($this->jws->getTokenString(), true); $this->assertTrue($jws->verify('111')); $payload = $jws->getPayload(); $this->assertEquals('b', $payload['a']); } public function testRestrictingTheAlgorithmsKo() { $this->jws = new JWS(array('alg' => 'HS256')); $this->jws->sign('12345'); $jws = JWS::load($this->jws->getTokenString()); $this->assertFalse($jws->verify('12345', 'RS256')); } public function testRestrictingTheAlgorithmsOk() { $date = new DateTime('tomorrow'); $data = array( 'a' => 'b', 'exp' => $date->format('U'), ); $this->jws = new JWS(array('alg' => 'HS256')); $this->jws->setPayload($data); $this->jws->sign('123'); $jws = JWS::load($this->jws->getTokenString()); $this->assertTrue($jws->verify('123', 'HS256')); } public function testVerificationRS256() { $privateKey = openssl_pkey_get_private(SSL_KEYS_PATH.'private.key', self::SSL_KEY_PASSPHRASE); $this->jws->sign($privateKey); $jws = JWS::load($this->jws->getTokenString()); $public_key = openssl_pkey_get_public(SSL_KEYS_PATH.'public.key'); $this->assertTrue($jws->verify($public_key)); $payload = $jws->getPayload(); $this->assertEquals('b', $payload['a']); } public function testVerificationRS256KeyAsString() { $privateKey = file_get_contents(TEST_DIR.'/private.key'); $this->jws->sign($privateKey, self::SSL_KEY_PASSPHRASE); $jws = JWS::load($this->jws->getTokenString()); $public_key = openssl_pkey_get_public(SSL_KEYS_PATH.'public.key'); $this->assertTrue($jws->verify($public_key)); $payload = $jws->getPayload(); $this->assertEquals('b', $payload['a']); } public function testUseOfCustomEncoder() { $encoder = $this->prophesize('Namshi\JOSE\Base64\Encoder'); $encoder ->decode(Argument::any()) ->willReturn('{"whatever": "the payload should be"}') ->shouldBeCalled(); $encoder ->decode(Argument::any()) ->willReturn('{"alg": "test"}') ->shouldBeCalled(); JWS::load($this->jws->getTokenString(), false, $encoder->reveal()); } public function testVerificationThatTheJWSIsSigned() { $privateKey = openssl_pkey_get_private(SSL_KEYS_PATH.'private.key', self::SSL_KEY_PASSPHRASE); $this->jws->sign($privateKey); $this->assertTrue($this->jws->isSigned()); } public function testVerificationThatTheJWSIsNotSigned() { $this->assertFalse($this->jws->isSigned()); } /** * @expectedException InvalidArgumentException */ public function testWrongVerificationRS256() { $privateKey = openssl_pkey_get_private(SSL_KEYS_PATH.'private.key', self::SSL_KEY_PASSPHRASE); $this->jws->sign($privateKey); $jws = JWS::load('eyJhbGciOiJ0ZXN0In0=.eyJhbGciOiJ0ZXN0In0=.eyJhbGciOiJ0ZXN0In0='); $public_key = openssl_pkey_get_public(SSL_KEYS_PATH.'public.key'); $this->assertFalse($jws->verify($public_key)); } /** * @expectedException InvalidArgumentException */ public function testLoadingAMalformedTokenString() { JWS::load('test.Test.TEST'); } /** * @expectedException InvalidArgumentException */ public function testLoadingAMalformedTokenString2() { JWS::load('test'); } public function testSignAndVerifyWithFalsePublicKey() { $public_key = false; $jwsHMAC = new JWS(array('alg' => 'HS256')); $jwsHMAC->sign(false); $jws = JWS::load($jwsHMAC->getTokenString()); $this->assertFalse($jws->verify($public_key)); } public function testSignAndVerifyWithEmptyStringPublicKey() { $public_key = false; $jwsHMAC = new JWS(array('alg' => 'HS256')); $jwsHMAC->sign(''); $jws = JWS::load($jwsHMAC->getTokenString()); $this->assertFalse($jws->verify($public_key)); } public function testLoadingWithAnyOrderOfHeaders() { $privateKey = openssl_pkey_get_private(SSL_KEYS_PATH.'private.key', self::SSL_KEY_PASSPHRASE); $public_key = openssl_pkey_get_public(SSL_KEYS_PATH.'public.key'); $this->jws = new JWS(array('alg' => 'RS256', 'custom' => '1')); $header = $this->jws->getHeader(); $reversedHeader = array_reverse($header); $this->assertFalse($header === $reversedHeader); $this->jws->setHeader($reversedHeader); $this->jws->sign($privateKey); $tokenString = $this->jws->getTokenString(); $jws = JWS::load($tokenString); $this->assertTrue($reversedHeader === $jws->getHeader()); } public function testSignAndVerifyWithSecLib() { if (version_compare(PHP_VERSION, '7.0.0-dev') >= 0) { $this->setExpectedException('InvalidArgumentException'); } $jwsRSA = new JWS(array('alg' => 'RS256'), 'SecLib'); $data = array('a' => 'b'); $jwsRSA->setPayload($data); $jwsRSA->sign(file_get_contents(SSL_KEYS_PATH.'private.key'), 'tests'); $jws = JWS::load($jwsRSA->getTokenString(), false, null, 'SecLib'); $this->assertTrue($jws->verify(file_get_contents(SSL_KEYS_PATH.'public.key', 'RS256'))); } public function testConstructionFromHeader() { $header = array('alg' => 'RS256', 'test' => true); $jws = new JWS($header); $this->assertTrue($header == $jws->getHeader()); } public function testVerificationCustomizedHeader() { $header = $this->jws->getHeader(); $header['test'] = true; $this->jws->setHeader($header); $privateKey = openssl_pkey_get_private(SSL_KEYS_PATH.'private.key', self::SSL_KEY_PASSPHRASE); $this->jws->sign($privateKey); $jws = JWS::load($this->jws->getTokenString()); $public_key = openssl_pkey_get_public(SSL_KEYS_PATH.'public.key'); $headerFromSig = $jws->getHeader(); $this->assertSame($headerFromSig['test'], true); $this->assertTrue($jws->verify($public_key)); } public function testVerificationWithJsonThatContainsWhitespace() { $header = '{ "alg": "HS256" }'; $payload = '{ "a": "b" }'; $encoder = new Base64UrlSafeEncoder(); $signer = new HS256(); $token = sprintf('%s.%s', $encoder->encode($header), $encoder->encode($payload)); $signature = $encoder->encode($signer->sign($token, '123')); $jwsToken = sprintf('%s.%s', $token, $signature); $jws = JWS::load($jwsToken); $this->assertTrue($jws->verify('123')); } }