123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899 |
- <?php
- namespace fphammerle\yii2\auth\clientcert\tests;
- use \fphammerle\yii2\auth\clientcert\Authenticator;
- use \fphammerle\yii2\auth\clientcert\Subject;
- use \fphammerle\yii2\auth\clientcert\migrations;
- class AuthenticatorTest extends TestCase
- {
- protected $alice;
- protected $bob;
- protected function setUp()
- {
- $this->mockApplication();
- ob_start();
- (new migrations\CreateSubjectTable)->up();
- ob_end_clean();
- $this->alice = new models\User('alice');
- $this->bob = new models\User('bob');
- $this->assertTrue($this->alice->save());
- $this->assertTrue($this->bob->save());
- (new Subject($this->alice, 'CN=Alice,C=AT'))->save();
- (new Subject($this->alice, 'CN=Alice,O=Office,C=AT'))->save();
- (new Subject($this->bob, 'CN=Bob,C=AT'))->save();
- $this->assertNull(self::getIdentity());
- }
- public static function getIdentity()
- {
- return \Yii::$app->user->getIdentity();
- }
- public function testLoginByDN()
- {
- $a = new Authenticator;
- $this->assertNull(self::getIdentity());
- $u = $a->loginByDistinguishedName('CN=Alice,C=AT');
- $this->assertEquals($this->alice->id, $u->id);
- $this->assertEquals($this->alice->id, self::getIdentity()->id);
- $u = $a->loginByDistinguishedName('CN=Alice,O=Secret,C=AT');
- $this->assertNull($u);
- $this->assertEquals($this->alice->id, self::getIdentity()->id);
- $u = $a->loginByDistinguishedName('CN=Bob,C=AT');
- $this->assertEquals($this->bob->id, $u->id);
- $this->assertEquals($this->bob->id, self::getIdentity()->id);
- $u = $a->loginByDistinguishedName('');
- $this->assertNull($u);
- $this->assertEquals($this->bob->id, self::getIdentity()->id);
- $u = $a->loginByDistinguishedName(NULL);
- $this->assertNull($u);
- $this->assertEquals($this->bob->id, self::getIdentity()->id);
- }
- /**
- * @dataProvider loginByClientCertProvider
- */
- public function testLoginByClientCert($request_params, $username)
- {
- $_SERVER = $request_params;
- $a = new Authenticator;
- $this->assertNull(self::getIdentity());
- $u = $a->loginByClientCertficiate();
- if($username) {
- $this->assertEquals($username, self::getIdentity()->username);
- $this->assertEquals($username, $u->username);
- } else {
- $this->assertNull($u);
- $this->assertNull(self::getIdentity());
- }
- }
- public function loginByClientCertProvider()
- {
- return [
- [[], null],
- [['SSL_CLIENT_S_DN' => 'CN=Alice,C=AT'], null],
- [['SSL_CLIENT_VERIFY' => 'FAILED', 'SSL_CLIENT_S_DN' => 'CN=Alice,C=AT'], null],
- [['SSL_CLIENT_VERIFY' => 'NONE', 'SSL_CLIENT_S_DN' => 'CN=Alice,C=AT'], null],
- [['SSL_CLIENT_VERIFY' => 'SUCCESS', 'SSL_CLIENT_S_DN' => null], null],
- [['SSL_CLIENT_VERIFY' => 'SUCCESS', 'SSL_CLIENT_S_DN' => ''], null],
- [['SSL_CLIENT_VERIFY' => 'SUCCESS', 'SSL_CLIENT_S_DN' => 'CN=Alice,C=AT'], 'alice'],
- [['SSL_CLIENT_VERIFY' => 'SUCCESS', 'SSL_CLIENT_S_DN' => 'CN=Alice,O=Office,C=AT'], 'alice'],
- [['SSL_CLIENT_VERIFY' => 'SUCCESS', 'SSL_CLIENT_S_DN' => 'CN=Bob,C=AT'], 'bob'],
- ];
- }
- }
|