AuthenticatorTest.php 4.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117
  1. <?php
  2. namespace fphammerle\yii2\auth\clientcert\tests;
  3. use \fphammerle\yii2\auth\clientcert\Authenticator;
  4. class AuthenticatorTest extends TestCase
  5. {
  6. protected $alice;
  7. protected $bob;
  8. protected function setUp()
  9. {
  10. $this->mockApplication();
  11. $this->createSubjectTable();
  12. $this->alice = $this->createUser('alice');
  13. $this->bob = $this->createUser('bob');
  14. $this->createSubject($this->alice, 'CN=Alice,C=AT');
  15. $this->createSubject($this->alice, 'CN=Alice,O=Office,C=AT');
  16. $this->createSubject($this->bob, 'CN=Bob,C=AT');
  17. $this->assertNull($this->getIdentity());
  18. }
  19. public function testLoginByDN()
  20. {
  21. $a = new Authenticator;
  22. $this->assertNull($this->getIdentity());
  23. $u = $a->loginByDistinguishedName('CN=Alice,C=AT');
  24. $this->assertEquals($this->alice->id, $u->id);
  25. $this->assertEquals($this->alice->id, $this->getIdentity()->id);
  26. $u = $a->loginByDistinguishedName('CN=Alice,O=Secret,C=AT');
  27. $this->assertNull($u);
  28. $this->assertEquals($this->alice->id, $this->getIdentity()->id);
  29. $u = $a->loginByDistinguishedName('CN=Bob,C=AT');
  30. $this->assertEquals($this->bob->id, $u->id);
  31. $this->assertEquals($this->bob->id, $this->getIdentity()->id);
  32. $u = $a->loginByDistinguishedName('');
  33. $this->assertNull($u);
  34. $this->assertEquals($this->bob->id, $this->getIdentity()->id);
  35. $u = $a->loginByDistinguishedName(NULL);
  36. $this->assertNull($u);
  37. $this->assertEquals($this->bob->id, $this->getIdentity()->id);
  38. }
  39. /**
  40. * @dataProvider getClientCertVerifiedProvider
  41. */
  42. public function testGetClientCertVerified($request_params, $client_cert_certified)
  43. {
  44. $a = new Authenticator;
  45. $_SERVER = $request_params;
  46. $this->assertEquals($client_cert_certified, $a->getClientCertVerified());
  47. $this->assertEquals($client_cert_certified, $a->clientCertVerified);
  48. }
  49. public function getClientCertVerifiedProvider()
  50. {
  51. return [
  52. [[], false],
  53. [['SSL_CLIENT_S_DN' => 'CN=Alice,C=AT'], false],
  54. [['SSL_CLIENT_VERIFY' => 'FAILED', 'SSL_CLIENT_S_DN' => 'CN=Alice,C=AT'], false],
  55. [['SSL_CLIENT_VERIFY' => 'NONE', 'SSL_CLIENT_S_DN' => 'CN=Alice,C=AT'], false],
  56. [['SSL_CLIENT_VERIFY' => 'SUCCESS', 'SSL_CLIENT_S_DN' => null], true],
  57. ];
  58. }
  59. public function testGetClientCertSubjectDistinguishedName()
  60. {
  61. $a = new Authenticator;
  62. $_SERVER['SSL_CLIENT_S_DN'] = 'CN=Alice,C=AT';
  63. $this->assertEquals('CN=Alice,C=AT', $a->getClientCertSubjectDistinguishedName());
  64. $this->assertEquals('CN=Alice,C=AT', $a->clientCertSubjectDistinguishedName);
  65. }
  66. /**
  67. * @dataProvider loginByClientCertProvider
  68. */
  69. public function testLoginByClientCert($request_params, $username)
  70. {
  71. $a = new Authenticator;
  72. $this->assertNull($this->getIdentity());
  73. $_SERVER = $request_params;
  74. $u = $a->loginByClientCertficiate();
  75. if($username) {
  76. $this->assertEquals($username, $this->getIdentity()->username);
  77. $this->assertEquals($username, $u->username);
  78. } else {
  79. $this->assertNull($u);
  80. $this->assertNull($this->getIdentity());
  81. }
  82. }
  83. public function loginByClientCertProvider()
  84. {
  85. return [
  86. [[], null],
  87. [['SSL_CLIENT_S_DN' => 'CN=Alice,C=AT'], null],
  88. [['SSL_CLIENT_VERIFY' => 'FAILED', 'SSL_CLIENT_S_DN' => 'CN=Alice,C=AT'], null],
  89. [['SSL_CLIENT_VERIFY' => 'NONE', 'SSL_CLIENT_S_DN' => 'CN=Alice,C=AT'], null],
  90. [['SSL_CLIENT_VERIFY' => 'SUCCESS', 'SSL_CLIENT_S_DN' => null], null],
  91. [['SSL_CLIENT_VERIFY' => 'SUCCESS', 'SSL_CLIENT_S_DN' => ''], null],
  92. [['SSL_CLIENT_VERIFY' => 'SUCCESS', 'SSL_CLIENT_S_DN' => 'CN=Alice,C=AT'], 'alice'],
  93. [['SSL_CLIENT_VERIFY' => 'SUCCESS', 'SSL_CLIENT_S_DN' => 'CN=Alice,O=Office,C=AT'], 'alice'],
  94. [['SSL_CLIENT_VERIFY' => 'SUCCESS', 'SSL_CLIENT_S_DN' => 'CN=Bob,C=AT'], 'bob'],
  95. ];
  96. }
  97. }