Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 80f6992

Browse files
sstoksstok
committed
[Security] added test extra for digest authentication
1 parent d66b03c commit 80f6992

1 file changed

Lines changed: 47 additions & 0 deletions

File tree

tests/Symfony/Tests/Component/Security/Http/Firewall/DigestDataTest.php

Lines changed: 47 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -51,6 +51,42 @@ public function testGetUsernameWithQuote()
5151
$this->assertEquals('\"user\"', $digestAuth->getUsername());
5252
}
5353

54+
public function testGetUsernameWithQuoteAndEscape()
55+
{
56+
$digestAuth = new DigestData(
57+
'username="\"u\\\\\"ser\"", realm="Welcome, robot!", ' .
58+
'nonce="MTM0NzMyMTgyMy42NzkzOmRlZjM4NmIzOGNjMjE0OWJiNDU0MDAxNzJmYmM1MmZl", ' .
59+
'uri="/path/info?p1=5&p2=5", cnonce="MDIwODkz", nc=00000001, qop="auth", ' .
60+
'response="b52938fc9e6d7c01be7702ece9031b42"'
61+
);
62+
63+
$this->assertEquals('\"u\\\\\"ser\"', $digestAuth->getUsername());
64+
}
65+
66+
public function testGetUsernameWithSingleQuote()
67+
{
68+
$digestAuth = new DigestData(
69+
'username="\"u\'ser\"", realm="Welcome, robot!", ' .
70+
'nonce="MTM0NzMyMTgyMy42NzkzOmRlZjM4NmIzOGNjMjE0OWJiNDU0MDAxNzJmYmM1MmZl", ' .
71+
'uri="/path/info?p1=5&p2=5", cnonce="MDIwODkz", nc=00000001, qop="auth", ' .
72+
'response="b52938fc9e6d7c01be7702ece9031b42"'
73+
);
74+
75+
$this->assertEquals('\"u\'ser\"', $digestAuth->getUsername());
76+
}
77+
78+
public function testGetUsernameWithEscape()
79+
{
80+
$digestAuth = new DigestData(
81+
'username="\"u\\ser\"", realm="Welcome, robot!", ' .
82+
'nonce="MTM0NzMyMTgyMy42NzkzOmRlZjM4NmIzOGNjMjE0OWJiNDU0MDAxNzJmYmM1MmZl", ' .
83+
'uri="/path/info?p1=5&p2=5", cnonce="MDIwODkz", nc=00000001, qop="auth", ' .
84+
'response="b52938fc9e6d7c01be7702ece9031b42"'
85+
);
86+
87+
$this->assertEquals('\"u\\ser\"', $digestAuth->getUsername());
88+
}
89+
5490
public function testValidateAndDecode()
5591
{
5692
$time = microtime(true);
@@ -80,6 +116,17 @@ public function testCalculateServerDigestWithQuote()
80116
$this->calculateServerDigest('\"user\"', 'Welcome, \"robot\"!', 'pass,word=password', 'ThisIsAKey', '00000001', 'MDIwODkz', 'auth', 'GET', '/path/info?p1=5&p2=5');
81117
}
82118

119+
public function testCalculateServerDigestWithQuoteAndEscape()
120+
{
121+
$this->calculateServerDigest('\"u\\\\\"ser\"', 'Welcome, \"robot\"!', 'pass,word=password', 'ThisIsAKey', '00000001', 'MDIwODkz', 'auth', 'GET', '/path/info?p1=5&p2=5');
122+
}
123+
124+
public function testCalculateServerDigestEscape()
125+
{
126+
$this->calculateServerDigest('\"u\\ser\"', 'Welcome, \"robot\"!', 'pass,word=password', 'ThisIsAKey', '00000001', 'MDIwODkz', 'auth', 'GET', '/path/info?p1=5&p2=5');
127+
$this->calculateServerDigest('\"u\\ser\\\\\"', 'Welcome, \"robot\"!', 'pass,word=password', 'ThisIsAKey', '00000001', 'MDIwODkz', 'auth', 'GET', '/path/info?p1=5&p2=5');
128+
}
129+
83130
public function testIsNonceExpired()
84131
{
85132
$time = microtime(true) + 10;

0 commit comments

Comments
 (0)