adds tests for the rsa-sha1 method and files needed for the tests

Tests: * testRsaSigning * testRsaSigningWithPassphraseString * testRsaSigningWithPassphraseFile Files: * key.pem (private key without passphrase) * key_with_passphrase.pem (private key with passphrase) * key_passphrase_(crlf) (passphrase file with cr, crlf and lf line ending
cakephp · May 26, 2016 · 37d0dcb · 37d0dcb
1 parent 8071574
commit 37d0dcb
Show file tree

Hide file tree

Showing 6 changed files with 153 additions and 0 deletions.
diff --git a/tests/TestCase/Network/Http/Auth/OauthTest.php b/tests/TestCase/Network/Http/Auth/OauthTest.php
@@ -213,4 +213,120 @@ public function testHmacSigning()
             urldecode($result)
         );
     }
+
+    /**
+     * Test RSA-SHA1 signing
+     *
+     * Hash result + parameters taken from
+     * http://wiki.oauth.net/w/page/12238556/TestCases
+     *
+     * @return void
+     */
+    public function testRsaSigning() {
+        $request = new Request();
+        $request->url('http://photos.example.net/photos')
+            ->body([
+                       'file' => 'vacaction.jpg',
+                       'size' => 'original'
+                   ]);
+        $private_key_path = TEST_APP . DS . 'config' . DS . 'key.pem';
+
+        $options = [
+            'method' => 'RSA-SHA1',
+            'consumerKey' => 'dpf43f3p2l4k3l03',
+            'nonce' => '13917289812797014437',
+            'timestamp' => '1196666512',
+            'private_key_file' => $private_key_path,
+        ];
+        $auth = new Oauth();
+        $auth->authentication($request, $options);
+
+        $result = $request->header('Authorization');
+        $expected = 'jvTp/wX1TYtByB1m+Pbyo0lnCOLIsyGCH7wke8AUs3BpnwZJtAuEJkvQL2/9n4s5wUmUl4aCI4BwpraNx4RtEXMe5qg5T1LVTGliMRpKasKsW//e+RinhejgCuzoH26dyF8iY2ZZ/5D1ilgeijhV/vBka5twt399mXwaYdCwFYE=';
+        $this->assertContains(
+            'oauth_signature="' . $expected . '"',
+            urldecode($result)
+        );
+    }
+
+    /**
+     * Test RSA-SHA1 signing with passphrase string
+     *
+     * Hash result + parameters taken from
+     * http://wiki.oauth.net/w/page/12238556/TestCases
+     *
+     * @return void
+     */
+    public function testRsaSigningWithPassphraseString() {
+        $request = new Request();
+        $request->url('http://photos.example.net/photos')
+            ->body([
+                       'file' => 'vacaction.jpg',
+                       'size' => 'original'
+                   ]);
+        $private_key_path = TEST_APP . DS . 'config' . DS . 'key_with_passphrase.pem';
+        $passphrase = 'fancy-cakephp-passphrase';
+
+        $options = [
+            'method' => 'RSA-SHA1',
+            'consumerKey' => 'dpf43f3p2l4k3l03',
+            'nonce' => '13917289812797014437',
+            'timestamp' => '1196666512',
+            'private_key_file' => $private_key_path,
+            'private_key_passphrase' => $passphrase,
+        ];
+        $auth = new Oauth();
+        $auth->authentication($request, $options);
+
+        $result = $request->header('Authorization');
+        $expected = 'jvTp/wX1TYtByB1m+Pbyo0lnCOLIsyGCH7wke8AUs3BpnwZJtAuEJkvQL2/9n4s5wUmUl4aCI4BwpraNx4RtEXMe5qg5T1LVTGliMRpKasKsW//e+RinhejgCuzoH26dyF8iY2ZZ/5D1ilgeijhV/vBka5twt399mXwaYdCwFYE=';
+        $this->assertContains(
+            'oauth_signature="' . $expected . '"',
+            urldecode($result)
+        );
+    }
+
+    /**
+     * Test RSA-SHA1 signing with passphrase file
+     *
+     * Hash result + parameters taken from
+     * http://wiki.oauth.net/w/page/12238556/TestCases
+     *
+     * @return void
+     */
+    public function testRsaSigningWithPassphraseFile() {
+        $request = new Request();
+        $request->url('http://photos.example.net/photos')
+            ->body([
+                       'file' => 'vacaction.jpg',
+                       'size' => 'original'
+                   ]);
+        $private_key_path = TEST_APP . DS . 'config' . DS . 'key_with_passphrase.pem';
+
+        if(PHP_EOL == "\n") $passphrase_path = TEST_APP . DS . 'config' . DS . 'key_passphrase_lf';
+        else if(PHP_EOL == "\r\n") $passphrase_path = TEST_APP . DS . 'config' . DS . 'key_passphrase_crlf';
+        else if(PHP_EOL == "\r") $passphrase_path = TEST_APP . DS . 'config' . DS . 'key_passphrase_cr';
+        else { $this->markTestSkipped('The file for the key passphrase could not be loaded as PHP_EOL could not be recognized.'); return; }
+        $passphrase = fopen($passphrase_path, 'r');
+
+        $options = [
+            'method' => 'RSA-SHA1',
+            'consumerKey' => 'dpf43f3p2l4k3l03',
+            'nonce' => '13917289812797014437',
+            'timestamp' => '1196666512',
+            'private_key_file' => $private_key_path,
+            'private_key_passphrase' => $passphrase,
+        ];
+        $auth = new Oauth();
+        $auth->authentication($request, $options);
+
+        $result = $request->header('Authorization');
+        $expected = 'jvTp/wX1TYtByB1m+Pbyo0lnCOLIsyGCH7wke8AUs3BpnwZJtAuEJkvQL2/9n4s5wUmUl4aCI4BwpraNx4RtEXMe5qg5T1LVTGliMRpKasKsW//e+RinhejgCuzoH26dyF8iY2ZZ/5D1ilgeijhV/vBka5twt399mXwaYdCwFYE=';
+        $this->assertContains(
+            'oauth_signature="' . $expected . '"',
+            urldecode($result)
+        );
+        $expected = 0;
+        $this->assertEquals($expected, ftell($passphrase));
+    }
 }
diff --git a/tests/test_app/config/key.pem b/tests/test_app/config/key.pem
@@ -0,0 +1,16 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBALRiMLAh9iimur8V
+A7qVvdqxevEuUkW4K+2KdMXmnQbG9Aa7k7eBjK1S+0LYmVjPKlJGNXHDGuy5Fw/d
+7rjVJ0BLB+ubPK8iA/Tw3hLQgXMRRGRXXCn8ikfuQfjUS1uZSatdLB81mydBETlJ
+hI6GH4twrbDJCR2Bwy/XWXgqgGRzAgMBAAECgYBYWVtleUzavkbrPjy0T5FMou8H
+X9u2AC2ry8vD/l7cqedtwMPp9k7TubgNFo+NGvKsl2ynyprOZR1xjQ7WgrgVB+mm
+uScOM/5HVceFuGRDhYTCObE+y1kxRloNYXnx3ei1zbeYLPCHdhxRYW7T0qcynNmw
+rn05/KO2RLjgQNalsQJBANeA3Q4Nugqy4QBUCEC09SqylT2K9FrrItqL2QKc9v0Z
+zO2uwllCbg0dwpVuYPYXYvikNHHg+aCWF+VXsb9rpPsCQQDWR9TT4ORdzoj+Nccn
+qkMsDmzt0EfNaAOwHOmVJ2RVBspPcxt5iN4HI7HNeG6U5YsFBb+/GZbgfBT3kpNG
+WPTpAkBI+gFhjfJvRw38n3g/+UeAkwMI2TJQS4n8+hid0uus3/zOjDySH3XHCUno
+cn1xOJAyZODBo47E+67R4jV1/gzbAkEAklJaspRPXP877NssM5nAZMU0/O/NGCZ+
+3jPgDUno6WbJn5cqm8MqWhW1xGkImgRk+fkDBquiq4gPiT898jusgQJAd5Zrr6Q8
+AO/0isr/3aa6O6NLQxISLKcPDk2NOccAfS/xOtfOz4sJYM3+Bs4Io9+dZGSDCA54
+Lw03eHTNQghS0A==
+-----END RSA PRIVATE KEY-----
diff --git a/tests/test_app/config/key_passphrase_cr b/tests/test_app/config/key_passphrase_cr
@@ -0,0 +1 @@
+fancy-cakephp-passphrase
diff --git a/tests/test_app/config/key_passphrase_crlf b/tests/test_app/config/key_passphrase_crlf
@@ -0,0 +1 @@
+fancy-cakephp-passphrase
diff --git a/tests/test_app/config/key_passphrase_lf b/tests/test_app/config/key_passphrase_lf
@@ -0,0 +1 @@
+fancy-cakephp-passphrase
diff --git a/tests/test_app/config/key_with_passphrase.pem b/tests/test_app/config/key_with_passphrase.pem
@@ -0,0 +1,18 @@
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-CBC,E65DB7AE7A05EF23
+
+QCXAQ/Uj1+7uQp0MyDUPlKvW/28PhbT4GxflBYmU6SxKZ2CVFPk0M8RgB6gkJyVv
+mwjo1Ch2Tlt7/VrNfLWGIh1XPhsC3gatv8Wv+g0keWWifaHlhXulgMGREJ7QeJg0
+5THvdFuIs2qQnOzPCAwONjM6yMxPb2qxvwq0UKAL5V/CYVFWS6PYdR25f9ogXxBz
+c3QjvvnhQ7ipNjpjVp/XKYMYnZPCYkNYvRX+BcsWlqYtclO3m+xPG+mPAFs9hnBI
+wHI4yC2fl52giRc7XnSl7NNjun6RpHT/Cn7JDH6ql86pgMO0dw6PDzPf0KY9DCrR
+ldQyzQ8WjN3FU55+En+8zmSnxUu7EbdqZwhVEF+UwfJ7IqJUnHll0aDTUA/qq0dk
+DqtMKIXvRnDVZJqKxHyRvARf8Zp8USsq3cVdlA9PhtcKrs4CbTDL0lJ3eWj1bDS1
+kIHXYo19lBqcS1oX+6TqvEs69oW/aG8UZIONN0Xh5TbxuJMedXD1dexV9oOA9lGR
+cS6Ye0wC7fCdnA6jfAmHFJ5t2qk7FOzcFZwap7m+EWn11z+72GVqz3BDSe5qH2m2
+XOHl59rVtJsZFtjyQEV34IFYyb2qBHHqUUdKwIwT1JOZIq+IdTJxaieIb1mnlmDw
+DDf4Kwr0C9tti1R1IsPaAmjF7eH0PGbDGAB3fJSCXbHf7EXTz1AUdknd2MHXQ7wO
+UBABkD2ETB+EotdHTly5FQt0jwbHfF2najBmezxtEjIygCnDb02Rtuei4HTansBu
+shqoyFXJvizZzje7HaTQv/eJTuA6rUOzu/sAv/eBx2YAPkA8oa3qUw==
+-----END RSA PRIVATE KEY-----