[Security] added test extra for digest authentication

symfony · Nov 15, 2012 · 80f6992 · 80f6992
1 parent d66b03c
commit 80f6992
Showing 1 changed file with 47 additions and 0 deletions.
diff --git a/tests/Symfony/Tests/Component/Security/Http/Firewall/DigestDataTest.php b/tests/Symfony/Tests/Component/Security/Http/Firewall/DigestDataTest.php
@@ -51,6 +51,42 @@ public function testGetUsernameWithQuote()
         $this->assertEquals('\"user\"', $digestAuth->getUsername());
     }
 
+    public function testGetUsernameWithQuoteAndEscape()
+    {
+        $digestAuth = new DigestData(
+            'username="\"u\\\\\"ser\"", realm="Welcome, robot!", ' .
+            'nonce="MTM0NzMyMTgyMy42NzkzOmRlZjM4NmIzOGNjMjE0OWJiNDU0MDAxNzJmYmM1MmZl", ' .
+            'uri="/path/info?p1=5&p2=5", cnonce="MDIwODkz", nc=00000001, qop="auth", ' .
+            'response="b52938fc9e6d7c01be7702ece9031b42"'
+        );
+
+        $this->assertEquals('\"u\\\\\"ser\"', $digestAuth->getUsername());
+    }
+
+    public function testGetUsernameWithSingleQuote()
+    {
+        $digestAuth = new DigestData(
+            'username="\"u\'ser\"", realm="Welcome, robot!", ' .
+            'nonce="MTM0NzMyMTgyMy42NzkzOmRlZjM4NmIzOGNjMjE0OWJiNDU0MDAxNzJmYmM1MmZl", ' .
+            'uri="/path/info?p1=5&p2=5", cnonce="MDIwODkz", nc=00000001, qop="auth", ' .
+            'response="b52938fc9e6d7c01be7702ece9031b42"'
+        );
+
+        $this->assertEquals('\"u\'ser\"', $digestAuth->getUsername());
+    }
+
+    public function testGetUsernameWithEscape()
+    {
+        $digestAuth = new DigestData(
+            'username="\"u\\ser\"", realm="Welcome, robot!", ' .
+            'nonce="MTM0NzMyMTgyMy42NzkzOmRlZjM4NmIzOGNjMjE0OWJiNDU0MDAxNzJmYmM1MmZl", ' .
+            'uri="/path/info?p1=5&p2=5", cnonce="MDIwODkz", nc=00000001, qop="auth", ' .
+            'response="b52938fc9e6d7c01be7702ece9031b42"'
+        );
+
+        $this->assertEquals('\"u\\ser\"', $digestAuth->getUsername());
+    }
+
     public function testValidateAndDecode()
     {
         $time = microtime(true);
@@ -80,6 +116,17 @@ public function testCalculateServerDigestWithQuote()
         $this->calculateServerDigest('\"user\"', 'Welcome, \"robot\"!', 'pass,word=password', 'ThisIsAKey', '00000001', 'MDIwODkz', 'auth', 'GET', '/path/info?p1=5&p2=5');
     }
 
+    public function testCalculateServerDigestWithQuoteAndEscape()
+    {
+        $this->calculateServerDigest('\"u\\\\\"ser\"', 'Welcome, \"robot\"!', 'pass,word=password', 'ThisIsAKey', '00000001', 'MDIwODkz', 'auth', 'GET', '/path/info?p1=5&p2=5');
+    }
+
+    public function testCalculateServerDigestEscape()
+    {
+        $this->calculateServerDigest('\"u\\ser\"', 'Welcome, \"robot\"!', 'pass,word=password', 'ThisIsAKey', '00000001', 'MDIwODkz', 'auth', 'GET', '/path/info?p1=5&p2=5');
+        $this->calculateServerDigest('\"u\\ser\\\\\"', 'Welcome, \"robot\"!', 'pass,word=password', 'ThisIsAKey', '00000001', 'MDIwODkz', 'auth', 'GET', '/path/info?p1=5&p2=5');
+    }
+
     public function testIsNonceExpired()
     {
         $time = microtime(true) + 10;