-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathComponentSpec.php
134 lines (107 loc) · 3.45 KB
/
ComponentSpec.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
<?php
namespace spec\lajax\httpauth;
use yii\base\Configurable;
use yii\web\Application;
use yii\web\UnauthorizedHttpException;
use PhpSpec\ObjectBehavior;
class ComponentSpec extends ObjectBehavior
{
/**
* @var Application
*/
private $app;
public function let()
{
unset($_SERVER['PHP_AUTH_USER']);
unset($_SERVER['PHP_AUTH_PW']);
$this->app = new Application([
'id' => 'testapp',
'basePath' => __DIR__,
]);
$this->app->request->setIsConsoleRequest(false);
$this->beConstructedWith([
'allowedIps' => [
'127.0.0.1',
'127.0.100.*',
'::1',
'fe80:0:0:0:202:b3ff:fe1e:*',
],
'users' => [
'test' => 'pw123456',
'test_md5' => md5('pw654321'),
],
]);
}
public function it_is_configurable()
{
$this->shouldBeAnInstanceOf(Configurable::class);
}
public function it_accepts_authorized_ipv4_address()
{
$this->setAuthorizedUserIp();
$this->shouldNotThrow(UnauthorizedHttpException::class)
->duringInstantiation();
}
public function it_accepts_authorized_ipv6_address()
{
$this->setUserIp('::1');
$this->shouldNotThrow(UnauthorizedHttpException::class)
->duringInstantiation();
}
public function it_accepts_authorized_ipv4_address_when_ip_is_configured_with_asterisk()
{
$this->setUserIp('127.0.100.100');
$this->shouldNotThrow(UnauthorizedHttpException::class)
->duringInstantiation();
}
public function it_accepts_authorized_ipv6_address_when_ip_is_configured_with_asterisk()
{
$this->setUserIp('fe80:0:0:0:202:b3ff:fe1e:8329');
$this->shouldNotThrow(UnauthorizedHttpException::class)
->duringInstantiation();
}
public function it_accepts_correct_username_and_password_on_unauthorized_ip_address()
{
$this->setUnauthorizedUserIp();
$this->setHttpAuth('test', 'pw123456');
$this->shouldNotThrow(UnauthorizedHttpException::class)
->duringInstantiation();
}
public function it_accepts_correct_username_and_password_on_unauthorized_ip_address_when_password_is_hashed_in_config()
{
$this->setUnauthorizedUserIp();
$this->setHttpAuth('test_md5', 'pw654321');
$this->shouldNotThrow(UnauthorizedHttpException::class)
->duringInstantiation();
}
public function it_throws_an_exception_on_unauthorized_ip_address()
{
$this->setUnauthorizedUserIp();
$this->shouldThrow(UnauthorizedHttpException::class)
->duringInstantiation();
}
public function it_should_not_run_on_console_application()
{
$this->setUnauthorizedUserIp();
$this->app->request->setIsConsoleRequest(true);
$this->shouldNotThrow(UnauthorizedHttpException::class)
->duringInstantiation();
}
private function setUnauthorizedUserIp()
{
$this->setUserIp('1.1.1.1');
}
private function setAuthorizedUserIp()
{
$this->setUserIp('127.0.0.1');
}
private function setUserIp(string $ip)
{
$_SERVER['REMOTE_ADDR'] = $ip;
}
private function setHttpAuth(string $username, string $password)
{
$_SERVER['PHP_AUTH_USER'] = $username;
$_SERVER['PHP_AUTH_PW'] = $password;
}
}