Skip to content
Permalink
Browse files

adds three more tests to check the private keys as strings

  • Loading branch information...
TheFRedFox committed May 31, 2016
1 parent 7fbb811 commit 0480883a6475f6875f90cbf3baaf0f4caef1aacc
Showing with 162 additions and 11 deletions.
  1. +162 −11 tests/TestCase/Network/Http/Auth/OauthTest.php
@@ -23,6 +23,42 @@
class OauthTest extends TestCase
{
private $privateKeyString = '-----BEGIN RSA PRIVATE KEY-----
MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBALRiMLAh9iimur8V
A7qVvdqxevEuUkW4K+2KdMXmnQbG9Aa7k7eBjK1S+0LYmVjPKlJGNXHDGuy5Fw/d
7rjVJ0BLB+ubPK8iA/Tw3hLQgXMRRGRXXCn8ikfuQfjUS1uZSatdLB81mydBETlJ
hI6GH4twrbDJCR2Bwy/XWXgqgGRzAgMBAAECgYBYWVtleUzavkbrPjy0T5FMou8H
X9u2AC2ry8vD/l7cqedtwMPp9k7TubgNFo+NGvKsl2ynyprOZR1xjQ7WgrgVB+mm
uScOM/5HVceFuGRDhYTCObE+y1kxRloNYXnx3ei1zbeYLPCHdhxRYW7T0qcynNmw
rn05/KO2RLjgQNalsQJBANeA3Q4Nugqy4QBUCEC09SqylT2K9FrrItqL2QKc9v0Z
zO2uwllCbg0dwpVuYPYXYvikNHHg+aCWF+VXsb9rpPsCQQDWR9TT4ORdzoj+Nccn
qkMsDmzt0EfNaAOwHOmVJ2RVBspPcxt5iN4HI7HNeG6U5YsFBb+/GZbgfBT3kpNG
WPTpAkBI+gFhjfJvRw38n3g/+UeAkwMI2TJQS4n8+hid0uus3/zOjDySH3XHCUno
cn1xOJAyZODBo47E+67R4jV1/gzbAkEAklJaspRPXP877NssM5nAZMU0/O/NGCZ+
3jPgDUno6WbJn5cqm8MqWhW1xGkImgRk+fkDBquiq4gPiT898jusgQJAd5Zrr6Q8
AO/0isr/3aa6O6NLQxISLKcPDk2NOccAfS/xOtfOz4sJYM3+Bs4Io9+dZGSDCA54
Lw03eHTNQghS0A==
-----END RSA PRIVATE KEY-----';
private $privateKeyStringEnc = '-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-CBC,E65DB7AE7A05EF23
QCXAQ/Uj1+7uQp0MyDUPlKvW/28PhbT4GxflBYmU6SxKZ2CVFPk0M8RgB6gkJyVv
mwjo1Ch2Tlt7/VrNfLWGIh1XPhsC3gatv8Wv+g0keWWifaHlhXulgMGREJ7QeJg0
5THvdFuIs2qQnOzPCAwONjM6yMxPb2qxvwq0UKAL5V/CYVFWS6PYdR25f9ogXxBz
c3QjvvnhQ7ipNjpjVp/XKYMYnZPCYkNYvRX+BcsWlqYtclO3m+xPG+mPAFs9hnBI
wHI4yC2fl52giRc7XnSl7NNjun6RpHT/Cn7JDH6ql86pgMO0dw6PDzPf0KY9DCrR
ldQyzQ8WjN3FU55+En+8zmSnxUu7EbdqZwhVEF+UwfJ7IqJUnHll0aDTUA/qq0dk
DqtMKIXvRnDVZJqKxHyRvARf8Zp8USsq3cVdlA9PhtcKrs4CbTDL0lJ3eWj1bDS1
kIHXYo19lBqcS1oX+6TqvEs69oW/aG8UZIONN0Xh5TbxuJMedXD1dexV9oOA9lGR
cS6Ye0wC7fCdnA6jfAmHFJ5t2qk7FOzcFZwap7m+EWn11z+72GVqz3BDSe5qH2m2
XOHl59rVtJsZFtjyQEV34IFYyb2qBHHqUUdKwIwT1JOZIq+IdTJxaieIb1mnlmDw
DDf4Kwr0C9tti1R1IsPaAmjF7eH0PGbDGAB3fJSCXbHf7EXTz1AUdknd2MHXQ7wO
UBABkD2ETB+EotdHTly5FQt0jwbHfF2najBmezxtEjIygCnDb02Rtuei4HTansBu
shqoyFXJvizZzje7HaTQv/eJTuA6rUOzu/sAv/eBx2YAPkA8oa3qUw==
-----END RSA PRIVATE KEY-----';
/**
* @expectedException \Cake\Core\Exception\Exception
*/
@@ -215,29 +251,29 @@ public function testHmacSigning()
}
/**
* Test RSA-SHA1 signing
* Test RSA-SHA1 signing with a private key string
*
* Hash result + parameters taken from
* http://wiki.oauth.net/w/page/12238556/TestCases
*
* @return void
*/
public function testRsaSigning()
public function testRsaSigningString()
{
$request = new Request();
$request->url('http://photos.example.net/photos')
->body([
'file' => 'vacaction.jpg',
'size' => 'original'
]);
$privateKeyPath = TEST_APP . DS . 'config' . DS . 'key.pem';
$privateKey = $this->privateKeyString;
$options = [
'method' => 'RSA-SHA1',
'consumerKey' => 'dpf43f3p2l4k3l03',
'nonce' => '13917289812797014437',
'timestamp' => '1196666512',
'privateKeyFile' => $privateKeyPath
'privateKey' => $privateKey
];
$auth = new Oauth();
$auth->authentication($request, $options);
@@ -251,7 +287,43 @@ public function testRsaSigning()
}
/**
* Test RSA-SHA1 signing with passphrase string
* Test RSA-SHA1 signing with a private key file
*
* Hash result + parameters taken from
* http://wiki.oauth.net/w/page/12238556/TestCases
*
* @return void
*/
public function testRsaSigningFile()
{
$request = new Request();
$request->url('http://photos.example.net/photos')
->body([
'file' => 'vacaction.jpg',
'size' => 'original'
]);
$privateKey = fopen(TEST_APP . DS . 'config' . DS . 'key.pem', 'r');
$options = [
'method' => 'RSA-SHA1',
'consumerKey' => 'dpf43f3p2l4k3l03',
'nonce' => '13917289812797014437',
'timestamp' => '1196666512',
'privateKey' => $privateKey
];
$auth = new Oauth();
$auth->authentication($request, $options);
$result = $request->header('Authorization');
$expected = 'jvTp/wX1TYtByB1m+Pbyo0lnCOLIsyGCH7wke8AUs3BpnwZJtAuEJkvQL2/9n4s5wUmUl4aCI4BwpraNx4RtEXMe5qg5T1LVTGliMRpKasKsW//e+RinhejgCuzoH26dyF8iY2ZZ/5D1ilgeijhV/vBka5twt399mXwaYdCwFYE=';
$this->assertContains(
'oauth_signature="' . $expected . '"',
urldecode($result)
);
}
/**
* Test RSA-SHA1 signing with a private key file passphrase string
*
* Hash result + parameters taken from
* http://wiki.oauth.net/w/page/12238556/TestCases
@@ -266,15 +338,53 @@ public function testRsaSigningWithPassphraseString()
'file' => 'vacaction.jpg',
'size' => 'original'
]);
$privateKeyPath = TEST_APP . DS . 'config' . DS . 'key_with_passphrase.pem';
$privateKey = fopen(TEST_APP . DS . 'config' . DS . 'key_with_passphrase.pem', 'r');
$passphrase = 'fancy-cakephp-passphrase';
$options = [
'method' => 'RSA-SHA1',
'consumerKey' => 'dpf43f3p2l4k3l03',
'nonce' => '13917289812797014437',
'timestamp' => '1196666512',
'privateKey' => $privateKey,
'privateKeyPassphrase' => $passphrase,
];
$auth = new Oauth();
$auth->authentication($request, $options);
$result = $request->header('Authorization');
$expected = 'jvTp/wX1TYtByB1m+Pbyo0lnCOLIsyGCH7wke8AUs3BpnwZJtAuEJkvQL2/9n4s5wUmUl4aCI4BwpraNx4RtEXMe5qg5T1LVTGliMRpKasKsW//e+RinhejgCuzoH26dyF8iY2ZZ/5D1ilgeijhV/vBka5twt399mXwaYdCwFYE=';
$this->assertContains(
'oauth_signature="' . $expected . '"',
urldecode($result)
);
}
/**
* Test RSA-SHA1 signing with a private key string and passphrase string
*
* Hash result + parameters taken from
* http://wiki.oauth.net/w/page/12238556/TestCases
*
* @return void
*/
public function testRsaSigningStringWithPassphraseString()
{
$request = new Request();
$request->url('http://photos.example.net/photos')
->body([
'file' => 'vacaction.jpg',
'size' => 'original'
]);
$privateKey = $this->privateKeyStringEnc;
$passphrase = 'fancy-cakephp-passphrase';
$options = [
'method' => 'RSA-SHA1',
'consumerKey' => 'dpf43f3p2l4k3l03',
'nonce' => '13917289812797014437',
'timestamp' => '1196666512',
'privateKeyFile' => $privateKeyPath,
'privateKey' => $privateKey,
'privateKeyPassphrase' => $passphrase,
];
$auth = new Oauth();
@@ -306,16 +416,57 @@ public function testRsaSigningWithPassphraseFile()
'file' => 'vacaction.jpg',
'size' => 'original'
]);
$privateKeyPath = TEST_APP . DS . 'config' . DS . 'key_with_passphrase.pem';
$passphrasePath = TEST_APP . DS . 'config' . DS . 'key_passphrase_lf';
$passphrase = fopen($passphrasePath, 'r');
$privateKey = fopen(TEST_APP . DS . 'config' . DS . 'key_with_passphrase.pem', 'r');
$passphrase = fopen(TEST_APP . DS . 'config' . DS . 'key_passphrase_lf', 'r');
$options = [
'method' => 'RSA-SHA1',
'consumerKey' => 'dpf43f3p2l4k3l03',
'nonce' => '13917289812797014437',
'timestamp' => '1196666512',
'privateKey' => $privateKey,
'privateKeyPassphrase' => $passphrase,
];
$auth = new Oauth();
$auth->authentication($request, $options);
$result = $request->header('Authorization');
$expected = 'jvTp/wX1TYtByB1m+Pbyo0lnCOLIsyGCH7wke8AUs3BpnwZJtAuEJkvQL2/9n4s5wUmUl4aCI4BwpraNx4RtEXMe5qg5T1LVTGliMRpKasKsW//e+RinhejgCuzoH26dyF8iY2ZZ/5D1ilgeijhV/vBka5twt399mXwaYdCwFYE=';
$this->assertContains(
'oauth_signature="' . $expected . '"',
urldecode($result)
);
$expected = 0;
$this->assertEquals($expected, ftell($passphrase));
}
/**
* Test RSA-SHA1 signing with a private key string and passphrase file
*
* Hash result + parameters taken from
* http://wiki.oauth.net/w/page/12238556/TestCases
*
* @return void
*/
public function testRsaSigningStringWithPassphraseFile()
{
$this->skipIf(PHP_EOL != "\n", 'Just the line ending "\n" is supported. You can run the test again e.g. on a linux system.');
$request = new Request();
$request->url('http://photos.example.net/photos')
->body([
'file' => 'vacaction.jpg',
'size' => 'original'
]);
$privateKey = $this->privateKeyStringEnc;
$passphrase = fopen(TEST_APP . DS . 'config' . DS . 'key_passphrase_lf', 'r');
$options = [
'method' => 'RSA-SHA1',
'consumerKey' => 'dpf43f3p2l4k3l03',
'nonce' => '13917289812797014437',
'timestamp' => '1196666512',
'privateKeyFile' => $privateKeyPath,
'privateKey' => $privateKey,
'privateKeyPassphrase' => $passphrase,
];
$auth = new Oauth();

0 comments on commit 0480883

Please sign in to comment.
You can’t perform that action at this time.