From 396dca92c0c8e9f16c35665e5f4d58761905a3f3 Mon Sep 17 00:00:00 2001 From: kenjis Date: Sun, 12 Nov 2023 10:47:36 +0900 Subject: [PATCH] test: update tests to use SiteURI --- tests/system/API/ResponseTraitTest.php | 15 +-- tests/system/Cache/ResponseCacheTest.php | 4 +- tests/system/CommonFunctionsTest.php | 8 +- tests/system/ControllerTest.php | 4 +- tests/system/Filters/InvalidCharsTest.php | 4 +- .../HTTP/IncomingRequestDetectingTest.php | 3 +- tests/system/HTTP/IncomingRequestTest.php | 7 +- tests/system/Helpers/CookieHelperTest.php | 4 +- tests/system/Pager/PagerTest.php | 7 +- .../system/RESTful/ResourceControllerTest.php | 6 +- .../SecurityCSRFCookieRandomizeTokenTest.php | 5 +- .../SecurityCSRFSessionRandomizeTokenTest.php | 51 +++++------ .../Security/SecurityCSRFSessionTest.php | 43 ++++----- tests/system/Security/SecurityTest.php | 91 +++++-------------- tests/system/Validation/ValidationTest.php | 16 ++-- 15 files changed, 110 insertions(+), 158 deletions(-) diff --git a/tests/system/API/ResponseTraitTest.php b/tests/system/API/ResponseTraitTest.php index c867f1b4a94e..708235e9fbd9 100644 --- a/tests/system/API/ResponseTraitTest.php +++ b/tests/system/API/ResponseTraitTest.php @@ -15,7 +15,7 @@ use CodeIgniter\Format\FormatterInterface; use CodeIgniter\Format\JSONFormatter; use CodeIgniter\Format\XMLFormatter; -use CodeIgniter\HTTP\URI; +use CodeIgniter\HTTP\SiteURI; use CodeIgniter\HTTP\UserAgent; use CodeIgniter\Test\CIUnitTestCase; use CodeIgniter\Test\Mock\MockIncomingRequest; @@ -42,7 +42,7 @@ protected function setUp(): void $this->formatter = new JSONFormatter(); } - protected function makeController(array $userConfig = [], string $uri = 'http://example.com', array $userHeaders = []) + protected function makeController(array $userConfig = [], string $routePath = '', array $userHeaders = []) { $config = new App(); @@ -73,7 +73,7 @@ protected function makeController(array $userConfig = [], string $uri = 'http:// Factories::injectMock('config', 'Cookie', $cookie); if ($this->request === null) { - $this->request = new MockIncomingRequest($config, new URI($uri), null, new UserAgent()); + $this->request = new MockIncomingRequest($config, new SiteURI($config, $routePath), null, new UserAgent()); $this->response = new MockResponse($config); } @@ -115,7 +115,7 @@ public function resetFormatter(): void public function testNoFormatterJSON(): void { $this->formatter = null; - $controller = $this->makeController([], 'http://codeigniter.com', ['Accept' => 'application/json']); + $controller = $this->makeController([], '', ['Accept' => 'application/json']); $this->invoke($controller, 'respondCreated', [['id' => 3], 'A Custom Reason']); @@ -133,7 +133,7 @@ public function testNoFormatterJSON(): void public function testNoFormatter(): void { $this->formatter = null; - $controller = $this->makeController([], 'http://codeigniter.com', ['Accept' => 'application/json']); + $controller = $this->makeController([], '', ['Accept' => 'application/json']); $this->invoke($controller, 'respondCreated', ['A Custom Reason']); @@ -484,8 +484,9 @@ private function tryValidContentType($mimeType, $contentType): void $original = $_SERVER; $_SERVER['CONTENT_TYPE'] = $mimeType; - $this->makeController([], 'http://codeigniter.com', ['Accept' => $mimeType]); + $this->makeController([], '', ['Accept' => $mimeType]); $this->assertSame($mimeType, $this->request->getHeaderLine('Accept'), 'Request header...'); + $this->response->setContentType($contentType); $this->assertSame($contentType, $this->response->getHeaderLine('Content-Type'), 'Response header pre-response...'); @@ -554,7 +555,7 @@ public function testFormatByRequestNegotiateIfFormatIsNotJsonOrXML(): void } Factories::injectMock('config', 'Cookie', $cookie); - $request = new MockIncomingRequest($config, new URI($config->baseURL), null, new UserAgent()); + $request = new MockIncomingRequest($config, new SiteURI($config), null, new UserAgent()); $response = new MockResponse($config); $controller = new class ($request, $response) { diff --git a/tests/system/Cache/ResponseCacheTest.php b/tests/system/Cache/ResponseCacheTest.php index 12eaeb1a2d23..b34cfce95c37 100644 --- a/tests/system/Cache/ResponseCacheTest.php +++ b/tests/system/Cache/ResponseCacheTest.php @@ -15,7 +15,7 @@ use CodeIgniter\HTTP\IncomingRequest; use CodeIgniter\HTTP\Response; use CodeIgniter\HTTP\ResponseInterface; -use CodeIgniter\HTTP\URI; +use CodeIgniter\HTTP\SiteURI; use CodeIgniter\HTTP\UserAgent; use CodeIgniter\Test\CIUnitTestCase; use Config\App as AppConfig; @@ -53,7 +53,7 @@ private function createIncomingRequest( $appConfig ??= $this->appConfig; - $siteUri = new URI($appConfig->baseURL . $uri); + $siteUri = new SiteURI($appConfig, $uri); if ($query !== []) { $_GET = $_REQUEST = $query; $siteUri->setQueryArray($query); diff --git a/tests/system/CommonFunctionsTest.php b/tests/system/CommonFunctionsTest.php index b6702c5a7376..228a24e9a26f 100644 --- a/tests/system/CommonFunctionsTest.php +++ b/tests/system/CommonFunctionsTest.php @@ -18,7 +18,7 @@ use CodeIgniter\HTTP\IncomingRequest; use CodeIgniter\HTTP\RedirectResponse; use CodeIgniter\HTTP\Response; -use CodeIgniter\HTTP\URI; +use CodeIgniter\HTTP\SiteURI; use CodeIgniter\HTTP\UserAgent; use CodeIgniter\Router\RouteCollection; use CodeIgniter\Session\Handlers\FileHandler; @@ -411,7 +411,7 @@ public function testOldInput(): void $this->routes = $this->createRouteCollection(); Services::injectMock('routes', $this->routes); - $this->request = new MockIncomingRequest($this->config, new URI('http://example.com'), null, new UserAgent()); + $this->request = new MockIncomingRequest($this->config, new SiteURI($this->config), null, new UserAgent()); Services::injectMock('request', $this->request); // setup & ask for a redirect... @@ -446,7 +446,7 @@ public function testOldInputSerializeData(): void $this->routes = $this->createRouteCollection(); Services::injectMock('routes', $this->routes); - $this->request = new MockIncomingRequest($this->config, new URI('http://example.com'), null, new UserAgent()); + $this->request = new MockIncomingRequest($this->config, new SiteURI($this->config), null, new UserAgent()); Services::injectMock('request', $this->request); // setup & ask for a redirect... @@ -481,7 +481,7 @@ public function testOldInputArray(): void $this->routes = $this->createRouteCollection(); Services::injectMock('routes', $this->routes); - $this->request = new MockIncomingRequest($this->config, new URI('http://example.com'), null, new UserAgent()); + $this->request = new MockIncomingRequest($this->config, new SiteURI($this->config), null, new UserAgent()); Services::injectMock('request', $this->request); $locations = [ diff --git a/tests/system/ControllerTest.php b/tests/system/ControllerTest.php index 668cf9b1bc68..14756039c161 100644 --- a/tests/system/ControllerTest.php +++ b/tests/system/ControllerTest.php @@ -16,7 +16,7 @@ use CodeIgniter\HTTP\IncomingRequest; use CodeIgniter\HTTP\Request; use CodeIgniter\HTTP\Response; -use CodeIgniter\HTTP\URI; +use CodeIgniter\HTTP\SiteURI; use CodeIgniter\HTTP\UserAgent; use CodeIgniter\Test\CIUnitTestCase; use CodeIgniter\Validation\Exceptions\ValidationException; @@ -58,7 +58,7 @@ protected function setUp(): void parent::setUp(); $this->config = new App(); - $this->request = new IncomingRequest($this->config, new URI('https://somwhere.com'), null, new UserAgent()); + $this->request = new IncomingRequest($this->config, new SiteURI($this->config), null, new UserAgent()); $this->response = new Response($this->config); $this->logger = Services::logger(); } diff --git a/tests/system/Filters/InvalidCharsTest.php b/tests/system/Filters/InvalidCharsTest.php index 6289ae755ce0..a7c40ebe8b20 100644 --- a/tests/system/Filters/InvalidCharsTest.php +++ b/tests/system/Filters/InvalidCharsTest.php @@ -13,7 +13,7 @@ use CodeIgniter\HTTP\CLIRequest; use CodeIgniter\HTTP\IncomingRequest; -use CodeIgniter\HTTP\URI; +use CodeIgniter\HTTP\SiteURI; use CodeIgniter\HTTP\UserAgent; use CodeIgniter\Security\Exceptions\SecurityException; use CodeIgniter\Test\CIUnitTestCase; @@ -53,7 +53,7 @@ protected function tearDown(): void private function createRequest(): IncomingRequest { $config = new MockAppConfig(); - $uri = new URI(); + $uri = new SiteURI($config); $userAgent = new UserAgent(); $request = $this->getMockBuilder(IncomingRequest::class) ->setConstructorArgs([$config, $uri, null, $userAgent]) diff --git a/tests/system/HTTP/IncomingRequestDetectingTest.php b/tests/system/HTTP/IncomingRequestDetectingTest.php index 481821dd922b..9984e8d825b3 100644 --- a/tests/system/HTTP/IncomingRequestDetectingTest.php +++ b/tests/system/HTTP/IncomingRequestDetectingTest.php @@ -32,8 +32,7 @@ protected function setUp(): void $_POST = $_GET = $_SERVER = $_REQUEST = $_ENV = $_COOKIE = $_SESSION = []; // The URI object is not used in detectPath(). - $origin = 'http://www.example.com/index.php/woot?code=good#pos'; - $this->request = new IncomingRequest(new App(), new URI($origin), null, new UserAgent()); + $this->request = new IncomingRequest(new App(), new SiteURI(new App(), 'woot?code=good#pos'), null, new UserAgent()); } public function testPathDefault(): void diff --git a/tests/system/HTTP/IncomingRequestTest.php b/tests/system/HTTP/IncomingRequestTest.php index 9f6114f4875e..f9000d90001f 100644 --- a/tests/system/HTTP/IncomingRequestTest.php +++ b/tests/system/HTTP/IncomingRequestTest.php @@ -223,7 +223,7 @@ public function testSetValidLocales() $config->defaultLocale = 'es'; $config->baseURL = 'http://example.com/'; - $request = new IncomingRequest($config, new URI(), null, new UserAgent()); + $request = new IncomingRequest($config, new SiteURI($config), null, new UserAgent()); $request->setValidLocales(['ja']); $request->setLocale('ja'); @@ -901,7 +901,7 @@ public function testExtensionPHP($path, $detectPath): void $_SERVER['REQUEST_URI'] = $path; $_SERVER['SCRIPT_NAME'] = $path; - $request = new IncomingRequest($config, new URI($path), null, new UserAgent()); + $request = new IncomingRequest($config, new SiteURI($config, $path), null, new UserAgent()); $this->assertSame($detectPath, $request->detectPath()); } @@ -914,7 +914,8 @@ public function testGetPath(): void public function testSetPath(): void { - $request = new IncomingRequest(new App(), new URI(), null, new UserAgent()); + $config = new App(); + $request = new IncomingRequest($config, new SiteURI($config), null, new UserAgent()); $this->assertSame('', $request->getPath()); $request->setPath('foobar'); diff --git a/tests/system/Helpers/CookieHelperTest.php b/tests/system/Helpers/CookieHelperTest.php index 45796658fecc..73f05123ab88 100755 --- a/tests/system/Helpers/CookieHelperTest.php +++ b/tests/system/Helpers/CookieHelperTest.php @@ -15,7 +15,7 @@ use CodeIgniter\Cookie\Exceptions\CookieException; use CodeIgniter\HTTP\IncomingRequest; use CodeIgniter\HTTP\Response; -use CodeIgniter\HTTP\URI; +use CodeIgniter\HTTP\SiteURI; use CodeIgniter\HTTP\UserAgent; use CodeIgniter\Test\CIUnitTestCase; use CodeIgniter\Test\Mock\MockResponse; @@ -49,7 +49,7 @@ protected function setUp(): void Services::injectMock('response', new MockResponse(new App())); $this->response = Services::response(); - $this->request = new IncomingRequest(new App(), new URI(), null, new UserAgent()); + $this->request = new IncomingRequest(new App(), new SiteURI(new App()), null, new UserAgent()); Services::injectMock('request', $this->request); helper('cookie'); diff --git a/tests/system/Pager/PagerTest.php b/tests/system/Pager/PagerTest.php index 63ae20d3cd0c..f5059f082b53 100644 --- a/tests/system/Pager/PagerTest.php +++ b/tests/system/Pager/PagerTest.php @@ -13,6 +13,7 @@ use CodeIgniter\Config\Factories; use CodeIgniter\HTTP\IncomingRequest; +use CodeIgniter\HTTP\SiteURI; use CodeIgniter\HTTP\URI; use CodeIgniter\HTTP\UserAgent; use CodeIgniter\Pager\Exceptions\PagerException; @@ -53,7 +54,7 @@ private function createPager(string $requestUri): void $request = new IncomingRequest( $config, - new URI($config->baseURL . ltrim($requestUri, '/')), + new SiteURI($config, ltrim($requestUri, '/')), 'php://input', new UserAgent() ); @@ -70,7 +71,7 @@ public function testSetPathRemembersPath(): void $details = $this->pager->getDetails(); - $this->assertSame('foo/bar', $details['uri']->getPath()); + $this->assertSame('foo/bar', $details['uri']->getRoutePath()); } public function testGetDetailsRecognizesPageQueryVar(): void @@ -474,7 +475,7 @@ public function testBasedURI(): void $request = new IncomingRequest( $config, - new URI(), + new SiteURI($config, 'x/y'), 'php://input', new UserAgent() ); diff --git a/tests/system/RESTful/ResourceControllerTest.php b/tests/system/RESTful/ResourceControllerTest.php index bd52bd0d31a5..284754280929 100644 --- a/tests/system/RESTful/ResourceControllerTest.php +++ b/tests/system/RESTful/ResourceControllerTest.php @@ -17,7 +17,7 @@ use CodeIgniter\Format\XMLFormatter; use CodeIgniter\HTTP\IncomingRequest; use CodeIgniter\HTTP\Response; -use CodeIgniter\HTTP\URI; +use CodeIgniter\HTTP\SiteURI; use CodeIgniter\HTTP\UserAgent; use CodeIgniter\Model; use CodeIgniter\Router\RouteCollection; @@ -312,7 +312,7 @@ public function testJSONFormatOutput(): void $resource = new MockResourceController(); $config = new App(); - $uri = new URI(); + $uri = new SiteURI($config); $agent = new UserAgent(); $request = new IncomingRequest($config, $uri, '', $agent); @@ -340,7 +340,7 @@ public function testXMLFormatOutput(): void $resource = new MockResourceController(); $config = new App(); - $uri = new URI(); + $uri = new SiteURI($config); $agent = new UserAgent(); $request = new IncomingRequest($config, $uri, '', $agent); diff --git a/tests/system/Security/SecurityCSRFCookieRandomizeTokenTest.php b/tests/system/Security/SecurityCSRFCookieRandomizeTokenTest.php index b0c1ef8ec707..a5c014814035 100644 --- a/tests/system/Security/SecurityCSRFCookieRandomizeTokenTest.php +++ b/tests/system/Security/SecurityCSRFCookieRandomizeTokenTest.php @@ -14,7 +14,7 @@ use CodeIgniter\Config\Factories; use CodeIgniter\Cookie\Cookie; use CodeIgniter\HTTP\IncomingRequest; -use CodeIgniter\HTTP\URI; +use CodeIgniter\HTTP\SiteURI; use CodeIgniter\HTTP\UserAgent; use CodeIgniter\Test\CIUnitTestCase; use CodeIgniter\Test\Mock\MockAppConfig; @@ -74,7 +74,8 @@ public function testCSRFVerifySetNewCookie(): void $_POST['foo'] = 'bar'; $_POST['csrf_test_name'] = $this->randomizedToken; - $request = new IncomingRequest(new MockAppConfig(), new URI('http://badurl.com'), null, new UserAgent()); + $config = new MockAppConfig(); + $request = new IncomingRequest($config, new SiteURI($config), null, new UserAgent()); $security = new Security($this->config); diff --git a/tests/system/Security/SecurityCSRFSessionRandomizeTokenTest.php b/tests/system/Security/SecurityCSRFSessionRandomizeTokenTest.php index 7c8af63040f4..e16093b76418 100644 --- a/tests/system/Security/SecurityCSRFSessionRandomizeTokenTest.php +++ b/tests/system/Security/SecurityCSRFSessionRandomizeTokenTest.php @@ -14,7 +14,7 @@ use CodeIgniter\Config\Factories; use CodeIgniter\Config\Services; use CodeIgniter\HTTP\IncomingRequest; -use CodeIgniter\HTTP\URI; +use CodeIgniter\HTTP\SiteURI; use CodeIgniter\HTTP\UserAgent; use CodeIgniter\Security\Exceptions\SecurityException; use CodeIgniter\Session\Handlers\ArrayHandler; @@ -25,6 +25,7 @@ use CodeIgniter\Test\Mock\MockSecurity; use CodeIgniter\Test\Mock\MockSession; use CodeIgniter\Test\TestLogger; +use Config\App; use Config\Cookie; use Config\Logger as LoggerConfig; use Config\Security as SecurityConfig; @@ -136,13 +137,19 @@ public function testCSRFVerifyPostNoToken(): void $_SERVER['REQUEST_METHOD'] = 'POST'; unset($_POST['csrf_test_name']); - $request = new IncomingRequest(new MockAppConfig(), new URI('http://badurl.com'), null, new UserAgent()); - + $request = $this->createIncomingRequest(); $security = $this->createSecurity(); $security->verify($request); } + private function createIncomingRequest(?App $config = null): IncomingRequest + { + $config ??= new MockAppConfig(); + + return new IncomingRequest($config, new SiteURI($config), null, new UserAgent()); + } + public function testCSRFVerifyPostThrowsExceptionOnNoMatch(): void { $this->expectException(SecurityException::class); @@ -151,8 +158,7 @@ public function testCSRFVerifyPostThrowsExceptionOnNoMatch(): void $_SERVER['REQUEST_METHOD'] = 'POST'; $_POST['csrf_test_name'] = '8b9218a55906f9dcc1dc263dce7f005b'; - $request = new IncomingRequest(new MockAppConfig(), new URI('http://badurl.com'), null, new UserAgent()); - + $request = $this->createIncomingRequest(); $security = $this->createSecurity(); $security->verify($request); @@ -166,8 +172,7 @@ public function testCSRFVerifyPostInvalidToken(): void $_SERVER['REQUEST_METHOD'] = 'POST'; $_POST['csrf_test_name'] = '!'; - $request = new IncomingRequest(new MockAppConfig(), new URI('http://badurl.com'), null, new UserAgent()); - + $request = $this->createIncomingRequest(); $security = $this->createSecurity(); $security->verify($request); @@ -179,8 +184,7 @@ public function testCSRFVerifyPostReturnsSelfOnMatch(): void $_POST['foo'] = 'bar'; $_POST['csrf_test_name'] = $this->randomizedToken; - $request = new IncomingRequest(new MockAppConfig(), new URI('http://badurl.com'), null, new UserAgent()); - + $request = $this->createIncomingRequest(); $security = $this->createSecurity(); $this->assertInstanceOf(Security::class, $security->verify($request)); @@ -192,9 +196,8 @@ public function testCSRFVerifyPOSTHeaderThrowsExceptionOnNoMatch(): void { $_SERVER['REQUEST_METHOD'] = 'POST'; - $request = new IncomingRequest(new MockAppConfig(), new URI('http://badurl.com'), null, new UserAgent()); + $request = $this->createIncomingRequest(); $request->setHeader('X-CSRF-TOKEN', '8b9218a55906f9dcc1dc263dce7f005b'); - $security = $this->createSecurity(); $this->expectException(SecurityException::class); @@ -208,9 +211,8 @@ public function testCSRFVerifyPOSTHeaderReturnsSelfOnMatch(): void $_SERVER['REQUEST_METHOD'] = 'POST'; $_POST['foo'] = 'bar'; - $request = new IncomingRequest(new MockAppConfig(), new URI('http://badurl.com'), null, new UserAgent()); + $request = $this->createIncomingRequest(); $request->setHeader('X-CSRF-TOKEN', $this->randomizedToken); - $security = $this->createSecurity(); $this->assertInstanceOf(Security::class, $security->verify($request)); @@ -222,9 +224,8 @@ public function testCSRFVerifyPUTHeaderThrowsExceptionOnNoMatch(): void { $_SERVER['REQUEST_METHOD'] = 'PUT'; - $request = new IncomingRequest(new MockAppConfig(), new URI('http://badurl.com'), null, new UserAgent()); + $request = $this->createIncomingRequest(); $request->setHeader('X-CSRF-TOKEN', '8b9218a55906f9dcc1dc263dce7f005b'); - $security = $this->createSecurity(); $this->expectException(SecurityException::class); @@ -237,9 +238,8 @@ public function testCSRFVerifyPUTHeaderReturnsSelfOnMatch(): void { $_SERVER['REQUEST_METHOD'] = 'PUT'; - $request = new IncomingRequest(new MockAppConfig(), new URI('http://badurl.com'), null, new UserAgent()); + $request = $this->createIncomingRequest(); $request->setHeader('X-CSRF-TOKEN', $this->randomizedToken); - $security = $this->createSecurity(); $this->assertInstanceOf(Security::class, $security->verify($request)); @@ -250,9 +250,8 @@ public function testCSRFVerifyPUTBodyReturnsSelfOnMatch(): void { $_SERVER['REQUEST_METHOD'] = 'PUT'; - $request = new IncomingRequest(new MockAppConfig(), new URI('http://badurl.com'), null, new UserAgent()); + $request = $this->createIncomingRequest(); $request->setBody("csrf_test_name={$this->randomizedToken}&foo=bar"); - $security = $this->createSecurity(); $this->assertInstanceOf(Security::class, $security->verify($request)); @@ -266,9 +265,8 @@ public function testCSRFVerifyJsonThrowsExceptionOnNoMatch(): void $_SERVER['REQUEST_METHOD'] = 'POST'; - $request = new IncomingRequest(new MockAppConfig(), new URI('http://badurl.com'), null, new UserAgent()); + $request = $this->createIncomingRequest(); $request->setBody('{"csrf_test_name":"8b9218a55906f9dcc1dc263dce7f005b"}'); - $security = $this->createSecurity(); $security->verify($request); @@ -278,9 +276,8 @@ public function testCSRFVerifyJsonReturnsSelfOnMatch(): void { $_SERVER['REQUEST_METHOD'] = 'POST'; - $request = new IncomingRequest(new MockAppConfig(), new URI('http://badurl.com'), null, new UserAgent()); + $request = $this->createIncomingRequest(); $request->setBody('{"csrf_test_name":"' . $this->randomizedToken . '","foo":"bar"}'); - $security = $this->createSecurity(); $this->assertInstanceOf(Security::class, $security->verify($request)); @@ -298,9 +295,8 @@ public function testRegenerateWithFalseSecurityRegenerateProperty(): void $config->regenerate = false; Factories::injectMock('config', 'Security', $config); - $request = new IncomingRequest(new MockAppConfig(), new URI('http://badurl.com'), null, new UserAgent()); - - $security = new MockSecurity($this->config); + $request = $this->createIncomingRequest(); + $security = new MockSecurity($config); $oldHash = $security->getHash(); $security->verify($request); @@ -319,8 +315,7 @@ public function testRegenerateWithTrueSecurityRegenerateProperty(): void $config->regenerate = true; Factories::injectMock('config', 'Security', $config); - $request = new IncomingRequest(new MockAppConfig(), new URI('http://badurl.com'), null, new UserAgent()); - + $request = $this->createIncomingRequest(); $security = $this->createSecurity(); $oldHash = $security->getHash(); diff --git a/tests/system/Security/SecurityCSRFSessionTest.php b/tests/system/Security/SecurityCSRFSessionTest.php index 1d701520488c..cc5b56eae33a 100644 --- a/tests/system/Security/SecurityCSRFSessionTest.php +++ b/tests/system/Security/SecurityCSRFSessionTest.php @@ -14,7 +14,7 @@ use CodeIgniter\Config\Factories; use CodeIgniter\Config\Services; use CodeIgniter\HTTP\IncomingRequest; -use CodeIgniter\HTTP\URI; +use CodeIgniter\HTTP\SiteURI; use CodeIgniter\HTTP\UserAgent; use CodeIgniter\Security\Exceptions\SecurityException; use CodeIgniter\Session\Handlers\ArrayHandler; @@ -24,6 +24,7 @@ use CodeIgniter\Test\Mock\MockAppConfig; use CodeIgniter\Test\Mock\MockSession; use CodeIgniter\Test\TestLogger; +use Config\App; use Config\Cookie; use Config\Logger as LoggerConfig; use Config\Security as SecurityConfig; @@ -125,21 +126,26 @@ public function testCSRFVerifyPostThrowsExceptionOnNoMatch(): void $_SERVER['REQUEST_METHOD'] = 'POST'; $_POST['csrf_test_name'] = '8b9218a55906f9dcc1dc263dce7f005b'; - $request = new IncomingRequest(new MockAppConfig(), new URI('http://badurl.com'), null, new UserAgent()); - + $request = $this->createIncomingRequest(); $security = $this->createSecurity(); $security->verify($request); } + private function createIncomingRequest(?App $config = null): IncomingRequest + { + $config ??= new MockAppConfig(); + + return new IncomingRequest($config, new SiteURI($config), null, new UserAgent()); + } + public function testCSRFVerifyPostReturnsSelfOnMatch(): void { $_SERVER['REQUEST_METHOD'] = 'POST'; $_POST['foo'] = 'bar'; $_POST['csrf_test_name'] = '8b9218a55906f9dcc1dc263dce7f005a'; - $request = new IncomingRequest(new MockAppConfig(), new URI('http://badurl.com'), null, new UserAgent()); - + $request = $this->createIncomingRequest(); $security = $this->createSecurity(); $this->assertInstanceOf(Security::class, $security->verify($request)); @@ -151,9 +157,8 @@ public function testCSRFVerifyPOSTHeaderThrowsExceptionOnNoMatch(): void { $_SERVER['REQUEST_METHOD'] = 'POST'; - $request = new IncomingRequest(new MockAppConfig(), new URI('http://badurl.com'), null, new UserAgent()); + $request = $this->createIncomingRequest(); $request->setHeader('X-CSRF-TOKEN', '8b9218a55906f9dcc1dc263dce7f005b'); - $security = $this->createSecurity(); $this->expectException(SecurityException::class); @@ -165,9 +170,8 @@ public function testCSRFVerifyPOSTHeaderReturnsSelfOnMatch(): void $_SERVER['REQUEST_METHOD'] = 'POST'; $_POST['foo'] = 'bar'; - $request = new IncomingRequest(new MockAppConfig(), new URI('http://badurl.com'), null, new UserAgent()); + $request = $this->createIncomingRequest(); $request->setHeader('X-CSRF-TOKEN', '8b9218a55906f9dcc1dc263dce7f005a'); - $security = $this->createSecurity(); $this->assertInstanceOf(Security::class, $security->verify($request)); @@ -179,9 +183,8 @@ public function testCSRFVerifyPUTHeaderThrowsExceptionOnNoMatch(): void { $_SERVER['REQUEST_METHOD'] = 'PUT'; - $request = new IncomingRequest(new MockAppConfig(), new URI('http://badurl.com'), null, new UserAgent()); + $request = $this->createIncomingRequest(); $request->setHeader('X-CSRF-TOKEN', '8b9218a55906f9dcc1dc263dce7f005b'); - $security = $this->createSecurity(); $this->expectException(SecurityException::class); @@ -192,9 +195,8 @@ public function testCSRFVerifyPUTHeaderReturnsSelfOnMatch(): void { $_SERVER['REQUEST_METHOD'] = 'PUT'; - $request = new IncomingRequest(new MockAppConfig(), new URI('http://badurl.com'), null, new UserAgent()); + $request = $this->createIncomingRequest(); $request->setHeader('X-CSRF-TOKEN', '8b9218a55906f9dcc1dc263dce7f005a'); - $security = $this->createSecurity(); $this->assertInstanceOf(Security::class, $security->verify($request)); @@ -205,9 +207,8 @@ public function testCSRFVerifyPUTBodyReturnsSelfOnMatch(): void { $_SERVER['REQUEST_METHOD'] = 'PUT'; - $request = new IncomingRequest(new MockAppConfig(), new URI('http://badurl.com'), null, new UserAgent()); + $request = $this->createIncomingRequest(); $request->setBody('csrf_test_name=8b9218a55906f9dcc1dc263dce7f005a&foo=bar'); - $security = $this->createSecurity(); $this->assertInstanceOf(Security::class, $security->verify($request)); @@ -220,9 +221,8 @@ public function testCSRFVerifyJsonThrowsExceptionOnNoMatch(): void $_SERVER['REQUEST_METHOD'] = 'POST'; - $request = new IncomingRequest(new MockAppConfig(), new URI('http://badurl.com'), null, new UserAgent()); + $request = $this->createIncomingRequest(); $request->setBody('{"csrf_test_name":"8b9218a55906f9dcc1dc263dce7f005b"}'); - $security = $this->createSecurity(); $security->verify($request); @@ -232,9 +232,8 @@ public function testCSRFVerifyJsonReturnsSelfOnMatch(): void { $_SERVER['REQUEST_METHOD'] = 'POST'; - $request = new IncomingRequest(new MockAppConfig(), new URI('http://badurl.com'), null, new UserAgent()); + $request = $this->createIncomingRequest(); $request->setBody('{"csrf_test_name":"8b9218a55906f9dcc1dc263dce7f005a","foo":"bar"}'); - $security = $this->createSecurity(); $this->assertInstanceOf(Security::class, $security->verify($request)); @@ -251,8 +250,7 @@ public function testRegenerateWithFalseSecurityRegenerateProperty(): void $config->regenerate = false; Factories::injectMock('config', 'Security', $config); - $request = new IncomingRequest(new MockAppConfig(), new URI('http://badurl.com'), null, new UserAgent()); - + $request = $this->createIncomingRequest(); $security = $this->createSecurity(); $oldHash = $security->getHash(); @@ -271,8 +269,7 @@ public function testRegenerateWithTrueSecurityRegenerateProperty(): void $config->regenerate = true; Factories::injectMock('config', 'Security', $config); - $request = new IncomingRequest(new MockAppConfig(), new URI('http://badurl.com'), null, new UserAgent()); - + $request = $this->createIncomingRequest(); $security = $this->createSecurity(); $oldHash = $security->getHash(); diff --git a/tests/system/Security/SecurityTest.php b/tests/system/Security/SecurityTest.php index ae4953607662..f10c79e5fb7c 100644 --- a/tests/system/Security/SecurityTest.php +++ b/tests/system/Security/SecurityTest.php @@ -14,7 +14,7 @@ use CodeIgniter\Config\Factories; use CodeIgniter\HTTP\IncomingRequest; use CodeIgniter\HTTP\Request; -use CodeIgniter\HTTP\URI; +use CodeIgniter\HTTP\SiteURI; use CodeIgniter\HTTP\UserAgent; use CodeIgniter\Security\Exceptions\SecurityException; use CodeIgniter\Test\CIUnitTestCase; @@ -101,17 +101,24 @@ public function testCSRFVerifyPostThrowsExceptionOnNoMatch(): void $_COOKIE['csrf_cookie_name'] = '8b9218a55906f9dcc1dc263dce7f005b'; $security = $this->createMockSecurity(); - $request = new IncomingRequest( - new MockAppConfig(), - new URI('http://badurl.com'), - null, - new UserAgent() - ); + $request = $this->createIncomingRequest(); $this->expectException(SecurityException::class); $security->verify($request); } + private function createIncomingRequest(): IncomingRequest + { + $config = new MockAppConfig(); + + return new IncomingRequest( + $config, + new SiteURI($config), + null, + new UserAgent() + ); + } + public function testCSRFVerifyPostReturnsSelfOnMatch(): void { $_SERVER['REQUEST_METHOD'] = 'POST'; @@ -120,12 +127,7 @@ public function testCSRFVerifyPostReturnsSelfOnMatch(): void $_COOKIE['csrf_cookie_name'] = '8b9218a55906f9dcc1dc263dce7f005a'; $security = $this->createMockSecurity(); - $request = new IncomingRequest( - new MockAppConfig(), - new URI('http://badurl.com'), - null, - new UserAgent() - ); + $request = $this->createIncomingRequest(); $this->assertInstanceOf(Security::class, $security->verify($request)); $this->assertLogged('info', 'CSRF token verified.'); @@ -139,12 +141,7 @@ public function testCSRFVerifyHeaderThrowsExceptionOnNoMatch(): void $_COOKIE['csrf_cookie_name'] = '8b9218a55906f9dcc1dc263dce7f005b'; $security = $this->createMockSecurity(); - $request = new IncomingRequest( - new MockAppConfig(), - new URI('http://badurl.com'), - null, - new UserAgent() - ); + $request = $this->createIncomingRequest(); $request->setHeader('X-CSRF-TOKEN', '8b9218a55906f9dcc1dc263dce7f005a'); @@ -159,12 +156,7 @@ public function testCSRFVerifyHeaderReturnsSelfOnMatch(): void $_COOKIE['csrf_cookie_name'] = '8b9218a55906f9dcc1dc263dce7f005a'; $security = $this->createMockSecurity(); - $request = new IncomingRequest( - new MockAppConfig(), - new URI('http://badurl.com'), - null, - new UserAgent() - ); + $request = $this->createIncomingRequest(); $request->setHeader('X-CSRF-TOKEN', '8b9218a55906f9dcc1dc263dce7f005a'); @@ -180,12 +172,7 @@ public function testCSRFVerifyJsonThrowsExceptionOnNoMatch(): void $_COOKIE['csrf_cookie_name'] = '8b9218a55906f9dcc1dc263dce7f005b'; $security = $this->createMockSecurity(); - $request = new IncomingRequest( - new MockAppConfig(), - new URI('http://badurl.com'), - null, - new UserAgent() - ); + $request = $this->createIncomingRequest(); $request->setBody( '{"csrf_test_name":"8b9218a55906f9dcc1dc263dce7f005a"}' @@ -201,12 +188,7 @@ public function testCSRFVerifyJsonReturnsSelfOnMatch(): void $_COOKIE['csrf_cookie_name'] = '8b9218a55906f9dcc1dc263dce7f005a'; $security = $this->createMockSecurity(); - $request = new IncomingRequest( - new MockAppConfig(), - new URI('http://badurl.com'), - null, - new UserAgent() - ); + $request = $this->createIncomingRequest(); $request->setBody( '{"csrf_test_name":"8b9218a55906f9dcc1dc263dce7f005a","foo":"bar"}' @@ -224,12 +206,7 @@ public function testCSRFVerifyPutBodyThrowsExceptionOnNoMatch(): void $_COOKIE['csrf_cookie_name'] = '8b9218a55906f9dcc1dc263dce7f005b'; $security = $this->createMockSecurity(); - $request = new IncomingRequest( - new MockAppConfig(), - new URI('http://badurl.com'), - null, - new UserAgent() - ); + $request = $this->createIncomingRequest(); $request->setBody( 'csrf_test_name=8b9218a55906f9dcc1dc263dce7f005a' @@ -245,12 +222,7 @@ public function testCSRFVerifyPutBodyReturnsSelfOnMatch(): void $_COOKIE['csrf_cookie_name'] = '8b9218a55906f9dcc1dc263dce7f005a'; $security = $this->createMockSecurity(); - $request = new IncomingRequest( - new MockAppConfig(), - new URI('http://badurl.com'), - null, - new UserAgent() - ); + $request = $this->createIncomingRequest(); $request->setBody( 'csrf_test_name=8b9218a55906f9dcc1dc263dce7f005a&foo=bar' @@ -282,12 +254,7 @@ public function testRegenerateWithFalseSecurityRegenerateProperty(): void Factories::injectMock('config', 'Security', $config); $security = new MockSecurity($config); - $request = new IncomingRequest( - new MockAppConfig(), - new URI('http://badurl.com'), - null, - new UserAgent() - ); + $request = $this->createIncomingRequest(); $oldHash = $security->getHash(); $security->verify($request); @@ -307,12 +274,7 @@ public function testRegenerateWithFalseSecurityRegeneratePropertyManually(): voi Factories::injectMock('config', 'Security', $config); $security = $this->createMockSecurity($config); - $request = new IncomingRequest( - new MockAppConfig(), - new URI('http://badurl.com'), - null, - new UserAgent() - ); + $request = $this->createIncomingRequest(); $oldHash = $security->getHash(); $security->verify($request); @@ -333,12 +295,7 @@ public function testRegenerateWithTrueSecurityRegenerateProperty(): void Factories::injectMock('config', 'Security', $config); $security = $this->createMockSecurity($config); - $request = new IncomingRequest( - new MockAppConfig(), - new URI('http://badurl.com'), - null, - new UserAgent() - ); + $request = $this->createIncomingRequest(); $oldHash = $security->getHash(); $security->verify($request); diff --git a/tests/system/Validation/ValidationTest.php b/tests/system/Validation/ValidationTest.php index 7cc6f99c40d5..fbc8f2ace5f6 100644 --- a/tests/system/Validation/ValidationTest.php +++ b/tests/system/Validation/ValidationTest.php @@ -12,7 +12,7 @@ namespace CodeIgniter\Validation; use CodeIgniter\HTTP\IncomingRequest; -use CodeIgniter\HTTP\URI; +use CodeIgniter\HTTP\SiteURI; use CodeIgniter\HTTP\UserAgent; use CodeIgniter\Test\CIUnitTestCase; use CodeIgniter\Validation\Exceptions\ValidationException; @@ -748,7 +748,7 @@ public function testRawInput(): void $rawstring = 'username=admin001&role=administrator&usepass=0'; $config = new App(); $config->baseURL = 'http://example.com/'; - $request = new IncomingRequest($config, new URI(), $rawstring, new UserAgent()); + $request = new IncomingRequest($config, new SiteURI($config), $rawstring, new UserAgent()); $rules = [ 'role' => 'required|min_length[5]', @@ -772,7 +772,7 @@ public function testJsonInput(): void $json = json_encode($data); $config = new App(); $config->baseURL = 'http://example.com/'; - $request = new IncomingRequest($config, new URI(), $json, new UserAgent()); + $request = new IncomingRequest($config, new SiteURI($config), $json, new UserAgent()); $rules = [ 'role' => 'required|min_length[5]', @@ -809,7 +809,7 @@ public function testJsonInputObjectArray(): void $config = new App(); $config->baseURL = 'http://example.com/'; - $request = new IncomingRequest($config, new URI(), $json, new UserAgent()); + $request = new IncomingRequest($config, new SiteURI($config), $json, new UserAgent()); $rules = [ 'p' => 'required|array_count[2]', @@ -995,7 +995,7 @@ public function testRulesForArrayField(array $body, array $rules, array $results $config = new App(); $config->baseURL = 'http://example.com/'; - $request = new IncomingRequest($config, new URI(), http_build_query($body), new UserAgent()); + $request = new IncomingRequest($config, new SiteURI($config), http_build_query($body), new UserAgent()); $this->validation->setRules($rules); $this->validation->withRequest($request->withMethod('post'))->run($body); @@ -1074,7 +1074,7 @@ public function testRulesForSingleRuleWithAsteriskWillReturnNoError(): void ], ]; - $request = new IncomingRequest($config, new URI(), 'php://input', new UserAgent()); + $request = new IncomingRequest($config, new SiteURI($config), 'php://input', new UserAgent()); $this->validation->setRules([ 'id_user.*' => 'numeric', @@ -1108,7 +1108,7 @@ public function testRulesForSingleRuleWithAsteriskWillReturnError(): void ], ]; - $request = new IncomingRequest($config, new URI(), 'php://input', new UserAgent()); + $request = new IncomingRequest($config, new SiteURI($config), 'php://input', new UserAgent()); $this->validation->setRules([ 'id_user.*' => 'numeric', @@ -1144,7 +1144,7 @@ public function testRulesForSingleRuleWithSingleValue(): void 'id_user' => 'gh', ]; - $request = new IncomingRequest($config, new URI(), 'php://input', new UserAgent()); + $request = new IncomingRequest($config, new SiteURI($config), 'php://input', new UserAgent()); $this->validation->setRules([ 'id_user' => 'numeric',