4 * This file is part of the Symfony package.
6 * (c) Fabien Potencier <fabien@symfony.com>
8 * For the full copyright and license information, please view the LICENSE
9 * file that was distributed with this source code.
12 namespace Symfony\Component\HttpFoundation\Tests;
14 use PHPUnit\Framework\TestCase;
15 use Symfony\Component\HttpFoundation\ServerBag;
20 * @author Bulat Shakirzyanov <mallluhuct@gmail.com>
22 class ServerBagTest extends TestCase
24 public function testShouldExtractHeadersFromServerArray()
27 'SOME_SERVER_VARIABLE' => 'value',
28 'SOME_SERVER_VARIABLE2' => 'value',
30 'HTTP_CONTENT_TYPE' => 'text/html',
31 'HTTP_CONTENT_LENGTH' => '0',
32 'HTTP_ETAG' => 'asdf',
33 'PHP_AUTH_USER' => 'foo',
34 'PHP_AUTH_PW' => 'bar',
37 $bag = new ServerBag($server);
39 $this->assertEquals(array(
40 'CONTENT_TYPE' => 'text/html',
41 'CONTENT_LENGTH' => '0',
43 'AUTHORIZATION' => 'Basic '.base64_encode('foo:bar'),
44 'PHP_AUTH_USER' => 'foo',
45 'PHP_AUTH_PW' => 'bar',
46 ), $bag->getHeaders());
49 public function testHttpPasswordIsOptional()
51 $bag = new ServerBag(array('PHP_AUTH_USER' => 'foo'));
53 $this->assertEquals(array(
54 'AUTHORIZATION' => 'Basic '.base64_encode('foo:'),
55 'PHP_AUTH_USER' => 'foo',
57 ), $bag->getHeaders());
60 public function testHttpBasicAuthWithPhpCgi()
62 $bag = new ServerBag(array('HTTP_AUTHORIZATION' => 'Basic '.base64_encode('foo:bar')));
64 $this->assertEquals(array(
65 'AUTHORIZATION' => 'Basic '.base64_encode('foo:bar'),
66 'PHP_AUTH_USER' => 'foo',
67 'PHP_AUTH_PW' => 'bar',
68 ), $bag->getHeaders());
71 public function testHttpBasicAuthWithPhpCgiBogus()
73 $bag = new ServerBag(array('HTTP_AUTHORIZATION' => 'Basic_'.base64_encode('foo:bar')));
75 // Username and passwords should not be set as the header is bogus
76 $headers = $bag->getHeaders();
77 $this->assertFalse(isset($headers['PHP_AUTH_USER']));
78 $this->assertFalse(isset($headers['PHP_AUTH_PW']));
81 public function testHttpBasicAuthWithPhpCgiRedirect()
83 $bag = new ServerBag(array('REDIRECT_HTTP_AUTHORIZATION' => 'Basic '.base64_encode('username:pass:word')));
85 $this->assertEquals(array(
86 'AUTHORIZATION' => 'Basic '.base64_encode('username:pass:word'),
87 'PHP_AUTH_USER' => 'username',
88 'PHP_AUTH_PW' => 'pass:word',
89 ), $bag->getHeaders());
92 public function testHttpBasicAuthWithPhpCgiEmptyPassword()
94 $bag = new ServerBag(array('HTTP_AUTHORIZATION' => 'Basic '.base64_encode('foo:')));
96 $this->assertEquals(array(
97 'AUTHORIZATION' => 'Basic '.base64_encode('foo:'),
98 'PHP_AUTH_USER' => 'foo',
100 ), $bag->getHeaders());
103 public function testHttpDigestAuthWithPhpCgi()
105 $digest = 'Digest username="foo", realm="acme", nonce="'.md5('secret').'", uri="/protected, qop="auth"';
106 $bag = new ServerBag(array('HTTP_AUTHORIZATION' => $digest));
108 $this->assertEquals(array(
109 'AUTHORIZATION' => $digest,
110 'PHP_AUTH_DIGEST' => $digest,
111 ), $bag->getHeaders());
114 public function testHttpDigestAuthWithPhpCgiBogus()
116 $digest = 'Digest_username="foo", realm="acme", nonce="'.md5('secret').'", uri="/protected, qop="auth"';
117 $bag = new ServerBag(array('HTTP_AUTHORIZATION' => $digest));
119 // Username and passwords should not be set as the header is bogus
120 $headers = $bag->getHeaders();
121 $this->assertFalse(isset($headers['PHP_AUTH_USER']));
122 $this->assertFalse(isset($headers['PHP_AUTH_PW']));
125 public function testHttpDigestAuthWithPhpCgiRedirect()
127 $digest = 'Digest username="foo", realm="acme", nonce="'.md5('secret').'", uri="/protected, qop="auth"';
128 $bag = new ServerBag(array('REDIRECT_HTTP_AUTHORIZATION' => $digest));
130 $this->assertEquals(array(
131 'AUTHORIZATION' => $digest,
132 'PHP_AUTH_DIGEST' => $digest,
133 ), $bag->getHeaders());
136 public function testOAuthBearerAuth()
138 $headerContent = 'Bearer L-yLEOr9zhmUYRkzN1jwwxwQ-PBNiKDc8dgfB4hTfvo';
139 $bag = new ServerBag(array('HTTP_AUTHORIZATION' => $headerContent));
141 $this->assertEquals(array(
142 'AUTHORIZATION' => $headerContent,
143 ), $bag->getHeaders());
146 public function testOAuthBearerAuthWithRedirect()
148 $headerContent = 'Bearer L-yLEOr9zhmUYRkzN1jwwxwQ-PBNiKDc8dgfB4hTfvo';
149 $bag = new ServerBag(array('REDIRECT_HTTP_AUTHORIZATION' => $headerContent));
151 $this->assertEquals(array(
152 'AUTHORIZATION' => $headerContent,
153 ), $bag->getHeaders());
157 * @see https://github.com/symfony/symfony/issues/17345
159 public function testItDoesNotOverwriteTheAuthorizationHeaderIfItIsAlreadySet()
161 $headerContent = 'Bearer L-yLEOr9zhmUYRkzN1jwwxwQ-PBNiKDc8dgfB4hTfvo';
162 $bag = new ServerBag(array('PHP_AUTH_USER' => 'foo', 'HTTP_AUTHORIZATION' => $headerContent));
164 $this->assertEquals(array(
165 'AUTHORIZATION' => $headerContent,
166 'PHP_AUTH_USER' => 'foo',
168 ), $bag->getHeaders());