clam2021/vendor/tuupola/slim-basic-auth/tests/RequestPathRuleTest.php

<?php

/*
 * This file is part of Slim HTTP Basic Authentication middleware
 *
 * Copyright (c) 2013-2018 Mika Tuupola
 *
 * Licensed under the MIT license:
 *   http://www.opensource.org/licenses/mit-license.php
 *
 * Project home:
 *   https://github.com/tuupola/slim-basic-auth
 *
 */

namespace Tuupola\Middleware\HttpBasicAuthentication;

use PHPUnit\Framework\TestCase;
use Zend\Diactoros\ServerRequest;
use Zend\Diactoros\ServerRequestFactory;
use Zend\Diactoros\Response;
use Zend\Diactoros\Uri;

class RequestPathTest extends TestCase
{

    public function testShouldAcceptArrayAndStringAsPath()
    {
        $request = (new ServerRequest())
            ->withUri(new Uri("https://example.com/admin/protected"))
            ->withMethod("GET");

        $rule = new RequestPathRule(["path" => "/admin"]);
        $this->assertTrue($rule($request));

        $rule = new RequestPathRule(["path" => ["/admin"]]);
        $this->assertTrue($rule($request));
    }

    public function testShouldAuthenticateEverything()
    {
        $request = (new ServerRequest())
            ->withUri(new Uri("https://example.com/"))
            ->withMethod("GET");

        $rule = new RequestPathRule(["path" => "/"]);
        $this->assertTrue($rule($request));

        $request = (new ServerRequest())
            ->withUri(new Uri("https://example.com/api"))
            ->withMethod("GET");

        $this->assertTrue($rule($request));
    }

    public function testShouldAuthenticateOnlyApi()
    {
        $request = (new ServerRequest())
            ->withUri(new Uri("https://example.com/"))
            ->withMethod("GET");

        $rule = new RequestPathRule(["path" => "/api"]);
        $this->assertFalse($rule($request));

        $request = (new ServerRequest())
            ->withUri(new Uri("https://example.com/api"))
            ->withMethod("GET");

        $this->assertTrue($rule($request));
    }

    public function testShouldAuthenticateCreateAndList()
    {
        /* Authenticate only create and list actions */
        $rule = new RequestPathRule([
            "path" => ["/api/create", "/api/list"]
        ]);

        /* Should not authenticate */
        $request = (new ServerRequest())
            ->withUri(new Uri("https://example.com/api"))
            ->withMethod("GET");
        $this->assertFalse($rule($request));

        /* Should authenticate */
        $request = (new ServerRequest())
            ->withUri(new Uri("https://example.com/api/create"))
            ->withMethod("GET");
        $this->assertTrue($rule($request));

        /* Should authenticate */
        $request = (new ServerRequest())
            ->withUri(new Uri("https://example.com/api/list"))
            ->withMethod("GET");
        $this->assertTrue($rule($request));

        /* Should not authenticate */
        $request = (new ServerRequest())
            ->withUri(new Uri("https://example.com/api/ping"))
            ->withMethod("GET");
        $this->assertFalse($rule($request));
    }

    public function testShouldIgnoreLogin()
    {
        $request = (new ServerRequest())
            ->withUri(new Uri("https://example.com/api"))
            ->withMethod("GET");

        $rule = new RequestPathRule([
            "path" => "/api",
            "ignore" => ["/api/login"]
        ]);
        $this->assertTrue($rule($request));

        $request = (new ServerRequest())
            ->withUri(new Uri("https://example.com/api/login"))
            ->withMethod("GET");

        $this->assertFalse($rule($request));
    }

    public function testBug50ShouldAuthenticateMultipleSlashes()
    {
        $request = (new ServerRequest)
            ->withUri(new Uri("https://example.com/"))
            ->withMethod("GET");
        $rule = new RequestPathRule(["path" => "/v1/api"]);
        $this->assertFalse($rule($request));
        $request = (new ServerRequest)
            ->withUri(new Uri("https://example.com/v1/api"))
            ->withMethod("GET");
        $this->assertTrue($rule($request));
        $request = (new ServerRequest)
            ->withUri(new Uri("https://example.com/v1//api"))
            ->withMethod("GET");
        $this->assertTrue($rule($request));
        $request = (new ServerRequest)
            ->withUri(new Uri("https://example.com/v1//////api"))
            ->withMethod("GET");
        $this->assertTrue($rule($request));
        $request = (new ServerRequest)
            ->withUri(new Uri("https://example.com//v1/api"))
            ->withMethod("GET");
        $this->assertTrue($rule($request));
        $request = (new ServerRequest)
            ->withUri(new Uri("https://example.com//////v1/api"))
            ->withMethod("GET");
        $this->assertTrue($rule($request));
    }
}
initial copy of clam2020 2021-05-13 16:04:00 +00:00			`<?php`

			`/*`
			`* This file is part of Slim HTTP Basic Authentication middleware`
			`*`
			`* Copyright (c) 2013-2018 Mika Tuupola`
			`*`
			`* Licensed under the MIT license:`
			`* http://www.opensource.org/licenses/mit-license.php`
			`*`
			`* Project home:`
			`* https://github.com/tuupola/slim-basic-auth`
			`*`
			`*/`

			`namespace Tuupola\Middleware\HttpBasicAuthentication;`

			`use PHPUnit\Framework\TestCase;`
			`use Zend\Diactoros\ServerRequest;`
			`use Zend\Diactoros\ServerRequestFactory;`
			`use Zend\Diactoros\Response;`
			`use Zend\Diactoros\Uri;`

			`class RequestPathTest extends TestCase`
			`{`

			`public function testShouldAcceptArrayAndStringAsPath()`
			`{`
			`$request = (new ServerRequest())`
			`->withUri(new Uri("https://example.com/admin/protected"))`
			`->withMethod("GET");`

			`$rule = new RequestPathRule(["path" => "/admin"]);`
			`$this->assertTrue($rule($request));`

			`$rule = new RequestPathRule(["path" => ["/admin"]]);`
			`$this->assertTrue($rule($request));`
			`}`

			`public function testShouldAuthenticateEverything()`
			`{`
			`$request = (new ServerRequest())`
			`->withUri(new Uri("https://example.com/"))`
			`->withMethod("GET");`

			`$rule = new RequestPathRule(["path" => "/"]);`
			`$this->assertTrue($rule($request));`

			`$request = (new ServerRequest())`
			`->withUri(new Uri("https://example.com/api"))`
			`->withMethod("GET");`

			`$this->assertTrue($rule($request));`
			`}`

			`public function testShouldAuthenticateOnlyApi()`
			`{`
			`$request = (new ServerRequest())`
			`->withUri(new Uri("https://example.com/"))`
			`->withMethod("GET");`

			`$rule = new RequestPathRule(["path" => "/api"]);`
			`$this->assertFalse($rule($request));`

			`$request = (new ServerRequest())`
			`->withUri(new Uri("https://example.com/api"))`
			`->withMethod("GET");`

			`$this->assertTrue($rule($request));`
			`}`

			`public function testShouldAuthenticateCreateAndList()`
			`{`
			`/* Authenticate only create and list actions */`
			`$rule = new RequestPathRule([`
			`"path" => ["/api/create", "/api/list"]`
			`]);`

			`/* Should not authenticate */`
			`$request = (new ServerRequest())`
			`->withUri(new Uri("https://example.com/api"))`
			`->withMethod("GET");`
			`$this->assertFalse($rule($request));`

			`/* Should authenticate */`
			`$request = (new ServerRequest())`
			`->withUri(new Uri("https://example.com/api/create"))`
			`->withMethod("GET");`
			`$this->assertTrue($rule($request));`

			`/* Should authenticate */`
			`$request = (new ServerRequest())`
			`->withUri(new Uri("https://example.com/api/list"))`
			`->withMethod("GET");`
			`$this->assertTrue($rule($request));`

			`/* Should not authenticate */`
			`$request = (new ServerRequest())`
			`->withUri(new Uri("https://example.com/api/ping"))`
			`->withMethod("GET");`
			`$this->assertFalse($rule($request));`
			`}`

			`public function testShouldIgnoreLogin()`
			`{`
			`$request = (new ServerRequest())`
			`->withUri(new Uri("https://example.com/api"))`
			`->withMethod("GET");`

			`$rule = new RequestPathRule([`
			`"path" => "/api",`
			`"ignore" => ["/api/login"]`
			`]);`
			`$this->assertTrue($rule($request));`

			`$request = (new ServerRequest())`
			`->withUri(new Uri("https://example.com/api/login"))`
			`->withMethod("GET");`

			`$this->assertFalse($rule($request));`
			`}`

			`public function testBug50ShouldAuthenticateMultipleSlashes()`
			`{`
			`$request = (new ServerRequest)`
			`->withUri(new Uri("https://example.com/"))`
			`->withMethod("GET");`
			`$rule = new RequestPathRule(["path" => "/v1/api"]);`
			`$this->assertFalse($rule($request));`
			`$request = (new ServerRequest)`
			`->withUri(new Uri("https://example.com/v1/api"))`
			`->withMethod("GET");`
			`$this->assertTrue($rule($request));`
			`$request = (new ServerRequest)`
			`->withUri(new Uri("https://example.com/v1//api"))`
			`->withMethod("GET");`
			`$this->assertTrue($rule($request));`
			`$request = (new ServerRequest)`
			`->withUri(new Uri("https://example.com/v1//////api"))`
			`->withMethod("GET");`
			`$this->assertTrue($rule($request));`
			`$request = (new ServerRequest)`
			`->withUri(new Uri("https://example.com//v1/api"))`
			`->withMethod("GET");`
			`$this->assertTrue($rule($request));`
			`$request = (new ServerRequest)`
			`->withUri(new Uri("https://example.com//////v1/api"))`
			`->withMethod("GET");`
			`$this->assertTrue($rule($request));`
			`}`
			`}`