74 lines
2.9 KiB
PHP
74 lines
2.9 KiB
PHP
<?php
|
|
// tests:
|
|
// - signature for request that specifies a header but is missing that header
|
|
// - signature for request with malformed Signature header
|
|
namespace ActivityPub\Test\Auth;
|
|
|
|
use ActivityPub\Auth\HttpSignatureService;
|
|
use PHPUnit\Framework\TestCase;
|
|
use Symfony\Component\HttpFoundation\Request;
|
|
|
|
class HttpSignatureServiceTest extends TestCase
|
|
{
|
|
const PUBLIC_KEY = "-----BEGIN PUBLIC KEY-----
|
|
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCFENGw33yGihy92pDjZQhl0C3
|
|
6rPJj+CvfSC8+q28hxA161QFNUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6
|
|
Z4UMR7EOcpfdUE9Hf3m/hs+FUR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJw
|
|
oYi+1hqp1fIekaxsyQIDAQAB
|
|
-----END PUBLIC KEY-----";
|
|
|
|
const PRIVATE_KEY = "-----BEGIN RSA PRIVATE KEY-----
|
|
MIICXgIBAAKBgQDCFENGw33yGihy92pDjZQhl0C36rPJj+CvfSC8+q28hxA161QF
|
|
NUd13wuCTUcq0Qd2qsBe/2hFyc2DCJJg0h1L78+6Z4UMR7EOcpfdUE9Hf3m/hs+F
|
|
UR45uBJeDK1HSFHD8bHKD6kv8FPGfJTotc+2xjJwoYi+1hqp1fIekaxsyQIDAQAB
|
|
AoGBAJR8ZkCUvx5kzv+utdl7T5MnordT1TvoXXJGXK7ZZ+UuvMNUCdN2QPc4sBiA
|
|
QWvLw1cSKt5DsKZ8UETpYPy8pPYnnDEz2dDYiaew9+xEpubyeW2oH4Zx71wqBtOK
|
|
kqwrXa/pzdpiucRRjk6vE6YY7EBBs/g7uanVpGibOVAEsqH1AkEA7DkjVH28WDUg
|
|
f1nqvfn2Kj6CT7nIcE3jGJsZZ7zlZmBmHFDONMLUrXR/Zm3pR5m0tCmBqa5RK95u
|
|
412jt1dPIwJBANJT3v8pnkth48bQo/fKel6uEYyboRtA5/uHuHkZ6FQF7OUkGogc
|
|
mSJluOdc5t6hI1VsLn0QZEjQZMEOWr+wKSMCQQCC4kXJEsHAve77oP6HtG/IiEn7
|
|
kpyUXRNvFsDE0czpJJBvL/aRFUJxuRK91jhjC68sA7NsKMGg5OXb5I5Jj36xAkEA
|
|
gIT7aFOYBFwGgQAQkWNKLvySgKbAZRTeLBacpHMuQdl1DfdntvAyqpAZ0lY0RKmW
|
|
G6aFKaqQfOXKCyWoUiVknQJAXrlgySFci/2ueKlIE1QqIiLSZ8V8OlpFLRnb1pzI
|
|
7U1yQXnTAEFYM560yJlzUpOb1V4cScGd365tiSMvxLOvTA==
|
|
-----END RSA PRIVATE KEY-----";
|
|
|
|
private $httpSignatureService;
|
|
|
|
public function setUp()
|
|
{
|
|
$this->httpSignatureService = new HttpSignatureService();
|
|
}
|
|
|
|
private static function getRequest()
|
|
{
|
|
$request = Request::create(
|
|
'https://example.com/foo',
|
|
Request::METHOD_POST,
|
|
array( 'param' => 'value', 'pet' => 'dog' ),
|
|
array(),
|
|
array(),
|
|
array(),
|
|
'{"hello": "world"}'
|
|
);
|
|
$request->headers->set( 'host', 'example.com' );
|
|
$request->headers->set( 'content-type', 'application/json' );
|
|
$request->headers->set(
|
|
'digest', 'SHA-256=X48E9qOokqqrvdts8nOJRJN3OWDUoyWxBf7kbu9DBPE='
|
|
);
|
|
$request->headers->set( 'content-length', 18 );
|
|
$request->headers->set( 'date', 'Sun, 05 Jan 2014 21:31:40 GMT' );
|
|
return $request;
|
|
}
|
|
|
|
public function testItVerifies()
|
|
{
|
|
$request = self::getRequest();
|
|
$authHeader = 'Signature keyId="Test",algorithm="rsa-sha256",signature="SjWJWbWN7i0wzBvtPl8rbASWz5xQW6mcJmn+ibttBqtifLN7Sazz6m79cNfwwb8DMJ5cou1s7uEGKKCs+FLEEaDV5lp7q25WqS+lavg7T8hc0GppauB6hbgEKTwblDHYGEtbGmtdHgVCk9SuS13F0hZ8FD0k/5OxEPXe5WozsbM="';
|
|
$request->headers->set( 'authorization', $authHeader );
|
|
$verified = $this->httpSignatureService->verify( $request, self::PUBLIC_KEY );
|
|
$this->assertTrue( $verified );
|
|
}
|
|
}
|
|
?>
|