Refactoring tests, adding two new test cases to test presigning (sign…

…ature and validation)
emartech · Mar 12, 2015 · 3c36a5c · 3c36a5c
1 parent cc34e12
commit 3c36a5c
Show file tree

Hide file tree

Showing 4 changed files with 68 additions and 40 deletions.
diff --git a/test/unit/AuthenticateRequestTest.php b/test/unit/AuthenticateRequestTest.php
@@ -129,6 +129,25 @@ public function itShouldValidateRequestUsingQueryString()
         $this->createEscher('us-east-1/host/aws4_request')->authenticate($keyDB, $serverVars, '');
     }
 
+    /**
+     * @test
+     */
+    public function itShouldValidatePresignedUrlRequestWithSpecialCharacters()
+    {
+        $serverVars = array(
+            'REQUEST_TIME'    => $this->strtotime('20150310T173248Z'),
+            'REQUEST_METHOD'  => 'GET',
+            'HTTP_HOST'       => 'service.example.com',
+            'CONTENT_TYPE'    => 'application/x-www-form-urlencoded; charset=utf-8',
+            'REQUEST_URI'     => '/login?id=12345678&domain=login.example.com&redirect_to=https%3A%2F%2Fhome.dev%2Fbootstrap.php%3Fr%3Dservice%2Findex%26service%3Dservice_name%3F&X-EMS-Algorithm=EMS-HMAC-SHA256&X-EMS-Credentials=service_api_key%2F20150310%2Feu%2Fservice%2Fems_request&X-EMS-Date=20150310T173248Z&X-EMS-Expires=86400&X-EMS-SignedHeaders=host&X-EMS-Signature=661f2147c77b6784be5a60a8b842a96de6327653f1ed5d4305da43103c69a6f5',
+            'HTTPS'           => 'on',
+            'SERVER_PORT'     => '443',
+            'SERVER_NAME'     => 'service.example.com',
+        );
+        $keyDB = array('service_api_key' => 'service_secret');
+        $this->createEscher('eu/service/ems_request', new DateTime('20150310T173248Z'))->authenticate($keyDB, $serverVars);
+    }
+
     /**
      * @test
      * @expectedException EscherException
@@ -192,12 +211,6 @@ public function invalidPortProvider()
         );
     }
 
-    protected function createEscher($credentialScope)
-    {
-        return Escher::create($credentialScope, null)
-            ->setAlgoPrefix('EMS')->setVendorKey('EMS')->setAuthHeaderKey('X-Ems-Auth')->setDateHeaderKey('X-Ems-Date');
-    }
-
     private function strtotime($dateString)
     {
         return EscherUtils::parseLongDate($dateString)->format('U');

diff --git a/test/unit/SignRequestUsingHeaderTest.php b/test/unit/SignRequestUsingHeaderTest.php
@@ -19,8 +19,7 @@ public function itShouldSignRequest()
             'x-ems-auth' => 'EMS-HMAC-SHA256 Credential=AKIDEXAMPLE/20110909/us-east-1/iam/aws4_request, SignedHeaders=content-type;host;x-ems-date, Signature=f36c21c6e16a71a6e8dc56673ad6354aeef49c577a22fd58a190b5fcf8891dbd',
         );
         $headersToSign =  array('content-type', 'host', 'x-ems-date');
-        $date = new DateTime('20110909T233600Z', new DateTimeZone("UTC"));
-        $actualHeaders = $this->createEscher($date)->signRequest(
+        $actualHeaders = $this->createEscher('us-east-1/iam/aws4_request')->signRequest(
             'AKIDEXAMPLE', 'wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY',
             'POST', 'http://iam.amazonaws.com/', 'Action=ListUsers&Version=2010-05-08', $inputHeaders, $headersToSign
         );
@@ -42,9 +41,8 @@ public function itShouldAutomagicallyAddHostHeader()
             'x-ems-date' => '20110909T233600Z',
             'x-ems-auth' => 'EMS-HMAC-SHA256 Credential=AKIDEXAMPLE/20110909/us-east-1/iam/aws4_request, SignedHeaders=content-type;host;x-ems-date, Signature=f36c21c6e16a71a6e8dc56673ad6354aeef49c577a22fd58a190b5fcf8891dbd',
         );
-        $date = new DateTime('20110909T233600Z', new DateTimeZone("UTC"));
         $headersToSign = array('content-type', 'host', 'x-ems-date');
-        $actualHeaders = $this->createEscher($date)->signRequest(
+        $actualHeaders = $this->createEscher('us-east-1/iam/aws4_request')->signRequest(
             'AKIDEXAMPLE', 'wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY',
             'POST', 'http://iam.amazonaws.com/', 'Action=ListUsers&Version=2010-05-08', $inputHeaders, $headersToSign
         );
@@ -61,9 +59,8 @@ public function itShouldAutomagicallyAddHostHeaderWithPort($url, $expectedHost)
         $inputHeaders = array(
             'content-type' => 'application/x-www-form-urlencoded; charset=utf-8',
         );
-        $date = new DateTime('20110909T233600Z', new DateTimeZone("UTC"));
         $headersToSign = array('content-type', 'host', 'x-ems-date');
-        $actualHeaders = $this->createEscher($date)->signRequest(
+        $actualHeaders = $this->createEscher('us-east-1/iam/aws4_request')->signRequest(
             'AKIDEXAMPLE', 'wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY',
             'POST', $url, 'Action=ListUsers&Version=2010-05-08', $inputHeaders, $headersToSign
         );
@@ -99,9 +96,8 @@ public function itShouldAutomagicallyAddDateAndHostToSignedHeaders()
             'x-ems-date' => '20110909T233600Z',
             'x-ems-auth' => 'EMS-HMAC-SHA256 Credential=AKIDEXAMPLE/20110909/us-east-1/iam/aws4_request, SignedHeaders=content-type;host;x-ems-date, Signature=f36c21c6e16a71a6e8dc56673ad6354aeef49c577a22fd58a190b5fcf8891dbd',
         );
-        $date = new DateTime('20110909T233600Z', new DateTimeZone("UTC"));
         $headersToSign = array('content-type');
-        $actualHeaders = $this->createEscher($date)->signRequest(
+        $actualHeaders = $this->createEscher('us-east-1/iam/aws4_request')->signRequest(
             'AKIDEXAMPLE', 'wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY',
             'POST', 'http://iam.amazonaws.com/', 'Action=ListUsers&Version=2010-05-08', $inputHeaders, $headersToSign
         );
@@ -126,9 +122,8 @@ public function itShouldOnlySignHeadersExplicitlySetToBeSigned()
             'x-ems-auth' => 'EMS-HMAC-SHA256 Credential=AKIDEXAMPLE/20110909/us-east-1/iam/aws4_request, SignedHeaders=content-type;host;x-ems-date, Signature=f36c21c6e16a71a6e8dc56673ad6354aeef49c577a22fd58a190b5fcf8891dbd',
         );
 
-        $date = new DateTime('20110909T233600Z', new DateTimeZone("UTC"));
         $headersToSign = array('content-type', 'host', 'x-ems-date');
-        $actualHeaders = $this->createEscher($date)->signRequest(
+        $actualHeaders = $this->createEscher('us-east-1/iam/aws4_request')->signRequest(
             'AKIDEXAMPLE', 'wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY',
             'POST', 'http://iam.amazonaws.com/', 'Action=ListUsers&Version=2010-05-08', $inputHeaders, $headersToSign
         );
@@ -151,9 +146,8 @@ public function itShouldUseTheProvidedAuthHeaderName()
             'custom-auth-header' => 'EMS-HMAC-SHA256 Credential=AKIDEXAMPLE/20110909/us-east-1/iam/aws4_request, SignedHeaders=content-type;host;x-ems-date, Signature=f36c21c6e16a71a6e8dc56673ad6354aeef49c577a22fd58a190b5fcf8891dbd',
         );
 
-        $date = new DateTime('20110909T233600Z', new DateTimeZone("UTC"));
         $headersToSign = array('content-type', 'host', 'x-ems-date');
-        $actualHeaders = $this->createEscher($date, 'Custom-Auth-Header')->signRequest(
+        $actualHeaders = $this->createEscher('us-east-1/iam/aws4_request')->setAuthHeaderKey('Custom-Auth-Header')->signRequest(
             'AKIDEXAMPLE', 'wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY',
             'POST', 'http://iam.amazonaws.com/', 'Action=ListUsers&Version=2010-05-08', $inputHeaders, $headersToSign
         );
@@ -176,9 +170,7 @@ public function itShouldUseTheProvidedAlgoPrefix()
             'x-ems-auth'   => 'EMS-HMAC-SHA256 Credential=AKIDEXAMPLE/20110909/us-east-1/iam/aws4_request, SignedHeaders=content-type;host;x-ems-date, Signature=f36c21c6e16a71a6e8dc56673ad6354aeef49c577a22fd58a190b5fcf8891dbd',
         );
 
-        $date = new DateTime('20110909T233600Z', new DateTimeZone("UTC"));
-        $escher = Escher::create('us-east-1/iam/aws4_request', $date)
-            ->setAlgoPrefix('EMS')->setVendorKey('EMS')->setAuthHeaderKey('X-Ems-Auth')->setDateHeaderKey('X-Ems-Date');
+        $escher = $this->createEscher('us-east-1/iam/aws4_request');
         $headersToSign = array('content-type', 'host', 'x-ems-date');
         $actualHeaders = $escher->signRequest(
             'AKIDEXAMPLE', 'wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY',
@@ -198,8 +190,7 @@ public function itShouldGenerateSignedHeaders()
         );
 
         $date = new DateTime('2011/05/11 12:00:00', new DateTimeZone("UTC"));
-        $escher = Escher::create('us-east-1/host/aws4_request', $date)
-            ->setAlgoPrefix('EMS')->setVendorKey('EMS')->setAuthHeaderKey('X-Ems-Auth')->setDateHeaderKey('X-Ems-Date');
+        $escher = $this->createEscher('us-east-1/host/aws4_request', $date);
 
         $actualHeaders = $escher->signRequest(
             'th3K3y', 'very_secure',
@@ -216,9 +207,11 @@ public function itShouldGenerateSignedHeaders()
         $this->assertEqualMaps($expectedHeaders, $actualHeaders);
     }
 
-    protected function createEscher($date, $authHeaderName = 'X-Ems-Auth')
+    /**
+     * @return DateTime
+     */
+    protected function getDate()
     {
-        return Escher::create('us-east-1/iam/aws4_request', $date)
-            ->setAlgoPrefix('EMS')->setVendorKey('EMS')->setAuthHeaderKey($authHeaderName)->setDateHeaderKey('X-Ems-Date');
+        return new DateTime('20110909T233600Z', new DateTimeZone("UTC"));
     }
 }
diff --git a/test/unit/SignRequestUsingQueryStringTest.php b/test/unit/SignRequestUsingQueryStringTest.php
@@ -9,7 +9,7 @@ class SignRequestUsingQueryStringTest extends TestBase
      */
     public function itShouldGenerateSignedUrl()
     {
-        $signedUrl = $this->getEscher()->presignUrl('th3K3y', 'very_secure', 'http://example.com/something?foo=bar&baz=barbaz', $this->expires);
+        $signedUrl = $this->createEscher()->presignUrl('th3K3y', 'very_secure', 'http://example.com/something?foo=bar&baz=barbaz', $this->expires);
 
         $expectedSignedUrl = 'http://example.com/something?foo=bar&baz=barbaz&X-EMS-Algorithm=EMS-HMAC-SHA256&X-EMS-Credentials=th3K3y%2F20110511%2Fus-east-1%2Fhost%2Faws4_request&X-EMS-Date=20110511T120000Z&X-EMS-Expires=123456&X-EMS-SignedHeaders=host&X-EMS-Signature=fbc9dbb91670e84d04ad2ae7505f4f52ab3ff9e192b8233feeae57e9022c2b67';
 
@@ -21,7 +21,7 @@ public function itShouldGenerateSignedUrl()
      */
     public function itShouldHandlePort()
     {
-        $signedUrl = $this->getEscher()->presignUrl('th3K3y', 'very_secure', 'http://example.com:5000/something?foo=bar&baz=barbaz', $this->expires);
+        $signedUrl = $this->createEscher()->presignUrl('th3K3y', 'very_secure', 'http://example.com:5000/something?foo=bar&baz=barbaz', $this->expires);
 
         $expectedSignedUrl = 'http://example.com:5000/something?foo=bar&baz=barbaz&X-EMS-Algorithm=EMS-HMAC-SHA256&X-EMS-Credentials=th3K3y%2F20110511%2Fus-east-1%2Fhost%2Faws4_request&X-EMS-Date=20110511T120000Z&X-EMS-Expires=123456&X-EMS-SignedHeaders=host&X-EMS-Signature=7f7032b393945a0167fe65d35a7e2827a781ecab9019d814adf95c23bfa5e458';
 
@@ -33,27 +33,26 @@ public function itShouldHandlePort()
      */
     public function itShouldRespectWhenUrlHasLocationHash()
     {
-        $signedUrl = $this->getEscher()->presignUrl('th3K3y', 'very_secure', 'http://example.com:5000/something?foo=bar&baz=barbaz#/client_fragment', $this->expires);
+        $signedUrl = $this->createEscher()->presignUrl('th3K3y', 'very_secure', 'http://example.com:5000/something?foo=bar&baz=barbaz#/client_fragment', $this->expires);
 
         $expectedSignedUrl = 'http://example.com:5000/something?foo=bar&baz=barbaz&X-EMS-Algorithm=EMS-HMAC-SHA256&X-EMS-Credentials=th3K3y%2F20110511%2Fus-east-1%2Fhost%2Faws4_request&X-EMS-Date=20110511T120000Z&X-EMS-Expires=123456&X-EMS-SignedHeaders=host&X-EMS-Signature=7f7032b393945a0167fe65d35a7e2827a781ecab9019d814adf95c23bfa5e458#/client_fragment';
 
         $this->assertEquals($expectedSignedUrl, $signedUrl);
     }
 
     /**
-     * @return DateTime
+     * @test
      */
-    private function getDate()
+    public function itShouldRespectWhenUrlHasSpecialChars()
     {
-        return new DateTime('2011/05/11 12:00:00', new DateTimeZone("UTC"));
-    }
+        $signedUrl = $this->createEscher('eu/service/ems_request', new DateTime('20150310T173248Z'))->presignUrl(
+            'service_api_key',
+            'service_secret',
+            'https://service.example.com/login?id=12345678&domain=login.example.com&redirect_to=https%3A%2F%2Fhome.dev%2Fbootstrap.php%3Fr%3Dservice%2Findex%26service%3Dservice_name%3F'
+        );
 
-    /**
-     * @return Escher
-     */
-    private function getEscher()
-    {
-        return Escher::create('us-east-1/host/aws4_request', $this->getDate())
-            ->setAlgoPrefix('EMS')->setVendorKey('EMS')->setAuthHeaderKey('X-Ems-Auth')->setDateHeaderKey('X-Ems-Date');
+        $expectedSignedUrl = 'https://service.example.com/login?id=12345678&domain=login.example.com&redirect_to=https%3A%2F%2Fhome.dev%2Fbootstrap.php%3Fr%3Dservice%2Findex%26service%3Dservice_name%3F&X-EMS-Algorithm=EMS-HMAC-SHA256&X-EMS-Credentials=service_api_key%2F20150310%2Feu%2Fservice%2Fems_request&X-EMS-Date=20150310T173248Z&X-EMS-Expires=86400&X-EMS-SignedHeaders=host&X-EMS-Signature=661f2147c77b6784be5a60a8b842a96de6327653f1ed5d4305da43103c69a6f5';
+
+        $this->assertEquals($expectedSignedUrl, $signedUrl);
     }
 }
diff --git a/test/unit/TestBase.php b/test/unit/TestBase.php
@@ -8,4 +8,27 @@ protected function assertEqualMaps(array $expected, array $actual, $message = ''
         ksort($actual);
         $this->assertEquals($expected, $actual, $message);
     }
+
+    /**
+     * @param string $credentialScope
+     * @param DateTime $date
+     * @return Escher
+     */
+    protected function createEscher($credentialScope = 'us-east-1/host/aws4_request', $date = null)
+    {
+        if (is_null($date))
+        {
+            $date = $this->getDate();
+        }
+        return Escher::create($credentialScope, $date)
+            ->setAlgoPrefix('EMS')->setVendorKey('EMS')->setAuthHeaderKey('X-Ems-Auth')->setDateHeaderKey('X-Ems-Date');
+    }
+
+    /**
+     * @return DateTime
+     */
+    protected function getDate()
+    {
+        return new DateTime('2011/05/11 12:00:00', new DateTimeZone("UTC"));
+    }
 }