Initial Release of the calendar plugin

dav/SabreDAV/tests/Sabre/HTTP/AWSAuthTest.php

@@ -0,0 +1,240 @@
+<?php
+
+require_once 'Sabre/HTTP/ResponseMock.php';
+
+class Sabre_HTTP_AWSAuthTest extends PHPUnit_Framework_TestCase {
+
+    /**
+     * @var Sabre_HTTP_ResponseMock
+     */
+    private $response;
+    /**
+     * @var Sabre_HTTP_AWSAuth
+     */
+    private $auth;
+
+    const REALM = 'SabreDAV unittest';
+
+    public function setUp() {
+
+        $this->response = new Sabre_HTTP_ResponseMock();
+        $this->auth = new Sabre_HTTP_AWSAuth();
+        $this->auth->setRealm(self::REALM);
+        $this->auth->setHTTPResponse($this->response);
+
+    }
+
+    public function testNoHeader() {
+
+        $request = new Sabre_HTTP_Request(array(
+            'REQUEST_METHOD' => 'GET',
+        ));
+
+        $this->auth->setHTTPRequest($request);
+
+        $result = $this->auth->init();
+
+        $this->assertFalse($result,'No AWS Authorization header was supplied, so we should have gotten false');
+        $this->assertEquals(Sabre_HTTP_AWSAuth::ERR_NOAWSHEADER,$this->auth->errorCode);
+
+    }
+
+    public function testIncorrectContentMD5() {
+
+        $accessKey = 'accessKey';
+        $secretKey = 'secretKey';
+
+        $request = new Sabre_HTTP_Request(array(
+            'REQUEST_METHOD'      => 'GET',
+            'HTTP_AUTHORIZATION'  => "AWS $accessKey:sig",
+            'HTTP_CONTENT_MD5'    => 'garbage',
+            'REQUEST_URI'         => '/',
+        ));
+
+        $this->auth->setHTTPRequest($request);
+        $this->auth->init();
+        $result = $this->auth->validate($secretKey);
+
+        $this->assertFalse($result);
+        $this->assertEquals(Sabre_HTTP_AWSAuth::ERR_MD5CHECKSUMWRONG,$this->auth->errorCode);
+
+    }
+
+    public function testNoDate() {
+
+        $accessKey = 'accessKey';
+        $secretKey = 'secretKey';
+        $content = 'thisisthebody';
+        $contentMD5 = base64_encode(md5($content,true));
+
+
+        $request = new Sabre_HTTP_Request(array(
+            'REQUEST_METHOD'      => 'POST',
+            'HTTP_AUTHORIZATION'  => "AWS $accessKey:sig",
+            'HTTP_CONTENT_MD5'    => $contentMD5,
+        ));
+
+        $request->setBody($content);
+
+        $this->auth->setHTTPRequest($request);
+        $this->auth->init();
+        $result = $this->auth->validate($secretKey);
+
+        $this->assertFalse($result);
+        $this->assertEquals(Sabre_HTTP_AWSAuth::ERR_INVALIDDATEFORMAT,$this->auth->errorCode);
+
+    }
+
+    public function testFutureDate() {
+
+        $accessKey = 'accessKey';
+        $secretKey = 'secretKey';
+        $content = 'thisisthebody';
+        $contentMD5 = base64_encode(md5($content,true));
+
+        $date = new DateTime('@' . (time() + (60*20)));
+        $date->setTimeZone(new DateTimeZone('GMT'));
+        $date = $date->format('D, d M Y H:i:s \\G\\M\\T');
+
+        $request = new Sabre_HTTP_Request(array(
+            'REQUEST_METHOD'      => 'POST',
+            'HTTP_AUTHORIZATION'  => "AWS $accessKey:sig",
+            'HTTP_CONTENT_MD5'    => $contentMD5,
+            'HTTP_DATE'           => $date,
+        ));
+
+        $request->setBody($content);
+
+        $this->auth->setHTTPRequest($request);
+        $this->auth->init();
+        $result = $this->auth->validate($secretKey);
+
+        $this->assertFalse($result);
+        $this->assertEquals(Sabre_HTTP_AWSAuth::ERR_REQUESTTIMESKEWED,$this->auth->errorCode);
+
+    }
+
+    public function testPastDate() {
+
+        $accessKey = 'accessKey';
+        $secretKey = 'secretKey';
+        $content = 'thisisthebody';
+        $contentMD5 = base64_encode(md5($content,true));
+
+        $date = new DateTime('@' . (time() - (60*20)));
+        $date->setTimeZone(new DateTimeZone('GMT'));
+        $date = $date->format('D, d M Y H:i:s \\G\\M\\T');
+
+        $request = new Sabre_HTTP_Request(array(
+            'REQUEST_METHOD'      => 'POST',
+            'HTTP_AUTHORIZATION'  => "AWS $accessKey:sig",
+            'HTTP_CONTENT_MD5'    => $contentMD5,
+            'HTTP_X_AMZ_DATE'     => $date,
+        ));
+
+        $request->setBody($content);
+
+        $this->auth->setHTTPRequest($request);
+        $this->auth->init();
+        $result = $this->auth->validate($secretKey);
+
+        $this->assertFalse($result);
+        $this->assertEquals(Sabre_HTTP_AWSAuth::ERR_REQUESTTIMESKEWED,$this->auth->errorCode);
+
+    }
+
+    public function testIncorrectSignature() {
+
+        $accessKey = 'accessKey';
+        $secretKey = 'secretKey';
+        $content = 'thisisthebody';
+
+        $contentMD5 = base64_encode(md5($content,true));
+
+        $date = new DateTime('now');
+        $date->setTimeZone(new DateTimeZone('GMT'));
+        $date = $date->format('D, d M Y H:i:s \\G\\M\\T');
+
+        $request = new Sabre_HTTP_Request(array(
+            'REQUEST_METHOD'      => 'POST',
+            'HTTP_AUTHORIZATION'  => "AWS $accessKey:sig",
+            'HTTP_CONTENT_MD5'    => $contentMD5,
+            'HTTP_X_AMZ_DATE'     => $date,
+            'REQUEST_URI'         => '/',
+        ));
+
+        $request->setBody($content);
+
+        $this->auth->setHTTPRequest($request);
+        $this->auth->init();
+        $result = $this->auth->validate($secretKey);
+
+        $this->assertFalse($result);
+        $this->assertEquals(Sabre_HTTP_AWSAuth::ERR_INVALIDSIGNATURE,$this->auth->errorCode);
+
+    }
+
+    public function testValidRequest() {
+
+        $accessKey = 'accessKey';
+        $secretKey = 'secretKey';
+        $content = 'thisisthebody';
+        $contentMD5 = base64_encode(md5($content,true));
+
+        $date = new DateTime('now');
+        $date->setTimeZone(new DateTimeZone('GMT'));
+        $date = $date->format('D, d M Y H:i:s \\G\\M\\T');
+
+
+        $sig = base64_encode($this->hmacsha1($secretKey,
+            "POST\n$contentMD5\n\n$date\nx-amz-date:$date\n/evert"
+        ));
+
+        $request = new Sabre_HTTP_Request(array(
+            'REQUEST_METHOD'      => 'POST',
+            'HTTP_AUTHORIZATION'  => "AWS $accessKey:$sig",
+            'HTTP_CONTENT_MD5'    => $contentMD5,
+            'HTTP_X_AMZ_DATE'     => $date,
+            'REQUEST_URI'         => '/evert',
+        ));
+
+        $request->setBody($content);
+
+        $this->auth->setHTTPRequest($request);
+        $this->auth->init();
+        $result = $this->auth->validate($secretKey);
+
+        $this->assertTrue($result,'Signature did not validate, got errorcode ' . $this->auth->errorCode);
+        $this->assertEquals($accessKey,$this->auth->getAccessKey());
+
+    }
+
+    public function test401() {
+
+        $this->auth->requireLogin();
+        $test = preg_match('/^AWS$/',$this->response->headers['WWW-Authenticate'],$matches);
+        $this->assertTrue($test==true,'The WWW-Authenticate response didn\'t match our pattern');
+
+    }
+
+    /**
+     * Generates an HMAC-SHA1 signature
+     *
+     * @param string $key
+     * @param string $message
+     * @return string
+     */
+    private function hmacsha1($key, $message) {
+
+        $blocksize=64;
+        if (strlen($key)>$blocksize)
+            $key=pack('H*', sha1($key));
+        $key=str_pad($key,$blocksize,chr(0x00));
+        $ipad=str_repeat(chr(0x36),$blocksize);
+        $opad=str_repeat(chr(0x5c),$blocksize);
+        $hmac = pack('H*',sha1(($key^$opad).pack('H*',sha1(($key^$ipad).$message))));
+        return $hmac;
+
+    }
+
+}