php-simple-jwt/tests/Validator/JwtValidatorTest.php

<?php

namespace NoccyLabs\SimpleJwt\Validator;

use NoccyLabs\SimpleJwt\JwtToken;
use NoccyLabs\SimpleJwt\Key\JwtPlaintextKey;

class JwtValidatorTest extends \PhpUnit\Framework\TestCase
{

    public function testValidTokensShouldPassWithDefaultConfiguration()
    {
        $key = new JwtPlaintextKey("key");
        $token = new JwtToken($key);
        
        $validator = new JwtValidator();
        $valid = $validator->validateToken($token);
        $this->assertEquals(true, $valid);
    }

    public function testExpiredTokensShouldFailWithException()
    {
        $key = new JwtPlaintextKey("key");
        $token = new JwtToken($key);
        $token->header->set("exp", 0);

        $token = new JwtToken($key, $token->getSignedToken()); 
        
        $validator = new JwtValidator();
        $this->expectException(JwtTokenException::class);
        $valid = $validator->validateToken($token);
    }

    /**
     * @dataProvider tokenGenerator
     */
    public function testPinningIssuer($issuer,$audience,$key,$token)
    {
        $goodIssuer = "a-dom.tld";
        $jwtKey = new JwtPlaintextKey($key);
        $jwtToken = new JwtToken($jwtKey, $token);

        $validator = new JwtValidator();
        $validator->requireIssuer($goodIssuer);
        if ($goodIssuer != $issuer) {
            $this->expectException(JwtTokenException::class);
        }
        $valid = $validator->validateToken($jwtToken);
        if ($goodIssuer == $issuer) {
            $this->assertTrue($valid);
        }
    }
    // public function testPinningAudience()

    public function tokenGenerator()
    {
        $keyrand = function () {
            return substr(sha1(microtime(true).rand(0,65535)), 5, 10);
        };
        $token = function ($head,$claims,$key) {
            $jwtKey = new JwtPlaintextKey($key);
            $tok = new JwtToken($jwtKey);
            $tok->header->setAll($head);
            $tok->claims->setAll($claims);
            return $tok->getSignedToken();
        };
        $row = function ($iss, $aud, array $claims) use ($keyrand, $token) {
            $key = $keyrand();
            $jwtKey = new JwtPlaintextKey($key);
            return [
                $iss,
                $aud,
                $key,
                $token(['iss'=>$iss, 'aud'=>$aud], $claims, $key),
            ];
        };

        return [
            $row("a-dom.tld", "a-dom.tld", []),
            $row("b-dom.tld", "a-dom.tld", []),
            $row("b-dom.tld", "b-dom.tld", []),
        ];

    }

}
Initial commit 2021-02-11 12:22:51 +00:00			`<?php`

			`namespace NoccyLabs\SimpleJwt\Validator;`

			`use NoccyLabs\SimpleJwt\JwtToken;`
			`use NoccyLabs\SimpleJwt\Key\JwtPlaintextKey;`

			`class JwtValidatorTest extends \PhpUnit\Framework\TestCase`
			`{`

Added support for validating token issuer and audience * Use requireIssuer() and requireAudience() on the JwtValidator to make sure that the token is for what you expect it to be for. * A setAll() method has been added to property bag, applying but not overriding values. * Added tests for JwtValidator. 2021-02-16 17:25:29 +00:00			`public function testValidTokensShouldPassWithDefaultConfiguration()`
Initial commit 2021-02-11 12:22:51 +00:00			`{`
			`$key = new JwtPlaintextKey("key");`
			`$token = new JwtToken($key);`

			`$validator = new JwtValidator();`
			`$valid = $validator->validateToken($token);`
			`$this->assertEquals(true, $valid);`
			`}`

Added support for validating token issuer and audience * Use requireIssuer() and requireAudience() on the JwtValidator to make sure that the token is for what you expect it to be for. * A setAll() method has been added to property bag, applying but not overriding values. * Added tests for JwtValidator. 2021-02-16 17:25:29 +00:00			`public function testExpiredTokensShouldFailWithException()`
Initial commit 2021-02-11 12:22:51 +00:00			`{`
			`$key = new JwtPlaintextKey("key");`
			`$token = new JwtToken($key);`
			`$token->header->set("exp", 0);`

			`$token = new JwtToken($key, $token->getSignedToken());`

			`$validator = new JwtValidator();`
			`$this->expectException(JwtTokenException::class);`
			`$valid = $validator->validateToken($token);`
			`}`

Added support for validating token issuer and audience * Use requireIssuer() and requireAudience() on the JwtValidator to make sure that the token is for what you expect it to be for. * A setAll() method has been added to property bag, applying but not overriding values. * Added tests for JwtValidator. 2021-02-16 17:25:29 +00:00			`/**`
			`* @dataProvider tokenGenerator`
			`*/`
			`public function testPinningIssuer($issuer,$audience,$key,$token)`
			`{`
			`$goodIssuer = "a-dom.tld";`
			`$jwtKey = new JwtPlaintextKey($key);`
			`$jwtToken = new JwtToken($jwtKey, $token);`

			`$validator = new JwtValidator();`
			`$validator->requireIssuer($goodIssuer);`
			`if ($goodIssuer != $issuer) {`
			`$this->expectException(JwtTokenException::class);`
			`}`
			`$valid = $validator->validateToken($jwtToken);`
			`if ($goodIssuer == $issuer) {`
			`$this->assertTrue($valid);`
			`}`
			`}`
			`// public function testPinningAudience()`

			`public function tokenGenerator()`
			`{`
			`$keyrand = function () {`
			`return substr(sha1(microtime(true).rand(0,65535)), 5, 10);`
			`};`
			`$token = function ($head,$claims,$key) {`
			`$jwtKey = new JwtPlaintextKey($key);`
			`$tok = new JwtToken($jwtKey);`
			`$tok->header->setAll($head);`
			`$tok->claims->setAll($claims);`
			`return $tok->getSignedToken();`
			`};`
			`$row = function ($iss, $aud, array $claims) use ($keyrand, $token) {`
			`$key = $keyrand();`
			`$jwtKey = new JwtPlaintextKey($key);`
			`return [`
			`$iss,`
			`$aud,`
			`$key,`
			`$token(['iss'=>$iss, 'aud'=>$aud], $claims, $key),`
			`];`
			`};`

			`return [`
			`$row("a-dom.tld", "a-dom.tld", []),`
			`$row("b-dom.tld", "a-dom.tld", []),`
			`$row("b-dom.tld", "b-dom.tld", []),`
			`];`

			`}`

			`}`