technocloud-public/nginx-unit
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Tests: added tests for PHP_AUTH_* variables.

Browse Source
This commit is contained in:
Andrei Zeliankou
2020-12-10 19:28:41 +00:00
parent 7be62c3c21
commit 16ac829c8f
2 changed files with 65 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
test/php/auth/index.php Normal file
View File

@@ -0,0 +1,7 @@
<?php
header('X-Digest: ' . (isset($_SERVER['PHP_AUTH_DIGEST']) ? $_SERVER['PHP_AUTH_DIGEST'] : 'not set'));
header('X-User: ' . (isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : 'not set'));
header('X-Password: ' . (isset($_SERVER['PHP_AUTH_PW']) ? $_SERVER['PHP_AUTH_PW'] : 'not set'));
?>

58
test/test_php_application.py
View File

@@ -384,6 +384,64 @@ class TestPHPApplication(TestApplicationPHP):
r'exec: \/\w+', body r'exec: \/\w+', body
), 'disable_functions comma exec' ), 'disable_functions comma exec'
def test_php_application_auth(self):
self.load('auth')
resp = self.get()
assert resp['status'] == 200, 'status'
assert resp['headers']['X-Digest'] == 'not set', 'digest'
assert resp['headers']['X-User'] == 'not set', 'user'
assert resp['headers']['X-Password'] == 'not set', 'password'
resp = self.get(
headers={
'Host': 'localhost',
'Authorization': 'Basic dXNlcjpwYXNzd29yZA==',
'Connection': 'close',
}
)
assert resp['status'] == 200, 'basic status'
assert resp['headers']['X-Digest'] == 'not set', 'basic digest'
assert resp['headers']['X-User'] == 'user', 'basic user'
assert resp['headers']['X-Password'] == 'password', 'basic password'
resp = self.get(
headers={
'Host': 'localhost',
'Authorization': 'Digest username="blah", realm="", uri="/"',
'Connection': 'close',
}
)
assert resp['status'] == 200, 'digest status'
assert (
resp['headers']['X-Digest'] == 'username="blah", realm="", uri="/"'
), 'digest digest'
assert resp['headers']['X-User'] == 'not set', 'digest user'
assert resp['headers']['X-Password'] == 'not set', 'digest password'
def test_php_application_auth_invalid(self):
self.load('auth')
def check_auth(auth):
resp = self.get(headers={
'Host': 'localhost',
'Authorization': auth,
'Connection': 'close',
})
assert resp['status'] == 200, 'status'
assert resp['headers']['X-Digest'] == 'not set', 'Digest'
assert resp['headers']['X-User'] == 'not set', 'User'
assert resp['headers']['X-Password'] == 'not set', 'Password'
check_auth('Basic dXN%cjpwYXNzd29yZA==')
check_auth('Basic XNlcjpwYXNzd29yZA==')
check_auth('Basic DdXNlcjpwYXNzd29yZA==')
check_auth('Basic blah')
check_auth('Basic')
check_auth('Digest')
check_auth('blah')
def test_php_application_disable_functions_space(self): def test_php_application_disable_functions_space(self):
self.load('time_exec') self.load('time_exec')