[Cs-webapplibs-commits] SF.net SVN: cs-webapplibs:[121] trunk/0.3
Status: Beta
Brought to you by:
crazedsanity
Menu
▾
▴
[Cs-webapplibs-commits] SF.net SVN: cs-webapplibs:[121] trunk/0.3
|
From: <cra...@us...> - 2009-08-20 15:52:17
|
Revision: 121
http://cs-webapplibs.svn.sourceforge.net/cs-webapplibs/?rev=121&view=rev
Author: crazedsanity
Date: 2009-08-20 15:52:11 +0000 (Thu, 20 Aug 2009)
Log Message:
-----------
More tests, add "last_updated" to tokens.
/cs_authToken.class.php:
* create_token():
-- call _generic_update() to do the update statement.
* update_token_uses():
-- call _generic_update() to do the update statement.
* get_token_data():
-- ARG CHANGE: NEW ARG: #2 ($onlyNonExpired=true)
-- add ability to get ANY token's data (for unit testing & eventually
for logging purposes).
* remove_expired_tokens() [NEW]:
-- destroys tokens that are expired (doesn't do any checking as far
as whether or not there are uses left).
* _generic_update() [NEW]:
-- besides the update string given, it also updates the (new)
"last_updated" column.
-- NOTE::: this was done so that the cs_sessionDB{} class from
cs-content could potentially just call methods in this class to
create & expire records... its just an idea for now.
/setup/schema.mysql.sql:
* cswal_auth_token_table:
-- added "last_updated" (timestamp) column.
-- NOTE::: didn't set the default as NOW() because MySQL won't allow
more than one timestamp field to have that as the default...?
/setup/schema.pgsql.sql:
* mirrored changes to mysql schema.
/tests/testOfCSWebAppLibs.php:
* test_token_basics():
-- removed duplicate code into a private method, "basic_token_tests()"
-- added test for creating an already-expired token.
-- TODO: retrieve the token's data before authenticating, then test
to see if it was removed afterward.
* basic_token_tests() [NEW]:
-- set of tests that are performed for pretty much every token
created, so code was moved here so it is more standardized.
Modified Paths:
--------------
trunk/0.3/cs_authToken.class.php
trunk/0.3/setup/schema.mysql.sql
trunk/0.3/setup/schema.pgsql.sql
trunk/0.3/tests/testOfCSWebAppLibs.php
Modified: trunk/0.3/cs_authToken.class.php
===================================================================
--- trunk/0.3/cs_authToken.class.php 2009-08-20 14:55:21 UTC (rev 120)
+++ trunk/0.3/cs_authToken.class.php 2009-08-20 15:52:11 UTC (rev 121)
@@ -105,9 +105,7 @@
//now that we have the ID, let's create the real has string.
$finalHash = $this->create_hash_string($tokenId, $uid, $checksum, $stringToHash);
- $this->db->run_update("UPDATE ". $this->table ." SET token='". $finalHash ."' WHERE " .
- "auth_token_id=". $tokenId);
-
+ $this->_generic_update($tokenId, "token='". $finalHash ."'");
$tokenInfo = array(
'id' => $tokenId,
'hash' => $finalHash
@@ -134,11 +132,8 @@
* @return (exception) FAIL: exception denotes problem
*/
protected function update_token_uses($tokenId) {
-
try {
- $sql = "UPDATE ". $this->table ." SET total_uses= total_uses+1 " .
- "WHERE auth_token_id=". $tokenId;
- $updateRes = $this->db->run_update($sql);
+ $updateRes = $this->_generic_update($tokenId, "total_uses= total_uses+1");
}
catch(exception $e) {
throw new exception(__METHOD__ .": failed to update usage count::: ". $e->getMessage());
@@ -260,10 +255,15 @@
* @return (array) PASS: contains data about the given ID
* @return (exception) FAIL: exception contains error details.
*/
- protected function get_token_data($tokenId) {
+ protected function get_token_data($tokenId, $onlyNonExpired=true) {
try {
- $data = $this->db->run_query("SELECT * FROM ". $this->table ." WHERE auth_token_id=". $tokenId
- ." AND expiration::date >= CURRENT_DATE", 'auth_token_id');
+ $sql = "SELECT * FROM ". $this->table ." WHERE auth_token_id=". $tokenId;
+ if($onlyNonExpired === true) {
+ $sql .= " AND expiration::date >= CURRENT_DATE";
+ }
+
+ $data = $this->db->run_query($sql, 'auth_token_id');
+
if(is_array($data) && count($data) == 1) {
$tokenData = $data;
}
@@ -281,5 +281,49 @@
}//end get_token_data();
//=========================================================================
+
+
+ //=========================================================================
+ /**
+ * Deletes any tokens that are past expiration (does not test for total vs.
+ * max uses; authenticate_token() does that).
+ *
+ * @param (null) (void)
+ */
+ public function remove_expired_tokens() {
+ $sql = "SELECT * FROM ". $this->table ." WHERE NOW() > expiration";
+
+ try {
+ $data = $this->db->run_query($sql, 'auth_token_id');
+
+ if(is_array($data)) {
+ foreach($data as $tokenId => $tokenData) {
+ //TODO: add logging here?
+ $this->destroy_token($tokenId);
+ }
+ }
+ }
+ catch(exception $e) {
+ throw new exception(__METHOD__ .": error encountered while expiring tokens::: ". $e->getMessage());
+ }
+ }//end remove_expired_tokens()
+ //=========================================================================
+
+
+
+ //=========================================================================
+ private function _generic_update($tokenId, $updateString) {
+ try {
+ $sql = "UPDATE ". $this->table ." SET ". $updateString .", last_updated=NOW() " .
+ "WHERE auth_token_id=". $tokenId;
+ $updateRes = $this->db->run_update($sql);
+ }
+ catch(exception $e) {
+ throw new exception("failed to update token::: ". $e->getMessage());
+ }
+ return($updateRes);
+ }//end generic_update()
+ //=========================================================================
+
}
?>
Modified: trunk/0.3/setup/schema.mysql.sql
===================================================================
--- trunk/0.3/setup/schema.mysql.sql 2009-08-20 14:55:21 UTC (rev 120)
+++ trunk/0.3/setup/schema.mysql.sql 2009-08-20 15:52:11 UTC (rev 121)
@@ -156,5 +156,6 @@
max_uses integer DEFAULT NULL,
total_uses integer NOT NULL DEFAULT 0,
creation timestamp NOT NULL DEFAULT NOW(),
+ last_updated timestamp,
expiration timestamp NOT NULL
);
\ No newline at end of file
Modified: trunk/0.3/setup/schema.pgsql.sql
===================================================================
--- trunk/0.3/setup/schema.pgsql.sql 2009-08-20 14:55:21 UTC (rev 120)
+++ trunk/0.3/setup/schema.pgsql.sql 2009-08-20 15:52:11 UTC (rev 121)
@@ -100,6 +100,7 @@
max_uses integer DEFAULT NULL,
total_uses integer NOT NULL DEFAULT 0,
creation timestamp NOT NULL DEFAULT NOW(),
+ last_updated timestamp,
expiration timestamp NOT NULL
);
Modified: trunk/0.3/tests/testOfCSWebAppLibs.php
===================================================================
--- trunk/0.3/tests/testOfCSWebAppLibs.php 2009-08-20 14:55:21 UTC (rev 120)
+++ trunk/0.3/tests/testOfCSWebAppLibs.php 2009-08-20 15:52:11 UTC (rev 121)
@@ -164,6 +164,7 @@
//--------------------------------------------------------------------------
+
//--------------------------------------------------------------------------
function test_token_basics() {
$db = $this->create_dbconn();
@@ -185,12 +186,7 @@
{
//Generic test to ensure we get the appropriate data back.
$tokenData = $tok->create_token(1, 'test', 'abc123', null, 1);
- $this->assertTrue(is_array($tokenData));
- $this->assertTrue((count($tokenData) == 2));
- $this->assertTrue(isset($tokenData['id']));
- $this->assertTrue(isset($tokenData['hash']));
- $this->assertTrue(($tokenData['id'] > 0));
- $this->assertTrue((strlen($tokenData['hash']) == 32));
+ $this->basic_token_tests($tokenData, 1, 'test');
if(!$this->assertEqual($tok->authenticate_token($tokenData['id'], 'test', $tokenData['hash']), 1)) {
$this->gfObj->debug_print($tok->tokenData($tokenData['id']),1);
@@ -205,12 +201,7 @@
{
//Generic test to ensure we get the appropriate data back.
$tokenData = $tok->create_token(1, 'test', 'abc123', '2 years');
- $this->assertTrue(is_array($tokenData));
- $this->assertTrue((count($tokenData) == 2));
- $this->assertTrue(isset($tokenData['id']));
- $this->assertTrue(isset($tokenData['hash']));
- $this->assertTrue(($tokenData['id'] > 0));
- $this->assertTrue((strlen($tokenData['hash']) == 32));
+ $this->basic_token_tests($tokenData, 1, 'test');
$this->assertEqual($tok->authenticate_token($tokenData['id'], 'test', $tokenData['hash']), 1);
}
@@ -218,17 +209,43 @@
//try to create a token with max_uses of 0.
{
$tokenData = $tok->create_token(2, 'test', 'xxxxyyyyyxxxx', null, 0);
+ $this->basic_token_tests($tokenData, 2, 'test');
$checkData = $tok->tokenData($tokenData['id']);
$checkData = $checkData[$tokenData['id']];
$this->assertTrue(is_array($checkData));
- if(!$this->assertEqual($tokenData['id'], $checkData['auth_token_id'])) {
- $this->gfObj->debug_print($checkData);
- }
+ $this->assertEqual($tokenData['id'], $checkData['auth_token_id']);
$this->assertEqual($checkData['max_uses'], null);
}
+
+ //try creating a token that is purposely expired, make sure it exists, then make sure authentication fails.
+ {
+ $tokenData = $tok->create_token(88, 'test', 'This is a big old TEST', '-3 days');
+ if($this->assertTrue(is_array($tokenData))) {
+ $this->basic_token_tests($tokenData, 88, 'This is a big old TEST');
+ $this->assertFalse($tok->authenticate_token($tokenData['id'], 'test', $tokenData['hash']));
+ }
+ }
}//end test_token_basics()
//--------------------------------------------------------------------------
+
+
+
+ //--------------------------------------------------------------------------
+ private function basic_token_tests(array $tokenData, $uid, $checksum) {
+
+ if($this->assertTrue(is_array($tokenData)) && $this->assertTrue(is_numeric($uid)) && $this->assertTrue(strlen($checksum))) {
+
+ $this->assertTrue(is_array($tokenData));
+ $this->assertTrue((count($tokenData) == 2));
+ $this->assertTrue(isset($tokenData['id']));
+ $this->assertTrue(isset($tokenData['hash']));
+ $this->assertTrue(($tokenData['id'] > 0));
+ $this->assertTrue((strlen($tokenData['hash']) == 32));
+ }
+
+ }//end basic_token_tests()
+ //--------------------------------------------------------------------------
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
