[Cs-webapplibs-commits] SF.net SVN: cs-webapplibs:[124] trunk/0.3/tests/testOfCSWebAppLibs.php

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Revision: 124
          http://cs-webapplibs.svn.sourceforge.net/cs-webapplibs/?rev=124&view=rev
Author:   crazedsanity
Date:     2009-08-20 18:15:30 +0000 (Thu, 20 Aug 2009)

Log Message:
-----------
Lots more tests to ensure tokens work properly.

/cs_authToken.class.php:
	* authenticate_token():
		-- update to handle new array value from get_token_data().
	* get_token_data():
		-- remove initial index (of $tokenId) for simpler checking.
		-- add exception if the $tokenId index isn't there.
/tests/testOfCSWebAppLibs.php:
	* test_token_basics():
		-- put first generic test into set of brackes with indentation, call 
		basic_token_tests().
		-- check to ensure the number of attempts is proper.
		-- make sure tokens beyond their max_uses are actually gone.
		-- authenticate token with max lifetime set 100 times to make sure it 
		stays good.
		-- update to handle new output of cs_authToken::get_token_data()
		-- uniqueness test (adds lots of extra tests, but really helps to
		ensure the hash is unique).
	* authTokenTester::tokenData():
		-- added $onlyNonExpired=true arg to match called method args.

Modified Paths:
--------------
    trunk/0.3/tests/testOfCSWebAppLibs.php

Modified: trunk/0.3/tests/testOfCSWebAppLibs.php
===================================================================

--- trunk/0.3/tests/testOfCSWebAppLibs.php	2009-08-20 17:33:51 UTC (rev 123)
+++ trunk/0.3/tests/testOfCSWebAppLibs.php	2009-08-20 18:15:30 UTC (rev 124)
@@ -71,38 +71,52 @@
 		$tok = new authTokenTester($db);
 		
 		//Generic test to ensure we get the appropriate data back.
-		$tokenData = $tok->create_token(1, 'test', 'abc123');
-		$this->assertTrue(is_array($tokenData));
-		$this->assertTrue((count($tokenData) == 2));
-		$this->assertTrue(isset($tokenData['id']));
-		$this->assertTrue(isset($tokenData['hash']));
-		$this->assertTrue(($tokenData['id'] > 0));
-		$this->assertTrue((strlen($tokenData['hash']) == 32));
+		{
+			$tokenData = $tok->create_token(1, 'test', 'abc123');
+			$this->basic_token_tests($tokenData, 1, 'test');
+			
+			$this->assertEqual($tok->authenticate_token($tokenData['id'], 'test', $tokenData['hash']), 1);
+			$this->assertFalse($tok->authenticate_token($tokenData['id'], 'testx', $tokenData['hash']));
+			$this->assertFalse($tok->authenticate_token($tokenData['id'], 'test', 'abcdefg'));
+			$this->assertFalse($tok->authenticate_token($tokenData['id'], 'test', '12345678901234567890123456789012'));
+			$this->assertFalse($tok->authenticate_token(99999, 'test', '12345678901234567890123456789012'));
+			
+			//check to make sure the data within this token shows only ONE attempt.
+			$checkData = $tok->tokenData($tokenData['id']);
+			$this->assertEqual($checkData['auth_token_id'], $tokenData['id']);
+			$this->assertEqual($checkData['total_uses'], 1);
+		}
 		
-		$this->assertEqual($tok->authenticate_token($tokenData['id'], 'test', $tokenData['hash']), 1);
-		
 		//create a token with only 1 available use and try to authenticate it twice.
 		{
 			//Generic test to ensure we get the appropriate data back.
 			$tokenData = $tok->create_token(1, 'test', 'abc123', null, 1);
 			$this->basic_token_tests($tokenData, 1, 'test');
 			
-			if(!$this->assertEqual($tok->authenticate_token($tokenData['id'], 'test', $tokenData['hash']), 1)) {
-				$this->gfObj->debug_print($tok->tokenData($tokenData['id']),1);
-			}
-			if(!$this->assertTrue(($tok->authenticate_token($tokenData['id'], 'test', $tokenData['hash']) === null), "Able to authenticate twice on a token with only 1 use")) {
-				$this->gfObj->debug_print($tok->tokenData($tokenData['id']));
-			}
+			$this->assertEqual($tok->authenticate_token($tokenData['id'], 'test', $tokenData['hash']), 1);
+			$this->assertTrue(($tok->authenticate_token($tokenData['id'], 'test', $tokenData['hash']) === null), 
+					"Able to authenticate twice on a token with only 1 use");
+			$this->assertFalse($tok->tokenData($tokenData['id'], true));
+			$this->assertFalse($tok->tokenData($tokenData['id'], false));
 		}
 		
 		
-		//now create a token with a maximum lifetime...
+		//now create a token with a maximum lifetime (make sure we can call it a ton of times)
 		{
 			//Generic test to ensure we get the appropriate data back.
 			$tokenData = $tok->create_token(1, 'test', 'abc123', '2 years');
 			$this->basic_token_tests($tokenData, 1, 'test');
 			
 			$this->assertEqual($tok->authenticate_token($tokenData['id'], 'test', $tokenData['hash']), 1);
+			$checkAttempts = 100;
+			$successAttempts = 0;
+			for($i=0; $i < 100; $i++) {
+				$id = $tok->authenticate_token($tokenData['id'], 'test', $tokenData['hash']);
+				if($this->assertEqual($tok->authenticate_token($tokenData['id'], 'test', $tokenData['hash']), 1)) {
+					$successAttempts++;
+				}
+			}
+			$this->assertEqual($checkAttempts, $successAttempts);
 		}
 		
 		//try to create a token with max_uses of 0.
@@ -110,7 +124,6 @@
 			$tokenData = $tok->create_token(2, 'test', 'xxxxyyyyyxxxx', null, 0);
 			$this->basic_token_tests($tokenData, 2, 'test');
 			$checkData = $tok->tokenData($tokenData['id']);
-			$checkData = $checkData[$tokenData['id']];
 			
 			$this->assertTrue(is_array($checkData));
 			$this->assertEqual($tokenData['id'], $checkData['auth_token_id']);
@@ -125,6 +138,33 @@
 				$this->assertFalse($tok->authenticate_token($tokenData['id'], 'test', $tokenData['hash']));
 			}
 		}
+		
+		//make sure we don't get the same hash when creating multiple tokens with the same data.
+		//NOTE: this pushes the number of tests up pretty high, but I think it is required to help ensure hash uniqueness.
+		{
+			$uid=rand(1,999999);
+			$checksum = 'multiple ToKEN check';
+			$hashThis = "Lorem ipsum dolor sit amet. ";
+			
+			$numTests = 30;
+			$numPass = 0;
+			$tokenList = array();
+			for($i=0;$i<$numTests;$i++) {
+				$tokenList[$i] = $tok->create_token($uid, $checksum, $hashThis);
+			}
+			$lastItem = ($numTests -1);
+			for($i=0;$i<$numTests;$i++) {
+				$checkHash = $tokenList[$i]['hash'];
+				$uniq=0;
+				foreach($tokenList as $k=>$a) {
+					//check against everything BUT itself.
+					if($i != $k && $this->assertNotEqual($checkHash, $a['hash'])) {
+						$uniq++;
+					}
+				}
+				$this->assertEqual($uniq, ($numTests -1));
+			}
+		}
 	}//end test_token_basics()
 	//--------------------------------------------------------------------------
 	
@@ -151,8 +191,8 @@
 class authTokenTester extends cs_authToken {
 	public $isTest=true;
 	
-	public function tokenData($id) {
-		return($this->get_token_data($id));
+	public function tokenData($id, $onlyNonExpired=true) {
+		return($this->get_token_data($id, $onlyNonExpired));
 	}
 }
 ?>


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


