diff options
author | Andrei Zeliankou <zelenkov@nginx.com> | 2020-12-10 19:28:41 +0000 |
---|---|---|
committer | Andrei Zeliankou <zelenkov@nginx.com> | 2020-12-10 19:28:41 +0000 |
commit | 16ac829c8f902d847ba63604052cc16aa4bed9ce (patch) | |
tree | 7e25a9551caf21b617c674a1f999e6e4f462b836 | |
parent | 7be62c3c213c3da1da1a45c8db16192eb0ed14d8 (diff) | |
download | unit-16ac829c8f902d847ba63604052cc16aa4bed9ce.tar.gz unit-16ac829c8f902d847ba63604052cc16aa4bed9ce.tar.bz2 |
Tests: added tests for PHP_AUTH_* variables.
Diffstat (limited to '')
-rw-r--r-- | test/php/auth/index.php | 7 | ||||
-rw-r--r-- | test/test_php_application.py | 58 |
2 files changed, 65 insertions, 0 deletions
diff --git a/test/php/auth/index.php b/test/php/auth/index.php new file mode 100644 index 00000000..d77076d8 --- /dev/null +++ b/test/php/auth/index.php @@ -0,0 +1,7 @@ +<?php + +header('X-Digest: ' . (isset($_SERVER['PHP_AUTH_DIGEST']) ? $_SERVER['PHP_AUTH_DIGEST'] : 'not set')); +header('X-User: ' . (isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : 'not set')); +header('X-Password: ' . (isset($_SERVER['PHP_AUTH_PW']) ? $_SERVER['PHP_AUTH_PW'] : 'not set')); + +?> diff --git a/test/test_php_application.py b/test/test_php_application.py index 463ec35b..ad74faa8 100644 --- a/test/test_php_application.py +++ b/test/test_php_application.py @@ -384,6 +384,64 @@ class TestPHPApplication(TestApplicationPHP): r'exec: \/\w+', body ), 'disable_functions comma exec' + def test_php_application_auth(self): + self.load('auth') + + resp = self.get() + assert resp['status'] == 200, 'status' + assert resp['headers']['X-Digest'] == 'not set', 'digest' + assert resp['headers']['X-User'] == 'not set', 'user' + assert resp['headers']['X-Password'] == 'not set', 'password' + + resp = self.get( + headers={ + 'Host': 'localhost', + 'Authorization': 'Basic dXNlcjpwYXNzd29yZA==', + 'Connection': 'close', + } + ) + assert resp['status'] == 200, 'basic status' + assert resp['headers']['X-Digest'] == 'not set', 'basic digest' + assert resp['headers']['X-User'] == 'user', 'basic user' + assert resp['headers']['X-Password'] == 'password', 'basic password' + + resp = self.get( + headers={ + 'Host': 'localhost', + 'Authorization': 'Digest username="blah", realm="", uri="/"', + 'Connection': 'close', + } + ) + assert resp['status'] == 200, 'digest status' + assert ( + resp['headers']['X-Digest'] == 'username="blah", realm="", uri="/"' + ), 'digest digest' + assert resp['headers']['X-User'] == 'not set', 'digest user' + assert resp['headers']['X-Password'] == 'not set', 'digest password' + + def test_php_application_auth_invalid(self): + self.load('auth') + + def check_auth(auth): + resp = self.get(headers={ + 'Host': 'localhost', + 'Authorization': auth, + 'Connection': 'close', + }) + + assert resp['status'] == 200, 'status' + assert resp['headers']['X-Digest'] == 'not set', 'Digest' + assert resp['headers']['X-User'] == 'not set', 'User' + assert resp['headers']['X-Password'] == 'not set', 'Password' + + check_auth('Basic dXN%cjpwYXNzd29yZA==') + check_auth('Basic XNlcjpwYXNzd29yZA==') + check_auth('Basic DdXNlcjpwYXNzd29yZA==') + check_auth('Basic blah') + check_auth('Basic') + check_auth('Digest') + check_auth('blah') + def test_php_application_disable_functions_space(self): self.load('time_exec') |