From b35122f7a6ad42756c35bb60ba1f06c3dcd45c77 Mon Sep 17 00:00:00 2001
From: friendica <info@friendica.com>
Date: Mon, 21 Oct 2013 15:46:31 -0700
Subject: add sabre (1.8.x) via composer in the !@#$ place it wants to be

---
 vendor/sabre/dav/tests/Sabre/HTTP/AWSAuthTest.php | 242 ++++++++++++++++++++++
 1 file changed, 242 insertions(+)
 create mode 100644 vendor/sabre/dav/tests/Sabre/HTTP/AWSAuthTest.php

(limited to 'vendor/sabre/dav/tests/Sabre/HTTP/AWSAuthTest.php')

diff --git a/vendor/sabre/dav/tests/Sabre/HTTP/AWSAuthTest.php b/vendor/sabre/dav/tests/Sabre/HTTP/AWSAuthTest.php
new file mode 100644
index 000000000..569ec2e7d
--- /dev/null
+++ b/vendor/sabre/dav/tests/Sabre/HTTP/AWSAuthTest.php
@@ -0,0 +1,242 @@
+<?php
+
+namespace Sabre\HTTP;
+
+require_once 'Sabre/HTTP/ResponseMock.php';
+
+class AWSAuthTest extends \PHPUnit_Framework_TestCase {
+
+    /**
+     * @var Sabre\HTTP\ResponseMock
+     */
+    private $response;
+    /**
+     * @var Sabre\HTTP\AWSAuth
+     */
+    private $auth;
+
+    const REALM = 'SabreDAV unittest';
+
+    public function setUp() {
+
+        $this->response = new ResponseMock();
+        $this->auth = new AWSAuth();
+        $this->auth->setRealm(self::REALM);
+        $this->auth->setHTTPResponse($this->response);
+
+    }
+
+    public function testNoHeader() {
+
+        $request = new Request(array(
+            'REQUEST_METHOD' => 'GET',
+        ));
+
+        $this->auth->setHTTPRequest($request);
+
+        $result = $this->auth->init();
+
+        $this->assertFalse($result,'No AWS Authorization header was supplied, so we should have gotten false');
+        $this->assertEquals(AWSAuth::ERR_NOAWSHEADER,$this->auth->errorCode);
+
+    }
+
+    public function testIncorrectContentMD5() {
+
+        $accessKey = 'accessKey';
+        $secretKey = 'secretKey';
+
+        $request = new Request(array(
+            'REQUEST_METHOD'      => 'GET',
+            'HTTP_AUTHORIZATION'  => "AWS $accessKey:sig",
+            'HTTP_CONTENT_MD5'    => 'garbage',
+            'REQUEST_URI'         => '/',
+        ));
+
+        $this->auth->setHTTPRequest($request);
+        $this->auth->init();
+        $result = $this->auth->validate($secretKey);
+
+        $this->assertFalse($result);
+        $this->assertEquals(AWSAuth::ERR_MD5CHECKSUMWRONG,$this->auth->errorCode);
+
+    }
+
+    public function testNoDate() {
+
+        $accessKey = 'accessKey';
+        $secretKey = 'secretKey';
+        $content = 'thisisthebody';
+        $contentMD5 = base64_encode(md5($content,true));
+
+
+        $request = new Request(array(
+            'REQUEST_METHOD'      => 'POST',
+            'HTTP_AUTHORIZATION'  => "AWS $accessKey:sig",
+            'HTTP_CONTENT_MD5'    => $contentMD5,
+        ));
+
+        $request->setBody($content);
+
+        $this->auth->setHTTPRequest($request);
+        $this->auth->init();
+        $result = $this->auth->validate($secretKey);
+
+        $this->assertFalse($result);
+        $this->assertEquals(AWSAuth::ERR_INVALIDDATEFORMAT,$this->auth->errorCode);
+
+    }
+
+    public function testFutureDate() {
+
+        $accessKey = 'accessKey';
+        $secretKey = 'secretKey';
+        $content = 'thisisthebody';
+        $contentMD5 = base64_encode(md5($content,true));
+
+        $date = new \DateTime('@' . (time() + (60*20)));
+        $date->setTimeZone(new \DateTimeZone('GMT'));
+        $date = $date->format('D, d M Y H:i:s \\G\\M\\T');
+
+        $request = new Request(array(
+            'REQUEST_METHOD'      => 'POST',
+            'HTTP_AUTHORIZATION'  => "AWS $accessKey:sig",
+            'HTTP_CONTENT_MD5'    => $contentMD5,
+            'HTTP_DATE'           => $date,
+        ));
+
+        $request->setBody($content);
+
+        $this->auth->setHTTPRequest($request);
+        $this->auth->init();
+        $result = $this->auth->validate($secretKey);
+
+        $this->assertFalse($result);
+        $this->assertEquals(AWSAuth::ERR_REQUESTTIMESKEWED,$this->auth->errorCode);
+
+    }
+
+    public function testPastDate() {
+
+        $accessKey = 'accessKey';
+        $secretKey = 'secretKey';
+        $content = 'thisisthebody';
+        $contentMD5 = base64_encode(md5($content,true));
+
+        $date = new \DateTime('@' . (time() - (60*20)));
+        $date->setTimeZone(new \DateTimeZone('GMT'));
+        $date = $date->format('D, d M Y H:i:s \\G\\M\\T');
+
+        $request = new Request(array(
+            'REQUEST_METHOD'      => 'POST',
+            'HTTP_AUTHORIZATION'  => "AWS $accessKey:sig",
+            'HTTP_CONTENT_MD5'    => $contentMD5,
+            'HTTP_X_AMZ_DATE'     => $date,
+        ));
+
+        $request->setBody($content);
+
+        $this->auth->setHTTPRequest($request);
+        $this->auth->init();
+        $result = $this->auth->validate($secretKey);
+
+        $this->assertFalse($result);
+        $this->assertEquals(AWSAuth::ERR_REQUESTTIMESKEWED,$this->auth->errorCode);
+
+    }
+
+    public function testIncorrectSignature() {
+
+        $accessKey = 'accessKey';
+        $secretKey = 'secretKey';
+        $content = 'thisisthebody';
+
+        $contentMD5 = base64_encode(md5($content,true));
+
+        $date = new \DateTime('now');
+        $date->setTimeZone(new \DateTimeZone('GMT'));
+        $date = $date->format('D, d M Y H:i:s \\G\\M\\T');
+
+        $request = new Request(array(
+            'REQUEST_METHOD'      => 'POST',
+            'HTTP_AUTHORIZATION'  => "AWS $accessKey:sig",
+            'HTTP_CONTENT_MD5'    => $contentMD5,
+            'HTTP_X_AMZ_DATE'     => $date,
+            'REQUEST_URI'         => '/',
+        ));
+
+        $request->setBody($content);
+
+        $this->auth->setHTTPRequest($request);
+        $this->auth->init();
+        $result = $this->auth->validate($secretKey);
+
+        $this->assertFalse($result);
+        $this->assertEquals(AWSAuth::ERR_INVALIDSIGNATURE,$this->auth->errorCode);
+
+    }
+
+    public function testValidRequest() {
+
+        $accessKey = 'accessKey';
+        $secretKey = 'secretKey';
+        $content = 'thisisthebody';
+        $contentMD5 = base64_encode(md5($content,true));
+
+        $date = new \DateTime('now');
+        $date->setTimeZone(new \DateTimeZone('GMT'));
+        $date = $date->format('D, d M Y H:i:s \\G\\M\\T');
+
+
+        $sig = base64_encode($this->hmacsha1($secretKey,
+            "POST\n$contentMD5\n\n$date\nx-amz-date:$date\n/evert"
+        ));
+
+        $request = new Request(array(
+            'REQUEST_METHOD'      => 'POST',
+            'HTTP_AUTHORIZATION'  => "AWS $accessKey:$sig",
+            'HTTP_CONTENT_MD5'    => $contentMD5,
+            'HTTP_X_AMZ_DATE'     => $date,
+            'REQUEST_URI'         => '/evert',
+        ));
+
+        $request->setBody($content);
+
+        $this->auth->setHTTPRequest($request);
+        $this->auth->init();
+        $result = $this->auth->validate($secretKey);
+
+        $this->assertTrue($result,'Signature did not validate, got errorcode ' . $this->auth->errorCode);
+        $this->assertEquals($accessKey,$this->auth->getAccessKey());
+
+    }
+
+    public function test401() {
+
+        $this->auth->requireLogin();
+        $test = preg_match('/^AWS$/',$this->response->headers['WWW-Authenticate'],$matches);
+        $this->assertTrue($test==true,'The WWW-Authenticate response didn\'t match our pattern');
+
+    }
+
+    /**
+     * Generates an HMAC-SHA1 signature
+     *
+     * @param string $key
+     * @param string $message
+     * @return string
+     */
+    private function hmacsha1($key, $message) {
+
+        $blocksize=64;
+        if (strlen($key)>$blocksize)
+            $key=pack('H*', sha1($key));
+        $key=str_pad($key,$blocksize,chr(0x00));
+        $ipad=str_repeat(chr(0x36),$blocksize);
+        $opad=str_repeat(chr(0x5c),$blocksize);
+        $hmac = pack('H*',sha1(($key^$opad).pack('H*',sha1(($key^$ipad).$message))));
+        return $hmac;
+
+    }
+
+}
-- 
cgit v1.2.3