tests/phpunit/includes/api/ApiCheckTokenTest.php

   1 <?php
   2
   3 use MediaWiki\Session\Token;
   4
   5 /**
   6  * @group API
   7  * @group medium
   8  * @covers ApiCheckToken
   9  */
  10 class ApiCheckTokenTest extends ApiTestCase {
  11
  12         /**
  13          * Test result of checking previously queried token (should be valid)
  14          */
  15         public function testCheckTokenValid() {
  16                 // Query token which will be checked later
  17                 $tokens = $this->doApiRequest( [
  18                         'action' => 'query',
  19                         'meta' => 'tokens',
  20                 ] );
  21
  22                 $data = $this->doApiRequest( [
  23                         'action' => 'checktoken',
  24                         'type' => 'csrf',
  25                         'token' => $tokens[0]['query']['tokens']['csrftoken'],
  26                 ], $tokens[1]->getSessionArray() );
  27
  28                 $this->assertEquals( 'valid', $data[0]['checktoken']['result'] );
  29                 $this->assertArrayHasKey( 'generated', $data[0]['checktoken'] );
  30         }
  31
  32         /**
  33          * Test result of checking invalid token
  34          */
  35         public function testCheckTokenInvalid() {
  36                 $session = [];
  37                 $data = $this->doApiRequest( [
  38                         'action' => 'checktoken',
  39                         'type' => 'csrf',
  40                         'token' => 'invalid_token',
  41                 ], $session );
  42
  43                 $this->assertEquals( 'invalid', $data[0]['checktoken']['result'] );
  44         }
  45
  46         /**
  47          * Test result of checking token with negative max age (should be expired)
  48          */
  49         public function testCheckTokenExpired() {
  50                 // Query token which will be checked later
  51                 $tokens = $this->doApiRequest( [
  52                         'action' => 'query',
  53                         'meta' => 'tokens',
  54                 ] );
  55
  56                 $data = $this->doApiRequest( [
  57                         'action' => 'checktoken',
  58                         'type' => 'csrf',
  59                         'token' => $tokens[0]['query']['tokens']['csrftoken'],
  60                         'maxtokenage' => -1,
  61                 ], $tokens[1]->getSessionArray() );
  62
  63                 $this->assertEquals( 'expired', $data[0]['checktoken']['result'] );
  64                 $this->assertArrayHasKey( 'generated', $data[0]['checktoken'] );
  65         }
  66
  67         /**
  68          * Test if using token with incorrect suffix will produce a warning
  69          */
  70         public function testCheckTokenSuffixWarning() {
  71                 // Query token which will be checked later
  72                 $tokens = $this->doApiRequest( [
  73                         'action' => 'query',
  74                         'meta' => 'tokens',
  75                 ] );
  76
  77                 // Get token and change the suffix
  78                 $token = $tokens[0]['query']['tokens']['csrftoken'];
  79                 $token = substr( $token, 0, -strlen( Token::SUFFIX ) ) . urldecode( Token::SUFFIX );
  80
  81                 $data = $this->doApiRequest( [
  82                         'action' => 'checktoken',
  83                         'type' => 'csrf',
  84                         'token' => $token,
  85                         'errorformat' => 'raw',
  86                 ], $tokens[1]->getSessionArray() );
  87
  88                 $this->assertEquals( 'invalid', $data[0]['checktoken']['result'] );
  89                 $this->assertArrayHasKey( 'warnings', $data[0] );
  90                 $this->assertCount( 1, $data[0]['warnings'] );
  91                 $this->assertEquals( 'checktoken', $data[0]['warnings'][0]['module'] );
  92                 $this->assertEquals( 'checktoken-percentencoding', $data[0]['warnings'][0]['code'] );
  93         }
  94
  95 }