Phantom42 has uploaded a new change for review. ( https://gerrit.wikimedia.org/r/401192 )
Change subject: Add tests for ApiCheckToken ...................................................................... Add tests for ApiCheckToken Bug: T183768 Change-Id: I63ab0413252c7333f73b881995869454c4881a57 --- A tests/phpunit/includes/api/ApiCheckTokenTest.php 1 file changed, 65 insertions(+), 0 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/mediawiki/core refs/changes/92/401192/1 diff --git a/tests/phpunit/includes/api/ApiCheckTokenTest.php b/tests/phpunit/includes/api/ApiCheckTokenTest.php new file mode 100644 index 0000000..02a5abe --- /dev/null +++ b/tests/phpunit/includes/api/ApiCheckTokenTest.php @@ -0,0 +1,65 @@ +<?php + +/** + * @group API + * @group medium + * @covers ApiCheckToken + */ +class ApiCheckTokenTest extends ApiTestCase { + + /** + * Test result of checking previously queried token (should be valid) + */ + public function testCheckTokenValid() { + // Query token which will be checked later + $tokens = $this->doApiRequest( [ + 'action' => 'query', + 'meta' => 'tokens', + ] ); + + $data = $this->doApiRequest( [ + 'action' => 'checktoken', + 'type' => 'csrf', + 'token' => $tokens[0]['query']['tokens']['csrftoken'], + ], $tokens[1]->getSessionArray() ); + + $this->assertEquals( 'valid', $data[0]['checktoken']['result'] ); + $this->assertTrue( isset( $data[0]['checktoken']['generated'] ) ); + } + + /** + * Test result of checking invalid token + */ + public function testCheckTokenInvalid() { + $session = []; + $data = $this->doApiRequest( [ + 'action' => 'checktoken', + 'type' => 'csrf', + 'token' => 'invalid_token', + ], $session ); + + $this->assertEquals( 'invalid', $data[0]['checktoken']['result'] ); + } + + /** + * Test result of checking token with negative max age (should be expired) + */ + public function testCheckTokenExpired() { + // Query token which will be checked later + $tokens = $this->doApiRequest( [ + 'action' => 'query', + 'meta' => 'tokens', + ] ); + + $data = $this->doApiRequest( [ + 'action' => 'checktoken', + 'type' => 'csrf', + 'token' => $tokens[0]['query']['tokens']['csrftoken'], + 'maxtokenage' => -1, + ], $tokens[1]->getSessionArray() ); + + $this->assertEquals( 'expired', $data[0]['checktoken']['result'] ); + $this->assertTrue( isset( $data[0]['checktoken']['generated'] ) ); + } + +} -- To view, visit https://gerrit.wikimedia.org/r/401192 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I63ab0413252c7333f73b881995869454c4881a57 Gerrit-PatchSet: 1 Gerrit-Project: mediawiki/core Gerrit-Branch: master Gerrit-Owner: Phantom42 <nikita...@gmail.com> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits