Discussion:
[MediaWiki-commits] [Gerrit] mediawiki/core[master]: Add tests for ApiCheckToken
Phantom42 (Code Review)
2017-12-31 20:23:04 UTC
Permalink
Phantom42 has uploaded a new change for review. ( https://gerrit.wikimedia.org/r/401192 )

Change subject: Add tests for ApiCheckToken
......................................................................

Add tests for ApiCheckToken

Bug: T183768
Change-Id: I63ab0413252c7333f73b881995869454c4881a57
---
A tests/phpunit/includes/api/ApiCheckTokenTest.php
1 file changed, 65 insertions(+), 0 deletions(-)


git pull ssh://gerrit.wikimedia.org:29418/mediawiki/core refs/changes/92/401192/1

diff --git a/tests/phpunit/includes/api/ApiCheckTokenTest.php b/tests/phpunit/includes/api/ApiCheckTokenTest.php
new file mode 100644
index 0000000..02a5abe
--- /dev/null
+++ b/tests/phpunit/includes/api/ApiCheckTokenTest.php
@@ -0,0 +1,65 @@
+<?php
+
+/**
+ * @group API
+ * @group medium
+ * @covers ApiCheckToken
+ */
+class ApiCheckTokenTest extends ApiTestCase {
+
+ /**
+ * Test result of checking previously queried token (should be valid)
+ */
+ public function testCheckTokenValid() {
+ // Query token which will be checked later
+ $tokens = $this->doApiRequest( [
+ 'action' => 'query',
+ 'meta' => 'tokens',
+ ] );
+
+ $data = $this->doApiRequest( [
+ 'action' => 'checktoken',
+ 'type' => 'csrf',
+ 'token' => $tokens[0]['query']['tokens']['csrftoken'],
+ ], $tokens[1]->getSessionArray() );
+
+ $this->assertEquals( 'valid', $data[0]['checktoken']['result'] );
+ $this->assertTrue( isset( $data[0]['checktoken']['generated'] ) );
+ }
+
+ /**
+ * Test result of checking invalid token
+ */
+ public function testCheckTokenInvalid() {
+ $session = [];
+ $data = $this->doApiRequest( [
+ 'action' => 'checktoken',
+ 'type' => 'csrf',
+ 'token' => 'invalid_token',
+ ], $session );
+
+ $this->assertEquals( 'invalid', $data[0]['checktoken']['result'] );
+ }
+
+ /**
+ * Test result of checking token with negative max age (should be expired)
+ */
+ public function testCheckTokenExpired() {
+ // Query token which will be checked later
+ $tokens = $this->doApiRequest( [
+ 'action' => 'query',
+ 'meta' => 'tokens',
+ ] );
+
+ $data = $this->doApiRequest( [
+ 'action' => 'checktoken',
+ 'type' => 'csrf',
+ 'token' => $tokens[0]['query']['tokens']['csrftoken'],
+ 'maxtokenage' => -1,
+ ], $tokens[1]->getSessionArray() );
+
+ $this->assertEquals( 'expired', $data[0]['checktoken']['result'] );
+ $this->assertTrue( isset( $data[0]['checktoken']['generated'] ) );
+ }
+
+}
--
To view, visit https://gerrit.wikimedia.org/r/401192
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I63ab0413252c7333f73b881995869454c4881a57
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/core
Gerrit-Branch: master
Gerrit-Owner: Phantom42 <***@gmail.com>
Loading...