You are here

public function LTIAuthTest::testDuplicateNonce in LTI Tool Provider 2.x

Same name and namespace in other branches
  1. 8 tests/src/Functional/LTIAuthTest.php \Drupal\Tests\lti_tool_provider\Functional\LTIAuthTest::testDuplicateNonce()

Test authentication with duplicate nonce.

Throws

OAuthException

EntityStorageException

Exception

File

tests/src/Functional/LTIAuthTest.php, line 219

Class

LTIAuthTest
Functional tests for LTI authentication.

Namespace

Drupal\Tests\lti_tool_provider\Functional

Code

public function testDuplicateNonce() {
  $oauth = new OAuth($this->consumer
    ->get('consumer_key')->value, $this->consumer
    ->get('consumer_secret')->value, OAUTH_SIG_METHOD_HMACSHA1, OAUTH_AUTH_TYPE_URI);
  $timestamp = time();
  $nonce = md5($timestamp);
  $oauth
    ->setTimestamp($timestamp);
  $oauth
    ->setNonce($nonce);
  $this->nonceStorage
    ->create([
    'nonce' => $nonce,
    'consumer_key' => $this->consumer
      ->get('consumer_key')->value,
    'timestamp' => $timestamp,
  ])
    ->save();
  $url = Url::fromRoute('lti_tool_provider.lti');
  $params = [
    'oauth_version' => '1.0',
    'oauth_signature_method' => 'HMAC-SHA1',
    'oauth_consumer_key' => 'consumer_key',
    'oauth_timestamp' => $timestamp,
    'oauth_nonce' => $nonce,
    'lti_message_type' => 'basic-lti-launch-request',
    'lti_version' => 'LTI-1p0',
    'resource_link_id' => 'resource_link_id',
    'lis_person_contact_email_primary' => '',
  ];
  $signature = $oauth
    ->generateSignature('POST', $url
    ->setAbsolute()
    ->toString(), $params);
  $params['oauth_signature'] = $signature;
  $response = $this
    ->request('POST', $url, [
    'form_params' => $params,
  ]);

  //        $userStorage = $this->container->get('entity_type.manager')->getStorage('user');
  $ids = $this->userStorage
    ->getQuery()
    ->condition('name', 'ltiuser', '=')
    ->condition('mail', 'ltiuser@invalid', '=')
    ->execute();
  $this
    ->assertEquals(403, $response
    ->getStatusCode());
  $this
    ->assertCount(0, $ids);
}