public function LTIAuthTest::testDuplicateNonce in LTI Tool Provider 2.x
Same name and namespace in other branches
- 8 tests/src/Functional/LTIAuthTest.php \Drupal\Tests\lti_tool_provider\Functional\LTIAuthTest::testDuplicateNonce()
Test authentication with duplicate nonce.
Throws
OAuthException
Exception
File
- tests/
src/ Functional/ LTIAuthTest.php, line 219
Class
- LTIAuthTest
- Functional tests for LTI authentication.
Namespace
Drupal\Tests\lti_tool_provider\FunctionalCode
public function testDuplicateNonce() {
$oauth = new OAuth($this->consumer
->get('consumer_key')->value, $this->consumer
->get('consumer_secret')->value, OAUTH_SIG_METHOD_HMACSHA1, OAUTH_AUTH_TYPE_URI);
$timestamp = time();
$nonce = md5($timestamp);
$oauth
->setTimestamp($timestamp);
$oauth
->setNonce($nonce);
$this->nonceStorage
->create([
'nonce' => $nonce,
'consumer_key' => $this->consumer
->get('consumer_key')->value,
'timestamp' => $timestamp,
])
->save();
$url = Url::fromRoute('lti_tool_provider.lti');
$params = [
'oauth_version' => '1.0',
'oauth_signature_method' => 'HMAC-SHA1',
'oauth_consumer_key' => 'consumer_key',
'oauth_timestamp' => $timestamp,
'oauth_nonce' => $nonce,
'lti_message_type' => 'basic-lti-launch-request',
'lti_version' => 'LTI-1p0',
'resource_link_id' => 'resource_link_id',
'lis_person_contact_email_primary' => '',
];
$signature = $oauth
->generateSignature('POST', $url
->setAbsolute()
->toString(), $params);
$params['oauth_signature'] = $signature;
$response = $this
->request('POST', $url, [
'form_params' => $params,
]);
// $userStorage = $this->container->get('entity_type.manager')->getStorage('user');
$ids = $this->userStorage
->getQuery()
->condition('name', 'ltiuser', '=')
->condition('mail', 'ltiuser@invalid', '=')
->execute();
$this
->assertEquals(403, $response
->getStatusCode());
$this
->assertCount(0, $ids);
}