Skip to content

Commit 5bc0e99

Browse files
committed
Reduce scope of patch
We don't want this much from 3.x
1 parent 84b0a2b commit 5bc0e99

1 file changed

Lines changed: 0 additions & 160 deletions

File tree

tests/TestCase/AuthenticationServiceTest.php

Lines changed: 0 additions & 160 deletions
Original file line numberDiff line numberDiff line change
@@ -923,166 +923,6 @@ public function testGetLoginRedirectInvalid()
923923
);
924924
}
925925

926-
/**
927-
* testGetLoginRedirectValidationDisabled
928-
*
929-
* @return void
930-
*/
931-
public function testGetLoginRedirectValidationDisabled()
932-
{
933-
$service = new AuthenticationService([
934-
'unauthenticatedRedirect' => '/users/login',
935-
'queryParam' => 'redirect',
936-
'redirectValidation' => [
937-
'enabled' => false,
938-
]
939-
]);
940-
941-
// With validation disabled, even nested redirects should pass
942-
$request = ServerRequestFactory::fromGlobals(
943-
['REQUEST_URI' => '/secrets'],
944-
['redirect' => '/login?redirect=/secrets']
945-
);
946-
$this->assertSame(
947-
'/login?redirect=/secrets',
948-
$service->getLoginRedirect($request)
949-
);
950-
}
951-
952-
/**
953-
* testGetLoginRedirectValidationNestedRedirects
954-
*
955-
* @return void
956-
*/
957-
public function testGetLoginRedirectValidationNestedRedirects()
958-
{
959-
$service = new AuthenticationService([
960-
'unauthenticatedRedirect' => '/users/login',
961-
'queryParam' => 'redirect',
962-
'redirectValidation' => [
963-
'enabled' => true,
964-
]
965-
]);
966-
967-
// Valid single-level redirect
968-
$request = ServerRequestFactory::fromGlobals(
969-
['REQUEST_URI' => '/secrets'],
970-
['redirect' => '/articles/view/1']
971-
);
972-
$this->assertSame(
973-
'/articles/view/1',
974-
$service->getLoginRedirect($request)
975-
);
976-
977-
// Nested redirect (should be blocked)
978-
$request = ServerRequestFactory::fromGlobals(
979-
['REQUEST_URI' => '/secrets'],
980-
['redirect' => '/login?redirect=/articles/view/1']
981-
);
982-
$this->assertNull($service->getLoginRedirect($request));
983-
984-
// Deeply nested redirect (should be blocked)
985-
$request = ServerRequestFactory::fromGlobals(
986-
['REQUEST_URI' => '/secrets'],
987-
['redirect' => '/login?redirect=%2Flogin%3Fredirect%3D%252Farticles']
988-
);
989-
$this->assertNull($service->getLoginRedirect($request));
990-
}
991-
992-
/**
993-
* testGetLoginRedirectValidationEncodingLevels
994-
*
995-
* @return void
996-
*/
997-
public function testGetLoginRedirectValidationEncodingLevels()
998-
{
999-
$service = new AuthenticationService([
1000-
'unauthenticatedRedirect' => '/users/login',
1001-
'queryParam' => 'redirect',
1002-
'redirectValidation' => [
1003-
'enabled' => true,
1004-
]
1005-
]);
1006-
1007-
// Normal single-encoded URL (should pass)
1008-
$request = ServerRequestFactory::fromGlobals(
1009-
['REQUEST_URI' => '/secrets'],
1010-
['redirect' => '/articles%2Fview%2F1'],
1011-
);
1012-
$this->assertSame(
1013-
'/articles%2Fview%2F1',
1014-
$service->getLoginRedirect($request)
1015-
);
1016-
1017-
// Double-encoded URL (should be blocked)
1018-
$request = ServerRequestFactory::fromGlobals(
1019-
['REQUEST_URI' => '/secrets'],
1020-
['redirect' => '/articles%252Fview%252F1']
1021-
);
1022-
$this->assertNull($service->getLoginRedirect($request));
1023-
}
1024-
1025-
/**
1026-
* testGetLoginRedirectValidationMaxLength
1027-
*
1028-
* @return void
1029-
*/
1030-
public function testGetLoginRedirectValidationMaxLength()
1031-
{
1032-
$service = new AuthenticationService([
1033-
'unauthenticatedRedirect' => '/users/login',
1034-
'queryParam' => 'redirect',
1035-
'redirectValidation' => [
1036-
'enabled' => true,
1037-
'maxLength' => 100,
1038-
]
1039-
]);
1040-
1041-
// Short URL (should pass)
1042-
$request = ServerRequestFactory::fromGlobals(
1043-
['REQUEST_URI' => '/secrets'],
1044-
['redirect' => '/articles/view/1']
1045-
);
1046-
$this->assertSame(
1047-
'/articles/view/1',
1048-
$service->getLoginRedirect($request)
1049-
);
1050-
1051-
// Excessively long URL (should be blocked)
1052-
$longUrl = '/articles/' . str_repeat('a', 150);
1053-
$request = ServerRequestFactory::fromGlobals(
1054-
['REQUEST_URI' => '/secrets'],
1055-
['redirect' => $longUrl]
1056-
);
1057-
$this->assertNull($service->getLoginRedirect($request));
1058-
}
1059-
1060-
/**
1061-
* testGetLoginRedirectValidationWithQueryParameters
1062-
*
1063-
* @return void
1064-
*/
1065-
public function testGetLoginRedirectValidationWithQueryParameters()
1066-
{
1067-
$service = new AuthenticationService([
1068-
'unauthenticatedRedirect' => '/users/login',
1069-
'queryParam' => 'redirect',
1070-
'redirectValidation' => [
1071-
'enabled' => true,
1072-
]
1073-
]);
1074-
1075-
// Valid redirect with query parameters
1076-
$request = ServerRequestFactory::fromGlobals(
1077-
['REQUEST_URI' => '/secrets'],
1078-
['redirect' => '/articles/index?sort=created&direction=desc']
1079-
);
1080-
$this->assertSame(
1081-
'/articles/index?sort=created&direction=desc',
1082-
$service->getLoginRedirect($request)
1083-
);
1084-
}
1085-
1086926
/**
1087927
* testImpersonate
1088928
*

0 commit comments

Comments
 (0)