3 use MediaWiki\Session\Token
;
8 * @covers ApiCheckToken
10 class ApiCheckTokenTest
extends ApiTestCase
{
13 * Test result of checking previously queried token (should be valid)
15 public function testCheckTokenValid() {
16 // Query token which will be checked later
17 $tokens = $this->doApiRequest( [
22 $data = $this->doApiRequest( [
23 'action' => 'checktoken',
25 'token' => $tokens[0]['query']['tokens']['csrftoken'],
26 ], $tokens[1]->getSessionArray() );
28 $this->assertEquals( 'valid', $data[0]['checktoken']['result'] );
29 $this->assertArrayHasKey( 'generated', $data[0]['checktoken'] );
33 * Test result of checking invalid token
35 public function testCheckTokenInvalid() {
37 $data = $this->doApiRequest( [
38 'action' => 'checktoken',
40 'token' => 'invalid_token',
43 $this->assertEquals( 'invalid', $data[0]['checktoken']['result'] );
47 * Test result of checking token with negative max age (should be expired)
49 public function testCheckTokenExpired() {
50 // Query token which will be checked later
51 $tokens = $this->doApiRequest( [
56 $data = $this->doApiRequest( [
57 'action' => 'checktoken',
59 'token' => $tokens[0]['query']['tokens']['csrftoken'],
61 ], $tokens[1]->getSessionArray() );
63 $this->assertEquals( 'expired', $data[0]['checktoken']['result'] );
64 $this->assertArrayHasKey( 'generated', $data[0]['checktoken'] );
68 * Test if using token with incorrect suffix will produce a warning
70 public function testCheckTokenSuffixWarning() {
71 // Query token which will be checked later
72 $tokens = $this->doApiRequest( [
77 // Get token and change the suffix
78 $token = $tokens[0]['query']['tokens']['csrftoken'];
79 $token = substr( $token, 0, -strlen( Token
::SUFFIX
) ) . urldecode( Token
::SUFFIX
);
81 $data = $this->doApiRequest( [
82 'action' => 'checktoken',
85 'errorformat' => 'raw',
86 ], $tokens[1]->getSessionArray() );
88 $this->assertEquals( 'invalid', $data[0]['checktoken']['result'] );
89 $this->assertArrayHasKey( 'warnings', $data[0] );
90 $this->assertCount( 1, $data[0]['warnings'] );
91 $this->assertEquals( 'checktoken', $data[0]['warnings'][0]['module'] );
92 $this->assertEquals( 'checktoken-percentencoding', $data[0]['warnings'][0]['code'] );