RocketGit

catalinux / rocketgit (public) (License: Affero GPLv3) (since 2015-03-19) (hash sha1)

Main RocketGit repo

Clone URLs: https://rocketgit.com/user/catalinux/rocketgit ssh://rocketgit@ssh.rocketgit.com/user/catalinux/rocketgit git://git.rocketgit.com/user/catalinux/rocketgit

/tests/token.php (f605ec34e9f2c13474305428012806d52e93f2f5) (2330 bytes) (mode 100644) (type blob)

<?php
error_reporting(E_ALL | E_STRICT);
ini_set("track_errors", "On");

$INC = dirname(__FILE__) . "/../inc";
require_once(dirname(__FILE__) . "/config.php");
require_once($INC . "/init.inc.php");
require_once($INC . "/util.inc.php");
require_once($INC . "/log.inc.php");
require_once($INC . "/token.inc.php");

rg_log_set_file("token.log");

$rg_no_db = TRUE;
require_once("common.php");

$a = array("ua" => "user-agent1", "sid" => "session1", 'debug' => 1);
$token = rg_token_get($db, $a, 'tag1');
if ($token === FALSE) {
	rg_log("Generating a token should not fail (" . rg_token_error() . ")!");
	exit(1);
}
rg_log("Correct token: $token");

$a['token'] = $token;
$r = rg_token_valid($db, $a, 'tag1', FALSE);
if ($r === FALSE) {
	rg_log("Validating a correct token must work (" . rg_token_error() . ")!");
	exit(1);
}


rg_log_enter("Now, test pre-login sessions...");
$rg_token = FALSE; /* we must remove it from memory */
$a = array("ua" => "user-agent1", "sid" => "Xsession2", 'debug' => 1);
$token = rg_token_get($db, $a, 'tag2');
if ($token === FALSE) {
	rg_log("Generating a token should not fail (" . rg_token_error() . ")!");
	exit(1);
}
rg_log("Correct token: $token");
$a['token'] = $token;

$copy = $a;
$copy['token'] = "y" . substr($a['token'], 1);
// Prevent err- file to be generated
$_k = md5('Security violation: invalid token (sign)');
$rg_error_core_seen[$_k] = 1;
$r = rg_token_valid($db, $copy, 'tag2', FALSE);
if ($r !== FALSE) {
	rg_log("An altered token must return error!");
	exit(1);
}

$r = rg_token_valid($db, $a, 'tag2', FALSE);
if ($r === FALSE) {
	rg_log("Validating a correct token must work (" . rg_token_error() . ")!");
	exit(1);
}
rg_log_exit();


rg_log_enter('Testing double posting...');
$rg_token = FALSE; /* we must remove it from memory */
$a = array("ua" => "user-agent3",
	"sid" => "session_double",
	'debug' => 1);
$token = rg_token_get($db, $a, 'tag3');
if ($token === FALSE) {
	rg_log("Generating a token should not fail (" . rg_token_error() . ")!");
	exit(1);
}
$a['token'] = $token;

$r = rg_token_valid($db, $a, 'tag3', FALSE);
if ($r === FALSE) {
	rg_log("Calling 'valid' first time must work!");
	exit(1);
}
$r = rg_token_valid($db, $a, 'tag3', FALSE);
if ($r !== FALSE) {
	rg_log("Calling 'valid' second time must NOT work!");
	exit(1);
}
rg_log_exit();

rg_log("OK!");
?>

Mode	Type	Size	Ref	File
100644	blob	9	f3c7a7c5da68804a1bdf391127ba34aed33c3cca	.exclude
100644	blob	95	3e2e24ae7f12c3618604c014e2a5cdbc7572d73d	.gitignore
100644	blob	375	1f425bcd2049c526744d449511094fc045ceac74	AUTHORS
100644	blob	1132	dd65951315f3de6d52d52a82fca59889d1d95187	Certs.txt
100644	blob	1538	3f88d5ff4a2a7b3328dde912fc95c46e52da9a7d	History.txt
100644	blob	34520	dba13ed2ddf783ee8118c6a581dbf75305f816a3	LICENSE
100644	blob	3341	994c8a35a81ada4c768ba38bbea6dae006a35be0	Makefile.in
100644	blob	5013	726b89f5ea8777af6099eb82110136fb1702c41b	README
100644	blob	179703	3a70d08e1af14f7c82650d35086b17d82bb9cf7f	TODO
100644	blob	1294	f22911eb777f0695fcf81ad686eac133eb11fcc4	TODO-plans
100644	blob	203	a2863c67c3da44126b61a15a6f09738c25e0fbe0	TODO.perf
100644	blob	967	56bbaa7c937381fb10a2907b6bbe056ef8cc824a	TODO.vm
040000	tree	-	21928e906ad2907a55c2e81c2a8b0502b586b8a0	artwork
100644	blob	5118	29b8b86a2eebbd5e33e7fe03c6bb8cf269601dbb	compare.csv
100755	blob	30	92c4bc48245c00408cd7e1fd89bc1a03058f4ce4	configure
040000	tree	-	9e126f629e04ddbf18a7ad306a0e931a281a2cea	debian
040000	tree	-	2e58bf5808e1f01f1e5f9fbc8764427436b6490f	docker
040000	tree	-	f67d3605efbd6422a8acdd953578991139266391	docs
100755	blob	17577	06fe0062db5d1135bcfa1f48a10e84b3596d8c15	duilder
100644	blob	536	e31b63f440c725a5b491489e6a4bf35ee66ff073	duilder.conf
040000	tree	-	1a62427b7e1e1e78bbb0c05f5d7bc62d7306e4d3	hooks
040000	tree	-	de64aef06b9336bac4fcd08ff8c4b51aee044d58	inc
040000	tree	-	e255ce234c3993998edc12bc7e93fff555376eda	misc
100644	blob	5041	9aff7e789afc6ca163c993a32c74be373fcb7990	rocketgit.spec
040000	tree	-	4590e719b10742d0d0eacffc171f226082fa16e4	root
040000	tree	-	b86827bac5f0358438c1358179615a5db0dec9a7	samples
040000	tree	-	0d85089831878faad57e957c36a4ad0c7113523f	scripts
040000	tree	-	a3cb7109a47e7dae03a78667841b986e23baa224	selinux
100755	blob	256	462ccd108c431f54e380cdac2329129875a318b5	spell_check.sh
040000	tree	-	16e63d499e2c018ced3a78f3ed162d7b54b168ed	techdocs
040000	tree	-	4bf43340a24dd859890f3133b501bbd528389691	tests
040000	tree	-	e810d7397575886ef495708d571eb3675f6928ba	tools

Hints:
Before first commit, do not forget to setup your git environment:

git config --global user.name "your_name_here"
git config --global user.email "your@email_here"

Clone this repository using HTTP(S):

git clone https://rocketgit.com/user/catalinux/rocketgit

Clone this repository using ssh (do not forget to upload a key first):

git clone ssh://rocketgit@ssh.rocketgit.com/user/catalinux/rocketgit

Clone this repository using git:

git clone git://git.rocketgit.com/user/catalinux/rocketgit

You are allowed to anonymously push to this repository.
This means that your pushed commits will automatically be transformed into a merge request:

... clone the repository ...
... make some changes and some commits ...
git push origin main