| px | top | add code | search | signup | login | help |
<HTML>
<HEAD><TITLE>php3 auth library check</TITLE></HEAD>
<?php
// $Id: authticket_test.php3,v 1.2 1998/02/11 16:45:35 explorer Exp $
//
// Copyright (c) 1998 Michael Graff <explorer@flame.org>
// All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions
// are met:
// 1. Redistributions of source code must retain the above copyright
// notice, this list of conditions and the following disclaimer.
// 2. Redistributions in binary form must reproduce the above copyright
// notice, this list of conditions and the following disclaimer in the
// documentation and/or other materials provided with the distribution.
// 3. Neither the name of author nor the names of its contributors may be
// used to endorse or promote products derived from this software
// without specific prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY
// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
// DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS BE LIABLE
// FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
// DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
// CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
// LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
// OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
// SUCH DAMAGE.
//
include("authticket.phl");
function print_auth($auth, $verf, $tix, $fail)
{
print "<TR>";
if ($tix->authenticated == 0)
if ($fail == "FAIL")
print "<TD>FAIL</TD><TD>FAIL</TD>";
else {
print "<TD><FONT COLOR=\"red\">PASS</FONT></TD>";
print "<TD><FONT COLOR=\"red\">FAIL</FONT></TD>";
}
else
if ($fail == "PASS")
print "<TD>PASS</TD><TD>PASS</TD>";
else {
print "<TD><FONT COLOR=\"red\">FAIL</FONT></TD>";
print "<TD><FONT COLOR=\"red\">PASS</FONT></TD>";
}
print "<TD>$tix->autherr</TD><TD>$verf</TD><TD>$auth</TD></TR>\n";
}
$tix = new authticket;
$tix->secret = "Now is the time for all good men...x";
$tix->realm = "TestRealm";
?>
<BODY>
<table border="1">
<TR><TH COLSPAN="3">Pass/Fail</TH><TH></TH><TH></TH></TR>
<TR><TH>Should</TH><TH>Did</TH><TH>Reason</TH><TH>Identity</TH><TH>Ticket</TH></TR>
<?php
/*
* run a few checks here and there. First, start with a working
* example.
*/
$auth = $tix->makeauth("explorer", 10);
$verf = $tix->checkauth($auth, 10);
print_auth($auth, $verf, $tix, "PASS");
/*
* now, check for exired tickets
*/
$tix->lifetime = 10; // 10 seconds lifetime
$auth = $tix->makeauth("explorer", 50); // get a ticket at time = 50
$verf = $tix->checkauth($auth, 80); // use it at time = 80
print_auth($auth, $verf, $tix, "FAIL"); // should fail
/*
* check for use before issue
*/
$tix->lifetime = 10; // 10 seconds lifetime
$auth = $tix->makeauth("explorer", 80); // get a ticket at time = 80
$verf = $tix->checkauth($auth, 50); // use it at time = 50
print_auth($auth, $verf, $tix, "FAIL"); // should fail
/*
* make certain that we can turn off the lifetime check
*/
$tix->lifetime = 0; // disable lifetime check
$auth = $tix->makeauth("explorer", 50); // get a ticket at time = 50
$verf = $tix->checkauth($auth, 80); // use it at time = 80
print_auth($auth, $verf, $tix, "PASS"); // should pass
$tix->lifetime = 10; // 10 seconds lifetime
/*
* now, check for someone changing the hash (which in our test is done
* by changing the secret between calls to makeauth() and checkauth())
*/
$auth = $tix->makeauth("explorer", 50);
$tix->secret = $tix->secret . "foobar";
$verf = $tix->checkauth($auth, 55);
print_auth($auth, $verf, $tix, "FAIL"); // should fail
/*
* next, change the REMOTE_ADDR between calls.
*/
$auth = $tix->makeauth("explorer", 50);
$REMOTE_ADDR = "512.412.211.212"; // invalid IP, so it will always fail
$verf = $tix->checkauth($auth, 55);
print_auth($auth, $verf, $tix, "FAIL"); // should fail
//
// try a different realm
//
$auth = $tix->makeauth("explorer", 0);
$tix->realm = "DifferentRealm";
$verf = $tix->checkauth($auth, 0);
print_auth($auth, $verf, $tix, "FAIL"); // should fail
?>
</table>
</BODY></HTML>
Comments or questions?
PX is running PHP 5.2.11
Thanks to Miranda Productions for hosting and bandwidth.
Use of any code from PX is at your own risk.