57512: Commit tests from 57512_with_tests_2.diff (adjusts comment for…

…matting).
WordPress · Oct 9, 2023 · 7c14968 · 7c14968
1 parent 4c059cc
commit 7c14968
Showing 1 changed file with 42 additions and 0 deletions.
diff --git a/tests/phpunit/tests/auth.php b/tests/phpunit/tests/auth.php
@@ -844,4 +844,46 @@ public function data_application_passwords_can_use_capability_checks_to_determin
 			'not allowed' => array( 'subscriber', false ),
 		);
 	}
+
+	/*
+	 * @ticket 57512
+	 * @covers ::wp_populate_basic_auth_from_authorization_header
+	 */
+	public function tests_basic_http_authentication_with_username_and_password() {
+		// Header passed as "username:password".
+		$_SERVER['HTTP_AUTHORIZATION'] = 'Basic dXNlcm5hbWU6cGFzc3dvcmQ=';
+
+		wp_populate_basic_auth_from_authorization_header();
+
+		$this->assertSame($_SERVER['PHP_AUTH_USER'], 'username');
+		$this->assertSame($_SERVER['PHP_AUTH_PW'], 'password');
+	}
+
+	/*
+	 * @ticket 57512
+	 * @covers ::wp_populate_basic_auth_from_authorization_header
+	 */
+	public function tests_basic_http_authentication_with_username_only() {
+		// Malformed header passed as "username" with no password.
+		$_SERVER['HTTP_AUTHORIZATION'] = 'Basic dXNlcm5hbWU=';
+
+		wp_populate_basic_auth_from_authorization_header();
+
+		$this->assertArrayNotHasKey('PHP_AUTH_USER', $_SERVER);
+		$this->assertArrayNotHasKey('PHP_AUTH_PW', $_SERVER);
+	}
+
+	/*
+	 * @ticket 57512
+	 * @covers ::wp_populate_basic_auth_from_authorization_header
+	 */
+	public function tests_basic_http_authentication_with_more_than_2_parts() {
+		// Header passed as "username:pass:word" where password contains colon.
+		$_SERVER['HTTP_AUTHORIZATION'] = 'Basic dXNlcm5hbWU6cGFzczp3b3Jk';
+
+		wp_populate_basic_auth_from_authorization_header();
+
+		$this->assertSame($_SERVER['PHP_AUTH_USER'], 'username');
+		$this->assertSame($_SERVER['PHP_AUTH_PW'], 'pass:word');
+	}
 }