From 7c14968e7e994ea8194f4c310b8a9d60192b769a Mon Sep 17 00:00:00 2001 From: "K. Adam White" Date: Mon, 9 Oct 2023 14:40:29 +0100 Subject: [PATCH] 57512: Commit tests from 57512_with_tests_2.diff (adjusts comment formatting). --- tests/phpunit/tests/auth.php | 42 ++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) diff --git a/tests/phpunit/tests/auth.php b/tests/phpunit/tests/auth.php index facd456dd0227..04da0a006836b 100644 --- a/tests/phpunit/tests/auth.php +++ b/tests/phpunit/tests/auth.php @@ -844,4 +844,46 @@ public function data_application_passwords_can_use_capability_checks_to_determin 'not allowed' => array( 'subscriber', false ), ); } + + /* + * @ticket 57512 + * @covers ::wp_populate_basic_auth_from_authorization_header + */ + public function tests_basic_http_authentication_with_username_and_password() { + // Header passed as "username:password". + $_SERVER['HTTP_AUTHORIZATION'] = 'Basic dXNlcm5hbWU6cGFzc3dvcmQ='; + + wp_populate_basic_auth_from_authorization_header(); + + $this->assertSame($_SERVER['PHP_AUTH_USER'], 'username'); + $this->assertSame($_SERVER['PHP_AUTH_PW'], 'password'); + } + + /* + * @ticket 57512 + * @covers ::wp_populate_basic_auth_from_authorization_header + */ + public function tests_basic_http_authentication_with_username_only() { + // Malformed header passed as "username" with no password. + $_SERVER['HTTP_AUTHORIZATION'] = 'Basic dXNlcm5hbWU='; + + wp_populate_basic_auth_from_authorization_header(); + + $this->assertArrayNotHasKey('PHP_AUTH_USER', $_SERVER); + $this->assertArrayNotHasKey('PHP_AUTH_PW', $_SERVER); + } + + /* + * @ticket 57512 + * @covers ::wp_populate_basic_auth_from_authorization_header + */ + public function tests_basic_http_authentication_with_more_than_2_parts() { + // Header passed as "username:pass:word" where password contains colon. + $_SERVER['HTTP_AUTHORIZATION'] = 'Basic dXNlcm5hbWU6cGFzczp3b3Jk'; + + wp_populate_basic_auth_from_authorization_header(); + + $this->assertSame($_SERVER['PHP_AUTH_USER'], 'username'); + $this->assertSame($_SERVER['PHP_AUTH_PW'], 'pass:word'); + } }