mirror of
https://github.com/symfony/framework-bundle.git
synced 2026-03-24 01:12:20 +01:00
029303f5c3
* 7.3: fix merge do not use PHPUnit mock objects without configured expectations do not use PHPUnit mock objects without configured expectations Typo [HttpClient] Fix and test replacing repeated headers with CachingHttpClient [Messenger] Fix processing batches do not use PHPUnit mock objects without configured expectations do not use PHPUnit mock objects without configured expectations
90 lines
3.1 KiB
PHP
90 lines
3.1 KiB
PHP
<?php
|
|
|
|
/*
|
|
* This file is part of the Symfony package.
|
|
*
|
|
* (c) Fabien Potencier <fabien@symfony.com>
|
|
*
|
|
* For the full copyright and license information, please view the LICENSE
|
|
* file that was distributed with this source code.
|
|
*/
|
|
|
|
namespace Symfony\Bundle\FrameworkBundle\Tests\Command;
|
|
|
|
use PHPUnit\Framework\Attributes\RequiresPhpExtension;
|
|
use PHPUnit\Framework\TestCase;
|
|
use Symfony\Bundle\FrameworkBundle\Command\SecretsGenerateKeysCommand;
|
|
use Symfony\Bundle\FrameworkBundle\Secrets\AbstractVault;
|
|
use Symfony\Bundle\FrameworkBundle\Secrets\SodiumVault;
|
|
use Symfony\Component\Console\Tester\CommandTester;
|
|
use Symfony\Component\Filesystem\Filesystem;
|
|
|
|
#[RequiresPhpExtension('sodium')]
|
|
class SecretsGenerateKeysCommandTest extends TestCase
|
|
{
|
|
private string $secretsDir;
|
|
private const ENC_KEY_FILE = 'test.encrypt.public.php';
|
|
private const DEC_KEY_FILE = 'test.decrypt.private.php';
|
|
|
|
protected function setUp(): void
|
|
{
|
|
$this->secretsDir = sys_get_temp_dir().'/sf_secrets/test/';
|
|
(new Filesystem())->remove($this->secretsDir);
|
|
}
|
|
|
|
protected function tearDown(): void
|
|
{
|
|
(new Filesystem())->remove($this->secretsDir);
|
|
}
|
|
|
|
public function testItGeneratesSodiumKeys()
|
|
{
|
|
$vault = new SodiumVault($this->secretsDir);
|
|
$tester = new CommandTester(new SecretsGenerateKeysCommand($vault));
|
|
|
|
$this->assertSame(0, $tester->execute([]));
|
|
$this->assertKeysExistAndReadable();
|
|
}
|
|
|
|
public function testItRotatesSodiumKeysWhenRequested()
|
|
{
|
|
$vault = new SodiumVault($this->secretsDir);
|
|
$tester = new CommandTester(new SecretsGenerateKeysCommand($vault));
|
|
|
|
$this->assertSame(0, $tester->execute(['--rotate' => true]));
|
|
$this->assertKeysExistAndReadable();
|
|
}
|
|
|
|
public function testItFailsGracefullyWhenLocalVaultIsDisabled()
|
|
{
|
|
$vault = $this->createStub(AbstractVault::class);
|
|
$tester = new CommandTester(new SecretsGenerateKeysCommand($vault));
|
|
|
|
$this->assertSame(1, $tester->execute(['--local' => true]));
|
|
$this->assertStringContainsString('The local vault is disabled.', $tester->getDisplay());
|
|
}
|
|
|
|
public function testFailsWhenKeysAlreadyExistAndRotateNotPassed()
|
|
{
|
|
$vault = new SodiumVault($this->secretsDir);
|
|
$vault->generateKeys();
|
|
|
|
$command = new SecretsGenerateKeysCommand($vault);
|
|
$tester = new CommandTester($command);
|
|
|
|
$this->assertSame(1, $tester->execute([]));
|
|
$this->assertStringContainsString('Sodium keys already exist at', $tester->getDisplay());
|
|
}
|
|
|
|
private function assertKeysExistAndReadable(): void
|
|
{
|
|
$encPath = $this->secretsDir.'/'.self::ENC_KEY_FILE;
|
|
$decPath = $this->secretsDir.'/'.self::DEC_KEY_FILE;
|
|
|
|
$this->assertFileExists($encPath, 'Encryption key file does not exist.');
|
|
$this->assertFileExists($decPath, 'Decryption key file does not exist.');
|
|
$this->assertNotFalse(@file_get_contents($encPath), 'Encryption key file is not readable.');
|
|
$this->assertNotFalse(@file_get_contents($decPath), 'Decryption key file is not readable.');
|
|
}
|
|
}
|