<?php
/**
 * Zend Framework
 *
 * LICENSE
 *
 * This source file is subject to the new BSD license that is bundled
 * with this package in the file LICENSE.txt.
 * It is also available through the world-wide-web at this URL:
 * http://framework.zend.com/license/new-bsd
 * If you did not receive a copy of the license and are unable to
 * obtain it through the world-wide-web, please send an email
 * to license@zend.com so we can send you a copy immediately.
 *
 * @category   Zend
 * @package    Zend_Http_Cookie
 * @subpackage UnitTests
 * @copyright  Copyright (c) 2005-2009 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 * @version    $Id: CookieTest.php 17556 2009-08-11 16:19:57Z shahar $
 */

require_once dirname(__FILE__) . '/../../TestHelper.php';
require_once 'Zend/Http/Cookie.php';

/**
 * Zend_Http_Cookie unit tests
 *
 * @category   Zend
 * @package    Zend_Http_Cookie
 * @subpackage UnitTests
 * @copyright  Copyright (c) 2005-2009 Zend Technologies USA Inc. (http://www.zend.com)
 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 * @group      Zend_Http
 * @group      Zend_Http_Cookie
 */
class Zend_Http_CookieTest extends PHPUnit_Framework_TestCase
{
    /**
     * Cookie creation and data accessors tests
     */

    /**
     * Make sure we can't set invalid names
     *
     * @dataProvider invalidCookieNameCharProvider
     * @expectedException Zend_Http_Exception
     */
    public function testSetInvalidName($char)
    {
        $cookie = new Zend_Http_Cookie("cookie_$char", 'foo', 'example.com');
    }

    /**
     * Test we get the cookie name properly
     *
     * @dataProvider validCookieWithInfoProvider
     */
    public function testGetName($cStr, $cInfo)
    {
        $cookie = Zend_Http_Cookie::fromString($cStr);
        if (! $cookie instanceof Zend_Http_Cookie) {
            $this->fail("Failed creating a cookie object from '$cStr'");
        }

        if (isset($cInfo['name'])) {
            $this->assertEquals($cInfo['name'], $cookie->getName());
        }
    }

    /**
     * Make sure we get the correct value if it was set through the constructor
     *
     * @param        string $value
     * @dataProvider validCookieValueProvider
     */
    public function testGetValueConstructor($val)
    {
        $cookie = new Zend_Http_Cookie('cookie', $val, 'example.com', time(), '/', true);
        $this->assertEquals($val, $cookie->getValue());
    }

    /**
     * Make sure we get the correct value if it was set through fromString()
     *
     * @param        string $value
     * @dataProvider validCookieValueProvider
     */
    public function testGetValueFromString($val)
    {
        $cookie = Zend_Http_Cookie::fromString('cookie=' . urlencode($val) . '; domain=example.com');
        $this->assertEquals($val, $cookie->getValue());
    }

    /**
     * Make sure we get the correct domain when it's set in the cookie string
     *
     * @dataProvider validCookieWithInfoProvider
     */
    public function testGetDomainInStr($cStr, $cInfo)
    {
        $cookie = Zend_Http_Cookie::fromString($cStr);
        if (! $cookie instanceof Zend_Http_Cookie) {
            $this->fail("Failed creating a cookie object from '$cStr'");
        }

        if (isset($cInfo['domain'])) {
            $this->assertEquals($cInfo['domain'], $cookie->getDomain());
        }
    }

    /**
     * Make sure we get the correct domain when it's set in a reference URL
     *
     * @dataProvider refUrlProvider
     */
    public function testGetDomainInRefUrl(Zend_Uri $uri)
    {
        $domain = $uri->getHost();
        $cookie = Zend_Http_Cookie::fromString('foo=baz; path=/', 'http://' . $domain);
        if (! $cookie instanceof Zend_Http_Cookie) {
            $this->fail("Failed creating a cookie object with URL '$uri'");
        }

        $this->assertEquals($domain, $cookie->getDomain());
    }

    /**
     * Make sure we get the correct path when it's set in the cookie string
     *
     * @dataProvider validCookieWithInfoProvider
     */
    public function testGetPathInStr($cStr, $cInfo)
    {
        $cookie = Zend_Http_Cookie::fromString($cStr);
        if (! $cookie instanceof Zend_Http_Cookie) {
            $this->fail("Failed creating a cookie object from '$cStr'");
        }

        if (isset($cInfo['path'])) {
            $this->assertEquals($cInfo['path'], $cookie->getPath());
        }
    }

    /**
     * Make sure we get the correct path when it's set a reference URL
     *
     * @dataProvider refUrlProvider
     */
    public function testGetPathInRefUrl(Zend_Uri $uri)
    {
        $path = $uri->getPath();
        if (substr($path, -1, 1) == '/') $path .= 'x';
        $path = dirname($path);

        $cookie = Zend_Http_Cookie::fromString('foo=bar', (string) $uri);
        if (! $cookie instanceof Zend_Http_Cookie) {
            $this->fail("Failed creating a cookie object with URL '$uri'");
        }

        $this->assertEquals($path, $cookie->getPath());
    }

    /**
     * Test we get the correct expiry time
     *
     * @dataProvider validCookieWithInfoProvider
     */
    public function testGetExpiryTime($cStr, $cInfo)
    {
        $cookie = Zend_Http_Cookie::fromString($cStr);
        if (! $cookie instanceof Zend_Http_Cookie) {
            $this->fail("Failed creating a cookie object from '$cStr'");
        }

        if (isset($cInfo['expires'])) {
            $this->assertEquals($cInfo['expires'], $cookie->getExpiryTime());
        }
    }

    /**
     * Make sure the "is secure" flag is correctly set
     *
     * @dataProvider validCookieWithInfoProvider
     */
    public function testIsSecure($cStr, $cInfo)
    {
        $cookie = Zend_Http_Cookie::fromString($cStr);
        if (! $cookie instanceof Zend_Http_Cookie) {
            $this->fail("Failed creating a cookie object from '$cStr'");
        }

        if (isset($cInfo['secure'])) {
            $this->assertEquals($cInfo['secure'], $cookie->isSecure());
        }
    }

    /**
     * Cookie expiry time tests
     */

    /**
     * Make sure we get the correct value for 'isExpired'
     *
     * @dataProvider cookieWithExpiredFlagProvider
     */
    public function testIsExpired($cStr, $expired)
    {
        $cookie = Zend_Http_Cookie::fromString($cStr);
        if (! $cookie) {
            $this->fail("Failed creating a cookie object from '$cStr'");
        }
        $this->assertEquals($expired, $cookie->isExpired());
    }

    /**
     * Make sure we get the correct value for 'isExpired', when time is manually set
     */
    public function testIsExpiredDifferentTime()
    {
        $notexpired = time() + 3600;
        $expired = time() - 3600;
        $now = time() + 7200;

        $cookies = array(
            'cookie=foo; domain=example.com; expires=' . date(DATE_COOKIE, $notexpired),
            'cookie=foo; domain=example.com; expires=' . date(DATE_COOKIE, $expired)
        );

        // Make sure all cookies are expired
        foreach ($cookies as $cstr) {
            $cookie = Zend_Http_Cookie::fromString($cstr);
            if (! $cookie) $this->fail('Got no cookie object from a valid cookie string');
            $this->assertTrue($cookie->isExpired($now), 'Cookie is expected to be expired');
        }

        // Make sure all cookies are not expired
        $now = time() - 7200;
        foreach ($cookies as $cstr) {
            $cookie = Zend_Http_Cookie::fromString($cstr);
            if (! $cookie) $this->fail('Got no cookie object from a valid cookie string');
            $this->assertFalse($cookie->isExpired($now), 'Cookie is expected not to be expired');
        }
    }

    /**
     * Test we can properly check if a cookie is a session cookie (has no expiry time)
     *
     * @dataProvider validCookieWithInfoProvider
     */
    public function testIsSessionCookie($cStr, $cInfo)
    {
        $cookie = Zend_Http_Cookie::fromString($cStr);
        if (! $cookie instanceof Zend_Http_Cookie) {
            $this->fail("Failed creating a cookie object from '$cStr'");
        }

        if (array_key_exists('expires', $cInfo)) {
            $this->assertEquals(($cInfo['expires'] === null), $cookie->isSessionCookie());
        }
    }


    /**
     * Make sure cookies are properly converted back to strings
     *
     * @dataProvider validCookieWithInfoProvider
     */
    public function testToString($cStr, $cInfo)
    {
        $cookie = Zend_Http_Cookie::fromString($cStr);
        if (! $cookie instanceof Zend_Http_Cookie) {
            $this->fail("Failed creating a cookie object from '$cStr'");
        }

        $expected = substr($cStr, 0, strpos($cStr, ';') + 1);
        $this->assertEquals($expected, (string) $cookie);
    }

    public function testGarbageInStrIsIgnored()
    {
        $cookies = array(
            'name=value; domain=foo.com; silly=place; secure',
            'foo=value; someCrap; secure; domain=foo.com; ',
            'anothercookie=value; secure; has some crap; ignore=me; domain=foo.com; '
        );

        foreach ($cookies as $cstr) {
            $cookie = Zend_Http_Cookie::fromString($cstr);
            if (! $cookie) $this->fail('Got no cookie object from a valid cookie string');
            $this->assertEquals('value', $cookie->getValue(), 'Value is not as expected');
            $this->assertEquals('foo.com', $cookie->getDomain(), 'Domain is not as expected');
            $this->assertTrue($cookie->isSecure(), 'Cookie is expected to be secure');
        }
    }

    /**
     * Test the match() method against a domain
     *
     * @dataProvider domainMatchTestProvider
     */
    public function testMatchDomain($cookieStr, $uri, $match)
    {
        $cookie = Zend_Http_Cookie::fromString($cookieStr);
        $this->assertEquals($match, $cookie->match($uri));
    }

    static public function domainMatchTestProvider()
    {
        $uri = Zend_Uri::factory('http://www.foo.com/some/file.txt');

        return array(
            array('foo=bar; domain=.example.com;', 'http://www.example.com/foo/bar.php', true),
            array('foo=bar; domain=.example.com;', 'http://example.com/foo/bar.php', true),
            array('foo=bar; domain=.example.com;', 'http://www.somexample.com/foo/bar.php', false),
            array('foo=bar; domain=example.com;', 'http://www.somexample.com/foo/bar.php', false),
            array('cookie=value; domain=www.foo.com', $uri, true),
            array('cookie=value; domain=www.foo.com', 'http://il.www.foo.com', true),
            array('cookie=value; domain=www.foo.com', 'http://bar.foo.com', false)
        );
    }

    /**
     * Test the match() method against a domain
     *
     */
    public function testMatchPath()
    {
        $cookie = Zend_Http_Cookie::fromString('foo=bar; domain=.example.com; path=/foo');
        $this->assertTrue($cookie->match('http://www.example.com/foo/bar.php'), 'Cookie expected to match, but didn\'t');
        $this->assertFalse($cookie->match('http://www.example.com/bar.php'), 'Cookie expected not to match, but did');

        $cookie = Zend_Http_Cookie::fromString('cookie=value; domain=www.foo.com; path=/some/long/path');
        $this->assertTrue($cookie->match('http://www.foo.com/some/long/path/file.txt'), 'Cookie expected to match, but didn\'t');
        $this->assertTrue($cookie->match('http://www.foo.com/some/long/path/and/even/more'), 'Cookie expected to match, but didn\'t');
        $this->assertFalse($cookie->match('http://www.foo.com/some/long/file.txt'), 'Cookie expected not to match, but did');
        $this->assertFalse($cookie->match('http://www.foo.com/some/different/path/file.txt'), 'Cookie expected not to match, but did');
    }

    /**
     * Test the match() method against secure / non secure connections
     *
     */
    public function testMatchSecure()
    {
        // A non secure cookie, should match both
        $cookie = Zend_Http_Cookie::fromString('foo=bar; domain=.example.com;');
        $this->assertTrue($cookie->match('http://www.example.com/foo/bar.php'), 'Cookie expected to match, but didn\'t');
        $this->assertTrue($cookie->match('https://www.example.com/bar.php'), 'Cookie expected to match, but didn\'t');

        // A secure cookie, should match secure connections only
        $cookie = Zend_Http_Cookie::fromString('foo=bar; domain=.example.com; secure');
        $this->assertFalse($cookie->match('http://www.example.com/foo/bar.php'), 'Cookie expected not to match, but it did');
        $this->assertTrue($cookie->match('https://www.example.com/bar.php'), 'Cookie expected to match, but didn\'t');
    }

    /**
     * Test the match() method against different expiry times
     *
     */
    public function testMatchExpire()
    {
        // A session cookie - should always be valid
        $cookie = Zend_Http_Cookie::fromString('foo=bar; domain=.example.com;');
        $this->assertTrue($cookie->match('http://www.example.com/'), 'Cookie expected to match, but didn\'t');
        $this->assertTrue($cookie->match('http://www.example.com/', true, time() + 3600), 'Cookie expected to match, but didn\'t');

        // A session cookie, should not match
        $this->assertFalse($cookie->match('https://www.example.com/', false), 'Cookie expected not to match, but it did');
        $this->assertFalse($cookie->match('https://www.example.com/', false, time() - 3600), 'Cookie expected not to match, but it did');

        // A cookie with expiry time in the future
        $cookie = Zend_Http_Cookie::fromString('foo=bar; domain=.example.com; expires=' . date(DATE_COOKIE, time() + 3600));
        $this->assertTrue($cookie->match('http://www.example.com/'), 'Cookie expected to match, but didn\'t');
        $this->assertFalse($cookie->match('https://www.example.com/', true, time() + 7200), 'Cookie expected not to match, but it did');

        // A cookie with expiry time in the past
        $cookie = Zend_Http_Cookie::fromString('foo=bar; domain=.example.com; expires=' . date(DATE_COOKIE, time() - 3600));
        $this->assertFalse($cookie->match('http://www.example.com/'), 'Cookie expected not to match, but it did');
        $this->assertTrue($cookie->match('https://www.example.com/', true, time() - 7200), 'Cookie expected to match, but didn\'t');
    }

    public function testFromStringFalse()
    {
        $cookie = Zend_Http_Cookie::fromString('foo; domain=www.exmaple.com');
        $this->assertEquals(false, $cookie, 'fromString was expected to fail and return false');

        $cookie = Zend_Http_Cookie::fromString('=bar; secure; domain=foo.nl');
        $this->assertEquals(false, $cookie, 'fromString was expected to fail and return false');

        $cookie = Zend_Http_Cookie::fromString('fo;o=bar; secure; domain=foo.nl');
        $this->assertEquals(false, $cookie, 'fromString was expected to fail and return false');
    }

    /**
     * Test that cookies with far future expiry date (beyond the 32 bit unsigned int range) are
     * not mistakenly marked as 'expired'
     *
     * @link http://framework.zend.com/issues/browse/ZF-5690
     */
    public function testZF5690OverflowingExpiryDate()
    {
        $expTime = "Sat, 29-Jan-2039 00:54:42 GMT";
        $cookie = Zend_Http_Cookie::fromString("foo=bar; domain=.example.com; expires=$expTime");
        $this->assertFalse($cookie->isExpired(), 'Expiry: ' . $cookie->getExpiryTime());
    }

    /**
     * Data Providers
     */

    /**
     * Provide characters which are invalid in cookie names
     *
     * @return array
     */
    static public function invalidCookieNameCharProvider()
    {
        return array(
            array("="),
            array(","),
            array(";"),
            array("\t"),
            array("\r"),
            array("\n"),
            array("\013"),
            array("\014")
        );
    }

    /**
     * Provide valid cookie values
     *
     * @return array
     */
    static public function validCookieValueProvider()
    {
        return array(
            array('simpleCookie'),
            array('space cookie'),
            array('!@#$%^*&()* ][{}?;'),
            array("line\n\rbreaks"),

            // Long cookie value - 2kb
            array(str_repeat(md5(time()), 64))
        );
    }

    /**
     * Provider of valid reference URLs to be used for creating cookies
     *
     * @return array
     */
    static public function refUrlProvider()
    {
        return array(
            array(Zend_Uri::factory('http://example.com/')),
            array(Zend_Uri::factory('http://www.example.com/foo/bar/')),
            array(Zend_Uri::factory('http://some.really.deep.domain.com')),
            array(Zend_Uri::factory('http://localhost/path/to/very/deep/file.php')),
            array(Zend_Uri::factory('http://arr.gr/some%20path/text%2Ffile'))
        );
    }

    /**
     * Provide valid cookie strings with information about them
     *
     * @return array
     */
    static public function validCookieWithInfoProvider()
    {
        $now = time();
        $yesterday = $now - (3600 * 24);

        return array(
            array(
                'justacookie=foo; domain=example.com',
                array(
                    'name'    => 'justacookie',
                    'domain'  => 'example.com',
                    'path'    => '/',
                    'expires' => null,
                    'secure'  => false
                )
            ),
            array(
                'expires=tomorrow; secure; path=/Space Out/; expires=Tue, 21-Nov-2006 08:33:44 GMT; domain=.example.com',
                array(
                    'name'    => 'expires',
                    'domain'  => '.example.com',
                    'path'    => '/Space Out/',
                    'expires' => strtotime('Tue, 21-Nov-2006 08:33:44 GMT'),
                    'secure'  => true
                )
            ),
            array(
                'domain=unittests; expires=' . date(DATE_COOKIE, $now) . '; domain=example.com; path=/some%20value/',
                array(
                    'name'    => 'domain',
                    'domain'  => 'example.com',
                    'path'    => '/some%20value/',
                    'expires' => $now,
                    'secure'  => false,
                )
            ),
            array(
                'path=indexAction; path=/; domain=.foo.com; expires=' . date(DATE_COOKIE, $yesterday),
                array(
                    'name'    => 'path',
                    'domain'  => '.foo.com',
                    'path'    => '/',
                    'expires' => $yesterday,
                    'secure'  => false
                )
            ),

            array(
                'secure=sha1; secure; SECURE; domain=some.really.deep.domain.com',
                array(
                    'name'    => 'secure',
                    'domain'  => 'some.really.deep.domain.com',
                    'path'    => '/',
                    'expires' => null,
                    'secure'  => true
                )
            ),
            array(
                'PHPSESSID=123456789+abcd%2Cef; secure; domain=.localdomain; path=/foo/baz; expires=Tue, 21-Nov-2006 08:33:44 GMT;',
                array(
                    'name'    => 'PHPSESSID',
                    'domain'  => '.localdomain',
                    'path'    => '/foo/baz',
                    'expires' => strtotime('Tue, 21-Nov-2006 08:33:44 GMT'),
                    'secure'  => true
                )
            ),
        );
    }

    /**
     * Cookie with 'expired' flag, used to test if Cookie->isExpired()
     *
     * @return array
     */
    public static function cookieWithExpiredFlagProvider()
    {
        return array(
            array('cookie=foo;domain=example.com;expires=' . date(DATE_COOKIE, time() +  12 * 3600), false),
            array('cookie=foo;domain=example.com;expires=' . date(DATE_COOKIE, time() - 15), true),
            array('cookie=foo;domain=example.com;', false),
            array('cookie=foo;domain=example.com;expires=Fri, 01-Mar-2109 00:19:21 GMT', false),
            array('cookie=foo;domain=example.com;expires=Fri, 06-Jun-1966 00:19:21 GMT', true),
        );
    }
}