Add additional signature mismatch test

Firehed · Firehed · Oct 27, 2021 · Oct 27, 2021 · Oct 27, 2021 · Oct 27, 2021
commit 80874ad8b40d29d3b83613a371f850964ae74ff4
diff --git a/tests/ServerTest.php b/tests/ServerTest.php
@@ -567,6 +567,19 @@ public function testValidateLoginThrowsIfSignatureIsInvalid(): void
  $this->server->validateLogin($challenge, $response, [$registration]);
  }
 
+ public function testValidateLoginThrowsIfWrongDataIsSigned(): void
+ {
+ $challenge = $this->getDefaultLoginChallenge();
+ $response = $this->getDefaultLoginResponse([
+ 'getSignedData' => 'some other signed data',
+ ]);
+ $registration = $this->getDefaultRegistration();
+
+ $this->expectException(SecurityException::class);
+ $this->expectExceptionCode(SecurityException::SIGNATURE_INVALID);
+ $this->server->validateLogin($challenge, $response, [$registration]);
+ }
+
  /**
  * Arguably the most important authentication test: ensure that
  * a perfectly-valid signature is rejected if it's not actually from the