Mirrors/shlink
1
0
Fork 0
mirror of https://github.com/shlinkio/shlink.git synced 2026-03-10 09:13:11 +08:00
Code Issues Packages Projects Releases Wiki Activity

Created system of authentication plugins

Browse Source
This commit is contained in:
Alejandro Celaya
2018-09-28 22:08:01 +02:00
parent e88468d867
commit 8e61639598
18 changed files with 675 additions and 242 deletions
Download Patch File Download Diff File Expand all files Collapse all files

130
module/Rest/test/Authentication/AuthorizationHeaderPluginTest.php Normal file
View File

@@ -0,0 +1,130 @@
<?php
declare(strict_types=1);
namespace ShlinkioTest\Shlink\Rest\Authentication;
use PHPUnit\Framework\TestCase;
use Prophecy\Prophecy\ObjectProphecy;
use Shlinkio\Shlink\Rest\Authentication\JWTServiceInterface;
use Shlinkio\Shlink\Rest\Authentication\Plugin\AuthorizationHeaderPlugin;
use Shlinkio\Shlink\Rest\Exception\VerifyAuthenticationException;
use Zend\Diactoros\Response;
use Zend\Diactoros\ServerRequestFactory;
use Zend\I18n\Translator\Translator;
class AuthorizationHeaderPluginTest extends TestCase
{
/**
* @var AuthorizationHeaderPlugin
*/
private $plugin;
/**
* @var ObjectProphecy
*/
protected $jwtService;
public function setUp()
{
$this->jwtService = $this->prophesize(JWTServiceInterface::class);
$this->plugin = new AuthorizationHeaderPlugin($this->jwtService->reveal(), Translator::factory([]));
}
/**
* @test
*/
public function verifyAnAuthorizationWithoutBearerTypeThrowsException()
{
$authToken = 'ABC-abc';
$request = ServerRequestFactory::fromGlobals()->withHeader(
AuthorizationHeaderPlugin::HEADER_NAME,
$authToken
);
$this->expectException(VerifyAuthenticationException::class);
$this->expectExceptionMessage(sprintf(
'You need to provide the Bearer type in the %s header.',
AuthorizationHeaderPlugin::HEADER_NAME
));
$this->plugin->verify($request);
}
/**
* @test
*/
public function verifyAnAuthorizationWithWrongTypeThrowsException()
{
$authToken = 'Basic ABC-abc';
$request = ServerRequestFactory::fromGlobals()->withHeader(
AuthorizationHeaderPlugin::HEADER_NAME,
$authToken
);
$this->expectException(VerifyAuthenticationException::class);
$this->expectExceptionMessage(
'Provided authorization type Basic is not supported. Use Bearer instead.'
);
$this->plugin->verify($request);
}
/**
* @test
*/
public function verifyAnExpiredTokenThrowsException()
{
$authToken = 'Bearer ABC-abc';
$request = ServerRequestFactory::fromGlobals()->withHeader(
AuthorizationHeaderPlugin::HEADER_NAME,
$authToken
);
$jwtVerify = $this->jwtService->verify('ABC-abc')->willReturn(false);
$this->expectException(VerifyAuthenticationException::class);
$this->expectExceptionMessage(sprintf(
'Missing or invalid auth token provided. Perform a new authentication request and send provided '
. 'token on every new request on the %s header',
AuthorizationHeaderPlugin::HEADER_NAME
));
$this->plugin->verify($request);
$jwtVerify->shouldHaveBeenCalledTimes(1);
}
/**
* @test
*/
public function verifyValidTokenDoesNotThrowException()
{
$authToken = 'Bearer ABC-abc';
$request = ServerRequestFactory::fromGlobals()->withHeader(
AuthorizationHeaderPlugin::HEADER_NAME,
$authToken
);
$jwtVerify = $this->jwtService->verify('ABC-abc')->willReturn(true);
$this->plugin->verify($request);
$jwtVerify->shouldHaveBeenCalledTimes(1);
}
/**
* @test
*/
public function updateReturnsAnUpdatedResponseWithNewJwt()
{
$authToken = 'Bearer ABC-abc';
$request = ServerRequestFactory::fromGlobals()->withHeader(
AuthorizationHeaderPlugin::HEADER_NAME,
$authToken
);
$jwtRefresh = $this->jwtService->refresh('ABC-abc')->willReturn('DEF-def');
$response = $this->plugin->update($request, new Response());
$this->assertTrue($response->hasHeader(AuthorizationHeaderPlugin::HEADER_NAME));
$this->assertEquals('Bearer DEF-def', $response->getHeaderLine(AuthorizationHeaderPlugin::HEADER_NAME));
$jwtRefresh->shouldHaveBeenCalledTimes(1);
}
}