mirror of
https://github.com/elyby/accounts.git
synced 2025-05-31 14:11:46 +05:30
Remove minecraft_access_keys table and all related code
This commit is contained in:
ErickSkrauch
@@ -88,10 +88,6 @@ class Component extends YiiUserComponent {
|
||||
$minecraftSession->revoked_at = time();
|
||||
Assert::true($minecraftSession->save());
|
||||
}
|
||||
|
||||
foreach ($account->minecraftAccessKeys as $minecraftAccessKey) {
|
||||
$minecraftAccessKey->delete();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -10,7 +10,6 @@ use api\modules\authserver\validators\AccessTokenValidator;
|
||||
use api\modules\authserver\validators\RequiredValidator;
|
||||
use api\rbac\Permissions as P;
|
||||
use common\models\Account;
|
||||
use common\models\MinecraftAccessKey;
|
||||
use common\models\OauthClient;
|
||||
use common\models\OauthSession;
|
||||
use Webmozart\Assert\Assert;
|
||||
@@ -48,26 +47,13 @@ class RefreshTokenForm extends ApiForm {
|
||||
*/
|
||||
public function refresh(): AuthenticateData {
|
||||
$this->validate();
|
||||
$account = null;
|
||||
if (mb_strlen($this->accessToken) === 36) {
|
||||
/** @var MinecraftAccessKey $token */
|
||||
$token = MinecraftAccessKey::findOne([
|
||||
'access_token' => $this->accessToken,
|
||||
'client_token' => $this->clientToken,
|
||||
]);
|
||||
if ($token !== null) {
|
||||
$account = $token->account;
|
||||
}
|
||||
} else {
|
||||
$token = Yii::$app->tokens->parse($this->accessToken);
|
||||
$tokenReader = new TokenReader($token);
|
||||
if ($tokenReader->getMinecraftClientToken() !== $this->clientToken) {
|
||||
throw new ForbiddenOperationException('Invalid token.');
|
||||
}
|
||||
|
||||
$account = Account::findOne(['id' => $tokenReader->getAccountId()]);
|
||||
$token = Yii::$app->tokens->parse($this->accessToken);
|
||||
$tokenReader = new TokenReader($token);
|
||||
if ($tokenReader->getMinecraftClientToken() !== $this->clientToken) {
|
||||
throw new ForbiddenOperationException('Invalid token.');
|
||||
}
|
||||
|
||||
$account = Account::findOne(['id' => $tokenReader->getAccountId()]);
|
||||
if ($account === null) {
|
||||
throw new ForbiddenOperationException('Invalid token.');
|
||||
}
|
||||
|
||||
@@ -7,7 +7,6 @@ use api\components\Tokens\TokenReader;
|
||||
use api\modules\authserver\exceptions\ForbiddenOperationException;
|
||||
use Carbon\Carbon;
|
||||
use common\models\Account;
|
||||
use common\models\MinecraftAccessKey;
|
||||
use Exception;
|
||||
use Yii;
|
||||
use yii\validators\Validator;
|
||||
@@ -22,16 +21,10 @@ class AccessTokenValidator extends Validator {
|
||||
public bool $verifyAccount = true;
|
||||
|
||||
/**
|
||||
* @param string $value
|
||||
*
|
||||
* @return array|null
|
||||
* @throws ForbiddenOperationException
|
||||
*/
|
||||
protected function validateValue($value): ?array {
|
||||
if (mb_strlen($value) === 36) {
|
||||
return $this->validateLegacyToken($value);
|
||||
}
|
||||
|
||||
try {
|
||||
$token = Yii::$app->tokens->parse($value);
|
||||
} catch (Exception $e) {
|
||||
@@ -53,30 +46,6 @@ class AccessTokenValidator extends Validator {
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $value
|
||||
*
|
||||
* @return array|null
|
||||
* @throws ForbiddenOperationException
|
||||
*/
|
||||
private function validateLegacyToken(string $value): ?array {
|
||||
/** @var MinecraftAccessKey|null $result */
|
||||
$result = MinecraftAccessKey::findOne(['access_token' => $value]);
|
||||
if ($result === null) {
|
||||
throw new ForbiddenOperationException(self::INVALID_TOKEN);
|
||||
}
|
||||
|
||||
if ($this->verifyExpiration && $result->isExpired()) {
|
||||
throw new ForbiddenOperationException(self::TOKEN_EXPIRED);
|
||||
}
|
||||
|
||||
if ($this->verifyAccount && !$this->validateAccount($result->account_id)) {
|
||||
throw new ForbiddenOperationException(self::INVALID_TOKEN);
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
private function validateAccount(int $accountId): bool {
|
||||
/** @var Account|null $account */
|
||||
$account = Account::find()->excludeDeleted()->andWhere(['id' => $accountId])->one();
|
||||
|
||||
@@ -9,9 +9,9 @@ use api\modules\session\models\protocols\JoinInterface;
|
||||
use api\modules\session\Module as Session;
|
||||
use api\modules\session\validators\RequiredValidator;
|
||||
use api\rbac\Permissions as P;
|
||||
use Closure;
|
||||
use common\helpers\StringHelper;
|
||||
use common\models\Account;
|
||||
use common\models\MinecraftAccessKey;
|
||||
use Ramsey\Uuid\Uuid;
|
||||
use Webmozart\Assert\Assert;
|
||||
use Yii;
|
||||
@@ -47,13 +47,12 @@ class JoinForm extends Model {
|
||||
public function rules(): array {
|
||||
return [
|
||||
[['accessToken', 'serverId'], RequiredValidator::class],
|
||||
[['accessToken', 'selectedProfile'], 'validateUuid'],
|
||||
[['accessToken'], 'validateAccessToken'],
|
||||
[['accessToken', 'selectedProfile'], Closure::fromCallable([$this, 'validateUuid'])],
|
||||
[['accessToken'], Closure::fromCallable([$this, 'validateAccessToken'])],
|
||||
];
|
||||
}
|
||||
|
||||
/**
|
||||
* @return bool
|
||||
* @throws IllegalArgumentException
|
||||
* @throws ForbiddenOperationException
|
||||
*/
|
||||
@@ -66,7 +65,7 @@ class JoinForm extends Model {
|
||||
return false;
|
||||
}
|
||||
|
||||
$account = $this->getAccount();
|
||||
$account = $this->account;
|
||||
$sessionModel = new SessionModel($account->username, $serverId);
|
||||
Assert::true($sessionModel->save());
|
||||
|
||||
@@ -96,7 +95,7 @@ class JoinForm extends Model {
|
||||
*
|
||||
* @throws IllegalArgumentException
|
||||
*/
|
||||
public function validateUuid(string $attribute): void {
|
||||
private function validateUuid(string $attribute): void {
|
||||
if ($this->hasErrors($attribute)) {
|
||||
return;
|
||||
}
|
||||
@@ -109,46 +108,36 @@ class JoinForm extends Model {
|
||||
/**
|
||||
* @throws \api\modules\session\exceptions\ForbiddenOperationException
|
||||
*/
|
||||
public function validateAccessToken(): void {
|
||||
private function validateAccessToken(): void {
|
||||
$accessToken = $this->accessToken;
|
||||
/** @var MinecraftAccessKey|null $accessModel */
|
||||
$accessModel = MinecraftAccessKey::findOne(['access_token' => $accessToken]);
|
||||
if ($accessModel !== null) {
|
||||
Yii::$app->statsd->inc('sessionserver.authentication.legacy_minecraft_protocol');
|
||||
/** @var MinecraftAccessKey|\api\components\OAuth2\Entities\AccessTokenEntity $accessModel */
|
||||
if ($accessModel->isExpired()) {
|
||||
Session::error("User with access_token = '{$accessToken}' failed join by expired access_token.");
|
||||
Yii::$app->statsd->inc('sessionserver.authentication.legacy_minecraft_protocol_token_expired');
|
||||
|
||||
throw new ForbiddenOperationException('Expired access_token.');
|
||||
try {
|
||||
$identity = Yii::$app->user->loginByAccessToken($accessToken);
|
||||
} catch (UnauthorizedHttpException $e) {
|
||||
if ($e->getMessage() === 'Token expired') {
|
||||
throw new ForbiddenOperationException('Expired access_token.', 0, $e);
|
||||
}
|
||||
|
||||
$account = $accessModel->account;
|
||||
} else {
|
||||
try {
|
||||
$identity = Yii::$app->user->loginByAccessToken($accessToken);
|
||||
} catch (UnauthorizedHttpException $e) {
|
||||
$identity = null;
|
||||
}
|
||||
|
||||
if ($identity === null) {
|
||||
Session::error("User with access_token = '{$accessToken}' failed join by wrong access_token.");
|
||||
Yii::$app->statsd->inc('sessionserver.join.fail_wrong_token');
|
||||
|
||||
throw new ForbiddenOperationException('Invalid access_token.');
|
||||
}
|
||||
|
||||
Yii::$app->statsd->inc('sessionserver.authentication.oauth2');
|
||||
if (!Yii::$app->user->can(P::MINECRAFT_SERVER_SESSION)) {
|
||||
Session::error("User with access_token = '{$accessToken}' doesn't have enough scopes to make join.");
|
||||
Yii::$app->statsd->inc('sessionserver.authentication.oauth2_not_enough_scopes');
|
||||
|
||||
throw new ForbiddenOperationException('The token does not have required scope.');
|
||||
}
|
||||
|
||||
$account = $identity->getAccount();
|
||||
$identity = null;
|
||||
}
|
||||
|
||||
if ($identity === null) {
|
||||
Session::error("User with access_token = '{$accessToken}' failed join by wrong access_token.");
|
||||
Yii::$app->statsd->inc('sessionserver.join.fail_wrong_token');
|
||||
|
||||
throw new ForbiddenOperationException('Invalid access_token.');
|
||||
}
|
||||
|
||||
Yii::$app->statsd->inc('sessionserver.authentication.oauth2');
|
||||
if (!Yii::$app->user->can(P::MINECRAFT_SERVER_SESSION)) {
|
||||
Session::error("User with access_token = '{$accessToken}' doesn't have enough scopes to make join.");
|
||||
Yii::$app->statsd->inc('sessionserver.authentication.oauth2_not_enough_scopes');
|
||||
|
||||
throw new ForbiddenOperationException('The token does not have required scope.');
|
||||
}
|
||||
|
||||
/** @var Account $account */
|
||||
$account = $identity->getAccount();
|
||||
|
||||
$selectedProfile = $this->selectedProfile;
|
||||
$isUuid = StringHelper::isUuid($selectedProfile);
|
||||
if ($isUuid && $account->uuid !== $this->normalizeUUID($selectedProfile)) {
|
||||
@@ -172,10 +161,6 @@ class JoinForm extends Model {
|
||||
$this->account = $account;
|
||||
}
|
||||
|
||||
protected function getAccount(): Account {
|
||||
return $this->account;
|
||||
}
|
||||
|
||||
private function normalizeUUID(string $uuid): string {
|
||||
return Uuid::fromString($uuid)->toString();
|
||||
}
|
||||
|
||||
@@ -68,7 +68,7 @@ class JoinCest {
|
||||
public function joinWithExpiredToken(FunctionalTester $I) {
|
||||
$I->wantTo('join to some server with expired accessToken');
|
||||
$I->sendPOST('/api/authlib-injector/sessionserver/session/minecraft/join', [
|
||||
'accessToken' => '6042634a-a1e2-4aed-866c-c661fe4e63e2',
|
||||
'accessToken' => 'eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE1MTgzMzQ3NDMsImV4cCI6MTUxODMzNDc5MCwiY2xpZW50X2lkIjoiZWx5Iiwic2NvcGUiOiJtaW5lY3JhZnRfc2VydmVyX3Nlc3Npb24iLCJzdWIiOiJlbHl8MSJ9.0mBXezB2p0eGuusZDklthR8xQLGo-v1qoP0GPdEPpYvckJMoHmlSqiW-2WwLlxGK0_J4KmYlp5vM4ynE14armw',
|
||||
'selectedProfile' => 'df936908-b2e1-544d-96f8-2977ec213022',
|
||||
'serverId' => uuid(),
|
||||
]);
|
||||
@@ -125,7 +125,7 @@ class JoinCest {
|
||||
|
||||
public function joinByAccountMarkedForDeletion(FunctionalTester $I) {
|
||||
$I->sendPOST('/api/authlib-injector/sessionserver/session/minecraft/join', [
|
||||
'accessToken' => '239ba889-7020-4383-8d99-cd8c8aab4a2f',
|
||||
'accessToken' => 'eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE1MTgzMzQ3NDMsImNsaWVudF9pZCI6ImVseSIsInNjb3BlIjoibWluZWNyYWZ0X3NlcnZlcl9zZXNzaW9uIiwic3ViIjoiZWx5fDE1In0.2qla7RzReBi2WtfgP3x8T6ZA0wn9HOrQo57xaZc2wMKPo1Zc49_o6w-5Ku1tbvzmESZfAxNQpfY4EwclEWjHYA',
|
||||
'selectedProfile' => '6383de63-8f85-4ed5-92b7-5401a1fa68cd',
|
||||
'serverId' => uuid(),
|
||||
]);
|
||||
|
||||
@@ -24,20 +24,6 @@ class RefreshCest {
|
||||
$this->assertSuccessResponse($I, $case[0]);
|
||||
}
|
||||
|
||||
/**
|
||||
* @example [true]
|
||||
* @example [false]
|
||||
*/
|
||||
public function refreshLegacyAccessToken(AuthserverSteps $I, Example $case) {
|
||||
$I->wantTo('refresh legacy accessToken');
|
||||
$I->sendPOST('/api/authserver/authentication/refresh', [
|
||||
'accessToken' => 'e7bb6648-2183-4981-9b86-eba5e7f87b42',
|
||||
'clientToken' => '6f380440-0c05-47bd-b7c6-d011f1b5308f',
|
||||
'requestUser' => $case[0],
|
||||
]);
|
||||
$this->assertSuccessResponse($I, $case[0]);
|
||||
}
|
||||
|
||||
public function refreshWithInvalidClientToken(AuthserverSteps $I) {
|
||||
$I->wantTo('refresh accessToken with not matched client token');
|
||||
[$accessToken] = $I->amAuthenticated();
|
||||
@@ -51,27 +37,11 @@ class RefreshCest {
|
||||
]);
|
||||
}
|
||||
|
||||
public function refreshLegacyAccessTokenWithInvalidClientToken(AuthserverSteps $I) {
|
||||
$I->wantTo('refresh legacy accessToken with not matched client token');
|
||||
$I->sendPOST('/api/authserver/authentication/refresh', [
|
||||
'accessToken' => 'e7bb6648-2183-4981-9b86-eba5e7f87b42',
|
||||
'clientToken' => Uuid::uuid4()->toString(),
|
||||
]);
|
||||
$I->canSeeResponseContainsJson([
|
||||
'error' => 'ForbiddenOperationException',
|
||||
'errorMessage' => 'Invalid token.',
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* @example {"accessToken": "eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE1NzU1NjE1MjgsImV4cCI6MTU3NTU2MTUyOCwiZWx5LXNjb3BlcyI6Im1pbmVjcmFmdF9zZXJ2ZXJfc2Vzc2lvbiIsImVseS1jbGllbnQtdG9rZW4iOiIydnByWnRVdk40VTVtSnZzc0ozaXNpekdVWFhQYnFsV1FsQjVVRWVfUV81bkxKYzlsbUJ3VU1hQWJ1MjBtZC1FNzNtengxNWFsZmRJSU1OMTV5YUpBalZOM29vQW9IRDctOWdOcmciLCJzdWIiOiJlbHl8MSJ9.vwjXzy0VtjJlP6B4RxqoE69yRSBsluZ29VELe4vDi8GCy487eC5cIf9hz9oxp5YcdE7uEJZeqX2yi3nk_0nCaA", "clientToken": "4f368b58-9097-4e56-80b1-f421ae4b53cf"}
|
||||
* @example {"accessToken": "6042634a-a1e2-4aed-866c-c661fe4e63e2", "clientToken": "47fb164a-2332-42c1-8bad-549e67bb210c"}
|
||||
*/
|
||||
public function refreshExpiredToken(AuthserverSteps $I, Example $example) {
|
||||
public function refreshExpiredToken(AuthserverSteps $I) {
|
||||
$I->wantTo('refresh legacy accessToken');
|
||||
$I->sendPOST('/api/authserver/authentication/refresh', [
|
||||
'accessToken' => $example['accessToken'],
|
||||
'clientToken' => $example['clientToken'],
|
||||
'accessToken' => 'eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE1NzU1NjE1MjgsImV4cCI6MTU3NTU2MTUyOCwiZWx5LXNjb3BlcyI6Im1pbmVjcmFmdF9zZXJ2ZXJfc2Vzc2lvbiIsImVseS1jbGllbnQtdG9rZW4iOiIydnByWnRVdk40VTVtSnZzc0ozaXNpekdVWFhQYnFsV1FsQjVVRWVfUV81bkxKYzlsbUJ3VU1hQWJ1MjBtZC1FNzNtengxNWFsZmRJSU1OMTV5YUpBalZOM29vQW9IRDctOWdOcmciLCJzdWIiOiJlbHl8MSJ9.vwjXzy0VtjJlP6B4RxqoE69yRSBsluZ29VELe4vDi8GCy487eC5cIf9hz9oxp5YcdE7uEJZeqX2yi3nk_0nCaA',
|
||||
'clientToken' => '4f368b58-9097-4e56-80b1-f421ae4b53cf',
|
||||
]);
|
||||
$this->assertSuccessResponse($I, false);
|
||||
}
|
||||
|
||||
@@ -18,15 +18,6 @@ class ValidateCest {
|
||||
$I->canSeeResponseEquals('');
|
||||
}
|
||||
|
||||
public function validateLegacyToken(AuthserverSteps $I) {
|
||||
$I->wantTo('validate my legacy accessToken');
|
||||
$I->sendPOST('/api/authserver/authentication/validate', [
|
||||
'accessToken' => 'e7bb6648-2183-4981-9b86-eba5e7f87b42',
|
||||
]);
|
||||
$I->seeResponseCodeIs(200);
|
||||
$I->canSeeResponseEquals('');
|
||||
}
|
||||
|
||||
public function wrongArguments(AuthserverSteps $I) {
|
||||
$I->wantTo('get error on wrong amount of arguments');
|
||||
$I->sendPOST('/api/authserver/authentication/validate', [
|
||||
@@ -66,23 +57,10 @@ class ValidateCest {
|
||||
]);
|
||||
}
|
||||
|
||||
public function expiredLegacyAccessToken(AuthserverSteps $I) {
|
||||
$I->wantTo('get error on expired legacy accessToken');
|
||||
$I->sendPOST('/api/authserver/authentication/validate', [
|
||||
'accessToken' => '6042634a-a1e2-4aed-866c-c661fe4e63e2', // Already expired token from the fixtures
|
||||
]);
|
||||
$I->canSeeResponseCodeIs(401);
|
||||
$I->canSeeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'error' => 'ForbiddenOperationException',
|
||||
'errorMessage' => 'Token expired.',
|
||||
]);
|
||||
}
|
||||
|
||||
public function credentialsFromBannedAccount(AuthserverSteps $I) {
|
||||
$I->wantTo('get error on expired legacy accessToken');
|
||||
$I->sendPOST('/api/authserver/authentication/validate', [
|
||||
'accessToken' => '239ba889-7020-4383-8d99-cd8c8aab4a2f',
|
||||
'accessToken' => 'eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE1MTgzMzQ3NDMsImNsaWVudF9pZCI6ImVseSIsInNjb3BlIjoibWluZWNyYWZ0X3NlcnZlcl9zZXNzaW9uIiwic3ViIjoiZWx5fDE1In0.2qla7RzReBi2WtfgP3x8T6ZA0wn9HOrQo57xaZc2wMKPo1Zc49_o6w-5Ku1tbvzmESZfAxNQpfY4EwclEWjHYA',
|
||||
]);
|
||||
$I->canSeeResponseCodeIs(401);
|
||||
$I->canSeeResponseContainsJson([
|
||||
|
||||
@@ -79,10 +79,10 @@ class JoinCest {
|
||||
]);
|
||||
}
|
||||
|
||||
public function joinWithExpiredToken(FunctionalTester $I) {
|
||||
public function joinWithExpiredToken(OauthSteps $I) {
|
||||
$I->wantTo('join to some server with expired accessToken');
|
||||
$this->route->join([
|
||||
'accessToken' => '6042634a-a1e2-4aed-866c-c661fe4e63e2',
|
||||
'accessToken' => 'eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE1MTgzMzQ3NDMsImV4cCI6MTUxODMzNDc5MCwiY2xpZW50X2lkIjoiZWx5Iiwic2NvcGUiOiJtaW5lY3JhZnRfc2VydmVyX3Nlc3Npb24iLCJzdWIiOiJlbHl8MSJ9.0mBXezB2p0eGuusZDklthR8xQLGo-v1qoP0GPdEPpYvckJMoHmlSqiW-2WwLlxGK0_J4KmYlp5vM4ynE14armw',
|
||||
'selectedProfile' => 'df936908-b2e1-544d-96f8-2977ec213022',
|
||||
'serverId' => uuid(),
|
||||
]);
|
||||
@@ -137,9 +137,9 @@ class JoinCest {
|
||||
]);
|
||||
}
|
||||
|
||||
public function joinByAccountMarkedForDeletion(FunctionalTester $I) {
|
||||
public function joinByAccountMarkedForDeletion(AuthserverSteps $I) {
|
||||
$this->route->join([
|
||||
'accessToken' => '239ba889-7020-4383-8d99-cd8c8aab4a2f',
|
||||
'accessToken' => 'eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE1MTgzMzQ3NDMsImNsaWVudF9pZCI6ImVseSIsInNjb3BlIjoibWluZWNyYWZ0X3NlcnZlcl9zZXNzaW9uIiwic3ViIjoiZWx5fDE1In0.2qla7RzReBi2WtfgP3x8T6ZA0wn9HOrQo57xaZc2wMKPo1Zc49_o6w-5Ku1tbvzmESZfAxNQpfY4EwclEWjHYA',
|
||||
'selectedProfile' => '6383de63-8f85-4ed5-92b7-5401a1fa68cd',
|
||||
'serverId' => uuid(),
|
||||
]);
|
||||
|
||||
@@ -12,7 +12,6 @@ use common\models\AccountSession;
|
||||
use common\models\OauthClient;
|
||||
use common\tests\fixtures\AccountFixture;
|
||||
use common\tests\fixtures\AccountSessionFixture;
|
||||
use common\tests\fixtures\MinecraftAccessKeyFixture;
|
||||
use common\tests\fixtures\OauthClientFixture;
|
||||
use common\tests\fixtures\OauthSessionFixture;
|
||||
use Lcobucci\JWT\Claim\Basic;
|
||||
@@ -34,7 +33,6 @@ class ComponentTest extends TestCase {
|
||||
return [
|
||||
'accounts' => AccountFixture::class,
|
||||
'sessions' => AccountSessionFixture::class,
|
||||
'minecraftSessions' => MinecraftAccessKeyFixture::class,
|
||||
'oauthClients' => OauthClientFixture::class,
|
||||
'oauthSessions' => OauthSessionFixture::class,
|
||||
];
|
||||
@@ -82,12 +80,10 @@ class ComponentTest extends TestCase {
|
||||
|
||||
// Dry run: no sessions should be removed
|
||||
$component->terminateSessions($account, Component::KEEP_MINECRAFT_SESSIONS | Component::KEEP_SITE_SESSIONS);
|
||||
$this->assertNotEmpty($account->getMinecraftAccessKeys()->all());
|
||||
$this->assertNotEmpty($account->getSessions()->all());
|
||||
|
||||
// All Minecraft sessions should be removed. Web sessions should be kept
|
||||
$component->terminateSessions($account, Component::KEEP_SITE_SESSIONS);
|
||||
$this->assertEmpty($account->getMinecraftAccessKeys()->all());
|
||||
$this->assertNotEmpty($account->getSessions()->all());
|
||||
$this->assertEqualsWithDelta(time(), $account->getOauthSessions()->andWhere(['client_id' => OauthClient::UNAUTHORIZED_MINECRAFT_GAME_LAUNCHER])->one()->revoked_at, 5);
|
||||
|
||||
@@ -100,7 +96,6 @@ class ComponentTest extends TestCase {
|
||||
// With no arguments each and every session should be removed
|
||||
$component->terminateSessions($account);
|
||||
$this->assertEmpty($account->getSessions()->all());
|
||||
$this->assertEmpty($account->getMinecraftAccessKeys()->all());
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user