ElyBy-Mirror/accounts
1
0
Fork 0
mirror of https://github.com/elyby/accounts.git synced 2025-01-23 12:03:31 +05:30
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'develop'

Browse Source
This commit is contained in:
ErickSkrauch 2018-01-04 02:08:56 +03:00
commit 16d08bd7f0
13 changed files with 89 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
api/aop/AspectKernel.php
View File

@ -2,12 +2,15 @@
namespace api\aop; namespace api\aop;
use api\aop\aspects; use api\aop\aspects;
use Doctrine\Common\Annotations\AnnotationReader;
use Go\Core\AspectContainer; use Go\Core\AspectContainer;
use Go\Core\AspectKernel as BaseAspectKernel; use Go\Core\AspectKernel as BaseAspectKernel;
class AspectKernel extends BaseAspectKernel { class AspectKernel extends BaseAspectKernel {
protected function configureAop(AspectContainer $container): void { protected function configureAop(AspectContainer $container): void {
AnnotationReader::addGlobalIgnoredName('url');
$container->registerAspect(new aspects\MockDataAspect()); $container->registerAspect(new aspects\MockDataAspect());
$container->registerAspect(new aspects\CollectMetricsAspect()); $container->registerAspect(new aspects\CollectMetricsAspect());
} }

15
api/models/OauthProcess.php
View File

@ -126,8 +126,8 @@ class OauthProcess {
/** /**
* Метод выполняется сервером приложения, которому был выдан auth_token или refresh_token. * Метод выполняется сервером приложения, которому был выдан auth_token или refresh_token.
* *
* Входными данными является стандартный список GET параметров по стандарту oAuth: * Входными данными является стандартный список POST параметров по стандарту oAuth:
* $_GET = [ * $_POST = [
* client_id, * client_id,
* client_secret, * client_secret,
* redirect_uri, * redirect_uri,
@ -135,7 +135,7 @@ class OauthProcess {
* grant_type, * grant_type,
* ] * ]
* для запроса grant_type = authentication_code. * для запроса grant_type = authentication_code.
* $_GET = [ * $_POST = [
* client_id, * client_id,
* client_secret, * client_secret,
* refresh_token, * refresh_token,
@ -145,12 +145,15 @@ class OauthProcess {
* @return array * @return array
*/ */
public function getToken(): array { public function getToken(): array {
$grantType = Yii::$app->request->post('grant_type', 'null');
try { try {
Yii::$app->statsd->inc('oauth.issueToken.attempt'); Yii::$app->statsd->inc("oauth.issueToken_{$grantType}.attempt");
$response = $this->server->issueAccessToken(); $response = $this->server->issueAccessToken();
Yii::$app->statsd->inc('oauth.issueToken.success'); $clientId = Yii::$app->request->post('client_id');
Yii::$app->statsd->inc("oauth.issueToken_client.{$clientId}");
Yii::$app->statsd->inc("oauth.issueToken_{$grantType}.success");
} catch (OAuthException $e) { } catch (OAuthException $e) {
Yii::$app->statsd->inc('oauth.issueToken.fail'); Yii::$app->statsd->inc("oauth.issueToken_{$grantType}.fail");
Yii::$app->response->statusCode = $e->httpStatusCode; Yii::$app->response->statusCode = $e->httpStatusCode;
$response = [ $response = [
'error' => $e->errorType, 'error' => $e->errorType,

4
api/modules/authserver/exceptions/IllegalArgumentException.php
View File

@ -3,8 +3,8 @@ namespace api\modules\authserver\exceptions;
class IllegalArgumentException extends AuthserverException { class IllegalArgumentException extends AuthserverException {
public function __construct($status = null, $message = null, $code = 0, \Exception $previous = null) { public function __construct($message = 'credentials can not be null.') {
parent::__construct(400, 'credentials can not be null.', $code, $previous); parent::__construct(400, $message);
} }
} }

2
api/modules/authserver/models/AuthenticationForm.php
View File

@ -5,6 +5,7 @@ use api\models\authentication\LoginForm;
use api\models\base\ApiForm; use api\models\base\ApiForm;
use api\modules\authserver\exceptions\ForbiddenOperationException; use api\modules\authserver\exceptions\ForbiddenOperationException;
use api\modules\authserver\Module as Authserver; use api\modules\authserver\Module as Authserver;
use api\modules\authserver\validators\ClientTokenValidator;
use api\modules\authserver\validators\RequiredValidator; use api\modules\authserver\validators\RequiredValidator;
use common\helpers\Error as E; use common\helpers\Error as E;
use common\models\Account; use common\models\Account;
@ -19,6 +20,7 @@ class AuthenticationForm extends ApiForm {
public function rules() { public function rules() {
return [ return [
[['username', 'password', 'clientToken'], RequiredValidator::class], [['username', 'password', 'clientToken'], RequiredValidator::class],
[['clientToken'], ClientTokenValidator::class],
]; ];
} }

25
api/modules/authserver/validators/ClientTokenValidator.php Normal file
View File

@ -0,0 +1,25 @@
<?php
namespace api\modules\authserver\validators;
use api\modules\authserver\exceptions\IllegalArgumentException;
/**
* Максимальная длина clientToken для нашей базы данных составляет 255.
* После этого мы не принимаем указанный токен
*/
class ClientTokenValidator extends \yii\validators\RequiredValidator {
/**
* @param string $value
* @return null
* @throws \api\modules\authserver\exceptions\AuthserverException
*/
protected function validateValue($value) {
if (mb_strlen($value) > 255) {
throw new IllegalArgumentException('clientToken is too long.');
}
return null;
}
}

2
api/modules/session/models/JoinForm.php
View File

@ -53,7 +53,7 @@ class JoinForm extends Model {
$serverId = $this->serverId; $serverId = $this->serverId;
$accessToken = $this->accessToken; $accessToken = $this->accessToken;
Session::info("User with access_token = '{$accessToken}' trying join to server with server_id = '{$serverId}'."); Session::info("User with access_token = '{$accessToken}' trying join to server with server_id = '{$serverId}'.");
Yii::$app->statsd->inc('sessionserver.join.attempts'); Yii::$app->statsd->inc('sessionserver.join.attempt');
if (!$this->validate()) { if (!$this->validate()) {
return false; return false;
} }

2
common/config/config.php
View File

@ -1,6 +1,6 @@
<?php <?php
return [ return [
'version' => '1.1.22', 'version' => '1.1.23',
'vendorPath' => dirname(__DIR__, 2) . '/vendor', 'vendorPath' => dirname(__DIR__, 2) . '/vendor',
'components' => [ 'components' => [
'cache' => [ 'cache' => [

2
common/tasks/SendCurrentEmailConfirmation.php
View File

@ -5,6 +5,7 @@ namespace common\tasks;
use common\emails\EmailHelper; use common\emails\EmailHelper;
use common\emails\templates\ChangeEmailConfirmCurrentEmail; use common\emails\templates\ChangeEmailConfirmCurrentEmail;
use common\models\confirmations\CurrentEmailConfirmation; use common\models\confirmations\CurrentEmailConfirmation;
use Yii;
use yii\queue\RetryableJobInterface; use yii\queue\RetryableJobInterface;
class SendCurrentEmailConfirmation implements RetryableJobInterface { class SendCurrentEmailConfirmation implements RetryableJobInterface {
@ -36,6 +37,7 @@ class SendCurrentEmailConfirmation implements RetryableJobInterface {
* @param \yii\queue\Queue $queue * @param \yii\queue\Queue $queue
*/ */
public function execute($queue) { public function execute($queue) {
Yii::$app->statsd->inc('queue.sendCurrentEmailConfirmation.attempt');
$to = EmailHelper::buildTo($this->username, $this->email); $to = EmailHelper::buildTo($this->username, $this->email);
$template = new ChangeEmailConfirmCurrentEmail($to, $this->code); $template = new ChangeEmailConfirmCurrentEmail($to, $this->code);
$template->send(); $template->send();

2
common/tasks/SendNewEmailConfirmation.php
View File

@ -5,6 +5,7 @@ namespace common\tasks;
use common\emails\EmailHelper; use common\emails\EmailHelper;
use common\emails\templates\ChangeEmailConfirmNewEmail; use common\emails\templates\ChangeEmailConfirmNewEmail;
use common\models\confirmations\NewEmailConfirmation; use common\models\confirmations\NewEmailConfirmation;
use Yii;
use yii\queue\RetryableJobInterface; use yii\queue\RetryableJobInterface;
class SendNewEmailConfirmation implements RetryableJobInterface { class SendNewEmailConfirmation implements RetryableJobInterface {
@ -36,6 +37,7 @@ class SendNewEmailConfirmation implements RetryableJobInterface {
* @param \yii\queue\Queue $queue * @param \yii\queue\Queue $queue
*/ */
public function execute($queue) { public function execute($queue) {
Yii::$app->statsd->inc('queue.sendNewEmailConfirmation.attempt');
$to = EmailHelper::buildTo($this->username, $this->email); $to = EmailHelper::buildTo($this->username, $this->email);
$template = new ChangeEmailConfirmNewEmail($to, $this->username, $this->code); $template = new ChangeEmailConfirmNewEmail($to, $this->username, $this->code);
$template->send(); $template->send();

1
common/tasks/SendPasswordRecoveryEmail.php
View File

@ -47,6 +47,7 @@ class SendPasswordRecoveryEmail implements RetryableJobInterface {
* @throws \common\emails\exceptions\CannotSendEmailException * @throws \common\emails\exceptions\CannotSendEmailException
*/ */
public function execute($queue) { public function execute($queue) {
Yii::$app->statsd->inc('queue.sendPasswordRecovery.attempt');
$params = new ForgotPasswordParams($this->username, $this->code, $this->link); $params = new ForgotPasswordParams($this->username, $this->code, $this->link);
$to = EmailHelper::buildTo($this->username, $this->email); $to = EmailHelper::buildTo($this->username, $this->email);
$template = new ForgotPasswordEmail($to, $this->locale, $params); $template = new ForgotPasswordEmail($to, $this->locale, $params);

1
common/tasks/SendRegistrationEmail.php
View File

@ -47,6 +47,7 @@ class SendRegistrationEmail implements RetryableJobInterface {
* @throws \common\emails\exceptions\CannotSendEmailException * @throws \common\emails\exceptions\CannotSendEmailException
*/ */
public function execute($queue) { public function execute($queue) {
Yii::$app->statsd->inc('queue.sendRegistrationEmail.attempt');
$params = new RegistrationEmailParams($this->username, $this->code, $this->link); $params = new RegistrationEmailParams($this->username, $this->code, $this->link);
$to = EmailHelper::buildTo($this->username, $this->email); $to = EmailHelper::buildTo($this->username, $this->email);
$template = new RegistrationEmail($to, $this->locale, $params); $template = new RegistrationEmail($to, $this->locale, $params);

15
console/migrations/m180102_164624_increase_minecraft_access_keys_client_token_length.php Normal file
View File

@ -0,0 +1,15 @@
<?php
use console\db\Migration;
class m180102_164624_increase_minecraft_access_keys_client_token_length extends Migration {
public function safeUp() {
$this->alterColumn('{{%minecraft_access_keys}}', 'client_token', $this->string()->notNull());
}
public function safeDown() {
$this->alterColumn('{{%minecraft_access_keys}}', 'client_token', $this->string(36)->notNull());
}
}

25
tests/codeception/api/functional/authserver/AuthorizationCest.php
View File

@ -75,6 +75,31 @@ class AuthorizationCest {
$this->testSuccessResponse($I); $this->testSuccessResponse($I);
} }
public function longClientToken(FunctionalTester $I) {
$I->wantTo('send non uuid clientToken, but less then 255 characters');
$this->route->authenticate([
'username' => 'admin@ely.by',
'password' => 'password_0',
'clientToken' => str_pad('', 255, 'x'),
]);
$this->testSuccessResponse($I);
}
public function tooLongClientToken(FunctionalTester $I) {
$I->wantTo('send non uuid clientToken with more then 255 characters length');
$this->route->authenticate([
'username' => 'admin@ely.by',
'password' => 'password_0',
'clientToken' => str_pad('', 256, 'x'),
]);
$I->canSeeResponseCodeIs(400);
$I->canSeeResponseIsJson();
$I->canSeeResponseContainsJson([
'error' => 'IllegalArgumentException',
'errorMessage' => 'clientToken is too long.',
]);
}
public function wrongArguments(FunctionalTester $I) { public function wrongArguments(FunctionalTester $I) {
$I->wantTo('get error on wrong amount of arguments'); $I->wantTo('get error on wrong amount of arguments');
$this->route->authenticate([ $this->route->authenticate([