mirror of
https://github.com/elyby/accounts.git
synced 2024-12-23 13:50:06 +05:30
Fixes #17. Simplify redirect_uri validation rules to allow localhost
This commit is contained in:
parent
9c39e97640
commit
262bdbc08e
@ -3,11 +3,12 @@ declare(strict_types=1);
|
||||
|
||||
namespace api\modules\oauth\models;
|
||||
|
||||
use Closure;
|
||||
use common\helpers\Error as E;
|
||||
use common\models\OauthClient;
|
||||
use yii\helpers\ArrayHelper;
|
||||
|
||||
class ApplicationType extends BaseOauthClientType {
|
||||
final class ApplicationType extends BaseOauthClientType {
|
||||
|
||||
public $description;
|
||||
|
||||
@ -16,7 +17,7 @@ class ApplicationType extends BaseOauthClientType {
|
||||
public function rules(): array {
|
||||
return ArrayHelper::merge(parent::rules(), [
|
||||
['redirectUri', 'required', 'message' => E::REDIRECT_URI_REQUIRED],
|
||||
['redirectUri', 'url', 'validSchemes' => ['[\w]+'], 'message' => E::REDIRECT_URI_INVALID],
|
||||
['redirectUri', Closure::fromCallable([$this, 'validateUrl'])],
|
||||
['description', 'string'],
|
||||
]);
|
||||
}
|
||||
@ -27,4 +28,10 @@ class ApplicationType extends BaseOauthClientType {
|
||||
$client->redirect_uri = $this->redirectUri;
|
||||
}
|
||||
|
||||
private function validateUrl(string $attribute): void {
|
||||
if (!filter_var($this->$attribute, FILTER_VALIDATE_URL)) {
|
||||
$this->addError($attribute, E::REDIRECT_URI_INVALID);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -6,43 +6,14 @@ namespace api\tests\functional\dev\applications;
|
||||
use api\tests\_pages\OauthRoute;
|
||||
use api\tests\FunctionalTester;
|
||||
|
||||
class CreateClientCest {
|
||||
final class CreateClientCest {
|
||||
|
||||
/**
|
||||
* @var OauthRoute
|
||||
*/
|
||||
private $route;
|
||||
private OauthRoute $route;
|
||||
|
||||
public function _before(FunctionalTester $I) {
|
||||
$this->route = new OauthRoute($I);
|
||||
}
|
||||
|
||||
public function testCreateApplicationWithWrongParams(FunctionalTester $I) {
|
||||
$I->amAuthenticated('admin');
|
||||
|
||||
$this->route->createClient('application', []);
|
||||
$I->canSeeResponseCodeIs(200);
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => false,
|
||||
'errors' => [
|
||||
'name' => 'error.name_required',
|
||||
'redirectUri' => 'error.redirectUri_required',
|
||||
],
|
||||
]);
|
||||
|
||||
$this->route->createClient('application', [
|
||||
'name' => 'my test oauth client',
|
||||
'redirectUri' => 'localhost',
|
||||
]);
|
||||
$I->canSeeResponseCodeIs(200);
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => false,
|
||||
'errors' => [
|
||||
'redirectUri' => 'error.redirectUri_invalid',
|
||||
],
|
||||
]);
|
||||
}
|
||||
|
||||
public function testCreateApplication(FunctionalTester $I) {
|
||||
$I->amAuthenticated('admin');
|
||||
$this->route->createClient('application', [
|
||||
@ -109,4 +80,18 @@ class CreateClientCest {
|
||||
]);
|
||||
}
|
||||
|
||||
public function testCreateApplicationWithWrongParams(FunctionalTester $I): void {
|
||||
$I->amAuthenticated('admin');
|
||||
|
||||
$this->route->createClient('application', []);
|
||||
$I->canSeeResponseCodeIs(200);
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => false,
|
||||
'errors' => [
|
||||
'name' => 'error.name_required',
|
||||
'redirectUri' => 'error.redirectUri_required',
|
||||
],
|
||||
]);
|
||||
}
|
||||
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user