mirror of
https://github.com/elyby/accounts.git
synced 2025-05-31 14:11:46 +05:30
Resolves #2. Implemented authlib-injector support
This commit is contained in:
ErickSkrauch
@@ -36,19 +36,31 @@ class SessionServerSteps extends FunctionalTester {
|
||||
return [$username, $serverId];
|
||||
}
|
||||
|
||||
public function canSeeValidTexturesResponse($expectedUsername, $expectedUuid) {
|
||||
public function canSeeValidTexturesResponse(
|
||||
string $expectedUsername,
|
||||
string $expectedUuid,
|
||||
bool $shouldBeSigned = false
|
||||
) {
|
||||
$this->seeResponseIsJson();
|
||||
$this->canSeeResponseContainsJson([
|
||||
'name' => $expectedUsername,
|
||||
'id' => $expectedUuid,
|
||||
'ely' => true,
|
||||
'properties' => [
|
||||
[
|
||||
'name' => 'textures',
|
||||
'signature' => 'Cg==',
|
||||
],
|
||||
[
|
||||
'name' => 'ely',
|
||||
'value' => 'but why are you asking?',
|
||||
],
|
||||
],
|
||||
]);
|
||||
if ($shouldBeSigned) {
|
||||
$this->canSeeResponseJsonMatchesJsonPath('$.properties[?(@.name == "textures")].signature');
|
||||
} else {
|
||||
$this->cantSeeResponseJsonMatchesJsonPath('$.properties[?(@.name == "textures")].signature');
|
||||
}
|
||||
|
||||
$this->canSeeResponseJsonMatchesJsonPath('$.properties[0].value');
|
||||
$value = $this->grabDataFromResponseByJsonPath('$.properties[0].value')[0];
|
||||
$decoded = json_decode(base64_decode($value), true);
|
||||
@@ -56,7 +68,6 @@ class SessionServerSteps extends FunctionalTester {
|
||||
$this->assertArrayHasKey('textures', $decoded);
|
||||
$this->assertSame($expectedUuid, $decoded['profileId']);
|
||||
$this->assertSame($expectedUsername, $decoded['profileName']);
|
||||
$this->assertTrue($decoded['ely']);
|
||||
$textures = $decoded['textures'];
|
||||
$this->assertArrayHasKey('SKIN', $textures);
|
||||
$skinTextures = $textures['SKIN'];
|
||||
|
||||
52
api/tests/functional/authlibInjector/HasJoinedCest.php
Normal file
52
api/tests/functional/authlibInjector/HasJoinedCest.php
Normal file
@@ -0,0 +1,52 @@
|
||||
<?php
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace api\tests\functional\authlibInjector;
|
||||
|
||||
use api\tests\functional\_steps\SessionServerSteps;
|
||||
use api\tests\FunctionalTester;
|
||||
use function Ramsey\Uuid\v4 as uuid;
|
||||
|
||||
class HasJoinedCest {
|
||||
|
||||
public function hasJoined(SessionServerSteps $I) {
|
||||
$I->wantTo('check hasJoined user to some server');
|
||||
[$username, $serverId] = $I->amJoined();
|
||||
|
||||
$I->sendGET('/api/authlib-injector/sessionserver/session/minecraft/hasJoined', [
|
||||
'username' => $username,
|
||||
'serverId' => $serverId,
|
||||
]);
|
||||
|
||||
$I->seeResponseCodeIs(200);
|
||||
$I->canSeeValidTexturesResponse($username, 'df936908b2e1544d96f82977ec213022', true);
|
||||
}
|
||||
|
||||
public function wrongArguments(FunctionalTester $I) {
|
||||
$I->wantTo('get error on wrong amount of arguments');
|
||||
$I->sendGET('/api/authlib-injector/sessionserver/session/minecraft/hasJoined', [
|
||||
'wrong' => 'argument',
|
||||
]);
|
||||
$I->canSeeResponseCodeIs(400);
|
||||
$I->canSeeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'error' => 'IllegalArgumentException',
|
||||
'errorMessage' => 'credentials can not be null.',
|
||||
]);
|
||||
}
|
||||
|
||||
public function hasJoinedWithNoJoinOperation(FunctionalTester $I) {
|
||||
$I->wantTo('hasJoined to some server without join call');
|
||||
$I->sendGET('/api/authlib-injector/sessionserver/session/minecraft/hasJoined', [
|
||||
'username' => 'some-username',
|
||||
'serverId' => uuid(),
|
||||
]);
|
||||
$I->seeResponseCodeIs(401);
|
||||
$I->seeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'error' => 'ForbiddenOperationException',
|
||||
'errorMessage' => 'Invalid token.',
|
||||
]);
|
||||
}
|
||||
|
||||
}
|
||||
30
api/tests/functional/authlibInjector/IndexCest.php
Normal file
30
api/tests/functional/authlibInjector/IndexCest.php
Normal file
@@ -0,0 +1,30 @@
|
||||
<?php
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace api\tests\functional\authlibInjector;
|
||||
|
||||
use api\tests\FunctionalTester;
|
||||
|
||||
class IndexCest {
|
||||
|
||||
public function index(FunctionalTester $I) {
|
||||
$I->sendGet('/api/authlib-injector');
|
||||
$I->seeResponseCodeIs(200);
|
||||
$I->canSeeResponseContainsJson([
|
||||
'meta' => [
|
||||
'serverName' => 'Ely.by',
|
||||
'implementationName' => 'Account Ely.by adapter for the authlib-injector library',
|
||||
'implementationVersion' => '1.0.0',
|
||||
'feature.no_mojang_namespace' => true,
|
||||
'links' => [
|
||||
'homepage' => 'https://ely.by',
|
||||
'register' => 'https://account.ely.by/register',
|
||||
],
|
||||
],
|
||||
'skinDomains' => ['ely.by', '.ely.by'],
|
||||
'signaturePublickey' => "-----BEGIN PUBLIC KEY-----\nMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANbUpVCZkMKpfvYZ08W3lumdAaYxLBnm\nUDlzHBQH3DpYef5WCO32TDU6feIJ58A0lAywgtZ4wwi2dGHOz/1hAvcCAwEAAQ==\n-----END PUBLIC KEY-----",
|
||||
]);
|
||||
$I->canSeeHttpHeader('X-Accel-Expires');
|
||||
}
|
||||
|
||||
}
|
||||
147
api/tests/functional/authlibInjector/JoinCest.php
Normal file
147
api/tests/functional/authlibInjector/JoinCest.php
Normal file
@@ -0,0 +1,147 @@
|
||||
<?php
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace api\tests\functional\authlibInjector;
|
||||
|
||||
use api\rbac\Permissions as P;
|
||||
use api\tests\functional\_steps\AuthserverSteps;
|
||||
use api\tests\functional\_steps\OauthSteps;
|
||||
use api\tests\FunctionalTester;
|
||||
use Codeception\Example;
|
||||
use function Ramsey\Uuid\v4 as uuid;
|
||||
|
||||
class JoinCest {
|
||||
|
||||
public function joinByLegacyAuthserver(AuthserverSteps $I) {
|
||||
$I->wantTo('join to server, using legacy authserver access token');
|
||||
[$accessToken] = $I->amAuthenticated();
|
||||
$I->sendPOST('/api/authlib-injector/sessionserver/session/minecraft/join', [
|
||||
'accessToken' => $accessToken,
|
||||
'selectedProfile' => 'df936908-b2e1-544d-96f8-2977ec213022',
|
||||
'serverId' => uuid(),
|
||||
]);
|
||||
$this->expectSuccessResponse($I);
|
||||
}
|
||||
|
||||
public function joinByPassJsonInPost(AuthserverSteps $I) {
|
||||
$I->wantTo('join to server, passing data in body as encoded json');
|
||||
[$accessToken] = $I->amAuthenticated();
|
||||
$I->sendPOST('/api/authlib-injector/sessionserver/session/minecraft/join', [
|
||||
'accessToken' => $accessToken,
|
||||
'selectedProfile' => 'df936908-b2e1-544d-96f8-2977ec213022',
|
||||
'serverId' => uuid(),
|
||||
]);
|
||||
$this->expectSuccessResponse($I);
|
||||
}
|
||||
|
||||
/**
|
||||
* @example ["df936908-b2e1-544d-96f8-2977ec213022"]
|
||||
* @example ["df936908b2e1544d96f82977ec213022"]
|
||||
*/
|
||||
public function joinByOauth2Token(OauthSteps $I, Example $case) {
|
||||
$I->wantTo('join to server, using modern oAuth2 generated token');
|
||||
$accessToken = $I->getAccessToken([P::MINECRAFT_SERVER_SESSION]);
|
||||
$I->sendPOST('/api/authlib-injector/sessionserver/session/minecraft/join', [
|
||||
'accessToken' => $accessToken,
|
||||
'selectedProfile' => $case[0],
|
||||
'serverId' => uuid(),
|
||||
]);
|
||||
$this->expectSuccessResponse($I);
|
||||
}
|
||||
|
||||
public function joinByModernOauth2TokenWithoutPermission(OauthSteps $I) {
|
||||
$I->wantTo('join to server, using moder oAuth2 generated token, but without minecraft auth permission');
|
||||
$accessToken = $I->getAccessToken(['account_info', 'account_email']);
|
||||
$I->sendPOST('/api/authlib-injector/sessionserver/session/minecraft/join', [
|
||||
'accessToken' => $accessToken,
|
||||
'selectedProfile' => 'df936908-b2e1-544d-96f8-2977ec213022',
|
||||
'serverId' => uuid(),
|
||||
]);
|
||||
$I->seeResponseCodeIs(401);
|
||||
$I->seeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'error' => 'ForbiddenOperationException',
|
||||
'errorMessage' => 'The token does not have required scope.',
|
||||
]);
|
||||
}
|
||||
|
||||
public function joinWithExpiredToken(FunctionalTester $I) {
|
||||
$I->wantTo('join to some server with expired accessToken');
|
||||
$I->sendPOST('/api/authlib-injector/sessionserver/session/minecraft/join', [
|
||||
'accessToken' => '6042634a-a1e2-4aed-866c-c661fe4e63e2',
|
||||
'selectedProfile' => 'df936908-b2e1-544d-96f8-2977ec213022',
|
||||
'serverId' => uuid(),
|
||||
]);
|
||||
$I->seeResponseCodeIs(401);
|
||||
$I->seeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'error' => 'ForbiddenOperationException',
|
||||
'errorMessage' => 'Expired access_token.',
|
||||
]);
|
||||
}
|
||||
|
||||
public function wrongArguments(FunctionalTester $I) {
|
||||
$I->wantTo('get error on wrong amount of arguments');
|
||||
$I->sendPOST('/api/authlib-injector/sessionserver/session/minecraft/join', [
|
||||
'wrong' => 'argument',
|
||||
]);
|
||||
$I->canSeeResponseCodeIs(400);
|
||||
$I->canSeeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'error' => 'IllegalArgumentException',
|
||||
'errorMessage' => 'credentials can not be null.',
|
||||
]);
|
||||
}
|
||||
|
||||
public function joinWithWrongAccessToken(FunctionalTester $I) {
|
||||
$I->wantTo('join to some server with wrong accessToken');
|
||||
$I->sendPOST('/api/authlib-injector/sessionserver/session/minecraft/join', [
|
||||
'accessToken' => uuid(),
|
||||
'selectedProfile' => 'df936908-b2e1-544d-96f8-2977ec213022',
|
||||
'serverId' => uuid(),
|
||||
]);
|
||||
$I->seeResponseCodeIs(401);
|
||||
$I->seeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'error' => 'ForbiddenOperationException',
|
||||
'errorMessage' => 'Invalid access_token.',
|
||||
]);
|
||||
}
|
||||
|
||||
public function joinWithNilUuids(FunctionalTester $I) {
|
||||
$I->wantTo('join to some server with nil accessToken and selectedProfile');
|
||||
$I->sendPOST('/api/authlib-injector/sessionserver/session/minecraft/join', [
|
||||
'accessToken' => '00000000-0000-0000-0000-000000000000',
|
||||
'selectedProfile' => 'df936908-b2e1-544d-96f8-2977ec213022',
|
||||
'serverId' => uuid(),
|
||||
]);
|
||||
$I->canSeeResponseCodeIs(400);
|
||||
$I->canSeeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'error' => 'IllegalArgumentException',
|
||||
'errorMessage' => 'credentials can not be null.',
|
||||
]);
|
||||
}
|
||||
|
||||
public function joinByAccountMarkedForDeletion(FunctionalTester $I) {
|
||||
$I->sendPOST('/api/authlib-injector/sessionserver/session/minecraft/join', [
|
||||
'accessToken' => '239ba889-7020-4383-8d99-cd8c8aab4a2f',
|
||||
'selectedProfile' => '6383de63-8f85-4ed5-92b7-5401a1fa68cd',
|
||||
'serverId' => uuid(),
|
||||
]);
|
||||
$I->canSeeResponseCodeIs(401);
|
||||
$I->canSeeResponseContainsJson([
|
||||
'error' => 'ForbiddenOperationException',
|
||||
'errorMessage' => 'Invalid credentials',
|
||||
]);
|
||||
}
|
||||
|
||||
private function expectSuccessResponse(FunctionalTester $I) {
|
||||
$I->seeResponseCodeIs(200);
|
||||
$I->seeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'id' => 'OK',
|
||||
]);
|
||||
}
|
||||
|
||||
}
|
||||
56
api/tests/functional/authlibInjector/ProfileCest.php
Normal file
56
api/tests/functional/authlibInjector/ProfileCest.php
Normal file
@@ -0,0 +1,56 @@
|
||||
<?php
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace api\tests\functional\authlibInjector;
|
||||
|
||||
use api\tests\functional\_steps\SessionServerSteps;
|
||||
use api\tests\FunctionalTester;
|
||||
use Codeception\Example;
|
||||
use function Ramsey\Uuid\v4;
|
||||
|
||||
class ProfileCest {
|
||||
|
||||
/**
|
||||
* @example ["df936908-b2e1-544d-96f8-2977ec213022"]
|
||||
* @example ["df936908b2e1544d96f82977ec213022"]
|
||||
*/
|
||||
public function getProfile(SessionServerSteps $I, Example $case) {
|
||||
$I->sendGET("/api/authlib-injector/sessionserver/session/minecraft/profile/{$case[0]}");
|
||||
$I->canSeeValidTexturesResponse('Admin', 'df936908b2e1544d96f82977ec213022', false);
|
||||
}
|
||||
|
||||
public function getProfileSigned(SessionServerSteps $I) {
|
||||
$I->sendGET('/api/authlib-injector/sessionserver/session/minecraft/profile/df936908b2e1544d96f82977ec213022?unsigned=false');
|
||||
$I->canSeeValidTexturesResponse('Admin', 'df936908b2e1544d96f82977ec213022', true);
|
||||
}
|
||||
|
||||
public function directCallWithoutUuidPart(FunctionalTester $I) {
|
||||
$I->sendGET('/api/authlib-injector/sessionserver/session/minecraft/profile/');
|
||||
$I->canSeeResponseCodeIs(404);
|
||||
}
|
||||
|
||||
public function callWithInvalidUuid(FunctionalTester $I) {
|
||||
$I->wantTo('call profile route with invalid uuid string');
|
||||
$I->sendGET('/api/authlib-injector/sessionserver/session/minecraft/profile/bla-bla-bla');
|
||||
$I->canSeeResponseCodeIs(400);
|
||||
$I->canSeeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'error' => 'IllegalArgumentException',
|
||||
'errorMessage' => 'Invalid uuid format.',
|
||||
]);
|
||||
}
|
||||
|
||||
public function getProfileWithNonexistentUuid(FunctionalTester $I) {
|
||||
$I->wantTo('get info about nonexistent uuid');
|
||||
$I->sendGET('/api/authlib-injector/sessionserver/session/minecraft/profile/' . v4());
|
||||
$I->canSeeResponseCodeIs(204);
|
||||
$I->canSeeResponseEquals('');
|
||||
}
|
||||
|
||||
public function getProfileOfAccountMarkedForDeletion(FunctionalTester $I) {
|
||||
$I->sendGET('/api/authlib-injector/sessionserver/session/minecraft/profile/6383de63-8f85-4ed5-92b7-5401a1fa68cd');
|
||||
$I->canSeeResponseCodeIs(204);
|
||||
$I->canSeeResponseEquals('');
|
||||
}
|
||||
|
||||
}
|
||||
@@ -26,7 +26,7 @@ class HasJoinedCest {
|
||||
'serverId' => $serverId,
|
||||
]);
|
||||
$I->seeResponseCodeIs(200);
|
||||
$I->canSeeValidTexturesResponse($username, 'df936908b2e1544d96f82977ec213022');
|
||||
$I->canSeeValidTexturesResponse($username, 'df936908b2e1544d96f82977ec213022', true);
|
||||
}
|
||||
|
||||
public function wrongArguments(FunctionalTester $I) {
|
||||
|
||||
@@ -4,6 +4,7 @@ namespace api\tests\functional\sessionserver;
|
||||
use api\tests\_pages\SessionServerRoute;
|
||||
use api\tests\functional\_steps\SessionServerSteps;
|
||||
use api\tests\FunctionalTester;
|
||||
use Codeception\Example;
|
||||
use function Ramsey\Uuid\v4;
|
||||
|
||||
class ProfileCest {
|
||||
@@ -17,16 +18,20 @@ class ProfileCest {
|
||||
$this->route = new SessionServerRoute($I);
|
||||
}
|
||||
|
||||
public function getProfile(SessionServerSteps $I) {
|
||||
/**
|
||||
* @example ["df936908-b2e1-544d-96f8-2977ec213022"]
|
||||
* @example ["df936908b2e1544d96f82977ec213022"]
|
||||
*/
|
||||
public function getProfile(SessionServerSteps $I, Example $case) {
|
||||
$I->wantTo('get info about player textures by uuid');
|
||||
$this->route->profile('df936908-b2e1-544d-96f8-2977ec213022');
|
||||
$this->route->profile($case[0]);
|
||||
$I->canSeeValidTexturesResponse('Admin', 'df936908b2e1544d96f82977ec213022');
|
||||
}
|
||||
|
||||
public function getProfileByUuidWithoutDashes(SessionServerSteps $I) {
|
||||
$I->wantTo('get info about player textures by uuid without dashes');
|
||||
$this->route->profile('df936908b2e1544d96f82977ec213022');
|
||||
$I->canSeeValidTexturesResponse('Admin', 'df936908b2e1544d96f82977ec213022');
|
||||
public function getProfileWithSignedTextures(SessionServerSteps $I) {
|
||||
$I->wantTo('get info about player textures by uuid');
|
||||
$this->route->profile('df936908b2e1544d96f82977ec213022', true);
|
||||
$I->canSeeValidTexturesResponse('Admin', 'df936908b2e1544d96f82977ec213022', true);
|
||||
}
|
||||
|
||||
public function directCallWithoutUuidPart(FunctionalTester $I) {
|
||||
|
||||
Reference in New Issue
Block a user