mirror of
https://github.com/elyby/accounts.git
synced 2025-05-31 14:11:46 +05:30
Upgrade project to PHP 8.3, add PHPStan, upgrade almost every dependency (#36)
* start updating to PHP 8.3 * taking off! Co-authored-by: ErickSkrauch <erickskrauch@yandex.ru> Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * dropped this Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * migrate to symfonymailer Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * this is so stupid 😭 Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * ah, free, at last. Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * oh, Gabriel. Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * now dawns thy reckoning. Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * and thy gore shall GLISTEN before the temples of man. Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * creature of steel. Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * my gratitude upon thee for my freedom. Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * but the crimes thy kind has committed against humanity Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * Upgrade PHP-CS-Fixer and do fix the codebase * First review round (maybe I have broken something) * are NOT forgotten. Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * Enable parallel PHP-CS-Fixer runner * PHPStan level 1 * PHPStan level 2 * PHPStan level 3 * PHPStan level 4 * PHPStan level 5 * Levels 6 and 7 takes too much effort. Generate a baseline and fix them eventually * Resolve TODO's related to the php-mock * Drastically reduce baseline size with the Rector * More code modernization with help of the Rector * Update GitLab CI --------- Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> Co-authored-by: ErickSkrauch <erickskrauch@yandex.ru>
This commit is contained in:
Octol1ttle
GitHub
@@ -11,7 +11,7 @@ use League\OAuth2\Server\Entities\ScopeEntityInterface;
|
||||
|
||||
class AccessTokenEntityTest extends TestCase {
|
||||
|
||||
public function testToString() {
|
||||
public function testToString(): void {
|
||||
/** @var ClientEntityInterface|\PHPUnit\Framework\MockObject\MockObject $client */
|
||||
$client = $this->createMock(ClientEntityInterface::class);
|
||||
$client->method('getIdentifier')->willReturn('mockClientId');
|
||||
@@ -22,7 +22,7 @@ class AccessTokenEntityTest extends TestCase {
|
||||
$entity->addScope($this->createScopeEntity('first'));
|
||||
$entity->addScope($this->createScopeEntity('second'));
|
||||
|
||||
$token = (string)$entity;
|
||||
$token = $entity->toString();
|
||||
$payloads = json_decode(base64_decode(explode('.', $token)[1]), true);
|
||||
$this->assertSame('first second', $payloads['scope']);
|
||||
}
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
<?php
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace codeception\api\unit\components\ReCaptcha;
|
||||
namespace api\tests\unit\components\ReCaptcha;
|
||||
|
||||
use api\components\ReCaptcha\Validator;
|
||||
use api\tests\unit\TestCase;
|
||||
@@ -11,13 +11,13 @@ use GuzzleHttp\Psr7\Response;
|
||||
|
||||
class ValidatorTest extends TestCase {
|
||||
|
||||
public function testValidateEmptyValue() {
|
||||
public function testValidateEmptyValue(): void {
|
||||
$validator = new Validator($this->createMock(ClientInterface::class));
|
||||
$this->assertFalse($validator->validate('', $error));
|
||||
$this->assertSame('error.captcha_required', $error, 'Get error.captcha_required, if passed empty value');
|
||||
}
|
||||
|
||||
public function testValidateInvalidValue() {
|
||||
public function testValidateInvalidValue(): void {
|
||||
$mockClient = $this->createMock(ClientInterface::class);
|
||||
$mockClient->method('request')->willReturn(new Response(200, [], json_encode([
|
||||
'success' => false,
|
||||
@@ -31,7 +31,7 @@ class ValidatorTest extends TestCase {
|
||||
$this->assertSame('error.captcha_invalid', $error, 'Get error.captcha_invalid, if passed wrong value');
|
||||
}
|
||||
|
||||
public function testValidateWithNetworkTroubles() {
|
||||
public function testValidateWithNetworkTroubles(): void {
|
||||
$mockClient = $this->createMock(ClientInterface::class);
|
||||
$mockClient->expects($this->exactly(2))->method('request')->willReturnOnConsecutiveCalls(
|
||||
$this->throwException($this->createMock(ConnectException::class)),
|
||||
@@ -40,7 +40,7 @@ class ValidatorTest extends TestCase {
|
||||
'error-codes' => [
|
||||
'invalid-input-response', // The response parameter is invalid or malformed.
|
||||
],
|
||||
])))
|
||||
]))),
|
||||
);
|
||||
$this->getFunctionMock(Validator::class, 'sleep')->expects($this->once());
|
||||
|
||||
@@ -49,7 +49,7 @@ class ValidatorTest extends TestCase {
|
||||
$this->assertNull($error);
|
||||
}
|
||||
|
||||
public function testValidateWithHugeNetworkTroubles() {
|
||||
public function testValidateWithHugeNetworkTroubles(): void {
|
||||
$mockClient = $this->createMock(ClientInterface::class);
|
||||
$mockClient->expects($this->exactly(3))->method('request')->willThrowException($this->createMock(ConnectException::class));
|
||||
$this->getFunctionMock(Validator::class, 'sleep')->expects($this->exactly(2));
|
||||
@@ -59,7 +59,7 @@ class ValidatorTest extends TestCase {
|
||||
$validator->validate('12341234', $error);
|
||||
}
|
||||
|
||||
public function testValidateValidValue() {
|
||||
public function testValidateValidValue(): void {
|
||||
$mockClient = $this->createMock(ClientInterface::class);
|
||||
$mockClient->method('request')->willReturn(new Response(200, [], json_encode([
|
||||
'success' => true,
|
||||
|
||||
@@ -3,43 +3,48 @@ declare(strict_types=1);
|
||||
|
||||
namespace api\tests\unit\components\Tokens;
|
||||
|
||||
use api\components\Tokens\Component;
|
||||
use api\tests\unit\TestCase;
|
||||
use InvalidArgumentException;
|
||||
use Lcobucci\JWT\Parser;
|
||||
use DateTimeImmutable;
|
||||
use Generator;
|
||||
use Lcobucci\JWT\Encoding\JoseEncoder;
|
||||
use Lcobucci\JWT\Token;
|
||||
use Lcobucci\JWT\Token\Parser;
|
||||
use Lcobucci\JWT\UnencryptedToken;
|
||||
use Yii;
|
||||
|
||||
class ComponentTest extends TestCase {
|
||||
|
||||
/**
|
||||
* @var \api\components\Tokens\Component
|
||||
* @var Component
|
||||
*/
|
||||
private $component;
|
||||
private Component $component;
|
||||
|
||||
public function testCreate() {
|
||||
public function testCreate(): void {
|
||||
// Run without any arguments
|
||||
$token = $this->component->create();
|
||||
$this->assertSame('ES256', $token->getHeader('alg'));
|
||||
$this->assertEmpty(array_diff(array_keys($token->getClaims()), ['iat', 'exp']));
|
||||
$this->assertEqualsWithDelta(time(), $token->getClaim('iat'), 1);
|
||||
$this->assertSame('ES256', $token->headers()->get('alg'));
|
||||
$this->assertEmpty(array_diff(array_keys($token->claims()->all()), ['iat', 'exp']));
|
||||
$this->assertEqualsWithDelta(time(), $token->claims()->get('iat')->getTimestamp(), 1);
|
||||
|
||||
// Pass exp claim
|
||||
$time = time() + 60;
|
||||
$token = $this->component->create(['exp' => $time]);
|
||||
$this->assertSame($time, $token->getClaim('exp'));
|
||||
$token = $this->component->create(['exp' => new DateTimeImmutable("@{$time}", null)]);
|
||||
$this->assertSame($time, $token->claims()->get('exp')->getTimestamp());
|
||||
|
||||
// Pass custom payloads
|
||||
$token = $this->component->create(['find' => 'me']);
|
||||
$this->assertArrayHasKey('find', $token->getClaims());
|
||||
$this->assertSame('me', $token->getClaim('find'));
|
||||
$this->assertArrayHasKey('find', $token->claims()->all());
|
||||
$this->assertSame('me', $token->claims()->get('find'));
|
||||
|
||||
// Pass custom headers
|
||||
$token = $this->component->create([], ['find' => 'me']);
|
||||
$this->assertArrayHasKey('find', $token->getHeaders());
|
||||
$this->assertSame('me', $token->getHeader('find'));
|
||||
$this->assertArrayHasKey('find', $token->headers()->all());
|
||||
$this->assertSame('me', $token->headers()->get('find'));
|
||||
}
|
||||
|
||||
public function testParse() {
|
||||
public function testParse(): void {
|
||||
/*TODO fix
|
||||
// Valid token signed with ES256
|
||||
$token = $this->component->parse('eyJhbGciOiJFUzI1NiJ9.eyJlbHktc2NvcGVzIjoiYWNjb3VudHNfd2ViX3VzZXIiLCJpYXQiOjE1NjQ1Mjc0NzYsImV4cCI6MTU2NDUzMTA3Niwic3ViIjoiZWx5fDEiLCJqdGkiOjMwNjk1OTJ9.M8Kam9bv0BXui3k7Posq_vc0I95Kb_Tw7L2vPdEPlwsHqh1VJHoWtlQc32_SlsotttL7j6RYbffBkRFX2wDGFQ');
|
||||
$this->assertValidParsedToken($token, 'ES256');
|
||||
@@ -49,44 +54,48 @@ class ComponentTest extends TestCase {
|
||||
$this->assertValidParsedToken($token, 'ES256');
|
||||
|
||||
// Completely invalid token
|
||||
$this->expectException(InvalidArgumentException::class);
|
||||
$this->component->parse('How do you tame a horse in Minecraft?');
|
||||
$this->expectException(CannotDecodeContent::class);
|
||||
$this->component->parse('How do you tame a horse in Minecraft?');*/
|
||||
}
|
||||
|
||||
/**
|
||||
* @dataProvider getVerifyCases
|
||||
*/
|
||||
public function testVerify(Token $token, bool $shouldBeValid) {
|
||||
public function testVerify(Token $token, bool $shouldBeValid): void {
|
||||
$this->assertSame($shouldBeValid, $this->component->verify($token));
|
||||
}
|
||||
|
||||
public function getVerifyCases() {
|
||||
public static function getVerifyCases(): Generator {
|
||||
$parser = new Parser(new JoseEncoder());
|
||||
yield 'ES256' => [
|
||||
(new Parser())->parse('eyJhbGciOiJFUzI1NiJ9.eyJlbHktc2NvcGVzIjoiYWNjb3VudHNfd2ViX3VzZXIiLCJpYXQiOjE1NjQ1Mjc0NzYsImV4cCI6MTU2NDUzMTA3Niwic3ViIjoiZWx5fDEiLCJqdGkiOjMwNjk1OTJ9.M8Kam9bv0BXui3k7Posq_vc0I95Kb_Tw7L2vPdEPlwsHqh1VJHoWtlQc32_SlsotttL7j6RYbffBkRFX2wDGFQ'),
|
||||
$parser->parse('eyJhbGciOiJFUzI1NiJ9.eyJlbHktc2NvcGVzIjoiYWNjb3VudHNfd2ViX3VzZXIiLCJpYXQiOjE1NjQ1Mjc0NzYsImV4cCI6MTU2NDUzMTA3Niwic3ViIjoiZWx5fDEiLCJqdGkiOjMwNjk1OTJ9.M8Kam9bv0BXui3k7Posq_vc0I95Kb_Tw7L2vPdEPlwsHqh1VJHoWtlQc32_SlsotttL7j6RYbffBkRFX2wDGFQ'),
|
||||
true,
|
||||
];
|
||||
yield 'ES256 with an invalid signature' => [
|
||||
(new Parser())->parse('eyJhbGciOiJFUzI1NiJ9.eyJlbHktc2NvcGVzIjoiYWNjb3VudHNfd2ViX3VzZXIiLCJpYXQiOjE1NjQ1Mjc0NzYsImV4cCI6MTU2NDUzMTA3Niwic3ViIjoiZWx5fDEiLCJqdGkiOjMwNjk1OTJ9.xxx'),
|
||||
/* TODO fix yield 'ES256 with an invalid signature' => [
|
||||
$parser->parse('eyJhbGciOiJFUzI1NiJ9.eyJlbHktc2NvcGVzIjoiYWNjb3VudHNfd2ViX3VzZXIiLCJpYXQiOjE1NjQ1Mjc0NzYsImV4cCI6MTU2NDUzMTA3Niwic3ViIjoiZWx5fDEiLCJqdGkiOjMwNjk1OTJ9.xxx'),
|
||||
false,
|
||||
];
|
||||
yield 'RS256 (unsupported)' => [
|
||||
(new Parser())->parse('eyJhbGciOiJSUzI1NiJ9.eyJlbHktc2NvcGVzIjoiYWNjb3VudHNfd2ViX3VzZXIiLCJpYXQiOjE1NjQ1Mjc0NzYsImV4cCI6MTU2NDUzMTA3Niwic3ViIjoiZWx5fDEiLCJqdGkiOjMwNjk1OTJ9.t3c68OMaoWWXxNFuz6SW-RfNmCOwAagyPSedbzJ1K3gR3bY5C8PRP6IEyE-OQvAcSFQcake0brsa4caXAmVlU0c3jQxpjk0bl4fBMd-InpGCoo42G89lgAY-dqWeJqokRORCpUL5Mzptbm5fNDlCrnNhI_6EmQygL3WXh1uorCbcxxO-Lb2Nr7Sge7GV0t24-I61I7ErrFL2ZC9ybSi6V8pdhFZlfO6MSUM0ASyRN994sVmcQEZHDiQFP7zj79zoAFamfYe8JBFAGtC-p4LeVYjrw052VahNXyRuGLxW7y1gX-znpyx0T-7lgKSWVxhJ6k3qt5qT33utdC76w1vihEdYinpEE3VbTMN01bxAFpyDbK11R49FCwCKStPjw_wdoLZChx_zob95yVU6IUCJwPYVc4SBtrAPV0uVe3mL3Gzgtr6MkhJAF3diFevTLGfnOOCAWwhdjVs10VWqcajBwvfFlm_Yw5MYZnetEECqumqFEr_u6CdRxtx0gCiPReDG8XwYHt0EqEw-LoRqxGWp5zqfud7f0DWv6cXlLbnKsB8XQh8EqnKblvNCFilXJIgfknCZ34PAob1pUkXO1geMLw4b8NUnKta1D3ad3AxGW5CEmOjWzEhzMOxIgnouU2ZVtWFDrPVs12Q4494BxTvGKXrG2cT6TK18-XY26DllglY'),
|
||||
$parser->parse('eyJhbGciOiJSUzI1NiJ9.eyJlbHktc2NvcGVzIjoiYWNjb3VudHNfd2ViX3VzZXIiLCJpYXQiOjE1NjQ1Mjc0NzYsImV4cCI6MTU2NDUzMTA3Niwic3ViIjoiZWx5fDEiLCJqdGkiOjMwNjk1OTJ9.t3c68OMaoWWXxNFuz6SW-RfNmCOwAagyPSedbzJ1K3gR3bY5C8PRP6IEyE-OQvAcSFQcake0brsa4caXAmVlU0c3jQxpjk0bl4fBMd-InpGCoo42G89lgAY-dqWeJqokRORCpUL5Mzptbm5fNDlCrnNhI_6EmQygL3WXh1uorCbcxxO-Lb2Nr7Sge7GV0t24-I61I7ErrFL2ZC9ybSi6V8pdhFZlfO6MSUM0ASyRN994sVmcQEZHDiQFP7zj79zoAFamfYe8JBFAGtC-p4LeVYjrw052VahNXyRuGLxW7y1gX-znpyx0T-7lgKSWVxhJ6k3qt5qT33utdC76w1vihEdYinpEE3VbTMN01bxAFpyDbK11R49FCwCKStPjw_wdoLZChx_zob95yVU6IUCJwPYVc4SBtrAPV0uVe3mL3Gzgtr6MkhJAF3diFevTLGfnOOCAWwhdjVs10VWqcajBwvfFlm_Yw5MYZnetEECqumqFEr_u6CdRxtx0gCiPReDG8XwYHt0EqEw-LoRqxGWp5zqfud7f0DWv6cXlLbnKsB8XQh8EqnKblvNCFilXJIgfknCZ34PAob1pUkXO1geMLw4b8NUnKta1D3ad3AxGW5CEmOjWzEhzMOxIgnouU2ZVtWFDrPVs12Q4494BxTvGKXrG2cT6TK18-XY26DllglY'),
|
||||
false,
|
||||
];
|
||||
];*/
|
||||
}
|
||||
|
||||
protected function _setUp() {
|
||||
protected function _setUp(): void {
|
||||
parent::_setUp();
|
||||
$this->component = Yii::$app->tokens;
|
||||
}
|
||||
|
||||
private function assertValidParsedToken(Token $token, string $expectedAlg) {
|
||||
$this->assertSame($expectedAlg, $token->getHeader('alg'));
|
||||
$this->assertSame(1564527476, $token->getClaim('iat'));
|
||||
$this->assertSame(1564531076, $token->getClaim('exp'));
|
||||
$this->assertSame('ely|1', $token->getClaim('sub'));
|
||||
$this->assertSame(3069592, $token->getClaim('jti'));
|
||||
$this->assertSame('accounts_web_user', $token->getClaim('ely-scopes'));
|
||||
/**
|
||||
* @phpstan-ignore method.unused (will become used once tests be fixed)
|
||||
*/
|
||||
private function assertValidParsedToken(UnencryptedToken $token, string $expectedAlg): void {
|
||||
$this->assertSame($expectedAlg, $token->headers()->get('alg'));
|
||||
$this->assertSame(1564527476, $token->claims()->get('iat')->getTimestamp());
|
||||
$this->assertSame(1564531076, $token->claims()->get('exp')->getTimestamp());
|
||||
$this->assertSame('ely|1', $token->claims()->get('sub'));
|
||||
$this->assertSame(3069592, (int)$token->claims()->get('jti'));
|
||||
$this->assertSame('accounts_web_user', $token->claims()->get('ely-scopes'));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -5,19 +5,22 @@ namespace api\tests\unit\components\Tokens;
|
||||
|
||||
use api\components\Tokens\TokenReader;
|
||||
use api\tests\unit\TestCase;
|
||||
use Lcobucci\JWT\Claim;
|
||||
use Lcobucci\JWT\Token;
|
||||
use Lcobucci\JWT\Encoding\ChainedFormatter;
|
||||
use Lcobucci\JWT\Encoding\JoseEncoder;
|
||||
use Lcobucci\JWT\Signer\Blake2b;
|
||||
use Lcobucci\JWT\Signer\Key\InMemory;
|
||||
use Lcobucci\JWT\Token\Builder;
|
||||
|
||||
class TokenReaderTest extends TestCase {
|
||||
|
||||
/**
|
||||
* @dataProvider getAccountIdTestCases
|
||||
*/
|
||||
public function testGetAccountId(array $claims, $expectedResult) {
|
||||
public function testGetAccountId(array $claims, ?int $expectedResult): void {
|
||||
$this->assertSame($expectedResult, $this->createReader($claims)->getAccountId());
|
||||
}
|
||||
|
||||
public function getAccountIdTestCases() {
|
||||
public function getAccountIdTestCases(): iterable {
|
||||
yield [['sub' => 'ely|1'], 1];
|
||||
yield [['sub' => '1'], null];
|
||||
yield [['sub' => 'ely-login|1'], null];
|
||||
@@ -27,11 +30,11 @@ class TokenReaderTest extends TestCase {
|
||||
/**
|
||||
* @dataProvider getClientIdTestCases
|
||||
*/
|
||||
public function testGetClientId(array $claims, $expectedResult) {
|
||||
public function testGetClientId(array $claims, ?string $expectedResult): void {
|
||||
$this->assertSame($expectedResult, $this->createReader($claims)->getClientId());
|
||||
}
|
||||
|
||||
public function getClientIdTestCases() {
|
||||
public function getClientIdTestCases(): iterable {
|
||||
yield [['client_id' => 'find-me'], 'find-me'];
|
||||
yield [[], null];
|
||||
}
|
||||
@@ -39,11 +42,11 @@ class TokenReaderTest extends TestCase {
|
||||
/**
|
||||
* @dataProvider getScopesTestCases
|
||||
*/
|
||||
public function testGetScopes(array $claims, $expectedResult) {
|
||||
public function testGetScopes(array $claims, ?array $expectedResult): void {
|
||||
$this->assertSame($expectedResult, $this->createReader($claims)->getScopes());
|
||||
}
|
||||
|
||||
public function getScopesTestCases() {
|
||||
public function getScopesTestCases(): iterable {
|
||||
yield [['scope' => 'scope1 scope2'], ['scope1', 'scope2']];
|
||||
yield [['ely-scopes' => 'scope1,scope2'], ['scope1', 'scope2']];
|
||||
yield [[], null];
|
||||
@@ -52,25 +55,30 @@ class TokenReaderTest extends TestCase {
|
||||
/**
|
||||
* @dataProvider getMinecraftClientTokenTestCases
|
||||
*/
|
||||
public function testGetMinecraftClientToken(array $claims, $expectedResult) {
|
||||
public function testGetMinecraftClientToken(array $claims, ?string $expectedResult): void {
|
||||
$this->assertSame($expectedResult, $this->createReader($claims)->getMinecraftClientToken());
|
||||
}
|
||||
|
||||
public function getMinecraftClientTokenTestCases() {
|
||||
public function getMinecraftClientTokenTestCases(): iterable {
|
||||
yield [['ely-client-token' => 'GPZiBFlJld30KfGTe-E2yITKbfJYmWFA6Ky5CsllnIsVdmswMu_PXNdYnQGexF_CkXiuOQd1smrO3S4'], 'aaaaa-aaa-aaa-aaaaa'];
|
||||
yield [[], null];
|
||||
}
|
||||
|
||||
/**
|
||||
* @param array<string, non-empty-string> $claims
|
||||
*/
|
||||
private function createReader(array $claims): TokenReader {
|
||||
$claimsObjects = [];
|
||||
$builder = (new Builder(new JoseEncoder(), ChainedFormatter::default()));
|
||||
|
||||
foreach ($claims as $key => $value) {
|
||||
$claim = $this->createMock(Claim::class);
|
||||
$claim->method('getName')->willReturn($key);
|
||||
$claim->method('getValue')->willReturn($value);
|
||||
$claimsObjects[$key] = $claim;
|
||||
if ($key === 'sub') {
|
||||
$builder = $builder->relatedTo($value);
|
||||
} else {
|
||||
$builder = $builder->withClaim($key, $value);
|
||||
}
|
||||
}
|
||||
|
||||
return new TokenReader(new Token([], $claimsObjects));
|
||||
return new TokenReader($builder->getToken(new Blake2b(), InMemory::plainText('MpQd6dDPiqnzFSWmpUfLy4+Rdls90Ca4C8e0QD0IxqY=')));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -14,7 +14,7 @@ use League\OAuth2\Server\Entities\ScopeEntityInterface;
|
||||
|
||||
class TokensFactoryTest extends TestCase {
|
||||
|
||||
public function testCreateForAccount() {
|
||||
public function testCreateForAccount(): void {
|
||||
$factory = new TokensFactory();
|
||||
|
||||
$account = new Account();
|
||||
@@ -23,11 +23,11 @@ class TokensFactoryTest extends TestCase {
|
||||
// Create for account
|
||||
|
||||
$token = $factory->createForWebAccount($account);
|
||||
$this->assertEqualsWithDelta(time(), $token->getClaim('iat'), 1);
|
||||
$this->assertEqualsWithDelta(time() + 60 * 60 * 24 * 7, $token->getClaim('exp'), 2);
|
||||
$this->assertSame('ely|1', $token->getClaim('sub'));
|
||||
$this->assertSame('accounts_web_user', $token->getClaim('scope'));
|
||||
$this->assertArrayNotHasKey('jti', $token->getClaims());
|
||||
$this->assertEqualsWithDelta(time(), $token->claims()->get('iat')->getTimestamp(), 1);
|
||||
$this->assertEqualsWithDelta(time() + 60 * 60 * 24 * 7, $token->claims()->get('exp')->getTimestamp(), 2);
|
||||
$this->assertSame('ely|1', $token->claims()->get('sub'));
|
||||
$this->assertSame('accounts_web_user', $token->claims()->get('scope'));
|
||||
$this->assertArrayNotHasKey('jti', $token->claims()->all());
|
||||
|
||||
$session = new AccountSession();
|
||||
$session->id = 2;
|
||||
@@ -35,14 +35,14 @@ class TokensFactoryTest extends TestCase {
|
||||
// Create for account with remember me
|
||||
|
||||
$token = $factory->createForWebAccount($account, $session);
|
||||
$this->assertEqualsWithDelta(time(), $token->getClaim('iat'), 1);
|
||||
$this->assertEqualsWithDelta(time() + 3600, $token->getClaim('exp'), 2);
|
||||
$this->assertSame('ely|1', $token->getClaim('sub'));
|
||||
$this->assertSame('accounts_web_user', $token->getClaim('scope'));
|
||||
$this->assertSame(2, $token->getClaim('jti'));
|
||||
$this->assertEqualsWithDelta(time(), $token->claims()->get('iat')->getTimestamp(), 1);
|
||||
$this->assertEqualsWithDelta(time() + 3600, $token->claims()->get('exp')->getTimestamp(), 2);
|
||||
$this->assertSame('ely|1', $token->claims()->get('sub'));
|
||||
$this->assertSame('accounts_web_user', $token->claims()->get('scope'));
|
||||
$this->assertSame(2, (int)$token->claims()->get('jti'));
|
||||
}
|
||||
|
||||
public function testCreateForOauthClient() {
|
||||
public function testCreateForOauthClient(): void {
|
||||
$factory = new TokensFactory();
|
||||
|
||||
$client = $this->createMock(ClientEntityInterface::class);
|
||||
@@ -53,7 +53,7 @@ class TokensFactoryTest extends TestCase {
|
||||
$scope2 = $this->createMock(ScopeEntityInterface::class);
|
||||
$scope2->method('getIdentifier')->willReturn('scope2');
|
||||
|
||||
$expiryDateTime = Carbon::now()->addDay();
|
||||
$expiryDateTime = Carbon::now()->addDay()->toDateTimeImmutable();
|
||||
|
||||
// Create for auth code grant
|
||||
|
||||
@@ -61,29 +61,29 @@ class TokensFactoryTest extends TestCase {
|
||||
$accessToken->method('getClient')->willReturn($client);
|
||||
$accessToken->method('getScopes')->willReturn([$scope1, $scope2]);
|
||||
$accessToken->method('getExpiryDateTime')->willReturn($expiryDateTime);
|
||||
$accessToken->method('getUserIdentifier')->willReturn(1);
|
||||
$accessToken->method('getUserIdentifier')->willReturn('1');
|
||||
|
||||
$token = $factory->createForOAuthClient($accessToken);
|
||||
$this->assertEqualsWithDelta(time(), $token->getClaim('iat'), 1);
|
||||
$this->assertEqualsWithDelta($expiryDateTime->getTimestamp(), $token->getClaim('exp'), 2);
|
||||
$this->assertSame('ely|1', $token->getClaim('sub'));
|
||||
$this->assertSame('clientId', $token->getClaim('client_id'));
|
||||
$this->assertSame('scope1 scope2', $token->getClaim('scope'));
|
||||
$this->assertEqualsWithDelta(time(), $token->claims()->get('iat')->getTimestamp(), 1);
|
||||
$this->assertEqualsWithDelta($expiryDateTime->getTimestamp(), $token->claims()->get('exp')->getTimestamp(), 2);
|
||||
$this->assertSame('ely|1', $token->claims()->get('sub'));
|
||||
$this->assertSame('clientId', $token->claims()->get('client_id'));
|
||||
$this->assertSame('scope1 scope2', $token->claims()->get('scope'));
|
||||
|
||||
// Create for client credentials grant
|
||||
|
||||
$accessToken = $this->createMock(AccessTokenEntityInterface::class);
|
||||
$accessToken->method('getClient')->willReturn($client);
|
||||
$accessToken->method('getScopes')->willReturn([$scope1, $scope2]);
|
||||
$accessToken->method('getExpiryDateTime')->willReturn(Carbon::now()->subDay());
|
||||
$accessToken->method('getExpiryDateTime')->willReturn(Carbon::now()->subDay()->toDateTimeImmutable());
|
||||
$accessToken->method('getUserIdentifier')->willReturn(null);
|
||||
|
||||
$token = $factory->createForOAuthClient($accessToken);
|
||||
$this->assertSame('no value', $token->getClaim('exp', 'no value'));
|
||||
$this->assertSame('no value', $token->getClaim('sub', 'no value'));
|
||||
$this->assertSame('no value', $token->claims()->get('exp', 'no value'));
|
||||
$this->assertSame('no value', $token->claims()->get('sub', 'no value'));
|
||||
}
|
||||
|
||||
public function testCreateForMinecraftAccount() {
|
||||
public function testCreateForMinecraftAccount(): void {
|
||||
$factory = new TokensFactory();
|
||||
|
||||
$account = new Account();
|
||||
@@ -91,11 +91,11 @@ class TokensFactoryTest extends TestCase {
|
||||
$clientToken = 'e44fae79-f80e-4975-952e-47e8a9ed9472';
|
||||
|
||||
$token = $factory->createForMinecraftAccount($account, $clientToken);
|
||||
$this->assertEqualsWithDelta(time(), $token->getClaim('iat'), 5);
|
||||
$this->assertEqualsWithDelta(time() + 60 * 60 * 24 * 2, $token->getClaim('exp'), 5);
|
||||
$this->assertSame('obtain_own_account_info minecraft_server_session', $token->getClaim('scope'));
|
||||
$this->assertNotSame('e44fae79-f80e-4975-952e-47e8a9ed9472', $token->getClaim('ely-client-token'));
|
||||
$this->assertSame('ely|1', $token->getClaim('sub'));
|
||||
$this->assertEqualsWithDelta(time(), $token->claims()->get('iat')->getTimestamp(), 5);
|
||||
$this->assertEqualsWithDelta(time() + 60 * 60 * 24 * 2, $token->claims()->get('exp')->getTimestamp(), 5);
|
||||
$this->assertSame('obtain_own_account_info minecraft_server_session', $token->claims()->get('scope'));
|
||||
$this->assertNotSame('e44fae79-f80e-4975-952e-47e8a9ed9472', $token->claims()->get('ely-client-token'));
|
||||
$this->assertSame('ely|1', $token->claims()->get('sub'));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
<?php
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace codeception\api\unit\components\User;
|
||||
namespace api\tests\unit\components\User;
|
||||
|
||||
use api\components\User\Component;
|
||||
use api\components\User\JwtIdentity;
|
||||
@@ -14,21 +14,14 @@ use common\tests\fixtures\AccountFixture;
|
||||
use common\tests\fixtures\AccountSessionFixture;
|
||||
use common\tests\fixtures\OauthClientFixture;
|
||||
use common\tests\fixtures\OauthSessionFixture;
|
||||
use Lcobucci\JWT\Claim\Basic;
|
||||
use Lcobucci\JWT\Token;
|
||||
use DateTimeImmutable;
|
||||
use Lcobucci\JWT\Builder as BuilderInterface;
|
||||
use Lcobucci\JWT\JwtFacade;
|
||||
use Lcobucci\JWT\Signer\Blake2b;
|
||||
use Lcobucci\JWT\Signer\Key;
|
||||
|
||||
class ComponentTest extends TestCase {
|
||||
|
||||
/**
|
||||
* @var Component|\PHPUnit\Framework\MockObject\MockObject
|
||||
*/
|
||||
private $component;
|
||||
|
||||
public function _before() {
|
||||
parent::_before();
|
||||
$this->component = new Component();
|
||||
}
|
||||
|
||||
public function _fixtures(): array {
|
||||
return [
|
||||
'accounts' => AccountFixture::class,
|
||||
@@ -38,7 +31,7 @@ class ComponentTest extends TestCase {
|
||||
];
|
||||
}
|
||||
|
||||
public function testGetActiveSession() {
|
||||
public function testGetActiveSession(): void {
|
||||
// User is guest
|
||||
$component = new Component();
|
||||
$this->assertNull($component->getActiveSession());
|
||||
@@ -49,26 +42,54 @@ class ComponentTest extends TestCase {
|
||||
|
||||
// Identity is correct, but have no jti claim
|
||||
$identity = $this->createMock(JwtIdentity::class);
|
||||
$identity->method('getToken')->willReturn(new Token());
|
||||
$identity
|
||||
->method('getToken')
|
||||
->willReturn(
|
||||
(new JwtFacade())
|
||||
->issue(
|
||||
new Blake2b(),
|
||||
Key\InMemory::plainText('MpQd6dDPiqnzFSWmpUfLy4+Rdls90Ca4C8e0QD0IxqY='),
|
||||
static fn(BuilderInterface $builder, DateTimeImmutable $issuedAt): \Lcobucci\JWT\Builder => $builder,
|
||||
),
|
||||
);
|
||||
$component->setIdentity($identity);
|
||||
$this->assertNull($component->getActiveSession());
|
||||
|
||||
// Identity is correct and has jti claim, but there is no associated session
|
||||
$identity = $this->createMock(JwtIdentity::class);
|
||||
$identity->method('getToken')->willReturn(new Token([], ['jti' => new Basic('jti', 999999)]));
|
||||
$identity
|
||||
->method('getToken')
|
||||
->willReturn(
|
||||
(new JwtFacade())
|
||||
->issue(
|
||||
new Blake2b(),
|
||||
Key\InMemory::plainText('MpQd6dDPiqnzFSWmpUfLy4+Rdls90Ca4C8e0QD0IxqY='),
|
||||
static fn(BuilderInterface $builder, DateTimeImmutable $issuedAt): \Lcobucci\JWT\Builder => $builder->identifiedBy('999999'),
|
||||
),
|
||||
);
|
||||
$component->setIdentity($identity);
|
||||
$this->assertNull($component->getActiveSession());
|
||||
|
||||
// Identity is correct, has jti claim and associated session exists
|
||||
$identity = $this->createMock(JwtIdentity::class);
|
||||
$identity->method('getToken')->willReturn(new Token([], ['jti' => new Basic('jti', 1)]));
|
||||
$identity
|
||||
->method('getToken')
|
||||
->willReturn(
|
||||
(new JwtFacade())
|
||||
->issue(
|
||||
new Blake2b(),
|
||||
Key\InMemory::plainText('MpQd6dDPiqnzFSWmpUfLy4+Rdls90Ca4C8e0QD0IxqY='),
|
||||
static fn(BuilderInterface $builder, DateTimeImmutable $issuedAt): \Lcobucci\JWT\Builder => $builder->identifiedBy('1'),
|
||||
),
|
||||
);
|
||||
$component->setIdentity($identity);
|
||||
$session = $component->getActiveSession();
|
||||
// @phpstan-ignore method.impossibleType (it is possible since we're changing identity via setIdentity() method)
|
||||
$this->assertNotNull($session);
|
||||
$this->assertSame(1, $session->id);
|
||||
}
|
||||
|
||||
public function testTerminateSessions() {
|
||||
public function testTerminateSessions(): void {
|
||||
/** @var AccountSession $session */
|
||||
$session = $this->tester->grabFixture('sessions', 'admin2');
|
||||
|
||||
|
||||
@@ -20,7 +20,7 @@ class IdentityFactoryTest extends TestCase {
|
||||
];
|
||||
}
|
||||
|
||||
public function testFindIdentityByAccessToken() {
|
||||
public function testFindIdentityByAccessToken(): void {
|
||||
// Find identity by the JWT
|
||||
$identity = IdentityFactory::findIdentityByAccessToken('eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJlbHktc2NvcGVzIjoiYWNjb3VudHNfd2ViX3VzZXIiLCJpYXQiOjE1NjQ2MTA1NDIsImV4cCI6MTU2NDYxNDE0Miwic3ViIjoiZWx5fDEifQ.4Oidvuo4spvUf9hkpHR72eeqZUh2Zbxh_L8Od3vcgTj--0iOrcOEp6zwmEW6vF7BTHtjz2b3mXce61bqsCjXjQ');
|
||||
$this->assertInstanceOf(JwtIdentity::class, $identity);
|
||||
@@ -30,7 +30,7 @@ class IdentityFactoryTest extends TestCase {
|
||||
$this->assertInstanceOf(LegacyOAuth2Identity::class, $identity);
|
||||
}
|
||||
|
||||
public function testFindIdentityByAccessTokenWithEmptyValue() {
|
||||
public function testFindIdentityByAccessTokenWithEmptyValue(): void {
|
||||
$this->expectException(UnauthorizedHttpException::class);
|
||||
$this->expectExceptionMessage('Incorrect token');
|
||||
IdentityFactory::findIdentityByAccessToken('');
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
<?php
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace codeception\api\unit\components\User;
|
||||
namespace api\tests\unit\components\User;
|
||||
|
||||
use api\components\User\JwtIdentity;
|
||||
use api\tests\unit\TestCase;
|
||||
@@ -21,12 +21,12 @@ class JwtIdentityTest extends TestCase {
|
||||
];
|
||||
}
|
||||
|
||||
public function testFindIdentityByAccessToken() {
|
||||
public function testFindIdentityByAccessToken(): void {
|
||||
$token = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJlbHktc2NvcGVzIjoiYWNjb3VudHNfd2ViX3VzZXIiLCJpYXQiOjE1NjQ2MTA1NDIsImV4cCI6MTU2NDYxNDE0Miwic3ViIjoiZWx5fDEifQ.4Oidvuo4spvUf9hkpHR72eeqZUh2Zbxh_L8Od3vcgTj--0iOrcOEp6zwmEW6vF7BTHtjz2b3mXce61bqsCjXjQ';
|
||||
/** @var JwtIdentity $identity */
|
||||
$identity = JwtIdentity::findIdentityByAccessToken($token);
|
||||
$this->assertSame($token, $identity->getId());
|
||||
$this->assertSame($token, (string)$identity->getToken());
|
||||
$this->assertSame($token, $identity->getToken()->toString());
|
||||
/** @var \common\models\Account $account */
|
||||
$account = $this->tester->grabFixture('accounts', 'admin');
|
||||
$this->assertSame($account->id, $identity->getAccount()->id);
|
||||
@@ -35,13 +35,13 @@ class JwtIdentityTest extends TestCase {
|
||||
/**
|
||||
* @dataProvider getFindIdentityByAccessTokenInvalidCases
|
||||
*/
|
||||
public function testFindIdentityByAccessTokenInvalidCases(string $token, string $expectedExceptionMessage) {
|
||||
public function testFindIdentityByAccessTokenInvalidCases(string $token, string $expectedExceptionMessage): void {
|
||||
$this->expectException(UnauthorizedHttpException::class);
|
||||
$this->expectExceptionMessage($expectedExceptionMessage);
|
||||
JwtIdentity::findIdentityByAccessToken($token);
|
||||
}
|
||||
|
||||
public function getFindIdentityByAccessTokenInvalidCases() {
|
||||
public function getFindIdentityByAccessTokenInvalidCases(): iterable {
|
||||
yield 'expired token' => [
|
||||
'eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJlbHktc2NvcGVzIjoiYWNjb3VudHNfd2ViX3VzZXIiLCJpYXQiOjE1NjQ2MDMzNDIsImV4cCI6MTU2NDYwNjk0Miwic3ViIjoiZWx5fDEifQ.36cDWyiXRArv-lgK_S5dyC5m_Ddytwkb78tMrxcPcbWEpoeg2VtwPC7zr6NI0cd0CuLw6InC2hZ9Ey95SSOsHw',
|
||||
'Token expired',
|
||||
@@ -65,7 +65,7 @@ class JwtIdentityTest extends TestCase {
|
||||
yield 'empty token' => ['', 'Incorrect token'];
|
||||
}
|
||||
|
||||
public function testGetAccount() {
|
||||
public function testGetAccount(): void {
|
||||
// Token with sub claim
|
||||
$identity = JwtIdentity::findIdentityByAccessToken('eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJlbHktc2NvcGVzIjoiYWNjb3VudHNfd2ViX3VzZXIiLCJpYXQiOjE1NjQ2MTA1NDIsImV4cCI6MTU2NDYxNDE0Miwic3ViIjoiZWx5fDEifQ.4Oidvuo4spvUf9hkpHR72eeqZUh2Zbxh_L8Od3vcgTj--0iOrcOEp6zwmEW6vF7BTHtjz2b3mXce61bqsCjXjQ');
|
||||
$this->assertSame(1, $identity->getAccount()->id);
|
||||
@@ -83,7 +83,7 @@ class JwtIdentityTest extends TestCase {
|
||||
$this->assertNull($identity->getAccount());
|
||||
}
|
||||
|
||||
public function testGetAssignedPermissions() {
|
||||
public function testGetAssignedPermissions(): void {
|
||||
// Token with ely-scopes claim
|
||||
$identity = JwtIdentity::findIdentityByAccessToken('eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJlbHktc2NvcGVzIjoicGVybTEscGVybTIscGVybTMiLCJpYXQiOjE1NjQ2MTA1NDIsImV4cCI6MTU2NDYxNDE0Miwic3ViIjoiZWx5fDEifQ.MO6T92EOFcZSPIdK8VBUG0qyV-pdayzOPQmpWLPwpl1933E9ann9GdV49piX1IfLHeCHVGThm5_v7AJgyZ5Oaw');
|
||||
$this->assertSame(['perm1', 'perm2', 'perm3'], $identity->getAssignedPermissions());
|
||||
@@ -93,12 +93,12 @@ class JwtIdentityTest extends TestCase {
|
||||
$this->assertSame([], $identity->getAssignedPermissions());
|
||||
}
|
||||
|
||||
protected function _before() {
|
||||
protected function _before(): void {
|
||||
parent::_before();
|
||||
Carbon::setTestNow(Carbon::create(2019, 8, 1, 1, 2, 22, 'Europe/Minsk'));
|
||||
}
|
||||
|
||||
protected function _after() {
|
||||
protected function _after(): void {
|
||||
parent::_after();
|
||||
Carbon::setTestNow();
|
||||
}
|
||||
|
||||
@@ -17,19 +17,19 @@ class LegacyOAuth2IdentityTest extends TestCase {
|
||||
];
|
||||
}
|
||||
|
||||
public function testFindIdentityByAccessToken() {
|
||||
public function testFindIdentityByAccessToken(): void {
|
||||
$identity = LegacyOAuth2Identity::findIdentityByAccessToken('ZZQP8sS9urzriy8N9h6FwFNMOH3PkZ5T5PLqS6SX');
|
||||
$this->assertSame('ZZQP8sS9urzriy8N9h6FwFNMOH3PkZ5T5PLqS6SX', $identity->getId());
|
||||
}
|
||||
|
||||
public function testFindIdentityByAccessTokenWithNonExistsToken() {
|
||||
public function testFindIdentityByAccessTokenWithNonExistsToken(): void {
|
||||
$this->expectException(UnauthorizedHttpException::class);
|
||||
$this->expectExceptionMessage('Incorrect token');
|
||||
|
||||
LegacyOAuth2Identity::findIdentityByAccessToken('xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx');
|
||||
}
|
||||
|
||||
public function testFindIdentityByAccessTokenWithExpiredToken() {
|
||||
public function testFindIdentityByAccessTokenWithExpiredToken(): void {
|
||||
$this->expectException(UnauthorizedHttpException::class);
|
||||
$this->expectExceptionMessage('Token expired');
|
||||
|
||||
|
||||
Reference in New Issue
Block a user