mirror of
https://github.com/elyby/accounts.git
synced 2024-12-27 15:40:21 +05:30
Fixes #35. Make clientToken
optional during legacy Minecraft auth flow
This commit is contained in:
parent
d921616360
commit
625250b367
@ -14,6 +14,7 @@ use common\helpers\Error as E;
|
||||
use common\models\Account;
|
||||
use common\models\OauthClient;
|
||||
use common\models\OauthSession;
|
||||
use Ramsey\Uuid\Uuid;
|
||||
use Webmozart\Assert\Assert;
|
||||
use Yii;
|
||||
|
||||
@ -41,7 +42,7 @@ class AuthenticationForm extends ApiForm {
|
||||
|
||||
public function rules(): array {
|
||||
return [
|
||||
[['username', 'password', 'clientToken'], RequiredValidator::class],
|
||||
[['username', 'password'], RequiredValidator::class],
|
||||
[['clientToken'], ClientTokenValidator::class],
|
||||
[['requestUser'], 'boolean'],
|
||||
];
|
||||
@ -110,8 +111,9 @@ class AuthenticationForm extends ApiForm {
|
||||
|
||||
/** @var Account $account */
|
||||
$account = $loginForm->getAccount();
|
||||
$token = Yii::$app->tokensFactory->createForMinecraftAccount($account, $this->clientToken);
|
||||
$dataModel = new AuthenticateData($account, (string)$token, $this->clientToken, (bool)$this->requestUser);
|
||||
$clientToken = $this->clientToken ?: Uuid::uuid4()->toString();
|
||||
$token = Yii::$app->tokensFactory->createForMinecraftAccount($account, $clientToken);
|
||||
$dataModel = new AuthenticateData($account, (string)$token, $clientToken, (bool)$this->requestUser);
|
||||
/** @var OauthSession|null $minecraftOauthSession */
|
||||
$minecraftOauthSession = $account->getOauthSessions()
|
||||
->andWhere(['client_id' => OauthClient::UNAUTHORIZED_MINECRAFT_GAME_LAUNCHER])
|
||||
|
@ -107,6 +107,16 @@ class AuthorizationCest {
|
||||
]);
|
||||
}
|
||||
|
||||
public function withoutClientToken(FunctionalTester $I): void {
|
||||
$I->sendPOST('/api/authserver/authentication/authenticate', [
|
||||
'username' => 'admin',
|
||||
'password' => 'password_0',
|
||||
]);
|
||||
$I->canSeeResponseCodeIs(200);
|
||||
$clientToken = $I->grabDataFromResponseByJsonPath('$.clientToken')[0];
|
||||
$I->assertNotEmpty($clientToken);
|
||||
}
|
||||
|
||||
public function tooLongClientToken(FunctionalTester $I) {
|
||||
$I->wantTo('send non uuid clientToken with more then 255 characters length');
|
||||
$I->sendPOST('/api/authserver/authentication/authenticate', [
|
||||
|
Loading…
Reference in New Issue
Block a user