ElyBy-Mirror/accounts
1
0
Fork 0
mirror of https://github.com/elyby/accounts.git synced 2025-05-31 14:11:46 +05:30
Code Issues Packages Projects Releases Wiki Activity

Implementation of the backend for the OAuth2 clients management

Browse Source
This commit is contained in:
ErickSkrauch
2018-02-28 01:27:35 +03:00
parent ddec87e3a9
commit 673429e577
55 changed files with 1810 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
tests/codeception/api/_pages/OauthRoute.php
View File

@ -3,16 +3,40 @@ namespace tests\codeception\api\_pages;
class OauthRoute extends BasePage {
public function validate($queryParams) {
public function validate(array $queryParams): void {
$this->getActor()->sendGET('/oauth2/v1/validate', $queryParams);
}
public function complete($queryParams = [], $postParams = []) {
public function complete(array $queryParams = [], array $postParams = []): void {
$this->getActor()->sendPOST('/oauth2/v1/complete?' . http_build_query($queryParams), $postParams);
}
public function issueToken($postParams = []) {
public function issueToken(array $postParams = []): void {
$this->getActor()->sendPOST('/oauth2/v1/token', $postParams);
}
public function createClient(string $type, array $postParams): void {
$this->getActor()->sendPOST('/v1/oauth2/' . $type, $postParams);
}
public function updateClient(string $clientId, array $params): void {
$this->getActor()->sendPUT('/v1/oauth2/' . $clientId, $params);
}
public function deleteClient(string $clientId): void {
$this->getActor()->sendDELETE('/v1/oauth2/' . $clientId);
}
public function resetClient(string $clientId, bool $regenerateSecret = false): void {
$this->getActor()->sendPOST("/v1/oauth2/$clientId/reset" . ($regenerateSecret ? '?regenerateSecret' : ''));
}
public function getClient(string $clientId): void {
$this->getActor()->sendGET("/v1/oauth2/$clientId");
}
public function getPerAccount(int $accountId): void {
$this->getActor()->sendGET("/v1/accounts/$accountId/oauth2/clients");
}
}

1
tests/codeception/api/codeception.yml
View File

@ -22,7 +22,6 @@ coverage:
- ../../../api/*
exclude:
- ../../../api/config/*
- ../../../api/mails/*
- ../../../api/web/*
- ../../../api/runtime/*
c3url: 'http://localhost/api/web/index.php'

92
tests/codeception/api/functional/oauth/CreateClientCest.php Normal file
View File

@ -0,0 +1,92 @@
<?php
namespace tests\codeception\api\oauth;
use tests\codeception\api\_pages\OauthRoute;
use tests\codeception\api\FunctionalTester;
class CreateClientCest {
/**
* @var OauthRoute
*/
private $route;
public function _before(FunctionalTester $I) {
$this->route = new OauthRoute($I);
}
public function testCreateApplicationWithWrongParams(FunctionalTester $I) {
$I->amAuthenticated('admin');
$this->route->createClient('application', []);
$I->canSeeResponseCodeIs(200);
$I->canSeeResponseContainsJson([
'success' => false,
'errors' => [
'name' => 'error.name_required',
'redirectUri' => 'error.redirectUri_required',
],
]);
$this->route->createClient('application', [
'name' => 'my test oauth client',
'redirectUri' => 'localhost',
]);
$I->canSeeResponseCodeIs(200);
$I->canSeeResponseContainsJson([
'success' => false,
'errors' => [
'redirectUri' => 'error.redirectUri_invalid',
],
]);
}
public function testCreateApplication(FunctionalTester $I) {
$I->amAuthenticated('admin');
$this->route->createClient('application', [
'name' => 'My admin application',
'description' => 'Application description.',
'redirectUri' => 'http://some-site.com/oauth/ely',
'websiteUrl' => 'http://some-site.com',
]);
$I->canSeeResponseCodeIs(200);
$I->canSeeResponseIsJson();
$I->canSeeResponseContainsJson([
'success' => true,
'data' => [
'clientId' => 'my-admin-application',
'name' => 'My admin application',
'description' => 'Application description.',
'websiteUrl' => 'http://some-site.com',
'countUsers' => 0,
'redirectUri' => 'http://some-site.com/oauth/ely',
],
]);
$I->canSeeResponseJsonMatchesJsonPath('$.data.clientSecret');
$I->canSeeResponseJsonMatchesJsonPath('$.data.createdAt');
}
public function testCreateMinecraftServer(FunctionalTester $I) {
$I->amAuthenticated('admin');
$this->route->createClient('minecraft-server', [
'name' => 'My amazing server',
'websiteUrl' => 'http://some-site.com',
'minecraftServerIp' => 'hypixel.com:25565',
]);
$I->canSeeResponseCodeIs(200);
$I->canSeeResponseIsJson();
$I->canSeeResponseContainsJson([
'success' => true,
'data' => [
'clientId' => 'my-amazing-server',
'name' => 'My amazing server',
'websiteUrl' => 'http://some-site.com',
'countUsers' => 0,
'minecraftServerIp' => 'hypixel.com:25565',
],
]);
$I->canSeeResponseJsonMatchesJsonPath('$.data.clientSecret');
$I->canSeeResponseJsonMatchesJsonPath('$.data.createdAt');
}
}

28
tests/codeception/api/functional/oauth/DeleteClientCest.php Normal file
View File

@ -0,0 +1,28 @@
<?php
namespace tests\codeception\api\oauth;
use tests\codeception\api\_pages\OauthRoute;
use tests\codeception\api\FunctionalTester;
class DeleteClientCest {
/**
* @var OauthRoute
*/
private $route;
public function _before(FunctionalTester $I) {
$this->route = new OauthRoute($I);
}
public function testDelete(FunctionalTester $I) {
$I->amAuthenticated('TwoOauthClients');
$this->route->deleteClient('first-test-oauth-client');
$I->canSeeResponseCodeIs(200);
$I->canSeeResponseIsJson();
$I->canSeeResponseContainsJson([
'success' => true,
]);
}
}

89
tests/codeception/api/functional/oauth/GetClientsCest.php Normal file
View File

@ -0,0 +1,89 @@
<?php
namespace tests\codeception\api\oauth;
use tests\codeception\api\_pages\OauthRoute;
use tests\codeception\api\FunctionalTester;
class GetClientsCest {
/**
* @var OauthRoute
*/
private $route;
public function _before(FunctionalTester $I) {
$this->route = new OauthRoute($I);
}
public function testGet(FunctionalTester $I) {
$I->amAuthenticated('admin');
$this->route->getClient('admin-oauth-client');
$I->canSeeResponseCodeIs(200);
$I->canSeeResponseIsJson();
$I->canSeeResponseContainsJson([
'clientId' => 'admin-oauth-client',
'clientSecret' => 'FKyO71iCIlv4YM2IHlLbhsvYoIJScUzTZt1kEK7DQLXXYISLDvURVXK32Q58sHWS',
'type' => 'application',
'name' => 'Admin\'s oauth client',
'description' => 'Personal oauth client',
'redirectUri' => 'http://some-site.com/oauth/ely',
'websiteUrl' => '',
'createdAt' => 1519254133,
]);
}
public function testGetNotOwn(FunctionalTester $I) {
$I->amAuthenticated('admin');
$this->route->getClient('another-test-oauth-client');
$I->canSeeResponseCodeIs(403);
$I->canSeeResponseIsJson();
$I->canSeeResponseContainsJson([
'name' => 'Forbidden',
'status' => 403,
'message' => 'You are not allowed to perform this action.',
]);
}
public function testGetAllPerAccountList(FunctionalTester $I) {
$I->amAuthenticated('TwoOauthClients');
$this->route->getPerAccount(14);
$I->canSeeResponseCodeIs(200);
$I->canSeeResponseIsJson();
$I->canSeeResponseContainsJson([
[
'clientId' => 'first-test-oauth-client',
'clientSecret' => 'Zt1kEK7DQLXXYISLDvURVXK32Q58sHWSFKyO71iCIlv4YM2IHlLbhsvYoIJScUzT',
'type' => 'application',
'name' => 'First test oauth client',
'description' => 'Some description to the first oauth client',
'redirectUri' => 'http://some-site-1.com/oauth/ely',
'websiteUrl' => '',
'countUsers' => 0,
'createdAt' => 1519487434,
],
[
'clientId' => 'another-test-oauth-client',
'clientSecret' => 'URVXK32Q58sHWSFKyO71iCIlv4YM2Zt1kEK7DQLXXYISLDvIHlLbhsvYoIJScUzT',
'type' => 'minecraft-server',
'name' => 'Another test oauth client',
'websiteUrl' => '',
'minecraftServerIp' => '136.243.88.97:25565',
'countUsers' => 0,
'createdAt' => 1519487472,
],
]);
}
public function testGetAllPerNotOwnAccount(FunctionalTester $I) {
$I->amAuthenticated('TwoOauthClients');
$this->route->getPerAccount(1);
$I->canSeeResponseCodeIs(403);
$I->canSeeResponseIsJson();
$I->canSeeResponseContainsJson([
'name' => 'Forbidden',
'status' => 403,
'message' => 'You are not allowed to perform this action.',
]);
}
}

60
tests/codeception/api/functional/oauth/ResetClientCest.php Normal file
View File

@ -0,0 +1,60 @@
<?php
namespace tests\codeception\api\oauth;
use tests\codeception\api\_pages\OauthRoute;
use tests\codeception\api\FunctionalTester;
class ResetClientCest {
/**
* @var OauthRoute
*/
private $route;
public function _before(FunctionalTester $I) {
$this->route = new OauthRoute($I);
}
public function testReset(FunctionalTester $I) {
$I->amAuthenticated('TwoOauthClients');
$this->route->resetClient('first-test-oauth-client');
$I->canSeeResponseCodeIs(200);
$I->canSeeResponseIsJson();
$I->canSeeResponseContainsJson([
'success' => true,
'data' => [
'clientId' => 'first-test-oauth-client',
'clientSecret' => 'Zt1kEK7DQLXXYISLDvURVXK32Q58sHWSFKyO71iCIlv4YM2IHlLbhsvYoIJScUzT',
'name' => 'First test oauth client',
'description' => 'Some description to the first oauth client',
'redirectUri' => 'http://some-site-1.com/oauth/ely',
'websiteUrl' => '',
'countUsers' => 0,
'createdAt' => 1519487434,
],
]);
}
public function testResetWithSecretChanging(FunctionalTester $I) {
$I->amAuthenticated('TwoOauthClients');
$this->route->resetClient('first-test-oauth-client', true);
$I->canSeeResponseCodeIs(200);
$I->canSeeResponseIsJson();
$I->canSeeResponseContainsJson([
'success' => true,
'data' => [
'clientId' => 'first-test-oauth-client',
'name' => 'First test oauth client',
'description' => 'Some description to the first oauth client',
'redirectUri' => 'http://some-site-1.com/oauth/ely',
'websiteUrl' => '',
'countUsers' => 0,
'createdAt' => 1519487434,
],
]);
$I->canSeeResponseJsonMatchesJsonPath('$.data.clientSecret');
$secret = $I->grabDataFromResponseByJsonPath('$.data.clientSecret')[0];
$I->assertNotEquals('Zt1kEK7DQLXXYISLDvURVXK32Q58sHWSFKyO71iCIlv4YM2IHlLbhsvYoIJScUzT', $secret);
}
}

65
tests/codeception/api/functional/oauth/UpdateClientCest.php Normal file
View File

@ -0,0 +1,65 @@
<?php
namespace tests\codeception\api\oauth;
use tests\codeception\api\_pages\OauthRoute;
use tests\codeception\api\FunctionalTester;
class UpdateClientCest {
/**
* @var OauthRoute
*/
private $route;
public function _before(FunctionalTester $I) {
$this->route = new OauthRoute($I);
}
public function testUpdateApplication(FunctionalTester $I) {
$I->amAuthenticated('TwoOauthClients');
$this->route->updateClient('first-test-oauth-client', [
'name' => 'Updated name',
'description' => 'Updated description.',
'redirectUri' => 'http://new-site.com/oauth/ely',
'websiteUrl' => 'http://new-site.com',
]);
$I->canSeeResponseCodeIs(200);
$I->canSeeResponseIsJson();
$I->canSeeResponseContainsJson([
'success' => true,
'data' => [
'clientId' => 'first-test-oauth-client',
'clientSecret' => 'Zt1kEK7DQLXXYISLDvURVXK32Q58sHWSFKyO71iCIlv4YM2IHlLbhsvYoIJScUzT',
'name' => 'Updated name',
'description' => 'Updated description.',
'redirectUri' => 'http://new-site.com/oauth/ely',
'websiteUrl' => 'http://new-site.com',
'createdAt' => 1519487434,
'countUsers' => 0,
],
]);
}
public function testUpdateMinecraftServer(FunctionalTester $I) {
$I->amAuthenticated('TwoOauthClients');
$this->route->updateClient('another-test-oauth-client', [
'name' => 'Updated server name',
'websiteUrl' => 'http://new-site.com',
'minecraftServerIp' => 'hypixel.com:25565',
]);
$I->canSeeResponseCodeIs(200);
$I->canSeeResponseIsJson();
$I->canSeeResponseContainsJson([
'success' => true,
'data' => [
'clientId' => 'another-test-oauth-client',
'clientSecret' => 'URVXK32Q58sHWSFKyO71iCIlv4YM2Zt1kEK7DQLXXYISLDvIHlLbhsvYoIJScUzT',
'name' => 'Updated server name',
'websiteUrl' => 'http://new-site.com',
'minecraftServerIp' => 'hypixel.com:25565',
'createdAt' => 1519487472,
],
]);
}
}

27
tests/codeception/api/unit/modules/oauth/models/ApplicationTypeTest.php Normal file
View File

@ -0,0 +1,27 @@
<?php
namespace tests\codeception\api\unit\modules\oauth\models;
use api\modules\oauth\models\ApplicationType;
use common\models\OauthClient;
use tests\codeception\api\unit\TestCase;
class ApplicationTypeTest extends TestCase {
public function testApplyToClient(): void {
$model = new ApplicationType();
$model->name = 'Application name';
$model->websiteUrl = 'http://example.com';
$model->redirectUri = 'http://example.com/oauth/ely';
$model->description = 'Application description.';
$client = new OauthClient();
$model->applyToClient($client);
$this->assertSame('Application name', $client->name);
$this->assertSame('Application description.', $client->description);
$this->assertSame('http://example.com/oauth/ely', $client->redirect_uri);
$this->assertSame('http://example.com', $client->website_url);
}
}

24
tests/codeception/api/unit/modules/oauth/models/BaseOauthClientTypeTest.php Normal file
View File

@ -0,0 +1,24 @@
<?php
namespace tests\codeception\api\unit\modules\oauth\models;
use api\modules\oauth\models\BaseOauthClientType;
use common\models\OauthClient;
use tests\codeception\api\unit\TestCase;
class BaseOauthClientTypeTest extends TestCase {
public function testApplyTyClient(): void {
$client = new OauthClient();
/** @var BaseOauthClientType|\Mockery\MockInterface $form */
$form = mock(BaseOauthClientType::class);
$form->makePartial();
$form->name = 'Application name';
$form->websiteUrl = 'http://example.com';
$form->applyToClient($client);
$this->assertSame('Application name', $client->name);
$this->assertSame('http://example.com', $client->website_url);
}
}

25
tests/codeception/api/unit/modules/oauth/models/MinecraftServerTypeTest.php Normal file
View File

@ -0,0 +1,25 @@
<?php
namespace tests\codeception\api\unit\modules\oauth\models;
use api\modules\oauth\models\MinecraftServerType;
use common\models\OauthClient;
use tests\codeception\api\unit\TestCase;
class MinecraftServerTypeTest extends TestCase {
public function testApplyToClient(): void {
$model = new MinecraftServerType();
$model->name = 'Server name';
$model->websiteUrl = 'http://example.com';
$model->minecraftServerIp = 'localhost:12345';
$client = new OauthClient();
$model->applyToClient($client);
$this->assertSame('Server name', $client->name);
$this->assertSame('http://example.com', $client->website_url);
$this->assertSame('localhost:12345', $client->minecraft_server_ip);
}
}

49
tests/codeception/api/unit/modules/oauth/models/OauthClientFormFactoryTest.php Normal file
View File

@ -0,0 +1,49 @@
<?php
namespace tests\codeception\api\unit\modules\oauth\models;
use api\modules\oauth\models\ApplicationType;
use api\modules\oauth\models\MinecraftServerType;
use api\modules\oauth\models\OauthClientFormFactory;
use common\models\OauthClient;
use tests\codeception\api\unit\TestCase;
class OauthClientFormFactoryTest extends TestCase {
public function testCreate() {
$client = new OauthClient();
$client->type = OauthClient::TYPE_APPLICATION;
$client->name = 'Application name';
$client->description = 'Application description.';
$client->website_url = 'http://example.com';
$client->redirect_uri = 'http://example.com/oauth/ely';
/** @var ApplicationType $requestForm */
$requestForm = OauthClientFormFactory::create($client);
$this->assertInstanceOf(ApplicationType::class, $requestForm);
$this->assertSame('Application name', $requestForm->name);
$this->assertSame('Application description.', $requestForm->description);
$this->assertSame('http://example.com', $requestForm->websiteUrl);
$this->assertSame('http://example.com/oauth/ely', $requestForm->redirectUri);
$client = new OauthClient();
$client->type = OauthClient::TYPE_MINECRAFT_SERVER;
$client->name = 'Server name';
$client->website_url = 'http://example.com';
$client->minecraft_server_ip = 'localhost:12345';
/** @var MinecraftServerType $requestForm */
$requestForm = OauthClientFormFactory::create($client);
$this->assertInstanceOf(MinecraftServerType::class, $requestForm);
$this->assertSame('Server name', $requestForm->name);
$this->assertSame('http://example.com', $requestForm->websiteUrl);
$this->assertSame('localhost:12345', $requestForm->minecraftServerIp);
}
/**
* @expectedException \api\modules\oauth\exceptions\UnsupportedOauthClientType
*/
public function testCreateUnknownType() {
$client = new OauthClient();
$client->type = 'unknown-type';
OauthClientFormFactory::create($client);
}
}

140
tests/codeception/api/unit/modules/oauth/models/OauthClientFormTest.php Normal file
View File

@ -0,0 +1,140 @@
<?php
namespace tests\codeception\api\unit\modules\oauth\models;
use api\modules\oauth\models\OauthClientForm;
use api\modules\oauth\models\OauthClientTypeForm;
use common\models\OauthClient;
use common\tasks\ClearOauthSessions;
use tests\codeception\api\unit\TestCase;
class OauthClientFormTest extends TestCase {
public function testSave() {
/** @var OauthClient|\Mockery\MockInterface $client */
$client = mock(OauthClient::class . '[save]');
$client->shouldReceive('save')->andReturn(true);
$client->account_id = 1;
$client->type = OauthClient::TYPE_APPLICATION;
$client->name = 'Test application';
/** @var OauthClientForm|\Mockery\MockInterface $form */
$form = mock(OauthClientForm::class . '[isClientExists]', [$client]);
$form->shouldAllowMockingProtectedMethods();
$form->shouldReceive('isClientExists')
->times(3)
->andReturnValues([true, true, false]);
/** @var OauthClientTypeForm|\Mockery\MockInterface $requestType */
$requestType = mock(OauthClientTypeForm::class);
$requestType->shouldReceive('validate')->once()->andReturn(true);
$requestType->shouldReceive('applyToClient')->once()->withArgs([$client]);
$this->assertTrue($form->save($requestType));
$this->assertSame('test-application2', $client->id);
$this->assertNotNull($client->secret);
$this->assertSame(64, mb_strlen($client->secret));
}
public function testSaveUpdateExistsModel() {
/** @var OauthClient|\Mockery\MockInterface $client */
$client = mock(OauthClient::class . '[save]');
$client->shouldReceive('save')->andReturn(true);
$client->setIsNewRecord(false);
$client->id = 'application-id';
$client->secret = 'application_secret';
$client->account_id = 1;
$client->type = OauthClient::TYPE_APPLICATION;
$client->name = 'Application name';
$client->description = 'Application description';
$client->redirect_uri = 'http://example.com/oauth/ely';
$client->website_url = 'http://example.com';
/** @var OauthClientForm|\Mockery\MockInterface $form */
$form = mock(OauthClientForm::class . '[isClientExists]', [$client]);
$form->shouldAllowMockingProtectedMethods();
$form->shouldReceive('isClientExists')->andReturn(false);
$request = new class implements OauthClientTypeForm {
public function load($data): bool {
return true;
}
public function validate(): bool {
return true;
}
public function getValidationErrors(): array {
return [];
}
public function applyToClient(OauthClient $client): void {
$client->name = 'New name';
$client->description = 'New description.';
}
};
$this->assertTrue($form->save($request));
$this->assertSame('application-id', $client->id);
$this->assertSame('application_secret', $client->secret);
$this->assertSame('New name', $client->name);
$this->assertSame('New description.', $client->description);
$this->assertSame('http://example.com/oauth/ely', $client->redirect_uri);
$this->assertSame('http://example.com', $client->website_url);
}
public function testDelete() {
/** @var OauthClient|\Mockery\MockInterface $client */
$client = mock(OauthClient::class . '[save]');
$client->id = 'mocked-id';
$client->type = OauthClient::TYPE_APPLICATION;
$client->shouldReceive('save')->andReturn(true);
$form = new OauthClientForm($client);
$this->assertTrue($form->delete());
$this->assertTrue($form->getClient()->is_deleted);
/** @var ClearOauthSessions $job */
$job = $this->tester->grabLastQueuedJob();
$this->assertInstanceOf(ClearOauthSessions::class, $job);
$this->assertSame('mocked-id', $job->clientId);
$this->assertNull($job->notSince);
}
public function testReset() {
/** @var OauthClient|\Mockery\MockInterface $client */
$client = mock(OauthClient::class . '[save]');
$client->id = 'mocked-id';
$client->secret = 'initial_secret';
$client->type = OauthClient::TYPE_APPLICATION;
$client->shouldReceive('save')->andReturn(true);
$form = new OauthClientForm($client);
$this->assertTrue($form->reset());
$this->assertSame('initial_secret', $form->getClient()->secret);
/** @var ClearOauthSessions $job */
$job = $this->tester->grabLastQueuedJob();
$this->assertInstanceOf(ClearOauthSessions::class, $job);
$this->assertSame('mocked-id', $job->clientId);
$this->assertEquals(time(), $job->notSince, '', 2);
}
public function testResetWithSecret() {
/** @var OauthClient|\Mockery\MockInterface $client */
$client = mock(OauthClient::class . '[save]');
$client->id = 'mocked-id';
$client->secret = 'initial_secret';
$client->type = OauthClient::TYPE_APPLICATION;
$client->shouldReceive('save')->andReturn(true);
$form = new OauthClientForm($client);
$this->assertTrue($form->reset(true));
$this->assertNotSame('initial_secret', $form->getClient()->secret);
/** @var ClearOauthSessions $job */
$job = $this->tester->grabLastQueuedJob();
$this->assertInstanceOf(ClearOauthSessions::class, $job);
$this->assertSame('mocked-id', $job->clientId);
$this->assertEquals(time(), $job->notSince, '', 2);
}
}