Fixes #16. Correctly wrap Yii2's request into the PSR's ServerRequest object

2024-11-22 21:23:19 +05:30 · 2022-12-10 03:56:19 +01:00 · 2022-12-10 03:56:19 +01:00 · 99c983c3ea
commit 99c983c3ea
parent 262bdbc08e
3 changed files with 17 additions and 6 deletions
--- a/api/config/config.php
+++ b/api/config/config.php
@ -78,6 +78,8 @@ return [
            'baseUrl' => '/api',
            'enableCsrfCookie' => false,
            'parsers' => [
+                'application/json' => yii\web\JsonParser::class,
+                'multipart/form-data' => yii\web\MultipartFormDataParser::class,
                '*' => api\request\RequestParser::class,
            ],
        ],
--- a/api/modules/oauth/controllers/AuthorizationController.php
+++ b/api/modules/oauth/controllers/AuthorizationController.php
@ -63,7 +63,15 @@ class AuthorizationController extends Controller {
    }

    private function getServerRequest(): ServerRequestInterface {
-        return ServerRequest::fromGlobals();
+        $request = Yii::$app->request;
+
+        return (new ServerRequest(
+            $request->getMethod(),
+            $request->getAbsoluteUrl() . '?' . $request->getQueryString(),
+            $request->getHeaders()->toArray(),
+        ))
+            ->withParsedBody($request->getBodyParams())
+            ->withQueryParams($request->getQueryParams());
    }

 }
--- a/api/tests/functional/oauth/AccessTokenCest.php
+++ b/api/tests/functional/oauth/AccessTokenCest.php
@ -5,9 +5,9 @@ namespace api\tests\functional\oauth;

 use api\tests\functional\_steps\OauthSteps;

-class AccessTokenCest {
+final class AccessTokenCest {

-    public function successfullyIssueToken(OauthSteps $I) {
+    public function successfullyIssueTokenWithUrlEncodedBody(OauthSteps $I): void {
        $I->wantTo('complete oauth flow and obtain access_token');
        $authCode = $I->obtainAuthCode();
        $I->sendPOST('/api/oauth2/v1/token', [
@ -26,16 +26,17 @@ class AccessTokenCest {
        $I->cantSeeResponseJsonMatchesJsonPath('$.refresh_token');
    }

-    public function successfullyIssueOfflineToken(OauthSteps $I) {
+    public function successfullyIssueOfflineTokenWithJsonEncodedBody(OauthSteps $I): void {
        $I->wantTo('complete oauth flow with offline_access scope and obtain access_token and refresh_token');
        $authCode = $I->obtainAuthCode(['offline_access']);
-        $I->sendPOST('/api/oauth2/v1/token', [
+        $I->haveHttpHeader('Content-Type', 'application/json');
+        $I->sendPOST('/api/oauth2/v1/token', json_encode([
            'grant_type' => 'authorization_code',
            'code' => $authCode,
            'client_id' => 'ely',
            'client_secret' => 'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM',
            'redirect_uri' => 'http://ely.by',
-        ]);
+        ]));
        $I->canSeeResponseCodeIs(200);
        $I->canSeeResponseContainsJson([
            'token_type' => 'Bearer',