Add tests for the legacy tokens

This commit is contained in:
ErickSkrauch 2019-09-23 00:53:13 +03:00
parent cf62c686b1
commit a148da2ecf
17 changed files with 222 additions and 52 deletions

View File

@ -14,7 +14,7 @@ use Yii;
class RefreshTokenGrant extends BaseRefreshTokenGrant { class RefreshTokenGrant extends BaseRefreshTokenGrant {
/** /**
* Previously, refresh tokens was stored in Redis. * Previously, refresh tokens were stored in Redis.
* If received refresh token is matches the legacy token template, * If received refresh token is matches the legacy token template,
* restore the information from the legacy storage. * restore the information from the legacy storage.
* *

View File

@ -32,7 +32,7 @@ class LegacyOAuth2Identity implements IdentityInterface {
*/ */
private $session = false; private $session = false;
private function __construct(string $accessToken, string $sessionId, array $scopes) { private function __construct(string $accessToken, int $sessionId, array $scopes) {
$this->accessToken = $accessToken; $this->accessToken = $accessToken;
$this->sessionId = $sessionId; $this->sessionId = $sessionId;
$this->scopes = $scopes; $this->scopes = $scopes;

View File

@ -17,4 +17,4 @@ modules:
host: redis host: redis
port: 6379 port: 6379
database: 0 database: 0
cleanupBefore: 'test' cleanupBefore: 'suite'

View File

@ -4,6 +4,7 @@ declare(strict_types=1);
namespace api\tests\functional\oauth; namespace api\tests\functional\oauth;
use api\tests\functional\_steps\OauthSteps; use api\tests\functional\_steps\OauthSteps;
use api\tests\FunctionalTester;
class RefreshTokenCest { class RefreshTokenCest {
@ -53,6 +54,18 @@ class RefreshTokenCest {
$this->canSeeRefreshTokenSuccess($I); $this->canSeeRefreshTokenSuccess($I);
} }
public function refreshTokenUsingLegacyToken(FunctionalTester $I) {
$I->wantTo('refresh token using the legacy token');
$I->sendPOST('/api/oauth2/v1/token', [
'grant_type' => 'refresh_token',
'refresh_token' => 'op7kPGAgHlsXRBJtkFg7wKOTpodvtHVW5NxR7Tjr',
'client_id' => 'test1',
'client_secret' => 'eEvrKHF47sqiaX94HsX-xXzdGiz3mcsq',
'scope' => 'minecraft_server_session account_info',
]);
$this->canSeeRefreshTokenSuccess($I);
}
public function passInvalidRefreshToken(OauthSteps $I) { public function passInvalidRefreshToken(OauthSteps $I) {
$I->wantToTest('behaviour of the server when invalid refresh token passed'); $I->wantToTest('behaviour of the server when invalid refresh token passed');
$I->sendPOST('/api/oauth2/v1/token', [ $I->sendPOST('/api/oauth2/v1/token', [
@ -85,7 +98,7 @@ class RefreshTokenCest {
]); ]);
} }
private function canSeeRefreshTokenSuccess(OauthSteps $I) { private function canSeeRefreshTokenSuccess(FunctionalTester $I) {
$I->canSeeResponseCodeIs(200); $I->canSeeResponseCodeIs(200);
$I->canSeeResponseContainsJson([ $I->canSeeResponseContainsJson([
'token_type' => 'Bearer', 'token_type' => 'Bearer',

View File

@ -3,40 +3,30 @@ declare(strict_types=1);
namespace api\tests\unit\components\User; namespace api\tests\unit\components\User;
use api\components\OAuth2\Component;
use api\components\OAuth2\Entities\AccessTokenEntity;
use api\components\User\IdentityFactory; use api\components\User\IdentityFactory;
use api\components\User\JwtIdentity; use api\components\User\JwtIdentity;
use api\components\User\LegacyOAuth2Identity; use api\components\User\LegacyOAuth2Identity;
use api\tests\unit\TestCase; use api\tests\unit\TestCase;
use Carbon\Carbon; use Carbon\Carbon;
use League\OAuth2\Server\AbstractServer; use common\tests\fixtures;
use League\OAuth2\Server\Storage\AccessTokenInterface;
use Yii;
use yii\web\UnauthorizedHttpException; use yii\web\UnauthorizedHttpException;
class IdentityFactoryTest extends TestCase { class IdentityFactoryTest extends TestCase {
public function _fixtures(): array {
return [
fixtures\LegacyOauthAccessTokenFixture::class,
fixtures\LegacyOauthAccessTokenScopeFixture::class,
];
}
public function testFindIdentityByAccessToken() { public function testFindIdentityByAccessToken() {
// Find identity by jwt token // Find identity by the JWT
$identity = IdentityFactory::findIdentityByAccessToken('eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJlbHktc2NvcGVzIjoiYWNjb3VudHNfd2ViX3VzZXIiLCJpYXQiOjE1NjQ2MTA1NDIsImV4cCI6MTU2NDYxNDE0Miwic3ViIjoiZWx5fDEifQ.4Oidvuo4spvUf9hkpHR72eeqZUh2Zbxh_L8Od3vcgTj--0iOrcOEp6zwmEW6vF7BTHtjz2b3mXce61bqsCjXjQ'); $identity = IdentityFactory::findIdentityByAccessToken('eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJlbHktc2NvcGVzIjoiYWNjb3VudHNfd2ViX3VzZXIiLCJpYXQiOjE1NjQ2MTA1NDIsImV4cCI6MTU2NDYxNDE0Miwic3ViIjoiZWx5fDEifQ.4Oidvuo4spvUf9hkpHR72eeqZUh2Zbxh_L8Od3vcgTj--0iOrcOEp6zwmEW6vF7BTHtjz2b3mXce61bqsCjXjQ');
$this->assertInstanceOf(JwtIdentity::class, $identity); $this->assertInstanceOf(JwtIdentity::class, $identity);
// Find identity by oauth2 token // Find identity by the legacy OAuth2 token
$accessToken = new AccessTokenEntity(mock(AbstractServer::class)); $identity = IdentityFactory::findIdentityByAccessToken('ZZQP8sS9urzriy8N9h6FwFNMOH3PkZ5T5PLqS6SX');
$accessToken->setExpireTime(time() + 3600);
$accessToken->setId('mock-token');
/** @var AccessTokenInterface|\Mockery\MockInterface $accessTokensStorage */
$accessTokensStorage = mock(AccessTokenInterface::class);
$accessTokensStorage->shouldReceive('get')->with('mock-token')->andReturn($accessToken);
/** @var Component|\Mockery\MockInterface $component */
$component = mock(Component::class);
$component->shouldReceive('getAccessTokenStorage')->andReturn($accessTokensStorage);
Yii::$app->set('oauth', $component);
$identity = IdentityFactory::findIdentityByAccessToken('mock-token');
$this->assertInstanceOf(LegacyOAuth2Identity::class, $identity); $this->assertInstanceOf(LegacyOAuth2Identity::class, $identity);
} }

View File

@ -3,52 +3,37 @@ declare(strict_types=1);
namespace api\tests\unit\components\User; namespace api\tests\unit\components\User;
use api\components\OAuth2\Component;
use api\components\OAuth2\Entities\AccessTokenEntity;
use api\components\User\LegacyOAuth2Identity; use api\components\User\LegacyOAuth2Identity;
use api\tests\unit\TestCase; use api\tests\unit\TestCase;
use Yii; use common\tests\fixtures;
use yii\web\UnauthorizedHttpException; use yii\web\UnauthorizedHttpException;
class LegacyOAuth2IdentityTest extends TestCase { class LegacyOAuth2IdentityTest extends TestCase {
public function testFindIdentityByAccessToken() { public function _fixtures(): array {
$accessToken = new AccessTokenEntity(mock(AbstractServer::class)); return [
$accessToken->setExpireTime(time() + 3600); fixtures\LegacyOauthAccessTokenFixture::class,
$accessToken->setId('mock-token'); fixtures\LegacyOauthAccessTokenScopeFixture::class,
$this->mockFoundedAccessToken($accessToken); ];
}
$identity = LegacyOAuth2Identity::findIdentityByAccessToken('mock-token'); public function testFindIdentityByAccessToken() {
$this->assertSame('mock-token', $identity->getId()); $identity = LegacyOAuth2Identity::findIdentityByAccessToken('ZZQP8sS9urzriy8N9h6FwFNMOH3PkZ5T5PLqS6SX');
$this->assertSame('ZZQP8sS9urzriy8N9h6FwFNMOH3PkZ5T5PLqS6SX', $identity->getId());
} }
public function testFindIdentityByAccessTokenWithNonExistsToken() { public function testFindIdentityByAccessTokenWithNonExistsToken() {
$this->expectException(UnauthorizedHttpException::class); $this->expectException(UnauthorizedHttpException::class);
$this->expectExceptionMessage('Incorrect token'); $this->expectExceptionMessage('Incorrect token');
LegacyOAuth2Identity::findIdentityByAccessToken('not exists token'); LegacyOAuth2Identity::findIdentityByAccessToken('xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx');
} }
public function testFindIdentityByAccessTokenWithExpiredToken() { public function testFindIdentityByAccessTokenWithExpiredToken() {
$this->expectException(UnauthorizedHttpException::class); $this->expectException(UnauthorizedHttpException::class);
$this->expectExceptionMessage('Token expired'); $this->expectExceptionMessage('Token expired');
$accessToken = new AccessTokenEntity(mock(AbstractServer::class)); LegacyOAuth2Identity::findIdentityByAccessToken('rc0sOF1SLdOxuD3bJcCQENmGTeYrGgy12qJScMx4');
$accessToken->setExpireTime(time() - 3600);
$this->mockFoundedAccessToken($accessToken);
LegacyOAuth2Identity::findIdentityByAccessToken('mock-token');
}
private function mockFoundedAccessToken(AccessTokenEntity $accessToken) {
/** @var AccessTokenInterface|\Mockery\MockInterface $accessTokensStorage */
$accessTokensStorage = mock(AccessTokenInterface::class);
$accessTokensStorage->shouldReceive('get')->with('mock-token')->andReturn($accessToken);
/** @var Component|\Mockery\MockInterface $component */
$component = mock(Component::class);
$component->shouldReceive('getAccessTokenStorage')->andReturn($accessTokensStorage);
Yii::$app->set('oauth', $component);
} }
} }

View File

@ -52,7 +52,11 @@ class FixtureHelper extends Module {
'usernamesHistory' => fixtures\UsernameHistoryFixture::class, 'usernamesHistory' => fixtures\UsernameHistoryFixture::class,
'oauthClients' => fixtures\OauthClientFixture::class, 'oauthClients' => fixtures\OauthClientFixture::class,
'oauthSessions' => fixtures\OauthSessionFixture::class, 'oauthSessions' => fixtures\OauthSessionFixture::class,
'legacyOauthSessionsScopes' => fixtures\LegacyOauthSessionScopeFixtures::class,
'legacyOauthAccessTokens' => fixtures\LegacyOauthAccessTokenFixture::class,
'legacyOauthAccessTokensScopes' => fixtures\LegacyOauthAccessTokenScopeFixture::class,
'oauthRefreshTokens' => fixtures\OauthRefreshTokensFixture::class, 'oauthRefreshTokens' => fixtures\OauthRefreshTokensFixture::class,
'legacyOauthRefreshTokens' => fixtures\LegacyOauthRefreshTokenFixture::class,
'minecraftAccessKeys' => fixtures\MinecraftAccessKeyFixture::class, 'minecraftAccessKeys' => fixtures\MinecraftAccessKeyFixture::class,
]; ];
} }

View File

@ -0,0 +1,82 @@
<?php
declare(strict_types=1);
namespace common\tests\_support\Redis;
use InvalidArgumentException;
use yii\base\ArrayAccessTrait;
use yii\di\Instance;
use yii\helpers\ArrayHelper;
use yii\helpers\Json;
use yii\redis\Connection;
use yii\test\FileFixtureTrait;
use yii\test\Fixture as BaseFixture;
class Fixture extends BaseFixture {
use ArrayAccessTrait;
use FileFixtureTrait;
/**
* @var Connection
*/
public $redis = 'redis';
public $keysPrefix = '';
public $keysPostfix = '';
public $data = [];
public function init() {
parent::init();
$this->redis = Instance::ensure($this->redis, Connection::class);
}
public function load() {
$this->data = [];
foreach ($this->getData() as $key => $data) {
$key = $this->buildKey($key);
$preparedData = $this->prepareData($data);
if (is_array($preparedData)) {
$this->redis->sadd($key, ...$preparedData);
} else {
$this->redis->set($key, $preparedData);
}
$this->data[$key] = $data;
}
}
public function unload() {
$this->redis->flushdb();
}
protected function getData(): array {
return $this->loadData($this->dataFile);
}
protected function prepareData($input) {
if (is_string($input)) {
return $input;
}
if (is_int($input) || is_bool($input)) {
return (string)$input;
}
if (is_array($input)) {
if (!ArrayHelper::isAssociative($input)) {
return $input;
}
return Json::encode($input);
}
throw new InvalidArgumentException('Unsupported input type');
}
protected function buildKey($key): string {
return $this->keysPrefix . $key . $this->keysPostfix;
}
}

View File

@ -0,0 +1,14 @@
<?php
declare(strict_types=1);
namespace common\tests\fixtures;
use common\tests\_support\Redis\Fixture;
class LegacyOauthAccessTokenFixture extends Fixture {
public $dataFile = '@root/common/tests/fixtures/data/legacy-oauth-access-tokens.php';
public $keysPrefix = 'oauth:access:tokens:';
}

View File

@ -0,0 +1,16 @@
<?php
declare(strict_types=1);
namespace common\tests\fixtures;
use common\tests\_support\Redis\Fixture;
class LegacyOauthAccessTokenScopeFixture extends Fixture {
public $dataFile = '@root/common/tests/fixtures/data/legacy-oauth-access-tokens-scopes.php';
public $keysPrefix = 'oauth:access:tokens:';
public $keysPostfix = ':scopes';
}

View File

@ -0,0 +1,14 @@
<?php
declare(strict_types=1);
namespace common\tests\fixtures;
use common\tests\_support\Redis\Fixture;
class LegacyOauthRefreshTokenFixture extends Fixture {
public $dataFile = '@root/common/tests/fixtures/data/legacy-oauth-refresh-tokens.php';
public $keysPrefix = 'oauth:refresh:tokens:';
}

View File

@ -0,0 +1,16 @@
<?php
declare(strict_types=1);
namespace common\tests\fixtures;
use common\tests\_support\Redis\Fixture;
class LegacyOauthSessionScopeFixtures extends Fixture {
public $dataFile = '@root/common/tests/fixtures/data/legacy-oauth-sessions-scopes.php';
public $keysPrefix = 'oauth:sessions:';
public $keysPostfix = ':scopes';
}

View File

@ -0,0 +1,4 @@
<?php
return [
'ZZQP8sS9urzriy8N9h6FwFNMOH3PkZ5T5PLqS6SX' => ['minecraft_server_session', 'obtain_own_account_info'],
];

View File

@ -0,0 +1,16 @@
<?php
use Carbon\Carbon;
return [
'ZZQP8sS9urzriy8N9h6FwFNMOH3PkZ5T5PLqS6SX' => [
'id' => 'ZZQP8sS9urzriy8N9h6FwFNMOH3PkZ5T5PLqS6SX',
'session_id' => 1,
'expire_time' => Carbon::now()->addHour()->getTimestamp(),
],
'rc0sOF1SLdOxuD3bJcCQENmGTeYrGgy12qJScMx4' => [
'id' => 'rc0sOF1SLdOxuD3bJcCQENmGTeYrGgy12qJScMx4',
'session_id' => 1,
'expire_time' => Carbon::now()->subHour()->getTimestamp(),
],
];

View File

@ -0,0 +1,8 @@
<?php
return [
'op7kPGAgHlsXRBJtkFg7wKOTpodvtHVW5NxR7Tjr' => [
'id' => 'op7kPGAgHlsXRBJtkFg7wKOTpodvtHVW5NxR7Tjr',
'access_token_id' => 'cynbpR53GK5HyvHuTtriHP7JpdqvFaYnWSS1twXX',
'session_id' => 1,
],
];

View File

@ -0,0 +1,4 @@
<?php
return [
1 => ['minecraft_server_session', 'obtain_own_account_info'],
];

View File

@ -3,24 +3,28 @@ return [
'admin-test1' => [ 'admin-test1' => [
'account_id' => 1, 'account_id' => 1,
'client_id' => 'test1', 'client_id' => 'test1',
'legacy_id' => 1,
'scopes' => null, 'scopes' => null,
'created_at' => 1479944472, 'created_at' => 1479944472,
], ],
'banned-account-session' => [ 'banned-account-session' => [
'account_id' => 10, 'account_id' => 10,
'client_id' => 'test1', 'client_id' => 'test1',
'legacy_id' => 2,
'scopes' => null, 'scopes' => null,
'created_at' => 1481421663, 'created_at' => 1481421663,
], ],
'deleted-client-session' => [ 'deleted-client-session' => [
'account_id' => 1, 'account_id' => 1,
'client_id' => 'deleted-oauth-client-with-sessions', 'client_id' => 'deleted-oauth-client-with-sessions',
'legacy_id' => 3,
'scopes' => null, 'scopes' => null,
'created_at' => 1519510065, 'created_at' => 1519510065,
], ],
'actual-deleted-client-session' => [ 'actual-deleted-client-session' => [
'account_id' => 2, 'account_id' => 2,
'client_id' => 'deleted-oauth-client-with-sessions', 'client_id' => 'deleted-oauth-client-with-sessions',
'legacy_id' => 4,
'scopes' => null, 'scopes' => null,
'created_at' => 1519511568, 'created_at' => 1519511568,
], ],