mirror of
https://github.com/elyby/accounts.git
synced 2024-12-27 15:40:21 +05:30
Реализован функционал получения информации об аккауте после выполнения oAuth авторизации
This commit is contained in:
ErickSkrauch
parent
26b37c2f6b
commit
a48c1432c6
8
api/components/ApiUser/AccessControl.php
Normal file
8
api/components/ApiUser/AccessControl.php
Normal file
@ -0,0 +1,8 @@
|
||||
<?php
|
||||
namespace api\components\ApiUser;
|
||||
|
||||
class AccessControl extends \yii\filters\AccessControl {
|
||||
|
||||
public $user = 'apiUser';
|
||||
|
||||
}
|
||||
@ -10,10 +10,14 @@ use yii\web\User as YiiUserComponent;
|
||||
*/
|
||||
class Component extends YiiUserComponent {
|
||||
|
||||
public $identity = Identity::class;
|
||||
public $identityClass = Identity::class;
|
||||
|
||||
public $enableSession = false;
|
||||
|
||||
public $loginUrl = null;
|
||||
|
||||
public function getAccessChecker() {
|
||||
return new AuthChecker();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -5,4 +5,6 @@ return [
|
||||
'/accounts/change-email/confirm-new-email' => 'accounts/change-email-confirm-new-email',
|
||||
|
||||
'/oauth2/v1/<action>' => 'oauth/<action>',
|
||||
|
||||
'/account/v1/info' => 'identity-info/index',
|
||||
];
|
||||
|
||||
@ -1,9 +1,9 @@
|
||||
<?php
|
||||
namespace api\controllers;
|
||||
|
||||
use common\models\OauthScope;
|
||||
use api\components\ApiUser\AccessControl;
|
||||
use common\models\OauthScope as S;
|
||||
use Yii;
|
||||
use yii\filters\AccessControl;
|
||||
use yii\helpers\ArrayHelper;
|
||||
|
||||
class IdentityInfoController extends ApiController {
|
||||
@ -16,7 +16,7 @@ class IdentityInfoController extends ApiController {
|
||||
[
|
||||
'actions' => ['index'],
|
||||
'allow' => true,
|
||||
'roles' => ['@'],
|
||||
'roles' => [S::ACCOUNT_INFO],
|
||||
],
|
||||
],
|
||||
],
|
||||
@ -28,12 +28,13 @@ class IdentityInfoController extends ApiController {
|
||||
$response = [
|
||||
'id' => $account->id,
|
||||
'uuid' => $account->uuid,
|
||||
'username' => $account->username,
|
||||
'registeredAt' => $account->created_at,
|
||||
'profileLink' => $account->getProfileLink(),
|
||||
'preferredLanguage' => $account->lang,
|
||||
];
|
||||
|
||||
if (Yii::$app->apiUser->can(OauthScope::ACCOUNT_EMAIL)) {
|
||||
if (Yii::$app->apiUser->can(S::ACCOUNT_EMAIL)) {
|
||||
$response['email'] = $account->email;
|
||||
}
|
||||
|
||||
|
||||
@ -11,6 +11,7 @@ class OauthScope extends ActiveRecord {
|
||||
|
||||
const OFFLINE_ACCESS = 'offline_access';
|
||||
const MINECRAFT_SERVER_SESSION = 'minecraft_server_session';
|
||||
const ACCOUNT_INFO = 'account_info';
|
||||
const ACCOUNT_EMAIL = 'account_email';
|
||||
|
||||
public static function tableName() {
|
||||
|
||||
18
console/migrations/m160803_185857_account_permissions.php
Normal file
18
console/migrations/m160803_185857_account_permissions.php
Normal file
@ -0,0 +1,18 @@
|
||||
<?php
|
||||
|
||||
use console\db\Migration;
|
||||
|
||||
class m160803_185857_account_permissions extends Migration {
|
||||
|
||||
public function safeUp() {
|
||||
$this->batchInsert('{{%oauth_scopes}}', ['id'], [
|
||||
['account_info'],
|
||||
['account_email'],
|
||||
]);
|
||||
}
|
||||
|
||||
public function safeDown() {
|
||||
$this->delete('{{%oauth_scopes}}', ['id' => ['account_info', 'account_email']]);
|
||||
}
|
||||
|
||||
}
|
||||
@ -1,15 +0,0 @@
|
||||
<?php
|
||||
|
||||
use console\db\Migration;
|
||||
|
||||
class m160803_185857_permission_email_access extends Migration {
|
||||
|
||||
public function safeUp() {
|
||||
$this->insert('{{%oauth_scopes}}', ['id' => 'account_email']);
|
||||
}
|
||||
|
||||
public function safeDown() {
|
||||
$this->delete('{{%oauth_scopes}}', ['id' => 'account_email']);
|
||||
}
|
||||
|
||||
}
|
||||
16
tests/codeception/api/_pages/IdentityInfoRoute.php
Normal file
16
tests/codeception/api/_pages/IdentityInfoRoute.php
Normal file
@ -0,0 +1,16 @@
|
||||
<?php
|
||||
namespace tests\codeception\api\_pages;
|
||||
|
||||
use yii\codeception\BasePage;
|
||||
|
||||
/**
|
||||
* @property \tests\codeception\api\FunctionalTester $actor
|
||||
*/
|
||||
class IdentityInfoRoute extends BasePage {
|
||||
|
||||
public function info() {
|
||||
$this->route = ['identity-info/index'];
|
||||
$this->actor->sendGET($this->getUrl());
|
||||
}
|
||||
|
||||
}
|
||||
66
tests/codeception/api/functional/IdentityInfoCest.php
Normal file
66
tests/codeception/api/functional/IdentityInfoCest.php
Normal file
@ -0,0 +1,66 @@
|
||||
<?php
|
||||
namespace codeception\api\functional;
|
||||
|
||||
use common\models\OauthScope as S;
|
||||
use tests\codeception\api\_pages\IdentityInfoRoute;
|
||||
use tests\codeception\api\functional\_steps\OauthSteps;
|
||||
use tests\codeception\api\FunctionalTester;
|
||||
|
||||
class IdentityInfoCest {
|
||||
|
||||
/**
|
||||
* @var IdentityInfoRoute
|
||||
*/
|
||||
private $route;
|
||||
|
||||
public function _before(FunctionalTester $I) {
|
||||
$this->route = new IdentityInfoRoute($I);
|
||||
}
|
||||
|
||||
public function testGetErrorIfNotEnoughPerms(OauthSteps $I) {
|
||||
$accessToken = $I->getAccessToken();
|
||||
$I->amBearerAuthenticated($accessToken);
|
||||
$this->route->info();
|
||||
$I->canSeeResponseCodeIs(403);
|
||||
$I->canSeeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'name' => 'Forbidden',
|
||||
'status' => 403,
|
||||
]);
|
||||
}
|
||||
|
||||
public function testGetInfo(OauthSteps $I) {
|
||||
$accessToken = $I->getAccessToken([S::ACCOUNT_INFO]);
|
||||
$I->amBearerAuthenticated($accessToken);
|
||||
$this->route->info();
|
||||
$I->canSeeResponseCodeIs(200);
|
||||
$I->canSeeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'id' => 1,
|
||||
'uuid' => 'df936908-b2e1-544d-96f8-2977ec213022',
|
||||
'username' => 'Admin',
|
||||
'registeredAt' => 1451775316,
|
||||
'profileLink' => 'http://ely.by/u1',
|
||||
'preferredLanguage' => 'en',
|
||||
]);
|
||||
$I->cantSeeResponseJsonMatchesJsonPath('$.email');
|
||||
}
|
||||
|
||||
public function testGetInfoWithEmail(OauthSteps $I) {
|
||||
$accessToken = $I->getAccessToken([S::ACCOUNT_INFO, S::ACCOUNT_EMAIL]);
|
||||
$I->amBearerAuthenticated($accessToken);
|
||||
$this->route->info();
|
||||
$I->canSeeResponseCodeIs(200);
|
||||
$I->canSeeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'id' => 1,
|
||||
'uuid' => 'df936908-b2e1-544d-96f8-2977ec213022',
|
||||
'username' => 'Admin',
|
||||
'registeredAt' => 1451775316,
|
||||
'profileLink' => 'http://ely.by/u1',
|
||||
'preferredLanguage' => 'en',
|
||||
'email' => 'admin@ely.by',
|
||||
]);
|
||||
}
|
||||
|
||||
}
|
||||
@ -1,9 +1,9 @@
|
||||
<?php
|
||||
namespace tests\codeception\api;
|
||||
|
||||
use common\models\OauthScope as S;
|
||||
use tests\codeception\api\_pages\OauthRoute;
|
||||
use tests\codeception\api\functional\_steps\OauthSteps;
|
||||
use Yii;
|
||||
|
||||
class OauthAccessTokenCest {
|
||||
|
||||
@ -55,7 +55,7 @@ class OauthAccessTokenCest {
|
||||
}
|
||||
|
||||
public function testIssueTokenWithRefreshToken(OauthSteps $I) {
|
||||
$authCode = $I->getAuthCode(false);
|
||||
$authCode = $I->getAuthCode([S::OFFLINE_ACCESS]);
|
||||
$this->route->issueToken($this->buildParams(
|
||||
$authCode,
|
||||
'ely',
|
||||
|
||||
@ -1,10 +1,9 @@
|
||||
<?php
|
||||
namespace tests\codeception\api;
|
||||
|
||||
use common\models\OauthScope;
|
||||
use common\models\OauthScope as S;
|
||||
use tests\codeception\api\_pages\OauthRoute;
|
||||
use tests\codeception\api\functional\_steps\OauthSteps;
|
||||
use Yii;
|
||||
|
||||
class OauthRefreshTokenCest {
|
||||
|
||||
@ -35,12 +34,12 @@ class OauthRefreshTokenCest {
|
||||
}
|
||||
|
||||
public function testRefreshTokenWithSameScopes(OauthSteps $I) {
|
||||
$refreshToken = $I->getRefreshToken();
|
||||
$refreshToken = $I->getRefreshToken([S::MINECRAFT_SERVER_SESSION]);
|
||||
$this->route->issueToken($this->buildParams(
|
||||
$refreshToken,
|
||||
'ely',
|
||||
'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM',
|
||||
[OauthScope::MINECRAFT_SERVER_SESSION, OauthScope::OFFLINE_ACCESS]
|
||||
[S::MINECRAFT_SERVER_SESSION, S::OFFLINE_ACCESS]
|
||||
));
|
||||
$I->canSeeResponseCodeIs(200);
|
||||
$I->canSeeResponseIsJson();
|
||||
@ -53,12 +52,12 @@ class OauthRefreshTokenCest {
|
||||
}
|
||||
|
||||
public function testRefreshTokenWithNewScopes(OauthSteps $I) {
|
||||
$refreshToken = $I->getRefreshToken();
|
||||
$refreshToken = $I->getRefreshToken([S::MINECRAFT_SERVER_SESSION]);
|
||||
$this->route->issueToken($this->buildParams(
|
||||
$refreshToken,
|
||||
'ely',
|
||||
'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM',
|
||||
[OauthScope::MINECRAFT_SERVER_SESSION, OauthScope::OFFLINE_ACCESS, 'change_skin']
|
||||
[S::MINECRAFT_SERVER_SESSION, S::OFFLINE_ACCESS, S::ACCOUNT_EMAIL]
|
||||
));
|
||||
$I->canSeeResponseCodeIs(400);
|
||||
$I->canSeeResponseIsJson();
|
||||
|
||||
@ -1,11 +1,12 @@
|
||||
<?php
|
||||
namespace tests\codeception\api\functional\_steps;
|
||||
|
||||
use common\models\OauthScope as S;
|
||||
use tests\codeception\api\_pages\OauthRoute;
|
||||
|
||||
class OauthSteps extends \tests\codeception\api\FunctionalTester {
|
||||
|
||||
public function getAuthCode($online = true) {
|
||||
public function getAuthCode(array $permissions = []) {
|
||||
// TODO: по идее можно напрямую сделать зпись в базу, что ускорит процесс тестирования
|
||||
$this->loggedInAsActiveAccount();
|
||||
$route = new OauthRoute($this);
|
||||
@ -13,7 +14,7 @@ class OauthSteps extends \tests\codeception\api\FunctionalTester {
|
||||
'client_id' => 'ely',
|
||||
'redirect_uri' => 'http://ely.by',
|
||||
'response_type' => 'code',
|
||||
'scope' => 'minecraft_server_session' . ($online ? '' : ',offline_access'),
|
||||
'scope' => implode(',', $permissions),
|
||||
], ['accept' => true]);
|
||||
$this->canSeeResponseJsonMatchesJsonPath('$.redirectUri');
|
||||
$response = json_decode($this->grabResponse(), true);
|
||||
@ -22,9 +23,22 @@ class OauthSteps extends \tests\codeception\api\FunctionalTester {
|
||||
return $matches[1];
|
||||
}
|
||||
|
||||
public function getRefreshToken() {
|
||||
public function getAccessToken(array $permissions = []) {
|
||||
$authCode = $this->getAuthCode($permissions);
|
||||
$response = $this->issueToken($authCode);
|
||||
|
||||
return $response['access_token'];
|
||||
}
|
||||
|
||||
public function getRefreshToken(array $permissions = []) {
|
||||
// TODO: по идее можно напрямую сделать зпись в базу, что ускорит процесс тестирования
|
||||
$authCode = $this->getAuthCode(false);
|
||||
$authCode = $this->getAuthCode(array_merge([S::OFFLINE_ACCESS], $permissions));
|
||||
$response = $this->issueToken($authCode);
|
||||
|
||||
return $response['refresh_token'];
|
||||
}
|
||||
|
||||
public function issueToken($authCode) {
|
||||
$route = new OauthRoute($this);
|
||||
$route->issueToken([
|
||||
'code' => $authCode,
|
||||
@ -34,9 +48,7 @@ class OauthSteps extends \tests\codeception\api\FunctionalTester {
|
||||
'grant_type' => 'authorization_code',
|
||||
]);
|
||||
|
||||
$response = json_decode($this->grabResponse(), true);
|
||||
|
||||
return $response['refresh_token'];
|
||||
return json_decode($this->grabResponse(), true);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -7,7 +7,6 @@ use tests\codeception\common\fixtures\AccountFixture;
|
||||
use tests\codeception\common\fixtures\AccountSessionFixture;
|
||||
use tests\codeception\common\fixtures\EmailActivationFixture;
|
||||
use tests\codeception\common\fixtures\OauthClientFixture;
|
||||
use tests\codeception\common\fixtures\OauthScopeFixture;
|
||||
use tests\codeception\common\fixtures\OauthSessionFixture;
|
||||
use tests\codeception\common\fixtures\UsernameHistoryFixture;
|
||||
use yii\test\FixtureTrait;
|
||||
@ -56,10 +55,6 @@ class FixtureHelper extends Module {
|
||||
'class' => OauthClientFixture::class,
|
||||
'dataFile' => '@tests/codeception/common/fixtures/data/oauth-clients.php',
|
||||
],
|
||||
'oauthScopes' => [
|
||||
'class' => OauthScopeFixture::class,
|
||||
'dataFile' => '@tests/codeception/common/fixtures/data/oauth-scopes.php',
|
||||
],
|
||||
'oauthSessions' => [
|
||||
'class' => OauthSessionFixture::class,
|
||||
'dataFile' => '@tests/codeception/common/fixtures/data/oauth-sessions.php',
|
||||
|
||||
@ -1,11 +0,0 @@
|
||||
<?php
|
||||
namespace tests\codeception\common\fixtures;
|
||||
|
||||
use common\models\OauthScope;
|
||||
use yii\test\ActiveFixture;
|
||||
|
||||
class OauthScopeFixture extends ActiveFixture {
|
||||
|
||||
public $modelClass = OauthScope::class;
|
||||
|
||||
}
|
||||
@ -1,12 +0,0 @@
|
||||
<?php
|
||||
return [
|
||||
'minecraft_server_session' => [
|
||||
'id' => 'minecraft_server_session',
|
||||
],
|
||||
'change_skin' => [
|
||||
'id' => 'change_skin',
|
||||
],
|
||||
'offline_access' => [
|
||||
'id' => 'offline_access',
|
||||
],
|
||||
];
|
||||
Loading…
Reference in New Issue
Block a user