From cb038c897b96269520fd33cf1cb8fa14cb0f2b70 Mon Sep 17 00:00:00 2001
From: ErickSkrauch <erickskrauch@yandex.ru>
Date: Mon, 30 May 2016 21:11:22 +0300
Subject: [PATCH] =?UTF-8?q?=D0=94=D0=BE=D0=B1=D0=B0=D0=B2=D0=BB=D0=B5?=
 =?UTF-8?q?=D0=BD=D1=8B=20=D1=82=D0=B5=D1=81=D1=82=D1=8B=20=D0=B4=D0=BB?=
 =?UTF-8?q?=D1=8F=20=D0=BE=D1=82=D0=B2=D0=B5=D1=82=D0=B0=20=D1=81=D0=B5?=
 =?UTF-8?q?=D1=80=D0=B2=D0=B5=D1=80=D0=B0=20=D0=BE=20=D0=B8=D1=81=D1=82?=
 =?UTF-8?q?=D1=91=D0=BA=D1=88=D0=B5=D0=BC=20=D1=82=D0=BE=D0=BA=D0=B5=D0=BD?=
 =?UTF-8?q?=D0=B5=20=D0=94=D0=BE=D0=B1=D0=B0=D0=B2=D0=BB=D0=B5=D0=BD=D1=8B?=
 =?UTF-8?q?=20doc-=D0=B1=D0=BB=D0=BE=D0=BA=D0=B8=20=D0=B4=D0=BB=D1=8F=20?=
 =?UTF-8?q?=D0=BF=D0=BE=D0=B2=D0=B5=D0=B4=D0=B5=D0=BD=D0=B8=D0=B9=20=D0=B2?=
 =?UTF-8?q?=20=D0=B1=D0=B0=D0=B7=D0=BE=D0=B2=D0=BE=D0=BC=20=D0=BA=D0=BE?=
 =?UTF-8?q?=D0=BD=D1=82=D1=80=D0=BE=D0=BB=D0=BB=D0=B5=D1=80=D0=B5?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 api/controllers/Controller.php                 |  5 +++++
 .../api/functional/AccountsCurrentCest.php     | 18 ++++++++++++++++++
 .../api/unit/models/AccountIdentityTest.php    | 18 ++++++------------
 3 files changed, 29 insertions(+), 12 deletions(-)

diff --git a/api/controllers/Controller.php b/api/controllers/Controller.php
index 1739d20..c60e326 100644
--- a/api/controllers/Controller.php
+++ b/api/controllers/Controller.php
@@ -7,6 +7,11 @@ use yii\filters\auth\HttpBearerAuth;
 
 /**
  * @property \common\models\Account|null $account
+ *
+ * Поведения:
+ * @mixin \yii\filters\ContentNegotiator
+ * @mixin \yii\filters\VerbFilter
+ * @mixin \yii\filters\auth\CompositeAuth
  */
 class Controller extends \yii\rest\Controller {
     use ApiNormalize;
diff --git a/tests/codeception/api/functional/AccountsCurrentCest.php b/tests/codeception/api/functional/AccountsCurrentCest.php
index 05d102b..114826f 100644
--- a/tests/codeception/api/functional/AccountsCurrentCest.php
+++ b/tests/codeception/api/functional/AccountsCurrentCest.php
@@ -34,4 +34,22 @@ class AccountsCurrentCest {
         $I->canSeeResponseJsonMatchesJsonPath('$.passwordChangedAt');
     }
 
+    public function testExpiredCurrent(FunctionalTester $I) {
+        // Устанавливаем заведомо истёкший токен
+        $I->amBearerAuthenticated(
+            'eyJhbGciOiJIUzI1NiJ9.eyJhdWQiOiJodHRwOlwvXC9sb2NhbGhvc3QiLCJpc3MiOiJodHRwOlwvXC9sb2NhbGhvc3QiLCJpYXQiO' .
+            'jE0NjQ2Mjc1NDUsImV4cCI6MTQ2NDYzMTE0NSwianRpIjoxfQ.9c1mm0BK-cuW1qh15F12s2Fh37IN43YeeZeU4DFtlrE'
+        );
+
+        $this->route->current();
+        $I->canSeeResponseCodeIs(401);
+        $I->canSeeResponseIsJson();
+        $I->canSeeResponseContainsJson([
+            'name' => 'Unauthorized',
+            'message' => 'Token expired',
+            'code' => 0,
+            'status' => 401,
+        ]);
+    }
+
 }
diff --git a/tests/codeception/api/unit/models/AccountIdentityTest.php b/tests/codeception/api/unit/models/AccountIdentityTest.php
index fd3973c..060728e 100644
--- a/tests/codeception/api/unit/models/AccountIdentityTest.php
+++ b/tests/codeception/api/unit/models/AccountIdentityTest.php
@@ -18,10 +18,7 @@ class AccountIdentityTest extends DbTestCase {
 
     public function fixtures() {
         return [
-            'accounts' => [
-                'class' => AccountFixture::class,
-                'dataFile' => '@tests/codeception/common/fixtures/data/accounts.php',
-            ],
+            'accounts' => AccountFixture::class,
         ];
     }
 
@@ -32,16 +29,13 @@ class AccountIdentityTest extends DbTestCase {
             expect($identity->getId())->equals($this->accounts['admin']['id']);
         });
 
-        // TODO: нормально оттестить исключение, если токен истёк
-        return;
+        $this->specify('get unauthorized exception with "Token expired" message if token valid, but expire', function() {
+            $expiredToken = 'eyJhbGciOiJIUzI1NiJ9.eyJhdWQiOiJodHRwOlwvXC9sb2NhbGhvc3Q6ODA4MCIsImlzcyI6Imh0d' .
+                            'HA6XC9cL2xvY2FsaG9zdDo4MDgwIiwiaWF0IjoxNDY0NTkzMTkzLCJleHAiOjE0NjQ1OTY3OTN9.DV' .
+                            '8uwh0OQhBYXkrNvxwJeO-kEjb9MQeLr3-6GoHM7RY';
 
-        $this->specify('get unauthorized with "Token expired message if token valid, but expire"', function() {
-            $originalTimezone = date_default_timezone_get();
-            date_default_timezone_set('America/Los_Angeles');
             try {
-                $token = $this->generateToken();
-                date_default_timezone_set($originalTimezone);
-                AccountIdentity::findIdentityByAccessToken($token);
+                AccountIdentity::findIdentityByAccessToken($expiredToken);
             } catch (Exception $e) {
                 expect($e)->isInstanceOf(UnauthorizedHttpException::class);
                 expect($e->getMessage())->equals('Token expired');