mirror of
https://github.com/elyby/accounts.git
synced 2024-11-26 16:52:02 +05:30
Заменил библиотеку для JWT токенов на свой форк с разнообразными исключениями, подрихтовал тесты для класса AccountIdentity
This commit is contained in:
parent
ed6bc672cb
commit
d514ba620d
@ -3,15 +3,14 @@ namespace api\models;
|
||||
|
||||
use common\models\Account;
|
||||
use Emarref\Jwt\Claim\JwtId;
|
||||
use Emarref\Jwt\Exception\VerificationException;
|
||||
use Emarref\Jwt\Token;
|
||||
use Emarref\Jwt\Exception\ExpiredException;
|
||||
use Yii;
|
||||
use yii\base\NotSupportedException;
|
||||
use yii\helpers\StringHelper;
|
||||
use yii\web\IdentityInterface;
|
||||
use yii\web\UnauthorizedHttpException;
|
||||
|
||||
class AccountIdentity extends Account implements IdentityInterface {
|
||||
|
||||
/**
|
||||
* @inheritdoc
|
||||
*/
|
||||
@ -20,14 +19,10 @@ class AccountIdentity extends Account implements IdentityInterface {
|
||||
$component = Yii::$app->user;
|
||||
try {
|
||||
$token = $component->parseToken($token);
|
||||
} catch (VerificationException $e) {
|
||||
if (StringHelper::startsWith($e->getMessage(), 'Token expired at')) {
|
||||
$message = 'Token expired';
|
||||
} else {
|
||||
$message = 'Incorrect token';
|
||||
}
|
||||
|
||||
throw new UnauthorizedHttpException($message);
|
||||
} catch (ExpiredException $e) {
|
||||
throw new UnauthorizedHttpException('Token expired');
|
||||
} catch (\Exception $e) {
|
||||
throw new UnauthorizedHttpException('Incorrect token');
|
||||
}
|
||||
|
||||
// Если исключение выше не случилось, то значит всё оке
|
||||
|
@ -23,7 +23,7 @@
|
||||
"guzzlehttp/guzzle": "^6.0.0",
|
||||
"php-amqplib/php-amqplib": "~2.6.2",
|
||||
"ely/yii2-tempmail-validator": "~1.0.0",
|
||||
"emarref/jwt": "~1.0.0"
|
||||
"emarref/jwt": "dev-master#1e4fdf731f9fdfbc5906659ef5384715197fd90b"
|
||||
},
|
||||
"require-dev": {
|
||||
"yiisoft/yii2-codeception": "*",
|
||||
@ -43,6 +43,10 @@
|
||||
{
|
||||
"type": "composer",
|
||||
"url": "https://asset-packagist.org"
|
||||
},
|
||||
{
|
||||
"type": "git",
|
||||
"url": "git@github.com:erickskrauch/jwt.git"
|
||||
}
|
||||
],
|
||||
"scripts": {
|
||||
|
@ -3,13 +3,11 @@ namespace codeception\api\unit\models;
|
||||
|
||||
use api\models\AccountIdentity;
|
||||
use Codeception\Specify;
|
||||
use Exception;
|
||||
use tests\codeception\api\unit\DbTestCase;
|
||||
use tests\codeception\common\_support\ProtectedCaller;
|
||||
use tests\codeception\common\fixtures\AccountFixture;
|
||||
use Yii;
|
||||
use yii\web\IdentityInterface;
|
||||
use yii\web\UnauthorizedHttpException;
|
||||
|
||||
/**
|
||||
* @property AccountIdentity $accounts
|
||||
@ -25,27 +23,29 @@ class AccountIdentityTest extends DbTestCase {
|
||||
}
|
||||
|
||||
public function testFindIdentityByAccessToken() {
|
||||
$this->specify('success validate passed jwt token', function() {
|
||||
$identity = AccountIdentity::findIdentityByAccessToken($this->generateToken());
|
||||
expect($identity)->isInstanceOf(IdentityInterface::class);
|
||||
expect($identity->getId())->equals($this->accounts['admin']['id']);
|
||||
});
|
||||
$identity = AccountIdentity::findIdentityByAccessToken($this->generateToken());
|
||||
$this->assertInstanceOf(IdentityInterface::class, $identity);
|
||||
$this->assertEquals($this->accounts['admin']['id'], $identity->getId());
|
||||
}
|
||||
|
||||
$this->specify('get unauthorized exception with "Token expired" message if token valid, but expire', function() {
|
||||
$expiredToken = 'eyJhbGciOiJIUzI1NiJ9.eyJhdWQiOiJodHRwOlwvXC9sb2NhbGhvc3Q6ODA4MCIsImlzcyI6Imh0d' .
|
||||
'HA6XC9cL2xvY2FsaG9zdDo4MDgwIiwiaWF0IjoxNDY0NTkzMTkzLCJleHAiOjE0NjQ1OTY3OTN9.DV' .
|
||||
'8uwh0OQhBYXkrNvxwJeO-kEjb9MQeLr3-6GoHM7RY';
|
||||
/**
|
||||
* @expectedException \yii\web\UnauthorizedHttpException
|
||||
* @expectedExceptionMessage Token expired
|
||||
*/
|
||||
public function testFindIdentityByAccessTokenWithExpiredToken() {
|
||||
$expiredToken = 'eyJhbGciOiJIUzI1NiJ9.eyJhdWQiOiJodHRwOlwvXC9sb2NhbGhvc3Q6ODA4MCIsImlzcyI6Imh0d' .
|
||||
'HA6XC9cL2xvY2FsaG9zdDo4MDgwIiwiaWF0IjoxNDY0NTkzMTkzLCJleHAiOjE0NjQ1OTY3OTN9.DV' .
|
||||
'8uwh0OQhBYXkrNvxwJeO-kEjb9MQeLr3-6GoHM7RY';
|
||||
|
||||
try {
|
||||
AccountIdentity::findIdentityByAccessToken($expiredToken);
|
||||
} catch (Exception $e) {
|
||||
expect($e)->isInstanceOf(UnauthorizedHttpException::class);
|
||||
expect($e->getMessage())->equals('Token expired');
|
||||
return;
|
||||
}
|
||||
AccountIdentity::findIdentityByAccessToken($expiredToken);
|
||||
}
|
||||
|
||||
expect('if test valid, this should not happened', false)->true();
|
||||
});
|
||||
/**
|
||||
* @expectedException \yii\web\UnauthorizedHttpException
|
||||
* @expectedExceptionMessage Incorrect token
|
||||
*/
|
||||
public function testFindIdentityByAccessTokenWithEmptyToken() {
|
||||
AccountIdentity::findIdentityByAccessToken('');
|
||||
}
|
||||
|
||||
protected function generateToken() {
|
||||
@ -53,6 +53,7 @@ class AccountIdentityTest extends DbTestCase {
|
||||
$component = Yii::$app->user;
|
||||
/** @var AccountIdentity $account */
|
||||
$account = AccountIdentity::findOne($this->accounts['admin']['id']);
|
||||
|
||||
$token = $this->callProtected($component, 'createToken', $account);
|
||||
|
||||
return $this->callProtected($component, 'serializeToken', $token);
|
||||
|
Loading…
Reference in New Issue
Block a user