Заменил библиотеку для JWT токенов на свой форк с разнообразными исключениями, подрихтовал тесты для класса AccountIdentity

2024-11-08 21:52:33 +05:30 · 2016-07-27 16:17:41 +03:00 · 2016-07-27 16:17:41 +03:00 · d514ba620d
commit d514ba620d
parent ed6bc672cb
3 changed files with 32 additions and 32 deletions
--- a/api/models/AccountIdentity.php
+++ b/api/models/AccountIdentity.php
@ -3,15 +3,14 @@ namespace api\models;

 use common\models\Account;
 use Emarref\Jwt\Claim\JwtId;
-use Emarref\Jwt\Exception\VerificationException;
-use Emarref\Jwt\Token;
+use Emarref\Jwt\Exception\ExpiredException;
 use Yii;
 use yii\base\NotSupportedException;
-use yii\helpers\StringHelper;
 use yii\web\IdentityInterface;
 use yii\web\UnauthorizedHttpException;

 class AccountIdentity extends Account implements IdentityInterface {
+
    /**
     * @inheritdoc
     */
@ -20,14 +19,10 @@ class AccountIdentity extends Account implements IdentityInterface {
        $component = Yii::$app->user;
        try {
            $token = $component->parseToken($token);
-        } catch (VerificationException $e) {
-            if (StringHelper::startsWith($e->getMessage(), 'Token expired at')) {
-                $message = 'Token expired';
-            } else {
-                $message = 'Incorrect token';
-            }
-
-            throw new UnauthorizedHttpException($message);
+        } catch (ExpiredException $e) {
+            throw new UnauthorizedHttpException('Token expired');
+        } catch (\Exception $e) {
+            throw new UnauthorizedHttpException('Incorrect token');
        }

        // Если исключение выше не случилось, то значит всё оке
--- a/composer.json
+++ b/composer.json
@ -23,7 +23,7 @@
        "guzzlehttp/guzzle": "^6.0.0",
        "php-amqplib/php-amqplib": "~2.6.2",
        "ely/yii2-tempmail-validator": "~1.0.0",
-        "emarref/jwt": "~1.0.0"
+        "emarref/jwt": "dev-master#1e4fdf731f9fdfbc5906659ef5384715197fd90b"
    },
    "require-dev": {
        "yiisoft/yii2-codeception": "*",
@ -43,6 +43,10 @@
        {
            "type": "composer",
            "url": "https://asset-packagist.org"
+        },
+        {
+            "type": "git",
+            "url": "git@github.com:erickskrauch/jwt.git"
        }
    ],
    "scripts": {
--- a/tests/codeception/api/unit/models/AccountIdentityTest.php
+++ b/tests/codeception/api/unit/models/AccountIdentityTest.php
@ -3,13 +3,11 @@ namespace codeception\api\unit\models;

 use api\models\AccountIdentity;
 use Codeception\Specify;
-use Exception;
 use tests\codeception\api\unit\DbTestCase;
 use tests\codeception\common\_support\ProtectedCaller;
 use tests\codeception\common\fixtures\AccountFixture;
 use Yii;
 use yii\web\IdentityInterface;
-use yii\web\UnauthorizedHttpException;

 /**
 * @property AccountIdentity $accounts
@ -25,27 +23,29 @@ class AccountIdentityTest extends DbTestCase {
    }

    public function testFindIdentityByAccessToken() {
-        $this->specify('success validate passed jwt token', function() {
-            $identity = AccountIdentity::findIdentityByAccessToken($this->generateToken());
-            expect($identity)->isInstanceOf(IdentityInterface::class);
-            expect($identity->getId())->equals($this->accounts['admin']['id']);
-        });
+        $identity = AccountIdentity::findIdentityByAccessToken($this->generateToken());
+        $this->assertInstanceOf(IdentityInterface::class, $identity);
+        $this->assertEquals($this->accounts['admin']['id'], $identity->getId());
+    }

-        $this->specify('get unauthorized exception with "Token expired" message if token valid, but expire', function() {
-            $expiredToken = 'eyJhbGciOiJIUzI1NiJ9.eyJhdWQiOiJodHRwOlwvXC9sb2NhbGhvc3Q6ODA4MCIsImlzcyI6Imh0d' .
-                            'HA6XC9cL2xvY2FsaG9zdDo4MDgwIiwiaWF0IjoxNDY0NTkzMTkzLCJleHAiOjE0NjQ1OTY3OTN9.DV' .
-                            '8uwh0OQhBYXkrNvxwJeO-kEjb9MQeLr3-6GoHM7RY';
+    /**
+     * @expectedException \yii\web\UnauthorizedHttpException
+     * @expectedExceptionMessage Token expired
+     */
+    public function testFindIdentityByAccessTokenWithExpiredToken() {
+        $expiredToken = 'eyJhbGciOiJIUzI1NiJ9.eyJhdWQiOiJodHRwOlwvXC9sb2NhbGhvc3Q6ODA4MCIsImlzcyI6Imh0d' .
+                        'HA6XC9cL2xvY2FsaG9zdDo4MDgwIiwiaWF0IjoxNDY0NTkzMTkzLCJleHAiOjE0NjQ1OTY3OTN9.DV' .
+                        '8uwh0OQhBYXkrNvxwJeO-kEjb9MQeLr3-6GoHM7RY';

-            try {
-                AccountIdentity::findIdentityByAccessToken($expiredToken);
-            } catch (Exception $e) {
-                expect($e)->isInstanceOf(UnauthorizedHttpException::class);
-                expect($e->getMessage())->equals('Token expired');
-                return;
-            }
+        AccountIdentity::findIdentityByAccessToken($expiredToken);
+    }

-            expect('if test valid, this should not happened', false)->true();
-        });
+    /**
+     * @expectedException \yii\web\UnauthorizedHttpException
+     * @expectedExceptionMessage Incorrect token
+     */
+    public function testFindIdentityByAccessTokenWithEmptyToken() {
+        AccountIdentity::findIdentityByAccessToken('');
    }

    protected function generateToken() {
@ -53,6 +53,7 @@ class AccountIdentityTest extends DbTestCase {
        $component = Yii::$app->user;
        /** @var AccountIdentity $account */
        $account = AccountIdentity::findOne($this->accounts['admin']['id']);
+
        $token = $this->callProtected($component, 'createToken', $account);

        return $this->callProtected($component, 'serializeToken', $token);