From d514ba620da998b8095e83e7f508077954baeb32 Mon Sep 17 00:00:00 2001 From: ErickSkrauch Date: Wed, 27 Jul 2016 16:17:41 +0300 Subject: [PATCH] =?UTF-8?q?=D0=97=D0=B0=D0=BC=D0=B5=D0=BD=D0=B8=D0=BB=20?= =?UTF-8?q?=D0=B1=D0=B8=D0=B1=D0=BB=D0=B8=D0=BE=D1=82=D0=B5=D0=BA=D1=83=20?= =?UTF-8?q?=D0=B4=D0=BB=D1=8F=20JWT=20=D1=82=D0=BE=D0=BA=D0=B5=D0=BD=D0=BE?= =?UTF-8?q?=D0=B2=20=D0=BD=D0=B0=20=D1=81=D0=B2=D0=BE=D0=B9=20=D1=84=D0=BE?= =?UTF-8?q?=D1=80=D0=BA=20=D1=81=20=D1=80=D0=B0=D0=B7=D0=BD=D0=BE=D0=BE?= =?UTF-8?q?=D0=B1=D1=80=D0=B0=D0=B7=D0=BD=D1=8B=D0=BC=D0=B8=20=D0=B8=D1=81?= =?UTF-8?q?=D0=BA=D0=BB=D1=8E=D1=87=D0=B5=D0=BD=D0=B8=D1=8F=D0=BC=D0=B8,?= =?UTF-8?q?=20=D0=BF=D0=BE=D0=B4=D1=80=D0=B8=D1=85=D1=82=D0=BE=D0=B2=D0=B0?= =?UTF-8?q?=D0=BB=20=D1=82=D0=B5=D1=81=D1=82=D1=8B=20=D0=B4=D0=BB=D1=8F=20?= =?UTF-8?q?=D0=BA=D0=BB=D0=B0=D1=81=D1=81=D0=B0=20AccountIdentity?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- api/models/AccountIdentity.php | 17 +++----- composer.json | 6 ++- .../api/unit/models/AccountIdentityTest.php | 41 ++++++++++--------- 3 files changed, 32 insertions(+), 32 deletions(-) diff --git a/api/models/AccountIdentity.php b/api/models/AccountIdentity.php index a0a0a48..4122fca 100644 --- a/api/models/AccountIdentity.php +++ b/api/models/AccountIdentity.php @@ -3,15 +3,14 @@ namespace api\models; use common\models\Account; use Emarref\Jwt\Claim\JwtId; -use Emarref\Jwt\Exception\VerificationException; -use Emarref\Jwt\Token; +use Emarref\Jwt\Exception\ExpiredException; use Yii; use yii\base\NotSupportedException; -use yii\helpers\StringHelper; use yii\web\IdentityInterface; use yii\web\UnauthorizedHttpException; class AccountIdentity extends Account implements IdentityInterface { + /** * @inheritdoc */ @@ -20,14 +19,10 @@ class AccountIdentity extends Account implements IdentityInterface { $component = Yii::$app->user; try { $token = $component->parseToken($token); - } catch (VerificationException $e) { - if (StringHelper::startsWith($e->getMessage(), 'Token expired at')) { - $message = 'Token expired'; - } else { - $message = 'Incorrect token'; - } - - throw new UnauthorizedHttpException($message); + } catch (ExpiredException $e) { + throw new UnauthorizedHttpException('Token expired'); + } catch (\Exception $e) { + throw new UnauthorizedHttpException('Incorrect token'); } // Если исключение выше не случилось, то значит всё оке diff --git a/composer.json b/composer.json index 1580750..d4a6c1d 100644 --- a/composer.json +++ b/composer.json @@ -23,7 +23,7 @@ "guzzlehttp/guzzle": "^6.0.0", "php-amqplib/php-amqplib": "~2.6.2", "ely/yii2-tempmail-validator": "~1.0.0", - "emarref/jwt": "~1.0.0" + "emarref/jwt": "dev-master#1e4fdf731f9fdfbc5906659ef5384715197fd90b" }, "require-dev": { "yiisoft/yii2-codeception": "*", @@ -43,6 +43,10 @@ { "type": "composer", "url": "https://asset-packagist.org" + }, + { + "type": "git", + "url": "git@github.com:erickskrauch/jwt.git" } ], "scripts": { diff --git a/tests/codeception/api/unit/models/AccountIdentityTest.php b/tests/codeception/api/unit/models/AccountIdentityTest.php index fd351e9..ad542bc 100644 --- a/tests/codeception/api/unit/models/AccountIdentityTest.php +++ b/tests/codeception/api/unit/models/AccountIdentityTest.php @@ -3,13 +3,11 @@ namespace codeception\api\unit\models; use api\models\AccountIdentity; use Codeception\Specify; -use Exception; use tests\codeception\api\unit\DbTestCase; use tests\codeception\common\_support\ProtectedCaller; use tests\codeception\common\fixtures\AccountFixture; use Yii; use yii\web\IdentityInterface; -use yii\web\UnauthorizedHttpException; /** * @property AccountIdentity $accounts @@ -25,27 +23,29 @@ class AccountIdentityTest extends DbTestCase { } public function testFindIdentityByAccessToken() { - $this->specify('success validate passed jwt token', function() { - $identity = AccountIdentity::findIdentityByAccessToken($this->generateToken()); - expect($identity)->isInstanceOf(IdentityInterface::class); - expect($identity->getId())->equals($this->accounts['admin']['id']); - }); + $identity = AccountIdentity::findIdentityByAccessToken($this->generateToken()); + $this->assertInstanceOf(IdentityInterface::class, $identity); + $this->assertEquals($this->accounts['admin']['id'], $identity->getId()); + } - $this->specify('get unauthorized exception with "Token expired" message if token valid, but expire', function() { - $expiredToken = 'eyJhbGciOiJIUzI1NiJ9.eyJhdWQiOiJodHRwOlwvXC9sb2NhbGhvc3Q6ODA4MCIsImlzcyI6Imh0d' . - 'HA6XC9cL2xvY2FsaG9zdDo4MDgwIiwiaWF0IjoxNDY0NTkzMTkzLCJleHAiOjE0NjQ1OTY3OTN9.DV' . - '8uwh0OQhBYXkrNvxwJeO-kEjb9MQeLr3-6GoHM7RY'; + /** + * @expectedException \yii\web\UnauthorizedHttpException + * @expectedExceptionMessage Token expired + */ + public function testFindIdentityByAccessTokenWithExpiredToken() { + $expiredToken = 'eyJhbGciOiJIUzI1NiJ9.eyJhdWQiOiJodHRwOlwvXC9sb2NhbGhvc3Q6ODA4MCIsImlzcyI6Imh0d' . + 'HA6XC9cL2xvY2FsaG9zdDo4MDgwIiwiaWF0IjoxNDY0NTkzMTkzLCJleHAiOjE0NjQ1OTY3OTN9.DV' . + '8uwh0OQhBYXkrNvxwJeO-kEjb9MQeLr3-6GoHM7RY'; - try { - AccountIdentity::findIdentityByAccessToken($expiredToken); - } catch (Exception $e) { - expect($e)->isInstanceOf(UnauthorizedHttpException::class); - expect($e->getMessage())->equals('Token expired'); - return; - } + AccountIdentity::findIdentityByAccessToken($expiredToken); + } - expect('if test valid, this should not happened', false)->true(); - }); + /** + * @expectedException \yii\web\UnauthorizedHttpException + * @expectedExceptionMessage Incorrect token + */ + public function testFindIdentityByAccessTokenWithEmptyToken() { + AccountIdentity::findIdentityByAccessToken(''); } protected function generateToken() { @@ -53,6 +53,7 @@ class AccountIdentityTest extends DbTestCase { $component = Yii::$app->user; /** @var AccountIdentity $account */ $account = AccountIdentity::findOne($this->accounts['admin']['id']); + $token = $this->callProtected($component, 'createToken', $account); return $this->callProtected($component, 'serializeToken', $token);