Заменил библиотеку для JWT токенов на свой форк с разнообразными исключениями, подрихтовал тесты для класса AccountIdentity

This commit is contained in:
ErickSkrauch 2016-07-27 16:17:41 +03:00
parent ed6bc672cb
commit d514ba620d
3 changed files with 32 additions and 32 deletions

View File

@ -3,15 +3,14 @@ namespace api\models;
use common\models\Account;
use Emarref\Jwt\Claim\JwtId;
use Emarref\Jwt\Exception\VerificationException;
use Emarref\Jwt\Token;
use Emarref\Jwt\Exception\ExpiredException;
use Yii;
use yii\base\NotSupportedException;
use yii\helpers\StringHelper;
use yii\web\IdentityInterface;
use yii\web\UnauthorizedHttpException;
class AccountIdentity extends Account implements IdentityInterface {
/**
* @inheritdoc
*/
@ -20,14 +19,10 @@ class AccountIdentity extends Account implements IdentityInterface {
$component = Yii::$app->user;
try {
$token = $component->parseToken($token);
} catch (VerificationException $e) {
if (StringHelper::startsWith($e->getMessage(), 'Token expired at')) {
$message = 'Token expired';
} else {
$message = 'Incorrect token';
}
throw new UnauthorizedHttpException($message);
} catch (ExpiredException $e) {
throw new UnauthorizedHttpException('Token expired');
} catch (\Exception $e) {
throw new UnauthorizedHttpException('Incorrect token');
}
// Если исключение выше не случилось, то значит всё оке

View File

@ -23,7 +23,7 @@
"guzzlehttp/guzzle": "^6.0.0",
"php-amqplib/php-amqplib": "~2.6.2",
"ely/yii2-tempmail-validator": "~1.0.0",
"emarref/jwt": "~1.0.0"
"emarref/jwt": "dev-master#1e4fdf731f9fdfbc5906659ef5384715197fd90b"
},
"require-dev": {
"yiisoft/yii2-codeception": "*",
@ -43,6 +43,10 @@
{
"type": "composer",
"url": "https://asset-packagist.org"
},
{
"type": "git",
"url": "git@github.com:erickskrauch/jwt.git"
}
],
"scripts": {

View File

@ -3,13 +3,11 @@ namespace codeception\api\unit\models;
use api\models\AccountIdentity;
use Codeception\Specify;
use Exception;
use tests\codeception\api\unit\DbTestCase;
use tests\codeception\common\_support\ProtectedCaller;
use tests\codeception\common\fixtures\AccountFixture;
use Yii;
use yii\web\IdentityInterface;
use yii\web\UnauthorizedHttpException;
/**
* @property AccountIdentity $accounts
@ -25,27 +23,29 @@ class AccountIdentityTest extends DbTestCase {
}
public function testFindIdentityByAccessToken() {
$this->specify('success validate passed jwt token', function() {
$identity = AccountIdentity::findIdentityByAccessToken($this->generateToken());
expect($identity)->isInstanceOf(IdentityInterface::class);
expect($identity->getId())->equals($this->accounts['admin']['id']);
});
$identity = AccountIdentity::findIdentityByAccessToken($this->generateToken());
$this->assertInstanceOf(IdentityInterface::class, $identity);
$this->assertEquals($this->accounts['admin']['id'], $identity->getId());
}
$this->specify('get unauthorized exception with "Token expired" message if token valid, but expire', function() {
$expiredToken = 'eyJhbGciOiJIUzI1NiJ9.eyJhdWQiOiJodHRwOlwvXC9sb2NhbGhvc3Q6ODA4MCIsImlzcyI6Imh0d' .
'HA6XC9cL2xvY2FsaG9zdDo4MDgwIiwiaWF0IjoxNDY0NTkzMTkzLCJleHAiOjE0NjQ1OTY3OTN9.DV' .
'8uwh0OQhBYXkrNvxwJeO-kEjb9MQeLr3-6GoHM7RY';
/**
* @expectedException \yii\web\UnauthorizedHttpException
* @expectedExceptionMessage Token expired
*/
public function testFindIdentityByAccessTokenWithExpiredToken() {
$expiredToken = 'eyJhbGciOiJIUzI1NiJ9.eyJhdWQiOiJodHRwOlwvXC9sb2NhbGhvc3Q6ODA4MCIsImlzcyI6Imh0d' .
'HA6XC9cL2xvY2FsaG9zdDo4MDgwIiwiaWF0IjoxNDY0NTkzMTkzLCJleHAiOjE0NjQ1OTY3OTN9.DV' .
'8uwh0OQhBYXkrNvxwJeO-kEjb9MQeLr3-6GoHM7RY';
try {
AccountIdentity::findIdentityByAccessToken($expiredToken);
} catch (Exception $e) {
expect($e)->isInstanceOf(UnauthorizedHttpException::class);
expect($e->getMessage())->equals('Token expired');
return;
}
AccountIdentity::findIdentityByAccessToken($expiredToken);
}
expect('if test valid, this should not happened', false)->true();
});
/**
* @expectedException \yii\web\UnauthorizedHttpException
* @expectedExceptionMessage Incorrect token
*/
public function testFindIdentityByAccessTokenWithEmptyToken() {
AccountIdentity::findIdentityByAccessToken('');
}
protected function generateToken() {
@ -53,6 +53,7 @@ class AccountIdentityTest extends DbTestCase {
$component = Yii::$app->user;
/** @var AccountIdentity $account */
$account = AccountIdentity::findOne($this->accounts['admin']['id']);
$token = $this->callProtected($component, 'createToken', $account);
return $this->callProtected($component, 'serializeToken', $token);