diff --git a/api/modules/authserver/exceptions/IllegalArgumentException.php b/api/modules/authserver/exceptions/IllegalArgumentException.php index 11adfa6..898daee 100644 --- a/api/modules/authserver/exceptions/IllegalArgumentException.php +++ b/api/modules/authserver/exceptions/IllegalArgumentException.php @@ -3,8 +3,8 @@ namespace api\modules\authserver\exceptions; class IllegalArgumentException extends AuthserverException { - public function __construct($status = null, $message = null, $code = 0, \Exception $previous = null) { - parent::__construct(400, 'credentials can not be null.', $code, $previous); + public function __construct($message = 'credentials can not be null.') { + parent::__construct(400, $message); } } diff --git a/api/modules/authserver/models/AuthenticationForm.php b/api/modules/authserver/models/AuthenticationForm.php index aab29bd..b8c8921 100644 --- a/api/modules/authserver/models/AuthenticationForm.php +++ b/api/modules/authserver/models/AuthenticationForm.php @@ -5,6 +5,7 @@ use api\models\authentication\LoginForm; use api\models\base\ApiForm; use api\modules\authserver\exceptions\ForbiddenOperationException; use api\modules\authserver\Module as Authserver; +use api\modules\authserver\validators\ClientTokenValidator; use api\modules\authserver\validators\RequiredValidator; use common\helpers\Error as E; use common\models\Account; @@ -19,6 +20,7 @@ class AuthenticationForm extends ApiForm { public function rules() { return [ [['username', 'password', 'clientToken'], RequiredValidator::class], + [['clientToken'], ClientTokenValidator::class], ]; } diff --git a/api/modules/authserver/validators/ClientTokenValidator.php b/api/modules/authserver/validators/ClientTokenValidator.php new file mode 100644 index 0000000..8825b8f --- /dev/null +++ b/api/modules/authserver/validators/ClientTokenValidator.php @@ -0,0 +1,25 @@ + 255) { + throw new IllegalArgumentException('clientToken is too long.'); + } + + return null; + } + +} diff --git a/console/migrations/m180102_164624_increase_minecraft_access_keys_client_token_length.php b/console/migrations/m180102_164624_increase_minecraft_access_keys_client_token_length.php new file mode 100644 index 0000000..56c3fbd --- /dev/null +++ b/console/migrations/m180102_164624_increase_minecraft_access_keys_client_token_length.php @@ -0,0 +1,15 @@ +alterColumn('{{%minecraft_access_keys}}', 'client_token', $this->string()->notNull()); + } + + public function safeDown() { + $this->alterColumn('{{%minecraft_access_keys}}', 'client_token', $this->string(36)->notNull()); + } + +} diff --git a/tests/codeception/api/functional/authserver/AuthorizationCest.php b/tests/codeception/api/functional/authserver/AuthorizationCest.php index 626adb6..2b17c1e 100644 --- a/tests/codeception/api/functional/authserver/AuthorizationCest.php +++ b/tests/codeception/api/functional/authserver/AuthorizationCest.php @@ -75,6 +75,31 @@ class AuthorizationCest { $this->testSuccessResponse($I); } + public function longClientToken(FunctionalTester $I) { + $I->wantTo('send non uuid clientToken, but less then 255 characters'); + $this->route->authenticate([ + 'username' => 'admin@ely.by', + 'password' => 'password_0', + 'clientToken' => str_pad('', 255, 'x'), + ]); + $this->testSuccessResponse($I); + } + + public function tooLongClientToken(FunctionalTester $I) { + $I->wantTo('send non uuid clientToken with more then 255 characters length'); + $this->route->authenticate([ + 'username' => 'admin@ely.by', + 'password' => 'password_0', + 'clientToken' => str_pad('', 256, 'x'), + ]); + $I->canSeeResponseCodeIs(400); + $I->canSeeResponseIsJson(); + $I->canSeeResponseContainsJson([ + 'error' => 'IllegalArgumentException', + 'errorMessage' => 'clientToken is too long.', + ]); + } + public function wrongArguments(FunctionalTester $I) { $I->wantTo('get error on wrong amount of arguments'); $this->route->authenticate([