Fixes ACCOUNTS-37R

This commit is contained in:
ErickSkrauch 2018-01-02 20:22:56 +03:00
parent 120057b66c
commit e3a99f04fe
5 changed files with 69 additions and 2 deletions

View File

@ -3,8 +3,8 @@ namespace api\modules\authserver\exceptions;
class IllegalArgumentException extends AuthserverException { class IllegalArgumentException extends AuthserverException {
public function __construct($status = null, $message = null, $code = 0, \Exception $previous = null) { public function __construct($message = 'credentials can not be null.') {
parent::__construct(400, 'credentials can not be null.', $code, $previous); parent::__construct(400, $message);
} }
} }

View File

@ -5,6 +5,7 @@ use api\models\authentication\LoginForm;
use api\models\base\ApiForm; use api\models\base\ApiForm;
use api\modules\authserver\exceptions\ForbiddenOperationException; use api\modules\authserver\exceptions\ForbiddenOperationException;
use api\modules\authserver\Module as Authserver; use api\modules\authserver\Module as Authserver;
use api\modules\authserver\validators\ClientTokenValidator;
use api\modules\authserver\validators\RequiredValidator; use api\modules\authserver\validators\RequiredValidator;
use common\helpers\Error as E; use common\helpers\Error as E;
use common\models\Account; use common\models\Account;
@ -19,6 +20,7 @@ class AuthenticationForm extends ApiForm {
public function rules() { public function rules() {
return [ return [
[['username', 'password', 'clientToken'], RequiredValidator::class], [['username', 'password', 'clientToken'], RequiredValidator::class],
[['clientToken'], ClientTokenValidator::class],
]; ];
} }

View File

@ -0,0 +1,25 @@
<?php
namespace api\modules\authserver\validators;
use api\modules\authserver\exceptions\IllegalArgumentException;
/**
* Максимальная длина clientToken для нашей базы данных составляет 255.
* После этого мы не принимаем указанный токен
*/
class ClientTokenValidator extends \yii\validators\RequiredValidator {
/**
* @param string $value
* @return null
* @throws \api\modules\authserver\exceptions\AuthserverException
*/
protected function validateValue($value) {
if (mb_strlen($value) > 255) {
throw new IllegalArgumentException('clientToken is too long.');
}
return null;
}
}

View File

@ -0,0 +1,15 @@
<?php
use console\db\Migration;
class m180102_164624_increase_minecraft_access_keys_client_token_length extends Migration {
public function safeUp() {
$this->alterColumn('{{%minecraft_access_keys}}', 'client_token', $this->string()->notNull());
}
public function safeDown() {
$this->alterColumn('{{%minecraft_access_keys}}', 'client_token', $this->string(36)->notNull());
}
}

View File

@ -75,6 +75,31 @@ class AuthorizationCest {
$this->testSuccessResponse($I); $this->testSuccessResponse($I);
} }
public function longClientToken(FunctionalTester $I) {
$I->wantTo('send non uuid clientToken, but less then 255 characters');
$this->route->authenticate([
'username' => 'admin@ely.by',
'password' => 'password_0',
'clientToken' => str_pad('', 255, 'x'),
]);
$this->testSuccessResponse($I);
}
public function tooLongClientToken(FunctionalTester $I) {
$I->wantTo('send non uuid clientToken with more then 255 characters length');
$this->route->authenticate([
'username' => 'admin@ely.by',
'password' => 'password_0',
'clientToken' => str_pad('', 256, 'x'),
]);
$I->canSeeResponseCodeIs(400);
$I->canSeeResponseIsJson();
$I->canSeeResponseContainsJson([
'error' => 'IllegalArgumentException',
'errorMessage' => 'clientToken is too long.',
]);
}
public function wrongArguments(FunctionalTester $I) { public function wrongArguments(FunctionalTester $I) {
$I->wantTo('get error on wrong amount of arguments'); $I->wantTo('get error on wrong amount of arguments');
$this->route->authenticate([ $this->route->authenticate([