mirror of
https://github.com/elyby/accounts.git
synced 2024-12-24 14:19:49 +05:30
Fixes ACCOUNTS-37R
This commit is contained in:
parent
120057b66c
commit
e3a99f04fe
@ -3,8 +3,8 @@ namespace api\modules\authserver\exceptions;
|
|||||||
|
|
||||||
class IllegalArgumentException extends AuthserverException {
|
class IllegalArgumentException extends AuthserverException {
|
||||||
|
|
||||||
public function __construct($status = null, $message = null, $code = 0, \Exception $previous = null) {
|
public function __construct($message = 'credentials can not be null.') {
|
||||||
parent::__construct(400, 'credentials can not be null.', $code, $previous);
|
parent::__construct(400, $message);
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -5,6 +5,7 @@ use api\models\authentication\LoginForm;
|
|||||||
use api\models\base\ApiForm;
|
use api\models\base\ApiForm;
|
||||||
use api\modules\authserver\exceptions\ForbiddenOperationException;
|
use api\modules\authserver\exceptions\ForbiddenOperationException;
|
||||||
use api\modules\authserver\Module as Authserver;
|
use api\modules\authserver\Module as Authserver;
|
||||||
|
use api\modules\authserver\validators\ClientTokenValidator;
|
||||||
use api\modules\authserver\validators\RequiredValidator;
|
use api\modules\authserver\validators\RequiredValidator;
|
||||||
use common\helpers\Error as E;
|
use common\helpers\Error as E;
|
||||||
use common\models\Account;
|
use common\models\Account;
|
||||||
@ -19,6 +20,7 @@ class AuthenticationForm extends ApiForm {
|
|||||||
public function rules() {
|
public function rules() {
|
||||||
return [
|
return [
|
||||||
[['username', 'password', 'clientToken'], RequiredValidator::class],
|
[['username', 'password', 'clientToken'], RequiredValidator::class],
|
||||||
|
[['clientToken'], ClientTokenValidator::class],
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
25
api/modules/authserver/validators/ClientTokenValidator.php
Normal file
25
api/modules/authserver/validators/ClientTokenValidator.php
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
<?php
|
||||||
|
namespace api\modules\authserver\validators;
|
||||||
|
|
||||||
|
use api\modules\authserver\exceptions\IllegalArgumentException;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Максимальная длина clientToken для нашей базы данных составляет 255.
|
||||||
|
* После этого мы не принимаем указанный токен
|
||||||
|
*/
|
||||||
|
class ClientTokenValidator extends \yii\validators\RequiredValidator {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param string $value
|
||||||
|
* @return null
|
||||||
|
* @throws \api\modules\authserver\exceptions\AuthserverException
|
||||||
|
*/
|
||||||
|
protected function validateValue($value) {
|
||||||
|
if (mb_strlen($value) > 255) {
|
||||||
|
throw new IllegalArgumentException('clientToken is too long.');
|
||||||
|
}
|
||||||
|
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
@ -0,0 +1,15 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
use console\db\Migration;
|
||||||
|
|
||||||
|
class m180102_164624_increase_minecraft_access_keys_client_token_length extends Migration {
|
||||||
|
|
||||||
|
public function safeUp() {
|
||||||
|
$this->alterColumn('{{%minecraft_access_keys}}', 'client_token', $this->string()->notNull());
|
||||||
|
}
|
||||||
|
|
||||||
|
public function safeDown() {
|
||||||
|
$this->alterColumn('{{%minecraft_access_keys}}', 'client_token', $this->string(36)->notNull());
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
@ -75,6 +75,31 @@ class AuthorizationCest {
|
|||||||
$this->testSuccessResponse($I);
|
$this->testSuccessResponse($I);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function longClientToken(FunctionalTester $I) {
|
||||||
|
$I->wantTo('send non uuid clientToken, but less then 255 characters');
|
||||||
|
$this->route->authenticate([
|
||||||
|
'username' => 'admin@ely.by',
|
||||||
|
'password' => 'password_0',
|
||||||
|
'clientToken' => str_pad('', 255, 'x'),
|
||||||
|
]);
|
||||||
|
$this->testSuccessResponse($I);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function tooLongClientToken(FunctionalTester $I) {
|
||||||
|
$I->wantTo('send non uuid clientToken with more then 255 characters length');
|
||||||
|
$this->route->authenticate([
|
||||||
|
'username' => 'admin@ely.by',
|
||||||
|
'password' => 'password_0',
|
||||||
|
'clientToken' => str_pad('', 256, 'x'),
|
||||||
|
]);
|
||||||
|
$I->canSeeResponseCodeIs(400);
|
||||||
|
$I->canSeeResponseIsJson();
|
||||||
|
$I->canSeeResponseContainsJson([
|
||||||
|
'error' => 'IllegalArgumentException',
|
||||||
|
'errorMessage' => 'clientToken is too long.',
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
|
||||||
public function wrongArguments(FunctionalTester $I) {
|
public function wrongArguments(FunctionalTester $I) {
|
||||||
$I->wantTo('get error on wrong amount of arguments');
|
$I->wantTo('get error on wrong amount of arguments');
|
||||||
$this->route->authenticate([
|
$this->route->authenticate([
|
||||||
|
Loading…
Reference in New Issue
Block a user