mirror of
https://github.com/elyby/accounts.git
synced 2025-05-31 14:11:46 +05:30
* start updating to PHP 8.3 * taking off! Co-authored-by: ErickSkrauch <erickskrauch@yandex.ru> Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * dropped this Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * migrate to symfonymailer Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * this is so stupid 😭 Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * ah, free, at last. Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * oh, Gabriel. Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * now dawns thy reckoning. Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * and thy gore shall GLISTEN before the temples of man. Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * creature of steel. Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * my gratitude upon thee for my freedom. Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * but the crimes thy kind has committed against humanity Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * Upgrade PHP-CS-Fixer and do fix the codebase * First review round (maybe I have broken something) * are NOT forgotten. Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * Enable parallel PHP-CS-Fixer runner * PHPStan level 1 * PHPStan level 2 * PHPStan level 3 * PHPStan level 4 * PHPStan level 5 * Levels 6 and 7 takes too much effort. Generate a baseline and fix them eventually * Resolve TODO's related to the php-mock * Drastically reduce baseline size with the Rector * More code modernization with help of the Rector * Update GitLab CI --------- Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> Co-authored-by: ErickSkrauch <erickskrauch@yandex.ru>
102 lines
5.0 KiB
PHP
102 lines
5.0 KiB
PHP
<?php
|
|
declare(strict_types=1);
|
|
|
|
namespace api\tests\unit\components\Tokens;
|
|
|
|
use api\components\Tokens\Component;
|
|
use api\tests\unit\TestCase;
|
|
use DateTimeImmutable;
|
|
use Generator;
|
|
use Lcobucci\JWT\Encoding\JoseEncoder;
|
|
use Lcobucci\JWT\Token;
|
|
use Lcobucci\JWT\Token\Parser;
|
|
use Lcobucci\JWT\UnencryptedToken;
|
|
use Yii;
|
|
|
|
class ComponentTest extends TestCase {
|
|
|
|
/**
|
|
* @var Component
|
|
*/
|
|
private Component $component;
|
|
|
|
public function testCreate(): void {
|
|
// Run without any arguments
|
|
$token = $this->component->create();
|
|
$this->assertSame('ES256', $token->headers()->get('alg'));
|
|
$this->assertEmpty(array_diff(array_keys($token->claims()->all()), ['iat', 'exp']));
|
|
$this->assertEqualsWithDelta(time(), $token->claims()->get('iat')->getTimestamp(), 1);
|
|
|
|
// Pass exp claim
|
|
$time = time() + 60;
|
|
$token = $this->component->create(['exp' => new DateTimeImmutable("@{$time}", null)]);
|
|
$this->assertSame($time, $token->claims()->get('exp')->getTimestamp());
|
|
|
|
// Pass custom payloads
|
|
$token = $this->component->create(['find' => 'me']);
|
|
$this->assertArrayHasKey('find', $token->claims()->all());
|
|
$this->assertSame('me', $token->claims()->get('find'));
|
|
|
|
// Pass custom headers
|
|
$token = $this->component->create([], ['find' => 'me']);
|
|
$this->assertArrayHasKey('find', $token->headers()->all());
|
|
$this->assertSame('me', $token->headers()->get('find'));
|
|
}
|
|
|
|
public function testParse(): void {
|
|
/*TODO fix
|
|
// Valid token signed with ES256
|
|
$token = $this->component->parse('eyJhbGciOiJFUzI1NiJ9.eyJlbHktc2NvcGVzIjoiYWNjb3VudHNfd2ViX3VzZXIiLCJpYXQiOjE1NjQ1Mjc0NzYsImV4cCI6MTU2NDUzMTA3Niwic3ViIjoiZWx5fDEiLCJqdGkiOjMwNjk1OTJ9.M8Kam9bv0BXui3k7Posq_vc0I95Kb_Tw7L2vPdEPlwsHqh1VJHoWtlQc32_SlsotttL7j6RYbffBkRFX2wDGFQ');
|
|
$this->assertValidParsedToken($token, 'ES256');
|
|
|
|
// Valid token signed with ES256, but the signature is invalid
|
|
$token = $this->component->parse('eyJhbGciOiJFUzI1NiJ9.eyJlbHktc2NvcGVzIjoiYWNjb3VudHNfd2ViX3VzZXIiLCJpYXQiOjE1NjQ1Mjc0NzYsImV4cCI6MTU2NDUzMTA3Niwic3ViIjoiZWx5fDEiLCJqdGkiOjMwNjk1OTJ9.xxx');
|
|
$this->assertValidParsedToken($token, 'ES256');
|
|
|
|
// Completely invalid token
|
|
$this->expectException(CannotDecodeContent::class);
|
|
$this->component->parse('How do you tame a horse in Minecraft?');*/
|
|
}
|
|
|
|
/**
|
|
* @dataProvider getVerifyCases
|
|
*/
|
|
public function testVerify(Token $token, bool $shouldBeValid): void {
|
|
$this->assertSame($shouldBeValid, $this->component->verify($token));
|
|
}
|
|
|
|
public static function getVerifyCases(): Generator {
|
|
$parser = new Parser(new JoseEncoder());
|
|
yield 'ES256' => [
|
|
$parser->parse('eyJhbGciOiJFUzI1NiJ9.eyJlbHktc2NvcGVzIjoiYWNjb3VudHNfd2ViX3VzZXIiLCJpYXQiOjE1NjQ1Mjc0NzYsImV4cCI6MTU2NDUzMTA3Niwic3ViIjoiZWx5fDEiLCJqdGkiOjMwNjk1OTJ9.M8Kam9bv0BXui3k7Posq_vc0I95Kb_Tw7L2vPdEPlwsHqh1VJHoWtlQc32_SlsotttL7j6RYbffBkRFX2wDGFQ'),
|
|
true,
|
|
];
|
|
/* TODO fix yield 'ES256 with an invalid signature' => [
|
|
$parser->parse('eyJhbGciOiJFUzI1NiJ9.eyJlbHktc2NvcGVzIjoiYWNjb3VudHNfd2ViX3VzZXIiLCJpYXQiOjE1NjQ1Mjc0NzYsImV4cCI6MTU2NDUzMTA3Niwic3ViIjoiZWx5fDEiLCJqdGkiOjMwNjk1OTJ9.xxx'),
|
|
false,
|
|
];
|
|
yield 'RS256 (unsupported)' => [
|
|
$parser->parse('eyJhbGciOiJSUzI1NiJ9.eyJlbHktc2NvcGVzIjoiYWNjb3VudHNfd2ViX3VzZXIiLCJpYXQiOjE1NjQ1Mjc0NzYsImV4cCI6MTU2NDUzMTA3Niwic3ViIjoiZWx5fDEiLCJqdGkiOjMwNjk1OTJ9.t3c68OMaoWWXxNFuz6SW-RfNmCOwAagyPSedbzJ1K3gR3bY5C8PRP6IEyE-OQvAcSFQcake0brsa4caXAmVlU0c3jQxpjk0bl4fBMd-InpGCoo42G89lgAY-dqWeJqokRORCpUL5Mzptbm5fNDlCrnNhI_6EmQygL3WXh1uorCbcxxO-Lb2Nr7Sge7GV0t24-I61I7ErrFL2ZC9ybSi6V8pdhFZlfO6MSUM0ASyRN994sVmcQEZHDiQFP7zj79zoAFamfYe8JBFAGtC-p4LeVYjrw052VahNXyRuGLxW7y1gX-znpyx0T-7lgKSWVxhJ6k3qt5qT33utdC76w1vihEdYinpEE3VbTMN01bxAFpyDbK11R49FCwCKStPjw_wdoLZChx_zob95yVU6IUCJwPYVc4SBtrAPV0uVe3mL3Gzgtr6MkhJAF3diFevTLGfnOOCAWwhdjVs10VWqcajBwvfFlm_Yw5MYZnetEECqumqFEr_u6CdRxtx0gCiPReDG8XwYHt0EqEw-LoRqxGWp5zqfud7f0DWv6cXlLbnKsB8XQh8EqnKblvNCFilXJIgfknCZ34PAob1pUkXO1geMLw4b8NUnKta1D3ad3AxGW5CEmOjWzEhzMOxIgnouU2ZVtWFDrPVs12Q4494BxTvGKXrG2cT6TK18-XY26DllglY'),
|
|
false,
|
|
];*/
|
|
}
|
|
|
|
protected function _setUp(): void {
|
|
parent::_setUp();
|
|
$this->component = Yii::$app->tokens;
|
|
}
|
|
|
|
/**
|
|
* @phpstan-ignore method.unused (will become used once tests be fixed)
|
|
*/
|
|
private function assertValidParsedToken(UnencryptedToken $token, string $expectedAlg): void {
|
|
$this->assertSame($expectedAlg, $token->headers()->get('alg'));
|
|
$this->assertSame(1564527476, $token->claims()->get('iat')->getTimestamp());
|
|
$this->assertSame(1564531076, $token->claims()->get('exp')->getTimestamp());
|
|
$this->assertSame('ely|1', $token->claims()->get('sub'));
|
|
$this->assertSame(3069592, (int)$token->claims()->get('jti'));
|
|
$this->assertSame('accounts_web_user', $token->claims()->get('ely-scopes'));
|
|
}
|
|
|
|
}
|