1
|
|
|
<?php |
2
|
|
|
|
3
|
|
|
/* |
4
|
|
|
* This file is part of the SecurityApiBundle package. |
5
|
|
|
* |
6
|
|
|
* For the full copyright and license information, please view the LICENSE |
7
|
|
|
* file that was distributed with this source code. |
8
|
|
|
*/ |
9
|
|
|
|
10
|
|
|
namespace OsLab\SecurityApiBundle\Tests\Security\Authentication; |
11
|
|
|
|
12
|
|
|
use OsLab\SecurityApiBundle\Security\Authentication\SimplePreAuthenticator; |
13
|
|
|
use OsLab\SecurityApiBundle\Security\User\InMemoryApiUserProvider; |
14
|
|
|
use Symfony\Component\HttpFoundation\HeaderBag; |
15
|
|
|
use Symfony\Component\HttpFoundation\Request; |
16
|
|
|
use Symfony\Component\HttpFoundation\ParameterBag; |
17
|
|
|
use Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken; |
18
|
|
|
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException; |
19
|
|
|
use Symfony\Component\Security\Core\Exception\AccessDeniedException; |
20
|
|
|
use Symfony\Component\Security\Core\User\User; |
21
|
|
|
use Symfony\Component\Security\Core\User\UserProviderInterface; |
22
|
|
|
|
23
|
|
|
/** |
24
|
|
|
* Class SimplePreAuthenticatorTest |
25
|
|
|
* |
26
|
|
|
* @author Michael COULLERET <[email protected]> |
27
|
|
|
* @author Florent DESPIERRES <[email protected]> |
28
|
|
|
*/ |
29
|
|
|
class SimplePreAuthenticatorTest extends \PHPUnit_Framework_TestCase |
30
|
|
|
{ |
31
|
|
|
protected $users; |
32
|
|
|
|
33
|
|
|
public function setUp() |
34
|
|
|
{ |
35
|
|
|
$this->users = [ |
36
|
|
|
'user' => new User('abc', 'def'), |
37
|
|
|
]; |
38
|
|
|
} |
39
|
|
|
|
40
|
|
|
public function testCreateWithInvalidKeyNameTokenAccessDeniedException() |
41
|
|
|
{ |
42
|
|
|
$this->expectException(AccessDeniedException::class); |
43
|
|
|
|
44
|
|
|
$simplePreAuthenticator = new SimplePreAuthenticator('keyName', 'POST'); |
45
|
|
|
$simplePreAuthenticator->createToken(new Request(), 'providerKey'); |
46
|
|
|
} |
47
|
|
|
|
48
|
|
View Code Duplication |
public function testCreateWithHeaderKey() |
|
|
|
|
49
|
|
|
{ |
50
|
|
|
$request = new Request(); |
51
|
|
|
$headerBag = new HeaderBag(); |
52
|
|
|
$headerBag->add(['keyName' => 'abcd']); |
53
|
|
|
$request->headers = $headerBag; |
54
|
|
|
|
55
|
|
|
$simplePreAuthenticator = new SimplePreAuthenticator('keyName', 'header'); |
56
|
|
|
$simplePreAuthenticator->createToken($request, $this->anything()); |
57
|
|
|
|
58
|
|
|
$this->isInstanceOf(SimplePreAuthenticator::class); |
59
|
|
|
} |
60
|
|
|
|
61
|
|
View Code Duplication |
public function testCreateWithQueryKey() |
|
|
|
|
62
|
|
|
{ |
63
|
|
|
$request = new Request(); |
64
|
|
|
$parameterBag = new ParameterBag(); |
65
|
|
|
$parameterBag->add(['keyName' => 'abcd']); |
66
|
|
|
$request->query = $parameterBag; |
67
|
|
|
|
68
|
|
|
$simplePreAuthenticator = new SimplePreAuthenticator('keyName', 'query'); |
69
|
|
|
$simplePreAuthenticator->createToken($request, $this->anything()); |
70
|
|
|
|
71
|
|
|
$this->isInstanceOf(SimplePreAuthenticator::class); |
72
|
|
|
} |
73
|
|
|
|
74
|
|
View Code Duplication |
public function testSupportsTokenNotIsValid() |
|
|
|
|
75
|
|
|
{ |
76
|
|
|
$token = new PreAuthenticatedToken('user', 'credentials', 'xxxx'); |
77
|
|
|
|
78
|
|
|
$simplePreAuthenticator = new SimplePreAuthenticator('keyName', 'header'); |
79
|
|
|
$supportsToken = $simplePreAuthenticator->supportsToken($token, 'abcd'); |
80
|
|
|
|
81
|
|
|
$this->assertFalse($supportsToken); |
82
|
|
|
} |
83
|
|
|
|
84
|
|
View Code Duplication |
public function testSupportsTokenIsValid() |
|
|
|
|
85
|
|
|
{ |
86
|
|
|
$token = new PreAuthenticatedToken('user', 'credentials', 'abcd'); |
87
|
|
|
|
88
|
|
|
$simplePreAuthenticator = new SimplePreAuthenticator('keyName', 'header'); |
89
|
|
|
$supportsToken = $simplePreAuthenticator->supportsToken($token, 'abcd'); |
90
|
|
|
|
91
|
|
|
$this->assertTrue($supportsToken); |
92
|
|
|
} |
93
|
|
|
|
94
|
|
View Code Duplication |
public function testAuthenticateTokenInvalidArgumentException() |
|
|
|
|
95
|
|
|
{ |
96
|
|
|
$this->expectException(\InvalidArgumentException::class); |
97
|
|
|
|
98
|
|
|
$token = new PreAuthenticatedToken('user', 'credentials', 'abcd'); |
99
|
|
|
$userProvider = $this->getMockBuilder(UserProviderInterface::class)->getMock(); |
100
|
|
|
|
101
|
|
|
$simplePreAuthenticator = new SimplePreAuthenticator('keyName', 'header'); |
102
|
|
|
$simplePreAuthenticator->authenticateToken($token, $userProvider, 'oslab'); |
103
|
|
|
} |
104
|
|
|
|
105
|
|
View Code Duplication |
public function testAuthenticateTokenUsernameNotFoundException() |
|
|
|
|
106
|
|
|
{ |
107
|
|
|
$this->expectException(UsernameNotFoundException::class); |
108
|
|
|
|
109
|
|
|
$token = new PreAuthenticatedToken('user', 'credentials', 'abcd'); |
110
|
|
|
$userProvider = new InMemoryApiUserProvider(); |
111
|
|
|
|
112
|
|
|
$simplePreAuthenticator = new SimplePreAuthenticator('keyName', 'header'); |
113
|
|
|
$simplePreAuthenticator->authenticateToken($token, $userProvider, 'oslab'); |
114
|
|
|
} |
115
|
|
|
|
116
|
|
|
public function testAuthenticateToken() |
117
|
|
|
{ |
118
|
|
|
$token = $this->getMockBuilder(PreAuthenticatedToken::class)->disableOriginalConstructor()->getMock(); |
119
|
|
|
$token->expects($this->once()) |
120
|
|
|
->method('getCredentials') |
121
|
|
|
->will($this->returnValue('abc')) |
122
|
|
|
; |
123
|
|
|
|
124
|
|
|
$userProvider = $this->getMockBuilder(InMemoryApiUserProvider::class)->getMock(); |
125
|
|
|
$userProvider->expects($this->once()) |
126
|
|
|
->method('getUsernameByApiKey') |
127
|
|
|
->will($this->returnValue('abcdef')) |
128
|
|
|
; |
129
|
|
|
|
130
|
|
|
$userProvider->expects($this->once()) |
131
|
|
|
->method('loadUserByUsername') |
132
|
|
|
->will($this->returnValue(new User('abc', 'def'))) |
133
|
|
|
; |
134
|
|
|
|
135
|
|
|
$simplePreAuthenticator = new SimplePreAuthenticator('keyName', 'header'); |
136
|
|
|
$preAuthenticatedToken = $simplePreAuthenticator->authenticateToken($token, $userProvider, 'oslab'); |
|
|
|
|
137
|
|
|
} |
138
|
|
|
} |
139
|
|
|
|
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.