Completed
Push — master ( 178a08...5c0b6f )
by Oleg
05:22
created

TokenMiddlewareTest::test_Success_Proxy()   A

Complexity

Conditions 1
Paths 1

Size

Total Lines 30

Duplication

Lines 0
Ratio 0 %

Importance

Changes 0
Metric Value
dl 0
loc 30
rs 9.44
c 0
b 0
f 0
cc 1
nc 1
nop 0
1
<?php
2
declare(strict_types=1);
3
4
namespace DataFlow\Tests\Unit\Authentication\Middleware;
5
6
use Doctrine\Common\Collections\ArrayCollection;
7
use Doctrine\ORM\EntityManager;
8
use Prophecy\Argument;
9
use Prophecy\Prophecy\ObjectProphecy;
10
use Psr\Http\Server\RequestHandlerInterface;
11
use SlayerBirden\DataFlowServer\Authentication\Entities\Grant;
12
use SlayerBirden\DataFlowServer\Authentication\Entities\Token;
13
use SlayerBirden\DataFlowServer\Authentication\Middleware\TokenMiddleware;
14
use SlayerBirden\DataFlowServer\Domain\Entities\User;
15
use SlayerBirden\DataFlowServer\Notification\MessageInterface;
16
use Zend\Diactoros\Response\JsonResponse;
17
use Zend\Diactoros\ServerRequest;
18
use Zend\Expressive\Router\RouteResult;
19
20
/**
21
 * @codingStandardsIgnoreFile
22
 */
23
class TokenMiddlewareTest extends \Codeception\Test\Unit
0 ignored issues
show
Complexity introduced by
The class TokenMiddlewareTest has a coupling between objects value of 15. Consider to reduce the number of dependencies under 13.
Loading history...
24
{
25
    /**
26
     * @var TokenMiddleware
27
     */
28
    private $tokenMiddleware;
29
    /**
30
     * @var ObjectProphecy
31
     */
32
    private $em;
0 ignored issues
show
Comprehensibility introduced by
Avoid variables with short names like $em. Configured minimum length is 3.

Short variable names may make your code harder to understand. Variable names should be self-descriptive. This check looks for variable names who are shorter than a configured minimum.

Loading history...
33
    /**
34
     * @var ObjectProphecy
35
     */
36
    private $requestHandler;
37
38
39
    protected function setUp()
40
    {
41
        $this->em = $this->prophesize(EntityManager::class);
42
        $this->tokenMiddleware = new TokenMiddleware($this->em->reveal());
43
        $this->requestHandler = $this->prophesize(RequestHandlerInterface::class);
44
    }
45
46
    public function test_Success_Proxy()
47
    {
48
        $request = new ServerRequest();
49
50
        $token = new Token();
51
        $token->setActive(true);
52
        $token->setDue(new \DateTime('+1 day'));
53
        $grant = new Grant();
54
        $grant->setResource('test');
55
        $token->setGrants(new ArrayCollection([$grant]));
56
        $token->setOwner(new User());
57
58
        $repo = $this->prophesize(\Doctrine\ORM\EntityRepository::class);
59
        $this->em->getRepository(Argument::any())->willReturn($repo->reveal());
60
        $collection = $this->prophesize(\Doctrine\Common\Collections\Collection::class);
61
        $repo->matching(Argument::any())->willReturn($collection->reveal());
62
        $collection->count()->willReturn(1);
63
        $collection->first()->willReturn($token);
64
65
        $this->requestHandler->handle(Argument::type(ServerRequest::class))->shouldBeCalled();
66
67
        $routeResult = $this->prophesize(RouteResult::class);
68
        $routeResult->getMatchedRouteName()->willReturn('test');
69
70
        $this->tokenMiddleware->process(
71
            $request->withHeader('Authorization', 'Bearer XXX')
72
                    ->withAttribute(RouteResult::class, $routeResult->reveal()),
73
            $this->requestHandler->reveal()
74
        );
75
    }
76
77
    public function test_Success_Proxy_No_ACL()
78
    {
79
        $request = new ServerRequest();
80
81
        $token = new Token();
82
        $token->setActive(true);
83
        $token->setDue(new \DateTime('+1 day'));
84
85
        $repo = $this->prophesize(\Doctrine\ORM\EntityRepository::class);
86
        $this->em->getRepository(Argument::any())->willReturn($repo->reveal());
87
        $collection = $this->prophesize(\Doctrine\Common\Collections\Collection::class);
88
        $repo->matching(Argument::any())->willReturn($collection->reveal());
89
        $collection->count()->willReturn(1);
90
        $collection->first()->willReturn($token);
91
92
        $this->requestHandler->handle(Argument::type(ServerRequest::class))->shouldBeCalled();
93
94
        $this->tokenMiddleware->process(
95
            $request->withHeader('Authorization', 'Bearer XXX'),
96
            $this->requestHandler->reveal()
97
        );
98
    }
99
100
    public function test_Empty_Authorization_Header()
101
    {
102
        $request = new ServerRequest();
103
104
        /** @var JsonResponse $response */
105
        $response = $this->tokenMiddleware->process(
106
            $request,
107
            $this->requestHandler->reveal()
108
        );
109
110
        /** @var MessageInterface $message */
111
        $message = $response->getPayload()['msg'];
112
        $this->assertSame(401, $response->getStatusCode());
113
        $this->assertSame('Empty Authorization header. Access denied.', $message->getMessage());
114
    }
115
116
    public function test_Can_Not_Find_Token()
117
    {
118
        $request = new ServerRequest();
119
120
        $token = new Token();
121
        $token->setActive(true);
122
        $token->setDue(new \DateTime('+1 day'));
123
124
        $repo = $this->prophesize(\Doctrine\ORM\EntityRepository::class);
125
        $this->em->getRepository(Argument::any())->willReturn($repo->reveal());
126
        $collection = $this->prophesize(\Doctrine\Common\Collections\Collection::class);
127
        $repo->matching(Argument::any())->willReturn($collection->reveal());
128
        $collection->count()->willReturn(0);
129
130
        /** @var JsonResponse $response */
131
        $response = $this->tokenMiddleware->process(
132
            $request->withHeader('Authorization', 'Bearer XXX'),
133
            $this->requestHandler->reveal()
134
        );
135
136
        /** @var MessageInterface $message */
137
        $message = $response->getPayload()['msg'];
138
        $this->assertSame(401, $response->getStatusCode());
139
        $this->assertSame('Token is absent or invalid. Access denied.', $message->getMessage());
140
    }
141
142
    public function test_Token_Inactive()
143
    {
144
        $request = new ServerRequest();
145
146
        $token = new Token();
147
        $token->setActive(false);
148
        $token->setDue(new \DateTime('+1 day'));
149
150
        $repo = $this->prophesize(\Doctrine\ORM\EntityRepository::class);
151
        $this->em->getRepository(Argument::any())->willReturn($repo->reveal());
152
        $collection = $this->prophesize(\Doctrine\Common\Collections\Collection::class);
153
        $repo->matching(Argument::any())->willReturn($collection->reveal());
154
        $collection->count()->willReturn(1);
155
        $collection->first()->willReturn($token);
156
157
        /** @var JsonResponse $response */
158
        $response = $this->tokenMiddleware->process(
159
            $request->withHeader('Authorization', 'Bearer XXX'),
160
            $this->requestHandler->reveal()
161
        );
162
163
        /** @var MessageInterface $message */
164
        $message = $response->getPayload()['msg'];
165
        $this->assertSame(401, $response->getStatusCode());
166
        $this->assertSame('Token is absent or invalid. Access denied.', $message->getMessage());
167
    }
168
169
    public function test_Token_Expired()
170
    {
171
        $request = new ServerRequest();
172
173
        $token = new Token();
174
        $token->setActive(true);
175
        $token->setDue(new \DateTime('-1 day'));
176
177
        $repo = $this->prophesize(\Doctrine\ORM\EntityRepository::class);
178
        $this->em->getRepository(Argument::any())->willReturn($repo->reveal());
179
        $collection = $this->prophesize(\Doctrine\Common\Collections\Collection::class);
180
        $repo->matching(Argument::any())->willReturn($collection->reveal());
181
        $collection->count()->willReturn(1);
182
        $collection->first()->willReturn($token);
183
184
        /** @var JsonResponse $response */
185
        $response = $this->tokenMiddleware->process(
186
            $request->withHeader('Authorization', 'Bearer XXX'),
187
            $this->requestHandler->reveal()
188
        );
189
190
        /** @var MessageInterface $message */
191
        $message = $response->getPayload()['msg'];
192
        $this->assertSame(401, $response->getStatusCode());
193
        $this->assertSame('Token is absent or invalid. Access denied.', $message->getMessage());
194
    }
195
196
    public function test_Access_Not_Granted()
197
    {
198
        $request = new ServerRequest();
199
200
        $token = new Token();
201
        $token->setActive(true);
202
        $token->setDue(new \DateTime('+1 day'));
203
        $grant = new Grant();
204
        $grant->setResource('test2');
205
        $token->setGrants(new ArrayCollection([$grant]));
206
207
        $repo = $this->prophesize(\Doctrine\ORM\EntityRepository::class);
208
        $this->em->getRepository(Argument::any())->willReturn($repo->reveal());
209
        $collection = $this->prophesize(\Doctrine\Common\Collections\Collection::class);
210
        $repo->matching(Argument::any())->willReturn($collection->reveal());
211
        $collection->count()->willReturn(1);
212
        $collection->first()->willReturn($token);
213
214
        $routeResult = $this->prophesize(RouteResult::class);
215
        $routeResult->getMatchedRouteName()->willReturn('test');
216
217
        /** @var JsonResponse $response */
218
        $response = $this->tokenMiddleware->process(
219
            $request->withHeader('Authorization', 'Bearer XXX')
220
                ->withAttribute(RouteResult::class, $routeResult->reveal()),
221
            $this->requestHandler->reveal()
222
        );
223
224
        /** @var MessageInterface $message */
225
        $message = $response->getPayload()['msg'];
226
        $this->assertSame(403, $response->getStatusCode());
227
        $this->assertSame('The permission to resource is not granted.', $message->getMessage());
228
    }
229
}
230