AuthenticatorTest::testProtectedRouteWithQueryToken() - Code Metrics - Inspection of "Reworked config" - thecatontheflat/atlassian-connect-bundle - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Pull Request — master (#61)

by Matthieu

created 2021-12-14 08:18 UTC

testProtectedRouteWithQueryToken() A

↳ Parent: AuthenticatorTest

Complexity

Conditions	1
Paths	1

Size

Total Lines	6
Code Lines	3

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	1
eloc	3
nc	1
nop	0
dl	0
loc	6
rs	10
c	0
b	0
f	0

<?php declare(strict_types = 1);

namespace AtlassianConnectBundle\Tests\Functional;

use AtlassianConnectBundle\Service\QSHGenerator;
use Firebase\JWT\JWT;

/**
 * Class AuthenticatorTest
 *
 * Tests JWTAuthenticator and LegacyJWTAuthenticator
 */
final class AuthenticatorTest extends AbstractWebTestCase
{
    /**
     * test a protected route without any authentication headers
     * also test the entry point response
     */
    public function testProtectedRouteWithoutAuthentication(): void
    {
        $client = self::createClient();

        $client->request('GET', '/protected/route');

        $this->assertResponseStatusCodeSame(401);
        $this->assertSame('Authentication header required', $client->getResponse()->getContent());
    }

    /**
     * test authentication with bearer endpoint
     */
    public function testProtectedRouteWithBearerToken(): void
    {
        $client = self::createClient([], ['HTTP_AUTHORIZATION' => 'Bearer '.$this->getTenantJWTCode()]);

        $client->request('GET', '/protected/route');
        $this->assertResponseIsSuccessful();
    }

    /**
     * test authentication with jwt endpoint
     */
    public function testProtectedRouteWithQueryToken(): void
    {
        $client = self::createClient();

        $client->request('GET', '/protected/route?jwt='.$this->getTenantJWTCode());
        $this->assertResponseIsSuccessful();
    }

    /**
     * test authentication in dev mode
     */
    public function testProtectedRouteInDevEnvironment(): void
    {
        $client = self::createClient(['environment' => 'dev']);

        $client->request('GET', '/protected/route');
        $this->assertResponseIsSuccessful();
    }

    /**
     * test authentication with invalid jwt token
     */
    public function testProtectedRouteWithInvalidJWTToken(): void
    {
        $client = self::createClient();

        $client->request('GET', '/protected/route?jwt=invalid');
        $this->assertResponseStatusCodeSame(403);
        $this->assertEquals('Authentication Failed: Failed to parse token', $client->getResponse()->getContent());
    }

    /**
     * @return string
     */
    public function getTenantJWTCode(): string
    {
        return JWT::encode([
            'iss' => 'client_key',
            'iat' => \time(),
            'exp' => \strtotime('+1 day'),
            'qsh' => QSHGenerator::generate('/protected_route', 'GET'),
            'sub' => 'admin',
        ], 'shared_secret');
    }
}


1			<?php declare(strict_types = 1);
2
3			namespace AtlassianConnectBundle\Tests\Functional;
4
5			use AtlassianConnectBundle\Service\QSHGenerator;
6			use Firebase\JWT\JWT;
7
8			/**
9			* Class AuthenticatorTest
10			*
11			* Tests JWTAuthenticator and LegacyJWTAuthenticator
12			*/
13			final class AuthenticatorTest extends AbstractWebTestCase
14			{
15			/**
16			* test a protected route without any authentication headers
17			* also test the entry point response
18			*/
19			public function testProtectedRouteWithoutAuthentication(): void
20			{
21			$client = self::createClient();
22
23			$client->request('GET', '/protected/route');
24
25			$this->assertResponseStatusCodeSame(401);
26			$this->assertSame('Authentication header required', $client->getResponse()->getContent());
27			}
28
29			/**
30			* test authentication with bearer endpoint
31			*/
32			public function testProtectedRouteWithBearerToken(): void
33			{
34			$client = self::createClient([], ['HTTP_AUTHORIZATION' => 'Bearer '.$this->getTenantJWTCode()]);
35
36			$client->request('GET', '/protected/route');
37			$this->assertResponseIsSuccessful();
38			}
39
40			/**
41			* test authentication with jwt endpoint
42			*/
43			public function testProtectedRouteWithQueryToken(): void
44			{
45			$client = self::createClient();
46
47			$client->request('GET', '/protected/route?jwt='.$this->getTenantJWTCode());
48			$this->assertResponseIsSuccessful();
49			}
50
51			/**
52			* test authentication in dev mode
53			*/
54			public function testProtectedRouteInDevEnvironment(): void
55			{
56			$client = self::createClient(['environment' => 'dev']);
57
58			$client->request('GET', '/protected/route');
59			$this->assertResponseIsSuccessful();
60			}
61
62			/**
63			* test authentication with invalid jwt token
64			*/
65			public function testProtectedRouteWithInvalidJWTToken(): void
66			{
67			$client = self::createClient();
68
69			$client->request('GET', '/protected/route?jwt=invalid');
70			$this->assertResponseStatusCodeSame(403);
71			$this->assertEquals('Authentication Failed: Failed to parse token', $client->getResponse()->getContent());
72			}
73
74			/**
75			* @return string
76			*/
77			public function getTenantJWTCode(): string
78			{
79			return JWT::encode([
80			'iss' => 'client_key',
81			'iat' => \time(),
82			'exp' => \strtotime('+1 day'),
83			'qsh' => QSHGenerator::generate('/protected_route', 'GET'),
84			'sub' => 'admin',
85			], 'shared_secret');
86			}
87			}
88

thecatontheflat / atlassian-connect-bundle

Pull Request — master (#61)

testProtectedRouteWithQueryToken() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like