Passed
Pull Request — master (#52)
by Matthieu
04:51
created

JWTAuthenticatorTest::testGetUserWithoutClientKeyThrowsException()   A

Complexity

Conditions 1
Paths 1

Size

Total Lines 17
Code Lines 11

Duplication

Lines 0
Ratio 0 %

Importance

Changes 0
Metric Value
cc 1
eloc 11
nc 1
nop 0
dl 0
loc 17
rs 9.9
c 0
b 0
f 0
1
<?php declare(strict_types = 1);
2
3
namespace AtlassianConnectBundle\Tests\Security;
4
5
use AtlassianConnectBundle\Entity\Tenant;
6
use AtlassianConnectBundle\Security\JWTAuthenticator;
7
use AtlassianConnectBundle\Security\JWTSecurityHelperInterface;
8
use AtlassianConnectBundle\Security\JWTUserProvider;
9
use AtlassianConnectBundle\Security\JWTUserProviderInterface;
10
use PHPUnit\Framework\MockObject\MockObject;
11
use PHPUnit\Framework\TestCase;
12
use Symfony\Component\HttpFoundation\Request;
13
use Symfony\Component\HttpFoundation\Response;
14
use Symfony\Component\HttpKernel\Kernel;
15
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
16
use Symfony\Component\Security\Core\Exception\AuthenticationException;
17
use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException;
18
use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
19
use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
20
21
/**
22
 * Class JWTAuthenticatorTest
23
 */
24
final class JWTAuthenticatorTest extends TestCase
25
{
26
    /**
27
     * @var JWTUserProviderInterface|MockObject
28
     */
29
    private $userProvider;
30
31
    /**
32
     * @var JWTSecurityHelperInterface|MockObject
33
     */
34
    private $securityHelper;
35
36
    /**
37
     * @var JWTAuthenticator
38
     */
39
    private $jwtAuthenticator;
40
41
    /**
42
     * Setup function
43
     */
44
    protected function setUp(): void
45
    {
46
        if (Kernel::VERSION_ID < 50200) {
47
            $this->markTestSkipped('This test only works with the new authenticator mechanism');
48
        }
49
50
        $this->userProvider = $this->createMock(JWTUserProvider::class);
51
        $this->securityHelper = $this->createMock(JWTSecurityHelperInterface::class);
52
        $this->jwtAuthenticator = new JWTAuthenticator(
53
            $this->userProvider,
54
            $this->securityHelper
55
        );
56
    }
57
58
    /**
59
     * Tests if the request is supported
60
     */
61
    public function testSupportsRequest(): void
62
    {
63
        $this->securityHelper
64
            ->expects($this->once())
65
            ->method('supportsRequest')
66
            ->with($request = new Request())
67
            ->willReturn(true);
68
69
        $this->assertTrue($this->jwtAuthenticator->supports($request));
70
    }
71
72
    /**
73
     * Test the authenticate method
74
     */
75
    public function testAuthenticate(): void
76
    {
77
        $token = [
78
            'sub' => 'username',
79
            'iss' => 'key',
80
        ];
81
82
        $this->securityHelper
83
            ->expects($this->once())
84
            ->method('getJWTToken')
85
            ->with($request = new Request())
86
            ->willReturn('token');
87
88
        $this->userProvider
89
            ->expects($this->once())
90
            ->method('getDecodedToken')
91
            ->with('token')
92
            ->willReturn((object) $token);
93
94
        $this->userProvider
95
            ->expects($this->once())
96
            ->method('loadUserByIdentifier')
97
            ->with('key')
98
            ->willReturn(new Tenant());
99
100
        $result = $this->jwtAuthenticator->authenticate($request);
101
        $this->assertEquals(
102
            new SelfValidatingPassport(new UserBadge('key')),
103
            $result
104
        );
105
    }
106
107
    /**
108
     * Test if an exception is thrown when no jwt token is present
109
     */
110
    public function testAuthenticateHasNoJWTToken(): void
111
    {
112
        $this->expectException(CustomUserMessageAuthenticationException::class);
113
        $this->expectExceptionMessage('JWT Token not provided');
114
115
        $this->securityHelper
116
            ->expects($this->once())
117
            ->method('getJWTToken')
118
            ->with($request = new Request())
119
            ->willReturn(null);
120
121
        $this->jwtAuthenticator->authenticate($request);
122
    }
123
124
    /**
125
     * Test if an exception is thrown when no client key is present
126
     */
127
    public function testAuthenticateHasNoClientKey(): void
128
    {
129
        $this->expectException(CustomUserMessageAuthenticationException::class);
130
        $this->expectExceptionMessage('API Key token does not exist');
131
132
        $token = [
133
            'sub' => 'username',
134
            'iss' => null,
135
        ];
136
137
        $this->securityHelper
138
            ->expects($this->once())
139
            ->method('getJWTToken')
140
            ->with($request = new Request())
141
            ->willReturn('token');
142
143
        $this->userProvider
144
            ->expects($this->once())
145
            ->method('getDecodedToken')
146
            ->with('token')
147
            ->willReturn((object) $token);
148
149
        $this->jwtAuthenticator->authenticate($request);
150
    }
151
152
    /**
153
     * test onAuthenticationFailure Method
154
     */
155
    public function testItSendsAResponseOnAuthenticationFailure(): void
156
    {
157
        $response = $this->jwtAuthenticator->onAuthenticationFailure(new Request(), new AuthenticationException('Error'));
158
159
        $this->assertEquals('Authentication Failed: Error', $response->getContent());
160
        $this->assertEquals(403, $response->getStatusCode());
161
    }
162
163
    /**
164
     * test onAuthenticationSuccess method
165
     */
166
    public function testItDoesNotSendAResponseOnAuthenticationSuccess(): void
167
    {
168
        $this->assertNull($this->jwtAuthenticator->onAuthenticationSuccess(new Request(), $this->createMock(TokenInterface::class), 'main'));
0 ignored issues
show
Bug introduced by
Are you sure the usage of $this->jwtAuthenticator-...erface::class), 'main') targeting AtlassianConnectBundle\S...AuthenticationSuccess() seems to always return null.

This check looks for function or method calls that always return null and whose return value is used.

class A
{
    function getObject()
    {
        return null;
    }

}

$a = new A();
if ($a->getObject()) {

The method getObject() can return nothing but null, so it makes no sense to use the return value.

The reason is most likely that a function or method is imcomplete or has been reduced for debug purposes.

Loading history...
169
    }
170
171
    /**
172
     * test start method
173
     */
174
    public function testStartMethod(): void
175
    {
176
        $this->assertEquals(
177
            new Response('Authentication header required', 401),
178
            $this->jwtAuthenticator->start(new Request())
179
        );
180
    }
181
}
182