mirror/Arsse
1
1
Fork 0
mirror of https://code.mensbeam.com/MensBeam/Arsse.git synced 2024-12-22 05:02:40 +00:00
Code Issues Activity

Update Microsub for Laminas and Phony migrations

Browse source
This commit is contained in:
J. King 2021-07-12 17:04:42 -04:00
parent 4a0face9af
commit e4fdbc454f
2 changed files with 40 additions and 34 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
lib/REST/Microsub/Auth.php
View file

@ -13,9 +13,9 @@ use JKingWeb\Arsse\Misc\HTTP;
use JKingWeb\Arsse\Misc\ValueInfo;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Message\ResponseInterface;
use Zend\Diactoros\Response\HtmlResponse;
use Zend\Diactoros\Response\JsonResponse;
use Zend\Diactoros\Response\EmptyResponse;
use Laminas\Diactoros\Response\HtmlResponse;
use Laminas\Diactoros\Response\JsonResponse;
use Laminas\Diactoros\Response\EmptyResponse;
class Auth extends \JKingWeb\Arsse\REST\AbstractHandler {
/** The scopes which we grant to Microsub clients. Mute and block are not included because they have no meaning in an RSS/Atom context; this may signal to clients to suppress muting and blocking in their UI */

68
tests/cases/REST/Microsub/TestAuth.php
View file

@ -12,18 +12,19 @@ use JKingWeb\Arsse\Db\ExceptionInput;
use JKingWeb\Arsse\REST\Microsub\Auth;
use JKingWeb\Arsse\REST\Microsub\ExceptionAuth;
use Psr\Http\Message\ResponseInterface;
use Zend\Diactoros\Response\JsonResponse as Response;
use Zend\Diactoros\Response\EmptyResponse;
use Zend\Diactoros\Response\HtmlResponse;
use Laminas\Diactoros\Response\JsonResponse as Response;
use Laminas\Diactoros\Response\EmptyResponse;
use Laminas\Diactoros\Response\HtmlResponse;
/** @covers \JKingWeb\Arsse\REST\Microsub\Auth<extended> */
class TestAuth extends \JKingWeb\Arsse\Test\AbstractTest {
public function setUp(): void {
self::clearData();
Arsse::$db = \Phake::mock(Database::class);
$this->dbMock = $this->mock(Database::class);
}
public function req(string $url, string $method = "GET", array $params = [], array $headers = [], array $data = [], string $type = "application/x-www-form-urlencoded", string $body = null, string $user = null): ResponseInterface {
Arsse::$db = $this->dbMock->get();
$type = (strtoupper($method) === "GET") ? "" : $type;
$req = $this->serverRequest($method, $url, "/u/", $headers, [], $body ?? $data, $type, $params, $user);
return (new \JKingWeb\Arsse\REST\Microsub\Auth)->dispatch($req);
@ -96,18 +97,18 @@ class TestAuth extends \JKingWeb\Arsse\Test\AbstractTest {
/** @dataProvider provideLoginData */
public function testLogInAUser(array $params, string $authenticatedUser = null, ResponseInterface $exp) {
\Phake::when(Arsse::$db)->tokenCreate->thenReturn("authCode");
$this->dbMock->tokenCreate->returns("authCode");
$act = $this->req("http://example.com/u/?f=auth", "GET", $params, [], [], "", null, $authenticatedUser);
$this->assertMessage($exp, $act);
if ($act->getStatusCode() == 302 && !preg_match("/\berror=\w/", $act->getHeaderLine("Location") ?? "")) {
\Phake::verify(Arsse::$db)->tokenCreate($authenticatedUser, "microsub.auth", null, $this->isInstanceOf(\DateTimeInterface::class), json_encode([
$this->dbMock->tokenCreate->calledWith($authenticatedUser, "microsub.auth", null, $this->isInstanceOf(\DateTimeInterface::class), json_encode([
'me' => $params['me'],
'client_id' => $params['client_id'],
'redirect_uri' => $params['redirect_uri'],
'response_type' => strlen($params['response_type'] ?? "") ? $params['response_type'] : "id",
], \JSON_UNESCAPED_SLASHES | \JSON_UNESCAPED_UNICODE));
} else {
\Phake::verify(Arsse::$db, \Phake::times(0))->tokenCreate;
$this->dbMock->tokenCreate->never()->called();
}
}
@ -134,13 +135,17 @@ class TestAuth extends \JKingWeb\Arsse\Test\AbstractTest {
/** @dataProvider provideAuthData */
public function testVerifyAnAuthenticationCode(array $params, string $user, $data, ResponseInterface $exp) {
if ($data instanceof \Exception) {
\Phake::when(Arsse::$db)->tokenLookup("microsub.auth", $params['code'] ?? "")->thenThrow($data);
$this->dbMock->tokenLookup->throws($data);
} else {
\Phake::when(Arsse::$db)->tokenLookup("microsub.auth", $params['code'] ?? "")->thenReturn(['user' => $user, 'data' => $data]);
$this->dbMock->tokenLookup->returns(['user' => $user, 'data' => $data]);
}
$act = $this->req("http://example.com/u/?f=auth", "POST", [], [], $params);
$this->assertMessage($exp, $act);
\Phake::verify(Arsse::$db, \Phake::times($act->getStatusCode() == 200 ? 1 : 0))->tokenRevoke($user, "microsub.auth", $params['code'] ?? "");
if ($act->getStatusCode() == 200) {
$this->dbMock->tokenRevoke->calledWith($user, "microsub.auth", $params['code'] ?? "");
} else {
$this->dbMock->tokenRevoke->never()->called();
}
}
public function provideAuthData() {
@ -166,20 +171,20 @@ class TestAuth extends \JKingWeb\Arsse\Test\AbstractTest {
/** @dataProvider provideTokenRequests */
public function testIssueAnAccessToken(array $params, string $user, $data, ResponseInterface $exp) {
if ($data instanceof \Exception) {
\Phake::when(Arsse::$db)->tokenLookup("microsub.auth", $params['code'] ?? "")->thenThrow($data);
$this->dbMock->tokenLookup->throws($data);
} else {
\Phake::when(Arsse::$db)->tokenLookup("microsub.auth", $params['code'] ?? "")->thenReturn(['user' => $user, 'data' => $data]);
$this->dbMock->tokenLookup->returns(['user' => $user, 'data' => $data]);
}
\Phake::when(Arsse::$db)->tokenCreate->thenReturn("TOKEN");
$this->dbMock->tokenCreate->returns("TOKEN");
$act = $this->req("http://example.com/u/?f=token", "POST", [], [], $params);
$this->assertMessage($exp, $act);
if ($act->getStatusCode() == 200) {
$input = '{"me":"'.($params['me'] ?? "").'","client_id":"'.($params['client_id'] ?? "").'"}';
\Phake::verify(Arsse::$db, \Phake::times(1))->tokenCreate($user, "microsub.access", null, null, $input);
\Phake::verify(Arsse::$db, \Phake::times(1))->tokenRevoke($user, "microsub.auth", $params['code'] ?? "");
$this->dbMock->tokenCreate->calledWith($user, "microsub.access", null, null, $input);
$this->dbMock->tokenRevoke->calledWith($user, "microsub.auth", $params['code'] ?? "");
} else {
\Phake::verify(Arsse::$db, \Phake::times(0))->tokenCreate;
\Phake::verify(Arsse::$db, \Phake::times(0))->tokenRevoke;
$this->dbMock->tokenCreate->never()->called();
$this->dbMock->tokenRevoke->never()->called();
}
}
@ -215,10 +220,11 @@ class TestAuth extends \JKingWeb\Arsse\Test\AbstractTest {
/** @dataProvider provideBearers */
public function testLogInABearer(string $authorization, array $scopes, string $token, string $user, $data, $exp) {
if ($data instanceof \Exception) {
\Phake::when(Arsse::$db)->tokenLookup("microsub.access", $this->anything())->thenThrow($data);
$this->dbMock->tokenLookup->throws($data);
} else {
\Phake::when(Arsse::$db)->tokenLookup("microsub.access", $this->anything())->thenReturn(['user' => $user, 'data' => $data]);
$this->dbMock->tokenLookup->returns(['user' => $user, 'data' => $data]);
}
Arsse::$db = $this->dbMock->get();
if ($exp instanceof \Exception) {
$this->assertException($exp);
}
@ -227,9 +233,9 @@ class TestAuth extends \JKingWeb\Arsse\Test\AbstractTest {
$this->assertSame($exp, $act);
} finally {
if (strlen($token)) {
\Phake::verify(Arsse::$db)->tokenLookup("microsub.access", $token);
$this->dbMock->tokenLookup->calledWith("microsub.access", $token);
} else {
\Phake::verify(Arsse::$db, \Phake::times(0))->tokenLookup;
$this->dbMock->tokenLookup->never()->called();
}
}
}
@ -252,24 +258,24 @@ class TestAuth extends \JKingWeb\Arsse\Test\AbstractTest {
/** @dataProvider provideRevocations */
public function testRevokeAToken(array $params, $user, ResponseInterface $exp) {
\Phake::when(Arsse::$db)->tokenRevoke->thenReturn(true);
$this->dbMock->tokenRevoke->returns(true);
if ($user instanceof \Exception) {
\Phake::when(Arsse::$db)->tokenLookup->thenThrow($user);
$this->dbMock->tokenLookup->throws($user);
} else {
\Phake::when(Arsse::$db)->tokenLookup->thenReturn(['user' => $user]);
$this->dbMock->tokenLookup->returns(['user' => $user]);
}
$this->assertMessage($exp, $this->req("http://example.com/u/?f=token", "POST", [], [], array_merge(['action' => "revoke"], $params)));
$doLookup = strlen($params['token'] ?? "") > 0;
$doRevoke = ($doLookup && !$user instanceof \Exception);
if ($doLookup) {
\Phake::verify(Arsse::$db)->tokenLookup("microsub.access", $params['token'] ?? "");
$this->dbMock->tokenLookup->calledWith("microsub.access", $params['token'] ?? "");
} else {
\Phake::verify(Arsse::$db, \Phake::times(0))->tokenLookup;
$this->dbMock->tokenLookup->never()->called();
}
if ($doRevoke) {
\Phake::verify(Arsse::$db)->tokenRevoke($user, "microsub.access", $params['token'] ?? "");
$this->dbMock->tokenRevoke->calledWith($user, "microsub.access", $params['token'] ?? "");
} else {
\Phake::verify(Arsse::$db, \Phake::times(0))->tokenRevoke;
$this->dbMock->tokenRevoke->never()->called();
}
}
@ -285,12 +291,12 @@ class TestAuth extends \JKingWeb\Arsse\Test\AbstractTest {
/** @dataProvider provideTokenVerifications */
public function testVerifyAToken(array $authorization, $output, ResponseInterface $exp) {
if ($output instanceof \Exception) {
\Phake::when(Arsse::$db)->tokenLookup->thenThrow($output);
$this->dbMock->tokenLookup->throws($output);
} else {
\Phake::when(Arsse::$db)->tokenLookup->thenReturn(['user' => "someone", 'data' => $output]);
$this->dbMock->tokenLookup->returns(['user' => "someone", 'data' => $output]);
}
$this->assertMessage($exp, $this->req("http://example.com/u/?f=token", "GET", [], $authorization ? ['Authorization' => $authorization] : []));
\Phake::verify(Arsse::$db, \Phake::times(0))->tokenRevoke;
$this->dbMock->tokenRevoke->never()->called();
}
public function provideTokenVerifications() {