mirror of
https://code.mensbeam.com/MensBeam/Arsse.git
synced 2024-12-22 13:12:41 +00:00
Update Microsub for Laminas and Phony migrations
This commit is contained in:
parent
4a0face9af
commit
e4fdbc454f
2 changed files with 40 additions and 34 deletions
|
@ -13,9 +13,9 @@ use JKingWeb\Arsse\Misc\HTTP;
|
||||||
use JKingWeb\Arsse\Misc\ValueInfo;
|
use JKingWeb\Arsse\Misc\ValueInfo;
|
||||||
use Psr\Http\Message\ServerRequestInterface;
|
use Psr\Http\Message\ServerRequestInterface;
|
||||||
use Psr\Http\Message\ResponseInterface;
|
use Psr\Http\Message\ResponseInterface;
|
||||||
use Zend\Diactoros\Response\HtmlResponse;
|
use Laminas\Diactoros\Response\HtmlResponse;
|
||||||
use Zend\Diactoros\Response\JsonResponse;
|
use Laminas\Diactoros\Response\JsonResponse;
|
||||||
use Zend\Diactoros\Response\EmptyResponse;
|
use Laminas\Diactoros\Response\EmptyResponse;
|
||||||
|
|
||||||
class Auth extends \JKingWeb\Arsse\REST\AbstractHandler {
|
class Auth extends \JKingWeb\Arsse\REST\AbstractHandler {
|
||||||
/** The scopes which we grant to Microsub clients. Mute and block are not included because they have no meaning in an RSS/Atom context; this may signal to clients to suppress muting and blocking in their UI */
|
/** The scopes which we grant to Microsub clients. Mute and block are not included because they have no meaning in an RSS/Atom context; this may signal to clients to suppress muting and blocking in their UI */
|
||||||
|
|
|
@ -12,18 +12,19 @@ use JKingWeb\Arsse\Db\ExceptionInput;
|
||||||
use JKingWeb\Arsse\REST\Microsub\Auth;
|
use JKingWeb\Arsse\REST\Microsub\Auth;
|
||||||
use JKingWeb\Arsse\REST\Microsub\ExceptionAuth;
|
use JKingWeb\Arsse\REST\Microsub\ExceptionAuth;
|
||||||
use Psr\Http\Message\ResponseInterface;
|
use Psr\Http\Message\ResponseInterface;
|
||||||
use Zend\Diactoros\Response\JsonResponse as Response;
|
use Laminas\Diactoros\Response\JsonResponse as Response;
|
||||||
use Zend\Diactoros\Response\EmptyResponse;
|
use Laminas\Diactoros\Response\EmptyResponse;
|
||||||
use Zend\Diactoros\Response\HtmlResponse;
|
use Laminas\Diactoros\Response\HtmlResponse;
|
||||||
|
|
||||||
/** @covers \JKingWeb\Arsse\REST\Microsub\Auth<extended> */
|
/** @covers \JKingWeb\Arsse\REST\Microsub\Auth<extended> */
|
||||||
class TestAuth extends \JKingWeb\Arsse\Test\AbstractTest {
|
class TestAuth extends \JKingWeb\Arsse\Test\AbstractTest {
|
||||||
public function setUp(): void {
|
public function setUp(): void {
|
||||||
self::clearData();
|
self::clearData();
|
||||||
Arsse::$db = \Phake::mock(Database::class);
|
$this->dbMock = $this->mock(Database::class);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function req(string $url, string $method = "GET", array $params = [], array $headers = [], array $data = [], string $type = "application/x-www-form-urlencoded", string $body = null, string $user = null): ResponseInterface {
|
public function req(string $url, string $method = "GET", array $params = [], array $headers = [], array $data = [], string $type = "application/x-www-form-urlencoded", string $body = null, string $user = null): ResponseInterface {
|
||||||
|
Arsse::$db = $this->dbMock->get();
|
||||||
$type = (strtoupper($method) === "GET") ? "" : $type;
|
$type = (strtoupper($method) === "GET") ? "" : $type;
|
||||||
$req = $this->serverRequest($method, $url, "/u/", $headers, [], $body ?? $data, $type, $params, $user);
|
$req = $this->serverRequest($method, $url, "/u/", $headers, [], $body ?? $data, $type, $params, $user);
|
||||||
return (new \JKingWeb\Arsse\REST\Microsub\Auth)->dispatch($req);
|
return (new \JKingWeb\Arsse\REST\Microsub\Auth)->dispatch($req);
|
||||||
|
@ -96,18 +97,18 @@ class TestAuth extends \JKingWeb\Arsse\Test\AbstractTest {
|
||||||
|
|
||||||
/** @dataProvider provideLoginData */
|
/** @dataProvider provideLoginData */
|
||||||
public function testLogInAUser(array $params, string $authenticatedUser = null, ResponseInterface $exp) {
|
public function testLogInAUser(array $params, string $authenticatedUser = null, ResponseInterface $exp) {
|
||||||
\Phake::when(Arsse::$db)->tokenCreate->thenReturn("authCode");
|
$this->dbMock->tokenCreate->returns("authCode");
|
||||||
$act = $this->req("http://example.com/u/?f=auth", "GET", $params, [], [], "", null, $authenticatedUser);
|
$act = $this->req("http://example.com/u/?f=auth", "GET", $params, [], [], "", null, $authenticatedUser);
|
||||||
$this->assertMessage($exp, $act);
|
$this->assertMessage($exp, $act);
|
||||||
if ($act->getStatusCode() == 302 && !preg_match("/\berror=\w/", $act->getHeaderLine("Location") ?? "")) {
|
if ($act->getStatusCode() == 302 && !preg_match("/\berror=\w/", $act->getHeaderLine("Location") ?? "")) {
|
||||||
\Phake::verify(Arsse::$db)->tokenCreate($authenticatedUser, "microsub.auth", null, $this->isInstanceOf(\DateTimeInterface::class), json_encode([
|
$this->dbMock->tokenCreate->calledWith($authenticatedUser, "microsub.auth", null, $this->isInstanceOf(\DateTimeInterface::class), json_encode([
|
||||||
'me' => $params['me'],
|
'me' => $params['me'],
|
||||||
'client_id' => $params['client_id'],
|
'client_id' => $params['client_id'],
|
||||||
'redirect_uri' => $params['redirect_uri'],
|
'redirect_uri' => $params['redirect_uri'],
|
||||||
'response_type' => strlen($params['response_type'] ?? "") ? $params['response_type'] : "id",
|
'response_type' => strlen($params['response_type'] ?? "") ? $params['response_type'] : "id",
|
||||||
], \JSON_UNESCAPED_SLASHES | \JSON_UNESCAPED_UNICODE));
|
], \JSON_UNESCAPED_SLASHES | \JSON_UNESCAPED_UNICODE));
|
||||||
} else {
|
} else {
|
||||||
\Phake::verify(Arsse::$db, \Phake::times(0))->tokenCreate;
|
$this->dbMock->tokenCreate->never()->called();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -134,13 +135,17 @@ class TestAuth extends \JKingWeb\Arsse\Test\AbstractTest {
|
||||||
/** @dataProvider provideAuthData */
|
/** @dataProvider provideAuthData */
|
||||||
public function testVerifyAnAuthenticationCode(array $params, string $user, $data, ResponseInterface $exp) {
|
public function testVerifyAnAuthenticationCode(array $params, string $user, $data, ResponseInterface $exp) {
|
||||||
if ($data instanceof \Exception) {
|
if ($data instanceof \Exception) {
|
||||||
\Phake::when(Arsse::$db)->tokenLookup("microsub.auth", $params['code'] ?? "")->thenThrow($data);
|
$this->dbMock->tokenLookup->throws($data);
|
||||||
} else {
|
} else {
|
||||||
\Phake::when(Arsse::$db)->tokenLookup("microsub.auth", $params['code'] ?? "")->thenReturn(['user' => $user, 'data' => $data]);
|
$this->dbMock->tokenLookup->returns(['user' => $user, 'data' => $data]);
|
||||||
}
|
}
|
||||||
$act = $this->req("http://example.com/u/?f=auth", "POST", [], [], $params);
|
$act = $this->req("http://example.com/u/?f=auth", "POST", [], [], $params);
|
||||||
$this->assertMessage($exp, $act);
|
$this->assertMessage($exp, $act);
|
||||||
\Phake::verify(Arsse::$db, \Phake::times($act->getStatusCode() == 200 ? 1 : 0))->tokenRevoke($user, "microsub.auth", $params['code'] ?? "");
|
if ($act->getStatusCode() == 200) {
|
||||||
|
$this->dbMock->tokenRevoke->calledWith($user, "microsub.auth", $params['code'] ?? "");
|
||||||
|
} else {
|
||||||
|
$this->dbMock->tokenRevoke->never()->called();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public function provideAuthData() {
|
public function provideAuthData() {
|
||||||
|
@ -166,20 +171,20 @@ class TestAuth extends \JKingWeb\Arsse\Test\AbstractTest {
|
||||||
/** @dataProvider provideTokenRequests */
|
/** @dataProvider provideTokenRequests */
|
||||||
public function testIssueAnAccessToken(array $params, string $user, $data, ResponseInterface $exp) {
|
public function testIssueAnAccessToken(array $params, string $user, $data, ResponseInterface $exp) {
|
||||||
if ($data instanceof \Exception) {
|
if ($data instanceof \Exception) {
|
||||||
\Phake::when(Arsse::$db)->tokenLookup("microsub.auth", $params['code'] ?? "")->thenThrow($data);
|
$this->dbMock->tokenLookup->throws($data);
|
||||||
} else {
|
} else {
|
||||||
\Phake::when(Arsse::$db)->tokenLookup("microsub.auth", $params['code'] ?? "")->thenReturn(['user' => $user, 'data' => $data]);
|
$this->dbMock->tokenLookup->returns(['user' => $user, 'data' => $data]);
|
||||||
}
|
}
|
||||||
\Phake::when(Arsse::$db)->tokenCreate->thenReturn("TOKEN");
|
$this->dbMock->tokenCreate->returns("TOKEN");
|
||||||
$act = $this->req("http://example.com/u/?f=token", "POST", [], [], $params);
|
$act = $this->req("http://example.com/u/?f=token", "POST", [], [], $params);
|
||||||
$this->assertMessage($exp, $act);
|
$this->assertMessage($exp, $act);
|
||||||
if ($act->getStatusCode() == 200) {
|
if ($act->getStatusCode() == 200) {
|
||||||
$input = '{"me":"'.($params['me'] ?? "").'","client_id":"'.($params['client_id'] ?? "").'"}';
|
$input = '{"me":"'.($params['me'] ?? "").'","client_id":"'.($params['client_id'] ?? "").'"}';
|
||||||
\Phake::verify(Arsse::$db, \Phake::times(1))->tokenCreate($user, "microsub.access", null, null, $input);
|
$this->dbMock->tokenCreate->calledWith($user, "microsub.access", null, null, $input);
|
||||||
\Phake::verify(Arsse::$db, \Phake::times(1))->tokenRevoke($user, "microsub.auth", $params['code'] ?? "");
|
$this->dbMock->tokenRevoke->calledWith($user, "microsub.auth", $params['code'] ?? "");
|
||||||
} else {
|
} else {
|
||||||
\Phake::verify(Arsse::$db, \Phake::times(0))->tokenCreate;
|
$this->dbMock->tokenCreate->never()->called();
|
||||||
\Phake::verify(Arsse::$db, \Phake::times(0))->tokenRevoke;
|
$this->dbMock->tokenRevoke->never()->called();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -215,10 +220,11 @@ class TestAuth extends \JKingWeb\Arsse\Test\AbstractTest {
|
||||||
/** @dataProvider provideBearers */
|
/** @dataProvider provideBearers */
|
||||||
public function testLogInABearer(string $authorization, array $scopes, string $token, string $user, $data, $exp) {
|
public function testLogInABearer(string $authorization, array $scopes, string $token, string $user, $data, $exp) {
|
||||||
if ($data instanceof \Exception) {
|
if ($data instanceof \Exception) {
|
||||||
\Phake::when(Arsse::$db)->tokenLookup("microsub.access", $this->anything())->thenThrow($data);
|
$this->dbMock->tokenLookup->throws($data);
|
||||||
} else {
|
} else {
|
||||||
\Phake::when(Arsse::$db)->tokenLookup("microsub.access", $this->anything())->thenReturn(['user' => $user, 'data' => $data]);
|
$this->dbMock->tokenLookup->returns(['user' => $user, 'data' => $data]);
|
||||||
}
|
}
|
||||||
|
Arsse::$db = $this->dbMock->get();
|
||||||
if ($exp instanceof \Exception) {
|
if ($exp instanceof \Exception) {
|
||||||
$this->assertException($exp);
|
$this->assertException($exp);
|
||||||
}
|
}
|
||||||
|
@ -227,9 +233,9 @@ class TestAuth extends \JKingWeb\Arsse\Test\AbstractTest {
|
||||||
$this->assertSame($exp, $act);
|
$this->assertSame($exp, $act);
|
||||||
} finally {
|
} finally {
|
||||||
if (strlen($token)) {
|
if (strlen($token)) {
|
||||||
\Phake::verify(Arsse::$db)->tokenLookup("microsub.access", $token);
|
$this->dbMock->tokenLookup->calledWith("microsub.access", $token);
|
||||||
} else {
|
} else {
|
||||||
\Phake::verify(Arsse::$db, \Phake::times(0))->tokenLookup;
|
$this->dbMock->tokenLookup->never()->called();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -252,24 +258,24 @@ class TestAuth extends \JKingWeb\Arsse\Test\AbstractTest {
|
||||||
|
|
||||||
/** @dataProvider provideRevocations */
|
/** @dataProvider provideRevocations */
|
||||||
public function testRevokeAToken(array $params, $user, ResponseInterface $exp) {
|
public function testRevokeAToken(array $params, $user, ResponseInterface $exp) {
|
||||||
\Phake::when(Arsse::$db)->tokenRevoke->thenReturn(true);
|
$this->dbMock->tokenRevoke->returns(true);
|
||||||
if ($user instanceof \Exception) {
|
if ($user instanceof \Exception) {
|
||||||
\Phake::when(Arsse::$db)->tokenLookup->thenThrow($user);
|
$this->dbMock->tokenLookup->throws($user);
|
||||||
} else {
|
} else {
|
||||||
\Phake::when(Arsse::$db)->tokenLookup->thenReturn(['user' => $user]);
|
$this->dbMock->tokenLookup->returns(['user' => $user]);
|
||||||
}
|
}
|
||||||
$this->assertMessage($exp, $this->req("http://example.com/u/?f=token", "POST", [], [], array_merge(['action' => "revoke"], $params)));
|
$this->assertMessage($exp, $this->req("http://example.com/u/?f=token", "POST", [], [], array_merge(['action' => "revoke"], $params)));
|
||||||
$doLookup = strlen($params['token'] ?? "") > 0;
|
$doLookup = strlen($params['token'] ?? "") > 0;
|
||||||
$doRevoke = ($doLookup && !$user instanceof \Exception);
|
$doRevoke = ($doLookup && !$user instanceof \Exception);
|
||||||
if ($doLookup) {
|
if ($doLookup) {
|
||||||
\Phake::verify(Arsse::$db)->tokenLookup("microsub.access", $params['token'] ?? "");
|
$this->dbMock->tokenLookup->calledWith("microsub.access", $params['token'] ?? "");
|
||||||
} else {
|
} else {
|
||||||
\Phake::verify(Arsse::$db, \Phake::times(0))->tokenLookup;
|
$this->dbMock->tokenLookup->never()->called();
|
||||||
}
|
}
|
||||||
if ($doRevoke) {
|
if ($doRevoke) {
|
||||||
\Phake::verify(Arsse::$db)->tokenRevoke($user, "microsub.access", $params['token'] ?? "");
|
$this->dbMock->tokenRevoke->calledWith($user, "microsub.access", $params['token'] ?? "");
|
||||||
} else {
|
} else {
|
||||||
\Phake::verify(Arsse::$db, \Phake::times(0))->tokenRevoke;
|
$this->dbMock->tokenRevoke->never()->called();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -285,12 +291,12 @@ class TestAuth extends \JKingWeb\Arsse\Test\AbstractTest {
|
||||||
/** @dataProvider provideTokenVerifications */
|
/** @dataProvider provideTokenVerifications */
|
||||||
public function testVerifyAToken(array $authorization, $output, ResponseInterface $exp) {
|
public function testVerifyAToken(array $authorization, $output, ResponseInterface $exp) {
|
||||||
if ($output instanceof \Exception) {
|
if ($output instanceof \Exception) {
|
||||||
\Phake::when(Arsse::$db)->tokenLookup->thenThrow($output);
|
$this->dbMock->tokenLookup->throws($output);
|
||||||
} else {
|
} else {
|
||||||
\Phake::when(Arsse::$db)->tokenLookup->thenReturn(['user' => "someone", 'data' => $output]);
|
$this->dbMock->tokenLookup->returns(['user' => "someone", 'data' => $output]);
|
||||||
}
|
}
|
||||||
$this->assertMessage($exp, $this->req("http://example.com/u/?f=token", "GET", [], $authorization ? ['Authorization' => $authorization] : []));
|
$this->assertMessage($exp, $this->req("http://example.com/u/?f=token", "GET", [], $authorization ? ['Authorization' => $authorization] : []));
|
||||||
\Phake::verify(Arsse::$db, \Phake::times(0))->tokenRevoke;
|
$this->dbMock->tokenRevoke->never()->called();
|
||||||
}
|
}
|
||||||
|
|
||||||
public function provideTokenVerifications() {
|
public function provideTokenVerifications() {
|
||||||
|
|
Loading…
Reference in a new issue