1
1
Fork 0
mirror of https://code.mensbeam.com/MensBeam/Arsse.git synced 2024-12-22 05:02:40 +00:00

Update Microsub for Laminas and Phony migrations

This commit is contained in:
J. King 2021-07-12 17:04:42 -04:00
parent 4a0face9af
commit e4fdbc454f
2 changed files with 40 additions and 34 deletions

View file

@ -13,9 +13,9 @@ use JKingWeb\Arsse\Misc\HTTP;
use JKingWeb\Arsse\Misc\ValueInfo; use JKingWeb\Arsse\Misc\ValueInfo;
use Psr\Http\Message\ServerRequestInterface; use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Message\ResponseInterface; use Psr\Http\Message\ResponseInterface;
use Zend\Diactoros\Response\HtmlResponse; use Laminas\Diactoros\Response\HtmlResponse;
use Zend\Diactoros\Response\JsonResponse; use Laminas\Diactoros\Response\JsonResponse;
use Zend\Diactoros\Response\EmptyResponse; use Laminas\Diactoros\Response\EmptyResponse;
class Auth extends \JKingWeb\Arsse\REST\AbstractHandler { class Auth extends \JKingWeb\Arsse\REST\AbstractHandler {
/** The scopes which we grant to Microsub clients. Mute and block are not included because they have no meaning in an RSS/Atom context; this may signal to clients to suppress muting and blocking in their UI */ /** The scopes which we grant to Microsub clients. Mute and block are not included because they have no meaning in an RSS/Atom context; this may signal to clients to suppress muting and blocking in their UI */

View file

@ -12,18 +12,19 @@ use JKingWeb\Arsse\Db\ExceptionInput;
use JKingWeb\Arsse\REST\Microsub\Auth; use JKingWeb\Arsse\REST\Microsub\Auth;
use JKingWeb\Arsse\REST\Microsub\ExceptionAuth; use JKingWeb\Arsse\REST\Microsub\ExceptionAuth;
use Psr\Http\Message\ResponseInterface; use Psr\Http\Message\ResponseInterface;
use Zend\Diactoros\Response\JsonResponse as Response; use Laminas\Diactoros\Response\JsonResponse as Response;
use Zend\Diactoros\Response\EmptyResponse; use Laminas\Diactoros\Response\EmptyResponse;
use Zend\Diactoros\Response\HtmlResponse; use Laminas\Diactoros\Response\HtmlResponse;
/** @covers \JKingWeb\Arsse\REST\Microsub\Auth<extended> */ /** @covers \JKingWeb\Arsse\REST\Microsub\Auth<extended> */
class TestAuth extends \JKingWeb\Arsse\Test\AbstractTest { class TestAuth extends \JKingWeb\Arsse\Test\AbstractTest {
public function setUp(): void { public function setUp(): void {
self::clearData(); self::clearData();
Arsse::$db = \Phake::mock(Database::class); $this->dbMock = $this->mock(Database::class);
} }
public function req(string $url, string $method = "GET", array $params = [], array $headers = [], array $data = [], string $type = "application/x-www-form-urlencoded", string $body = null, string $user = null): ResponseInterface { public function req(string $url, string $method = "GET", array $params = [], array $headers = [], array $data = [], string $type = "application/x-www-form-urlencoded", string $body = null, string $user = null): ResponseInterface {
Arsse::$db = $this->dbMock->get();
$type = (strtoupper($method) === "GET") ? "" : $type; $type = (strtoupper($method) === "GET") ? "" : $type;
$req = $this->serverRequest($method, $url, "/u/", $headers, [], $body ?? $data, $type, $params, $user); $req = $this->serverRequest($method, $url, "/u/", $headers, [], $body ?? $data, $type, $params, $user);
return (new \JKingWeb\Arsse\REST\Microsub\Auth)->dispatch($req); return (new \JKingWeb\Arsse\REST\Microsub\Auth)->dispatch($req);
@ -96,18 +97,18 @@ class TestAuth extends \JKingWeb\Arsse\Test\AbstractTest {
/** @dataProvider provideLoginData */ /** @dataProvider provideLoginData */
public function testLogInAUser(array $params, string $authenticatedUser = null, ResponseInterface $exp) { public function testLogInAUser(array $params, string $authenticatedUser = null, ResponseInterface $exp) {
\Phake::when(Arsse::$db)->tokenCreate->thenReturn("authCode"); $this->dbMock->tokenCreate->returns("authCode");
$act = $this->req("http://example.com/u/?f=auth", "GET", $params, [], [], "", null, $authenticatedUser); $act = $this->req("http://example.com/u/?f=auth", "GET", $params, [], [], "", null, $authenticatedUser);
$this->assertMessage($exp, $act); $this->assertMessage($exp, $act);
if ($act->getStatusCode() == 302 && !preg_match("/\berror=\w/", $act->getHeaderLine("Location") ?? "")) { if ($act->getStatusCode() == 302 && !preg_match("/\berror=\w/", $act->getHeaderLine("Location") ?? "")) {
\Phake::verify(Arsse::$db)->tokenCreate($authenticatedUser, "microsub.auth", null, $this->isInstanceOf(\DateTimeInterface::class), json_encode([ $this->dbMock->tokenCreate->calledWith($authenticatedUser, "microsub.auth", null, $this->isInstanceOf(\DateTimeInterface::class), json_encode([
'me' => $params['me'], 'me' => $params['me'],
'client_id' => $params['client_id'], 'client_id' => $params['client_id'],
'redirect_uri' => $params['redirect_uri'], 'redirect_uri' => $params['redirect_uri'],
'response_type' => strlen($params['response_type'] ?? "") ? $params['response_type'] : "id", 'response_type' => strlen($params['response_type'] ?? "") ? $params['response_type'] : "id",
], \JSON_UNESCAPED_SLASHES | \JSON_UNESCAPED_UNICODE)); ], \JSON_UNESCAPED_SLASHES | \JSON_UNESCAPED_UNICODE));
} else { } else {
\Phake::verify(Arsse::$db, \Phake::times(0))->tokenCreate; $this->dbMock->tokenCreate->never()->called();
} }
} }
@ -134,13 +135,17 @@ class TestAuth extends \JKingWeb\Arsse\Test\AbstractTest {
/** @dataProvider provideAuthData */ /** @dataProvider provideAuthData */
public function testVerifyAnAuthenticationCode(array $params, string $user, $data, ResponseInterface $exp) { public function testVerifyAnAuthenticationCode(array $params, string $user, $data, ResponseInterface $exp) {
if ($data instanceof \Exception) { if ($data instanceof \Exception) {
\Phake::when(Arsse::$db)->tokenLookup("microsub.auth", $params['code'] ?? "")->thenThrow($data); $this->dbMock->tokenLookup->throws($data);
} else { } else {
\Phake::when(Arsse::$db)->tokenLookup("microsub.auth", $params['code'] ?? "")->thenReturn(['user' => $user, 'data' => $data]); $this->dbMock->tokenLookup->returns(['user' => $user, 'data' => $data]);
} }
$act = $this->req("http://example.com/u/?f=auth", "POST", [], [], $params); $act = $this->req("http://example.com/u/?f=auth", "POST", [], [], $params);
$this->assertMessage($exp, $act); $this->assertMessage($exp, $act);
\Phake::verify(Arsse::$db, \Phake::times($act->getStatusCode() == 200 ? 1 : 0))->tokenRevoke($user, "microsub.auth", $params['code'] ?? ""); if ($act->getStatusCode() == 200) {
$this->dbMock->tokenRevoke->calledWith($user, "microsub.auth", $params['code'] ?? "");
} else {
$this->dbMock->tokenRevoke->never()->called();
}
} }
public function provideAuthData() { public function provideAuthData() {
@ -166,20 +171,20 @@ class TestAuth extends \JKingWeb\Arsse\Test\AbstractTest {
/** @dataProvider provideTokenRequests */ /** @dataProvider provideTokenRequests */
public function testIssueAnAccessToken(array $params, string $user, $data, ResponseInterface $exp) { public function testIssueAnAccessToken(array $params, string $user, $data, ResponseInterface $exp) {
if ($data instanceof \Exception) { if ($data instanceof \Exception) {
\Phake::when(Arsse::$db)->tokenLookup("microsub.auth", $params['code'] ?? "")->thenThrow($data); $this->dbMock->tokenLookup->throws($data);
} else { } else {
\Phake::when(Arsse::$db)->tokenLookup("microsub.auth", $params['code'] ?? "")->thenReturn(['user' => $user, 'data' => $data]); $this->dbMock->tokenLookup->returns(['user' => $user, 'data' => $data]);
} }
\Phake::when(Arsse::$db)->tokenCreate->thenReturn("TOKEN"); $this->dbMock->tokenCreate->returns("TOKEN");
$act = $this->req("http://example.com/u/?f=token", "POST", [], [], $params); $act = $this->req("http://example.com/u/?f=token", "POST", [], [], $params);
$this->assertMessage($exp, $act); $this->assertMessage($exp, $act);
if ($act->getStatusCode() == 200) { if ($act->getStatusCode() == 200) {
$input = '{"me":"'.($params['me'] ?? "").'","client_id":"'.($params['client_id'] ?? "").'"}'; $input = '{"me":"'.($params['me'] ?? "").'","client_id":"'.($params['client_id'] ?? "").'"}';
\Phake::verify(Arsse::$db, \Phake::times(1))->tokenCreate($user, "microsub.access", null, null, $input); $this->dbMock->tokenCreate->calledWith($user, "microsub.access", null, null, $input);
\Phake::verify(Arsse::$db, \Phake::times(1))->tokenRevoke($user, "microsub.auth", $params['code'] ?? ""); $this->dbMock->tokenRevoke->calledWith($user, "microsub.auth", $params['code'] ?? "");
} else { } else {
\Phake::verify(Arsse::$db, \Phake::times(0))->tokenCreate; $this->dbMock->tokenCreate->never()->called();
\Phake::verify(Arsse::$db, \Phake::times(0))->tokenRevoke; $this->dbMock->tokenRevoke->never()->called();
} }
} }
@ -215,10 +220,11 @@ class TestAuth extends \JKingWeb\Arsse\Test\AbstractTest {
/** @dataProvider provideBearers */ /** @dataProvider provideBearers */
public function testLogInABearer(string $authorization, array $scopes, string $token, string $user, $data, $exp) { public function testLogInABearer(string $authorization, array $scopes, string $token, string $user, $data, $exp) {
if ($data instanceof \Exception) { if ($data instanceof \Exception) {
\Phake::when(Arsse::$db)->tokenLookup("microsub.access", $this->anything())->thenThrow($data); $this->dbMock->tokenLookup->throws($data);
} else { } else {
\Phake::when(Arsse::$db)->tokenLookup("microsub.access", $this->anything())->thenReturn(['user' => $user, 'data' => $data]); $this->dbMock->tokenLookup->returns(['user' => $user, 'data' => $data]);
} }
Arsse::$db = $this->dbMock->get();
if ($exp instanceof \Exception) { if ($exp instanceof \Exception) {
$this->assertException($exp); $this->assertException($exp);
} }
@ -227,9 +233,9 @@ class TestAuth extends \JKingWeb\Arsse\Test\AbstractTest {
$this->assertSame($exp, $act); $this->assertSame($exp, $act);
} finally { } finally {
if (strlen($token)) { if (strlen($token)) {
\Phake::verify(Arsse::$db)->tokenLookup("microsub.access", $token); $this->dbMock->tokenLookup->calledWith("microsub.access", $token);
} else { } else {
\Phake::verify(Arsse::$db, \Phake::times(0))->tokenLookup; $this->dbMock->tokenLookup->never()->called();
} }
} }
} }
@ -252,24 +258,24 @@ class TestAuth extends \JKingWeb\Arsse\Test\AbstractTest {
/** @dataProvider provideRevocations */ /** @dataProvider provideRevocations */
public function testRevokeAToken(array $params, $user, ResponseInterface $exp) { public function testRevokeAToken(array $params, $user, ResponseInterface $exp) {
\Phake::when(Arsse::$db)->tokenRevoke->thenReturn(true); $this->dbMock->tokenRevoke->returns(true);
if ($user instanceof \Exception) { if ($user instanceof \Exception) {
\Phake::when(Arsse::$db)->tokenLookup->thenThrow($user); $this->dbMock->tokenLookup->throws($user);
} else { } else {
\Phake::when(Arsse::$db)->tokenLookup->thenReturn(['user' => $user]); $this->dbMock->tokenLookup->returns(['user' => $user]);
} }
$this->assertMessage($exp, $this->req("http://example.com/u/?f=token", "POST", [], [], array_merge(['action' => "revoke"], $params))); $this->assertMessage($exp, $this->req("http://example.com/u/?f=token", "POST", [], [], array_merge(['action' => "revoke"], $params)));
$doLookup = strlen($params['token'] ?? "") > 0; $doLookup = strlen($params['token'] ?? "") > 0;
$doRevoke = ($doLookup && !$user instanceof \Exception); $doRevoke = ($doLookup && !$user instanceof \Exception);
if ($doLookup) { if ($doLookup) {
\Phake::verify(Arsse::$db)->tokenLookup("microsub.access", $params['token'] ?? ""); $this->dbMock->tokenLookup->calledWith("microsub.access", $params['token'] ?? "");
} else { } else {
\Phake::verify(Arsse::$db, \Phake::times(0))->tokenLookup; $this->dbMock->tokenLookup->never()->called();
} }
if ($doRevoke) { if ($doRevoke) {
\Phake::verify(Arsse::$db)->tokenRevoke($user, "microsub.access", $params['token'] ?? ""); $this->dbMock->tokenRevoke->calledWith($user, "microsub.access", $params['token'] ?? "");
} else { } else {
\Phake::verify(Arsse::$db, \Phake::times(0))->tokenRevoke; $this->dbMock->tokenRevoke->never()->called();
} }
} }
@ -285,12 +291,12 @@ class TestAuth extends \JKingWeb\Arsse\Test\AbstractTest {
/** @dataProvider provideTokenVerifications */ /** @dataProvider provideTokenVerifications */
public function testVerifyAToken(array $authorization, $output, ResponseInterface $exp) { public function testVerifyAToken(array $authorization, $output, ResponseInterface $exp) {
if ($output instanceof \Exception) { if ($output instanceof \Exception) {
\Phake::when(Arsse::$db)->tokenLookup->thenThrow($output); $this->dbMock->tokenLookup->throws($output);
} else { } else {
\Phake::when(Arsse::$db)->tokenLookup->thenReturn(['user' => "someone", 'data' => $output]); $this->dbMock->tokenLookup->returns(['user' => "someone", 'data' => $output]);
} }
$this->assertMessage($exp, $this->req("http://example.com/u/?f=token", "GET", [], $authorization ? ['Authorization' => $authorization] : [])); $this->assertMessage($exp, $this->req("http://example.com/u/?f=token", "GET", [], $authorization ? ['Authorization' => $authorization] : []));
\Phake::verify(Arsse::$db, \Phake::times(0))->tokenRevoke; $this->dbMock->tokenRevoke->never()->called();
} }
public function provideTokenVerifications() { public function provideTokenVerifications() {