2019-01-26 03:19:20 -06:00
|
|
|
<?php
|
2019-10-05 10:26:10 -05:00
|
|
|
|
2019-01-26 03:19:20 -06:00
|
|
|
declare(strict_types=1);
|
|
|
|
|
|
|
|
|
|
namespace ShlinkioApiTest\Shlink\Rest\Middleware;
|
|
|
|
|
|
2019-08-11 09:30:46 -05:00
|
|
|
use Shlinkio\Shlink\TestUtils\ApiTest\ApiTestCase;
|
2019-02-26 15:56:43 -06:00
|
|
|
|
2019-01-26 03:19:20 -06:00
|
|
|
class AuthenticationTest extends ApiTestCase
|
|
|
|
|
{
|
2019-02-17 13:28:34 -06:00
|
|
|
/** @test */
|
|
|
|
|
public function authorizationErrorIsReturnedIfNoApiKeyIsSent(): void
|
2019-01-26 03:19:20 -06:00
|
|
|
{
|
2020-11-07 05:53:14 -06:00
|
|
|
$expectedDetail = 'Expected one of the following authentication headers, ["X-Api-Key"], but none were provided';
|
2019-11-27 13:48:35 -06:00
|
|
|
|
2019-12-31 08:38:37 -06:00
|
|
|
$resp = $this->callApi(self::METHOD_GET, '/short-urls');
|
2019-11-27 13:48:35 -06:00
|
|
|
$payload = $this->getJsonResponsePayload($resp);
|
2019-01-26 03:19:20 -06:00
|
|
|
|
2020-10-03 17:35:14 -05:00
|
|
|
self::assertEquals(self::STATUS_UNAUTHORIZED, $resp->getStatusCode());
|
|
|
|
|
self::assertEquals(self::STATUS_UNAUTHORIZED, $payload['status']);
|
|
|
|
|
self::assertEquals('INVALID_AUTHORIZATION', $payload['type']);
|
|
|
|
|
self::assertEquals($expectedDetail, $payload['detail']);
|
|
|
|
|
self::assertEquals('Invalid authorization', $payload['title']);
|
2019-01-27 03:54:04 -06:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @test
|
2019-01-27 05:14:18 -06:00
|
|
|
* @dataProvider provideInvalidApiKeys
|
2019-01-27 03:54:04 -06:00
|
|
|
*/
|
2019-02-17 13:28:34 -06:00
|
|
|
public function apiKeyErrorIsReturnedWhenProvidedApiKeyIsInvalid(string $apiKey): void
|
2019-01-27 03:54:04 -06:00
|
|
|
{
|
2019-11-27 13:48:35 -06:00
|
|
|
$expectedDetail = 'Provided API key does not exist or is invalid.';
|
|
|
|
|
|
2019-12-31 08:38:37 -06:00
|
|
|
$resp = $this->callApi(self::METHOD_GET, '/short-urls', [
|
2019-01-30 11:28:07 -06:00
|
|
|
'headers' => [
|
2020-11-07 05:53:14 -06:00
|
|
|
'X-Api-Key' => $apiKey,
|
2019-01-30 11:28:07 -06:00
|
|
|
],
|
|
|
|
|
]);
|
2019-11-27 13:48:35 -06:00
|
|
|
$payload = $this->getJsonResponsePayload($resp);
|
2019-01-27 03:54:04 -06:00
|
|
|
|
2020-10-03 17:35:14 -05:00
|
|
|
self::assertEquals(self::STATUS_UNAUTHORIZED, $resp->getStatusCode());
|
|
|
|
|
self::assertEquals(self::STATUS_UNAUTHORIZED, $payload['status']);
|
|
|
|
|
self::assertEquals('INVALID_API_KEY', $payload['type']);
|
|
|
|
|
self::assertEquals($expectedDetail, $payload['detail']);
|
|
|
|
|
self::assertEquals('Invalid API key', $payload['title']);
|
2019-01-26 03:19:20 -06:00
|
|
|
}
|
2019-01-27 05:14:18 -06:00
|
|
|
|
2019-02-17 13:28:34 -06:00
|
|
|
public function provideInvalidApiKeys(): iterable
|
2019-01-27 05:14:18 -06:00
|
|
|
{
|
2019-02-17 13:28:34 -06:00
|
|
|
yield 'key which does not exist' => ['invalid'];
|
|
|
|
|
yield 'key which is expired' => ['expired_api_key'];
|
|
|
|
|
yield 'key which is disabled' => ['disabled_api_key'];
|
2019-01-27 05:14:18 -06:00
|
|
|
}
|
2019-01-26 03:19:20 -06:00
|
|
|
}
|
