shlink/module/Rest/test-api/Middleware/AuthenticationTest.php

69 lines
2.3 KiB
PHP
Raw Normal View History

2019-01-26 03:19:20 -06:00
<?php
declare(strict_types=1);
namespace ShlinkioApiTest\Shlink\Rest\Middleware;
use GuzzleHttp\Exception\ClientException;
2019-01-27 03:54:04 -06:00
use Shlinkio\Shlink\Rest\Authentication\Plugin\ApiKeyHeaderPlugin;
use Shlinkio\Shlink\Rest\Authentication\RequestToHttpAuthPlugin;
use Shlinkio\Shlink\Rest\Util\RestUtils;
2019-01-26 03:19:20 -06:00
use ShlinkioTest\Shlink\Common\ApiTest\ApiTestCase;
2019-01-27 03:54:04 -06:00
use function implode;
use function Shlinkio\Shlink\Common\json_decode;
use function sprintf;
2019-01-26 03:19:20 -06:00
class AuthenticationTest extends ApiTestCase
{
/**
* @test
*/
2019-01-27 03:54:04 -06:00
public function authorizationErrorIsReturnedIfNoApiKeyIsSent()
2019-01-26 03:19:20 -06:00
{
2019-01-27 03:54:04 -06:00
try {
$this->callApi(self::METHOD_GET, '/short-codes');
} catch (ClientException $e) {
2019-01-27 05:35:00 -06:00
['error' => $error, 'message' => $message] = $this->getJsonResponsePayload($e->getResponse());
2019-01-26 03:19:20 -06:00
2019-01-27 03:54:04 -06:00
$this->assertEquals(self::STATUS_UNAUTHORIZED, $e->getCode());
$this->assertEquals(RestUtils::INVALID_AUTHORIZATION_ERROR, $error);
$this->assertEquals(
sprintf(
'Expected one of the following authentication headers, but none were provided, ["%s"]',
implode('", "', RequestToHttpAuthPlugin::SUPPORTED_AUTH_HEADERS)
),
$message
);
}
}
/**
* @test
2019-01-27 05:14:18 -06:00
* @dataProvider provideInvalidApiKeys
2019-01-27 03:54:04 -06:00
*/
2019-01-27 05:14:18 -06:00
public function apiKeyErrorIsReturnedWhenProvidedApiKeyIsInvalid(string $apiKey)
2019-01-27 03:54:04 -06:00
{
try {
$this->callApi(self::METHOD_GET, '/short-codes', [
'headers' => [
2019-01-27 05:14:18 -06:00
ApiKeyHeaderPlugin::HEADER_NAME => $apiKey,
2019-01-27 03:54:04 -06:00
],
]);
} catch (ClientException $e) {
['error' => $error, 'message' => $message] = json_decode((string) $e->getResponse()->getBody());
$this->assertEquals(self::STATUS_UNAUTHORIZED, $e->getCode());
$this->assertEquals(RestUtils::INVALID_API_KEY_ERROR, $error);
$this->assertEquals('Provided API key does not exist or is invalid.', $message);
}
2019-01-26 03:19:20 -06:00
}
2019-01-27 05:14:18 -06:00
public function provideInvalidApiKeys(): array
{
return [
'key which does not exist' => ['invalid'],
'key which is expired' => ['expired_api_key'],
'key which is disabled' => ['disabled_api_key'],
];
}
2019-01-26 03:19:20 -06:00
}