diff --git a/module/Rest/config/auth.config.php b/module/Rest/config/auth.config.php index 8f406071..cbd19939 100644 --- a/module/Rest/config/auth.config.php +++ b/module/Rest/config/auth.config.php @@ -9,7 +9,7 @@ use Laminas\ServiceManager\AbstractFactory\ConfigAbstractFactory; return [ 'auth' => [ - 'routes_whitelist' => [ + 'routes_without_api_key' => [ Action\HealthAction::class, ConfigProvider::UNVERSIONED_HEALTH_ENDPOINT_NAME, ], @@ -28,7 +28,7 @@ return [ ConfigAbstractFactory::class => [ Middleware\AuthenticationMiddleware::class => [ Service\ApiKeyService::class, - 'config.auth.routes_whitelist', + 'config.auth.routes_without_api_key', 'config.auth.routes_with_query_api_key', ], ], diff --git a/module/Rest/src/Middleware/AuthenticationMiddleware.php b/module/Rest/src/Middleware/AuthenticationMiddleware.php index 9d75bfc4..cb8f8b7a 100644 --- a/module/Rest/src/Middleware/AuthenticationMiddleware.php +++ b/module/Rest/src/Middleware/AuthenticationMiddleware.php @@ -24,16 +24,16 @@ class AuthenticationMiddleware implements MiddlewareInterface, StatusCodeInterfa public const API_KEY_HEADER = 'X-Api-Key'; private ApiKeyServiceInterface $apiKeyService; - private array $routesWhitelist; + private array $routesWithoutApiKey; private array $routesWithQueryApiKey; public function __construct( ApiKeyServiceInterface $apiKeyService, - array $routesWhitelist, + array $routesWithoutApiKey, array $routesWithQueryApiKey ) { $this->apiKeyService = $apiKeyService; - $this->routesWhitelist = $routesWhitelist; + $this->routesWithoutApiKey = $routesWithoutApiKey; $this->routesWithQueryApiKey = $routesWithQueryApiKey; } @@ -45,7 +45,7 @@ class AuthenticationMiddleware implements MiddlewareInterface, StatusCodeInterfa $routeResult === null || $routeResult->isFailure() || $request->getMethod() === self::METHOD_OPTIONS - || contains($this->routesWhitelist, $routeResult->getMatchedRouteName()) + || contains($this->routesWithoutApiKey, $routeResult->getMatchedRouteName()) ) { return $handler->handle($request); } diff --git a/module/Rest/test/Middleware/AuthenticationMiddlewareTest.php b/module/Rest/test/Middleware/AuthenticationMiddlewareTest.php index 015e38e8..2edbe5e6 100644 --- a/module/Rest/test/Middleware/AuthenticationMiddlewareTest.php +++ b/module/Rest/test/Middleware/AuthenticationMiddlewareTest.php @@ -48,9 +48,9 @@ class AuthenticationMiddlewareTest extends TestCase /** * @test - * @dataProvider provideWhitelistedRequests + * @dataProvider provideRequestsWithoutAuth */ - public function someWhiteListedSituationsFallbackToNextMiddleware(ServerRequestInterface $request): void + public function someSituationsFallbackToNextMiddleware(ServerRequestInterface $request): void { $handle = $this->handler->handle($request)->willReturn(new Response()); $checkApiKey = $this->apiKeyService->check(Argument::any()); @@ -61,22 +61,22 @@ class AuthenticationMiddlewareTest extends TestCase $checkApiKey->shouldNotHaveBeenCalled(); } - public function provideWhitelistedRequests(): iterable + public function provideRequestsWithoutAuth(): iterable { $dummyMiddleware = $this->getDummyMiddleware(); - yield 'with no route result' => [new ServerRequest()]; - yield 'with failure route result' => [(new ServerRequest())->withAttribute( + yield 'no route result' => [new ServerRequest()]; + yield 'failure route result' => [(new ServerRequest())->withAttribute( RouteResult::class, RouteResult::fromRouteFailure([RequestMethodInterface::METHOD_GET]), )]; - yield 'with whitelisted route' => [(new ServerRequest())->withAttribute( + yield 'route without API key required' => [(new ServerRequest())->withAttribute( RouteResult::class, RouteResult::fromRoute( new Route('foo', $dummyMiddleware, Route::HTTP_METHOD_ANY, HealthAction::class), ), )]; - yield 'with OPTIONS method' => [(new ServerRequest())->withAttribute( + yield 'OPTIONS method' => [(new ServerRequest())->withAttribute( RouteResult::class, RouteResult::fromRoute(new Route('bar', $dummyMiddleware), []), )->withMethod(RequestMethodInterface::METHOD_OPTIONS)];