mirror of
https://github.com/shlinkio/shlink.git
synced 2024-12-23 15:40:33 -06:00
Implemented ApiKeyHeaderPlugin
This commit is contained in:
parent
0f5fb066d1
commit
5ecfe9f0f0
@ -39,6 +39,7 @@ return [
|
|||||||
|
|
||||||
ConfigAbstractFactory::class => [
|
ConfigAbstractFactory::class => [
|
||||||
Authentication\Plugin\AuthorizationHeaderPlugin::class => [Authentication\JWTService::class, 'translator'],
|
Authentication\Plugin\AuthorizationHeaderPlugin::class => [Authentication\JWTService::class, 'translator'],
|
||||||
|
Authentication\Plugin\ApiKeyHeaderPlugin::class => [Service\ApiKeyService::class, 'translator'],
|
||||||
|
|
||||||
Authentication\RequestToHttpAuthPlugin::class => [Authentication\AuthenticationPluginManager::class],
|
Authentication\RequestToHttpAuthPlugin::class => [Authentication\AuthenticationPluginManager::class],
|
||||||
|
|
||||||
|
@ -6,17 +6,43 @@ namespace Shlinkio\Shlink\Rest\Authentication\Plugin;
|
|||||||
use Psr\Http\Message\ResponseInterface;
|
use Psr\Http\Message\ResponseInterface;
|
||||||
use Psr\Http\Message\ServerRequestInterface;
|
use Psr\Http\Message\ServerRequestInterface;
|
||||||
use Shlinkio\Shlink\Rest\Exception\VerifyAuthenticationException;
|
use Shlinkio\Shlink\Rest\Exception\VerifyAuthenticationException;
|
||||||
|
use Shlinkio\Shlink\Rest\Service\ApiKeyServiceInterface;
|
||||||
|
use Shlinkio\Shlink\Rest\Util\RestUtils;
|
||||||
|
use Zend\I18n\Translator\TranslatorInterface;
|
||||||
|
|
||||||
class ApiKeyHeaderPlugin implements AuthenticationPluginInterface
|
class ApiKeyHeaderPlugin implements AuthenticationPluginInterface
|
||||||
{
|
{
|
||||||
public const HEADER_NAME = 'X-Api-Key';
|
public const HEADER_NAME = 'X-Api-Key';
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @var ApiKeyServiceInterface
|
||||||
|
*/
|
||||||
|
private $apiKeyService;
|
||||||
|
/**
|
||||||
|
* @var TranslatorInterface
|
||||||
|
*/
|
||||||
|
private $translator;
|
||||||
|
|
||||||
|
public function __construct(ApiKeyServiceInterface $apiKeyService, TranslatorInterface $translator)
|
||||||
|
{
|
||||||
|
$this->apiKeyService = $apiKeyService;
|
||||||
|
$this->translator = $translator;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @throws VerifyAuthenticationException
|
* @throws VerifyAuthenticationException
|
||||||
*/
|
*/
|
||||||
public function verify(ServerRequestInterface $request): void
|
public function verify(ServerRequestInterface $request): void
|
||||||
{
|
{
|
||||||
// TODO: Implement check() method.
|
$apiKey = $request->getHeaderLine(self::HEADER_NAME);
|
||||||
|
if ($this->apiKeyService->check($apiKey)) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
throw VerifyAuthenticationException::withError(
|
||||||
|
RestUtils::INVALID_API_KEY_ERROR,
|
||||||
|
$this->translator->translate('Provided API key does not exist or is invalid.')
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function update(ServerRequestInterface $request, ResponseInterface $response): ResponseInterface
|
public function update(ServerRequestInterface $request, ResponseInterface $response): ResponseInterface
|
||||||
|
@ -0,0 +1,78 @@
|
|||||||
|
<?php
|
||||||
|
declare(strict_types=1);
|
||||||
|
|
||||||
|
namespace ShlinkioTest\Shlink\Rest\Authentication\Plugin;
|
||||||
|
|
||||||
|
use PHPUnit\Framework\TestCase;
|
||||||
|
use Prophecy\Prophecy\ObjectProphecy;
|
||||||
|
use Psr\Http\Message\ServerRequestInterface;
|
||||||
|
use Shlinkio\Shlink\Rest\Authentication\Plugin\ApiKeyHeaderPlugin;
|
||||||
|
use Shlinkio\Shlink\Rest\Exception\VerifyAuthenticationException;
|
||||||
|
use Shlinkio\Shlink\Rest\Service\ApiKeyServiceInterface;
|
||||||
|
use Zend\Diactoros\Response;
|
||||||
|
use Zend\Diactoros\ServerRequestFactory;
|
||||||
|
use Zend\I18n\Translator\Translator;
|
||||||
|
|
||||||
|
class ApiKeyHeaderPluginTest extends TestCase
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* @var ApiKeyHeaderPlugin
|
||||||
|
*/
|
||||||
|
private $plugin;
|
||||||
|
/**
|
||||||
|
* @var ObjectProphecy
|
||||||
|
*/
|
||||||
|
private $apiKeyService;
|
||||||
|
|
||||||
|
public function setUp()
|
||||||
|
{
|
||||||
|
$this->apiKeyService = $this->prophesize(ApiKeyServiceInterface::class);
|
||||||
|
$this->plugin = new ApiKeyHeaderPlugin($this->apiKeyService->reveal(), Translator::factory([]));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @test
|
||||||
|
*/
|
||||||
|
public function verifyThrowsExceptionWhenApiKeyIsNotValid()
|
||||||
|
{
|
||||||
|
$apiKey = 'abc-ABC';
|
||||||
|
$check = $this->apiKeyService->check($apiKey)->willReturn(false);
|
||||||
|
$check->shouldBeCalledTimes(1);
|
||||||
|
|
||||||
|
$this->expectException(VerifyAuthenticationException::class);
|
||||||
|
$this->expectExceptionMessage('Provided API key does not exist or is invalid');
|
||||||
|
|
||||||
|
$this->plugin->verify($this->createRequest($apiKey));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @test
|
||||||
|
*/
|
||||||
|
public function verifyDoesNotThrowExceptionWhenApiKeyIsValid()
|
||||||
|
{
|
||||||
|
$apiKey = 'abc-ABC';
|
||||||
|
$check = $this->apiKeyService->check($apiKey)->willReturn(true);
|
||||||
|
|
||||||
|
$this->plugin->verify($this->createRequest($apiKey));
|
||||||
|
|
||||||
|
$check->shouldHaveBeenCalledTimes(1);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @test
|
||||||
|
*/
|
||||||
|
public function updateReturnsResponseAsIs()
|
||||||
|
{
|
||||||
|
$apiKey = 'abc-ABC';
|
||||||
|
$response = new Response();
|
||||||
|
|
||||||
|
$returnedResponse = $this->plugin->update($this->createRequest($apiKey), $response);
|
||||||
|
|
||||||
|
$this->assertSame($response, $returnedResponse);
|
||||||
|
}
|
||||||
|
|
||||||
|
private function createRequest(string $apiKey): ServerRequestInterface
|
||||||
|
{
|
||||||
|
return ServerRequestFactory::fromGlobals()->withHeader(ApiKeyHeaderPlugin::HEADER_NAME, $apiKey);
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user