OilfieldToolsNet/shlink
4
0
Fork 0
mirror of https://github.com/shlinkio/shlink.git synced 2025-02-25 18:45:27 -06:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1027 from acelaya-forks/feature/remove-non-inclusive-terms

Browse Source 
Feature/remove non inclusive terms
This commit is contained in:
Alejandro Celaya 2021-02-16 17:31:37 +01:00 committed by GitHub
commit 81eb2684bf
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 14 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG.md
View File

@ -9,7 +9,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com), and this
* *Nothing* * *Nothing*
### Changed ### Changed
* *Nothing* * [#1026](https://github.com/shlinkio/shlink/issues/1026) Removed non-inclusive terms from source code.
### Deprecated ### Deprecated
* *Nothing* * *Nothing*

4
module/Rest/config/auth.config.php
View File

@ -9,7 +9,7 @@ use Laminas\ServiceManager\AbstractFactory\ConfigAbstractFactory;
return [ return [
'auth' => [ 'auth' => [
'routes_whitelist' => [ 'routes_without_api_key' => [
Action\HealthAction::class, Action\HealthAction::class,
ConfigProvider::UNVERSIONED_HEALTH_ENDPOINT_NAME, ConfigProvider::UNVERSIONED_HEALTH_ENDPOINT_NAME,
], ],
@ -28,7 +28,7 @@ return [
ConfigAbstractFactory::class => [ ConfigAbstractFactory::class => [
Middleware\AuthenticationMiddleware::class => [ Middleware\AuthenticationMiddleware::class => [
Service\ApiKeyService::class, Service\ApiKeyService::class,
'config.auth.routes_whitelist', 'config.auth.routes_without_api_key',
'config.auth.routes_with_query_api_key', 'config.auth.routes_with_query_api_key',
], ],
], ],

8
module/Rest/src/Middleware/AuthenticationMiddleware.php
View File

@ -24,16 +24,16 @@ class AuthenticationMiddleware implements MiddlewareInterface, StatusCodeInterfa
public const API_KEY_HEADER = 'X-Api-Key'; public const API_KEY_HEADER = 'X-Api-Key';
private ApiKeyServiceInterface $apiKeyService; private ApiKeyServiceInterface $apiKeyService;
private array $routesWhitelist; private array $routesWithoutApiKey;
private array $routesWithQueryApiKey; private array $routesWithQueryApiKey;
public function __construct( public function __construct(
ApiKeyServiceInterface $apiKeyService, ApiKeyServiceInterface $apiKeyService,
array $routesWhitelist, array $routesWithoutApiKey,
array $routesWithQueryApiKey array $routesWithQueryApiKey
) { ) {
$this->apiKeyService = $apiKeyService; $this->apiKeyService = $apiKeyService;
$this->routesWhitelist = $routesWhitelist; $this->routesWithoutApiKey = $routesWithoutApiKey;
$this->routesWithQueryApiKey = $routesWithQueryApiKey; $this->routesWithQueryApiKey = $routesWithQueryApiKey;
} }
@ -45,7 +45,7 @@ class AuthenticationMiddleware implements MiddlewareInterface, StatusCodeInterfa
$routeResult === null $routeResult === null
|| $routeResult->isFailure() || $routeResult->isFailure()
|| $request->getMethod() === self::METHOD_OPTIONS || $request->getMethod() === self::METHOD_OPTIONS
|| contains($this->routesWhitelist, $routeResult->getMatchedRouteName()) || contains($this->routesWithoutApiKey, $routeResult->getMatchedRouteName())
) { ) {
return $handler->handle($request); return $handler->handle($request);
} }

14
module/Rest/test/Middleware/AuthenticationMiddlewareTest.php
View File

@ -48,9 +48,9 @@ class AuthenticationMiddlewareTest extends TestCase
/** /**
* @test * @test
* @dataProvider provideWhitelistedRequests * @dataProvider provideRequestsWithoutAuth
*/ */
public function someWhiteListedSituationsFallbackToNextMiddleware(ServerRequestInterface $request): void public function someSituationsFallbackToNextMiddleware(ServerRequestInterface $request): void
{ {
$handle = $this->handler->handle($request)->willReturn(new Response()); $handle = $this->handler->handle($request)->willReturn(new Response());
$checkApiKey = $this->apiKeyService->check(Argument::any()); $checkApiKey = $this->apiKeyService->check(Argument::any());
@ -61,22 +61,22 @@ class AuthenticationMiddlewareTest extends TestCase
$checkApiKey->shouldNotHaveBeenCalled(); $checkApiKey->shouldNotHaveBeenCalled();
} }
public function provideWhitelistedRequests(): iterable public function provideRequestsWithoutAuth(): iterable
{ {
$dummyMiddleware = $this->getDummyMiddleware(); $dummyMiddleware = $this->getDummyMiddleware();
yield 'with no route result' => [new ServerRequest()]; yield 'no route result' => [new ServerRequest()];
yield 'with failure route result' => [(new ServerRequest())->withAttribute( yield 'failure route result' => [(new ServerRequest())->withAttribute(
RouteResult::class, RouteResult::class,
RouteResult::fromRouteFailure([RequestMethodInterface::METHOD_GET]), RouteResult::fromRouteFailure([RequestMethodInterface::METHOD_GET]),
)]; )];
yield 'with whitelisted route' => [(new ServerRequest())->withAttribute( yield 'route without API key required' => [(new ServerRequest())->withAttribute(
RouteResult::class, RouteResult::class,
RouteResult::fromRoute( RouteResult::fromRoute(
new Route('foo', $dummyMiddleware, Route::HTTP_METHOD_ANY, HealthAction::class), new Route('foo', $dummyMiddleware, Route::HTTP_METHOD_ANY, HealthAction::class),
), ),
)]; )];
yield 'with OPTIONS method' => [(new ServerRequest())->withAttribute( yield 'OPTIONS method' => [(new ServerRequest())->withAttribute(
RouteResult::class, RouteResult::class,
RouteResult::fromRoute(new Route('bar', $dummyMiddleware), []), RouteResult::fromRoute(new Route('bar', $dummyMiddleware), []),
)->withMethod(RequestMethodInterface::METHOD_OPTIONS)]; )->withMethod(RequestMethodInterface::METHOD_OPTIONS)];