OilfieldToolsNet/shlink
4
0
Fork 0
mirror of https://github.com/shlinkio/shlink.git synced 2025-02-25 18:45:27 -06:00
Code Issues Packages Projects Releases Wiki Activity

Migrated CheckAuthenticationMiddleware to psr-15 middleware

Browse Source
This commit is contained in:
Alejandro Celaya
2017-03-25 09:37:13 +01:00
parent 22c76df8e6
commit 9bd18ee041
2 changed files with 53 additions and 70 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
module/Rest/src/Middleware/CheckAuthenticationMiddleware.php
View File

@@ -2,6 +2,9 @@
namespace Shlinkio\Shlink\Rest\Middleware; namespace Shlinkio\Shlink\Rest\Middleware;
use Acelaya\ZsmAnnotatedServices\Annotation\Inject; use Acelaya\ZsmAnnotatedServices\Annotation\Inject;
use Fig\Http\Message\StatusCodeInterface;
use Interop\Http\ServerMiddleware\DelegateInterface;
use Interop\Http\ServerMiddleware\MiddlewareInterface;
use Psr\Http\Message\ResponseInterface as Response; use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request; use Psr\Http\Message\ServerRequestInterface as Request;
use Psr\Log\LoggerInterface; use Psr\Log\LoggerInterface;
@@ -14,9 +17,8 @@ use Zend\Diactoros\Response\JsonResponse;
use Zend\Expressive\Router\RouteResult; use Zend\Expressive\Router\RouteResult;
use Zend\I18n\Translator\TranslatorInterface; use Zend\I18n\Translator\TranslatorInterface;
use Zend\Stdlib\ErrorHandler; use Zend\Stdlib\ErrorHandler;
use Zend\Stratigility\MiddlewareInterface;
class CheckAuthenticationMiddleware implements MiddlewareInterface class CheckAuthenticationMiddleware implements MiddlewareInterface, StatusCodeInterface
{ {
const AUTHORIZATION_HEADER = 'Authorization'; const AUTHORIZATION_HEADER = 'Authorization';
@@ -52,31 +54,15 @@ class CheckAuthenticationMiddleware implements MiddlewareInterface
} }
/** /**
* Process an incoming request and/or response. * Process an incoming server request and return a response, optionally delegating
* * to the next middleware component to create the response.
* Accepts a server-side request and a response instance, and does
* something with them.
*
* If the response is not complete and/or further processing would not
* interfere with the work done in the middleware, or if the middleware
* wants to delegate to another process, it can use the `$out` callable
* if present.
*
* If the middleware does not return a value, execution of the current
* request is considered complete, and the response instance provided will
* be considered the response to return.
*
* Alternately, the middleware may return a response instance.
*
* Often, middleware will `return $out();`, with the assumption that a
* later middleware will return a response.
* *
* @param Request $request * @param Request $request
* @param Response $response * @param DelegateInterface $delegate
* @param null|callable $out *
* @return null|Response * @return Response
*/ */
public function __invoke(Request $request, Response $response, callable $out = null) public function process(Request $request, DelegateInterface $delegate)
{ {
// If current route is the authenticate route or an OPTIONS request, continue to the next middleware // If current route is the authenticate route or an OPTIONS request, continue to the next middleware
/** @var RouteResult $routeResult */ /** @var RouteResult $routeResult */
@@ -86,7 +72,7 @@ class CheckAuthenticationMiddleware implements MiddlewareInterface
|| $routeResult->getMatchedRouteName() === 'rest-authenticate' || $routeResult->getMatchedRouteName() === 'rest-authenticate'
|| $request->getMethod() === 'OPTIONS' || $request->getMethod() === 'OPTIONS'
) { ) {
return $out($request, $response); return $delegate->process($request);
} }
// Check that the auth header was provided, and that it belongs to a non-expired token // Check that the auth header was provided, and that it belongs to a non-expired token
@@ -103,7 +89,7 @@ class CheckAuthenticationMiddleware implements MiddlewareInterface
'message' => sprintf($this->translator->translate( 'message' => sprintf($this->translator->translate(
'You need to provide the Bearer type in the %s header.' 'You need to provide the Bearer type in the %s header.'
), self::AUTHORIZATION_HEADER), ), self::AUTHORIZATION_HEADER),
], 401); ], self::STATUS_UNAUTHORIZED);
} }
// Make sure the authorization type is Bearer // Make sure the authorization type is Bearer
@@ -114,7 +100,7 @@ class CheckAuthenticationMiddleware implements MiddlewareInterface
'message' => sprintf($this->translator->translate( 'message' => sprintf($this->translator->translate(
'Provided authorization type %s is not supported. Use Bearer instead.' 'Provided authorization type %s is not supported. Use Bearer instead.'
), $authType), ), $authType),
], 401); ], self::STATUS_UNAUTHORIZED);
} }
try { try {
@@ -126,8 +112,7 @@ class CheckAuthenticationMiddleware implements MiddlewareInterface
// Update the token expiration and continue to next middleware // Update the token expiration and continue to next middleware
$jwt = $this->jwtService->refresh($jwt); $jwt = $this->jwtService->refresh($jwt);
/** @var Response $response */ $response = $delegate->process($request);
$response = $out($request, $response);
// Return the response with the updated token on it // Return the response with the updated token on it
return $response->withHeader(self::AUTHORIZATION_HEADER, 'Bearer ' . $jwt); return $response->withHeader(self::AUTHORIZATION_HEADER, 'Bearer ' . $jwt);
@@ -150,6 +135,6 @@ class CheckAuthenticationMiddleware implements MiddlewareInterface
), ),
self::AUTHORIZATION_HEADER self::AUTHORIZATION_HEADER
), ),
], 401); ], self::STATUS_UNAUTHORIZED);
} }
} }

78
module/Rest/test/Middleware/CheckAuthenticationMiddlewareTest.php
View File

@@ -1,10 +1,13 @@
<?php <?php
namespace ShlinkioTest\Shlink\Rest\Middleware; namespace ShlinkioTest\Shlink\Rest\Middleware;
use Interop\Http\ServerMiddleware\DelegateInterface;
use PHPUnit\Framework\TestCase; use PHPUnit\Framework\TestCase;
use Prophecy\Prophecy\MethodProphecy;
use Prophecy\Prophecy\ObjectProphecy; use Prophecy\Prophecy\ObjectProphecy;
use Shlinkio\Shlink\Rest\Authentication\JWTService; use Shlinkio\Shlink\Rest\Authentication\JWTService;
use Shlinkio\Shlink\Rest\Middleware\CheckAuthenticationMiddleware; use Shlinkio\Shlink\Rest\Middleware\CheckAuthenticationMiddleware;
use ShlinkioTest\Shlink\Common\Util\TestUtils;
use Zend\Diactoros\Response; use Zend\Diactoros\Response;
use Zend\Diactoros\ServerRequestFactory; use Zend\Diactoros\ServerRequestFactory;
use Zend\Expressive\Router\Route; use Zend\Expressive\Router\Route;
@@ -34,49 +37,42 @@ class CheckAuthenticationMiddlewareTest extends TestCase
public function someWhiteListedSituationsFallbackToNextMiddleware() public function someWhiteListedSituationsFallbackToNextMiddleware()
{ {
$request = ServerRequestFactory::fromGlobals(); $request = ServerRequestFactory::fromGlobals();
$response = new Response(); $delegate = $this->prophesize(DelegateInterface::class);
$isCalled = false; /** @var MethodProphecy $process */
$this->assertFalse($isCalled); $process = $delegate->process($request)->willReturn(new Response());
$this->middleware->__invoke($request, $response, function ($req, $resp) use (&$isCalled) {
$isCalled = true; $this->middleware->process($request, $delegate->reveal());
}); $process->shouldHaveBeenCalledTimes(1);
$this->assertTrue($isCalled);
$request = ServerRequestFactory::fromGlobals()->withAttribute( $request = ServerRequestFactory::fromGlobals()->withAttribute(
RouteResult::class, RouteResult::class,
RouteResult::fromRouteFailure(['GET']) RouteResult::fromRouteFailure(['GET'])
); );
$response = new Response(); $delegate = $this->prophesize(DelegateInterface::class);
$isCalled = false; /** @var MethodProphecy $process */
$this->assertFalse($isCalled); $process = $delegate->process($request)->willReturn(new Response());
$this->middleware->__invoke($request, $response, function ($req, $resp) use (&$isCalled) { $this->middleware->process($request, $delegate->reveal());
$isCalled = true; $process->shouldHaveBeenCalledTimes(1);
});
$this->assertTrue($isCalled);
$request = ServerRequestFactory::fromGlobals()->withAttribute( $request = ServerRequestFactory::fromGlobals()->withAttribute(
RouteResult::class, RouteResult::class,
RouteResult::fromRoute(new Route('foo', '', Route::HTTP_METHOD_ANY, 'rest-authenticate'), []) RouteResult::fromRoute(new Route('foo', '', Route::HTTP_METHOD_ANY, 'rest-authenticate'), [])
); );
$response = new Response(); $delegate = $this->prophesize(DelegateInterface::class);
$isCalled = false; /** @var MethodProphecy $process */
$this->assertFalse($isCalled); $process = $delegate->process($request)->willReturn(new Response());
$this->middleware->__invoke($request, $response, function ($req, $resp) use (&$isCalled) { $this->middleware->process($request, $delegate->reveal());
$isCalled = true; $process->shouldHaveBeenCalledTimes(1);
});
$this->assertTrue($isCalled);
$request = ServerRequestFactory::fromGlobals()->withAttribute( $request = ServerRequestFactory::fromGlobals()->withAttribute(
RouteResult::class, RouteResult::class,
RouteResult::fromRoute(new Route('bar', 'foo'), []) RouteResult::fromRoute(new Route('bar', 'foo'), [])
)->withMethod('OPTIONS'); )->withMethod('OPTIONS');
$response = new Response(); $delegate = $this->prophesize(DelegateInterface::class);
$isCalled = false; /** @var MethodProphecy $process */
$this->assertFalse($isCalled); $process = $delegate->process($request)->willReturn(new Response());
$this->middleware->__invoke($request, $response, function ($req, $resp) use (&$isCalled) { $this->middleware->process($request, $delegate->reveal());
$isCalled = true; $process->shouldHaveBeenCalledTimes(1);
});
$this->assertTrue($isCalled);
} }
/** /**
@@ -88,7 +84,7 @@ class CheckAuthenticationMiddlewareTest extends TestCase
RouteResult::class, RouteResult::class,
RouteResult::fromRoute(new Route('bar', 'foo'), []) RouteResult::fromRoute(new Route('bar', 'foo'), [])
); );
$response = $this->middleware->__invoke($request, new Response()); $response = $this->middleware->process($request, TestUtils::createDelegateMock()->reveal());
$this->assertEquals(401, $response->getStatusCode()); $this->assertEquals(401, $response->getStatusCode());
} }
@@ -103,7 +99,8 @@ class CheckAuthenticationMiddlewareTest extends TestCase
RouteResult::fromRoute(new Route('bar', 'foo'), []) RouteResult::fromRoute(new Route('bar', 'foo'), [])
)->withHeader(CheckAuthenticationMiddleware::AUTHORIZATION_HEADER, $authToken); )->withHeader(CheckAuthenticationMiddleware::AUTHORIZATION_HEADER, $authToken);
$response = $this->middleware->__invoke($request, new Response()); $response = $this->middleware->process($request, TestUtils::createDelegateMock()->reveal());
$this->assertEquals(401, $response->getStatusCode()); $this->assertEquals(401, $response->getStatusCode());
$this->assertTrue(strpos($response->getBody()->getContents(), 'You need to provide the Bearer type') > 0); $this->assertTrue(strpos($response->getBody()->getContents(), 'You need to provide the Bearer type') > 0);
} }
@@ -119,7 +116,8 @@ class CheckAuthenticationMiddlewareTest extends TestCase
RouteResult::fromRoute(new Route('bar', 'foo'), []) RouteResult::fromRoute(new Route('bar', 'foo'), [])
)->withHeader(CheckAuthenticationMiddleware::AUTHORIZATION_HEADER, 'Basic ' . $authToken); )->withHeader(CheckAuthenticationMiddleware::AUTHORIZATION_HEADER, 'Basic ' . $authToken);
$response = $this->middleware->__invoke($request, new Response()); $response = $this->middleware->process($request, TestUtils::createDelegateMock()->reveal());
$this->assertEquals(401, $response->getStatusCode()); $this->assertEquals(401, $response->getStatusCode());
$this->assertTrue( $this->assertTrue(
strpos($response->getBody()->getContents(), 'Provided authorization type Basic is not supported') > 0 strpos($response->getBody()->getContents(), 'Provided authorization type Basic is not supported') > 0
@@ -138,14 +136,14 @@ class CheckAuthenticationMiddlewareTest extends TestCase
)->withHeader(CheckAuthenticationMiddleware::AUTHORIZATION_HEADER, 'Bearer ' . $authToken); )->withHeader(CheckAuthenticationMiddleware::AUTHORIZATION_HEADER, 'Bearer ' . $authToken);
$this->jwtService->verify($authToken)->willReturn(false)->shouldBeCalledTimes(1); $this->jwtService->verify($authToken)->willReturn(false)->shouldBeCalledTimes(1);
$response = $this->middleware->__invoke($request, new Response()); $response = $this->middleware->process($request, TestUtils::createDelegateMock()->reveal());
$this->assertEquals(401, $response->getStatusCode()); $this->assertEquals(401, $response->getStatusCode());
} }
/** /**
* @test * @test
*/ */
public function provideCorrectTokenUpdatesExpirationAndFallbacksToNextMiddleware() public function provideCorrectTokenUpdatesExpirationAndFallsBackToNextMiddleware()
{ {
$authToken = 'ABC-abc'; $authToken = 'ABC-abc';
$request = ServerRequestFactory::fromGlobals()->withAttribute( $request = ServerRequestFactory::fromGlobals()->withAttribute(
@@ -155,12 +153,12 @@ class CheckAuthenticationMiddlewareTest extends TestCase
$this->jwtService->verify($authToken)->willReturn(true)->shouldBeCalledTimes(1); $this->jwtService->verify($authToken)->willReturn(true)->shouldBeCalledTimes(1);
$this->jwtService->refresh($authToken)->willReturn($authToken)->shouldBeCalledTimes(1); $this->jwtService->refresh($authToken)->willReturn($authToken)->shouldBeCalledTimes(1);
$isCalled = false; $delegate = $this->prophesize(DelegateInterface::class);
$this->assertFalse($isCalled); /** @var MethodProphecy $process */
$this->middleware->__invoke($request, new Response(), function ($req, $resp) use (&$isCalled) { $process = $delegate->process($request)->willReturn(new Response());
$isCalled = true; $resp = $this->middleware->process($request, $delegate->reveal());
return $resp;
}); $process->shouldHaveBeenCalledTimes(1);
$this->assertTrue($isCalled); $this->assertArrayHasKey(CheckAuthenticationMiddleware::AUTHORIZATION_HEADER, $resp->getHeaders());
} }
} }