mirror of
https://github.com/shlinkio/shlink.git
synced 2025-02-25 18:45:27 -06:00
Renamed CheckAuthenticationMiddleware to just AuthenticationMiddleware
This commit is contained in:
Alejandro Celaya
@@ -39,7 +39,7 @@ return [
|
|||||||
Rest\Middleware\CrossDomainMiddleware::class,
|
Rest\Middleware\CrossDomainMiddleware::class,
|
||||||
Expressive\Router\Middleware\ImplicitOptionsMiddleware::class,
|
Expressive\Router\Middleware\ImplicitOptionsMiddleware::class,
|
||||||
Rest\Middleware\BodyParserMiddleware::class,
|
Rest\Middleware\BodyParserMiddleware::class,
|
||||||
Rest\Middleware\CheckAuthenticationMiddleware::class,
|
Rest\Middleware\AuthenticationMiddleware::class,
|
||||||
],
|
],
|
||||||
'priority' => 5,
|
'priority' => 5,
|
||||||
],
|
],
|
||||||
|
|||||||
@@ -27,7 +27,7 @@
|
|||||||
"description": "A valid shlink API key",
|
"description": "A valid shlink API key",
|
||||||
"type": "apiKey",
|
"type": "apiKey",
|
||||||
"in": "header",
|
"in": "header",
|
||||||
"name": "X-API-KEY"
|
"name": "X-Api-Key"
|
||||||
},
|
},
|
||||||
"Bearer": {
|
"Bearer": {
|
||||||
"description": "**[Deprecated]** The JWT identifying a previously authenticated API key",
|
"description": "**[Deprecated]** The JWT identifying a previously authenticated API key",
|
||||||
|
|||||||
@@ -35,7 +35,7 @@ return [
|
|||||||
Middleware\BodyParserMiddleware::class => InvokableFactory::class,
|
Middleware\BodyParserMiddleware::class => InvokableFactory::class,
|
||||||
Middleware\CrossDomainMiddleware::class => InvokableFactory::class,
|
Middleware\CrossDomainMiddleware::class => InvokableFactory::class,
|
||||||
Middleware\PathVersionMiddleware::class => InvokableFactory::class,
|
Middleware\PathVersionMiddleware::class => InvokableFactory::class,
|
||||||
Middleware\CheckAuthenticationMiddleware::class => ConfigAbstractFactory::class,
|
Middleware\AuthenticationMiddleware::class => ConfigAbstractFactory::class,
|
||||||
Middleware\ShortUrl\CreateShortUrlContentNegotiationMiddleware::class => InvokableFactory::class,
|
Middleware\ShortUrl\CreateShortUrlContentNegotiationMiddleware::class => InvokableFactory::class,
|
||||||
Middleware\ShortUrl\ShortCodePathMiddleware::class => InvokableFactory::class,
|
Middleware\ShortUrl\ShortCodePathMiddleware::class => InvokableFactory::class,
|
||||||
],
|
],
|
||||||
@@ -92,7 +92,7 @@ return [
|
|||||||
Action\Tag\CreateTagsAction::class => [Service\Tag\TagService::class, LoggerInterface::class],
|
Action\Tag\CreateTagsAction::class => [Service\Tag\TagService::class, LoggerInterface::class],
|
||||||
Action\Tag\UpdateTagAction::class => [Service\Tag\TagService::class, Translator::class, LoggerInterface::class],
|
Action\Tag\UpdateTagAction::class => [Service\Tag\TagService::class, Translator::class, LoggerInterface::class],
|
||||||
|
|
||||||
Middleware\CheckAuthenticationMiddleware::class => [
|
Middleware\AuthenticationMiddleware::class => [
|
||||||
Authentication\JWTService::class,
|
Authentication\JWTService::class,
|
||||||
'translator',
|
'translator',
|
||||||
'config.auth.routes_whitelist',
|
'config.auth.routes_whitelist',
|
||||||
|
|||||||
@@ -3,6 +3,7 @@ declare(strict_types=1);
|
|||||||
|
|
||||||
namespace Shlinkio\Shlink\Rest\Middleware;
|
namespace Shlinkio\Shlink\Rest\Middleware;
|
||||||
|
|
||||||
|
use Fig\Http\Message\RequestMethodInterface;
|
||||||
use Fig\Http\Message\StatusCodeInterface;
|
use Fig\Http\Message\StatusCodeInterface;
|
||||||
use Psr\Http\Message\ResponseInterface as Response;
|
use Psr\Http\Message\ResponseInterface as Response;
|
||||||
use Psr\Http\Message\ServerRequestInterface as Request;
|
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||||
@@ -18,9 +19,10 @@ use Zend\Expressive\Router\RouteResult;
|
|||||||
use Zend\I18n\Translator\TranslatorInterface;
|
use Zend\I18n\Translator\TranslatorInterface;
|
||||||
use Zend\Stdlib\ErrorHandler;
|
use Zend\Stdlib\ErrorHandler;
|
||||||
|
|
||||||
class CheckAuthenticationMiddleware implements MiddlewareInterface, StatusCodeInterface
|
class AuthenticationMiddleware implements MiddlewareInterface, StatusCodeInterface, RequestMethodInterface
|
||||||
{
|
{
|
||||||
public const AUTHORIZATION_HEADER = 'Authorization';
|
public const AUTHORIZATION_HEADER = 'Authorization';
|
||||||
|
public const API_KEY_HEADER = 'X-Api-Key';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var TranslatorInterface
|
* @var TranslatorInterface
|
||||||
@@ -64,12 +66,11 @@ class CheckAuthenticationMiddleware implements MiddlewareInterface, StatusCodeIn
|
|||||||
*/
|
*/
|
||||||
public function process(Request $request, RequestHandlerInterface $handler): Response
|
public function process(Request $request, RequestHandlerInterface $handler): Response
|
||||||
{
|
{
|
||||||
// If current route is the authenticate route or an OPTIONS request, continue to the next middleware
|
|
||||||
/** @var RouteResult|null $routeResult */
|
/** @var RouteResult|null $routeResult */
|
||||||
$routeResult = $request->getAttribute(RouteResult::class);
|
$routeResult = $request->getAttribute(RouteResult::class);
|
||||||
if ($routeResult === null
|
if ($routeResult === null
|
||||||
|| $routeResult->isFailure()
|
|| $routeResult->isFailure()
|
||||||
|| $request->getMethod() === 'OPTIONS'
|
|| $request->getMethod() === self::METHOD_OPTIONS
|
||||||
|| \in_array($routeResult->getMatchedRouteName(), $this->routesWhitelist, true)
|
|| \in_array($routeResult->getMatchedRouteName(), $this->routesWhitelist, true)
|
||||||
) {
|
) {
|
||||||
return $handler->handle($request);
|
return $handler->handle($request);
|
||||||
@@ -9,7 +9,7 @@ use Prophecy\Prophecy\ObjectProphecy;
|
|||||||
use Psr\Http\Server\RequestHandlerInterface;
|
use Psr\Http\Server\RequestHandlerInterface;
|
||||||
use Shlinkio\Shlink\Rest\Action\AuthenticateAction;
|
use Shlinkio\Shlink\Rest\Action\AuthenticateAction;
|
||||||
use Shlinkio\Shlink\Rest\Authentication\JWTService;
|
use Shlinkio\Shlink\Rest\Authentication\JWTService;
|
||||||
use Shlinkio\Shlink\Rest\Middleware\CheckAuthenticationMiddleware;
|
use Shlinkio\Shlink\Rest\Middleware\AuthenticationMiddleware;
|
||||||
use ShlinkioTest\Shlink\Common\Util\TestUtils;
|
use ShlinkioTest\Shlink\Common\Util\TestUtils;
|
||||||
use Zend\Diactoros\Response;
|
use Zend\Diactoros\Response;
|
||||||
use Zend\Diactoros\ServerRequestFactory;
|
use Zend\Diactoros\ServerRequestFactory;
|
||||||
@@ -18,10 +18,10 @@ use Zend\Expressive\Router\RouteResult;
|
|||||||
use Zend\I18n\Translator\Translator;
|
use Zend\I18n\Translator\Translator;
|
||||||
use function Zend\Stratigility\middleware;
|
use function Zend\Stratigility\middleware;
|
||||||
|
|
||||||
class CheckAuthenticationMiddlewareTest extends TestCase
|
class AuthenticationMiddlewareTest extends TestCase
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
* @var CheckAuthenticationMiddleware
|
* @var AuthenticationMiddleware
|
||||||
*/
|
*/
|
||||||
protected $middleware;
|
protected $middleware;
|
||||||
/**
|
/**
|
||||||
@@ -37,7 +37,7 @@ class CheckAuthenticationMiddlewareTest extends TestCase
|
|||||||
public function setUp()
|
public function setUp()
|
||||||
{
|
{
|
||||||
$this->jwtService = $this->prophesize(JWTService::class);
|
$this->jwtService = $this->prophesize(JWTService::class);
|
||||||
$this->middleware = new CheckAuthenticationMiddleware($this->jwtService->reveal(), Translator::factory([]), [
|
$this->middleware = new AuthenticationMiddleware($this->jwtService->reveal(), Translator::factory([]), [
|
||||||
AuthenticateAction::class,
|
AuthenticateAction::class,
|
||||||
]);
|
]);
|
||||||
$this->dummyMiddleware = middleware(function () {
|
$this->dummyMiddleware = middleware(function () {
|
||||||
@@ -116,7 +116,7 @@ class CheckAuthenticationMiddlewareTest extends TestCase
|
|||||||
$request = ServerRequestFactory::fromGlobals()->withAttribute(
|
$request = ServerRequestFactory::fromGlobals()->withAttribute(
|
||||||
RouteResult::class,
|
RouteResult::class,
|
||||||
RouteResult::fromRoute(new Route('bar', $this->dummyMiddleware), [])
|
RouteResult::fromRoute(new Route('bar', $this->dummyMiddleware), [])
|
||||||
)->withHeader(CheckAuthenticationMiddleware::AUTHORIZATION_HEADER, $authToken);
|
)->withHeader(AuthenticationMiddleware::AUTHORIZATION_HEADER, $authToken);
|
||||||
|
|
||||||
$response = $this->middleware->process($request, TestUtils::createReqHandlerMock()->reveal());
|
$response = $this->middleware->process($request, TestUtils::createReqHandlerMock()->reveal());
|
||||||
|
|
||||||
@@ -133,7 +133,7 @@ class CheckAuthenticationMiddlewareTest extends TestCase
|
|||||||
$request = ServerRequestFactory::fromGlobals()->withAttribute(
|
$request = ServerRequestFactory::fromGlobals()->withAttribute(
|
||||||
RouteResult::class,
|
RouteResult::class,
|
||||||
RouteResult::fromRoute(new Route('bar', $this->dummyMiddleware), [])
|
RouteResult::fromRoute(new Route('bar', $this->dummyMiddleware), [])
|
||||||
)->withHeader(CheckAuthenticationMiddleware::AUTHORIZATION_HEADER, 'Basic ' . $authToken);
|
)->withHeader(AuthenticationMiddleware::AUTHORIZATION_HEADER, 'Basic ' . $authToken);
|
||||||
|
|
||||||
$response = $this->middleware->process($request, TestUtils::createReqHandlerMock()->reveal());
|
$response = $this->middleware->process($request, TestUtils::createReqHandlerMock()->reveal());
|
||||||
|
|
||||||
@@ -152,7 +152,7 @@ class CheckAuthenticationMiddlewareTest extends TestCase
|
|||||||
$request = ServerRequestFactory::fromGlobals()->withAttribute(
|
$request = ServerRequestFactory::fromGlobals()->withAttribute(
|
||||||
RouteResult::class,
|
RouteResult::class,
|
||||||
RouteResult::fromRoute(new Route('bar', $this->dummyMiddleware), [])
|
RouteResult::fromRoute(new Route('bar', $this->dummyMiddleware), [])
|
||||||
)->withHeader(CheckAuthenticationMiddleware::AUTHORIZATION_HEADER, 'Bearer ' . $authToken);
|
)->withHeader(AuthenticationMiddleware::AUTHORIZATION_HEADER, 'Bearer ' . $authToken);
|
||||||
$this->jwtService->verify($authToken)->willReturn(false)->shouldBeCalledTimes(1);
|
$this->jwtService->verify($authToken)->willReturn(false)->shouldBeCalledTimes(1);
|
||||||
|
|
||||||
$response = $this->middleware->process($request, TestUtils::createReqHandlerMock()->reveal());
|
$response = $this->middleware->process($request, TestUtils::createReqHandlerMock()->reveal());
|
||||||
@@ -168,7 +168,7 @@ class CheckAuthenticationMiddlewareTest extends TestCase
|
|||||||
$request = ServerRequestFactory::fromGlobals()->withAttribute(
|
$request = ServerRequestFactory::fromGlobals()->withAttribute(
|
||||||
RouteResult::class,
|
RouteResult::class,
|
||||||
RouteResult::fromRoute(new Route('bar', $this->dummyMiddleware), [])
|
RouteResult::fromRoute(new Route('bar', $this->dummyMiddleware), [])
|
||||||
)->withHeader(CheckAuthenticationMiddleware::AUTHORIZATION_HEADER, 'bearer ' . $authToken);
|
)->withHeader(AuthenticationMiddleware::AUTHORIZATION_HEADER, 'bearer ' . $authToken);
|
||||||
$this->jwtService->verify($authToken)->willReturn(true)->shouldBeCalledTimes(1);
|
$this->jwtService->verify($authToken)->willReturn(true)->shouldBeCalledTimes(1);
|
||||||
$this->jwtService->refresh($authToken)->willReturn($authToken)->shouldBeCalledTimes(1);
|
$this->jwtService->refresh($authToken)->willReturn($authToken)->shouldBeCalledTimes(1);
|
||||||
|
|
||||||
@@ -178,6 +178,6 @@ class CheckAuthenticationMiddlewareTest extends TestCase
|
|||||||
$resp = $this->middleware->process($request, $delegate->reveal());
|
$resp = $this->middleware->process($request, $delegate->reveal());
|
||||||
|
|
||||||
$process->shouldHaveBeenCalledTimes(1);
|
$process->shouldHaveBeenCalledTimes(1);
|
||||||
$this->assertArrayHasKey(CheckAuthenticationMiddleware::AUTHORIZATION_HEADER, $resp->getHeaders());
|
$this->assertArrayHasKey(AuthenticationMiddleware::AUTHORIZATION_HEADER, $resp->getHeaders());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
Reference in New Issue
Block a user