diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ec8b58aa..15012a35 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -9,10 +9,10 @@ jobs: strategy: fail-fast: false matrix: - php-version: ['7.4', '8.0'] + php-version: ['8.0', '8.1', '8.2', '8.3'] steps: - - uses: actions/checkout@v1 + - uses: actions/checkout@v4 with: fetch-depth: 1 @@ -26,35 +26,38 @@ jobs: - name: Composer install run: | - if [[ ${{ matrix.prefer-lowest == '7.4' }} ]]; then + if [[ ${{ matrix.prefer-lowest == '8.3' }} ]]; then composer update --prefer-lowest --prefer-stable else composer install fi - name: Run PHPUnit run: | - if [[ ${{ matrix.php-version }} == '7.4' ]]; then + if [[ ${{ matrix.php-version }} == '8.3' ]]; then bin/phpunit --coverage-clover=coverage.xml else bin/phpunit fi - name: Code Coverage Report - if: success() && matrix.php-version == '7.4' - uses: codecov/codecov-action@v1 + if: success() && matrix.php-version == '8.3' + uses: codecov/codecov-action@v4 + with: + token: ${{ secrets.CODECOV_TOKEN }} + slug: phauthentic/authentication validation: name: Coding Standard & Static Analysis runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@v1 + - uses: actions/checkout@v4 with: fetch-depth: 1 - name: Setup PHP uses: shivammathur/setup-php@v2 with: - php-version: '7.4' + php-version: '8.3' extensions: json, pdo, ldap coverage: none tools: pecl diff --git a/.scrutinizer.yml b/.scrutinizer.yml index 37713244..84c5a647 100644 --- a/.scrutinizer.yml +++ b/.scrutinizer.yml @@ -3,7 +3,7 @@ build: tests-php74: environment: php: - version: '7.4' + version: '8.0' ini: phar.readonly: 'Off' pecl_extensions: @@ -18,7 +18,7 @@ build: tests-php80: environment: php: - version: '8.0' + version: '8.3' ini: phar.readonly: 'Off' pecl_extensions: diff --git a/.travis.yml b/.travis.yml index 23626c06..be0113a0 100644 --- a/.travis.yml +++ b/.travis.yml @@ -3,6 +3,9 @@ language: php php: - 7.4 - 8.0 + - 8.1 + - 8.2 + - 8.3 sudo: false diff --git a/composer.json b/composer.json index 81d3f967..578e43a8 100644 --- a/composer.json +++ b/composer.json @@ -8,21 +8,23 @@ "library" ], "require": { - "php": "^7.4|^8.0", + "php": "^8.0", + "ext-json": "*", "phauthentic/password-hashers": "^2.0", "psr/http-factory": "^1.0", "psr/http-message": "~1.0", "psr/http-server-handler": "~1.0", - "psr/http-server-middleware": "^1.0", - "ext-json": "*" + "psr/http-server-middleware": "^1.0" }, "require-dev": { "ext-pdo": "*", "dms/phpunit-arraysubset-asserts": "^0.3.0", - "firebase/php-jwt": "~4.0", + "firebase/php-jwt": "6.*", "misantron/dbunit": "dev-master", - "roave/security-advisories": "dev-master", - "laminas/laminas-diactoros": "^2.5.0" + "nyholm/psr7": "^1.8", + "phpstan/phpstan": "^1.10", + "phpunit/phpunit": "^9.5", + "squizlabs/php_codesniffer": "^3.9" }, "suggest": { "firebase/php-jwt": "If you want to use the JWT adapter add this dependency", @@ -47,15 +49,6 @@ } ], "scripts": { - "post-install-cmd": [ - "php config/composer_post_install.php" - ], - "post-update-cmd": [ - "php config/composer_post_install.php" - ], - "phive": [ - "php ./config/composer_phive.php" - ], "check": [ "@cs-check", "@test" diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 00000000..8f2952bf --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,33 @@ +version: '3.8' + +services: + php: + build: ./docker/php + container_name: phpunit-container + volumes: + - .:/app + working_dir: /app + command: "tail -f /dev/null" + depends_on: + - mysql + networks: + - phpnet + environment: + PDO_DB_DSN: "mysql:host=mysql;dbname=test" + + mysql: + image: mysql:latest + container_name: mysql-container + environment: + MYSQL_ROOT_PASSWORD: changeme + MYSQL_DATABASE: test + MYSQL_USER: test + MYSQL_PASSWORD: changeme + ports: + - "3306:3306" + networks: + - phpnet + +networks: + phpnet: + driver: bridge diff --git a/docker/php/Dockerfile b/docker/php/Dockerfile new file mode 100644 index 00000000..cc79c440 --- /dev/null +++ b/docker/php/Dockerfile @@ -0,0 +1,14 @@ +FROM php:8.3-cli + +RUN apt-get update +RUN apt-get install -y libzip-dev zip git + +RUN pear update-channels \ + && pecl update-channels \ + && pecl install xdebug redis + +RUN docker-php-ext-install pdo_mysql zip +RUN docker-php-ext-enable pdo_mysql zip redis xdebug + +# Install Composer globally +RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer diff --git a/phpunit.xml.dist b/phpunit.xml.dist index 6556ab2d..10f34f31 100644 --- a/phpunit.xml.dist +++ b/phpunit.xml.dist @@ -1,42 +1,35 @@ - - - - - - - - - - tests/TestCase/ - - - - - - - - - - - - - - - - - - - src/ - - src/Identifier/Ldap/ExtensionAdapter.php - - - - + + + + src/ + + + src/Identifier/Ldap/ExtensionAdapter.php + + + + + + + + + + + + + tests/TestCase/ + + + + + + + + + + + + + diff --git a/readme.md b/readme.md index f79600dc..8e6d7812 100644 --- a/readme.md +++ b/readme.md @@ -4,7 +4,6 @@ [![Scrutinizer Coverage](https://img.shields.io/scrutinizer/coverage/g/Phauthentic/authentication/2.0.svg?style=flat-square)](https://scrutinizer-ci.com/g/Phauthentic/authentication/?branch=2.0) [![Code Quality](https://img.shields.io/scrutinizer/g/Phauthentic/authentication/2.0.svg?style=flat-square)](https://scrutinizer-ci.com/g/Phauthentic/authentication/?branch=2.0) ![phpstan Level 8](https://img.shields.io/badge/phpstan-Level%208-brightgreen?style=flat-square) -![php 7.4](https://img.shields.io/badge/php-7.4-blue?style=flat-square) ![php 8.0](https://img.shields.io/badge/php-8.0-blue?style=flat-square) diff --git a/src/AuthenticationException.php b/src/AuthenticationException.php new file mode 100644 index 00000000..05c0fa29 --- /dev/null +++ b/src/AuthenticationException.php @@ -0,0 +1,14 @@ +isValid()) { + if ($result->isValid() === false) { if ($authenticator instanceof StatelessInterface) { $authenticator->unauthorizedChallenge($request); } diff --git a/src/AuthenticationServiceInterface.php b/src/AuthenticationServiceInterface.php index b48967be..eaab1b7e 100644 --- a/src/AuthenticationServiceInterface.php +++ b/src/AuthenticationServiceInterface.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication; use Phauthentic\Authentication\Authenticator\AuthenticatorInterface; diff --git a/src/AuthenticationServiceProviderInterface.php b/src/AuthenticationServiceProviderInterface.php index b9f75794..f0803ec9 100644 --- a/src/AuthenticationServiceProviderInterface.php +++ b/src/AuthenticationServiceProviderInterface.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication; use Psr\Http\Message\ServerRequestInterface; diff --git a/src/Authenticator/AbstractAuthenticator.php b/src/Authenticator/AbstractAuthenticator.php index 88f70b08..0df0d348 100644 --- a/src/Authenticator/AbstractAuthenticator.php +++ b/src/Authenticator/AbstractAuthenticator.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Authenticator; use Phauthentic\Authentication\Identifier\IdentifierInterface; diff --git a/src/Authenticator/AuthenticatorCollection.php b/src/Authenticator/AuthenticatorCollection.php index ce07c9c9..d9a2ca56 100644 --- a/src/Authenticator/AuthenticatorCollection.php +++ b/src/Authenticator/AuthenticatorCollection.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Authenticator; use ArrayIterator; diff --git a/src/Authenticator/AuthenticatorCollectionInterface.php b/src/Authenticator/AuthenticatorCollectionInterface.php index 33ae0e21..05396b46 100644 --- a/src/Authenticator/AuthenticatorCollectionInterface.php +++ b/src/Authenticator/AuthenticatorCollectionInterface.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Authenticator; use IteratorAggregate; diff --git a/src/Authenticator/AuthenticatorInterface.php b/src/Authenticator/AuthenticatorInterface.php index 3ff674dd..b441ea45 100644 --- a/src/Authenticator/AuthenticatorInterface.php +++ b/src/Authenticator/AuthenticatorInterface.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Authenticator; use Psr\Http\Message\ServerRequestInterface; diff --git a/src/Authenticator/CookieAuthenticator.php b/src/Authenticator/CookieAuthenticator.php index 80b3ef0c..9b07b1c6 100644 --- a/src/Authenticator/CookieAuthenticator.php +++ b/src/Authenticator/CookieAuthenticator.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Authenticator; use ArrayAccess; @@ -126,8 +128,11 @@ public function authenticate(ServerRequestInterface $request): ResultInterface * {@inheritDoc} * @throws \JsonException */ - public function persistIdentity(ServerRequestInterface $request, ResponseInterface $response, ArrayAccess $data): ResponseInterface - { + public function persistIdentity( + ServerRequestInterface $request, + ResponseInterface $response, + ArrayAccess $data + ): ResponseInterface { $field = $this->rememberMeField; $bodyData = $request->getParsedBody(); diff --git a/src/Authenticator/CredentialFieldsTrait.php b/src/Authenticator/CredentialFieldsTrait.php index 4cfc62e3..2891984d 100644 --- a/src/Authenticator/CredentialFieldsTrait.php +++ b/src/Authenticator/CredentialFieldsTrait.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Authenticator; use Phauthentic\Authentication\Identifier\IdentifierInterface; diff --git a/src/Authenticator/Exception/UnauthenticatedException.php b/src/Authenticator/Exception/UnauthenticatedException.php index a9e33306..954ea7ee 100644 --- a/src/Authenticator/Exception/UnauthenticatedException.php +++ b/src/Authenticator/Exception/UnauthenticatedException.php @@ -14,15 +14,17 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Authenticator\Exception; -use RuntimeException; +use Phauthentic\Authentication\AuthenticationException; use Throwable; /** * An exception that signals that authentication was required but missing. */ -class UnauthenticatedException extends RuntimeException implements AuthenticationExceptionInterface +class UnauthenticatedException extends AuthenticationException { /** * {@inheritDoc} diff --git a/src/Authenticator/Exception/UnauthorizedException.php b/src/Authenticator/Exception/UnauthorizedException.php index fa9a8cb4..11b66cf5 100644 --- a/src/Authenticator/Exception/UnauthorizedException.php +++ b/src/Authenticator/Exception/UnauthorizedException.php @@ -14,15 +14,17 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Authenticator\Exception; -use RuntimeException; +use Phauthentic\Authentication\AuthenticationException; use Throwable; /** * An exception that holds onto the headers/body for an unauthorized response. */ -class UnauthorizedException extends RuntimeException implements AuthenticationExceptionInterface +class UnauthorizedException extends AuthenticationException { /** * @var array diff --git a/src/Authenticator/Failure.php b/src/Authenticator/Failure.php index ecc5e779..33195f61 100644 --- a/src/Authenticator/Failure.php +++ b/src/Authenticator/Failure.php @@ -12,6 +12,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Authenticator; class Failure implements FailureInterface diff --git a/src/Authenticator/FailureInterface.php b/src/Authenticator/FailureInterface.php index b7acbc3e..97b4ee5f 100644 --- a/src/Authenticator/FailureInterface.php +++ b/src/Authenticator/FailureInterface.php @@ -12,6 +12,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Authenticator; interface FailureInterface diff --git a/src/Authenticator/FormAuthenticator.php b/src/Authenticator/FormAuthenticator.php index 2b4f52d2..b717f125 100644 --- a/src/Authenticator/FormAuthenticator.php +++ b/src/Authenticator/FormAuthenticator.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Authenticator; use Phauthentic\Authentication\Identifier\IdentifierInterface; diff --git a/src/Authenticator/HttpBasicAuthenticator.php b/src/Authenticator/HttpBasicAuthenticator.php index 2fe07687..b87ffea3 100644 --- a/src/Authenticator/HttpBasicAuthenticator.php +++ b/src/Authenticator/HttpBasicAuthenticator.php @@ -13,6 +13,8 @@ * @license http://www.opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Authenticator; use ArrayAccess; diff --git a/src/Authenticator/HttpDigestAuthenticator.php b/src/Authenticator/HttpDigestAuthenticator.php index 3bfd0d2e..0e7bc107 100644 --- a/src/Authenticator/HttpDigestAuthenticator.php +++ b/src/Authenticator/HttpDigestAuthenticator.php @@ -13,6 +13,8 @@ * @license http://www.opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Authenticator; use Phauthentic\Authentication\Identifier\IdentifierInterface; @@ -40,7 +42,6 @@ */ class HttpDigestAuthenticator extends HttpBasicAuthenticator { - /** * A string that must be returned unchanged by clients. Defaults to `md5($config['realm'])` * @@ -177,7 +178,7 @@ public function authenticate(ServerRequestInterface $request): ResultInterface * Gets the digest headers from the request/environment. * * @param \Psr\Http\Message\ServerRequestInterface $request The request that contains login information. - * @return array|null Array of digest information. + * @return array|null Array of digest information. */ protected function getDigest(ServerRequestInterface $request): ?array { @@ -214,7 +215,7 @@ protected function getDigestFromApacheHeaders(?string $digest) * Parse the digest authentication headers and split them up. * * @param string $digest The raw digest authentication headers. - * @return array|null An array of digest authentication headers + * @return array|null An array of digest authentication headers */ public function parseAuthData(string $digest): ?array { diff --git a/src/Authenticator/JwtAuthenticator.php b/src/Authenticator/JwtAuthenticator.php index 10fc7df2..75589a6e 100644 --- a/src/Authenticator/JwtAuthenticator.php +++ b/src/Authenticator/JwtAuthenticator.php @@ -20,6 +20,7 @@ use Phauthentic\Authentication\Identifier\IdentifierInterface; use Exception; use Firebase\JWT\JWT; +use Firebase\JWT\Key; use Psr\Http\Message\ServerRequestInterface; use stdClass; @@ -212,8 +213,7 @@ protected function decodeToken($token) { return JWT::decode( $token, - (string)$this->secretKey, - $this->algorithms + new Key((string)$this->secretKey, $this->algorithms[0]) ); } } diff --git a/src/Authenticator/PersistenceInterface.php b/src/Authenticator/PersistenceInterface.php index e33804fe..7adc702a 100644 --- a/src/Authenticator/PersistenceInterface.php +++ b/src/Authenticator/PersistenceInterface.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Authenticator; use ArrayAccess; diff --git a/src/Authenticator/Result.php b/src/Authenticator/Result.php index e856124c..38330070 100644 --- a/src/Authenticator/Result.php +++ b/src/Authenticator/Result.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Authenticator; use ArrayAccess; diff --git a/src/Authenticator/ResultInterface.php b/src/Authenticator/ResultInterface.php index c76bb3d9..f55fa62c 100644 --- a/src/Authenticator/ResultInterface.php +++ b/src/Authenticator/ResultInterface.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Authenticator; use ArrayAccess; diff --git a/src/Authenticator/SessionAuthenticator.php b/src/Authenticator/SessionAuthenticator.php index d9a6abb1..c203661d 100644 --- a/src/Authenticator/SessionAuthenticator.php +++ b/src/Authenticator/SessionAuthenticator.php @@ -13,6 +13,8 @@ * @license http://www.opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Authenticator; use ArrayAccess; diff --git a/src/Authenticator/StatelessInterface.php b/src/Authenticator/StatelessInterface.php index 76205bba..27b5a0c1 100644 --- a/src/Authenticator/StatelessInterface.php +++ b/src/Authenticator/StatelessInterface.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Authenticator; use Psr\Http\Message\ServerRequestInterface; diff --git a/src/Authenticator/Storage/NativePhpSessionStorage.php b/src/Authenticator/Storage/NativePhpSessionStorage.php index 5219c1e7..5f84f3c8 100644 --- a/src/Authenticator/Storage/NativePhpSessionStorage.php +++ b/src/Authenticator/Storage/NativePhpSessionStorage.php @@ -12,6 +12,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Authenticator\Storage; use Psr\Http\Message\ResponseInterface; @@ -30,7 +32,7 @@ class NativePhpSessionStorage implements StorageInterface /** * Constructor * - * @var string $key Key + * @param string $sessionKey Session key. */ public function __construct(string $sessionKey) { diff --git a/src/Authenticator/Storage/StorageInterface.php b/src/Authenticator/Storage/StorageInterface.php index 444c3279..d9839d01 100644 --- a/src/Authenticator/Storage/StorageInterface.php +++ b/src/Authenticator/Storage/StorageInterface.php @@ -12,6 +12,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Authenticator\Storage; use Psr\Http\Message\ResponseInterface; diff --git a/src/Authenticator/TokenAuthenticator.php b/src/Authenticator/TokenAuthenticator.php index 6189fdca..f20df98d 100644 --- a/src/Authenticator/TokenAuthenticator.php +++ b/src/Authenticator/TokenAuthenticator.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Authenticator; use Phauthentic\Authentication\Identifier\IdentifierInterface; diff --git a/src/Authenticator/UrlAwareTrait.php b/src/Authenticator/UrlAwareTrait.php index 15cb6591..5052c515 100644 --- a/src/Authenticator/UrlAwareTrait.php +++ b/src/Authenticator/UrlAwareTrait.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Authenticator; use Phauthentic\Authentication\UrlChecker\UrlCheckerInterface; diff --git a/src/Identifier/AbstractIdentifier.php b/src/Identifier/AbstractIdentifier.php index dc3cdfd5..8c9fb68e 100644 --- a/src/Identifier/AbstractIdentifier.php +++ b/src/Identifier/AbstractIdentifier.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Identifier; abstract class AbstractIdentifier implements IdentifierInterface diff --git a/src/Identifier/CallbackIdentifier.php b/src/Identifier/CallbackIdentifier.php index 0a0b11f6..ddf824a4 100644 --- a/src/Identifier/CallbackIdentifier.php +++ b/src/Identifier/CallbackIdentifier.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Identifier; use ArrayAccess; diff --git a/src/Identifier/CollectionIdentifier.php b/src/Identifier/CollectionIdentifier.php index e0b61b51..19280bc1 100644 --- a/src/Identifier/CollectionIdentifier.php +++ b/src/Identifier/CollectionIdentifier.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Identifier; use ArrayAccess; diff --git a/src/Identifier/IdentifierCollection.php b/src/Identifier/IdentifierCollection.php index 93d5fc7d..01cb0814 100644 --- a/src/Identifier/IdentifierCollection.php +++ b/src/Identifier/IdentifierCollection.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Identifier; use ArrayIterator; diff --git a/src/Identifier/IdentifierCollectionInterface.php b/src/Identifier/IdentifierCollectionInterface.php index 3d96adc2..ce3a5d2c 100644 --- a/src/Identifier/IdentifierCollectionInterface.php +++ b/src/Identifier/IdentifierCollectionInterface.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Identifier; use IteratorAggregate; diff --git a/src/Identifier/IdentifierInterface.php b/src/Identifier/IdentifierInterface.php index aa7a70af..d6b8a99a 100644 --- a/src/Identifier/IdentifierInterface.php +++ b/src/Identifier/IdentifierInterface.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Identifier; use ArrayAccess; diff --git a/src/Identifier/JwtSubjectIdentifier.php b/src/Identifier/JwtSubjectIdentifier.php index 6425618f..582fb98a 100644 --- a/src/Identifier/JwtSubjectIdentifier.php +++ b/src/Identifier/JwtSubjectIdentifier.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Identifier; /** diff --git a/src/Identifier/Ldap/AdapterInterface.php b/src/Identifier/Ldap/AdapterInterface.php index 2251a45c..56ff353f 100644 --- a/src/Identifier/Ldap/AdapterInterface.php +++ b/src/Identifier/Ldap/AdapterInterface.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Identifier\Ldap; interface AdapterInterface diff --git a/src/Identifier/Ldap/ExtensionAdapter.php b/src/Identifier/Ldap/ExtensionAdapter.php index 167d7a38..8c07e266 100644 --- a/src/Identifier/Ldap/ExtensionAdapter.php +++ b/src/Identifier/Ldap/ExtensionAdapter.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Identifier\Ldap; use ErrorException; @@ -32,7 +34,7 @@ class ExtensionAdapter implements AdapterInterface /** * LDAP Object * - * @var resource|null + * @var \LDAP\Connection|null */ protected $connection; diff --git a/src/Identifier/LdapIdentifier.php b/src/Identifier/LdapIdentifier.php index a7145eaf..3b006bb8 100644 --- a/src/Identifier/LdapIdentifier.php +++ b/src/Identifier/LdapIdentifier.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Identifier; use ArrayAccess; @@ -80,7 +82,7 @@ class LdapIdentifier extends AbstractIdentifier /** * List of errors * - * @var array + * @var array */ protected array $errors = []; diff --git a/src/Identifier/PasswordIdentifier.php b/src/Identifier/PasswordIdentifier.php index a4c342f8..aa5b09d2 100644 --- a/src/Identifier/PasswordIdentifier.php +++ b/src/Identifier/PasswordIdentifier.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Identifier; use ArrayAccess; diff --git a/src/Identifier/Resolver/CallbackResolver.php b/src/Identifier/Resolver/CallbackResolver.php index e127b490..119d6e41 100644 --- a/src/Identifier/Resolver/CallbackResolver.php +++ b/src/Identifier/Resolver/CallbackResolver.php @@ -12,6 +12,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Identifier\Resolver; use ArrayAccess; diff --git a/src/Identifier/Resolver/PdoResolver.php b/src/Identifier/Resolver/PdoResolver.php index c70e3751..78ae4835 100644 --- a/src/Identifier/Resolver/PdoResolver.php +++ b/src/Identifier/Resolver/PdoResolver.php @@ -12,6 +12,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Identifier\Resolver; use ArrayAccess; diff --git a/src/Identifier/Resolver/PdoStatementResolver.php b/src/Identifier/Resolver/PdoStatementResolver.php index 88a86843..a248f62b 100644 --- a/src/Identifier/Resolver/PdoStatementResolver.php +++ b/src/Identifier/Resolver/PdoStatementResolver.php @@ -12,6 +12,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Identifier\Resolver; use ArrayAccess; diff --git a/src/Identifier/Resolver/ResolverInterface.php b/src/Identifier/Resolver/ResolverInterface.php index 79393253..b2b0de91 100644 --- a/src/Identifier/Resolver/ResolverInterface.php +++ b/src/Identifier/Resolver/ResolverInterface.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Identifier\Resolver; use ArrayAccess; diff --git a/src/Identifier/TokenIdentifier.php b/src/Identifier/TokenIdentifier.php index f892dec7..c69992db 100644 --- a/src/Identifier/TokenIdentifier.php +++ b/src/Identifier/TokenIdentifier.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Identifier; use ArrayAccess; diff --git a/src/Identity/DefaultIdentityFactory.php b/src/Identity/DefaultIdentityFactory.php index f15bac26..2121fad0 100644 --- a/src/Identity/DefaultIdentityFactory.php +++ b/src/Identity/DefaultIdentityFactory.php @@ -12,6 +12,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Identity; use ArrayAccess; diff --git a/src/Identity/Identity.php b/src/Identity/Identity.php index 68710f1d..f7f9de09 100644 --- a/src/Identity/Identity.php +++ b/src/Identity/Identity.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Identity; use ArrayAccess; @@ -121,7 +123,7 @@ protected function get($field) * @param mixed $offset Offset * @return bool */ - public function offsetExists($offset) + public function offsetExists($offset): bool { return $this->get($offset) !== null; } @@ -133,7 +135,7 @@ public function offsetExists($offset) * @param mixed $offset Offset * @return mixed */ - public function offsetGet($offset) + public function offsetGet($offset): mixed { return $this->get($offset); } @@ -145,9 +147,9 @@ public function offsetGet($offset) * @param mixed $offset The offset to assign the value to. * @param mixed $value Value * @throws \BadMethodCallException - * @return mixed + * @return void */ - public function offsetSet($offset, $value) + public function offsetSet($offset, $value): void { throw new BadMethodCallException('Identity does not allow wrapped data to be mutated.'); } @@ -160,7 +162,7 @@ public function offsetSet($offset, $value) * @throws \BadMethodCallException * @return void */ - public function offsetUnset($offset) + public function offsetUnset($offset): void { throw new BadMethodCallException('Identity does not allow wrapped data to be mutated.'); } diff --git a/src/Identity/IdentityFactoryInterface.php b/src/Identity/IdentityFactoryInterface.php index 248a8c06..08e24293 100644 --- a/src/Identity/IdentityFactoryInterface.php +++ b/src/Identity/IdentityFactoryInterface.php @@ -12,13 +12,14 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Identity; use ArrayAccess; interface IdentityFactoryInterface { - /** * Creates identity object. * diff --git a/src/Identity/IdentityInterface.php b/src/Identity/IdentityInterface.php index 590dc1e0..ae011945 100644 --- a/src/Identity/IdentityInterface.php +++ b/src/Identity/IdentityInterface.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Identity; use ArrayAccess; diff --git a/src/Middleware/AuthenticationErrorHandlerMiddleware.php b/src/Middleware/AuthenticationErrorHandlerMiddleware.php index ab524fba..086c027c 100644 --- a/src/Middleware/AuthenticationErrorHandlerMiddleware.php +++ b/src/Middleware/AuthenticationErrorHandlerMiddleware.php @@ -12,6 +12,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Middleware; use Phauthentic\Authentication\Authenticator\Exception\UnauthorizedException; diff --git a/src/Middleware/AuthenticationMiddleware.php b/src/Middleware/AuthenticationMiddleware.php index ba2fd64f..b0514fd9 100644 --- a/src/Middleware/AuthenticationMiddleware.php +++ b/src/Middleware/AuthenticationMiddleware.php @@ -12,6 +12,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\Middleware; use Phauthentic\Authentication\AuthenticationServiceProviderInterface; diff --git a/src/PersistenceResult.php b/src/PersistenceResult.php index 81293bc3..39ef69ca 100644 --- a/src/PersistenceResult.php +++ b/src/PersistenceResult.php @@ -12,6 +12,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication; use Psr\Http\Message\ResponseInterface; diff --git a/src/PersistenceResultInterface.php b/src/PersistenceResultInterface.php index ece85b14..670ee16c 100644 --- a/src/PersistenceResultInterface.php +++ b/src/PersistenceResultInterface.php @@ -12,6 +12,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication; use Psr\Http\Message\ResponseInterface; diff --git a/src/UrlChecker/DefaultUrlChecker.php b/src/UrlChecker/DefaultUrlChecker.php index 592f7352..9ad7721e 100644 --- a/src/UrlChecker/DefaultUrlChecker.php +++ b/src/UrlChecker/DefaultUrlChecker.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\UrlChecker; use Psr\Http\Message\ServerRequestInterface; @@ -24,7 +26,6 @@ */ class DefaultUrlChecker implements UrlCheckerInterface { - /** * @var bool */ diff --git a/src/UrlChecker/RegexUrlChecker.php b/src/UrlChecker/RegexUrlChecker.php index 7050f940..ecb9158a 100644 --- a/src/UrlChecker/RegexUrlChecker.php +++ b/src/UrlChecker/RegexUrlChecker.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\UrlChecker; use Psr\Http\Message\ServerRequestInterface; @@ -24,7 +26,6 @@ */ class RegexUrlChecker implements UrlCheckerInterface { - /** * @var bool */ diff --git a/src/UrlChecker/UrlCheckerInterface.php b/src/UrlChecker/UrlCheckerInterface.php index 23f07f96..1330dea0 100644 --- a/src/UrlChecker/UrlCheckerInterface.php +++ b/src/UrlChecker/UrlCheckerInterface.php @@ -14,6 +14,8 @@ * @license https://opensource.org/licenses/mit-license.php MIT License */ +declare(strict_types=1); + namespace Phauthentic\Authentication\UrlChecker; use Psr\Http\Message\ServerRequestInterface; diff --git a/tests/TestCase/AuthenticationTestCase.php b/tests/TestCase/AuthenticationTestCase.php index 4f490c72..4a5d88cf 100644 --- a/tests/TestCase/AuthenticationTestCase.php +++ b/tests/TestCase/AuthenticationTestCase.php @@ -16,8 +16,13 @@ namespace Phauthentic\Authentication\Test\TestCase; +use ArrayObject; +use Nyholm\Psr7\Factory\Psr17Factory; use Phauthentic\Authentication\Test\Fixture\FixtureInterface; use Phauthentic\Authentication\Test\Fixture\UsersFixture; +use Psr\Http\Message\ResponseInterface; +use Psr\Http\Message\ServerRequestInterface; +use Psr\Http\Message\UriInterface; /** * @author Robert Pustułka @@ -33,4 +38,55 @@ protected function createFixture(): FixtureInterface { return new UsersFixture(); } + + public function getMockResponse() + { + return $this->getMockBuilder(ResponseInterface::class) + ->getMock(); + } + + public function getMockRequest(array $options = []) + { + $mockUri = $this + ->getMockBuilder(UriInterface::class) + ->getMock(); + + if (isset($options['path'])) { + $mockUri + ->expects($this->any()) + ->method('getPath') + ->willReturn($options['path']); + } + + if (isset($options['host'])) { + $mockUri + ->expects($this->any()) + ->method('getHost') + ->willReturn($options['host']); + } + + $mockRequest = $this + ->getMockBuilder(ServerRequestInterface::class) + ->getMock(); + + $mockRequest->expects($this->any()) + ->method('getUri') + ->willReturn($mockUri); + + if (isset($options['parsedBody'])) { + $mockRequest->expects($this->any()) + ->method('getParsedBody') + ->willReturn($options['parsedBody']); + } + + return $mockRequest; + } + + public function getIdentity() + { + return new ArrayObject([ + 'username' => 'robert', + 'password' => '$2y$10$VFTg46xeZ8/hU4zI.dtZVOfuz4AeIKAgZaB.uraGfcljXzid/xERa' + ]); + } } diff --git a/tests/TestCase/Authenticator/AbstractAuthenticatorTest.php b/tests/TestCase/Authenticator/AbstractAuthenticatorTest.php index bfac14f4..fc69c149 100644 --- a/tests/TestCase/Authenticator/AbstractAuthenticatorTest.php +++ b/tests/TestCase/Authenticator/AbstractAuthenticatorTest.php @@ -22,7 +22,6 @@ class AbstractAuthenticatorTest extends AuthenticationTestCase { - /** * testGetIdentifier * diff --git a/tests/TestCase/Authenticator/AuthenticationServiceTest.php b/tests/TestCase/Authenticator/AuthenticationServiceTest.php index 07eef733..ee41fc66 100644 --- a/tests/TestCase/Authenticator/AuthenticationServiceTest.php +++ b/tests/TestCase/Authenticator/AuthenticationServiceTest.php @@ -17,6 +17,7 @@ namespace Phauthentic\Authentication\Test\TestCase\Authenticator; use ArrayObject; +use Nyholm\Psr7\Response; use Phauthentic\Authentication\AuthenticationService; use Phauthentic\Authentication\Authenticator\AuthenticatorCollection; use Phauthentic\Authentication\Authenticator\Exception\UnauthorizedException; @@ -40,7 +41,6 @@ use Psr\Http\Message\ServerRequestInterface; use Psr\Http\Message\UriInterface; use RuntimeException; -use Zend\Diactoros\Response; /** * Authentication Service Test @@ -65,8 +65,10 @@ protected function createPasswordIdentifier() * * @return \Phauthentic\Authentication\Authenticator\SessionAuthenticator */ - protected function createSessionAuthenticator(IdentifierInterface $identifier = null, StorageInterface $storage = null) - { + protected function createSessionAuthenticator( + IdentifierInterface $identifier = null, + StorageInterface $storage = null + ) { if (!$identifier) { $identifier = $this->createPasswordIdentifier(); } @@ -82,8 +84,10 @@ protected function createSessionAuthenticator(IdentifierInterface $identifier = * * @return \Phauthentic\Authentication\Authenticator\FormAuthenticator */ - protected function createFormAuthenticator(IdentifierInterface $identifier = null, UrlCheckerInterface $urlChecker = null) - { + protected function createFormAuthenticator( + IdentifierInterface $identifier = null, + UrlCheckerInterface $urlChecker = null + ) { if (!$identifier) { $identifier = $this->createPasswordIdentifier(); } @@ -123,7 +127,7 @@ protected function createAuthenticators(IdentifierInterface $identifier = null, * @param array §server Server environment * @return mixed */ - protected function getMockRequest($path, $body, $server = []) + public function getMockRequest(array $options = []) { $request = $this->getMockBuilder(ServerRequestInterface::class) ->getMock(); @@ -133,11 +137,11 @@ protected function getMockRequest($path, $body, $server = []) $uri->expects($this->any()) ->method('getPath') - ->willReturn($path); + ->willReturn($options['path']); $uri->expects($this->any()) ->method('__toString') - ->willReturn('http://localhost' . $path); + ->willReturn('http://localhost' . $options['path']); $request->expects($this->any()) ->method('getUri') @@ -145,12 +149,12 @@ protected function getMockRequest($path, $body, $server = []) $request->expects($this->any()) ->method('getParsedBody') - ->willReturn($body); + ->willReturn($options['parsedBody']); - if (!empty($server)) { + if (!empty($options['server'])) { $request->expects($this->any()) ->method('getServerParams') - ->willReturn($server); + ->willReturn($options['server']); } return $request; @@ -163,10 +167,10 @@ protected function getMockRequest($path, $body, $server = []) */ public function testAuthenticate(): void { - $request = $this->getMockRequest( - '/testpath', - ['username' => 'robert', 'password' => 'robert'] - ); + $request = $this->getMockRequest([ + 'path' => '/testpath', + 'parsedBody' => ['username' => 'robert', 'password' => 'robert'] + ]); $authenticators = $this->createAuthenticators(); $service = new AuthenticationService($authenticators, new DefaultIdentityFactory()); @@ -200,10 +204,10 @@ public function testAuthenticate(): void */ public function testAuthenticateFailure(): void { - $request = $this->getMockRequest( - '/testpath', - ['username' => 'robert', 'password' => 'invalid'] - ); + $request = $this->getMockRequest([ + 'path' => '/testpath', + 'parsedBody' => ['username' => 'robert', 'password' => 'invalid'] + ]); $authenticators = $this->createAuthenticators(); $service = new AuthenticationService($authenticators, new DefaultIdentityFactory()); @@ -243,10 +247,10 @@ public function testAuthenticateFailure(): void */ public function testAuthenticateStorage(): void { - $request = $this->getMockRequest( - '/testpath', - [] - ); + $request = $this->getMockRequest([ + 'path' => '/testpath', + 'parsedBody' => '' + ]); $storage = $this->createMock(StorageInterface::class); $identity = new Identity(new ArrayObject(['username' => 'robert'])); @@ -291,16 +295,16 @@ public function testAuthenticateStorage(): void */ public function testAuthenticateWithChallenge(): void { - $request = $this->getMockRequest( - '/testpath', - [], - [ + $request = $this->getMockRequest([ + 'path' => '/testpath', + 'parsedBody' => '', + 'server' => [ 'SERVER_NAME' => 'example.com', 'REQUEST_URI' => '/testpath', 'PHP_AUTH_USER' => 'robert', 'PHP_AUTH_PW' => 'WRONG' ] - ); + ]); $identifier = $this->createPasswordIdentifier(); $authenticators = new AuthenticatorCollection([ @@ -321,10 +325,10 @@ public function testAuthenticateWithChallenge(): void */ public function testPersistAuthenticatedIdentity(): void { - $request = $this->getMockRequest( - '/testpath', - ['username' => 'robert', 'password' => 'robert'] - ); + $request = $this->getMockRequest([ + 'path' => '/testpath', + 'parsedBody' => ['username' => 'robert', 'password' => 'robert'] + ]); $response = new Response(); @@ -360,10 +364,10 @@ public function testPersistAuthenticatedIdentity(): void */ public function testPersistCustomIdentity(): void { - $request = $this->getMockRequest( - '/testpath', - ['username' => 'robert', 'password' => 'robert'] - ); + $request = $this->getMockRequest([ + 'path' => '/testpath', + 'parsedBody' => ['username' => 'robert', 'password' => 'robert'] + ]); $response = new Response(); @@ -392,10 +396,10 @@ public function testPersistCustomIdentity(): void */ public function testClearIdentity(): void { - $request = $this->getMockRequest( - '/testpath', - ['username' => 'robert', 'password' => 'robert'] - ); + $request = $this->getMockRequest([ + 'path' => '/testpath', + 'parsedBody' => ['username' => 'robert', 'password' => 'robert'] + ]); $response = new Response(); $storage = $this->createMock(StorageInterface::class); @@ -425,10 +429,10 @@ public function testClearIdentity(): void */ public function testNoAuthenticatorsLoadedException(): void { - $request = $this->getMockRequest( - '/testpath', - ['username' => 'robert', 'password' => 'robert'] - ); + $request = $this->getMockRequest([ + 'path' => '/testpath', + 'parsedBody' => ['username' => 'robert', 'password' => 'robert'] + ]); $service = new AuthenticationService(new AuthenticatorCollection(), new DefaultIdentityFactory()); @@ -462,10 +466,10 @@ public function testBuildIdentity(): void public function testGetIdentity(): void { - $request = $this->getMockRequest( - '/testpath', - ['username' => 'robert', 'password' => 'robert'] - ); + $request = $this->getMockRequest([ + 'path' => '/testpath', + 'parsedBody' => ['username' => 'robert', 'password' => 'robert'] + ]); $authenticators = $this->createAuthenticators(); $service = new AuthenticationService($authenticators, new DefaultIdentityFactory()); diff --git a/tests/TestCase/Authenticator/AuthenticatorCollectionTest.php b/tests/TestCase/Authenticator/AuthenticatorCollectionTest.php index 5775a1d8..7087b943 100644 --- a/tests/TestCase/Authenticator/AuthenticatorCollectionTest.php +++ b/tests/TestCase/Authenticator/AuthenticatorCollectionTest.php @@ -18,12 +18,10 @@ use Phauthentic\Authentication\Authenticator\AuthenticatorCollection; use Phauthentic\Authentication\Authenticator\AuthenticatorInterface; -use Phauthentic\Authentication\Identifier\IdentifierCollection; use PHPUnit\Framework\TestCase; class AuthenticatorCollectionTest extends TestCase { - /** * Test constructor. * diff --git a/tests/TestCase/Authenticator/CookieAuthenticatorTest.php b/tests/TestCase/Authenticator/CookieAuthenticatorTest.php index 7f56b0a9..1c35c18f 100644 --- a/tests/TestCase/Authenticator/CookieAuthenticatorTest.php +++ b/tests/TestCase/Authenticator/CookieAuthenticatorTest.php @@ -15,7 +15,8 @@ namespace Phauthentic\Authentication\Test\TestCase\Authenticator; -use ArrayObject; +use Nyholm\Psr7\Factory\Psr17Factory; +use Nyholm\Psr7\Response; use Phauthentic\Authentication\Authenticator\CookieAuthenticator; use Phauthentic\Authentication\Authenticator\Result; use Phauthentic\Authentication\Authenticator\Storage\StorageInterface; @@ -25,12 +26,9 @@ use Phauthentic\Authentication\UrlChecker\DefaultUrlChecker; use Phauthentic\PasswordHasher\DefaultPasswordHasher; use Psr\Http\Message\ResponseInterface; -use Zend\Diactoros\Response; -use Zend\Diactoros\ServerRequestFactory; class CookieAuthenticatorTest extends AuthenticationTestCase { - /** * @param StorageInterface $storage Storage instance. * @return CookieAuthenticator @@ -58,10 +56,8 @@ public function testAuthenticateInvalidTokenMissingUsername(): void $authenticator = $this->createAuthenticator($storage); - $request = ServerRequestFactory::fromGlobals( - ['REQUEST_URI' => '/testpath'] - ); - $response = new Response(); + $request = $this->getMockRequest(); + $response = $this->getMockResponse(); $result = $authenticator->authenticate($request, $response); @@ -79,13 +75,15 @@ public function testAuthenticateSuccess(): void $storage = $this->createMock(StorageInterface::class); $storage ->method('read') - ->willReturn(["robert","$2y$10$2sqDmq10vv7cbIsnRymfhe0Hii.eabOK0x1WVWSn8pL1csV6NnwV2"]); + ->willReturn([ + 'robert', + '$2y$10$2sqDmq10vv7cbIsnRymfhe0Hii.eabOK0x1WVWSn8pL1csV6NnwV2' + ]); + $authenticator = $this->createAuthenticator($storage); - $request = ServerRequestFactory::fromGlobals( - ['REQUEST_URI' => '/testpath'] - ); - $response = new Response(); + $request = $this->getMockRequest(); + $response = $this->getMockResponse(); $result = $authenticator->authenticate($request, $response); @@ -106,10 +104,8 @@ public function testAuthenticateUnknownUser(): void ->willReturn(["unknown","$2y$10$2sqDmq10vv7cbIsnRymfhe0Hii.eabOK0x1WVWSn8pL1csV6NnwV2"]); $authenticator = $this->createAuthenticator($storage); - $request = ServerRequestFactory::fromGlobals( - ['REQUEST_URI' => '/testpath'] - ); - $response = new Response(); + $request = $this->getMockRequest(); + $response = $this->getMockResponse(); $result = $authenticator->authenticate($request, $response); @@ -130,10 +126,8 @@ public function testCredentialsNotPresent(): void ->willReturn(null); $authenticator = $this->createAuthenticator($storage); - $request = ServerRequestFactory::fromGlobals( - ['REQUEST_URI' => '/testpath'] - ); - $response = new Response(); + $request = $this->getMockRequest(); + $response = $this->getMockResponse(); $result = $authenticator->authenticate($request, $response); @@ -154,10 +148,8 @@ public function testAuthenticateInvalidToken(): void ->willReturn(["robert","$2y$10$1bE1SgasKoz9WmEvUfuZLeYa6pQgxUIJ5LAoS/asdasdsadasd"]); $authenticator = $this->createAuthenticator($storage); - $request = ServerRequestFactory::fromGlobals( - ['REQUEST_URI' => '/testpath'] - ); - $response = new Response(); + $request = $this->getMockRequest(); + $response = $this->getMockResponse(); $result = $authenticator->authenticate($request, $response); @@ -172,29 +164,31 @@ public function testAuthenticateInvalidToken(): void */ public function testPersistIdentity(): void { - $response = new Response(); + $response = $this->getMockResponse(); + $response->expects($this->once()) + ->method('getHeaderLine', 'Set-Cookie') + ->willReturn('CookieAuth=%5B%22robert%22%2C%22%242y%2410%241bE1SgasKoz9WmEvUfuZLeYa6pQgxUIJ5LAoS%5C%2FKGmC1hNuWkUG7ES%22%5D; path=/'); + $storage = $this->createMock(StorageInterface::class); $storage ->method('write') - ->willReturn($response->withHeader( - 'Set-Cookie', - 'CookieAuth=%5B%22robert%22%2C%22%242y%2410%241bE1SgasKoz9WmEvUfuZLeYa6pQgxUIJ5LAoS%5C%2FKGmC1hNuWkUG7ES%22%5D; path=/' - )); + ->willReturn($response); + $authenticator = $this->createAuthenticator($storage); - $request = ServerRequestFactory::fromGlobals( - ['REQUEST_URI' => '/testpath'] - )->withParsedBody([ - 'remember_me' => 1 + $request = $this->getMockRequest([ + 'parsedBody' => [ + 'remember_me' => 1 + ] ]); - $identity = new ArrayObject([ - 'username' => 'robert', - 'password' => '$2y$10$VFTg46xeZ8/hU4zI.dtZVOfuz4AeIKAgZaB.uraGfcljXzid/xERa' - ]); + $identity = $this->getIdentity(); $result = $authenticator->persistIdentity($request, $response, $identity); - $this->assertStringContainsString('CookieAuth=%5B%22robert%22%2C%22%242y%2410%24', $result->getHeaderLine('Set-Cookie')); + $this->assertStringContainsString( + 'CookieAuth=%5B%22robert%22%2C%22%242y%2410%24', + $result->getHeaderLine('Set-Cookie') + ); } /** @@ -204,27 +198,26 @@ public function testPersistIdentity(): void */ public function testPersistIdentityOtherField(): void { - $response = new Response(); + $response = $this->getMockResponse(); + $response->expects($this->once()) + ->method('getHeaderLine', 'Set-Cookie') + ->willReturn('CookieAuth=%5B%22robert%22%2C%22%242y%2410%241bE1SgasKoz9WmEvUfuZLeYa6pQgxUIJ5LAoS%5C%2FKGmC1hNuWkUG7ES%22%5D; path=/'); + $storage = $this->createMock(StorageInterface::class); $storage ->method('write') - ->willReturn($response->withHeader( - 'Set-Cookie', - 'CookieAuth=%5B%22robert%22%2C%22%242y%2410%241bE1SgasKoz9WmEvUfuZLeYa6pQgxUIJ5LAoS%5C%2FKGmC1hNuWkUG7ES%22%5D; path=/' - )); + ->willReturn($response); + $authenticator = $this->createAuthenticator($storage); $authenticator->setRememberMeField('other_field'); - $request = ServerRequestFactory::fromGlobals( - ['REQUEST_URI' => '/testpath'] - )->withParsedBody([ - 'other_field' => 1 + $request = $this->getMockRequest([ + 'parsedBody' => [ + 'other_field' => 1 + ] ]); - $identity = new ArrayObject([ - 'username' => 'robert', - 'password' => '$2y$10$VFTg46xeZ8/hU4zI.dtZVOfuz4AeIKAgZaB.uraGfcljXzid/xERa' - ]); + $identity = $this->getIdentity(); $result = $authenticator->persistIdentity($request, $response, $identity); $this->assertInstanceOf(ResponseInterface::class, $result); @@ -248,14 +241,12 @@ public function testPersistIdentityNoField() )); $authenticator = $this->createAuthenticator($storage); - $request = ServerRequestFactory::fromGlobals( - ['REQUEST_URI' => '/testpath'] - ); - - $identity = new ArrayObject([ - 'username' => 'robert', - 'password' => '$2y$10$VFTg46xeZ8/hU4zI.dtZVOfuz4AeIKAgZaB.uraGfcljXzid/xERa' + $request = $this->getMockRequest([ + 'path' => '/users/login', ]); + + $identity = $this->getIdentity(); + $result = $authenticator->persistIdentity($request, $response, $identity); $this->assertStringNotContainsString('CookieAuth', $result->getHeaderLine('Set-Cookie')); @@ -272,21 +263,17 @@ public function testPersistIdentityLoginUrlMismatch() $authenticator = $this->createAuthenticator($storage); $authenticator->addLoginUrl('/users/login'); - $request = ServerRequestFactory::fromGlobals( - ['REQUEST_URI' => '/testpath'] - ); - $request = $request->withParsedBody([ - 'remember_me' => 1 - ]); + $request = (new Psr17Factory())->createServerRequest('GET', '/invalid-url'); $response = new Response(); - $identity = new ArrayObject([ - 'username' => 'robert', - 'password' => '$2y$10$VFTg46xeZ8/hU4zI.dtZVOfuz4AeIKAgZaB.uraGfcljXzid/xERa' - ]); + $identity = $this->getIdentity(); + $result = $authenticator->persistIdentity($request, $response, $identity); - $this->assertStringNotContainsString('CookieAuth=%5B%22robert%22%2C%22%242y%2410%24', $result->getHeaderLine('Set-Cookie')); + $this->assertStringNotContainsString( + 'CookieAuth=%5B%22robert%22%2C%22%242y%2410%24', + $result->getHeaderLine('Set-Cookie') + ); } /** @@ -303,9 +290,7 @@ public function testClearIdentity() ->willReturn($response->withHeader('Set-Cookie', 'CookieAuth=; expires=Thu, 01-Jan-1970 00:00:01 UTC; path=/')); $authenticator = $this->createAuthenticator($storage); - $request = ServerRequestFactory::fromGlobals( - ['REQUEST_URI' => '/testpath'] - ); + $request = (new Psr17Factory())->createServerRequest('GET', '/testpath'); $result = $authenticator->clearIdentity($request, $response); $this->assertInstanceOf(ResponseInterface::class, $result); diff --git a/tests/TestCase/Authenticator/FormAuthenticatorTest.php b/tests/TestCase/Authenticator/FormAuthenticatorTest.php index 0ea2ce97..92f132c4 100644 --- a/tests/TestCase/Authenticator/FormAuthenticatorTest.php +++ b/tests/TestCase/Authenticator/FormAuthenticatorTest.php @@ -17,6 +17,7 @@ namespace Phauthentic\Authentication\Test\TestCase\Authenticator; use ArrayObject; +use Nyholm\Psr7\Response; use Phauthentic\Authentication\Authenticator\FormAuthenticator; use Phauthentic\Authentication\Authenticator\Result; use Phauthentic\Authentication\Identifier\IdentifierInterface; @@ -26,8 +27,6 @@ use Phauthentic\Authentication\UrlChecker\DefaultUrlChecker; use Phauthentic\Authentication\UrlChecker\RegexUrlChecker; use Phauthentic\PasswordHasher\DefaultPasswordHasher; -use Zend\Diactoros\Response; -use Zend\Diactoros\ServerRequestFactory; /** * FormAuthenticatorTest @@ -49,11 +48,15 @@ protected function getIdentifier(): IdentifierInterface public function testAuthenticate(): void { $identifier = $this->getIdentifier(); - $request = ServerRequestFactory::fromGlobals( - ['REQUEST_URI' => '/testpath'], - [], - ['username' => 'florian', 'password' => 'florian'] - ); + + $request = $this->getMockRequest([ + 'method' => 'POST', + 'parsedBody' => [ + 'username' => 'florian', + 'password' => 'florian' + ] + ]); + $response = new Response(); $form = new FormAuthenticator($identifier, new DefaultUrlChecker()); @@ -72,11 +75,11 @@ public function testCredentialsNotPresent(): void { $identifier = $this->getIdentifier(); - $request = ServerRequestFactory::fromGlobals( - ['REQUEST_URI' => '/users/does-not-match'], - [], - [] - ); + $request = $this->getMockRequest([ + 'path' => '/users/does-not-match', + 'method' => 'POST', + 'parsedBody' => [] + ]); $response = new Response(); $urlChecker = new DefaultUrlChecker(); @@ -98,11 +101,20 @@ public function testCredentialsEmpty(): void { $identifier = $this->getIdentifier(); - $request = ServerRequestFactory::fromGlobals( - ['REQUEST_URI' => '/users/does-not-match'], - [], - ['username' => '', 'password' => ''] - ); + $request = $this->getMockRequest([ + 'path' => '/users/does-not-match', + 'host' => 'localhost', + 'parsedBody' => [ + 'username' => '', + 'password' => '' + ] + ]); + + $request->getUri() + ->expects($this->any()) + ->method('__toString') + ->willReturn('http://localhost/users/does-not-match'); + $response = new Response(); $urlChecker = new DefaultUrlChecker(); @@ -124,14 +136,20 @@ public function testSingleLoginUrlMismatch(): void { $identifier = $this->getIdentifier(); - $request = ServerRequestFactory::fromGlobals( - [ - 'REQUEST_URI' => '/users/does-not-match', - 'HTTP_HOST' => 'localhost', - ], - [], - ['username' => 'florian', 'password' => 'florian'] - ); + $request = $this->getMockRequest([ + 'path' => '/users/does-not-match', + 'host' => 'localhost', + 'parsedBody' => [ + 'username' => 'florian', + 'password' => 'florian' + ] + ]); + + $request->getUri() + ->expects($this->any()) + ->method('__toString') + ->willReturn('http://localhost/users/does-not-match'); + $response = new Response(); $urlChecker = new DefaultUrlChecker(); @@ -154,14 +172,20 @@ public function testMultipleLoginUrlMismatch(): void { $identifier = $this->getIdentifier(); - $request = ServerRequestFactory::fromGlobals( - [ - 'REQUEST_URI' => '/users/does-not-match', - 'HTTP_HOST' => 'localhost', - ], - [], - ['username' => 'florian', 'password' => 'florian'] - ); + $request = $this->getMockRequest([ + 'path' => '/users/does-not-match', + 'host' => 'localhost', + 'parsedBody' => [ + 'username' => 'florian', + 'password' => 'florian' + ] + ]); + + $request->getUri() + ->expects($this->any()) + ->method('__toString') + ->willReturn('http://localhost/users/does-not-match'); + $response = new Response(); $urlChecker = new DefaultUrlChecker(); @@ -186,12 +210,13 @@ public function testMultipleLoginUrlMismatch(): void public function testSingleLoginUrlSuccess(): void { $identifier = $this->getIdentifier(); - - $request = ServerRequestFactory::fromGlobals( - ['REQUEST_URI' => '/Users/login'], - [], - ['username' => 'florian', 'password' => 'florian'] - ); + $request = $this->getMockRequest([ + 'path' => '/Users/login', + 'parsedBody' => [ + 'username' => 'florian', + 'password' => 'florian' + ] + ]); $response = new Response(); $urlChecker = new DefaultUrlChecker(); @@ -214,11 +239,13 @@ public function testMultipleLoginUrlSuccess(): void { $identifier = $this->getIdentifier(); - $request = ServerRequestFactory::fromGlobals( - ['REQUEST_URI' => '/de/users/login'], - [], - ['username' => 'florian', 'password' => 'florian'] - ); + $request = $this->getMockRequest([ + 'path' => '/de/users/login', + 'parsedBody' => [ + 'username' => 'florian', + 'password' => 'florian' + ] + ]); $response = new Response(); $urlChecker = new DefaultUrlChecker(); @@ -244,11 +271,14 @@ public function testRegexLoginUrlSuccess(): void { $identifier = $this->getIdentifier(); - $request = ServerRequestFactory::fromGlobals( - ['REQUEST_URI' => '/de/users/login'], - [], - ['username' => 'florian', 'password' => 'florian'] - ); + $request = $this->getMockRequest([ + 'path' => '/de/users/login', + 'parsedBody' => [ + 'username' => 'florian', + 'password' => 'florian' + ] + ]); + $response = new Response(); $urlChecker = (new RegexUrlChecker()); @@ -272,14 +302,21 @@ public function testFullRegexLoginUrlFailure(): void { $identifier = $this->getIdentifier(); - $request = ServerRequestFactory::fromGlobals( - [ - 'REQUEST_URI' => '/de/users/login', - 'HTTP_HOST' => 'localhost', - ], - [], - ['username' => 'florian', 'password' => 'florian'] - ); + $request = $this->getMockRequest([ + 'path' => '/de/users/login', + 'host' => 'localhost', + 'method' => 'POST', + 'parsedBody' => [ + 'username' => 'florian', + 'password' => 'florian' + ] + ]); + + $request->getUri() + ->expects($this->any()) + ->method('__toString') + ->willReturn('http://localhost/de/users/login'); + $response = new Response(); $urlChecker = (new RegexUrlChecker()) @@ -304,14 +341,21 @@ public function testFullRegexLoginUrlSuccess(): void { $identifier = $this->getIdentifier(); - $request = ServerRequestFactory::fromGlobals( - [ - 'REQUEST_URI' => '/de/users/login', - 'SERVER_NAME' => 'auth.localhost' - ], - [], - ['username' => 'florian', 'password' => 'florian'] - ); + $request = $this->getMockRequest([ + 'path' => '/de/users/login', + 'host' => 'auth.localhost', + 'method' => 'POST', + 'parsedBody' => [ + 'username' => 'florian', + 'password' => 'florian' + ] + ]); + + $request->getUri() + ->expects($this->once()) + ->method('__toString') + ->willReturn('http://auth.localhost/de/users/login'); + $response = new Response(); $urlChecker = (new RegexUrlChecker()) @@ -336,11 +380,14 @@ public function testAuthenticateCustomFields(): void { $identifier = $this->createMock(IdentifierInterface::class); - $request = ServerRequestFactory::fromGlobals( - ['REQUEST_URI' => '/users/login'], - [], - ['email' => 'florian@cakephp.org', 'secret' => 'florian'] - ); + $request = $this->getMockRequest([ + 'path' => '/users/login', + 'parsedBody' => [ + 'email' => 'florian@cakephp.org', + 'secret' => 'florian' + ] + ]); + $response = new Response(); $form = (new FormAuthenticator($identifier, new DefaultUrlChecker())) @@ -370,11 +417,16 @@ public function testAuthenticateValidData(): void { $identifier = $this->createMock(IdentifierInterface::class); - $request = ServerRequestFactory::fromGlobals( - ['REQUEST_URI' => '/users/login'], - [], - ['id' => 1, 'username' => 'florian', 'password' => 'florian'] - ); + $request = $this->getMockRequest([ + 'path' => '/users/login', + 'method' => 'POST', + 'parsedBody' => [ + 'id' => 1, + 'username' => 'florian', + 'password' => 'florian' + ] + ]); + $response = new Response(); $form = (new FormAuthenticator($identifier, new DefaultUrlChecker())) diff --git a/tests/TestCase/Authenticator/HttpBasicAuthenticatorTest.php b/tests/TestCase/Authenticator/HttpBasicAuthenticatorTest.php index 844d919a..e88607f8 100644 --- a/tests/TestCase/Authenticator/HttpBasicAuthenticatorTest.php +++ b/tests/TestCase/Authenticator/HttpBasicAuthenticatorTest.php @@ -23,20 +23,14 @@ use Phauthentic\Authentication\Test\Resolver\TestResolver; use Phauthentic\Authentication\Test\TestCase\AuthenticationTestCase as TestCase; use Phauthentic\PasswordHasher\DefaultPasswordHasher; -use Zend\Diactoros\Response; -use Zend\Diactoros\ServerRequestFactory; +use Psr\Http\Message\ResponseInterface; class HttpBasicAuthenticatorTest extends TestCase { use ArraySubsetAsserts; - /** - * @var \Zend\Diactoros\Response - */ - private Response $response; - /** - * @var \Phauthentic\Authentication\Authenticator\HttpBasicAuthenticator - */ + private ResponseInterface $response; + private HttpBasicAuthenticator $auth; /** @@ -49,7 +43,7 @@ public function setUp(): void $resolver = new TestResolver($this->getConnection()->getConnection()); $identifiers = new PasswordIdentifier($resolver, new DefaultPasswordHasher()); $this->auth = new HttpBasicAuthenticator($identifiers); - $this->response = new Response(); + $this->response = $this->getMockResponse(); } /** @@ -59,11 +53,10 @@ public function setUp(): void */ public function testAuthenticateNoData() { - $request = ServerRequestFactory::fromGlobals( - [ - 'REQUEST_URI' => '/posts/index', - ] - ); + $request = $this->getMockRequest(); + $request->expects($this->any()) + ->method('getServerParams') + ->willReturn([]); $result = $this->auth->authenticate($request, $this->response); $this->assertFalse($result->isValid()); @@ -76,12 +69,13 @@ public function testAuthenticateNoData() */ public function testAuthenticateNoUsername() { - $request = ServerRequestFactory::fromGlobals( - [ + $request = $this->getMockRequest(); + $request->expects($this->any()) + ->method('getServerParams') + ->willReturn([ 'REQUEST_URI' => '/posts/index', 'PHP_AUTH_PW' => 'foobar', - ] - ); + ]); $result = $this->auth->authenticate($request, $this->response); $this->assertFalse($result->isValid()); @@ -94,12 +88,13 @@ public function testAuthenticateNoUsername() */ public function testAuthenticateNoPassword() { - $request = ServerRequestFactory::fromGlobals( - [ + $request = $this->getMockRequest(); + $request->expects($this->any()) + ->method('getServerParams') + ->willReturn([ 'REQUEST_URI' => '/posts/index', 'PHP_AUTH_USER' => 'robert', - ] - ); + ]); $result = $this->auth->authenticate($request, $this->response); $this->assertFalse($result->isValid()); @@ -112,13 +107,14 @@ public function testAuthenticateNoPassword() */ public function testAuthenticateInjection(): void { - $request = ServerRequestFactory::fromGlobals( - [ + $request = $this->getMockRequest(); + $request->expects($this->any()) + ->method('getServerParams') + ->willReturn([ 'REQUEST_URI' => '/posts/index', 'PHP_AUTH_USER' => '> 1', 'PHP_AUTH_PW' => "' OR 1 = 1" - ] - ); + ]); $result = $this->auth->authenticate($request, $this->response); $this->assertFalse($result->isValid()); @@ -132,21 +128,20 @@ public function testAuthenticateInjection(): void */ public function testAuthenticateUsernameZero(): void { - $_SERVER['PHP_AUTH_USER'] = '0'; - $_SERVER['PHP_AUTH_PW'] = 'robert'; - - $request = ServerRequestFactory::fromGlobals( - [ + $request = $this->getMockRequest([ + 'parsedBody' => [ + 'user' => '0', + 'password' => 'robert' + ], + ]); + $request->expects($this->any()) + ->method('getServerParams') + ->willReturn([ 'REQUEST_URI' => '/posts/index', 'SERVER_NAME' => 'localhost', 'PHP_AUTH_USER' => '0', 'PHP_AUTH_PW' => 'robert' - ], - [ - 'user' => '0', - 'password' => 'robert' - ] - ); + ]); $expected = [ 'id' => 3, @@ -164,12 +159,13 @@ public function testAuthenticateUsernameZero(): void */ public function testAuthenticateChallenge() { - $request = ServerRequestFactory::fromGlobals( - [ + $request = $this->getMockRequest(); + $request->expects($this->any()) + ->method('getServerParams') + ->willReturn([ 'REQUEST_URI' => '/posts/index', 'SERVER_NAME' => 'localhost', - ] - ); + ]); try { $this->auth->unauthorizedChallenge($request); @@ -188,13 +184,14 @@ public function testAuthenticateChallenge() */ public function testAuthenticateSuccess() { - $request = ServerRequestFactory::fromGlobals( - [ + $request = $this->getMockRequest(); + $request->expects($this->any()) + ->method('getServerParams') + ->willReturn([ 'REQUEST_URI' => '/posts/index', 'PHP_AUTH_USER' => 'robert', 'PHP_AUTH_PW' => 'robert' - ] - ); + ]); $result = $this->auth->authenticate($request, $this->response); $expected = [ diff --git a/tests/TestCase/Authenticator/HttpDigestAuthenticatorTest.php b/tests/TestCase/Authenticator/HttpDigestAuthenticatorTest.php index eddf4297..4dd97dd0 100644 --- a/tests/TestCase/Authenticator/HttpDigestAuthenticatorTest.php +++ b/tests/TestCase/Authenticator/HttpDigestAuthenticatorTest.php @@ -26,8 +26,6 @@ use Phauthentic\Authentication\Test\Resolver\TestResolver; use Phauthentic\Authentication\Test\TestCase\AuthenticationTestCase as TestCase; use Phauthentic\PasswordHasher\DefaultPasswordHasher; -use Zend\Diactoros\Response; -use Zend\Diactoros\ServerRequestFactory; /** * Test case for HttpDigestAuthentication @@ -65,7 +63,7 @@ public function setUp(): void ->setRealm('localhost') ->setOpaque('123abc'); - $this->response = $this->getMockBuilder(Response::class)->getMock(); + $this->response = $this->getMockResponse(); } /** @@ -88,9 +86,9 @@ public function testConstructor(): void */ public function testAuthenticateNoData(): void { - $request = ServerRequestFactory::fromGlobals( - ['REQUEST_URI' => '/posts/index'] - ); + $request = $this->getMockRequest([ + 'path' => '/posts/index' + ]); $result = $this->auth->authenticate($request, $this->response); $this->assertInstanceOf(Result::class, $result); @@ -104,11 +102,9 @@ public function testAuthenticateNoData(): void */ public function testAuthenticateWrongUsername(): void { - $request = ServerRequestFactory::fromGlobals( - ['REQUEST_URI' => '/posts/index'], - [], - [] - ); + $request = $this->getMockRequest([ + 'path' => '/posts/index' + ]); $digest = << '123', 'qop' => 'auth', ]; - $data['response'] = $this->auth->generateResponseHash($data, HttpDigestAuthenticator::generatePasswordHash('digest', 'password', 'localhost'), 'GET'); - $request = ServerRequestFactory::fromGlobals( - [ - 'SERVER_NAME' => 'localhost', - 'REQUEST_URI' => '/dir/index.html', + $data['response'] = $this->auth->generateResponseHash( + $data, + HttpDigestAuthenticator::generatePasswordHash( + 'digest', + 'password', + 'localhost' + ), + 'GET' + ); + + $request = $this->getMockRequest([ + 'path' => '/dir/index.html', + 'method' => 'GET', + ]); + + $request->expects($this->any()) + ->method('getServerParams') + ->willReturn([ 'REQUEST_METHOD' => 'GET', + 'SERVER_NAME' => 'localhost', 'PHP_AUTH_DIGEST' => $this->digestHeader($data), - ] - ); + ]); $result = $this->auth->authenticate($request, $this->response); $expected = [ @@ -179,16 +188,21 @@ public function testAuthenticateFailsOnBadNonce(): void 'cnonce' => '123', 'qop' => 'auth', ]; + $data['response'] = $this->auth->generateResponseHash($data, '09faa9931501bf30f0d4253fa7763022', 'GET'); - $request = ServerRequestFactory::fromGlobals( - [ - 'SERVER_NAME' => 'localhost', - 'REQUEST_URI' => '/dir/index.html', + $request = $this->getMockRequest([ + 'path' => '/dir/index.html', + 'method' => 'GET', + ]); + + $request->expects($this->any()) + ->method('getServerParams') + ->willReturn([ 'REQUEST_METHOD' => 'GET', + 'SERVER_NAME' => 'localhost', 'PHP_AUTH_DIGEST' => $this->digestHeader($data), - ] - ); + ]); $result = $this->auth->authenticate($request, $this->response); $this->assertInstanceOf(Result::class, $result); @@ -210,20 +224,26 @@ public function testAuthenticateFailsNonceWithTooManyParts(): void 'cnonce' => '123', 'qop' => 'auth', ]; + $data['response'] = $this->auth->generateResponseHash( $data, '09faa9931501bf30f0d4253fa7763022', 'GET' ); - $request = ServerRequestFactory::fromGlobals( - [ - 'SERVER_NAME' => 'localhost', - 'REQUEST_URI' => '/dir/index.html', + $request = $this->getMockRequest([ + 'path' => '/dir/index.html', + 'method' => 'GET', + ]); + + $request->expects($this->any()) + ->method('getServerParams') + ->willReturn([ 'REQUEST_METHOD' => 'GET', + 'SERVER_NAME' => 'localhost', 'PHP_AUTH_DIGEST' => $this->digestHeader($data), - ] - ); + ]); + $result = $this->auth->authenticate($request, $this->response); $this->assertInstanceOf(Result::class, $result); @@ -245,13 +265,22 @@ public function testAuthenticateFailsOnStaleNonce(): void 'cnonce' => '123', 'qop' => 'auth', ]; + $data['response'] = $this->auth->generateResponseHash($data, '09faa9931501bf30f0d4253fa7763022', 'GET'); - $request = ServerRequestFactory::fromGlobals([ - 'REQUEST_URI' => '/posts/index', - 'REQUEST_METHOD' => 'GET', - 'PHP_AUTH_DIGEST' => $this->digestHeader($data), + + $request = $this->getMockRequest([ + 'path' => '/posts/index', + 'method' => 'GET', ]); + $request->expects($this->any()) + ->method('getServerParams') + ->willReturn([ + 'REQUEST_METHOD' => 'GET', + 'SERVER_NAME' => 'localhost', + 'PHP_AUTH_DIGEST' => $this->digestHeader($data), + ]); + $result = $this->auth->authenticate($request, $this->response); $this->assertInstanceOf(Result::class, $result); $this->assertFalse($result->isValid()); @@ -264,9 +293,16 @@ public function testAuthenticateFailsOnStaleNonce(): void */ public function testUnauthorizedChallenge() { - $request = ServerRequestFactory::fromGlobals( - ['REQUEST_URI' => '/posts/index', 'REQUEST_METHOD' => 'GET'] - ); + $request = $this->getMockRequest([ + 'path' => '/posts/index', + ]); + + $request->expects($this->any()) + ->method('getServerParams') + ->willReturn([ + 'REQUEST_METHOD' => 'GET', + 'SERVER_NAME' => 'localhost', + ]); try { $this->auth->unauthorizedChallenge($request); @@ -301,13 +337,15 @@ public function testUnauthorizedFailReChallenge() opaque="123abc" DIGEST; - $request = ServerRequestFactory::fromGlobals( - [ - 'REQUEST_URI' => '/posts/index', - 'REQUEST_METHOD' => 'GET', - 'PHP_AUTH_DIGEST' => $digest - ] - ); + $request = $this->getMockRequest([ + 'path' => '/posts/index', + ]); + + $request->expects($this->any()) + ->method('getServerParams') + ->willReturn(['REQUEST_METHOD' => 'GET', + 'PHP_AUTH_DIGEST' => $digest + ]); try { $this->auth->unauthorizedChallenge($request); @@ -336,13 +374,21 @@ public function testUnauthorizedChallengeIncludesStaleAttributeOnStaleNonce() 'cnonce' => '123', 'qop' => 'auth', ]; + $data['response'] = $this->auth->generateResponseHash($data, '09faa9931501bf30f0d4253fa7763022', 'GET'); - $request = ServerRequestFactory::fromGlobals([ - 'REQUEST_URI' => '/posts/index', - 'REQUEST_METHOD' => 'GET', - 'PHP_AUTH_DIGEST' => $this->digestHeader($data) + + $request = $this->getMockRequest([ + 'path' => '/posts/index', ]); + $request->expects($this->any()) + ->method('getServerParams') + ->willReturn([ + 'REQUEST_METHOD' => 'GET', + 'PHP_AUTH_DIGEST' => $this->digestHeader($data) + ]); + + try { $this->auth->unauthorizedChallenge($request); } catch (UnauthorizedException $e) { @@ -410,6 +456,7 @@ public function testParseAuthDataFullUri() $expected = 'http://192.168.0.2/pvcollection/sites/pull/HFD%200001.json#fragment'; $result = $this->auth->parseAuthData($digest); + $this->assertSame($expected, $result['uri']); } @@ -455,6 +502,7 @@ public function testPassword(): void { $result = HttpDigestAuthenticator::generatePasswordHash('mark', 'password', 'localhost'); $expected = md5('mark:localhost:password'); + $this->assertEquals($expected, $result); } @@ -471,6 +519,7 @@ protected function digestHeader(array $data): string 'realm' => 'localhost', 'opaque' => '123abc' ]; + $digest = << 'larry' ]; - $this->token = JWT::encode($data, 'secretKey'); + $this->token = JWT::encode($data, 'secretKey', 'HS256'); $resolver = new TestResolver($this->getConnection()->getConnection()); $this->identifiers = new JwtSubjectIdentifier($resolver); $this->response = new Response(); @@ -73,14 +71,17 @@ public function setUp(): void */ public function testAuthenticateViaHeaderToken() { - $this->request = ServerRequestFactory::fromGlobals( - ['REQUEST_URI' => '/'] - ); - $this->request = $this->request->withAddedHeader('Authorization', 'Bearer ' . $this->token); + $request = $this->getMockRequest([ + 'path' => '/' + ]); + $request->expects($this->once()) + ->method('getHeaderLine') + ->with('Authorization') + ->willReturn('Bearer ' . $this->token); $authenticator = (new JwtAuthenticator($this->identifiers, 'secretKey')); - $result = $authenticator->authenticate($this->request, $this->response); + $result = $authenticator->authenticate($request, $this->response); $this->assertEquals(Result::SUCCESS, $result->getStatus()); $this->assertInstanceOf(ArrayAccess::class, $result->getData()); } @@ -92,14 +93,22 @@ public function testAuthenticateViaHeaderToken() */ public function testAuthenticateViaQueryParamToken(): void { - $this->request = ServerRequestFactory::fromGlobals( - ['REQUEST_URI' => '/'], - ['token' => $this->token] - ); + $request = $this->getMockRequest(); + $request->expects($this->any()) + ->method('getQueryParams') + ->willReturn(['token' => $this->token]); + + $request = $this->getMockRequest([ + 'path' => '/', + ]); + $request->expects($this->once()) + ->method('getHeaderLine') + ->with('Authorization') + ->willReturn('Bearer ' . $this->token); $authenticator = (new JwtAuthenticator($this->identifiers, 'secretKey')); - $result = $authenticator->authenticate($this->request, $this->response); + $result = $authenticator->authenticate($request, $this->response); $this->assertInstanceOf(Result::class, $result); $this->assertEquals(Result::SUCCESS, $result->getStatus()); $this->assertInstanceOf(ArrayAccess::class, $result->getData()); @@ -112,10 +121,10 @@ public function testAuthenticateViaQueryParamToken(): void */ public function testAuthenticationViaIdentifierAndSubject(): void { - $this->request = ServerRequestFactory::fromGlobals( - ['REQUEST_URI' => '/'], - ['token' => $this->token] - ); + $request = $this->getMockRequest(); + $request->expects($this->any()) + ->method('getQueryParams') + ->willReturn(['token' => $this->token]); $this->identifiers = $this->createMock(JwtSubjectIdentifier::class); $this->identifiers->expects($this->once()) @@ -133,7 +142,7 @@ public function testAuthenticationViaIdentifierAndSubject(): void $authenticator = (new JwtAuthenticator($this->identifiers, 'secretKey')) ->setReturnPayload(false); - $result = $authenticator->authenticate($this->request, $this->response); + $result = $authenticator->authenticate($request, $this->response); $this->assertInstanceOf(Result::class, $result); $this->assertEquals(Result::SUCCESS, $result->getStatus()); $this->assertInstanceOf(ArrayAccess::class, $result->getData()); @@ -148,10 +157,10 @@ public function testAuthenticationViaIdentifierAndSubject(): void */ public function testAuthenticateInvalidPayloadNotAnObject(): void { - $request = ServerRequestFactory::fromGlobals( - ['REQUEST_URI' => '/'], - ['token' => $this->token] - ); + $request = $this->getMockRequest(); + $request->expects($this->any()) + ->method('getQueryParams') + ->willReturn(['token' => $this->token]); $response = new Response(); @@ -170,6 +179,7 @@ public function testAuthenticateInvalidPayloadNotAnObject(): void ->willReturn('no an object'); $result = $authenticator->authenticate($request, $response); + $this->assertInstanceOf(Result::class, $result); $this->assertEquals(Result::FAILURE_CREDENTIALS_INVALID, $result->getStatus()); $this->assertNull($result->getData()); @@ -182,10 +192,10 @@ public function testAuthenticateInvalidPayloadNotAnObject(): void */ public function testAuthenticateInvalidPayloadEmpty(): void { - $request = ServerRequestFactory::fromGlobals( - ['REQUEST_URI' => '/'], - ['token' => $this->token] - ); + $request = $this->getMockRequest(); + $request->expects($this->any()) + ->method('getQueryParams') + ->willReturn(['token' => $this->token]); $response = new Response(); @@ -211,14 +221,14 @@ public function testAuthenticateInvalidPayloadEmpty(): void public function testInvalidToken() { - $this->request = ServerRequestFactory::fromGlobals( - ['REQUEST_URI' => '/'], - ['token' => 'should cause an exception'] - ); + $request = $this->getMockRequest(); + $request->expects($this->any()) + ->method('getQueryParams') + ->willReturn(['token' => 'should cause an exception']); $authenticator = (new JwtAuthenticator($this->identifiers, 'secretKey')); - $result = $authenticator->authenticate($this->request, $this->response); + $result = $authenticator->authenticate($request, $this->response); $this->assertInstanceOf(Result::class, $result); $this->assertEquals(Result::FAILURE_CREDENTIALS_INVALID, $result->getStatus()); $this->assertNUll($result->getData()); @@ -235,17 +245,17 @@ public function testInvalidToken() */ public function testGetPayload() { - $this->request = ServerRequestFactory::fromGlobals( - ['REQUEST_URI' => '/'], - ['token' => $this->token] - ); + $request = $this->getMockRequest(); + $request->expects($this->any()) + ->method('getQueryParams') + ->willReturn(['token' => $this->token]); $authenticator = (new JwtAuthenticator($this->identifiers, 'secretKey')); $result = $authenticator->getPayload(); $this->assertNull($result); - $authenticator->authenticate($this->request, $this->response); + $authenticator->authenticate($request, $this->response); $expected = [ 'sub' => 3, diff --git a/tests/TestCase/Authenticator/ResultTest.php b/tests/TestCase/Authenticator/ResultTest.php index 8f3f0896..b95b8dc8 100644 --- a/tests/TestCase/Authenticator/ResultTest.php +++ b/tests/TestCase/Authenticator/ResultTest.php @@ -23,7 +23,6 @@ class ResultTest extends TestCase { - /** * testConstructorEmptyData * diff --git a/tests/TestCase/Authenticator/SessionAuthenticatorTest.php b/tests/TestCase/Authenticator/SessionAuthenticatorTest.php index fa505845..fd319c2f 100644 --- a/tests/TestCase/Authenticator/SessionAuthenticatorTest.php +++ b/tests/TestCase/Authenticator/SessionAuthenticatorTest.php @@ -25,11 +25,20 @@ use Phauthentic\Authentication\Test\TestCase\AuthenticationTestCase as TestCase; use Phauthentic\PasswordHasher\DefaultPasswordHasher; use Psr\Http\Message\ResponseInterface; -use Zend\Diactoros\Response; -use Zend\Diactoros\ServerRequestFactory; +use Psr\Http\Message\ServerRequestInterface; class SessionAuthenticatorTest extends TestCase { + protected ServerRequestInterface $request; + protected ResponseInterface $response; + + public function setUp(): void + { + parent::setUp(); + + $this->request = $this->getMockRequest(); + $this->response = $this->getMockResponse(); + } /** * @param StorageInterface $storage Storage instance. @@ -51,21 +60,20 @@ protected function createAuthenticator(StorageInterface $storage): SessionAuthen */ public function testAuthenticate(): void { - $request = ServerRequestFactory::fromGlobals(['REQUEST_URI' => '/']); - $response = new Response(); + $storage = $this->createMock(StorageInterface::class); $storage ->expects($this->once()) ->method('read') - ->with($request) + ->with($this->request) ->willReturn([ 'username' => 'robert', 'password' => 'h45h' ]); $authenticator = $this->createAuthenticator($storage); - $result = $authenticator->authenticate($request, $response); + $result = $authenticator->authenticate($this->request, $this->response); $this->assertInstanceOf(Result::class, $result); $this->assertEquals(Result::SUCCESS, $result->getStatus()); @@ -78,18 +86,15 @@ public function testAuthenticate(): void */ public function testAuthenticateMissing(): void { - $request = ServerRequestFactory::fromGlobals(['REQUEST_URI' => '/']); - $response = new Response(); - $storage = $this->createMock(StorageInterface::class); $storage ->expects($this->once()) ->method('read') - ->with($request) + ->with($this->request) ->willReturn(null); $authenticator = $this->createAuthenticator($storage); - $result = $authenticator->authenticate($request, $response); + $result = $authenticator->authenticate($this->request, $this->response); $this->assertInstanceOf(Result::class, $result); $this->assertEquals(Result::FAILURE_IDENTITY_NOT_FOUND, $result->getStatus()); @@ -102,14 +107,11 @@ public function testAuthenticateMissing(): void */ public function testVerifyByDatabase(): void { - $request = ServerRequestFactory::fromGlobals(['REQUEST_URI' => '/']); - $response = new Response(); - $storage = $this->createMock(StorageInterface::class); $storage ->expects($this->once()) ->method('read') - ->with($request) + ->with($this->request) ->willReturn([ 'username' => 'robert', 'password' => 'h45h' @@ -118,7 +120,7 @@ public function testVerifyByDatabase(): void $authenticator = $this->createAuthenticator($storage); $authenticator->enableVerification(); - $result = $authenticator->authenticate($request, $response); + $result = $authenticator->authenticate($this->request, $this->response); $this->assertInstanceOf(Result::class, $result); $this->assertEquals(Result::SUCCESS, $result->getStatus()); @@ -131,14 +133,11 @@ public function testVerifyByDatabase(): void */ public function testVerifyByDatabaseInvalid(): void { - $request = ServerRequestFactory::fromGlobals(['REQUEST_URI' => '/']); - $response = new Response(); - $storage = $this->createMock(StorageInterface::class); $storage ->expects($this->once()) ->method('read') - ->with($request) + ->with($this->request) ->willReturn([ 'username' => 'does-not', 'password' => 'exist' @@ -147,7 +146,7 @@ public function testVerifyByDatabaseInvalid(): void $authenticator = $this->createAuthenticator($storage); $authenticator->enableVerification(); - $result = $authenticator->authenticate($request, $response); + $result = $authenticator->authenticate($this->request, $this->response); $this->assertInstanceOf(Result::class, $result); $this->assertEquals(Result::FAILURE_CREDENTIALS_INVALID, $result->getStatus()); @@ -160,19 +159,17 @@ public function testVerifyByDatabaseInvalid(): void */ public function testPersistIdentity(): void { - $request = ServerRequestFactory::fromGlobals(['REQUEST_URI' => '/']); - $response = new Response(); $data = new ArrayObject(['username' => 'florian']); $storage = $this->createMock(StorageInterface::class); $storage ->expects($this->once()) ->method('write') - ->with($request, $response, $data); + ->with($this->request, $this->response, $data); $authenticator = $this->createAuthenticator($storage); - $result = $authenticator->persistIdentity($request, $response, $data); + $result = $authenticator->persistIdentity($this->request, $this->response, $data); $this->assertInstanceOf(ResponseInterface::class, $result); } @@ -183,15 +180,12 @@ public function testPersistIdentity(): void */ public function testClearIdentity() { - $request = ServerRequestFactory::fromGlobals(['REQUEST_URI' => '/']); - $response = new Response(); - $storage = $this->createMock(StorageInterface::class); $storage->expects($this->once())->method('clear'); $authenticator = $this->createAuthenticator($storage); - $result = $authenticator->clearIdentity($request, $response); + $result = $authenticator->clearIdentity($this->request, $this->response); $this->assertInstanceOf(ResponseInterface::class, $result); } } diff --git a/tests/TestCase/Authenticator/TokenAuthenticatorTest.php b/tests/TestCase/Authenticator/TokenAuthenticatorTest.php index 5f1692d7..4a39130a 100644 --- a/tests/TestCase/Authenticator/TokenAuthenticatorTest.php +++ b/tests/TestCase/Authenticator/TokenAuthenticatorTest.php @@ -21,11 +21,13 @@ use Phauthentic\Authentication\Identifier\TokenIdentifier; use Phauthentic\Authentication\Test\Resolver\TestResolver; use Phauthentic\Authentication\Test\TestCase\AuthenticationTestCase as TestCase; -use Zend\Diactoros\Response; -use Zend\Diactoros\ServerRequestFactory; class TokenAuthenticatorTest extends TestCase { + protected $request; + protected $identifier; + protected $response; + /** * Fixtures * @@ -46,13 +48,17 @@ public function setUp(): void $resolver = new TestResolver($this->getConnection()->getConnection()); $this->identifier = (new TokenIdentifier($resolver))->setTokenField('username'); - $this->request = ServerRequestFactory::fromGlobals( - ['REQUEST_URI' => '/testpath'], - [], - ['username' => 'florian', 'password' => 'password'] - ); - - $this->response = new Response(); + $this->request = $this->getMockRequest([ + 'method' => 'GET', + 'path' => '/testpath', + 'parsedBody' => [ + 'plugin' => null, + 'controller' => 'Users', + 'action' => 'token' + ], + ]); + + $this->response = $this->getMockResponse(); } /** @@ -70,66 +76,89 @@ public function testAuthenticateViaHeaderToken(): void $this->assertInstanceOf(Result::class, $result); $this->assertEquals(Result::FAILURE_CREDENTIALS_MISSING, $result->getStatus()); - // Test header token - $requestWithHeaders = $this->request->withAddedHeader('Token', 'florian'); + $this->request->expects($this->any()) + ->method('getHeaderLine') + ->with('Token') + ->willReturn('florian'); + $tokenAuth = (new TokenAuthenticator($this->identifier)) ->setHeaderName('Token'); - $result = $tokenAuth->authenticate($requestWithHeaders, $this->response); + $result = $tokenAuth->authenticate($this->request, $this->response); $this->assertInstanceOf(Result::class, $result); $this->assertEquals(Result::SUCCESS, $result->getStatus()); } /** - * testViaQueryParamToken - * * @return void */ - public function testViaQueryParamToken(): void + public function testValidQueryParamToken(): void { - // Test with query param token - $requestWithParams = $this->request->withQueryParams(['token' => 'florian']); + $request = $this->getMockRequest(); + $request->expects($this->any()) + ->method('getQueryParams') + ->willReturn(['token' => 'florian']); + $tokenAuth = (new TokenAuthenticator($this->identifier)) ->setQueryParam('token'); - $result = $tokenAuth->authenticate($requestWithParams, $this->response); + $result = $tokenAuth->authenticate($request, $this->response); $this->assertInstanceOf(Result::class, $result); $this->assertEquals(Result::SUCCESS, $result->getStatus()); + } + + /** + * @return void + */ + public function testInvalidQueryParamToken(): void + { + $request = $this->getMockRequest(); + $request->expects($this->any()) + ->method('getQueryParams') + ->willReturn(['token' => 'does-not-exist']); - // Test with valid query param but invalid token - $requestWithParams = $this->request->withQueryParams(['token' => 'does-not-exist']); $tokenAuth = (new TokenAuthenticator($this->identifier)) ->setQueryParam('token'); - $result = $tokenAuth->authenticate($requestWithParams, $this->response); + $result = $tokenAuth->authenticate($request, $this->response); $this->assertInstanceOf(Result::class, $result); $this->assertEquals(Result::FAILURE_IDENTITY_NOT_FOUND, $result->getStatus()); } /** - * testTokenPrefix - * * @return void */ - public function testTokenPrefix(): void + public function testValidTokenPrefix(): void { - //valid prefix - $requestWithHeaders = $this->request->withAddedHeader('Token', 'identity florian'); $tokenAuth = (new TokenAuthenticator($this->identifier)) ->setHeaderName('Token') ->setTokenPrefix('identity'); - $result = $tokenAuth->authenticate($requestWithHeaders, $this->response); + $request = $this->getMockRequest(); + $request->expects($this->any()) + ->method('getHeaderLine') + ->willReturn('identity florian'); + + $result = $tokenAuth->authenticate($request, $this->response); $this->assertInstanceOf(Result::class, $result); $this->assertEquals(Result::SUCCESS, $result->getStatus()); + } + + /** + * @return void + */ + public function testInvalidTokenPrefix(): void + { + $request = $this->getMockRequest(); + $request->expects($this->any()) + ->method('getHeaderLine') + ->willReturn('bearer florian'); - //invalid prefix - $requestWithHeaders = $this->request->withAddedHeader('Token', 'bearer florian'); $tokenAuth = (new TokenAuthenticator($this->identifier)) ->setHeaderName('Token') ->setTokenPrefix('identity'); - $result = $tokenAuth->authenticate($requestWithHeaders, $this->response); + $result = $tokenAuth->authenticate($request, $this->response); $this->assertInstanceOf(Result::class, $result); $this->assertEquals(Result::FAILURE_IDENTITY_NOT_FOUND, $result->getStatus()); } diff --git a/tests/TestCase/Identifier/CallbackIdentifierTest.php b/tests/TestCase/Identifier/CallbackIdentifierTest.php index 347d50c1..18e73aa7 100644 --- a/tests/TestCase/Identifier/CallbackIdentifierTest.php +++ b/tests/TestCase/Identifier/CallbackIdentifierTest.php @@ -25,7 +25,6 @@ // phpcs:disable PSR1.Classes.ClassDeclaration.MultipleClasses class MyCallback { - public static function callme($data) { return new ArrayObject(); diff --git a/tests/TestCase/Identifier/LdapIdentifierTest.php b/tests/TestCase/Identifier/LdapIdentifierTest.php index 3cd6504d..6e71c548 100644 --- a/tests/TestCase/Identifier/LdapIdentifierTest.php +++ b/tests/TestCase/Identifier/LdapIdentifierTest.php @@ -25,7 +25,6 @@ class LdapIdentifierTest extends TestCase { - /** * testIdentify * diff --git a/tests/TestCase/Identifier/PasswordIdentifierTest.php b/tests/TestCase/Identifier/PasswordIdentifierTest.php index 168fffb4..26ae6c20 100644 --- a/tests/TestCase/Identifier/PasswordIdentifierTest.php +++ b/tests/TestCase/Identifier/PasswordIdentifierTest.php @@ -24,7 +24,6 @@ class PasswordIdentifierTest extends TestCase { - /** * testIdentifyValid * diff --git a/tests/TestCase/Identifier/TokenIdentifierTest.php b/tests/TestCase/Identifier/TokenIdentifierTest.php index f571f41a..a28303f9 100644 --- a/tests/TestCase/Identifier/TokenIdentifierTest.php +++ b/tests/TestCase/Identifier/TokenIdentifierTest.php @@ -23,7 +23,6 @@ class TokenIdentifierTest extends TestCase { - /** * Resolver Mock */ diff --git a/tests/TestCase/PersistenceResultTest.php b/tests/TestCase/PersistenceResultTest.php index bc01c8be..c021de25 100644 --- a/tests/TestCase/PersistenceResultTest.php +++ b/tests/TestCase/PersistenceResultTest.php @@ -25,7 +25,6 @@ */ class PersistenceResultTest extends AuthenticationTestCase { - /** * @inheritdoc */