shlink/module/Rest/test-api/Middleware/AuthenticationTest.php

55 lines
1.9 KiB
PHP
Raw Normal View History

2019-01-26 10:19:20 +01:00
<?php
2019-10-05 17:26:10 +02:00
2019-01-26 10:19:20 +01:00
declare(strict_types=1);
namespace ShlinkioApiTest\Shlink\Rest\Middleware;
2019-08-11 16:30:46 +02:00
use Shlinkio\Shlink\TestUtils\ApiTest\ApiTestCase;
2019-01-26 10:19:20 +01:00
class AuthenticationTest extends ApiTestCase
{
2019-02-17 20:28:34 +01:00
/** @test */
public function authorizationErrorIsReturnedIfNoApiKeyIsSent(): void
2019-01-26 10:19:20 +01:00
{
$expectedDetail = 'Expected one of the following authentication headers, ["X-Api-Key"], but none were provided';
2019-12-31 15:38:37 +01:00
$resp = $this->callApi(self::METHOD_GET, '/short-urls');
$payload = $this->getJsonResponsePayload($resp);
2019-01-26 10:19:20 +01:00
2020-10-04 00:35:14 +02:00
self::assertEquals(self::STATUS_UNAUTHORIZED, $resp->getStatusCode());
self::assertEquals(self::STATUS_UNAUTHORIZED, $payload['status']);
self::assertEquals('INVALID_AUTHORIZATION', $payload['type']);
self::assertEquals($expectedDetail, $payload['detail']);
self::assertEquals('Invalid authorization', $payload['title']);
2019-01-27 10:54:04 +01:00
}
/**
* @test
2019-01-27 12:14:18 +01:00
* @dataProvider provideInvalidApiKeys
2019-01-27 10:54:04 +01:00
*/
2019-02-17 20:28:34 +01:00
public function apiKeyErrorIsReturnedWhenProvidedApiKeyIsInvalid(string $apiKey): void
2019-01-27 10:54:04 +01:00
{
$expectedDetail = 'Provided API key does not exist or is invalid.';
2019-12-31 15:38:37 +01:00
$resp = $this->callApi(self::METHOD_GET, '/short-urls', [
'headers' => [
'X-Api-Key' => $apiKey,
],
]);
$payload = $this->getJsonResponsePayload($resp);
2019-01-27 10:54:04 +01:00
2020-10-04 00:35:14 +02:00
self::assertEquals(self::STATUS_UNAUTHORIZED, $resp->getStatusCode());
self::assertEquals(self::STATUS_UNAUTHORIZED, $payload['status']);
self::assertEquals('INVALID_API_KEY', $payload['type']);
self::assertEquals($expectedDetail, $payload['detail']);
self::assertEquals('Invalid API key', $payload['title']);
2019-01-26 10:19:20 +01:00
}
2019-01-27 12:14:18 +01:00
2019-02-17 20:28:34 +01:00
public function provideInvalidApiKeys(): iterable
2019-01-27 12:14:18 +01:00
{
2019-02-17 20:28:34 +01:00
yield 'key which does not exist' => ['invalid'];
yield 'key which is expired' => ['expired_api_key'];
yield 'key which is disabled' => ['disabled_api_key'];
2019-01-27 12:14:18 +01:00
}
2019-01-26 10:19:20 +01:00
}