shlink/module/Rest/test-api/Middleware/AuthenticationTest.php

<?php

declare(strict_types=1);

namespace ShlinkioApiTest\Shlink\Rest\Middleware;

use Shlinkio\Shlink\Rest\Authentication\Plugin;
use Shlinkio\Shlink\Rest\Authentication\RequestToHttpAuthPlugin;
use Shlinkio\Shlink\TestUtils\ApiTest\ApiTestCase;

use function implode;
use function sprintf;

class AuthenticationTest extends ApiTestCase
{
    /** @test */
    public function authorizationErrorIsReturnedIfNoApiKeyIsSent(): void
    {
        $expectedDetail = sprintf(
            'Expected one of the following authentication headers, ["%s"], but none were provided',
            implode('", "', RequestToHttpAuthPlugin::SUPPORTED_AUTH_HEADERS),
        );

        $resp = $this->callApi(self::METHOD_GET, '/short-urls');
        $payload = $this->getJsonResponsePayload($resp);

        $this->assertEquals(self::STATUS_UNAUTHORIZED, $resp->getStatusCode());
        $this->assertEquals(self::STATUS_UNAUTHORIZED, $payload['status']);
        $this->assertEquals('INVALID_AUTHORIZATION', $payload['type']);
        $this->assertEquals($expectedDetail, $payload['detail']);
        $this->assertEquals('Invalid authorization', $payload['title']);
    }

    /**
     * @test
     * @dataProvider provideInvalidApiKeys
     */
    public function apiKeyErrorIsReturnedWhenProvidedApiKeyIsInvalid(string $apiKey): void
    {
        $expectedDetail = 'Provided API key does not exist or is invalid.';

        $resp = $this->callApi(self::METHOD_GET, '/short-urls', [
            'headers' => [
                Plugin\ApiKeyHeaderPlugin::HEADER_NAME => $apiKey,
            ],
        ]);
        $payload = $this->getJsonResponsePayload($resp);

        $this->assertEquals(self::STATUS_UNAUTHORIZED, $resp->getStatusCode());
        $this->assertEquals(self::STATUS_UNAUTHORIZED, $payload['status']);
        $this->assertEquals('INVALID_API_KEY', $payload['type']);
        $this->assertEquals($expectedDetail, $payload['detail']);
        $this->assertEquals('Invalid API key', $payload['title']);
    }

    public function provideInvalidApiKeys(): iterable
    {
        yield 'key which does not exist' => ['invalid'];
        yield 'key which is expired' => ['expired_api_key'];
        yield 'key which is disabled' => ['disabled_api_key'];
    }
}
Prepared configs for API tests 2019-01-26 12:19:20 +03:00			`<?php`
Updated to coding styles v2 2019-10-05 18:26:10 +03:00
Prepared configs for API tests 2019-01-26 12:19:20 +03:00			`declare(strict_types=1);`

			`namespace ShlinkioApiTest\Shlink\Rest\Middleware;`

Improved AuthenticationMiddleware API tests 2019-11-26 23:29:25 +03:00			`use Shlinkio\Shlink\Rest\Authentication\Plugin;`
Improved how API tests are executed 2019-01-27 12:54:04 +03:00			`use Shlinkio\Shlink\Rest\Authentication\RequestToHttpAuthPlugin;`
Created TestUtils module 2019-08-11 17:30:46 +03:00			`use Shlinkio\Shlink\TestUtils\ApiTest\ApiTestCase;`
Updated to shlinkio coding standard 1.1.0 2019-02-27 00:56:43 +03:00
Improved how API tests are executed 2019-01-27 12:54:04 +03:00			`use function implode;`
			`use function sprintf;`
Prepared configs for API tests 2019-01-26 12:19:20 +03:00
			`class AuthenticationTest extends ApiTestCase`
			`{`
Reduced amount of dead lines in tests 2019-02-17 22:28:34 +03:00			`/** @test */`
			`public function authorizationErrorIsReturnedIfNoApiKeyIsSent(): void`
Prepared configs for API tests 2019-01-26 12:19:20 +03:00			`{`
Added more strict checks on API errors tests 2019-11-27 22:48:35 +03:00			`$expectedDetail = sprintf(`
Improved domain exception tests to cover more possible mutants 2019-12-01 12:14:29 +03:00			`'Expected one of the following authentication headers, ["%s"], but none were provided',`
Updated to coding standard v2.1 2020-01-01 22:48:31 +03:00			`implode('", "', RequestToHttpAuthPlugin::SUPPORTED_AUTH_HEADERS),`
Added more strict checks on API errors tests 2019-11-27 22:48:35 +03:00			`);`

Removed several deprecated components 2019-12-31 17:38:37 +03:00			`$resp = $this->callApi(self::METHOD_GET, '/short-urls');`
Added more strict checks on API errors tests 2019-11-27 22:48:35 +03:00			`$payload = $this->getJsonResponsePayload($resp);`
Prepared configs for API tests 2019-01-26 12:19:20 +03:00
Improved API tests and added test for short URLs creation 2019-01-30 20:28:07 +03:00			`$this->assertEquals(self::STATUS_UNAUTHORIZED, $resp->getStatusCode());`
Added more strict checks on API errors tests 2019-11-27 22:48:35 +03:00			`$this->assertEquals(self::STATUS_UNAUTHORIZED, $payload['status']);`
			`$this->assertEquals('INVALID_AUTHORIZATION', $payload['type']);`
			`$this->assertEquals($expectedDetail, $payload['detail']);`
			`$this->assertEquals('Invalid authorization', $payload['title']);`
Improved how API tests are executed 2019-01-27 12:54:04 +03:00			`}`

			`/**`
			`* @test`
Improved API tests by adding fixtures 2019-01-27 14:14:18 +03:00			`* @dataProvider provideInvalidApiKeys`
Improved how API tests are executed 2019-01-27 12:54:04 +03:00			`*/`
Reduced amount of dead lines in tests 2019-02-17 22:28:34 +03:00			`public function apiKeyErrorIsReturnedWhenProvidedApiKeyIsInvalid(string $apiKey): void`
Improved how API tests are executed 2019-01-27 12:54:04 +03:00			`{`
Added more strict checks on API errors tests 2019-11-27 22:48:35 +03:00			`$expectedDetail = 'Provided API key does not exist or is invalid.';`

Removed several deprecated components 2019-12-31 17:38:37 +03:00			`$resp = $this->callApi(self::METHOD_GET, '/short-urls', [`
Improved API tests and added test for short URLs creation 2019-01-30 20:28:07 +03:00			`'headers' => [`
Improved AuthenticationMiddleware API tests 2019-11-26 23:29:25 +03:00			`Plugin\ApiKeyHeaderPlugin::HEADER_NAME => $apiKey,`
Improved API tests and added test for short URLs creation 2019-01-30 20:28:07 +03:00			`],`
			`]);`
Added more strict checks on API errors tests 2019-11-27 22:48:35 +03:00			`$payload = $this->getJsonResponsePayload($resp);`
Improved how API tests are executed 2019-01-27 12:54:04 +03:00
Improved API tests and added test for short URLs creation 2019-01-30 20:28:07 +03:00			`$this->assertEquals(self::STATUS_UNAUTHORIZED, $resp->getStatusCode());`
Added more strict checks on API errors tests 2019-11-27 22:48:35 +03:00			`$this->assertEquals(self::STATUS_UNAUTHORIZED, $payload['status']);`
			`$this->assertEquals('INVALID_API_KEY', $payload['type']);`
			`$this->assertEquals($expectedDetail, $payload['detail']);`
			`$this->assertEquals('Invalid API key', $payload['title']);`
Prepared configs for API tests 2019-01-26 12:19:20 +03:00			`}`
Improved API tests by adding fixtures 2019-01-27 14:14:18 +03:00
Reduced amount of dead lines in tests 2019-02-17 22:28:34 +03:00			`public function provideInvalidApiKeys(): iterable`
Improved API tests by adding fixtures 2019-01-27 14:14:18 +03:00			`{`
Reduced amount of dead lines in tests 2019-02-17 22:28:34 +03:00			`yield 'key which does not exist' => ['invalid'];`
			`yield 'key which is expired' => ['expired_api_key'];`
			`yield 'key which is disabled' => ['disabled_api_key'];`
Improved API tests by adding fixtures 2019-01-27 14:14:18 +03:00			`}`
Prepared configs for API tests 2019-01-26 12:19:20 +03:00			`}`