mirror of
https://github.com/shlinkio/shlink.git
synced 2024-11-23 21:27:44 +03:00
Implemented ApiKeyHeaderPlugin
This commit is contained in:
Alejandro Celaya
parent
0f5fb066d1
commit
5ecfe9f0f0
3 changed files with 106 additions and 1 deletions
|
|
@ -39,6 +39,7 @@ return [
|
|||
|
||||
ConfigAbstractFactory::class => [
|
||||
Authentication\Plugin\AuthorizationHeaderPlugin::class => [Authentication\JWTService::class, 'translator'],
|
||||
Authentication\Plugin\ApiKeyHeaderPlugin::class => [Service\ApiKeyService::class, 'translator'],
|
||||
|
||||
Authentication\RequestToHttpAuthPlugin::class => [Authentication\AuthenticationPluginManager::class],
|
||||
|
||||
|
|
|
|||
|
|
@ -6,17 +6,43 @@ namespace Shlinkio\Shlink\Rest\Authentication\Plugin;
|
|||
use Psr\Http\Message\ResponseInterface;
|
||||
use Psr\Http\Message\ServerRequestInterface;
|
||||
use Shlinkio\Shlink\Rest\Exception\VerifyAuthenticationException;
|
||||
use Shlinkio\Shlink\Rest\Service\ApiKeyServiceInterface;
|
||||
use Shlinkio\Shlink\Rest\Util\RestUtils;
|
||||
use Zend\I18n\Translator\TranslatorInterface;
|
||||
|
||||
class ApiKeyHeaderPlugin implements AuthenticationPluginInterface
|
||||
{
|
||||
public const HEADER_NAME = 'X-Api-Key';
|
||||
|
||||
/**
|
||||
* @var ApiKeyServiceInterface
|
||||
*/
|
||||
private $apiKeyService;
|
||||
/**
|
||||
* @var TranslatorInterface
|
||||
*/
|
||||
private $translator;
|
||||
|
||||
public function __construct(ApiKeyServiceInterface $apiKeyService, TranslatorInterface $translator)
|
||||
{
|
||||
$this->apiKeyService = $apiKeyService;
|
||||
$this->translator = $translator;
|
||||
}
|
||||
|
||||
/**
|
||||
* @throws VerifyAuthenticationException
|
||||
*/
|
||||
public function verify(ServerRequestInterface $request): void
|
||||
{
|
||||
// TODO: Implement check() method.
|
||||
$apiKey = $request->getHeaderLine(self::HEADER_NAME);
|
||||
if ($this->apiKeyService->check($apiKey)) {
|
||||
return;
|
||||
}
|
||||
|
||||
throw VerifyAuthenticationException::withError(
|
||||
RestUtils::INVALID_API_KEY_ERROR,
|
||||
$this->translator->translate('Provided API key does not exist or is invalid.')
|
||||
);
|
||||
}
|
||||
|
||||
public function update(ServerRequestInterface $request, ResponseInterface $response): ResponseInterface
|
||||
|
|
|
|||
|
|
@ -0,0 +1,78 @@
|
|||
<?php
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace ShlinkioTest\Shlink\Rest\Authentication\Plugin;
|
||||
|
||||
use PHPUnit\Framework\TestCase;
|
||||
use Prophecy\Prophecy\ObjectProphecy;
|
||||
use Psr\Http\Message\ServerRequestInterface;
|
||||
use Shlinkio\Shlink\Rest\Authentication\Plugin\ApiKeyHeaderPlugin;
|
||||
use Shlinkio\Shlink\Rest\Exception\VerifyAuthenticationException;
|
||||
use Shlinkio\Shlink\Rest\Service\ApiKeyServiceInterface;
|
||||
use Zend\Diactoros\Response;
|
||||
use Zend\Diactoros\ServerRequestFactory;
|
||||
use Zend\I18n\Translator\Translator;
|
||||
|
||||
class ApiKeyHeaderPluginTest extends TestCase
|
||||
{
|
||||
/**
|
||||
* @var ApiKeyHeaderPlugin
|
||||
*/
|
||||
private $plugin;
|
||||
/**
|
||||
* @var ObjectProphecy
|
||||
*/
|
||||
private $apiKeyService;
|
||||
|
||||
public function setUp()
|
||||
{
|
||||
$this->apiKeyService = $this->prophesize(ApiKeyServiceInterface::class);
|
||||
$this->plugin = new ApiKeyHeaderPlugin($this->apiKeyService->reveal(), Translator::factory([]));
|
||||
}
|
||||
|
||||
/**
|
||||
* @test
|
||||
*/
|
||||
public function verifyThrowsExceptionWhenApiKeyIsNotValid()
|
||||
{
|
||||
$apiKey = 'abc-ABC';
|
||||
$check = $this->apiKeyService->check($apiKey)->willReturn(false);
|
||||
$check->shouldBeCalledTimes(1);
|
||||
|
||||
$this->expectException(VerifyAuthenticationException::class);
|
||||
$this->expectExceptionMessage('Provided API key does not exist or is invalid');
|
||||
|
||||
$this->plugin->verify($this->createRequest($apiKey));
|
||||
}
|
||||
|
||||
/**
|
||||
* @test
|
||||
*/
|
||||
public function verifyDoesNotThrowExceptionWhenApiKeyIsValid()
|
||||
{
|
||||
$apiKey = 'abc-ABC';
|
||||
$check = $this->apiKeyService->check($apiKey)->willReturn(true);
|
||||
|
||||
$this->plugin->verify($this->createRequest($apiKey));
|
||||
|
||||
$check->shouldHaveBeenCalledTimes(1);
|
||||
}
|
||||
|
||||
/**
|
||||
* @test
|
||||
*/
|
||||
public function updateReturnsResponseAsIs()
|
||||
{
|
||||
$apiKey = 'abc-ABC';
|
||||
$response = new Response();
|
||||
|
||||
$returnedResponse = $this->plugin->update($this->createRequest($apiKey), $response);
|
||||
|
||||
$this->assertSame($response, $returnedResponse);
|
||||
}
|
||||
|
||||
private function createRequest(string $apiKey): ServerRequestInterface
|
||||
{
|
||||
return ServerRequestFactory::fromGlobals()->withHeader(ApiKeyHeaderPlugin::HEADER_NAME, $apiKey);
|
||||
}
|
||||
}
|
||||
Loading…
Reference in a new issue