Magento Extensions Rating 2024
Magento 2 Documentation  2.3
Documentation for Magento 2 CMS v2.3 (December 2018)
TokenUserContextTest.php
Go to the documentation of this file.
1 <?php
7 namespace Magento\Webapi\Test\Unit\Model\Authorization;
8 
9 use Magento\Webapi\Model\Authorization\TokenUserContext;
10 use Magento\Framework\TestFramework\Unit\Helper\ObjectManager;
11 use Magento\Authorization\Model\UserContextInterface;
12 use Magento\Integration\Model\Oauth\TokenFactory;
13 use Magento\Integration\Model\Oauth\Token;
14 use Magento\Integration\Api\IntegrationServiceInterface;
15 use Magento\Framework\Webapi\Request;
16 use Magento\Integration\Helper\Oauth\Data as OauthHelper;
17 use Magento\Framework\Stdlib\DateTime\DateTime as Date;
18 use Magento\Framework\Stdlib\DateTime;
19 use Magento\Integration\Model\Integration;
20 
24 class TokenUserContextTest extends \PHPUnit\Framework\TestCase
25 {
29  protected $objectManager;
30 
34  protected $tokenUserContext;
35 
39  protected $tokenFactory;
40 
44  protected $integrationService;
45 
49  protected $request;
50 
54  private $oauthHelperMock;
55 
59  private $dateMock;
60 
64  private $dateTimeMock;
65 
66  protected function setUp()
67  {
68  $this->objectManager = new ObjectManager($this);
69 
70  $this->request = $this->getMockBuilder(Request::class)
71  ->disableOriginalConstructor()
72  ->setMethods(['getHeader'])
73  ->getMock();
74 
75  $this->tokenFactory = $this->getMockBuilder(TokenFactory::class)
76  ->disableOriginalConstructor()
77  ->setMethods(['create'])
78  ->getMock();
79 
80  $this->integrationService = $this->getMockBuilder(IntegrationServiceInterface::class)
81  ->disableOriginalConstructor()
82  ->setMethods(
83  [
84  'findByName',
85  'update',
86  'create',
87  'get',
88  'findByConsumerId',
89  'findActiveIntegrationByConsumerId',
90  'delete',
91  'getSelectedResources',
92  ]
93  )
94  ->getMock();
95 
96  $this->oauthHelperMock = $this->getMockBuilder(OauthHelper::class)
97  ->disableOriginalConstructor()
98  ->setMethods(['getAdminTokenLifetime', 'getCustomerTokenLifetime'])
99  ->getMock();
100 
101  $this->dateMock = $this->getMockBuilder(Date::class)
102  ->disableOriginalConstructor()
103  ->setMethods(['gmtTimestamp'])
104  ->getMock();
105 
106  $this->dateTimeMock = $this->getMockBuilder(DateTime::class)
107  ->disableOriginalConstructor()
108  ->setMethods(['strToTime'])
109  ->getMock();
110 
111  $this->dateTimeMock->expects($this->any())
112  ->method('strToTime')
113  ->will(
114  $this->returnCallback(
115  function ($str) {
116  return strtotime($str);
117  }
118  )
119  );
120 
121  $this->tokenUserContext = $this->objectManager->getObject(
122  TokenUserContext::class,
123  [
124  'request' => $this->request,
125  'tokenFactory' => $this->tokenFactory,
126  'integrationService' => $this->integrationService,
127  'oauthHelper' => $this->oauthHelperMock,
128  'date' => $this->dateMock,
129  'dateTime' => $this->dateTimeMock,
130  ]
131  );
132  }
133 
134  public function testNoAuthorizationHeader()
135  {
136  $this->request->expects($this->once())
137  ->method('getHeader')
138  ->with('Authorization')
139  ->will($this->returnValue(null));
140  $this->assertNull($this->tokenUserContext->getUserType());
141  $this->assertNull($this->tokenUserContext->getUserId());
142  }
143 
144  public function testNoTokenInHeader()
145  {
146  $this->request->expects($this->once())
147  ->method('getHeader')
148  ->with('Authorization')
149  ->will($this->returnValue('Bearer'));
150  $this->assertNull($this->tokenUserContext->getUserType());
151  $this->assertNull($this->tokenUserContext->getUserId());
152  }
153 
154  public function testNotBearerToken()
155  {
156  $this->request->expects($this->once())
157  ->method('getHeader')
158  ->with('Authorization')
159  ->will($this->returnValue('Access'));
160  $this->assertNull($this->tokenUserContext->getUserType());
161  $this->assertNull($this->tokenUserContext->getUserId());
162  }
163 
164  public function testNoTokenInDatabase()
165  {
166  $bearerToken = 'bearer1234';
167 
168  $this->request->expects($this->once())
169  ->method('getHeader')
170  ->with('Authorization')
171  ->will($this->returnValue("Bearer {$bearerToken}"));
172 
173  $token = $this->getMockBuilder(Token::class)
174  ->disableOriginalConstructor()
175  ->setMethods(['loadByToken', 'getId', '__wakeup'])
176  ->getMock();
177  $this->tokenFactory->expects($this->once())
178  ->method('create')
179  ->will($this->returnValue($token));
180  $token->expects($this->once())
181  ->method('loadByToken')
182  ->with($bearerToken)
183  ->will($this->returnSelf());
184  $token->expects($this->once())
185  ->method('getId')
186  ->will($this->returnValue(null));
187 
188  $this->assertNull($this->tokenUserContext->getUserType());
189  $this->assertNull($this->tokenUserContext->getUserId());
190  }
191 
192  public function testRevokedToken()
193  {
194  $bearerToken = 'bearer1234';
195 
196  $this->request->expects($this->once())
197  ->method('getHeader')
198  ->with('Authorization')
199  ->will($this->returnValue("Bearer {$bearerToken}"));
200 
201  $token = $this->getMockBuilder(Token::class)
202  ->disableOriginalConstructor()
203  ->setMethods(['loadByToken', 'getId', 'getRevoked', '__wakeup'])
204  ->getMock();
205  $this->tokenFactory->expects($this->once())
206  ->method('create')
207  ->will($this->returnValue($token));
208  $token->expects($this->once())
209  ->method('loadByToken')
210  ->with($bearerToken)
211  ->will($this->returnSelf());
212  $token->expects($this->once())
213  ->method('getId')
214  ->will($this->returnValue(1));
215  $token->expects($this->once())
216  ->method('getRevoked')
217  ->will($this->returnValue(1));
218 
219  $this->assertNull($this->tokenUserContext->getUserType());
220  $this->assertNull($this->tokenUserContext->getUserId());
221  }
222 
226  public function testValidToken($userType, $userId, $expectedUserType, $expectedUserId)
227  {
228  $bearerToken = 'bearer1234';
229 
230  $this->request->expects($this->once())
231  ->method('getHeader')
232  ->with('Authorization')
233  ->will($this->returnValue("Bearer {$bearerToken}"));
234 
235  $token = $this->getMockBuilder(Token::class)
236  ->disableOriginalConstructor()
237  ->setMethods(
238  [
239  'loadByToken',
240  'getId',
241  'getUserType',
242  'getCustomerId',
243  'getAdminId',
244  '__wakeup',
245  'getCreatedAt',
246  ]
247  )->getMock();
248  $this->tokenFactory->expects($this->once())
249  ->method('create')
250  ->will($this->returnValue($token));
251  $token->expects($this->once())
252  ->method('loadByToken')
253  ->with($bearerToken)
254  ->will($this->returnSelf());
255  $token->expects($this->once())
256  ->method('getId')
257  ->will($this->returnValue(1));
258  $token->expects($this->any())
259  ->method('getUserType')
260  ->will($this->returnValue($userType));
261 
262  $token->expects($this->any())
263  ->method('getCreatedAt')
264  ->willReturn(date('Y-m-d H:i:s', time()));
265 
266  switch ($userType) {
267  case UserContextInterface::USER_TYPE_INTEGRATION:
268  $integration = $this->getMockBuilder(Integration::class)
269  ->disableOriginalConstructor()
270  ->setMethods(['getId', '__wakeup'])
271  ->getMock();
272 
273  $integration->expects($this->once())
274  ->method('getId')
275  ->will($this->returnValue($userId));
276  $this->integrationService->expects($this->once())
277  ->method('findByConsumerId')
278  ->will($this->returnValue($integration));
279  break;
280  case UserContextInterface::USER_TYPE_ADMIN:
281  $token->expects($this->once())
282  ->method('getAdminId')
283  ->will($this->returnValue($userId));
284  break;
285  case UserContextInterface::USER_TYPE_CUSTOMER:
286  $token->expects($this->once())
287  ->method('getCustomerId')
288  ->will($this->returnValue($userId));
289  break;
290  }
291 
292  $this->assertEquals($expectedUserType, $this->tokenUserContext->getUserType());
293  $this->assertEquals($expectedUserId, $this->tokenUserContext->getUserId());
294 
295  /* check again to make sure that the above methods were only called once */
296  $this->assertEquals($expectedUserType, $this->tokenUserContext->getUserType());
297  $this->assertEquals($expectedUserId, $this->tokenUserContext->getUserId());
298  }
299 
303  public function getValidTokenData()
304  {
305  return [
306  'admin token' => [
307  UserContextInterface::USER_TYPE_ADMIN,
308  1234,
309  UserContextInterface::USER_TYPE_ADMIN,
310  1234,
311  ],
312  'customer token' => [
313  UserContextInterface::USER_TYPE_CUSTOMER,
314  1234,
315  UserContextInterface::USER_TYPE_CUSTOMER,
316  1234,
317  ],
318  'integration token' => [
319  UserContextInterface::USER_TYPE_INTEGRATION,
320  1234,
321  UserContextInterface::USER_TYPE_INTEGRATION,
322  1234,
323  ],
324  'guest user type' => [
325  UserContextInterface::USER_TYPE_GUEST,
326  1234,
327  null,
328  null,
329  ]
330  ];
331  }
332 
342  public function testExpiredToken(
343  array $tokenData,
344  int $tokenTtl,
345  int $currentTime,
346  $expectedUserType,
347  $expectedUserId
348  ) {
349  $bearerToken = 'bearer1234';
350 
351  $this->dateMock->expects($this->any())
352  ->method('gmtTimestamp')
353  ->willReturn($currentTime);
354 
355  $this->request->expects($this->once())
356  ->method('getHeader')
357  ->with('Authorization')
358  ->will($this->returnValue("Bearer {$bearerToken}"));
359 
360  $token = $this->getMockBuilder(Token::class)
361  ->disableOriginalConstructor()
362  ->setMethods(
363  [
364  'loadByToken',
365  'getCreatedAt',
366  'getId',
367  'getUserType',
368  'getCustomerId',
369  'getAdminId',
370  '__wakeup',
371  ]
372  )->getMock();
373 
374  $token->expects($this->once())
375  ->method('loadByToken')
376  ->with($bearerToken)
377  ->will($this->returnSelf());
378 
379  $token->expects($this->any())
380  ->method('getId')
381  ->will($this->returnValue(1));
382 
383  $token->expects($this->any())
384  ->method('getUserType')
385  ->will($this->returnValue($tokenData['user_type']));
386 
387  $token->expects($this->any())
388  ->method('getCreatedAt')
389  ->willReturn($tokenData['created_at']);
390 
391  $this->tokenFactory->expects($this->once())
392  ->method('create')
393  ->will($this->returnValue($token));
394 
395  $this->oauthHelperMock->expects($this->any())
396  ->method('getAdminTokenLifetime')
397  ->willReturn($tokenTtl);
398 
399  $this->oauthHelperMock->expects($this->any())
400  ->method('getCustomerTokenLifetime')
401  ->willReturn($tokenTtl);
402 
403  switch ($tokenData['user_type']) {
404  case UserContextInterface::USER_TYPE_INTEGRATION:
405  $integration = $this->getMockBuilder(Integration::class)
406  ->disableOriginalConstructor()
407  ->setMethods(['getId', '__wakeup'])
408  ->getMock();
409  $integration->expects($this->any())
410  ->method('getId')
411  ->will($this->returnValue($tokenData['user_id']));
412 
413  $this->integrationService->expects($this->any())
414  ->method('findByConsumerId')
415  ->will($this->returnValue($integration));
416  break;
417  case UserContextInterface::USER_TYPE_ADMIN:
418  $token->expects($this->any())
419  ->method('getAdminId')
420  ->will($this->returnValue($tokenData['user_id']));
421  break;
422  case UserContextInterface::USER_TYPE_CUSTOMER:
423  $token->expects($this->any())
424  ->method('getCustomerId')
425  ->will($this->returnValue($tokenData['user_id']));
426  break;
427  }
428 
429  $this->assertEquals($expectedUserType, $this->tokenUserContext->getUserType());
430  $this->assertEquals($expectedUserId, $this->tokenUserContext->getUserId());
431 
432  /* check again to make sure that the above method loadByToken in only called once */
433  $this->assertEquals($expectedUserType, $this->tokenUserContext->getUserType());
434  $this->assertEquals($expectedUserId, $this->tokenUserContext->getUserId());
435  }
436 
442  public function getExpiredTestTokenData()
443  {
444  $time = time();
445  return [
446  'token_expired_admin' => [
447  'tokenData' => [
448  'user_type' => UserContextInterface::USER_TYPE_ADMIN,
449  'user_id' => 1234,
450  'created_at' => date('Y-m-d H:i:s', $time - 3600 - 400),
451  ],
452  'tokenTtl' => 1,
453  'currentTime' => $time,
454  'expectedUserType' => null,
455  'expectedUserId' => null,
456  ],
457  'token_vigent_admin' => [
458  'tokenData' => [
459  'user_type' => UserContextInterface::USER_TYPE_ADMIN,
460  'user_id' => 1234,
461  'created_at' => date('Y-m-d H:i:s', $time - 400),
462  ],
463  'tokenTtl' => 1,
464  'currentTime' => $time,
465  'expectedUserType' => UserContextInterface::USER_TYPE_ADMIN,
466  'expectedUserId' => 1234,
467  ],
468  'token_expired_customer' => [
469  'tokenData' => [
470  'user_type' => UserContextInterface::USER_TYPE_CUSTOMER,
471  'user_id' => 1234,
472  'created_at' => date('Y-m-d H:i:s', $time - 3600 - 400),
473  ],
474  'tokenTtl' => 1,
475  'currentTime' => $time,
476  'expectedUserType' => null,
477  'expectedUserId' => null,
478  ],
479  'token_vigent_customer' => [
480  'tokenData' => [
481  'user_type' => UserContextInterface::USER_TYPE_CUSTOMER,
482  'user_id' => 1234,
483  'created_at' => date('Y-m-d H:i:s', $time - 400),
484  ],
485  'tokenTtl' => 1,
486  'currentTime' => $time,
487  'expectedUserType' => UserContextInterface::USER_TYPE_CUSTOMER,
488  'expectedUserId' => 1234,
489  ],
490  'token_expired_integration' => [
491  'tokenData' => [
492  'user_type' => UserContextInterface::USER_TYPE_INTEGRATION,
493  'user_id' => 1234,
494  'created_at' => date('Y-m-d H:i:s', $time - 3600 - 400),
495  ],
496  'tokenTtl' => 1,
497  'currentTime' => $time,
498  'expectedUserType' => UserContextInterface::USER_TYPE_INTEGRATION,
499  'expectedUserId' => 1234,
500  ],
501  'token_vigent_integration' => [
502  'tokenData' => [
503  'user_type' => UserContextInterface::USER_TYPE_INTEGRATION,
504  'user_id' => 1234,
505  'created_at' => date('Y-m-d H:i:s', $time - 400),
506  ],
507  'tokenTtl' => 1,
508  'currentTime' => $time,
509  'expectedUserType' => UserContextInterface::USER_TYPE_INTEGRATION,
510  'expectedUserId' => 1234,
511  ],
512  'token_expired_guest' => [
513  'tokenData' => [
514  'user_type' => UserContextInterface::USER_TYPE_GUEST,
515  'user_id' => 1234,
516  'created_at' => date('Y-m-d H:i:s', $time - 3600 - 400),
517  ],
518  'tokenTtl' => 1,
519  'currentTime' => $time,
520  'expectedUserType' => null,
521  'expectedUserId' => null,
522  ],
523  'token_vigent_guest' => [
524  'tokenData' => [
525  'user_type' => UserContextInterface::USER_TYPE_GUEST,
526  'user_id' => 1234,
527  'created_at' => date('Y-m-d H:i:s', $time - 400),
528  ],
529  'tokenTtl' => 1,
530  'currentTime' => $time,
531  'expectedUserType' => null,
532  'expectedUserId' => null,
533  ],
534  ];
535  }
536 }
Magento\Webapi\Test\Unit\Model\Authorization\TokenUserContextTest\testExpiredToken
testExpiredToken(array $tokenData, int $tokenTtl, int $currentTime, $expectedUserType, $expectedUserId)
Definition: TokenUserContextTest.php:342
$token
$token
Definition: fake_payment_token.php:14
$integration
$integration
Definition: integration_all_permissions.php:9
Magento\Webapi\Test\Unit\Model\Authorization\TokenUserContextTest\testValidToken
testValidToken($userType, $userId, $expectedUserType, $expectedUserId)
Definition: TokenUserContextTest.php:226