Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Commit 77b7d2c

Browse files
author
Greg Bowler
committed
Send actions as encrypted messages
1 parent be5d06a commit 77b7d2c

File tree

3 files changed

+52
-8
lines changed

3 files changed

+52
-8
lines changed

‎src/ProviderUri/AbstractProviderUri.php‎

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -35,10 +35,10 @@ protected function normaliseBaseUri(string $baseUri):Uri {
3535
protected function buildQuery(
3636
Token $token,
3737
string $currentPath,
38-
string $data = null
38+
string $message = null
3939
):string {
4040
return http_build_query([
41-
self::QUERY_STRING_CIPHER => (string)$token->generateRequestCipher($data),
41+
self::QUERY_STRING_CIPHER => (string)$token->generateRequestCipher($message),
4242
self::QUERY_STRING_INIT_VECTOR => (string)$token->getIv(),
4343
self::QUERY_STRING_CURRENT_PATH => bin2hex($currentPath),
4444
]);

‎src/ProviderUri/LogoutUri.php‎

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -10,9 +10,12 @@ public function __construct(
1010
string $baseRemoteUri = self::DEFAULT_BASE_REMOTE_URI
1111
) {
1212
$baseRemoteUri = $this->normaliseBaseUri($baseRemoteUri);
13-
$baseRemoteUri = $baseRemoteUri->withPath("/logout");
1413

1514
parent::__construct($baseRemoteUri);
16-
$this->query = $this->buildQuery($token, $currentPath);
15+
$this->query = $this->buildQuery(
16+
$token,
17+
$currentPath,
18+
"action=logout"
19+
);
1720
}
1821
}

‎test/phpunit/AuthenticatorTest.php‎

Lines changed: 45 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -64,16 +64,19 @@ public function testIsLoggedInTrueWhenSessionDataSet() {
6464
self::assertTrue($sut->isLoggedIn());
6565
}
6666

67-
// TODO: Session shouldn't be cleared on call to logout - instead it should
68-
// redirect to the provider, and a new test should asset the response data
69-
// contains a logout confirmation.
70-
public function TODO_UPDATE_testLogoutClearsSession() {
67+
public function testLogoutCallsLogoutUri() {
7168
$sessionData = self::createMock(SessionData::class);
7269
$_SESSION = [
7370
Authenticator::SESSION_KEY => $sessionData
7471
];
7572

7673
$redirectHandler = self::createMock(RedirectHandler::class);
74+
$redirectHandler->expects(self::once())
75+
->method("redirect")
76+
->with(self::callback(fn(UriInterface $uri) =>
77+
$uri->getHost() === "login.authwave.com"
78+
&& $uri->getPath() === "/logout"
79+
));
7780

7881
$sut = new Authenticator(
7982
"test-key",
@@ -83,6 +86,44 @@ public function TODO_UPDATE_testLogoutClearsSession() {
8386
$redirectHandler
8487
);
8588
$sut->logout();
89+
self::assertNotEmpty($_SESSION);
90+
}
91+
92+
public function testCompleteAuthFromLogoutClearsSession() {
93+
$token = self::createMock(Token::class);
94+
95+
$sessionData = self::createMock(SessionData::class);
96+
$sessionData->method("getToken")
97+
->willReturn($token);
98+
99+
$_SESSION = [
100+
Authenticator::SESSION_KEY => $sessionData,
101+
];
102+
103+
$responseCipher = "abcdef";
104+
105+
$currentUri = "/example-page-" . uniqid();
106+
$currentUri .= "?";
107+
$currentUri .= http_build_query([
108+
Authenticator::RESPONSE_QUERY_PARAMETER => $responseCipher,
109+
]);
110+
111+
$redirectHandler = self::createMock(RedirectHandler::class);
112+
$redirectHandler->expects(self::once())
113+
->method("redirect")
114+
->with(self::callback(fn(UriInterface $uri) =>
115+
$uri->getHost() == ""
116+
&& $uri->getPath() == $currentUri
117+
));
118+
119+
new Authenticator(
120+
"test-key",
121+
"/",
122+
LoginUri::DEFAULT_BASE_REMOTE_URI,
123+
null,
124+
$redirectHandler
125+
);
126+
86127
self::assertEmpty($_SESSION);
87128
}
88129

0 commit comments

Comments
(0)

AltStyle によって変換されたページ (->オリジナル) /