jonny/jonnybarnes.uk
1
0
Fork 0
Code Issues 8 Pull requests Projects Releases 5 Packages Wiki Activity Actions

Refactor micropub token verification

Browse source
This commit is contained in:
Jonny Barnes 2025-04-12 11:47:30 +01:00
parent 70f90dd456
commit 23c275945a
Signed by: jonny
SSH key fingerprint: SHA256:CTuSlns5U7qlD9jqHvtnVmfYV3Zwl2Z7WnJ4/dqOaL8
5 changed files with 101 additions and 136 deletions
Download patch file Download diff file Expand all files Collapse all files

33
tests/Feature/TokenServiceTest.php
View file

@ -19,7 +19,7 @@ class TokenServiceTest extends TestCase
* the APP_KEY, to test, we shall create a token, and then verify it.
*/
#[Test]
public function tokenservice_creates_and_validates_tokens(): void
public function tokenservice_creates_valid_tokens(): void
{
$tokenService = new TokenService;
$data = [
@ -28,20 +28,22 @@ class TokenServiceTest extends TestCase
'scope' => 'post',
];
$token = $tokenService->getNewToken($data);
$valid = $tokenService->validateToken($token);
$validData = [
'me' => $valid->claims()->get('me'),
'client_id' => $valid->claims()->get('client_id'),
'scope' => $valid->claims()->get('scope'),
];
$this->assertSame($data, $validData);
$response = $this->get('/api/post', ['HTTP_Authorization' => 'Bearer ' . $token]);
$response->assertJson([
'response' => 'token',
'token' => [
'me' => $data['me'],
'client_id' => $data['client_id'],
'scope' => $data['scope'],
]
]);
}
#[Test]
public function tokens_with_different_signing_key_throws_exception(): void
public function tokens_with_different_signing_key_are_not_valid(): void
{
$this->expectException(RequiredConstraintsViolated::class);
$data = [
'me' => 'https://example.org',
'client_id' => 'https://quill.p3k.io',
@ -59,7 +61,12 @@ class TokenServiceTest extends TestCase
->getToken($config->signer(), InMemory::plainText(random_bytes(32)))
->toString();
$service = new TokenService;
$service->validateToken($token);
$response = $this->get('/api/post', ['HTTP_Authorization' => 'Bearer ' . $token]);
$response->assertJson([
'response' => 'error',
'error' => 'invalid_token',
'error_description' => 'The provided token did not pass validation',
]);
}
}