framework/php/tests/SessionAuthenticatorTest.php

<?php

declare(strict_types=1);

namespace PhpQml\Bridge\Tests;

use PhpQml\Bridge\SessionAuthenticator;
use PHPUnit\Framework\Attributes\CoversClass;
use PHPUnit\Framework\TestCase;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;

#[CoversClass(SessionAuthenticator::class)]
final class SessionAuthenticatorTest extends TestCase
{
    public function testSupportsOnlyWhenAuthorizationHeaderPresent(): void
    {
        $auth = new SessionAuthenticator('s3cret');

        self::assertFalse($auth->supports(new Request()));

        $request = new Request();
        $request->headers->set('Authorization', 'Bearer s3cret');
        self::assertTrue($auth->supports($request));
    }

    public function testAuthenticateAcceptsMatchingBearerToken(): void
    {
        $auth    = new SessionAuthenticator('s3cret');
        $request = new Request();
        $request->headers->set('Authorization', 'Bearer s3cret');

        $passport = $auth->authenticate($request);

        self::assertInstanceOf(SelfValidatingPassport::class, $passport);
        self::assertSame('bridge', $passport->getBadge(\Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge::class)->getUserIdentifier());
    }

    public function testAuthenticateRejectsMissingBearerScheme(): void
    {
        $auth    = new SessionAuthenticator('s3cret');
        $request = new Request();
        $request->headers->set('Authorization', 'Basic deadbeef');

        $this->expectException(AuthenticationException::class);
        $this->expectExceptionMessage('Bearer token missing.');
        $auth->authenticate($request);
    }

    public function testAuthenticateRejectsWrongToken(): void
    {
        $auth    = new SessionAuthenticator('s3cret');
        $request = new Request();
        $request->headers->set('Authorization', 'Bearer wrong');

        $this->expectException(AuthenticationException::class);
        $this->expectExceptionMessage('Bearer token invalid.');
        $auth->authenticate($request);
    }

    public function testAuthenticateRejectsEmptyExpectedToken(): void
    {
        // Avoids passing a misconfigured (empty) deployment.
        $auth    = new SessionAuthenticator('');
        $request = new Request();
        $request->headers->set('Authorization', 'Bearer ');

        $this->expectException(AuthenticationException::class);
        $auth->authenticate($request);
    }

    public function testAuthenticationFailureProducesProblemJson(): void
    {
        $auth     = new SessionAuthenticator('s3cret');
        $response = $auth->onAuthenticationFailure(new Request(), new AuthenticationException('Bearer token invalid.'));

        self::assertSame(Response::HTTP_UNAUTHORIZED, $response->getStatusCode());
        self::assertSame('application/problem+json', $response->headers->get('Content-Type'));
        $body = json_decode((string) $response->getContent(), true);
        self::assertSame(401, $body['status']);
        self::assertSame('Unauthorized', $body['title']);
    }

    public function testStartReturnsProblemJsonForAnonymousAccess(): void
    {
        // Entry-point path: no Authorization header → supports() returns false →
        // Symfony invokes start() with no exception. Without our start(), the
        // default would be a Form-flavoured 302/401 — wrong shape for QML.
        $auth     = new SessionAuthenticator('s3cret');
        $response = $auth->start(new Request());

        self::assertSame(Response::HTTP_UNAUTHORIZED, $response->getStatusCode());
        self::assertSame('application/problem+json', $response->headers->get('Content-Type'));
        $body = json_decode((string) $response->getContent(), true);
        self::assertSame(401, $body['status']);
        self::assertSame('Unauthorized', $body['title']);
        self::assertSame('Bearer token required.', $body['detail']);
    }
}
Phase 1 sub-commit 2: Symfony bundle internals Bundle code for php-qml/bridge: BridgeBundle (AbstractBundle, autoloads config/services.yaml), Publisher (thin wrapper over Mercure HubInterface that enforces envelope-as-JSON), SessionAuthenticator (bearer-token custom Symfony authenticator with problem+json failures), and HealthController (GET /healthz readiness probe). Composer constraints bumped to Symfony ^8.0 across the board (per user request); mercure component to ^0.7. PHPUnit 11 suite covers Publisher publish + private flag and SessionAuthenticator support/auth/failure paths — 8 tests, 22 assertions, all green. PLAN.md §13 updated to record the Symfony 8 minimum. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-05-02 01:05:19 +02:00			`<?php`

			`declare(strict_types=1);`

			`namespace PhpQml\Bridge\Tests;`

			`use PhpQml\Bridge\SessionAuthenticator;`
			`use PHPUnit\Framework\Attributes\CoversClass;`
			`use PHPUnit\Framework\TestCase;`
			`use Symfony\Component\HttpFoundation\Request;`
			`use Symfony\Component\HttpFoundation\Response;`
			`use Symfony\Component\Security\Core\Exception\AuthenticationException;`
			`use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;`

			`#[CoversClass(SessionAuthenticator::class)]`
			`final class SessionAuthenticatorTest extends TestCase`
			`{`
			`public function testSupportsOnlyWhenAuthorizationHeaderPresent(): void`
			`{`
			`$auth = new SessionAuthenticator('s3cret');`

			`self::assertFalse($auth->supports(new Request()));`

			`$request = new Request();`
			`$request->headers->set('Authorization', 'Bearer s3cret');`
			`self::assertTrue($auth->supports($request));`
			`}`

			`public function testAuthenticateAcceptsMatchingBearerToken(): void`
			`{`
Phase 1 sub-commit 7: CI quality job PHPStan (level 6 + symfony extension) and PHP CS Fixer (Symfony + PHP83Migration ruleset) configs at framework/php/. composer.json exposes phpstan / cs:check / cs:fix / phpunit / quality scripts. PHPStan-clean across the bundle; cs:check is happy after auto-fix applied @Symfony idioms (yoda, leading-backslash JSON_*, blank-line before return). Test mocks consolidated into a HubSpy helper to keep PHPStan happy about by-ref captures. Skeleton's Makefile target `quality` chains `composer quality` (in framework/php/) with cmake's all_qmllint target. Local run is green — 11 tests / 32 assertions, no PHPStan errors, cs-fixer clean, qmllint emits advisory warnings only. Layout fix in skeleton's Main.qml: status-dot Rectangles inside RowLayout now use Layout.preferredWidth/Height instead of width/height to satisfy Quick.layout-positioning checks. .gitea/workflows/ci.yml replaces the placeholder with a real `quality` job: setup-php, composer install (cached), the four PHP checks, Qt 6 via install-qt-action (cached), QML module build, qmllint via the all_qmllint CMake target. Workflow exists from this commit onward even if a runner isn't provisioned yet. bridge:doctor lost the Publisher dependency since it was only used as a "service is wired" marker — the command being injectable already proves that. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-05-02 02:15:06 +02:00			`$auth = new SessionAuthenticator('s3cret');`
Phase 1 sub-commit 2: Symfony bundle internals Bundle code for php-qml/bridge: BridgeBundle (AbstractBundle, autoloads config/services.yaml), Publisher (thin wrapper over Mercure HubInterface that enforces envelope-as-JSON), SessionAuthenticator (bearer-token custom Symfony authenticator with problem+json failures), and HealthController (GET /healthz readiness probe). Composer constraints bumped to Symfony ^8.0 across the board (per user request); mercure component to ^0.7. PHPUnit 11 suite covers Publisher publish + private flag and SessionAuthenticator support/auth/failure paths — 8 tests, 22 assertions, all green. PLAN.md §13 updated to record the Symfony 8 minimum. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-05-02 01:05:19 +02:00			`$request = new Request();`
			`$request->headers->set('Authorization', 'Bearer s3cret');`

			`$passport = $auth->authenticate($request);`

			`self::assertInstanceOf(SelfValidatingPassport::class, $passport);`
			`self::assertSame('bridge', $passport->getBadge(\Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge::class)->getUserIdentifier());`
			`}`

			`public function testAuthenticateRejectsMissingBearerScheme(): void`
			`{`
Phase 1 sub-commit 7: CI quality job PHPStan (level 6 + symfony extension) and PHP CS Fixer (Symfony + PHP83Migration ruleset) configs at framework/php/. composer.json exposes phpstan / cs:check / cs:fix / phpunit / quality scripts. PHPStan-clean across the bundle; cs:check is happy after auto-fix applied @Symfony idioms (yoda, leading-backslash JSON_*, blank-line before return). Test mocks consolidated into a HubSpy helper to keep PHPStan happy about by-ref captures. Skeleton's Makefile target `quality` chains `composer quality` (in framework/php/) with cmake's all_qmllint target. Local run is green — 11 tests / 32 assertions, no PHPStan errors, cs-fixer clean, qmllint emits advisory warnings only. Layout fix in skeleton's Main.qml: status-dot Rectangles inside RowLayout now use Layout.preferredWidth/Height instead of width/height to satisfy Quick.layout-positioning checks. .gitea/workflows/ci.yml replaces the placeholder with a real `quality` job: setup-php, composer install (cached), the four PHP checks, Qt 6 via install-qt-action (cached), QML module build, qmllint via the all_qmllint CMake target. Workflow exists from this commit onward even if a runner isn't provisioned yet. bridge:doctor lost the Publisher dependency since it was only used as a "service is wired" marker — the command being injectable already proves that. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-05-02 02:15:06 +02:00			`$auth = new SessionAuthenticator('s3cret');`
Phase 1 sub-commit 2: Symfony bundle internals Bundle code for php-qml/bridge: BridgeBundle (AbstractBundle, autoloads config/services.yaml), Publisher (thin wrapper over Mercure HubInterface that enforces envelope-as-JSON), SessionAuthenticator (bearer-token custom Symfony authenticator with problem+json failures), and HealthController (GET /healthz readiness probe). Composer constraints bumped to Symfony ^8.0 across the board (per user request); mercure component to ^0.7. PHPUnit 11 suite covers Publisher publish + private flag and SessionAuthenticator support/auth/failure paths — 8 tests, 22 assertions, all green. PLAN.md §13 updated to record the Symfony 8 minimum. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-05-02 01:05:19 +02:00			`$request = new Request();`
			`$request->headers->set('Authorization', 'Basic deadbeef');`

			`$this->expectException(AuthenticationException::class);`
			`$this->expectExceptionMessage('Bearer token missing.');`
			`$auth->authenticate($request);`
			`}`

			`public function testAuthenticateRejectsWrongToken(): void`
			`{`
Phase 1 sub-commit 7: CI quality job PHPStan (level 6 + symfony extension) and PHP CS Fixer (Symfony + PHP83Migration ruleset) configs at framework/php/. composer.json exposes phpstan / cs:check / cs:fix / phpunit / quality scripts. PHPStan-clean across the bundle; cs:check is happy after auto-fix applied @Symfony idioms (yoda, leading-backslash JSON_*, blank-line before return). Test mocks consolidated into a HubSpy helper to keep PHPStan happy about by-ref captures. Skeleton's Makefile target `quality` chains `composer quality` (in framework/php/) with cmake's all_qmllint target. Local run is green — 11 tests / 32 assertions, no PHPStan errors, cs-fixer clean, qmllint emits advisory warnings only. Layout fix in skeleton's Main.qml: status-dot Rectangles inside RowLayout now use Layout.preferredWidth/Height instead of width/height to satisfy Quick.layout-positioning checks. .gitea/workflows/ci.yml replaces the placeholder with a real `quality` job: setup-php, composer install (cached), the four PHP checks, Qt 6 via install-qt-action (cached), QML module build, qmllint via the all_qmllint CMake target. Workflow exists from this commit onward even if a runner isn't provisioned yet. bridge:doctor lost the Publisher dependency since it was only used as a "service is wired" marker — the command being injectable already proves that. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-05-02 02:15:06 +02:00			`$auth = new SessionAuthenticator('s3cret');`
Phase 1 sub-commit 2: Symfony bundle internals Bundle code for php-qml/bridge: BridgeBundle (AbstractBundle, autoloads config/services.yaml), Publisher (thin wrapper over Mercure HubInterface that enforces envelope-as-JSON), SessionAuthenticator (bearer-token custom Symfony authenticator with problem+json failures), and HealthController (GET /healthz readiness probe). Composer constraints bumped to Symfony ^8.0 across the board (per user request); mercure component to ^0.7. PHPUnit 11 suite covers Publisher publish + private flag and SessionAuthenticator support/auth/failure paths — 8 tests, 22 assertions, all green. PLAN.md §13 updated to record the Symfony 8 minimum. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-05-02 01:05:19 +02:00			`$request = new Request();`
			`$request->headers->set('Authorization', 'Bearer wrong');`

			`$this->expectException(AuthenticationException::class);`
			`$this->expectExceptionMessage('Bearer token invalid.');`
			`$auth->authenticate($request);`
			`}`

			`public function testAuthenticateRejectsEmptyExpectedToken(): void`
			`{`
			`// Avoids passing a misconfigured (empty) deployment.`
Phase 1 sub-commit 7: CI quality job PHPStan (level 6 + symfony extension) and PHP CS Fixer (Symfony + PHP83Migration ruleset) configs at framework/php/. composer.json exposes phpstan / cs:check / cs:fix / phpunit / quality scripts. PHPStan-clean across the bundle; cs:check is happy after auto-fix applied @Symfony idioms (yoda, leading-backslash JSON_*, blank-line before return). Test mocks consolidated into a HubSpy helper to keep PHPStan happy about by-ref captures. Skeleton's Makefile target `quality` chains `composer quality` (in framework/php/) with cmake's all_qmllint target. Local run is green — 11 tests / 32 assertions, no PHPStan errors, cs-fixer clean, qmllint emits advisory warnings only. Layout fix in skeleton's Main.qml: status-dot Rectangles inside RowLayout now use Layout.preferredWidth/Height instead of width/height to satisfy Quick.layout-positioning checks. .gitea/workflows/ci.yml replaces the placeholder with a real `quality` job: setup-php, composer install (cached), the four PHP checks, Qt 6 via install-qt-action (cached), QML module build, qmllint via the all_qmllint CMake target. Workflow exists from this commit onward even if a runner isn't provisioned yet. bridge:doctor lost the Publisher dependency since it was only used as a "service is wired" marker — the command being injectable already proves that. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-05-02 02:15:06 +02:00			`$auth = new SessionAuthenticator('');`
Phase 1 sub-commit 2: Symfony bundle internals Bundle code for php-qml/bridge: BridgeBundle (AbstractBundle, autoloads config/services.yaml), Publisher (thin wrapper over Mercure HubInterface that enforces envelope-as-JSON), SessionAuthenticator (bearer-token custom Symfony authenticator with problem+json failures), and HealthController (GET /healthz readiness probe). Composer constraints bumped to Symfony ^8.0 across the board (per user request); mercure component to ^0.7. PHPUnit 11 suite covers Publisher publish + private flag and SessionAuthenticator support/auth/failure paths — 8 tests, 22 assertions, all green. PLAN.md §13 updated to record the Symfony 8 minimum. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-05-02 01:05:19 +02:00			`$request = new Request();`
			`$request->headers->set('Authorization', 'Bearer ');`

			`$this->expectException(AuthenticationException::class);`
			`$auth->authenticate($request);`
			`}`

			`public function testAuthenticationFailureProducesProblemJson(): void`
			`{`
Phase 1 sub-commit 7: CI quality job PHPStan (level 6 + symfony extension) and PHP CS Fixer (Symfony + PHP83Migration ruleset) configs at framework/php/. composer.json exposes phpstan / cs:check / cs:fix / phpunit / quality scripts. PHPStan-clean across the bundle; cs:check is happy after auto-fix applied @Symfony idioms (yoda, leading-backslash JSON_*, blank-line before return). Test mocks consolidated into a HubSpy helper to keep PHPStan happy about by-ref captures. Skeleton's Makefile target `quality` chains `composer quality` (in framework/php/) with cmake's all_qmllint target. Local run is green — 11 tests / 32 assertions, no PHPStan errors, cs-fixer clean, qmllint emits advisory warnings only. Layout fix in skeleton's Main.qml: status-dot Rectangles inside RowLayout now use Layout.preferredWidth/Height instead of width/height to satisfy Quick.layout-positioning checks. .gitea/workflows/ci.yml replaces the placeholder with a real `quality` job: setup-php, composer install (cached), the four PHP checks, Qt 6 via install-qt-action (cached), QML module build, qmllint via the all_qmllint CMake target. Workflow exists from this commit onward even if a runner isn't provisioned yet. bridge:doctor lost the Publisher dependency since it was only used as a "service is wired" marker — the command being injectable already proves that. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-05-02 02:15:06 +02:00			`$auth = new SessionAuthenticator('s3cret');`
Phase 1 sub-commit 2: Symfony bundle internals Bundle code for php-qml/bridge: BridgeBundle (AbstractBundle, autoloads config/services.yaml), Publisher (thin wrapper over Mercure HubInterface that enforces envelope-as-JSON), SessionAuthenticator (bearer-token custom Symfony authenticator with problem+json failures), and HealthController (GET /healthz readiness probe). Composer constraints bumped to Symfony ^8.0 across the board (per user request); mercure component to ^0.7. PHPUnit 11 suite covers Publisher publish + private flag and SessionAuthenticator support/auth/failure paths — 8 tests, 22 assertions, all green. PLAN.md §13 updated to record the Symfony 8 minimum. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-05-02 01:05:19 +02:00			`$response = $auth->onAuthenticationFailure(new Request(), new AuthenticationException('Bearer token invalid.'));`

			`self::assertSame(Response::HTTP_UNAUTHORIZED, $response->getStatusCode());`
			`self::assertSame('application/problem+json', $response->headers->get('Content-Type'));`
			`$body = json_decode((string) $response->getContent(), true);`
			`self::assertSame(401, $body['status']);`
			`self::assertSame('Unauthorized', $body['title']);`
			`}`
v0.1.3: audit-driven non-breaking fixes Three bugs surfaced by the post-v0.1.2 architecture audit: - bridge.qml_path is now actually configurable. BridgeBundle::configure defines the qml_path scalar node (default ../qml/); loadExtension exposes it as the bridge.qml_path container parameter; services.yaml binds it into BridgeResourceMaker + BridgeWindowMaker. Apps override with `config/packages/bridge.yaml`. The existing maker docstrings claimed this worked already — they lied; now they don't. - SessionAuthenticator implements AuthenticationEntryPointInterface and routes the no-token entry-point path through the same problem+json helper as onAuthenticationFailure, so QML's RestClient sees one error shape regardless of which firewall path was taken. Test added. - CorrelationKeyListener::onTerminate guards on isMainRequest() now, matching onRequest's existing guard. No user-visible impact in worker mode (no sub-requests emitted), but the asymmetry was a defensive bug that would corrupt optimistic-update reconciliation. PLAN.md §13 gains a v0.1.3 section + folds the audit's API-surface items (PublisherInterface / ModelPublisherInterface / BridgeOp enum / maker DRY / DTO-shaped scaffold) into v0.2.0. CHANGELOG.md mirrors. PHPStan + cs-fixer + PHPUnit (17/17) + maker snapshot tests all green. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-05-03 16:31:54 +02:00
			`public function testStartReturnsProblemJsonForAnonymousAccess(): void`
			`{`
			`// Entry-point path: no Authorization header → supports() returns false →`
			`// Symfony invokes start() with no exception. Without our start(), the`
			`// default would be a Form-flavoured 302/401 — wrong shape for QML.`
			`$auth = new SessionAuthenticator('s3cret');`
			`$response = $auth->start(new Request());`

			`self::assertSame(Response::HTTP_UNAUTHORIZED, $response->getStatusCode());`
			`self::assertSame('application/problem+json', $response->headers->get('Content-Type'));`
			`$body = json_decode((string) $response->getContent(), true);`
			`self::assertSame(401, $body['status']);`
			`self::assertSame('Unauthorized', $body['title']);`
			`self::assertSame('Bearer token required.', $body['detail']);`
			`}`
Phase 1 sub-commit 2: Symfony bundle internals Bundle code for php-qml/bridge: BridgeBundle (AbstractBundle, autoloads config/services.yaml), Publisher (thin wrapper over Mercure HubInterface that enforces envelope-as-JSON), SessionAuthenticator (bearer-token custom Symfony authenticator with problem+json failures), and HealthController (GET /healthz readiness probe). Composer constraints bumped to Symfony ^8.0 across the board (per user request); mercure component to ^0.7. PHPUnit 11 suite covers Publisher publish + private flag and SessionAuthenticator support/auth/failure paths — 8 tests, 22 assertions, all green. PLAN.md §13 updated to record the Symfony 8 minimum. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-05-02 01:05:19 +02:00			`}`