magdev/php-qml
1
Fork 0
Code Issues Pull Requests Actions Releases 4 Activity
Files
75840a240e28f13934cb5482cc366bdcde1bad9d
php-qml/framework/php/tests/SessionAuthenticatorTest.php

87 lines
3.2 KiB
PHP
Raw Normal View History

Phase 1 sub-commit 2: Symfony bundle internals Bundle code for php-qml/bridge: BridgeBundle (AbstractBundle, autoloads config/services.yaml), Publisher (thin wrapper over Mercure HubInterface that enforces envelope-as-JSON), SessionAuthenticator (bearer-token custom Symfony authenticator with problem+json failures), and HealthController (GET /healthz readiness probe). Composer constraints bumped to Symfony ^8.0 across the board (per user request); mercure component to ^0.7. PHPUnit 11 suite covers Publisher publish + private flag and SessionAuthenticator support/auth/failure paths — 8 tests, 22 assertions, all green. PLAN.md §13 updated to record the Symfony 8 minimum. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-02 01:05:19 +02:00
<?php
declare(strict_types=1);
namespace PhpQml\Bridge\Tests;
use PhpQml\Bridge\SessionAuthenticator;
use PHPUnit\Framework\Attributes\CoversClass;
use PHPUnit\Framework\TestCase;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
#[CoversClass(SessionAuthenticator::class)]
final class SessionAuthenticatorTest extends TestCase
{
public function testSupportsOnlyWhenAuthorizationHeaderPresent(): void
{
$auth = new SessionAuthenticator('s3cret');
self::assertFalse($auth->supports(new Request()));
$request = new Request();
$request->headers->set('Authorization', 'Bearer s3cret');
self::assertTrue($auth->supports($request));
}
public function testAuthenticateAcceptsMatchingBearerToken(): void
{
$auth = new SessionAuthenticator('s3cret');
$request = new Request();
$request->headers->set('Authorization', 'Bearer s3cret');
$passport = $auth->authenticate($request);
self::assertInstanceOf(SelfValidatingPassport::class, $passport);
self::assertSame('bridge', $passport->getBadge(\Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge::class)->getUserIdentifier());
}
public function testAuthenticateRejectsMissingBearerScheme(): void
{
$auth = new SessionAuthenticator('s3cret');
$request = new Request();
$request->headers->set('Authorization', 'Basic deadbeef');
$this->expectException(AuthenticationException::class);
$this->expectExceptionMessage('Bearer token missing.');
$auth->authenticate($request);
}
public function testAuthenticateRejectsWrongToken(): void
{
$auth = new SessionAuthenticator('s3cret');
$request = new Request();
$request->headers->set('Authorization', 'Bearer wrong');
$this->expectException(AuthenticationException::class);
$this->expectExceptionMessage('Bearer token invalid.');
$auth->authenticate($request);
}
public function testAuthenticateRejectsEmptyExpectedToken(): void
{
// Avoids passing a misconfigured (empty) deployment.
$auth = new SessionAuthenticator('');
$request = new Request();
$request->headers->set('Authorization', 'Bearer ');
$this->expectException(AuthenticationException::class);
$auth->authenticate($request);
}
public function testAuthenticationFailureProducesProblemJson(): void
{
$auth = new SessionAuthenticator('s3cret');
$response = $auth->onAuthenticationFailure(new Request(), new AuthenticationException('Bearer token invalid.'));
self::assertNotNull($response);
self::assertSame(Response::HTTP_UNAUTHORIZED, $response->getStatusCode());
self::assertSame('application/problem+json', $response->headers->get('Content-Type'));
$body = json_decode((string) $response->getContent(), true);
self::assertSame(401, $body['status']);
self::assertSame('Unauthorized', $body['title']);
}
}
Reference in New Issue Copy Permalink