magdev/php-qml
1
Fork 0
Code Issues Pull Requests Actions Releases 4 Activity
Files
1389b929064d1c238e4182c245cc36e7adb228fc
php-qml/framework/php/tests/SessionAuthenticatorTest.php
magdev 7323b9affe
Some checks failed
CI / Quality (push) Has been cancelled
Details
Phase 1 sub-commit 7: CI quality job 
PHPStan (level 6 + symfony extension) and PHP CS Fixer (Symfony +
PHP83Migration ruleset) configs at framework/php/. composer.json
exposes phpstan / cs:check / cs:fix / phpunit / quality scripts.
PHPStan-clean across the bundle; cs:check is happy after auto-fix
applied @Symfony idioms (yoda, leading-backslash JSON_*, blank-line
before return). Test mocks consolidated into a HubSpy helper to keep
PHPStan happy about by-ref captures.

Skeleton's Makefile target `quality` chains `composer quality` (in
framework/php/) with cmake's all_qmllint target. Local run is green —
11 tests / 32 assertions, no PHPStan errors, cs-fixer clean, qmllint
emits advisory warnings only.

Layout fix in skeleton's Main.qml: status-dot Rectangles inside
RowLayout now use Layout.preferredWidth/Height instead of width/height
to satisfy Quick.layout-positioning checks.

.gitea/workflows/ci.yml replaces the placeholder with a real `quality`
job: setup-php, composer install (cached), the four PHP checks, Qt 6
via install-qt-action (cached), QML module build, qmllint via the
all_qmllint CMake target. Workflow exists from this commit onward
even if a runner isn't provisioned yet.

bridge:doctor lost the Publisher dependency since it was only used as
a "service is wired" marker — the command being injectable already
proves that.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-02 02:15:06 +02:00

86 lines
3.1 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
namespace PhpQml\Bridge\Tests;
use PhpQml\Bridge\SessionAuthenticator;
use PHPUnit\Framework\Attributes\CoversClass;
use PHPUnit\Framework\TestCase;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
#[CoversClass(SessionAuthenticator::class)]
final class SessionAuthenticatorTest extends TestCase
{
public function testSupportsOnlyWhenAuthorizationHeaderPresent(): void
{
$auth = new SessionAuthenticator('s3cret');
self::assertFalse($auth->supports(new Request()));
$request = new Request();
$request->headers->set('Authorization', 'Bearer s3cret');
self::assertTrue($auth->supports($request));
}
public function testAuthenticateAcceptsMatchingBearerToken(): void
{
$auth = new SessionAuthenticator('s3cret');
$request = new Request();
$request->headers->set('Authorization', 'Bearer s3cret');
$passport = $auth->authenticate($request);
self::assertInstanceOf(SelfValidatingPassport::class, $passport);
self::assertSame('bridge', $passport->getBadge(\Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge::class)->getUserIdentifier());
}
public function testAuthenticateRejectsMissingBearerScheme(): void
{
$auth = new SessionAuthenticator('s3cret');
$request = new Request();
$request->headers->set('Authorization', 'Basic deadbeef');
$this->expectException(AuthenticationException::class);
$this->expectExceptionMessage('Bearer token missing.');
$auth->authenticate($request);
}
public function testAuthenticateRejectsWrongToken(): void
{
$auth = new SessionAuthenticator('s3cret');
$request = new Request();
$request->headers->set('Authorization', 'Bearer wrong');
$this->expectException(AuthenticationException::class);
$this->expectExceptionMessage('Bearer token invalid.');
$auth->authenticate($request);
}
public function testAuthenticateRejectsEmptyExpectedToken(): void
{
// Avoids passing a misconfigured (empty) deployment.
$auth = new SessionAuthenticator('');
$request = new Request();
$request->headers->set('Authorization', 'Bearer ');
$this->expectException(AuthenticationException::class);
$auth->authenticate($request);
}
public function testAuthenticationFailureProducesProblemJson(): void
{
$auth = new SessionAuthenticator('s3cret');
$response = $auth->onAuthenticationFailure(new Request(), new AuthenticationException('Bearer token invalid.'));
self::assertSame(Response::HTTP_UNAUTHORIZED, $response->getStatusCode());
self::assertSame('application/problem+json', $response->headers->get('Content-Type'));
$body = json_decode((string) $response->getContent(), true);
self::assertSame(401, $body['status']);
self::assertSame('Unauthorized', $body['title']);
}
}
Reference in New Issue View Git Blame Copy Permalink