2017-11-19 20:34:55 +00:00
|
|
|
<?php
|
|
|
|
|
2018-01-14 19:30:55 +00:00
|
|
|
namespace Tests\Unit\Http\Middleware\Api\Admin;
|
2017-11-19 20:34:55 +00:00
|
|
|
|
|
|
|
use Mockery as m;
|
2018-01-14 19:30:55 +00:00
|
|
|
use Cake\Chronos\Chronos;
|
2018-01-14 18:06:15 +00:00
|
|
|
use Pterodactyl\Models\ApiKey;
|
2017-11-19 20:34:55 +00:00
|
|
|
use Illuminate\Auth\AuthManager;
|
2018-01-13 22:06:19 +00:00
|
|
|
use Illuminate\Contracts\Encryption\Encrypter;
|
2017-11-19 20:34:55 +00:00
|
|
|
use Tests\Unit\Http\Middleware\MiddlewareTestCase;
|
|
|
|
use Symfony\Component\HttpKernel\Exception\HttpException;
|
|
|
|
use Pterodactyl\Exceptions\Repository\RecordNotFoundException;
|
|
|
|
use Pterodactyl\Contracts\Repository\ApiKeyRepositoryInterface;
|
2018-01-20 01:58:57 +00:00
|
|
|
use Pterodactyl\Http\Middleware\Api\Application\AuthenticateKey;
|
2017-11-19 20:34:55 +00:00
|
|
|
|
|
|
|
class AuthenticateKeyTest extends MiddlewareTestCase
|
|
|
|
{
|
|
|
|
/**
|
|
|
|
* @var \Illuminate\Auth\AuthManager|\Mockery\Mock
|
|
|
|
*/
|
|
|
|
private $auth;
|
|
|
|
|
2018-01-13 22:06:19 +00:00
|
|
|
/**
|
|
|
|
* @var \Illuminate\Contracts\Encryption\Encrypter|\Mockery\Mock
|
|
|
|
*/
|
|
|
|
private $encrypter;
|
|
|
|
|
2017-11-19 20:34:55 +00:00
|
|
|
/**
|
|
|
|
* @var \Pterodactyl\Contracts\Repository\ApiKeyRepositoryInterface|\Mockery\Mock
|
|
|
|
*/
|
|
|
|
private $repository;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Setup tests.
|
|
|
|
*/
|
|
|
|
public function setUp()
|
|
|
|
{
|
|
|
|
parent::setUp();
|
2018-01-14 19:30:55 +00:00
|
|
|
Chronos::setTestNow(Chronos::now());
|
2017-11-19 20:34:55 +00:00
|
|
|
|
|
|
|
$this->auth = m::mock(AuthManager::class);
|
2018-01-13 22:06:19 +00:00
|
|
|
$this->encrypter = m::mock(Encrypter::class);
|
2017-11-19 20:34:55 +00:00
|
|
|
$this->repository = m::mock(ApiKeyRepositoryInterface::class);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Test that a missing bearer token will throw an exception.
|
|
|
|
*/
|
|
|
|
public function testMissingBearerTokenThrowsException()
|
|
|
|
{
|
|
|
|
$this->request->shouldReceive('bearerToken')->withNoArgs()->once()->andReturnNull();
|
|
|
|
|
|
|
|
try {
|
|
|
|
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
|
|
|
} catch (HttpException $exception) {
|
|
|
|
$this->assertEquals(401, $exception->getStatusCode());
|
|
|
|
$this->assertEquals(['WWW-Authenticate' => 'Bearer'], $exception->getHeaders());
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2018-01-13 22:06:19 +00:00
|
|
|
* Test that an invalid API identifer throws an exception.
|
2017-11-19 20:34:55 +00:00
|
|
|
*
|
|
|
|
* @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
|
|
|
|
*/
|
2018-01-13 22:06:19 +00:00
|
|
|
public function testInvalidIdentifier()
|
2017-11-19 20:34:55 +00:00
|
|
|
{
|
|
|
|
$this->request->shouldReceive('bearerToken')->withNoArgs()->twice()->andReturn('abcd1234');
|
|
|
|
$this->repository->shouldReceive('findFirstWhere')->andThrow(new RecordNotFoundException);
|
|
|
|
|
|
|
|
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Test that a valid token can continue past the middleware.
|
|
|
|
*/
|
|
|
|
public function testValidToken()
|
|
|
|
{
|
2018-01-14 18:06:15 +00:00
|
|
|
$model = factory(ApiKey::class)->make();
|
2017-11-19 20:34:55 +00:00
|
|
|
|
2018-01-13 22:06:19 +00:00
|
|
|
$this->request->shouldReceive('bearerToken')->withNoArgs()->twice()->andReturn($model->identifier . 'decrypted');
|
2018-01-14 19:30:55 +00:00
|
|
|
$this->repository->shouldReceive('findFirstWhere')->with([
|
|
|
|
['identifier', '=', $model->identifier],
|
|
|
|
['key_type', '=', ApiKey::TYPE_APPLICATION],
|
|
|
|
])->once()->andReturn($model);
|
2018-01-13 22:06:19 +00:00
|
|
|
$this->encrypter->shouldReceive('decrypt')->with($model->token)->once()->andReturn('decrypted');
|
2017-11-19 20:34:55 +00:00
|
|
|
$this->auth->shouldReceive('guard->loginUsingId')->with($model->user_id)->once()->andReturnNull();
|
|
|
|
|
2018-01-14 19:30:55 +00:00
|
|
|
$this->repository->shouldReceive('withoutFreshModel->update')->with($model->id, [
|
|
|
|
'last_used_at' => Chronos::now(),
|
|
|
|
])->once()->andReturnNull();
|
|
|
|
|
2017-11-19 20:34:55 +00:00
|
|
|
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
|
|
|
$this->assertEquals($model, $this->request->attributes->get('api_key'));
|
|
|
|
}
|
|
|
|
|
2018-01-13 22:06:19 +00:00
|
|
|
/**
|
|
|
|
* Test that a valid token identifier with an invalid token attached to it
|
|
|
|
* triggers an exception.
|
|
|
|
*
|
|
|
|
* @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
|
|
|
|
*/
|
|
|
|
public function testInvalidTokenForIdentifier()
|
|
|
|
{
|
2018-01-14 18:06:15 +00:00
|
|
|
$model = factory(ApiKey::class)->make();
|
2018-01-13 22:06:19 +00:00
|
|
|
|
|
|
|
$this->request->shouldReceive('bearerToken')->withNoArgs()->twice()->andReturn($model->identifier . 'asdf');
|
2018-01-14 19:30:55 +00:00
|
|
|
$this->repository->shouldReceive('findFirstWhere')->with([
|
|
|
|
['identifier', '=', $model->identifier],
|
|
|
|
['key_type', '=', ApiKey::TYPE_APPLICATION],
|
|
|
|
])->once()->andReturn($model);
|
2018-01-13 22:06:19 +00:00
|
|
|
$this->encrypter->shouldReceive('decrypt')->with($model->token)->once()->andReturn('decrypted');
|
|
|
|
|
|
|
|
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
|
|
|
}
|
|
|
|
|
2017-11-19 20:34:55 +00:00
|
|
|
/**
|
|
|
|
* Return an instance of the middleware with mocked dependencies for testing.
|
|
|
|
*
|
2018-01-20 01:58:57 +00:00
|
|
|
* @return \Pterodactyl\Http\Middleware\Api\Application\AuthenticateKey
|
2017-11-19 20:34:55 +00:00
|
|
|
*/
|
|
|
|
private function getMiddleware(): AuthenticateKey
|
|
|
|
{
|
2018-01-13 22:06:19 +00:00
|
|
|
return new AuthenticateKey($this->repository, $this->auth, $this->encrypter);
|
2017-11-19 20:34:55 +00:00
|
|
|
}
|
|
|
|
}
|