Pop some tests for new middleware in there.
This commit is contained in:
parent
45a153427e
commit
49379bd115
4 changed files with 245 additions and 10 deletions
|
@ -7,7 +7,6 @@ use Illuminate\Http\Request;
|
||||||
use Illuminate\Auth\AuthManager;
|
use Illuminate\Auth\AuthManager;
|
||||||
use Symfony\Component\HttpKernel\Exception\HttpException;
|
use Symfony\Component\HttpKernel\Exception\HttpException;
|
||||||
use Pterodactyl\Exceptions\Repository\RecordNotFoundException;
|
use Pterodactyl\Exceptions\Repository\RecordNotFoundException;
|
||||||
use Illuminate\Contracts\Config\Repository as ConfigRepository;
|
|
||||||
use Pterodactyl\Contracts\Repository\ApiKeyRepositoryInterface;
|
use Pterodactyl\Contracts\Repository\ApiKeyRepositoryInterface;
|
||||||
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
|
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
|
||||||
|
|
||||||
|
@ -18,11 +17,6 @@ class AuthenticateKey
|
||||||
*/
|
*/
|
||||||
private $auth;
|
private $auth;
|
||||||
|
|
||||||
/**
|
|
||||||
* @var \Illuminate\Contracts\Config\Repository
|
|
||||||
*/
|
|
||||||
private $config;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var \Pterodactyl\Contracts\Repository\ApiKeyRepositoryInterface
|
* @var \Pterodactyl\Contracts\Repository\ApiKeyRepositoryInterface
|
||||||
*/
|
*/
|
||||||
|
@ -33,15 +27,12 @@ class AuthenticateKey
|
||||||
*
|
*
|
||||||
* @param \Pterodactyl\Contracts\Repository\ApiKeyRepositoryInterface $repository
|
* @param \Pterodactyl\Contracts\Repository\ApiKeyRepositoryInterface $repository
|
||||||
* @param \Illuminate\Auth\AuthManager $auth
|
* @param \Illuminate\Auth\AuthManager $auth
|
||||||
* @param \Illuminate\Contracts\Config\Repository $config
|
|
||||||
*/
|
*/
|
||||||
public function __construct(
|
public function __construct(
|
||||||
ApiKeyRepositoryInterface $repository,
|
ApiKeyRepositoryInterface $repository,
|
||||||
AuthManager $auth,
|
AuthManager $auth
|
||||||
ConfigRepository $config
|
|
||||||
) {
|
) {
|
||||||
$this->auth = $auth;
|
$this->auth = $auth;
|
||||||
$this->config = $config;
|
|
||||||
$this->repository = $repository;
|
$this->repository = $repository;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -53,6 +44,9 @@ class AuthenticateKey
|
||||||
* @param \Illuminate\Http\Request $request
|
* @param \Illuminate\Http\Request $request
|
||||||
* @param \Closure $next
|
* @param \Closure $next
|
||||||
* @return mixed
|
* @return mixed
|
||||||
|
*
|
||||||
|
* @throws \Symfony\Component\HttpKernel\Exception\HttpException
|
||||||
|
* @throws \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
|
||||||
*/
|
*/
|
||||||
public function handle(Request $request, Closure $next)
|
public function handle(Request $request, Closure $next)
|
||||||
{
|
{
|
||||||
|
|
82
tests/Unit/Http/Middleware/API/AuthenticateIPAccessTest.php
Normal file
82
tests/Unit/Http/Middleware/API/AuthenticateIPAccessTest.php
Normal file
|
@ -0,0 +1,82 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace Tests\Unit\Http\Middleware\API;
|
||||||
|
|
||||||
|
use Pterodactyl\Models\APIKey;
|
||||||
|
use Tests\Unit\Http\Middleware\MiddlewareTestCase;
|
||||||
|
use Pterodactyl\Http\Middleware\API\AuthenticateIPAccess;
|
||||||
|
|
||||||
|
class AuthenticateIPAccessTest extends MiddlewareTestCase
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* Setup tests.
|
||||||
|
*/
|
||||||
|
public function setUp()
|
||||||
|
{
|
||||||
|
parent::setUp();
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Test middleware when there are no IP restrictions.
|
||||||
|
*/
|
||||||
|
public function testWithNoIPRestrictions()
|
||||||
|
{
|
||||||
|
$model = factory(APIKey::class)->make(['allowed_ips' => []]);
|
||||||
|
$this->setRequestAttribute('api_key', $model);
|
||||||
|
|
||||||
|
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Test middleware works correctly when a valid IP accesses
|
||||||
|
* and there is an IP restriction.
|
||||||
|
*/
|
||||||
|
public function testWithValidIP()
|
||||||
|
{
|
||||||
|
$model = factory(APIKey::class)->make(['allowed_ips' => ['127.0.0.1']]);
|
||||||
|
$this->setRequestAttribute('api_key', $model);
|
||||||
|
|
||||||
|
$this->request->shouldReceive('ip')->withNoArgs()->once()->andReturn('127.0.0.1');
|
||||||
|
|
||||||
|
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Test that a CIDR range can be used.
|
||||||
|
*/
|
||||||
|
public function testValidIPAganistCIDRRange()
|
||||||
|
{
|
||||||
|
$model = factory(APIKey::class)->make(['allowed_ips' => ['192.168.1.1/28']]);
|
||||||
|
$this->setRequestAttribute('api_key', $model);
|
||||||
|
|
||||||
|
$this->request->shouldReceive('ip')->withNoArgs()->once()->andReturn('192.168.1.15');
|
||||||
|
|
||||||
|
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Test that an exception is thrown when an invalid IP address
|
||||||
|
* tries to connect and there is an IP restriction.
|
||||||
|
*
|
||||||
|
* @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
|
||||||
|
*/
|
||||||
|
public function testWithInvalidIP()
|
||||||
|
{
|
||||||
|
$model = factory(APIKey::class)->make(['allowed_ips' => ['127.0.0.1']]);
|
||||||
|
$this->setRequestAttribute('api_key', $model);
|
||||||
|
|
||||||
|
$this->request->shouldReceive('ip')->withNoArgs()->once()->andReturn('127.0.0.2');
|
||||||
|
|
||||||
|
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return an instance of the middleware to be used when testing.
|
||||||
|
*
|
||||||
|
* @return \Pterodactyl\Http\Middleware\API\AuthenticateIPAccess
|
||||||
|
*/
|
||||||
|
private function getMiddleware(): AuthenticateIPAccess
|
||||||
|
{
|
||||||
|
return new AuthenticateIPAccess();
|
||||||
|
}
|
||||||
|
}
|
90
tests/Unit/Http/Middleware/API/AuthenticateKeyTest.php
Normal file
90
tests/Unit/Http/Middleware/API/AuthenticateKeyTest.php
Normal file
|
@ -0,0 +1,90 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace Tests\Unit\Http\Middleware\API;
|
||||||
|
|
||||||
|
use Mockery as m;
|
||||||
|
use Pterodactyl\Models\APIKey;
|
||||||
|
use Illuminate\Auth\AuthManager;
|
||||||
|
use Tests\Unit\Http\Middleware\MiddlewareTestCase;
|
||||||
|
use Pterodactyl\Http\Middleware\API\AuthenticateKey;
|
||||||
|
use Symfony\Component\HttpKernel\Exception\HttpException;
|
||||||
|
use Pterodactyl\Exceptions\Repository\RecordNotFoundException;
|
||||||
|
use Pterodactyl\Contracts\Repository\ApiKeyRepositoryInterface;
|
||||||
|
|
||||||
|
class AuthenticateKeyTest extends MiddlewareTestCase
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* @var \Illuminate\Auth\AuthManager|\Mockery\Mock
|
||||||
|
*/
|
||||||
|
private $auth;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @var \Pterodactyl\Contracts\Repository\ApiKeyRepositoryInterface|\Mockery\Mock
|
||||||
|
*/
|
||||||
|
private $repository;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Setup tests.
|
||||||
|
*/
|
||||||
|
public function setUp()
|
||||||
|
{
|
||||||
|
parent::setUp();
|
||||||
|
|
||||||
|
$this->auth = m::mock(AuthManager::class);
|
||||||
|
$this->repository = m::mock(ApiKeyRepositoryInterface::class);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Test that a missing bearer token will throw an exception.
|
||||||
|
*/
|
||||||
|
public function testMissingBearerTokenThrowsException()
|
||||||
|
{
|
||||||
|
$this->request->shouldReceive('bearerToken')->withNoArgs()->once()->andReturnNull();
|
||||||
|
|
||||||
|
try {
|
||||||
|
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||||
|
} catch (HttpException $exception) {
|
||||||
|
$this->assertEquals(401, $exception->getStatusCode());
|
||||||
|
$this->assertEquals(['WWW-Authenticate' => 'Bearer'], $exception->getHeaders());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Test that an invalid API token throws an exception.
|
||||||
|
*
|
||||||
|
* @expectedException \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
|
||||||
|
*/
|
||||||
|
public function testInvalidTokenThrowsException()
|
||||||
|
{
|
||||||
|
$this->request->shouldReceive('bearerToken')->withNoArgs()->twice()->andReturn('abcd1234');
|
||||||
|
$this->repository->shouldReceive('findFirstWhere')->andThrow(new RecordNotFoundException);
|
||||||
|
|
||||||
|
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Test that a valid token can continue past the middleware.
|
||||||
|
*/
|
||||||
|
public function testValidToken()
|
||||||
|
{
|
||||||
|
$model = factory(APIKey::class)->make();
|
||||||
|
|
||||||
|
$this->request->shouldReceive('bearerToken')->withNoArgs()->twice()->andReturn($model->token);
|
||||||
|
$this->repository->shouldReceive('findFirstWhere')->with([['token', '=', $model->token]])->once()->andReturn($model);
|
||||||
|
|
||||||
|
$this->auth->shouldReceive('guard->loginUsingId')->with($model->user_id)->once()->andReturnNull();
|
||||||
|
|
||||||
|
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||||
|
$this->assertEquals($model, $this->request->attributes->get('api_key'));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return an instance of the middleware with mocked dependencies for testing.
|
||||||
|
*
|
||||||
|
* @return \Pterodactyl\Http\Middleware\API\AuthenticateKey
|
||||||
|
*/
|
||||||
|
private function getMiddleware(): AuthenticateKey
|
||||||
|
{
|
||||||
|
return new AuthenticateKey($this->repository, $this->auth);
|
||||||
|
}
|
||||||
|
}
|
69
tests/Unit/Http/Middleware/API/SetSessionDriverTest.php
Normal file
69
tests/Unit/Http/Middleware/API/SetSessionDriverTest.php
Normal file
|
@ -0,0 +1,69 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace Tests\Unit\Http\Middleware\API;
|
||||||
|
|
||||||
|
use Mockery as m;
|
||||||
|
use Barryvdh\Debugbar\LaravelDebugbar;
|
||||||
|
use Illuminate\Contracts\Config\Repository;
|
||||||
|
use Illuminate\Contracts\Foundation\Application;
|
||||||
|
use Tests\Unit\Http\Middleware\MiddlewareTestCase;
|
||||||
|
use Pterodactyl\Http\Middleware\API\SetSessionDriver;
|
||||||
|
|
||||||
|
class SetSessionDriverTest extends MiddlewareTestCase
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* @var \Illuminate\Contracts\Foundation\Application|\Mockery\Mock
|
||||||
|
*/
|
||||||
|
private $appMock;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @var \Illuminate\Contracts\Config\Repository|\Mockery\Mock
|
||||||
|
*/
|
||||||
|
private $config;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Setup tests.
|
||||||
|
*/
|
||||||
|
public function setUp()
|
||||||
|
{
|
||||||
|
parent::setUp();
|
||||||
|
|
||||||
|
$this->appMock = m::mock(Application::class);
|
||||||
|
$this->config = m::mock(Repository::class);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Test that a production environment does not try to disable debug bar.
|
||||||
|
*/
|
||||||
|
public function testProductionEnvironment()
|
||||||
|
{
|
||||||
|
$this->appMock->shouldReceive('environment')->withNoArgs()->once()->andReturn('production');
|
||||||
|
$this->config->shouldReceive('set')->with('session.driver', 'array')->once()->andReturnNull();
|
||||||
|
|
||||||
|
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Test that a local environment does disable debug bar.
|
||||||
|
*/
|
||||||
|
public function testLocalEnvironment()
|
||||||
|
{
|
||||||
|
$this->appMock->shouldReceive('environment')->withNoArgs()->once()->andReturn('local');
|
||||||
|
$this->appMock->shouldReceive('make')->with(LaravelDebugbar::class)->once()->andReturnSelf();
|
||||||
|
$this->appMock->shouldReceive('disable')->withNoArgs()->once()->andReturnNull();
|
||||||
|
|
||||||
|
$this->config->shouldReceive('set')->with('session.driver', 'array')->once()->andReturnNull();
|
||||||
|
|
||||||
|
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return an instance of the middleware with mocked dependencies for testing.
|
||||||
|
*
|
||||||
|
* @return \Pterodactyl\Http\Middleware\API\SetSessionDriver
|
||||||
|
*/
|
||||||
|
private function getMiddleware(): SetSessionDriver
|
||||||
|
{
|
||||||
|
return new SetSessionDriver($this->appMock, $this->config);
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in a new issue