Made SingleUserAuth callback set a cookie
So that auth data is preserved across multiple requests.
This commit is contained in:
Barnaby Walters
parent
a2d8223650
commit
01a15f0b46
@ -163,7 +163,7 @@
|
|||||||
<h4>Legend</h4>
|
<h4>Legend</h4>
|
||||||
<p><span class="success"><strong>Executed</strong></span><span class="danger"><strong>Not Executed</strong></span><span class="warning"><strong>Dead Code</strong></span></p>
|
<p><span class="success"><strong>Executed</strong></span><span class="danger"><strong>Not Executed</strong></span><span class="warning"><strong>Dead Code</strong></span></p>
|
||||||
<p>
|
<p>
|
||||||
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Thu Jun 17 22:38:11 UTC 2021.</small>
|
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Fri Jun 18 14:09:49 UTC 2021.</small>
|
||||||
</p>
|
</p>
|
||||||
<a title="Back to the top" id="toplink" href="#">
|
<a title="Back to the top" id="toplink" href="#">
|
||||||
<svg xmlns="http://www.w3.org/2000/svg" width="12" height="16" viewBox="0 0 12 16"><path fill-rule="evenodd" d="M12 11L6 5l-6 6h12z"/></svg>
|
<svg xmlns="http://www.w3.org/2000/svg" width="12" height="16" viewBox="0 0 12 16"><path fill-rule="evenodd" d="M12 11L6 5l-6 6h12z"/></svg>
|
||||||
|
|||||||
@ -305,7 +305,7 @@
|
|||||||
<h4>Legend</h4>
|
<h4>Legend</h4>
|
||||||
<p><span class="success"><strong>Executed</strong></span><span class="danger"><strong>Not Executed</strong></span><span class="warning"><strong>Dead Code</strong></span></p>
|
<p><span class="success"><strong>Executed</strong></span><span class="danger"><strong>Not Executed</strong></span><span class="warning"><strong>Dead Code</strong></span></p>
|
||||||
<p>
|
<p>
|
||||||
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Thu Jun 17 22:38:11 UTC 2021.</small>
|
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Fri Jun 18 14:09:49 UTC 2021.</small>
|
||||||
</p>
|
</p>
|
||||||
<a title="Back to the top" id="toplink" href="#">
|
<a title="Back to the top" id="toplink" href="#">
|
||||||
<svg xmlns="http://www.w3.org/2000/svg" width="12" height="16" viewBox="0 0 12 16"><path fill-rule="evenodd" d="M12 11L6 5l-6 6h12z"/></svg>
|
<svg xmlns="http://www.w3.org/2000/svg" width="12" height="16" viewBox="0 0 12 16"><path fill-rule="evenodd" d="M12 11L6 5l-6 6h12z"/></svg>
|
||||||
|
|||||||
File diff suppressed because one or more lines are too long
@ -136,7 +136,7 @@
|
|||||||
<footer>
|
<footer>
|
||||||
<hr/>
|
<hr/>
|
||||||
<p>
|
<p>
|
||||||
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Thu Jun 17 22:38:11 UTC 2021.</small>
|
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Fri Jun 18 14:09:49 UTC 2021.</small>
|
||||||
</p>
|
</p>
|
||||||
</footer>
|
</footer>
|
||||||
</div>
|
</div>
|
||||||
@ -223,7 +223,7 @@ $(document).ready(function() {
|
|||||||
chart.yAxis.axisLabel('Cyclomatic Complexity');
|
chart.yAxis.axisLabel('Cyclomatic Complexity');
|
||||||
|
|
||||||
d3.select('#classComplexity svg')
|
d3.select('#classComplexity svg')
|
||||||
.datum(getComplexityData([[100,6,"<a href=\"DefaultAuthorizationForm.php.html#35\">Taproot\\IndieAuth\\Callback\\DefaultAuthorizationForm<\/a>"],[100,6,"<a href=\"SingleUserPasswordAuthenticationCallback.php.html#45\">Taproot\\IndieAuth\\Callback\\SingleUserPasswordAuthenticationCallback<\/a>"]], 'Class Complexity'))
|
.datum(getComplexityData([[100,6,"<a href=\"DefaultAuthorizationForm.php.html#35\">Taproot\\IndieAuth\\Callback\\DefaultAuthorizationForm<\/a>"],[100,9,"<a href=\"SingleUserPasswordAuthenticationCallback.php.html#46\">Taproot\\IndieAuth\\Callback\\SingleUserPasswordAuthenticationCallback<\/a>"]], 'Class Complexity'))
|
||||||
.transition()
|
.transition()
|
||||||
.duration(500)
|
.duration(500)
|
||||||
.call(chart);
|
.call(chart);
|
||||||
@ -247,7 +247,7 @@ $(document).ready(function() {
|
|||||||
chart.yAxis.axisLabel('Method Complexity');
|
chart.yAxis.axisLabel('Method Complexity');
|
||||||
|
|
||||||
d3.select('#methodComplexity svg')
|
d3.select('#methodComplexity svg')
|
||||||
.datum(getComplexityData([[100,1,"<a href=\"DefaultAuthorizationForm.php.html#49\">Taproot\\IndieAuth\\Callback\\DefaultAuthorizationForm::__construct<\/a>"],[100,3,"<a href=\"DefaultAuthorizationForm.php.html#55\">Taproot\\IndieAuth\\Callback\\DefaultAuthorizationForm::showForm<\/a>"],[100,1,"<a href=\"DefaultAuthorizationForm.php.html#88\">Taproot\\IndieAuth\\Callback\\DefaultAuthorizationForm::transformAuthorizationCode<\/a>"],[100,1,"<a href=\"DefaultAuthorizationForm.php.html#102\">Taproot\\IndieAuth\\Callback\\DefaultAuthorizationForm::setLogger<\/a>"],[100,3,"<a href=\"SingleUserPasswordAuthenticationCallback.php.html#61\">Taproot\\IndieAuth\\Callback\\SingleUserPasswordAuthenticationCallback::__construct<\/a>"],[100,3,"<a href=\"SingleUserPasswordAuthenticationCallback.php.html#75\">Taproot\\IndieAuth\\Callback\\SingleUserPasswordAuthenticationCallback::__invoke<\/a>"]], 'Method Complexity'))
|
.datum(getComplexityData([[100,1,"<a href=\"DefaultAuthorizationForm.php.html#49\">Taproot\\IndieAuth\\Callback\\DefaultAuthorizationForm::__construct<\/a>"],[100,3,"<a href=\"DefaultAuthorizationForm.php.html#55\">Taproot\\IndieAuth\\Callback\\DefaultAuthorizationForm::showForm<\/a>"],[100,1,"<a href=\"DefaultAuthorizationForm.php.html#88\">Taproot\\IndieAuth\\Callback\\DefaultAuthorizationForm::transformAuthorizationCode<\/a>"],[100,1,"<a href=\"DefaultAuthorizationForm.php.html#102\">Taproot\\IndieAuth\\Callback\\DefaultAuthorizationForm::setLogger<\/a>"],[100,4,"<a href=\"SingleUserPasswordAuthenticationCallback.php.html#68\">Taproot\\IndieAuth\\Callback\\SingleUserPasswordAuthenticationCallback::__construct<\/a>"],[100,5,"<a href=\"SingleUserPasswordAuthenticationCallback.php.html#89\">Taproot\\IndieAuth\\Callback\\SingleUserPasswordAuthenticationCallback::__invoke<\/a>"]], 'Method Complexity'))
|
||||||
.transition()
|
.transition()
|
||||||
.duration(500)
|
.duration(500)
|
||||||
.call(chart);
|
.call(chart);
|
||||||
|
|||||||
@ -51,7 +51,7 @@
|
|||||||
</div>
|
</div>
|
||||||
</td>
|
</td>
|
||||||
<td class="success small"><div align="right">100.00%</div></td>
|
<td class="success small"><div align="right">100.00%</div></td>
|
||||||
<td class="success small"><div align="right">41 / 41</div></td>
|
<td class="success small"><div align="right">55 / 55</div></td>
|
||||||
<td class="success big"> <div class="progress">
|
<td class="success big"> <div class="progress">
|
||||||
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
|
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
|
||||||
<span class="sr-only">100.00% covered (success)</span>
|
<span class="sr-only">100.00% covered (success)</span>
|
||||||
@ -120,7 +120,7 @@
|
|||||||
</div>
|
</div>
|
||||||
</td>
|
</td>
|
||||||
<td class="success small"><div align="right">100.00%</div></td>
|
<td class="success small"><div align="right">100.00%</div></td>
|
||||||
<td class="success small"><div align="right">15 / 15</div></td>
|
<td class="success small"><div align="right">29 / 29</div></td>
|
||||||
<td class="success big"> <div class="progress">
|
<td class="success big"> <div class="progress">
|
||||||
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
|
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
|
||||||
<span class="sr-only">100.00% covered (success)</span>
|
<span class="sr-only">100.00% covered (success)</span>
|
||||||
@ -152,7 +152,7 @@
|
|||||||
<span class="success"><strong>High</strong>: 90% to 100%</span>
|
<span class="success"><strong>High</strong>: 90% to 100%</span>
|
||||||
</p>
|
</p>
|
||||||
<p>
|
<p>
|
||||||
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Thu Jun 17 22:38:11 UTC 2021.</small>
|
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Fri Jun 18 14:09:49 UTC 2021.</small>
|
||||||
</p>
|
</p>
|
||||||
</footer>
|
</footer>
|
||||||
</div>
|
</div>
|
||||||
|
|||||||
@ -326,7 +326,7 @@
|
|||||||
<h4>Legend</h4>
|
<h4>Legend</h4>
|
||||||
<p><span class="success"><strong>Executed</strong></span><span class="danger"><strong>Not Executed</strong></span><span class="warning"><strong>Dead Code</strong></span></p>
|
<p><span class="success"><strong>Executed</strong></span><span class="danger"><strong>Not Executed</strong></span><span class="warning"><strong>Dead Code</strong></span></p>
|
||||||
<p>
|
<p>
|
||||||
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Thu Jun 17 22:38:11 UTC 2021.</small>
|
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Fri Jun 18 14:09:49 UTC 2021.</small>
|
||||||
</p>
|
</p>
|
||||||
<a title="Back to the top" id="toplink" href="#">
|
<a title="Back to the top" id="toplink" href="#">
|
||||||
<svg xmlns="http://www.w3.org/2000/svg" width="12" height="16" viewBox="0 0 12 16"><path fill-rule="evenodd" d="M12 11L6 5l-6 6h12z"/></svg>
|
<svg xmlns="http://www.w3.org/2000/svg" width="12" height="16" viewBox="0 0 12 16"><path fill-rule="evenodd" d="M12 11L6 5l-6 6h12z"/></svg>
|
||||||
|
|||||||
@ -180,7 +180,7 @@
|
|||||||
<h4>Legend</h4>
|
<h4>Legend</h4>
|
||||||
<p><span class="success"><strong>Executed</strong></span><span class="danger"><strong>Not Executed</strong></span><span class="warning"><strong>Dead Code</strong></span></p>
|
<p><span class="success"><strong>Executed</strong></span><span class="danger"><strong>Not Executed</strong></span><span class="warning"><strong>Dead Code</strong></span></p>
|
||||||
<p>
|
<p>
|
||||||
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Thu Jun 17 22:38:11 UTC 2021.</small>
|
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Fri Jun 18 14:09:49 UTC 2021.</small>
|
||||||
</p>
|
</p>
|
||||||
<a title="Back to the top" id="toplink" href="#">
|
<a title="Back to the top" id="toplink" href="#">
|
||||||
<svg xmlns="http://www.w3.org/2000/svg" width="12" height="16" viewBox="0 0 12 16"><path fill-rule="evenodd" d="M12 11L6 5l-6 6h12z"/></svg>
|
<svg xmlns="http://www.w3.org/2000/svg" width="12" height="16" viewBox="0 0 12 16"><path fill-rule="evenodd" d="M12 11L6 5l-6 6h12z"/></svg>
|
||||||
|
|||||||
@ -324,7 +324,7 @@
|
|||||||
<h4>Legend</h4>
|
<h4>Legend</h4>
|
||||||
<p><span class="success"><strong>Executed</strong></span><span class="danger"><strong>Not Executed</strong></span><span class="warning"><strong>Dead Code</strong></span></p>
|
<p><span class="success"><strong>Executed</strong></span><span class="danger"><strong>Not Executed</strong></span><span class="warning"><strong>Dead Code</strong></span></p>
|
||||||
<p>
|
<p>
|
||||||
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Thu Jun 17 22:38:11 UTC 2021.</small>
|
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Fri Jun 18 14:09:49 UTC 2021.</small>
|
||||||
</p>
|
</p>
|
||||||
<a title="Back to the top" id="toplink" href="#">
|
<a title="Back to the top" id="toplink" href="#">
|
||||||
<svg xmlns="http://www.w3.org/2000/svg" width="12" height="16" viewBox="0 0 12 16"><path fill-rule="evenodd" d="M12 11L6 5l-6 6h12z"/></svg>
|
<svg xmlns="http://www.w3.org/2000/svg" width="12" height="16" viewBox="0 0 12 16"><path fill-rule="evenodd" d="M12 11L6 5l-6 6h12z"/></svg>
|
||||||
|
|||||||
@ -157,7 +157,7 @@
|
|||||||
<h4>Legend</h4>
|
<h4>Legend</h4>
|
||||||
<p><span class="success"><strong>Executed</strong></span><span class="danger"><strong>Not Executed</strong></span><span class="warning"><strong>Dead Code</strong></span></p>
|
<p><span class="success"><strong>Executed</strong></span><span class="danger"><strong>Not Executed</strong></span><span class="warning"><strong>Dead Code</strong></span></p>
|
||||||
<p>
|
<p>
|
||||||
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Thu Jun 17 22:38:11 UTC 2021.</small>
|
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Fri Jun 18 14:09:49 UTC 2021.</small>
|
||||||
</p>
|
</p>
|
||||||
<a title="Back to the top" id="toplink" href="#">
|
<a title="Back to the top" id="toplink" href="#">
|
||||||
<svg xmlns="http://www.w3.org/2000/svg" width="12" height="16" viewBox="0 0 12 16"><path fill-rule="evenodd" d="M12 11L6 5l-6 6h12z"/></svg>
|
<svg xmlns="http://www.w3.org/2000/svg" width="12" height="16" viewBox="0 0 12 16"><path fill-rule="evenodd" d="M12 11L6 5l-6 6h12z"/></svg>
|
||||||
|
|||||||
@ -177,7 +177,7 @@
|
|||||||
<h4>Legend</h4>
|
<h4>Legend</h4>
|
||||||
<p><span class="success"><strong>Executed</strong></span><span class="danger"><strong>Not Executed</strong></span><span class="warning"><strong>Dead Code</strong></span></p>
|
<p><span class="success"><strong>Executed</strong></span><span class="danger"><strong>Not Executed</strong></span><span class="warning"><strong>Dead Code</strong></span></p>
|
||||||
<p>
|
<p>
|
||||||
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Thu Jun 17 22:38:11 UTC 2021.</small>
|
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Fri Jun 18 14:09:49 UTC 2021.</small>
|
||||||
</p>
|
</p>
|
||||||
<a title="Back to the top" id="toplink" href="#">
|
<a title="Back to the top" id="toplink" href="#">
|
||||||
<svg xmlns="http://www.w3.org/2000/svg" width="12" height="16" viewBox="0 0 12 16"><path fill-rule="evenodd" d="M12 11L6 5l-6 6h12z"/></svg>
|
<svg xmlns="http://www.w3.org/2000/svg" width="12" height="16" viewBox="0 0 12 16"><path fill-rule="evenodd" d="M12 11L6 5l-6 6h12z"/></svg>
|
||||||
|
|||||||
@ -138,7 +138,7 @@
|
|||||||
<footer>
|
<footer>
|
||||||
<hr/>
|
<hr/>
|
||||||
<p>
|
<p>
|
||||||
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Thu Jun 17 22:38:11 UTC 2021.</small>
|
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Fri Jun 18 14:09:49 UTC 2021.</small>
|
||||||
</p>
|
</p>
|
||||||
</footer>
|
</footer>
|
||||||
</div>
|
</div>
|
||||||
|
|||||||
@ -195,7 +195,7 @@
|
|||||||
<span class="success"><strong>High</strong>: 90% to 100%</span>
|
<span class="success"><strong>High</strong>: 90% to 100%</span>
|
||||||
</p>
|
</p>
|
||||||
<p>
|
<p>
|
||||||
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Thu Jun 17 22:38:11 UTC 2021.</small>
|
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Fri Jun 18 14:09:49 UTC 2021.</small>
|
||||||
</p>
|
</p>
|
||||||
</footer>
|
</footer>
|
||||||
</div>
|
</div>
|
||||||
|
|||||||
File diff suppressed because one or more lines are too long
@ -663,7 +663,7 @@
|
|||||||
<h4>Legend</h4>
|
<h4>Legend</h4>
|
||||||
<p><span class="success"><strong>Executed</strong></span><span class="danger"><strong>Not Executed</strong></span><span class="warning"><strong>Dead Code</strong></span></p>
|
<p><span class="success"><strong>Executed</strong></span><span class="danger"><strong>Not Executed</strong></span><span class="warning"><strong>Dead Code</strong></span></p>
|
||||||
<p>
|
<p>
|
||||||
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Thu Jun 17 22:38:11 UTC 2021.</small>
|
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Fri Jun 18 14:09:49 UTC 2021.</small>
|
||||||
</p>
|
</p>
|
||||||
<a title="Back to the top" id="toplink" href="#">
|
<a title="Back to the top" id="toplink" href="#">
|
||||||
<svg xmlns="http://www.w3.org/2000/svg" width="12" height="16" viewBox="0 0 12 16"><path fill-rule="evenodd" d="M12 11L6 5l-6 6h12z"/></svg>
|
<svg xmlns="http://www.w3.org/2000/svg" width="12" height="16" viewBox="0 0 12 16"><path fill-rule="evenodd" d="M12 11L6 5l-6 6h12z"/></svg>
|
||||||
|
|||||||
@ -79,7 +79,7 @@
|
|||||||
<h4>Legend</h4>
|
<h4>Legend</h4>
|
||||||
<p><span class="success"><strong>Executed</strong></span><span class="danger"><strong>Not Executed</strong></span><span class="warning"><strong>Dead Code</strong></span></p>
|
<p><span class="success"><strong>Executed</strong></span><span class="danger"><strong>Not Executed</strong></span><span class="warning"><strong>Dead Code</strong></span></p>
|
||||||
<p>
|
<p>
|
||||||
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Thu Jun 17 22:38:11 UTC 2021.</small>
|
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Fri Jun 18 14:09:49 UTC 2021.</small>
|
||||||
</p>
|
</p>
|
||||||
<a title="Back to the top" id="toplink" href="#">
|
<a title="Back to the top" id="toplink" href="#">
|
||||||
<svg xmlns="http://www.w3.org/2000/svg" width="12" height="16" viewBox="0 0 12 16"><path fill-rule="evenodd" d="M12 11L6 5l-6 6h12z"/></svg>
|
<svg xmlns="http://www.w3.org/2000/svg" width="12" height="16" viewBox="0 0 12 16"><path fill-rule="evenodd" d="M12 11L6 5l-6 6h12z"/></svg>
|
||||||
|
|||||||
@ -235,7 +235,7 @@
|
|||||||
<h4>Legend</h4>
|
<h4>Legend</h4>
|
||||||
<p><span class="success"><strong>Executed</strong></span><span class="danger"><strong>Not Executed</strong></span><span class="warning"><strong>Dead Code</strong></span></p>
|
<p><span class="success"><strong>Executed</strong></span><span class="danger"><strong>Not Executed</strong></span><span class="warning"><strong>Dead Code</strong></span></p>
|
||||||
<p>
|
<p>
|
||||||
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Thu Jun 17 22:38:11 UTC 2021.</small>
|
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Fri Jun 18 14:09:49 UTC 2021.</small>
|
||||||
</p>
|
</p>
|
||||||
<a title="Back to the top" id="toplink" href="#">
|
<a title="Back to the top" id="toplink" href="#">
|
||||||
<svg xmlns="http://www.w3.org/2000/svg" width="12" height="16" viewBox="0 0 12 16"><path fill-rule="evenodd" d="M12 11L6 5l-6 6h12z"/></svg>
|
<svg xmlns="http://www.w3.org/2000/svg" width="12" height="16" viewBox="0 0 12 16"><path fill-rule="evenodd" d="M12 11L6 5l-6 6h12z"/></svg>
|
||||||
|
|||||||
@ -142,7 +142,7 @@
|
|||||||
<footer>
|
<footer>
|
||||||
<hr/>
|
<hr/>
|
||||||
<p>
|
<p>
|
||||||
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Thu Jun 17 22:38:11 UTC 2021.</small>
|
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Fri Jun 18 14:09:49 UTC 2021.</small>
|
||||||
</p>
|
</p>
|
||||||
</footer>
|
</footer>
|
||||||
</div>
|
</div>
|
||||||
|
|||||||
@ -137,7 +137,7 @@
|
|||||||
<span class="success"><strong>High</strong>: 90% to 100%</span>
|
<span class="success"><strong>High</strong>: 90% to 100%</span>
|
||||||
</p>
|
</p>
|
||||||
<p>
|
<p>
|
||||||
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Thu Jun 17 22:38:11 UTC 2021.</small>
|
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Fri Jun 18 14:09:49 UTC 2021.</small>
|
||||||
</p>
|
</p>
|
||||||
</footer>
|
</footer>
|
||||||
</div>
|
</div>
|
||||||
|
|||||||
File diff suppressed because one or more lines are too long
@ -687,7 +687,7 @@
|
|||||||
<h4>Legend</h4>
|
<h4>Legend</h4>
|
||||||
<p><span class="success"><strong>Executed</strong></span><span class="danger"><strong>Not Executed</strong></span><span class="warning"><strong>Dead Code</strong></span></p>
|
<p><span class="success"><strong>Executed</strong></span><span class="danger"><strong>Not Executed</strong></span><span class="warning"><strong>Dead Code</strong></span></p>
|
||||||
<p>
|
<p>
|
||||||
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Thu Jun 17 22:38:11 UTC 2021.</small>
|
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Fri Jun 18 14:09:49 UTC 2021.</small>
|
||||||
</p>
|
</p>
|
||||||
<a title="Back to the top" id="toplink" href="#">
|
<a title="Back to the top" id="toplink" href="#">
|
||||||
<svg xmlns="http://www.w3.org/2000/svg" width="12" height="16" viewBox="0 0 12 16"><path fill-rule="evenodd" d="M12 11L6 5l-6 6h12z"/></svg>
|
<svg xmlns="http://www.w3.org/2000/svg" width="12" height="16" viewBox="0 0 12 16"><path fill-rule="evenodd" d="M12 11L6 5l-6 6h12z"/></svg>
|
||||||
|
|||||||
@ -44,13 +44,13 @@
|
|||||||
<tr>
|
<tr>
|
||||||
<td class="success">Total</td>
|
<td class="success">Total</td>
|
||||||
<td class="success big"> <div class="progress">
|
<td class="success big"> <div class="progress">
|
||||||
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="95.48" aria-valuemin="0" aria-valuemax="100" style="width: 95.48%">
|
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="95.59" aria-valuemin="0" aria-valuemax="100" style="width: 95.59%">
|
||||||
<span class="sr-only">95.48% covered (success)</span>
|
<span class="sr-only">95.59% covered (success)</span>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</td>
|
</td>
|
||||||
<td class="success small"><div align="right">95.48%</div></td>
|
<td class="success small"><div align="right">95.59%</div></td>
|
||||||
<td class="success small"><div align="right">528 / 553</div></td>
|
<td class="success small"><div align="right">542 / 567</div></td>
|
||||||
<td class="warning big"> <div class="progress">
|
<td class="warning big"> <div class="progress">
|
||||||
<div class="progress-bar bg-warning" role="progressbar" aria-valuenow="75.44" aria-valuemin="0" aria-valuemax="100" style="width: 75.44%">
|
<div class="progress-bar bg-warning" role="progressbar" aria-valuenow="75.44" aria-valuemin="0" aria-valuemax="100" style="width: 75.44%">
|
||||||
<span class="sr-only">75.44% covered (warning)</span>
|
<span class="sr-only">75.44% covered (warning)</span>
|
||||||
@ -78,7 +78,7 @@
|
|||||||
</div>
|
</div>
|
||||||
</td>
|
</td>
|
||||||
<td class="success small"><div align="right">100.00%</div></td>
|
<td class="success small"><div align="right">100.00%</div></td>
|
||||||
<td class="success small"><div align="right">41 / 41</div></td>
|
<td class="success small"><div align="right">55 / 55</div></td>
|
||||||
<td class="success big"> <div class="progress">
|
<td class="success big"> <div class="progress">
|
||||||
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
|
<div class="progress-bar bg-success" role="progressbar" aria-valuenow="100.00" aria-valuemin="0" aria-valuemax="100" style="width: 100.00%">
|
||||||
<span class="sr-only">100.00% covered (success)</span>
|
<span class="sr-only">100.00% covered (success)</span>
|
||||||
@ -245,7 +245,7 @@
|
|||||||
<span class="success"><strong>High</strong>: 90% to 100%</span>
|
<span class="success"><strong>High</strong>: 90% to 100%</span>
|
||||||
</p>
|
</p>
|
||||||
<p>
|
<p>
|
||||||
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Thu Jun 17 22:38:11 UTC 2021.</small>
|
<small>Generated by <a href="https://github.com/sebastianbergmann/php-code-coverage" target="_top">php-code-coverage 9.2.6</a> using <a href="https://secure.php.net/" target="_top">PHP 7.4.19</a> with <a href="https://xdebug.org/">Xdebug 3.0.4</a> and <a href="https://phpunit.de/">PHPUnit 9.5.5</a> at Fri Jun 18 14:09:49 UTC 2021.</small>
|
||||||
</p>
|
</p>
|
||||||
</footer>
|
</footer>
|
||||||
</div>
|
</div>
|
||||||
|
|||||||
@ -3,6 +3,7 @@
|
|||||||
namespace Taproot\IndieAuth\Callback;
|
namespace Taproot\IndieAuth\Callback;
|
||||||
|
|
||||||
use BadMethodCallException;
|
use BadMethodCallException;
|
||||||
|
use Dflydev\FigCookies;
|
||||||
use Nyholm\Psr7\Response;
|
use Nyholm\Psr7\Response;
|
||||||
use Psr\Http\Message\ServerRequestInterface;
|
use Psr\Http\Message\ServerRequestInterface;
|
||||||
|
|
||||||
@ -33,6 +34,7 @@ use function Taproot\IndieAuth\renderTemplate;
|
|||||||
* $server = new IndieAuth\Server([
|
* $server = new IndieAuth\Server([
|
||||||
* …
|
* …
|
||||||
* 'authenticationHandler' => new IndieAuth\Callback\SingleUserPasswordAuthenticationCallback(
|
* 'authenticationHandler' => new IndieAuth\Callback\SingleUserPasswordAuthenticationCallback(
|
||||||
|
* YOUR_SECRET,
|
||||||
* ['me' => 'https://me.example.com/'],
|
* ['me' => 'https://me.example.com/'],
|
||||||
* YOUR_HASHED_PASSWORD
|
* YOUR_HASHED_PASSWORD
|
||||||
* )
|
* )
|
||||||
@ -44,21 +46,34 @@ use function Taproot\IndieAuth\renderTemplate;
|
|||||||
*/
|
*/
|
||||||
class SingleUserPasswordAuthenticationCallback {
|
class SingleUserPasswordAuthenticationCallback {
|
||||||
const PASSWORD_FORM_PARAMETER = 'taproot_indieauth_server_password';
|
const PASSWORD_FORM_PARAMETER = 'taproot_indieauth_server_password';
|
||||||
|
const LOGIN_HASH_COOKIE = 'taproot_indieauth_server_supauth_hash';
|
||||||
|
const DEFAULT_COOKIE_TTL = 60 * 5;
|
||||||
|
|
||||||
public string $csrfKey;
|
public string $csrfKey;
|
||||||
public string $formTemplate;
|
public string $formTemplate;
|
||||||
protected array $user;
|
protected array $user;
|
||||||
protected string $hashedPassword;
|
protected string $hashedPassword;
|
||||||
|
protected string $secret;
|
||||||
|
protected int $ttl;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Constructor
|
* Constructor
|
||||||
*
|
*
|
||||||
|
* @param string $secret A secret key used to encrypt cookies. Can be the same as the secret passed to IndieAuth\Server.
|
||||||
* @param array $user An array representing the user, which will be returned on a successful authentication. MUST include a 'me' key, may also contain a 'profile' key, or other keys at your discretion.
|
* @param array $user An array representing the user, which will be returned on a successful authentication. MUST include a 'me' key, may also contain a 'profile' key, or other keys at your discretion.
|
||||||
* @param string $hashedPassword The password used to authenticate as $user, hashed by `password_hash($pass, PASSWORD_DEFAULT)`
|
* @param string $hashedPassword The password used to authenticate as $user, hashed by `password_hash($pass, PASSWORD_DEFAULT)`
|
||||||
* @param string|null $formTemplate The path to a template used to render the sign-in form. Uses default if null.
|
* @param string|null $formTemplate The path to a template used to render the sign-in form. Uses default if null.
|
||||||
* @param string|null $csrfKey The key under which to fetch a CSRF token from `$request` attributes, and as the CSRF token name in submitted form data. Defaults to the Server default, only change if you’re using a custom CSRF middleware.
|
* @param string|null $csrfKey The key under which to fetch a CSRF token from `$request` attributes, and as the CSRF token name in submitted form data. Defaults to the Server default, only change if you’re using a custom CSRF middleware.
|
||||||
|
* @param int|null $ttl The lifetime of the authentication cookie, in seconds. Defaults to five minutes.
|
||||||
*/
|
*/
|
||||||
public function __construct(array $user, string $hashedPassword, ?string $formTemplate=null, ?string $csrfKey=null) {
|
public function __construct(string $secret, array $user, string $hashedPassword, ?string $formTemplate=null, ?string $csrfKey=null, ?int $ttl=null) {
|
||||||
|
if (strlen($secret) < 64) {
|
||||||
|
throw new BadMethodCallException("\$secret must be a string with a minimum length of 64 characters.");
|
||||||
|
}
|
||||||
|
$this->secret = $secret;
|
||||||
|
|
||||||
|
$this->ttl = $ttl ?? self::DEFAULT_COOKIE_TTL;
|
||||||
|
|
||||||
if (!isset($user['me'])) {
|
if (!isset($user['me'])) {
|
||||||
throw new BadMethodCallException('The $user array MUST contain a “me” key, the value which must be the user’s canonical URL as a string.');
|
throw new BadMethodCallException('The $user array MUST contain a “me” key, the value which must be the user’s canonical URL as a string.');
|
||||||
}
|
}
|
||||||
@ -73,12 +88,31 @@ class SingleUserPasswordAuthenticationCallback {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function __invoke(ServerRequestInterface $request, string $formAction, ?string $normalizedMeUrl=null) {
|
public function __invoke(ServerRequestInterface $request, string $formAction, ?string $normalizedMeUrl=null) {
|
||||||
// If the request is a form submission with a matching password, return the corresponding
|
// If the request is logged in, return authentication data.
|
||||||
// user data.
|
$cookies = $request->getCookieParams();
|
||||||
if ($request->getMethod() == 'POST' && password_verify($request->getParsedBody()[self::PASSWORD_FORM_PARAMETER] ?? '', $this->hashedPassword)) {
|
if (
|
||||||
|
isset($cookies[self::LOGIN_HASH_COOKIE])
|
||||||
|
&& hash_equals(hash_hmac('SHA256', json_encode($this->user), $this->secret), $cookies[self::LOGIN_HASH_COOKIE])
|
||||||
|
) {
|
||||||
return $this->user;
|
return $this->user;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// If the request is a form submission with a matching password, return a redirect to the indieauth
|
||||||
|
// flow, setting a cookie.
|
||||||
|
if ($request->getMethod() == 'POST' && password_verify($request->getParsedBody()[self::PASSWORD_FORM_PARAMETER] ?? '', $this->hashedPassword)) {
|
||||||
|
$response = new Response(302, ['Location' => $formAction]);
|
||||||
|
|
||||||
|
// Set the user data hash cookie.
|
||||||
|
$response = FigCookies\FigResponseCookies::set($response, FigCookies\SetCookie::create(self::LOGIN_HASH_COOKIE)
|
||||||
|
->withValue(hash_hmac('SHA256', json_encode($this->user), $this->secret))
|
||||||
|
->withMaxAge($this->ttl)
|
||||||
|
->withSecure($request->getUri()->getScheme() == 'https')
|
||||||
|
->withDomain($request->getUri()->getHost())
|
||||||
|
);
|
||||||
|
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
// Otherwise, return a response containing the password form.
|
// Otherwise, return a response containing the password form.
|
||||||
return new Response(200, ['content-type' => 'text/html'], renderTemplate($this->formTemplate, [
|
return new Response(200, ['content-type' => 'text/html'], renderTemplate($this->formTemplate, [
|
||||||
'formAction' => $formAction,
|
'formAction' => $formAction,
|
||||||
|
|||||||
@ -44,7 +44,7 @@ class ServerTest extends TestCase {
|
|||||||
// With this template, IndieAuthException response bodies will contain only their IndieAuthException error code, for ease of comparison.
|
// With this template, IndieAuthException response bodies will contain only their IndieAuthException error code, for ease of comparison.
|
||||||
'exceptionTemplatePath' => CODE_EXCEPTION_TEMPLATE_PATH,
|
'exceptionTemplatePath' => CODE_EXCEPTION_TEMPLATE_PATH,
|
||||||
// Default to a simple single-user password authentication handler.
|
// Default to a simple single-user password authentication handler.
|
||||||
Server::HANDLE_AUTHENTICATION_REQUEST => new SingleUserPasswordAuthenticationCallback(['me' => 'https://example.com/'], password_hash('password', PASSWORD_DEFAULT), Server::DEFAULT_CSRF_KEY),
|
Server::HANDLE_AUTHENTICATION_REQUEST => new SingleUserPasswordAuthenticationCallback(SERVER_SECRET, ['me' => 'https://example.com/'], password_hash('password', PASSWORD_DEFAULT), Server::DEFAULT_CSRF_KEY),
|
||||||
'authorizationForm' => new DefaultAuthorizationForm(AUTHORIZATION_FORM_JSON_RESPONSE_TEMPLATE_PATH),
|
'authorizationForm' => new DefaultAuthorizationForm(AUTHORIZATION_FORM_JSON_RESPONSE_TEMPLATE_PATH),
|
||||||
], $config));
|
], $config));
|
||||||
}
|
}
|
||||||
|
|||||||
@ -3,6 +3,7 @@
|
|||||||
namespace Taproot\IndieAuth\Test;
|
namespace Taproot\IndieAuth\Test;
|
||||||
|
|
||||||
use BadMethodCallException;
|
use BadMethodCallException;
|
||||||
|
use Dflydev\FigCookies;
|
||||||
use Exception;
|
use Exception;
|
||||||
use Nyholm\Psr7;
|
use Nyholm\Psr7;
|
||||||
use Nyholm\Psr7\ServerRequest;
|
use Nyholm\Psr7\ServerRequest;
|
||||||
@ -13,7 +14,7 @@ use Taproot\IndieAuth\Server;
|
|||||||
class SingleUserPasswordAuthenticationCallbackTest extends TestCase {
|
class SingleUserPasswordAuthenticationCallbackTest extends TestCase {
|
||||||
public function testThrowsExceptionIfUserDataHasNoMeKey() {
|
public function testThrowsExceptionIfUserDataHasNoMeKey() {
|
||||||
try {
|
try {
|
||||||
$c = new SingleUserPasswordAuthenticationCallback([
|
$c = new SingleUserPasswordAuthenticationCallback(SERVER_SECRET, [
|
||||||
'not_me' => 'blah'
|
'not_me' => 'blah'
|
||||||
], password_hash('password', PASSWORD_DEFAULT));
|
], password_hash('password', PASSWORD_DEFAULT));
|
||||||
$this->fail();
|
$this->fail();
|
||||||
@ -22,9 +23,20 @@ class SingleUserPasswordAuthenticationCallbackTest extends TestCase {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testThrowsExceptionIfSecretIsTooShort() {
|
||||||
|
try {
|
||||||
|
$c = new SingleUserPasswordAuthenticationCallback('not long enough', [
|
||||||
|
'me' => 'blah'
|
||||||
|
], password_hash('password', PASSWORD_DEFAULT));
|
||||||
|
$this->fail();
|
||||||
|
} catch (BadMethodCallException $e) {
|
||||||
|
$this->assertEquals('$secret must be a string with a minimum length of 64 characters.', $e->getMessage());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
public function testThrowsExceptionIfHashedPasswordIsInvalid() {
|
public function testThrowsExceptionIfHashedPasswordIsInvalid() {
|
||||||
try {
|
try {
|
||||||
$c = new SingleUserPasswordAuthenticationCallback([
|
$c = new SingleUserPasswordAuthenticationCallback(SERVER_SECRET, [
|
||||||
'me' => 'https://me.example.com/'
|
'me' => 'https://me.example.com/'
|
||||||
], 'definitely not a hashed password');
|
], 'definitely not a hashed password');
|
||||||
$this->fail();
|
$this->fail();
|
||||||
@ -34,7 +46,7 @@ class SingleUserPasswordAuthenticationCallbackTest extends TestCase {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function testShowsAuthenticationFormOnUnauthenticatedRequest() {
|
public function testShowsAuthenticationFormOnUnauthenticatedRequest() {
|
||||||
$callback = new SingleUserPasswordAuthenticationCallback([
|
$callback = new SingleUserPasswordAuthenticationCallback(SERVER_SECRET, [
|
||||||
'me' => 'https://me.example.com/'
|
'me' => 'https://me.example.com/'
|
||||||
], password_hash('password', PASSWORD_DEFAULT));
|
], password_hash('password', PASSWORD_DEFAULT));
|
||||||
|
|
||||||
@ -48,7 +60,7 @@ class SingleUserPasswordAuthenticationCallbackTest extends TestCase {
|
|||||||
$this->assertStringContainsString($formAction, (string) $res->getBody());
|
$this->assertStringContainsString($formAction, (string) $res->getBody());
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testReturnsUserDataOnAuthenticatedRequest() {
|
public function testReturnsCookieRedirectOnAuthenticatedRequest() {
|
||||||
$userData = [
|
$userData = [
|
||||||
'me' => 'https://me.example.com',
|
'me' => 'https://me.example.com',
|
||||||
'profile' => ['name' => 'Me']
|
'profile' => ['name' => 'Me']
|
||||||
@ -56,7 +68,7 @@ class SingleUserPasswordAuthenticationCallbackTest extends TestCase {
|
|||||||
|
|
||||||
$password = 'my very secure password';
|
$password = 'my very secure password';
|
||||||
|
|
||||||
$callback = new SingleUserPasswordAuthenticationCallback($userData, password_hash($password, PASSWORD_DEFAULT));
|
$callback = new SingleUserPasswordAuthenticationCallback(SERVER_SECRET, $userData, password_hash($password, PASSWORD_DEFAULT));
|
||||||
|
|
||||||
$req = (new ServerRequest('POST', 'https://example.com/login'))
|
$req = (new ServerRequest('POST', 'https://example.com/login'))
|
||||||
->withAttribute(Server::DEFAULT_CSRF_KEY, 'csrf token')
|
->withAttribute(Server::DEFAULT_CSRF_KEY, 'csrf token')
|
||||||
@ -66,6 +78,31 @@ class SingleUserPasswordAuthenticationCallbackTest extends TestCase {
|
|||||||
|
|
||||||
$res = $callback($req, 'form_action');
|
$res = $callback($req, 'form_action');
|
||||||
|
|
||||||
|
$this->assertEquals(302, $res->getStatusCode());
|
||||||
|
$this->assertEquals('form_action', $res->getHeaderLine('location'));
|
||||||
|
$resCookies = FigCookies\SetCookies::fromResponse($res);
|
||||||
|
$hashCookie = $resCookies->get(SingleUserPasswordAuthenticationCallback::LOGIN_HASH_COOKIE);
|
||||||
|
$this->assertEquals(hash_hmac('SHA256', json_encode($userData), SERVER_SECRET), $hashCookie->getValue());
|
||||||
|
}
|
||||||
|
|
||||||
|
public function testReturnsUserDataOnResponseWithValidHashCookie() {
|
||||||
|
$userData = [
|
||||||
|
'me' => 'https://me.example.com',
|
||||||
|
'profile' => ['name' => 'Me']
|
||||||
|
];
|
||||||
|
|
||||||
|
$password = 'my very secure password';
|
||||||
|
|
||||||
|
$callback = new SingleUserPasswordAuthenticationCallback(SERVER_SECRET, $userData, password_hash($password, PASSWORD_DEFAULT));
|
||||||
|
|
||||||
|
$req = (new ServerRequest('POST', 'https://example.com/login'))
|
||||||
|
->withAttribute(Server::DEFAULT_CSRF_KEY, 'csrf token')
|
||||||
|
->withCookieParams([
|
||||||
|
SingleUserPasswordAuthenticationCallback::LOGIN_HASH_COOKIE => hash_hmac('SHA256', json_encode($userData), SERVER_SECRET)
|
||||||
|
]);
|
||||||
|
|
||||||
|
$res = $callback($req, 'form_action');
|
||||||
|
|
||||||
$this->assertEquals($userData, $res);
|
$this->assertEquals($userData, $res);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user