Imported HTTP basic authentication adapter classes from zend-expressive-authentication

weierophinney · weierophinney · commit 3d657a8ebef6 · 2017-11-08T14:13:01.000-06:00
diff --git a/README.md b/README.md
@@ -3,7 +3,9 @@
 [![Build Status](https://secure.travis-ci.org/zendframework/zend-expressive-authentication-basic.svg?branch=master)](https://secure.travis-ci.org/zendframework/zend-expressive-authentication-basic)
 [![Coverage Status](https://coveralls.io/repos/github/zendframework/zend-expressive-authentication-basic/badge.svg?branch=master)](https://coveralls.io/github/zendframework/zend-expressive-authentication-basic?branch=master)
 
-This library provides ... 
+This library provides an HTTP Basic authentication adapter for
+[zend-expressive-authentication](https://docs.zendframework.com/zend-expressive-authentication),
+and thus PSR-7 middleware applications.
 
 ## Installation
 
diff --git a/src/BasicAccess.php b/src/BasicAccess.php
@@ -0,0 +1,77 @@
+<?php
+/**
+ * @see       https://github.com/zendframework/zend-expressive-authentication-basic for the canonical source repository
+ * @copyright Copyright (c) 2017 Zend Technologies USA Inc. (http://www.zend.com)
+ * @license   https://github.com/zendframework/zend-expressive-authentication-basic/blob/master/LICENSE.md New BSD License
+ */
+
+namespace Zend\Expressive\Authentication\Basic;
+
+use Psr\Http\Message\ResponseInterface;
+use Psr\Http\Message\ServerRequestInterface;
+use Zend\Expressive\Authentication\AuthenticationInterface;
+use Zend\Expressive\Authentication\UserInterface;
+use Zend\Expressive\Authentication\UserRepositoryInterface;
+
+class BasicAccess implements AuthenticationInterface
+{
+    /**
+     * @var UserRepositoryInterface
+     */
+    protected $repository;
+
+    /**
+     * @var string
+     */
+    protected $realm;
+
+    /**
+     * @var ResponseInterface
+     */
+    protected $responsePrototype;
+
+    /**
+     * Constructor
+     *
+     * @param UserRepositoryInterface $repository
+     * @param string $realm
+     * @param ResponseInterface $responsePrototype
+     */
+    public function __construct(
+        UserRepositoryInterface $repository,
+        string $realm,
+        ResponseInterface $responsePrototype
+    ) {
+        $this->repository = $repository;
+        $this->realm = $realm;
+        $this->responsePrototype = $responsePrototype;
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    public function authenticate(ServerRequestInterface $request): ?UserInterface
+    {
+        $authHeader = $request->getHeader('Authorization');
+        if (empty($authHeader)) {
+            return null;
+        }
+        if (! preg_match('/Basic ([a-zA-Z0-9\+\/\=]+)/', $authHeader[0], $match)) {
+            return null;
+        }
+        [$username, $password] = explode(':', base64_decode($match[1]));
+
+        return $this->repository->authenticate($username, $password);
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    public function unauthorizedResponse(ServerRequestInterface $request): ResponseInterface
+    {
+        return $this->responsePrototype->withHeader(
+            'WWW-Authenticate',
+            sprintf("Basic realm=\"%s\"", $this->realm)
+        )->withStatus(401);
+    }
+}
diff --git a/src/BasicAccessFactory.php b/src/BasicAccessFactory.php
@@ -0,0 +1,42 @@
+<?php
+/**
+ * @see       https://github.com/zendframework/zend-expressive-authentication-basic for the canonical source repository
+ * @copyright Copyright (c) 2017 Zend Technologies USA Inc. (http://www.zend.com)
+ * @license   https://github.com/zendframework/zend-expressive-authentication-basic/blob/master/LICENSE.md New BSD License
+ */
+
+namespace Zend\Expressive\Authentication\Basic;
+
+use Psr\Container\ContainerInterface;
+use Zend\Expressive\Authentication\Exception;
+use Zend\Expressive\Authentication\ResponsePrototypeTrait;
+use Zend\Expressive\Authentication\UserRepositoryInterface;
+
+class BasicAccessFactory
+{
+    use ResponsePrototypeTrait;
+
+    public function __invoke(ContainerInterface $container): BasicAccess
+    {
+        $userRegister = $container->has(UserRepositoryInterface::class) ?
+                        $container->get(UserRepositoryInterface::class) :
+                        null;
+        if (null === $userRegister) {
+            throw new Exception\InvalidConfigException(
+                'UserRepositoryInterface service is missing for authentication'
+            );
+        }
+        $realm = $container->get('config')['authentication']['realm'] ?? null;
+        if (null === $realm) {
+            throw new Exception\InvalidConfigException(
+                'Realm value is not present in authentication config'
+            );
+        }
+
+        return new BasicAccess(
+            $userRegister,
+            $realm,
+            $this->getResponsePrototype($container)
+        );
+    }
+}
diff --git a/src/ConfigProvider.php b/src/ConfigProvider.php
@@ -19,6 +19,9 @@ public function __invoke() : array
     public function getDependencies() : array
     {
         return [
+            'factories' => [
+                BasicAccess::class => BasicAccessFactory::class,
+            ],
         ];
     }
 }
diff --git a/test/BasicAccessFactoryTest.php b/test/BasicAccessFactoryTest.php
@@ -0,0 +1,73 @@
+<?php
+/**
+ * @see       https://github.com/zendframework/zend-expressive-authentication-basic for the canonical source repository
+ * @copyright Copyright (c) 2017 Zend Technologies USA Inc. (http://www.zend.com)
+ * @license   https://github.com/zendframework/zend-expressive-authentication-basic/blob/master/LICENSE.md New BSD License
+ */
+
+namespace ZendTest\Expressive\Authentication\Basic;
+
+use PHPUnit\Framework\TestCase;
+use Prophecy\Argument;
+use Psr\Container\ContainerInterface;
+use Psr\Http\Message\ResponseInterface;
+use Zend\Expressive\Authentication\Basic\BasicAccess;
+use Zend\Expressive\Authentication\Basic\BasicAccessFactory;
+use Zend\Expressive\Authentication\UserRepositoryInterface;
+
+class BasicAccessFactoryTest extends TestCase
+{
+    protected function setUp()
+    {
+        $this->container = $this->prophesize(ContainerInterface::class);
+        $this->factory = new BasicAccessFactory();
+        $this->userRegister = $this->prophesize(UserRepositoryInterface::class);
+        $this->responsePrototype = $this->prophesize(ResponseInterface::class);
+    }
+
+    /**
+     * @expectedException Zend\Expressive\Authentication\Exception\InvalidConfigException
+     */
+    public function testInvokeWithEmptyContainer()
+    {
+        $basicAccess = ($this->factory)($this->container->reveal());
+    }
+
+    /**
+     * @expectedException Zend\Expressive\Authentication\Exception\InvalidConfigException
+     */
+    public function testInvokeWithContainerEmptyConfig()
+    {
+        $this->container->has(UserRepositoryInterface::class)
+                        ->willReturn(true);
+        $this->container->get(UserRepositoryInterface::class)
+                        ->willReturn($this->userRegister->reveal());
+        $this->container->has(ResponseInterface::class)
+                        ->willReturn(true);
+        $this->container->get(ResponseInterface::class)
+                        ->willReturn($this->responsePrototype->reveal());
+        $this->container->get('config')
+                        ->willReturn([]);
+
+        $basicAccess = ($this->factory)($this->container->reveal());
+    }
+
+    public function testInvokeWithContainerAndConfig()
+    {
+        $this->container->has(UserRepositoryInterface::class)
+                        ->willReturn(true);
+        $this->container->get(UserRepositoryInterface::class)
+                        ->willReturn($this->userRegister->reveal());
+        $this->container->has(ResponseInterface::class)
+                        ->willReturn(true);
+        $this->container->get(ResponseInterface::class)
+                        ->willReturn($this->responsePrototype->reveal());
+        $this->container->get('config')
+                        ->willReturn([
+                            'authentication' => ['realm' => 'My page']
+                        ]);
+
+        $basicAccess = ($this->factory)($this->container->reveal());
+        $this->assertInstanceOf(BasicAccess::class, $basicAccess);
+    }
+}
diff --git a/test/BasicAccessTest.php b/test/BasicAccessTest.php
@@ -0,0 +1,120 @@
+<?php
+/**
+ * @see       https://github.com/zendframework/zend-expressive-authentication-basic for the canonical source repository
+ * @copyright Copyright (c) 2017 Zend Technologies USA Inc. (http://www.zend.com)
+ * @license   https://github.com/zendframework/zend-expressive-authentication-basic/blob/master/LICENSE.md New BSD License
+ */
+
+namespace ZendTest\Expressive\Authentication\Basic;
+
+use PHPUnit\Framework\TestCase;
+use Prophecy\Argument;
+use Psr\Http\Message\ServerRequestInterface;
+use Psr\Http\Message\ResponseInterface;
+use Zend\Expressive\Authentication\AuthenticationInterface;
+use Zend\Expressive\Authentication\Basic\BasicAccess;
+use Zend\Expressive\Authentication\UserInterface;
+use Zend\Expressive\Authentication\UserRepositoryInterface;
+
+class BasicAccessTest extends TestCase
+{
+    protected function setUp()
+    {
+        $this->request = $this->prophesize(ServerRequestInterface::class);
+        $this->userRepository = $this->prophesize(UserRepositoryInterface::class);
+        $this->authenticatedUser = $this->prophesize(UserInterface::class);
+        $this->responsePrototype = $this->prophesize(ResponseInterface::class);
+    }
+
+    public function testConstructor()
+    {
+        $basicAccess = new BasicAccess(
+            $this->userRepository->reveal(),
+            'test',
+            $this->responsePrototype->reveal()
+        );
+        $this->assertInstanceOf(AuthenticationInterface::class, $basicAccess);
+    }
+
+    public function testIsAuthenticatedWithoutHeader()
+    {
+        $this->request->getHeader('Authorization')
+                      ->willReturn([]);
+
+        $basicAccess = new BasicAccess(
+            $this->userRepository->reveal(),
+            'test',
+            $this->responsePrototype->reveal()
+        );
+        $this->assertNull($basicAccess->authenticate($this->request->reveal()));
+    }
+
+    public function testIsAuthenticatedWithoutBasic()
+    {
+        $this->request->getHeader('Authorization')
+                      ->willReturn(['foo']);
+
+        $basicAccess = new BasicAccess(
+            $this->userRepository->reveal(),
+            'test',
+            $this->responsePrototype->reveal()
+        );
+        $this->assertNull($basicAccess->authenticate($this->request->reveal()));
+    }
+
+    public function testIsAuthenticatedWithValidCredential()
+    {
+        $this->request->getHeader('Authorization')
+                      ->willReturn(['Basic QWxhZGRpbjpPcGVuU2VzYW1l']);
+        $this->request->withAttribute(UserInterface::class, Argument::type(UserInterface::class))
+                      ->willReturn($this->request->reveal());
+
+        $this->authenticatedUser->getUsername()->willReturn('Aladdin');
+        $this->userRepository->authenticate('Aladdin', 'OpenSesame')
+                             ->willReturn($this->authenticatedUser->reveal());
+
+        $basicAccess = new BasicAccess(
+            $this->userRepository->reveal(),
+            'test',
+            $this->responsePrototype->reveal()
+        );
+        $user = $basicAccess->authenticate($this->request->reveal());
+        $this->assertInstanceOf(UserInterface::class, $user);
+        $this->assertEquals('Aladdin', $user->getUsername());
+    }
+
+    public function testIsAuthenticatedWithNoCredential()
+    {
+        $this->request->getHeader('Authorization')
+                      ->willReturn(['Basic QWxhZGRpbjpPcGVuU2VzYW1l']);
+
+        $this->userRepository->authenticate('Aladdin', 'OpenSesame')
+                             ->willReturn(null);
+
+        $basicAccess = new BasicAccess(
+            $this->userRepository->reveal(),
+            'test',
+            $this->responsePrototype->reveal()
+        );
+        $this->assertNull($basicAccess->authenticate($this->request->reveal()));
+    }
+
+    public function testGetUnauthenticatedResponse()
+    {
+        $this->responsePrototype->getHeader('WWW-Authenticate')
+                                ->willReturn(['Basic realm="test"']);
+        $this->responsePrototype->withHeader('WWW-Authenticate', 'Basic realm="test"')
+                                ->willReturn($this->responsePrototype->reveal());
+        $this->responsePrototype->withStatus(401)
+                                ->willReturn($this->responsePrototype->reveal());
+        $basicAccess = new BasicAccess(
+            $this->userRepository->reveal(),
+            'test',
+            $this->responsePrototype->reveal()
+        );
+        $response = $basicAccess->unauthorizedResponse($this->request->reveal());
+
+        $this->assertInstanceOf(ResponseInterface::class, $response);
+        $this->assertEquals(['Basic realm="test"'], $response->getHeader('WWW-Authenticate'));
+    }
+}

Original file line number	Diff line number	Diff line change
`@@ -19,6 +19,9 @@ public function __invoke() : array`
`19`	`19`	`public function getDependencies() : array`
`20`	`20`	`{`
`21`	`21`	`return [`
	`22`	`+ 'factories' => [`
	`23`	`+ BasicAccess::class => BasicAccessFactory::class,`
	`24`	`+ ],`
`22`	`25`	`];`
`23`	`26`	`}`
`24`	`27`	`}`