$env = Environment::mock([
'REQUEST_METHOD' => 'GET',
'REQUEST_URI' => '/echo',
- 'HTTP_JWT'=> 'jwt',
+ 'HTTP_AUTHORIZATION'=> 'Bearer jwt',
]);
$request = Request::createFromEnvironment($env);
$response = new Response();
}
/**
- * Invoke the middleware without an invalid JWT token (debug):
+ * Invoke the middleware with an invalid JWT token header
+ */
+ public function testInvalidJwtAuthHeaderDebug()
+ {
+ $this->conf->set('dev.debug', true);
+ $mw = new ApiMiddleware($this->container);
+ $env = Environment::mock([
+ 'REQUEST_METHOD' => 'GET',
+ 'REQUEST_URI' => '/echo',
+ 'HTTP_AUTHORIZATION'=> 'PolarBearer jwt',
+ ]);
+ $request = Request::createFromEnvironment($env);
+ $response = new Response();
+ /** @var Response $response */
+ $response = $mw($request, $response, null);
+
+ $this->assertEquals(401, $response->getStatusCode());
+ $body = json_decode((string) $response->getBody());
+ $this->assertEquals('Not authorized: Invalid JWT header', $body->message);
+ $this->assertContains('ApiAuthorizationException', $body->stacktrace);
+ }
+
+ /**
+ * Invoke the middleware with an invalid JWT token (debug):
* should return a 401 error Unauthorized - with a specific message and a stacktrace.
*
* Note: specific JWT errors tests are handled in ApiUtilsTest.
$env = Environment::mock([
'REQUEST_METHOD' => 'GET',
'REQUEST_URI' => '/echo',
- 'HTTP_JWT'=> 'bad jwt',
+ 'HTTP_AUTHORIZATION'=> 'Bearer jwt',
]);
$request = Request::createFromEnvironment($env);
$response = new Response();
projects / github / shaarli / Shaarli.git / blobdiff