aboutsummaryrefslogtreecommitdiffhomepage
path: root/tests/api
diff options
context:
space:
mode:
Diffstat (limited to 'tests/api')
-rw-r--r--tests/api/ApiMiddlewareTest.php29
1 files changed, 26 insertions, 3 deletions
diff --git a/tests/api/ApiMiddlewareTest.php b/tests/api/ApiMiddlewareTest.php
index 4d4dd9b9..d9753b1d 100644
--- a/tests/api/ApiMiddlewareTest.php
+++ b/tests/api/ApiMiddlewareTest.php
@@ -143,7 +143,7 @@ class ApiMiddlewareTest extends \PHPUnit_Framework_TestCase
143 $env = Environment::mock([ 143 $env = Environment::mock([
144 'REQUEST_METHOD' => 'GET', 144 'REQUEST_METHOD' => 'GET',
145 'REQUEST_URI' => '/echo', 145 'REQUEST_URI' => '/echo',
146 'HTTP_JWT'=> 'jwt', 146 'HTTP_AUTHORIZATION'=> 'Bearer jwt',
147 ]); 147 ]);
148 $request = Request::createFromEnvironment($env); 148 $request = Request::createFromEnvironment($env);
149 $response = new Response(); 149 $response = new Response();
@@ -157,7 +157,30 @@ class ApiMiddlewareTest extends \PHPUnit_Framework_TestCase
157 } 157 }
158 158
159 /** 159 /**
160 * Invoke the middleware without an invalid JWT token (debug): 160 * Invoke the middleware with an invalid JWT token header
161 */
162 public function testInvalidJwtAuthHeaderDebug()
163 {
164 $this->conf->set('dev.debug', true);
165 $mw = new ApiMiddleware($this->container);
166 $env = Environment::mock([
167 'REQUEST_METHOD' => 'GET',
168 'REQUEST_URI' => '/echo',
169 'HTTP_AUTHORIZATION'=> 'PolarBearer jwt',
170 ]);
171 $request = Request::createFromEnvironment($env);
172 $response = new Response();
173 /** @var Response $response */
174 $response = $mw($request, $response, null);
175
176 $this->assertEquals(401, $response->getStatusCode());
177 $body = json_decode((string) $response->getBody());
178 $this->assertEquals('Not authorized: Invalid JWT header', $body->message);
179 $this->assertContains('ApiAuthorizationException', $body->stacktrace);
180 }
181
182 /**
183 * Invoke the middleware with an invalid JWT token (debug):
161 * should return a 401 error Unauthorized - with a specific message and a stacktrace. 184 * should return a 401 error Unauthorized - with a specific message and a stacktrace.
162 * 185 *
163 * Note: specific JWT errors tests are handled in ApiUtilsTest. 186 * Note: specific JWT errors tests are handled in ApiUtilsTest.
@@ -169,7 +192,7 @@ class ApiMiddlewareTest extends \PHPUnit_Framework_TestCase
169 $env = Environment::mock([ 192 $env = Environment::mock([
170 'REQUEST_METHOD' => 'GET', 193 'REQUEST_METHOD' => 'GET',
171 'REQUEST_URI' => '/echo', 194 'REQUEST_URI' => '/echo',
172 'HTTP_JWT'=> 'bad jwt', 195 'HTTP_AUTHORIZATION'=> 'Bearer jwt',
173 ]); 196 ]);
174 $request = Request::createFromEnvironment($env); 197 $request = Request::createFromEnvironment($env);
175 $response = new Response(); 198 $response = new Response();