1 files changed, 26 insertions, 3 deletions
diff --git a/tests/api/ApiMiddlewareTest.php b/tests/api/ApiMiddlewareTest.php
index 4d4dd9b9..d9753b1d 100644
--- a/tests/api/ApiMiddlewareTest.php
+++ b/tests/api/ApiMiddlewareTest.php
@@ -143,7 +143,7 @@ class ApiMiddlewareTest extends \PHPUnit_Framework_TestCase
        $env = Environment::mock([
            'REQUEST_METHOD' => 'GET',
            'REQUEST_URI' => '/echo',
-            'HTTP_JWT'=> 'jwt',
+            'HTTP_AUTHORIZATION'=> 'Bearer jwt',
        ]);
        $request = Request::createFromEnvironment($env);
        $response = new Response();
@@ -157,7 +157,30 @@ class ApiMiddlewareTest extends \PHPUnit_Framework_TestCase
    }
    /**
-     * Invoke the middleware without an invalid JWT token (debug):
+     * Invoke the middleware with an invalid JWT token header
+     */
+    public function testInvalidJwtAuthHeaderDebug()
+    {
+        $this->conf->set('dev.debug', true);
+        $mw = new ApiMiddleware($this->container);
+        $env = Environment::mock([
+            'REQUEST_METHOD' => 'GET',
+            'REQUEST_URI' => '/echo',
+            'HTTP_AUTHORIZATION'=> 'PolarBearer jwt',
+        ]);
+        $request = Request::createFromEnvironment($env);
+        $response = new Response();
+        /** @var Response $response */
+        $response = $mw($request, $response, null);
+        $this->assertEquals(401, $response->getStatusCode());
+        $body = json_decode((string) $response->getBody());
+        $this->assertEquals('Not authorized: Invalid JWT header', $body->message);
+        $this->assertContains('ApiAuthorizationException', $body->stacktrace);
+    }
+    /**
+     * Invoke the middleware with an invalid JWT token (debug):
     * should return a 401 error Unauthorized - with a specific message and a stacktrace.
     *
     * Note: specific JWT errors tests are handled in ApiUtilsTest.
@@ -169,7 +192,7 @@ class ApiMiddlewareTest extends \PHPUnit_Framework_TestCase
        $env = Environment::mock([
            'REQUEST_METHOD' => 'GET',
            'REQUEST_URI' => '/echo',
-            'HTTP_JWT'=> 'bad jwt',
+            'HTTP_AUTHORIZATION'=> 'Bearer jwt',
        ]);
        $request = Request::createFromEnvironment($env);
        $response = new Response();

diff --git a/tests/api/ApiMiddlewareTest.php b/tests/api/ApiMiddlewareTest.php index 4d4dd9b9..d9753b1d 100644 --- a/tests/api/ApiMiddlewareTest.php +++ b/tests/api/ApiMiddlewareTest.php
@@ -143,7 +143,7 @@ class ApiMiddlewareTest extends \PHPUnit_Framework_TestCase
143	$env = Environment::mock([	143	$env = Environment::mock([
144	'REQUEST_METHOD' => 'GET',	144	'REQUEST_METHOD' => 'GET',
145	'REQUEST_URI' => '/echo',	145	'REQUEST_URI' => '/echo',
146	'HTTP_JWT'=> 'jwt',	146	'HTTP_AUTHORIZATION'=> 'Bearer jwt',
147	]);	147	]);
148	$request = Request::createFromEnvironment($env);	148	$request = Request::createFromEnvironment($env);
149	$response = new Response();	149	$response = new Response();
@@ -157,7 +157,30 @@ class ApiMiddlewareTest extends \PHPUnit_Framework_TestCase
157	}	157	}
158		158
159	/**	159	/**
160	* Invoke the middleware without an invalid JWT token (debug):	160	* Invoke the middleware with an invalid JWT token header
		161	*/
		162	public function testInvalidJwtAuthHeaderDebug()
		163	{
		164	$this->conf->set('dev.debug', true);
		165	$mw = new ApiMiddleware($this->container);
		166	$env = Environment::mock([
		167	'REQUEST_METHOD' => 'GET',
		168	'REQUEST_URI' => '/echo',
		169	'HTTP_AUTHORIZATION'=> 'PolarBearer jwt',
		170	]);
		171	$request = Request::createFromEnvironment($env);
		172	$response = new Response();
		173	/** @var Response $response */
		174	$response = $mw($request, $response, null);
		175
		176	$this->assertEquals(401, $response->getStatusCode());
		177	$body = json_decode((string) $response->getBody());
		178	$this->assertEquals('Not authorized: Invalid JWT header', $body->message);
		179	$this->assertContains('ApiAuthorizationException', $body->stacktrace);
		180	}
		181
		182	/**
		183	* Invoke the middleware with an invalid JWT token (debug):
161	* should return a 401 error Unauthorized - with a specific message and a stacktrace.	184	* should return a 401 error Unauthorized - with a specific message and a stacktrace.
162	*	185	*
163	* Note: specific JWT errors tests are handled in ApiUtilsTest.	186	* Note: specific JWT errors tests are handled in ApiUtilsTest.
@@ -169,7 +192,7 @@ class ApiMiddlewareTest extends \PHPUnit_Framework_TestCase
169	$env = Environment::mock([	192	$env = Environment::mock([
170	'REQUEST_METHOD' => 'GET',	193	'REQUEST_METHOD' => 'GET',
171	'REQUEST_URI' => '/echo',	194	'REQUEST_URI' => '/echo',
172	'HTTP_JWT'=> 'bad jwt',	195	'HTTP_AUTHORIZATION'=> 'Bearer jwt',
173	]);	196	]);
174	$request = Request::createFromEnvironment($env);	197	$request = Request::createFromEnvironment($env);
175	$response = new Response();	198	$response = new Response();