You are here

Home » API reference » JSON Web Token Authentication (JWT) 8 » UserPathAuthTest.php » UserPathAuthTest

public function UserPathAuthTest::testAuth in JSON Web Token Authentication (JWT) 8

Verify the authentication for a user.

File

tests/src/Kernel/UserPathAuthTest.php, line 46

Class

UserPathAuthTest
Tests JWT config schema.

Namespace

Drupal\Tests\jwt\Kernel

Code

public function testAuth() {
  $account = $this
    ->createUser([
    'access content',
  ]);
  $this
    ->setCurrentUser($account);

  /** @var \Drupal\jwt_path_auth\Authentication\Provider\JwtPathAuth $auth_service */
  $auth_service = $this->container
    ->get('jwt_path_auth.authentication.jwt');

  /** @var \Drupal\jwt\Transcoder\JwtTranscoderInterface $transcoder */
  $transcoder = $this->container
    ->get('jwt.transcoder');
  $jwt = new JsonWebToken();
  $jwt
    ->setClaim([
    'drupal',
    'path_auth',
    'uid',
  ], $account
    ->id());
  $jwt
    ->setClaim([
    'drupal',
    'path_auth',
    'path',
  ], '/');
  $token = $transcoder
    ->encode($jwt);
  $request = Request::create('/system/files/private/drupal.txt', 'GET', [
    'jwt' => $token,
  ]);
  $this
    ->assertTrue($auth_service
    ->applies($request));
  $this
    ->assertNotEmpty($auth_service
    ->authenticate($request));
  $request = Request::create('/node/1', 'GET', [
    'jwt' => $token,
  ]);
  $this
    ->assertFalse($auth_service
    ->applies($request));
  $config = $this
    ->config('jwt_path_auth.config');
  $config
    ->set('allowed_path_prefixes', [
    '/node/',
  ]);
  $config
    ->save();
  $request = Request::create('/system/files/private/drupal.txt', 'GET', [
    'jwt' => $token,
  ]);
  $this
    ->assertFalse($auth_service
    ->applies($request));
  $request = Request::create('/node/1', 'GET', [
    'jwt' => $token,
  ]);
  $this
    ->assertTrue($auth_service
    ->applies($request));
  $this
    ->assertNotEmpty($auth_service
    ->authenticate($request));
  $jwt = new JsonWebToken();
  $jwt
    ->setClaim([
    'drupal',
    'path_auth',
    'uid',
  ], $account
    ->id());
  $jwt
    ->setClaim([
    'drupal',
    'path_auth',
    'path',
  ], '/foo');
  $token = $transcoder
    ->encode($jwt);
  $request = Request::create('/node/1', 'GET', [
    'jwt' => $token,
  ]);
  $this
    ->assertTrue($auth_service
    ->applies($request));

  // The claim path does not match the request path.
  $this
    ->assertNull($auth_service
    ->authenticate($request));
  $jwt = new JsonWebToken();
  $jwt
    ->setClaim([
    'drupal',
    'path_auth',
    'uid',
  ], $account
    ->id() + 1);
  $jwt
    ->setClaim([
    'drupal',
    'path_auth',
    'path',
  ], '/');
  $request = Request::create('/node/1', 'GET', [
    'jwt' => $token,
  ]);
  $this
    ->assertTrue($auth_service
    ->applies($request));

  // The uid does not match a valid uid.
  $this
    ->assertNull($auth_service
    ->authenticate($request));

  // Block account should not be authenticated.
  $account
    ->block()
    ->save();
  $request = Request::create('/node/1', 'GET', [
    'jwt' => $token,
  ]);
  $this
    ->assertTrue($auth_service
    ->applies($request));
  $this
    ->assertNull($auth_service
    ->authenticate($request));
}