Test login uri matches expected pattern

Greg Bowler · Greg Bowler · commit e230f907cf30 · 2020-02-29T15:50:01.000Z
diff --git a/src/AuthUri.php b/src/AuthUri.php
@@ -8,19 +8,19 @@ class AuthUri extends Uri {
 
 	const QUERY_STRING_CIPHER = "cipher";
 	const QUERY_STRING_INIT_VECTOR = "iv";
-	const QUERY_STRING_RETURN_PATH = "return";
+	const QUERY_STRING_CURRENT_PATH = "path";
 
 	/**
 	 * @param Token $token This must be the same instance of the Token when
 	 * creating Authenticator for the first time as it is when checking the
 	 * response from the Authwave provider (store in a session).
-	 * @param string $returnPath
+	 * @param string $currentPath
 	 * @param string $baseUri The base URI of the application. This is the
 	 * URI authority with optional scheme, as localhost allows http://
 	 */
 	public function __construct(
 		Token $token,
-		string $returnPath = "/",
+		string $currentPath = "/",
 		string $baseUri = self::DEFAULT_BASE_URI
 	) {
 		$baseUri = $this->normaliseBaseUri($baseUri);
@@ -30,7 +30,7 @@ public function __construct(
 		$this->query = http_build_query([
 			self::QUERY_STRING_CIPHER => (string)$token->generateCipher(),
 			self::QUERY_STRING_INIT_VECTOR => (string)$token->getIv(),
-			self::QUERY_STRING_RETURN_PATH => base64_encode($returnPath),
+			self::QUERY_STRING_CURRENT_PATH => $currentPath,
 		]);
 	}
 
diff --git a/src/Authenticator.php b/src/Authenticator.php
@@ -8,7 +8,7 @@ class Authenticator {
 
 	private string $clientKey;
 	private string $clientSecret;
-	private string $redirectPath;
+	private string $currentUriPath;
 	private string $authwaveHost;
 	private SessionContainer $session;
 	private SessionData $sessionData;
@@ -17,7 +17,7 @@ class Authenticator {
 	public function __construct(
 		string $clientKey,
 		string $clientSecret,
-		string $redirectPath,
+		string $currentUriPath,
 		string $authwaveHost = "login.authwave.com",
 		SessionContainer $session = null,
 		RedirectHandler $redirectHandler = null
@@ -32,7 +32,7 @@ public function __construct(
 
 		$this->clientKey = $clientKey;
 		$this->clientSecret = $clientSecret;
-		$this->redirectPath = $redirectPath;
+		$this->currentUriPath = $currentUriPath;
 		$this->authwaveHost = $authwaveHost;
 		$this->session = $session;
 		$this->sessionData = $session->get(self::SESSION_KEY);
@@ -56,15 +56,18 @@ public function isLoggedIn():bool {
 		return isset($userData);
 	}
 
-	public function login():void {
+	public function login(Token $token = null):void {
 		if($this->isLoggedIn()) {
 			return;
 		}
 
-		$token = new Token($this->clientKey, $this->clientSecret);
+		if(is_null($token)) {
+			$token = new Token($this->clientKey, $this->clientSecret);
+		}
+
 		$loginUri = new AuthUri(
 			$token,
-			$this->redirectPath,
+			$this->currentUriPath,
 			$this->authwaveHost
 		);
 		$this->redirectHandler->redirect($loginUri);
diff --git a/test/phpunit/AuthUriTest.php b/test/phpunit/AuthUriTest.php
@@ -93,8 +93,8 @@ public function testQueryString() {
 		);
 
 		self::assertEquals(
-			base64_encode($returnPath),
-			$queryParts[AuthUri::QUERY_STRING_RETURN_PATH]
+			$returnPath,
+			$queryParts[AuthUri::QUERY_STRING_CURRENT_PATH]
 		);
 	}
 }
diff --git a/test/phpunit/AuthenticatorTest.php b/test/phpunit/AuthenticatorTest.php
@@ -3,9 +3,11 @@
 
 use Authwave\Authenticator;
 use Authwave\AuthUri;
+use Authwave\InitVector;
 use Authwave\RedirectHandler;
 use Authwave\SessionData;
 use Authwave\SessionNotStartedException;
+use Authwave\Token;
 use Authwave\UserData;
 use PHPUnit\Framework\TestCase;
 use Psr\Http\Message\UriInterface;
@@ -110,4 +112,49 @@ public function testLoginRedirectsLocalhost() {
 		);
 		$sut->login();
 	}
+
+	public function testLoginRedirectsWithCorrectQueryString() {
+		$_SESSION = [];
+
+		$key = uniqid("key-");
+		$secret = uniqid("secret-");
+		$currentPath = uniqid("/path/");
+
+		$cipher = "example-cipher";
+		$ivString = "example-iv";
+
+		$iv = self::createMock(InitVector::class);
+		$iv->method("__toString")
+			->willReturn($ivString);
+
+		$token = self::createMock(Token::class);
+		$token->method("generateCipher")
+			->willReturn($cipher);
+		$token->method("getIv")
+			->willReturn($iv);
+
+		$expectedQueryParts = [
+			AuthUri::QUERY_STRING_CIPHER => $cipher,
+			AuthUri::QUERY_STRING_INIT_VECTOR => $ivString,
+			AuthUri::QUERY_STRING_CURRENT_PATH => $currentPath,
+		];
+		$expectedQuery = http_build_query($expectedQueryParts);
+
+		$redirectHandler = self::createMock(RedirectHandler::class);
+		$redirectHandler->expects(self::once())
+			->method("redirect")
+			->with(self::callback(fn(UriInterface $uri) =>
+				$uri->getQuery() === $expectedQuery
+			));
+
+		$sut = new Authenticator(
+			$key,
+			$secret,
+			$currentPath,
+			AuthUri::DEFAULT_BASE_URI,
+			null,
+			$redirectHandler
+		);
+		$sut->login($token);
+	}
 }

Original file line number	Diff line number	Diff line change
`@@ -93,8 +93,8 @@ public function testQueryString() {`
`93`	`93`	`);`
`94`	`94`
`95`	`95`	`self::assertEquals(`
`96`		`- base64_encode($returnPath),`
`97`		`- $queryParts[AuthUri::QUERY_STRING_RETURN_PATH]`
	`96`	`+ $returnPath,`
	`97`	`+ $queryParts[AuthUri::QUERY_STRING_CURRENT_PATH]`
`98`	`98`	`);`
`99`	`99`	`}`
`100`	`100`	`}`