Basic Auth Controller

Added Basic Auth Controller for HTTP Basic Auth setup. Extending OAuth from this, and altered how the Bearer Token is configured, by using a method that can be overridden in any class that extends it. Changed DEFAULT AUTH ACTIONS to be protected, so that it can be overridden and defined by extended classes.
MichaelJ2324 · Aug 15, 2017 · b8a2caa · b8a2caa
1 parent 2256af5
commit b8a2caa
Show file tree

Hide file tree

Showing 6 changed files with 146 additions and 16 deletions.
diff --git a/src/Auth/Abstracts/AbstractAuthController.php b/src/Auth/Abstracts/AbstractAuthController.php
@@ -13,10 +13,10 @@ abstract class AbstractAuthController implements AuthControllerInterface
     const ACTION_LOGOUT = 'logout';
 
     /**
-     * Auth Controller Actions
+     * Auth Controller Actions, used to associate Endpoints
      * @var array
      */
-    private static $_DEFAULT_AUTH_ACTIONS = array(
+    protected static $_DEFAULT_AUTH_ACTIONS = array(
         self::ACTION_AUTH,
         self::ACTION_LOGOUT,
     );
@@ -52,7 +52,7 @@ abstract class AbstractAuthController implements AuthControllerInterface
 
     public function __construct()
     {
-        foreach (self::$_DEFAULT_AUTH_ACTIONS as $action) {
+        foreach (static::$_DEFAULT_AUTH_ACTIONS as $action) {
             $this->actions[] = $action;
         }
     }

diff --git a/src/Auth/Abstracts/AbstractBasicController.php b/src/Auth/Abstracts/AbstractBasicController.php
@@ -0,0 +1,43 @@
+<?php
+
+namespace MRussell\REST\Auth\Abstracts;
+
+use MRussell\Http\Request\RequestInterface;
+
+/**
+ * Class AbstractBasicController
+ * @package MRussell\REST\Auth\Abstracts
+ */
+class AbstractBasicController extends AbstractAuthController
+{
+    const DEFAULT_AUTH_HEADER = 'Authorization';
+
+    const DEFAULT_AUTH_TYPE = 'Basic';
+
+    protected static $_AUTH_HEADER = self::DEFAULT_AUTH_HEADER;
+
+    protected static $_AUTH_TYPE = self::DEFAULT_AUTH_TYPE;
+
+    /**
+     * @inheritdoc
+     */
+    public function configureRequest(RequestInterface $Request)
+    {
+        $Request->addHeader(static::$_AUTH_HEADER, $this->getAuthHeaderValue());
+        return $this;
+    }
+
+    /**
+     * Parse the Credentials or Token to build out the Auth Header Value
+     * @return string
+     */
+    protected function getAuthHeaderValue()
+    {
+        $value = "";
+        if (isset($this->credentials['username']) && isset($this->credentials['password'])){
+            $value = $this->credentials['username'].":".$this->credentials['password'];
+            $value = base64_encode($value);
+        }
+        return static::$_AUTH_TYPE." ".$value;
+    }
+}
diff --git a/src/Auth/Abstracts/AbstractOAuth2Controller.php b/src/Auth/Abstracts/AbstractOAuth2Controller.php
@@ -6,8 +6,10 @@
 use MRussell\REST\Endpoint\Interfaces\EndpointInterface;
 use MRussell\REST\Exception\Auth\InvalidToken;
 
-abstract class AbstractOAuth2Controller extends AbstractAuthController
+abstract class AbstractOAuth2Controller extends AbstractBasicController
 {
+    const DEFAULT_AUTH_TYPE = 'Bearer';
+
     const ACTION_OAUTH_REFRESH = 'refresh';
 
     const OAUTH_RESOURCE_OWNER_GRANT = 'password';
@@ -21,19 +23,19 @@ abstract class AbstractOAuth2Controller extends AbstractAuthController
     /**
      * @var string
      */
-    protected static $_OAUTH_HEADER = 'Authorization';
+    protected static $_DEFAULT_GRANT_TYPE = self::OAUTH_CLIENT_CREDENTIALS_GRANT;
 
     /**
-     * @var string
+     * @inheritdoc
      */
-    protected static $_DEFAULT_GRANT_TYPE = self::OAUTH_CLIENT_CREDENTIALS_GRANT;
+    protected static $_AUTH_TYPE = self::DEFAULT_AUTH_TYPE;
 
     /**
-     * @var string
+     * @inheritdoc
      */
-    protected static $_TOKEN_VALUE = 'Bearer %s';
-
-    protected $actions = array(
+    protected static $_DEFAULT_AUTH_ACTIONS = array(
+        self::ACTION_AUTH,
+        self::ACTION_LOGOUT,
         self::ACTION_OAUTH_REFRESH
     );
 
@@ -44,16 +46,16 @@ abstract class AbstractOAuth2Controller extends AbstractAuthController
     protected $token = array();
 
     /**
-     * Set the OAuth Authorization header
+     * Get/Set the OAuth Authorization header
      * @param $header
      * @return $this
      */
     public static function oauthHeader($header = null)
     {
         if ($header !== null) {
-            static::$_OAUTH_HEADER = $header;
+            static::$_AUTH_HEADER = $header;
         }
-        return static::$_OAUTH_HEADER;
+        return static::$_AUTH_HEADER;
     }
 
     /**
@@ -88,11 +90,20 @@ protected function configureToken($token)
     public function configureRequest(RequestInterface $Request)
     {
         if ($this->isAuthenticated()) {
-            $Request->addHeader(static::$_OAUTH_HEADER, sprintf(static::$_TOKEN_VALUE, $this->token['access_token']));
+            return parent::configureRequest($Request);
         }
         return $this;
     }
 
+    /**
+     * Get the Value to be set on the Auth Header
+     * @return mixed
+     */
+    protected function getAuthHeaderValue()
+    {
+        return static::$_AUTH_TYPE." ".$this->token['access_token'];
+    }
+
     /**
      * Refreshes the OAuth 2 Token
      * @return bool

diff --git a/tests/Auth/AbstractBasicControllerTest.php b/tests/Auth/AbstractBasicControllerTest.php
@@ -0,0 +1,63 @@
+<?php
+/**
+ * User: mrussell
+ * Date: 8/15/17
+ * Time: 8:50 AM
+ */
+
+namespace MRussell\REST\Tests\Auth;
+
+use MRussell\Http\Request\JSON;
+use MRussell\REST\Tests\Stubs\Auth\BasicController;
+
+
+/**
+ * Class AbstractBasicControllerTest
+ * @package MRussell\REST\Tests\Auth
+ * @coversDefaultClass MRussell\REST\Auth\Abstracts\AbstractBasicController
+ * @group AbstractBasicControllerTest
+ */
+class AbstractBasicControllerTest extends \PHPUnit_Framework_TestCase
+{
+
+    public static function setUpBeforeClass()
+    {
+        //Add Setup for static properties here
+    }
+
+    public static function tearDownAfterClass()
+    {
+        //Add Tear Down for static properties here
+    }
+
+    public function setUp()
+    {
+        parent::setUp();
+    }
+
+    public function tearDown()
+    {
+        parent::tearDown();
+    }
+
+    /**
+     * @covers ::configureRequest
+     * @covers ::getAuthHeaderValue
+     */
+    public function testConfigureRequest()
+    {
+        $Auth = new BasicController();
+        $Request = new JSON();
+        $this->assertEquals($Auth,$Auth->configureRequest($Request));
+        $headers = $Request->getHeaders();
+        $this->assertEquals("Basic ",$headers['Authorization']);
+        $Auth->setCredentials(array(
+            'username' => 'foo',
+            'password' => 'bar'
+        ));
+        $this->assertEquals($Auth,$Auth->configureRequest($Request));
+        $headers = $Request->getHeaders();
+        $this->assertEquals('Basic '.base64_encode("foo:bar"),$headers['Authorization']);
+    }
+
+}
diff --git a/tests/Auth/AbstractOAuth2ControllerTest.php b/tests/Auth/AbstractOAuth2ControllerTest.php
@@ -115,14 +115,16 @@ public function testInvalidToken(){
     /**
      * @depends testSetToken
      * @covers ::configureRequest
+     * @covers ::getAuthHeaderValue
      */
     public function testConfigure(){
         $Auth = new OAuth2Controller();
         $Class = new \ReflectionClass('MRussell\REST\Tests\Stubs\Auth\AuthController');
+        $Request = new JSON();
+        $this->assertEquals($Auth,$Auth->configureRequest($Request));
         $setToken = $Class->getMethod('setToken');
         $setToken->setAccessible(TRUE);
         $this->assertEquals($Auth,$setToken->invoke($Auth, $this->token));
-        $Request = new JSON();
         $Auth->configureRequest($Request);
         $headers = $Request->getHeaders();
         $this->assertNotEmpty($headers['Authorization']);

diff --git a/tests/Stubs/Auth/BasicController.php b/tests/Stubs/Auth/BasicController.php
@@ -0,0 +1,11 @@
+<?php
+
+namespace MRussell\REST\Tests\Stubs\Auth;
+
+
+use MRussell\REST\Auth\Abstracts\AbstractBasicController;
+
+class BasicController extends AbstractBasicController
+{
+
+}