From 9ce42c6b4186710a8b7f90aa6953407959cf9e8a Mon Sep 17 00:00:00 2001
From: yitznewton <yitznewton@hotmail.com>
Date: Wed, 26 Feb 2014 12:22:17 -0500
Subject: [PATCH] forbid multiple bearer auths

---
 .../Guzzle/Plugin/BearerAuth/BearerAuth.php   | 14 +++++-
 .../Plugin/BearerAuth/BearerAuthTest.php      | 46 +++++++++++++++++++
 .../OAuth2/Client/MockTokenRequestFactory.php | 18 ++++++++
 3 files changed, 76 insertions(+), 2 deletions(-)
 create mode 100644 tests/EasyBib/Tests/Guzzle/Plugin/BearerAuth/BearerAuthTest.php
 create mode 100644 tests/EasyBib/Tests/Mocks/OAuth2/Client/MockTokenRequestFactory.php

diff --git a/src/EasyBib/Guzzle/Plugin/BearerAuth/BearerAuth.php b/src/EasyBib/Guzzle/Plugin/BearerAuth/BearerAuth.php
index 41dfa0a..2eef2a5 100644
--- a/src/EasyBib/Guzzle/Plugin/BearerAuth/BearerAuth.php
+++ b/src/EasyBib/Guzzle/Plugin/BearerAuth/BearerAuth.php
@@ -20,6 +20,11 @@ class BearerAuth implements EventSubscriberInterface
      */
     private $session;
 
+    /**
+     * @var bool
+     */
+    private $headerAlreadySet = false;
+
     /**
      * @param AbstractSession $session
      */
@@ -44,16 +49,21 @@ public static function getSubscribedEvents()
      */
     public function onRequestBeforeSend(Event $event)
     {
+        if ($this->headerAlreadySet) {
+            return;
+        }
+
         $event['request']->setHeader(
             'Authorization',
             sprintf('Bearer %s', $this->session->getToken())
         );
+
+        $this->headerAlreadySet = true;
     }
 
     /**
      * @param Event $event
-     * @throws \Guzzle\Http\Exception\BadResponseException
-     * @throws \Guzzle\Http\Exception\BadResponseException
+     * @throws BadResponseException
      */
     public function onRequestException(Event $event)
     {
diff --git a/tests/EasyBib/Tests/Guzzle/Plugin/BearerAuth/BearerAuthTest.php b/tests/EasyBib/Tests/Guzzle/Plugin/BearerAuth/BearerAuthTest.php
new file mode 100644
index 0000000..e3c224b
--- /dev/null
+++ b/tests/EasyBib/Tests/Guzzle/Plugin/BearerAuth/BearerAuthTest.php
@@ -0,0 +1,46 @@
+<?php
+
+namespace EasyBib\Tests\Guzzle\Plugin\BearerAuth;
+
+use EasyBib\Guzzle\Plugin\BearerAuth\BearerAuth;
+use EasyBib\OAuth2\Client\SimpleSession;
+use Guzzle\Common\Event;
+use Guzzle\Http\Message\Request;
+use Symfony\Component\HttpFoundation\Session\Session;
+
+class BearerAuthTest extends \PHPUnit_Framework_TestCase
+{
+    /**
+     * @var \EasyBib\OAuth2\Client\SimpleSession
+     */
+    private $session;
+
+    public function setUp()
+    {
+        parent::setUp();
+
+        $this->session = $this->getMockBuilder('\EasyBib\OAuth2\Client\SimpleSession')
+            ->disableOriginalConstructor()
+            ->getMock();
+
+        $this->session->expects($this->any())
+            ->method('getToken')
+            ->will($this->returnValue('token_123'));
+    }
+
+    public function testMultipleSendsSetOnlyOneHeader()
+    {
+        $plugin = new BearerAuth($this->session);
+
+        $request = $this->getMockBuilder('\Guzzle\Http\Message\Request')
+            ->setConstructorArgs(['GET', '/'])
+            ->getMock();
+
+        $request->expects($this->once())
+            ->method('setHeader');
+
+        $event = new Event(['request' => $request]);
+        $plugin->onRequestBeforeSend($event);
+        $plugin->onRequestBeforeSend($event);
+    }
+}
diff --git a/tests/EasyBib/Tests/Mocks/OAuth2/Client/MockTokenRequestFactory.php b/tests/EasyBib/Tests/Mocks/OAuth2/Client/MockTokenRequestFactory.php
new file mode 100644
index 0000000..93f4e40
--- /dev/null
+++ b/tests/EasyBib/Tests/Mocks/OAuth2/Client/MockTokenRequestFactory.php
@@ -0,0 +1,18 @@
+<?php
+
+namespace EasyBib\Tests\Mocks\OAuth2\Client;
+
+use EasyBib\OAuth2\Client\TokenRequestFactoryInterface;
+use EasyBib\OAuth2\Client\TokenRequestInterface;
+
+class MockTokenRequestFactory implements TokenRequestFactoryInterface
+{
+    /**
+     * @throws \BadMethodCallException
+     * @return TokenRequestInterface
+     */
+    public function create()
+    {
+        throw new \BadMethodCallException('create() not yet implemented');
+    }
+}