Replace duck typing with DIP

kleijnweb · Feb 1, 2017 · 982545a · 982545a
1 parent 1d5c3ca
commit 982545a
Show file tree

Hide file tree

Showing 4 changed files with 40 additions and 24 deletions.
diff --git a/README.md b/README.md
@@ -176,6 +176,12 @@ class PreAuthenticatedUserProvider implements UserProviderInterface
 }
 ```
 
+### Assigning audience to user roles
+
+JwtBundle is can assign the audience claims in the JwtToken to the User objects user roles properties.
+
+In order to do this the User class needs to implement the `KleijnWeb\JwtBundle\User\UserInterface` interface
+
 ## License
 
 KleijnWeb\JwtBundle is made available under the terms of the [LGPL, version 3.0](https://spdx.org/licenses/LGPL-3.0.html#licenseText).
diff --git a/src/Authenticator/Authenticator.php b/src/Authenticator/Authenticator.php
@@ -12,7 +12,7 @@
 use Symfony\Component\Security\Core\Exception\AuthenticationException;
 use Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken;
 use Symfony\Component\HttpFoundation\Request;
-use Symfony\Component\Security\Core\User\UserInterface;
+use KleijnWeb\JwtBundle\User\UserInterface;
 use Symfony\Component\Security\Core\User\UserProviderInterface;
 use Symfony\Component\Security\Core\Exception\BadCredentialsException;
 
@@ -102,7 +102,9 @@ public function authenticateToken(TokenInterface $token, UserProviderInterface $
 
         $user = $userProvider->loadUserByUsername($jwtToken->getSubject());
 
-        $user = $this->setUserRolesFromAudienceClaims($user, $token);
+        if($user instanceof UserInterface) {
+            $user = $this->setUserRolesFromAudienceClaims($user, $token);
+        }
 
         return new PreAuthenticatedToken($user, $token, $providerKey, $user->getRoles());
     }
@@ -131,7 +133,7 @@ public function setUserRolesFromAudienceClaims(UserInterface $user, TokenInterfa
 
         foreach($credentials->getClaims() as $claimKey => $claimValue)
         {
-            if($claimKey === 'aud' && method_exists($user, 'addRole')) {
+            if($claimKey === 'aud') {
                 if(is_array($claimValue)) {
                     foreach($claimValue as $role) {
                         $user->addRole($role);

diff --git a/src/Tests/Authenticator/AuthenticatorTest.php b/src/Tests/Authenticator/AuthenticatorTest.php
@@ -10,10 +10,10 @@
 use KleijnWeb\JwtBundle\Authenticator\Authenticator;
 use KleijnWeb\JwtBundle\Authenticator\JwtKey;
 use KleijnWeb\JwtBundle\Authenticator\JwtToken;
+use KleijnWeb\JwtBundle\User\UserInterface;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken;
 use Symfony\Component\Security\Core\User\User;
-use KleijnWeb\JwtBundle\Tests\Classes\User as RoleAssignanleUser;
 
 /**
  * @author John Kleijn <john@kleijnweb.nl>
@@ -189,12 +189,16 @@ public function willAddRolesFromAudienceClaimsInToken()
     {
         $authenticator = new Authenticator($this->keys);
         $token         = $this->createToken(['aud' => 'guests']);
-        $user          = new RoleAssignanleUser('john', 'hi there');
+        $user          = $this->getMockBuilder(
+            UserInterface::class
+        )->getMockForAbstractClass();
         $token         = new PreAuthenticatedToken($user, $token, 'providerkey');
 
-        $result = $authenticator->setUserRolesFromAudienceClaims($user, $token);
+        $user->expects($this->once())
+            ->method('addRole')
+            ->with('guests');
 
-        $this->assertEquals(['guests'], $result->getRoles());
+        $authenticator->setUserRolesFromAudienceClaims($user, $token);
     }
 
     /**
@@ -204,27 +208,16 @@ public function willAddMultipleRolesFromAudienceClaimsInToken()
     {
         $authenticator = new Authenticator($this->keys);
         $token         = $this->createToken(['aud' => ['guests', 'users']]);
-        $user          = new RoleAssignanleUser('john', 'hi there');
-        $token         = new PreAuthenticatedToken($user, $token, 'providerkey');
-
-        $result = $authenticator->setUserRolesFromAudienceClaims($user, $token);
-
-        $this->assertEquals(['guests','users'], $result->getRoles());
-    }
+        $user          = $this->getMockBuilder(
+            UserInterface::class
+        )->getMockForAbstractClass();
 
-    /**
-     * @test
-     */
-    public function willNotAssignRolesIfUserClassHasNoAddRoleMethod()
-    {
-        $authenticator = new Authenticator($this->keys);
-        $token         = $this->createToken(['aud' => 'guests']);
-        $user          = new User('john', 'hi there');
         $token         = new PreAuthenticatedToken($user, $token, 'providerkey');
 
-        $result = $authenticator->setUserRolesFromAudienceClaims($user, $token);
+        $user->expects($this->exactly(2))
+            ->method('addRole');
 
-        $this->assertEquals([], $result->getRoles());
+        $authenticator->setUserRolesFromAudienceClaims($user, $token);
     }
 
     /**

diff --git a/src/User/UserInterface.php b/src/User/UserInterface.php
@@ -0,0 +1,15 @@
+<?php
+namespace KleijnWeb\JwtBundle\User;
+
+interface UserInterface extends \Symfony\Component\Security\Core\User\UserInterface
+{
+    /**
+     * @param array $roles
+     * @return mixed
+     */
+    public function setRoles($roles);
+
+    public function addRole($role);
+
+    public function removeRole($role);
+}