Adding tests to login endpoint modifications.

krulis-martin · krulis-martin · commit 527f0b94f784 · 2026-01-29T15:57:39.000+01:00
diff --git a/app/V1Module/presenters/UsersPresenter.php b/app/V1Module/presenters/UsersPresenter.php
@@ -831,6 +831,7 @@ public function actionInvalidateTokens(string $id)
 
         $this->sendSuccessResponse(
             [
+                "user" => $this->userViewFactory->getUser($user),
                 "accessToken" => $user === $this->getCurrentUser() ? $this->accessManager->issueRefreshedToken(
                     $token
                 ) : null
diff --git a/tests/Presenters/LoginPresenter.phpt b/tests/Presenters/LoginPresenter.phpt
@@ -85,7 +85,8 @@ class TestLoginPresenter extends Tester\TestCase
         $events = $this->presenter->securityEvents->findAll();
         Assert::count(0, $events);
 
-        $request = new Request(
+        $payload = PresenterTestHelper::performPresenterRequest(
+            $this->presenter,
             "V1:Login",
             "POST",
             ["action" => "default"],
@@ -95,16 +96,47 @@ class TestLoginPresenter extends Tester\TestCase
             ]
         );
 
-        /** @var JsonResponse $response */
-        $response = $this->presenter->run($request);
-        Assert::type(JsonResponse::class, $response);
-        $result = $response->getPayload();
+        $user = $this->presenter->users->getByEmail($this->userLogin);
+        Assert::same($user->getId(), $payload["user"]["id"]);
+        Assert::true($this->presenter->user->isLoggedIn());
 
-        Assert::same(200, $result["code"]);
-        Assert::true(array_key_exists("accessToken", $result["payload"]));
-        Assert::same($this->presenter->users->getByEmail($this->userLogin)->getId(), $result["payload"]["user"]["id"]);
+        Assert::true(array_key_exists("accessToken", $payload));
+        $token = $this->presenter->accessManager->decodeToken($payload["accessToken"]);
+        Assert::same($user->getId(), $token->getUserId());
+        Assert::same($this->presenter->accessManager->getExpiration(), $token->getExpirationTime());
+
+        $events = $this->presenter->securityEvents->findAll();
+        Assert::count(1, $events);
+        Assert::equal(SecurityEvent::TYPE_LOGIN, $events[0]->getType());
+        Assert::equal($this->presenter->user->getId(), $events[0]->getUser()->getId());
+    }
+
+    public function testLoginRestrictedExpiration()
+    {
+        $events = $this->presenter->securityEvents->findAll();
+        Assert::count(0, $events);
+
+        $payload = PresenterTestHelper::performPresenterRequest(
+            $this->presenter,
+            "V1:Login",
+            "POST",
+            ["action" => "default"],
+            [
+                "username" => $this->userLogin,
+                "password" => $this->userPassword,
+                "expiration" => 10,
+            ]
+        );
+
+        $user = $this->presenter->users->getByEmail($this->userLogin);
+        Assert::same($user->getId(), $payload["user"]["id"]);
         Assert::true($this->presenter->user->isLoggedIn());
 
+        Assert::true(array_key_exists("accessToken", $payload));
+        $token = $this->presenter->accessManager->decodeToken($payload["accessToken"]);
+        Assert::same($user->getId(), $token->getUserId());
+        Assert::same(10, $token->getExpirationTime());
+
         $events = $this->presenter->securityEvents->findAll();
         Assert::count(1, $events);
         Assert::equal(SecurityEvent::TYPE_LOGIN, $events[0]->getType());
@@ -171,10 +203,66 @@ class TestLoginPresenter extends Tester\TestCase
         $result = $response->getPayload();
 
         Assert::same(200, $result["code"]);
+        Assert::equal($user->getId(), $result["payload"]["user"]["id"]);
+        Assert::true($this->presenter->user->isLoggedIn());
+
         Assert::true(array_key_exists("accessToken", $result["payload"]));
+        $token = $this->presenter->accessManager->decodeToken($result["payload"]["accessToken"]);
+        Assert::same($user->getId(), $token->getUserId());
+        Assert::same($this->presenter->accessManager->getExpiration(), $token->getExpirationTime());
+
+        $events = $this->presenter->securityEvents->findAll();
+        Assert::count(1, $events);
+        Assert::equal(SecurityEvent::TYPE_LOGIN_EXTERNAL, $events[0]->getType());
+        Assert::equal($user->getId(), $events[0]->getUser()->getId());
+    }
+
+    public function testLoginExternalRestrictedExpiration()
+    {
+        $events = $this->presenter->securityEvents->findAll();
+        Assert::count(0, $events);
+
+        $authenticator = new ExternalServiceAuthenticator(
+            [[
+                'name' => 'test-cas',
+                'jwtSecret' => 'tajnyRetezec',
+            ]],
+            $this->externalLogins,
+            $this->users,
+            $this->logins,
+            $this->instances,
+            $this->emailVerificationHelper,
+            $this->failureHelper
+        );
+
+        $user = $this->presenter->users->getByEmail($this->userLogin);
+
+        $payload = [
+            'iat' => time(),
+            'id' => 'external-id-1',
+            'mail' => $this->userLogin,
+            'firstName' => $user->getFirstName(),
+            'lastName' => $user->getLastName(),
+        ];
+        $token = JWT::encode($payload, 'tajnyRetezec', "HS256");
+
+        $this->presenter->externalServiceAuthenticator = $authenticator;
+
+        $request = new Request("V1:Login", "POST", ["action" => "external", "authenticatorName" => "test-cas"], ['token' => $token, 'expiration' => 15]);
+
+        $response = $this->presenter->run($request);
+        Assert::type(JsonResponse::class, $response);
+        $result = $response->getPayload();
+
+        Assert::same(200, $result["code"]);
         Assert::equal($user->getId(), $result["payload"]["user"]["id"]);
         Assert::true($this->presenter->user->isLoggedIn());
 
+        Assert::true(array_key_exists("accessToken", $result["payload"]));
+        $token = $this->presenter->accessManager->decodeToken($result["payload"]["accessToken"]);
+        Assert::same($user->getId(), $token->getUserId());
+        Assert::same(15, $token->getExpirationTime());
+
         $events = $this->presenter->securityEvents->findAll();
         Assert::count(1, $events);
         Assert::equal(SecurityEvent::TYPE_LOGIN_EXTERNAL, $events[0]->getType());

Original file line number	Diff line number	Diff line change
`@@ -831,6 +831,7 @@ public function actionInvalidateTokens(string $id)`
`831`	`831`
`832`	`832`	`$this->sendSuccessResponse(`
`833`	`833`	`[`
	`834`	`+ "user" => $this->userViewFactory->getUser($user),`
`834`	`835`	`"accessToken" => $user === $this->getCurrentUser() ? $this->accessManager->issueRefreshedToken(`
`835`	`836`	`$token`
`836`	`837`	`) : null`