public function it_cant_get_an_expired_token(Token $token)
{
$uuid = Uuid::uuid4();
$passCode = bin2hex(random_bytes(20));
$this->tokenRepository->getByUuid($uuid)->willReturn($token);
$token->getPassCode()->willReturn($passCode);
$token->getExpires()->willReturn(new \DateTimeImmutable('-42 seconds'));
$this->shouldThrow(LoginFailedException::invalidToken())->duringGetToken($uuid, $passCode);
}
public function getToken(UuidInterface $uuid, string $passCode) : Token
{
try {
$token = $this->tokenRepository->getByUuid($uuid);
} catch (NoUniqueResultException $exception) {
throw LoginFailedException::invalidToken($exception);
}
if (!hash_equals($token->getPassCode(), $passCode)) {
throw LoginFailedException::invalidCredentials();
}
if ($token->getExpires() < new \DateTimeImmutable()) {
throw LoginFailedException::invalidToken();
}
return $token;
}
public function getUserForToken(UuidInterface $tokenUuid, string $passCode) : User
{
try {
try {
$token = $this->tokenService->getToken($tokenUuid, $passCode);
} catch (NoUniqueResultException $exception) {
throw LoginFailedException::invalidToken($exception);
}
return $this->userRepository->getByUuid($token->getUserUuid());
} catch (\Throwable $exception) {
if ($exception instanceof AuthException) {
throw $exception;
}
$this->log(LogLevel::ERROR, $exception->getMessage());
throw LoginFailedException::systemError($exception);
}
}
public function it_errors_on_invalid_token()
{
$tokenUuid = Uuid::uuid4();
$passCode = bin2hex(random_bytes(20));
$this->tokenService->getToken($tokenUuid, $passCode)->willThrow(new NoUniqueResultException());
$this->shouldThrow(LoginFailedException::invalidToken())->duringGetUserForToken($tokenUuid, $passCode);
}