Example #1
0
 public function testApiFiltersAreFirstBeforeFilters()
 {
     $route = new Route(['GET'], 'test', ['before' => ['foo', Route::API_FILTER_THROTTLE, Route::API_FILTER_AUTH], function () {
         return 'bar';
     }]);
     $action = $route->getAction();
     $this->assertEquals([Route::API_FILTER_AUTH, Route::API_FILTER_THROTTLE, 'foo'], $action['before']);
 }
Example #2
0
 /**
  * Add route lookups.
  *
  * @param \Dingo\Api\Routing\Route $route
  *
  * @return void
  */
 protected function addLookups(Route $route)
 {
     $action = $route->getAction();
     if (isset($action['as'])) {
         $this->names[$action['as']] = $route;
     }
     if (isset($action['controller'])) {
         $this->actions[$action['controller']] = $route;
     }
 }
Example #3
0
 /**
  * Perform rate limiting before a request is executed.
  *
  * @param \Dingo\Api\Routing\Route $route
  * @param \Illuminate\Http\Request $request
  * @param int                      $limit
  * @param int                      $expires
  *
  * @throws \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
  *
  * @return mixed
  */
 public function filter(Route $route, Request $request, $limit = 0, $expires = 0)
 {
     if ($this->requestIsInternal($request)) {
         return;
     }
     $limit = $route->getRateLimit($limit);
     $expires = $route->getLimitExpiration($expires);
     $this->limiter->rateLimitRequest($request, $limit, $expires);
     if (!$this->limiter->requestWasRateLimited()) {
         return;
     }
     $this->attachAfterFilter();
     if ($this->limiter->exceededRateLimit()) {
         throw new AccessDeniedHttpException();
     }
 }
Example #4
0
 public function testControllerDependenciesAreInjectedWhenControllerIsResolved()
 {
     $request = Request::create('test', 'GET');
     $route = new Route(['GET'], 'test', ['uses' => function () {
     }]);
     $route->bind($request);
     $container = new Container();
     $container['api.dispatcher'] = Mockery::mock('Dingo\\Api\\Dispatcher');
     $container['api.auth'] = Mockery::mock('Dingo\\Api\\Auth\\Authenticator');
     $container['api.response'] = Mockery::mock('Dingo\\Api\\Http\\ResponseFactory');
     $dispatcher = new ControllerDispatcher(Mockery::mock('Illuminate\\Routing\\RouteFiltererInterface'), $container);
     $response = $dispatcher->dispatch($route, $request, 'Dingo\\Api\\Tests\\Stubs\\ControllerStub', 'getIndex');
     $this->assertEquals('foo', $response);
     $this->assertInstanceOf('Dingo\\Api\\Http\\ResponseFactory', $_SERVER['ControllerDispatcherTestResponse']);
     $this->assertInstanceOf('Dingo\\Api\\Auth\\Authenticator', $_SERVER['ControllerDispatcherTestAuth']);
     $this->assertInstanceOf('Dingo\\Api\\Dispatcher', $_SERVER['ControllerDispatcherTestApi']);
 }
Example #5
0
 public function testControllerOptionsMergeAndOverrideRouteOptions()
 {
     $request = Request::create('foo', 'GET');
     $route = new Route($this->adapter, $this->container, $request, ['uri' => 'foo', 'methods' => ['GET', 'HEAD'], 'action' => ['scopes' => ['foo', 'bar'], 'providers' => ['foo'], 'limit' => 5, 'expires' => 10, 'throttle' => 'Foo', 'version' => ['v1'], 'conditionalRequest' => false, 'uses' => 'Dingo\\Api\\Tests\\Stubs\\RoutingControllerStub@index']]);
     $this->assertEquals(['foo', 'bar', 'baz', 'bing'], $route->scopes(), 'Route did not setup scopes correctly.');
     $this->assertEquals(['foo', 'red', 'black'], $route->getAuthProviders(), 'Route did not setup authentication providers correctly.');
     $this->assertEquals(10, $route->getRateLimit(), 'Route did not setup rate limit correctly.');
     $this->assertEquals(20, $route->getRateExpiration(), 'Route did not setup rate limit expiration correctly.');
     $this->assertTrue($route->hasThrottle(), 'Route did not setup throttle correctly.');
     $this->assertInstanceOf('Dingo\\Api\\Tests\\Stubs\\BasicThrottleStub', $route->getThrottle(), 'Route did not setup throttle correctly.');
 }
Example #6
0
 /**
  * Validate a routes scopes.
  *
  * @param \League\OAuth2\Server\Entity\AccessTokenEntity $token
  * @param \Dingo\Api\Routing\Route                       $route
  *
  * @throws \League\OAuth2\Server\Exception\InvalidScopeException
  *
  * @return bool
  */
 protected function validateRouteScopes(AccessTokenEntity $token, Route $route)
 {
     $scopes = $route->scopes();
     if (empty($scopes)) {
         return true;
     }
     foreach ($scopes as $scope) {
         if ($token->hasScope($scope)) {
             return true;
         }
     }
     throw new InvalidScopeException($scope);
 }
Example #7
0
 /**
  * Revise the protected state of a controller method.
  *
  * @param \Dingo\Api\Routing\Route       $action
  * @param \Illuminate\Routing\Controller $controller
  * @param string                         $method
  *
  * @return void
  */
 protected function reviseProtection(Route $route, $controller, $method)
 {
     $properties = $controller->getProperties();
     if (isset($properties['*']['protected'])) {
         $route->setProtected($properties['*']['protected']);
     }
     if (isset($properties[$method]['protected'])) {
         $route->setProtected($properties[$method]['protected']);
     }
 }
Example #8
0
 /**
  * Display the routes rate limiting requests per second. This takes the limit
  * and divides it by the expiration time in seconds to give you a rough
  * idea of how many requests you'd be able to fire off per second
  * on the route.
  *
  * @param \Dingo\Api\Routing\Route $route
  *
  * @return null|string
  */
 protected function routeRateLimit($route)
 {
     list($limit, $expires) = [$route->getRateLimit(), $route->getRateLimitExpiration()];
     if ($limit && $expires) {
         return sprintf('%s req/s', round($limit / ($expires * 60), 2));
     }
 }
Example #9
0
 /**
  * Validate a route has all scopes.
  *
  * @param \League\OAuth2\Server\Entity\AccessTokenEntity $token
  * @param \Dingo\Api\Routing\Route                       $route
  *
  * @throws \League\OAuth2\Server\Exception\InvalidScopeException
  *
  * @return bool
  */
 protected function validateAllRouteScopes(AccessTokenEntity $token, Route $route)
 {
     $scopes = $route->scopes();
     foreach ($scopes as $scope) {
         if (!$token->hasScope($scope)) {
             throw new InvalidScopeException($scope);
         }
     }
     return true;
 }
Example #10
0
 /**
  * Indicates if a route is not protected.
  *
  * @param \Dingo\Api\Routing\Route $route
  *
  * @return bool
  */
 protected function routeNotProtected(Route $route)
 {
     return !$route->isProtected();
 }
Example #11
0
 /**
  * @param Route $route
  * @param array $scopes
  * @return bool
  */
 private function handleScope(Route $route, $scopes = [])
 {
     if (!empty($scopes)) {
         if ($this->token->hasScope($scopes, $route->getService())) {
             return true;
         }
         $this->unauthorized('Invalid Scope', 'Permission Denied! Service [ ' . $route->getService() . ' ] requires scopes [' . implode(',', $route->getScopes()) . '] to access this resource.');
     }
     return true;
 }
Example #12
0
 /**
  * Get the route information for a given route.
  *
  * @param  Route  $route
  * @return array
  */
 protected function getRouteInformation(Route $route)
 {
     $uri = implode('|', $route->methods()) . ' ' . preg_replace('/^\\//', '', $route->uri());
     return $this->filterRoute(array('host' => $route->domain(), 'uri' => $uri, 'name' => $route->getName(), 'action' => $route->getAction()['uses'], 'before' => '', 'after' => '', 'prefix' => 'api/' . $route->versions()[0], 'method' => $route->methods()[0]));
 }