public function testApiFiltersAreFirstBeforeFilters() { $route = new Route(['GET'], 'test', ['before' => ['foo', Route::API_FILTER_THROTTLE, Route::API_FILTER_AUTH], function () { return 'bar'; }]); $action = $route->getAction(); $this->assertEquals([Route::API_FILTER_AUTH, Route::API_FILTER_THROTTLE, 'foo'], $action['before']); }
/** * Add route lookups. * * @param \Dingo\Api\Routing\Route $route * * @return void */ protected function addLookups(Route $route) { $action = $route->getAction(); if (isset($action['as'])) { $this->names[$action['as']] = $route; } if (isset($action['controller'])) { $this->actions[$action['controller']] = $route; } }
/** * Perform rate limiting before a request is executed. * * @param \Dingo\Api\Routing\Route $route * @param \Illuminate\Http\Request $request * @param int $limit * @param int $expires * * @throws \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException * * @return mixed */ public function filter(Route $route, Request $request, $limit = 0, $expires = 0) { if ($this->requestIsInternal($request)) { return; } $limit = $route->getRateLimit($limit); $expires = $route->getLimitExpiration($expires); $this->limiter->rateLimitRequest($request, $limit, $expires); if (!$this->limiter->requestWasRateLimited()) { return; } $this->attachAfterFilter(); if ($this->limiter->exceededRateLimit()) { throw new AccessDeniedHttpException(); } }
public function testControllerDependenciesAreInjectedWhenControllerIsResolved() { $request = Request::create('test', 'GET'); $route = new Route(['GET'], 'test', ['uses' => function () { }]); $route->bind($request); $container = new Container(); $container['api.dispatcher'] = Mockery::mock('Dingo\\Api\\Dispatcher'); $container['api.auth'] = Mockery::mock('Dingo\\Api\\Auth\\Authenticator'); $container['api.response'] = Mockery::mock('Dingo\\Api\\Http\\ResponseFactory'); $dispatcher = new ControllerDispatcher(Mockery::mock('Illuminate\\Routing\\RouteFiltererInterface'), $container); $response = $dispatcher->dispatch($route, $request, 'Dingo\\Api\\Tests\\Stubs\\ControllerStub', 'getIndex'); $this->assertEquals('foo', $response); $this->assertInstanceOf('Dingo\\Api\\Http\\ResponseFactory', $_SERVER['ControllerDispatcherTestResponse']); $this->assertInstanceOf('Dingo\\Api\\Auth\\Authenticator', $_SERVER['ControllerDispatcherTestAuth']); $this->assertInstanceOf('Dingo\\Api\\Dispatcher', $_SERVER['ControllerDispatcherTestApi']); }
public function testControllerOptionsMergeAndOverrideRouteOptions() { $request = Request::create('foo', 'GET'); $route = new Route($this->adapter, $this->container, $request, ['uri' => 'foo', 'methods' => ['GET', 'HEAD'], 'action' => ['scopes' => ['foo', 'bar'], 'providers' => ['foo'], 'limit' => 5, 'expires' => 10, 'throttle' => 'Foo', 'version' => ['v1'], 'conditionalRequest' => false, 'uses' => 'Dingo\\Api\\Tests\\Stubs\\RoutingControllerStub@index']]); $this->assertEquals(['foo', 'bar', 'baz', 'bing'], $route->scopes(), 'Route did not setup scopes correctly.'); $this->assertEquals(['foo', 'red', 'black'], $route->getAuthProviders(), 'Route did not setup authentication providers correctly.'); $this->assertEquals(10, $route->getRateLimit(), 'Route did not setup rate limit correctly.'); $this->assertEquals(20, $route->getRateExpiration(), 'Route did not setup rate limit expiration correctly.'); $this->assertTrue($route->hasThrottle(), 'Route did not setup throttle correctly.'); $this->assertInstanceOf('Dingo\\Api\\Tests\\Stubs\\BasicThrottleStub', $route->getThrottle(), 'Route did not setup throttle correctly.'); }
/** * Validate a routes scopes. * * @param \League\OAuth2\Server\Entity\AccessTokenEntity $token * @param \Dingo\Api\Routing\Route $route * * @throws \League\OAuth2\Server\Exception\InvalidScopeException * * @return bool */ protected function validateRouteScopes(AccessTokenEntity $token, Route $route) { $scopes = $route->scopes(); if (empty($scopes)) { return true; } foreach ($scopes as $scope) { if ($token->hasScope($scope)) { return true; } } throw new InvalidScopeException($scope); }
/** * Revise the protected state of a controller method. * * @param \Dingo\Api\Routing\Route $action * @param \Illuminate\Routing\Controller $controller * @param string $method * * @return void */ protected function reviseProtection(Route $route, $controller, $method) { $properties = $controller->getProperties(); if (isset($properties['*']['protected'])) { $route->setProtected($properties['*']['protected']); } if (isset($properties[$method]['protected'])) { $route->setProtected($properties[$method]['protected']); } }
/** * Display the routes rate limiting requests per second. This takes the limit * and divides it by the expiration time in seconds to give you a rough * idea of how many requests you'd be able to fire off per second * on the route. * * @param \Dingo\Api\Routing\Route $route * * @return null|string */ protected function routeRateLimit($route) { list($limit, $expires) = [$route->getRateLimit(), $route->getRateLimitExpiration()]; if ($limit && $expires) { return sprintf('%s req/s', round($limit / ($expires * 60), 2)); } }
/** * Validate a route has all scopes. * * @param \League\OAuth2\Server\Entity\AccessTokenEntity $token * @param \Dingo\Api\Routing\Route $route * * @throws \League\OAuth2\Server\Exception\InvalidScopeException * * @return bool */ protected function validateAllRouteScopes(AccessTokenEntity $token, Route $route) { $scopes = $route->scopes(); foreach ($scopes as $scope) { if (!$token->hasScope($scope)) { throw new InvalidScopeException($scope); } } return true; }
/** * Indicates if a route is not protected. * * @param \Dingo\Api\Routing\Route $route * * @return bool */ protected function routeNotProtected(Route $route) { return !$route->isProtected(); }
/** * @param Route $route * @param array $scopes * @return bool */ private function handleScope(Route $route, $scopes = []) { if (!empty($scopes)) { if ($this->token->hasScope($scopes, $route->getService())) { return true; } $this->unauthorized('Invalid Scope', 'Permission Denied! Service [ ' . $route->getService() . ' ] requires scopes [' . implode(',', $route->getScopes()) . '] to access this resource.'); } return true; }
/** * Get the route information for a given route. * * @param Route $route * @return array */ protected function getRouteInformation(Route $route) { $uri = implode('|', $route->methods()) . ' ' . preg_replace('/^\\//', '', $route->uri()); return $this->filterRoute(array('host' => $route->domain(), 'uri' => $uri, 'name' => $route->getName(), 'action' => $route->getAction()['uses'], 'before' => '', 'after' => '', 'prefix' => 'api/' . $route->versions()[0], 'method' => $route->methods()[0])); }