/**
* {@inheritdoc}
*/
public function createCustomerAccessToken($username, $password)
{
$this->validatorHelper->validate($username, $password);
$this->getRequestThrottler()->throttle($username, RequestThrottler::USER_TYPE_CUSTOMER);
try {
$customerDataObject = $this->accountManagement->authenticate($username, $password);
} catch (\Exception $e) {
$this->getRequestThrottler()->logAuthenticationFailure($username, RequestThrottler::USER_TYPE_CUSTOMER);
throw new AuthenticationException(__('You did not sign in correctly or your account is temporarily disabled.'));
}
$this->getRequestThrottler()->resetAuthenticationFailuresCount($username, RequestThrottler::USER_TYPE_CUSTOMER);
return $this->tokenModelFactory->create()->createCustomerToken($customerDataObject->getId())->getToken();
}
/**
* {@inheritdoc}
*/
public function createAdminAccessToken($username, $password)
{
$this->validatorHelper->validate($username, $password);
$this->userModel->login($username, $password);
if (!$this->userModel->getId()) {
/*
* This message is same as one thrown in \Magento\Backend\Model\Auth to keep the behavior consistent.
* Constant cannot be created in Auth Model since it uses legacy translation that doesn't support it.
* Need to make sure that this is refactored once exception handling is updated in Auth Model.
*/
throw new AuthenticationException(__('You did not sign in correctly or your account is temporarily disabled.'));
}
return $this->tokenModelFactory->create()->createAdminToken($this->userModel->getId())->getToken();
}
/**
* @dataProvider getValidTokenData
*/
public function testValidToken($userType, $userId, $expectedUserType, $expectedUserId)
{
$bearerToken = 'bearer1234';
$this->request->expects($this->once())->method('getHeader')->with('Authorization')->will($this->returnValue("Bearer {$bearerToken}"));
$token = $this->getMockBuilder('Magento\\Integration\\Model\\Oauth\\Token')->disableOriginalConstructor()->setMethods(['loadByToken', 'getId', 'getUserType', 'getCustomerId', 'getAdminId', '__wakeup'])->getMock();
$this->tokenFactory->expects($this->once())->method('create')->will($this->returnValue($token));
$token->expects($this->once())->method('loadByToken')->with($bearerToken)->will($this->returnSelf());
$token->expects($this->once())->method('getId')->will($this->returnValue(1));
$token->expects($this->once())->method('getUserType')->will($this->returnValue($userType));
$integration = $this->getMockBuilder('Magento\\Integration\\Model\\Integration')->disableOriginalConstructor()->setMethods(['getId', '__wakeup'])->getMock();
switch ($userType) {
case UserContextInterface::USER_TYPE_INTEGRATION:
$integration->expects($this->once())->method('getId')->will($this->returnValue($userId));
$this->integrationService->expects($this->once())->method('findByConsumerId')->will($this->returnValue($integration));
break;
case UserContextInterface::USER_TYPE_ADMIN:
$token->expects($this->once())->method('getAdminId')->will($this->returnValue($userId));
break;
case UserContextInterface::USER_TYPE_CUSTOMER:
$token->expects($this->once())->method('getCustomerId')->will($this->returnValue($userId));
break;
}
$this->assertEquals($expectedUserType, $this->tokenUserContext->getUserType());
$this->assertEquals($expectedUserId, $this->tokenUserContext->getUserId());
/* check again to make sure that the above methods were only called once */
$this->assertEquals($expectedUserType, $this->tokenUserContext->getUserType());
$this->assertEquals($expectedUserId, $this->tokenUserContext->getUserId());
}
/**
* {@inheritdoc}
*/
public function postToConsumer($consumerId, $endpointUrl)
{
try {
$consumer = $this->loadConsumer($consumerId);
$consumer->setUpdatedAt($this->getDateHelper()->gmtDate());
$consumer->save();
if (!$consumer->getId()) {
throw new \Magento\Framework\Oauth\Exception(__('A consumer with ID %1 does not exist', $consumerId));
}
$consumerData = $consumer->getData();
$verifier = $this->_tokenFactory->create()->createVerifierToken($consumerId);
$storeBaseUrl = $this->_storeManager->getStore()->getBaseUrl();
$this->_httpClient->setUri($endpointUrl);
$this->_httpClient->setParameterPost(['oauth_consumer_key' => $consumerData['key'], 'oauth_consumer_secret' => $consumerData['secret'], 'store_base_url' => $storeBaseUrl, 'oauth_verifier' => $verifier->getVerifier()]);
$maxredirects = $this->_dataHelper->getConsumerPostMaxRedirects();
$timeout = $this->_dataHelper->getConsumerPostTimeout();
$this->_httpClient->setConfig(['maxredirects' => $maxredirects, 'timeout' => $timeout]);
$this->_httpClient->request(\Magento\Framework\HTTP\ZendClient::POST);
return $verifier->getVerifier();
} catch (\Magento\Framework\Exception\LocalizedException $exception) {
throw $exception;
} catch (\Magento\Framework\Oauth\Exception $exception) {
throw $exception;
} catch (\Exception $exception) {
$this->_logger->critical($exception);
throw new \Magento\Framework\Oauth\Exception(__('Unable to post data to consumer due to an unexpected error'));
}
}
protected function setUp()
{
$this->_consumerFactory = $this->getMockBuilder('Magento\\Integration\\Model\\Oauth\\Consumer\\Factory')->disableOriginalConstructor()->getMock();
$this->_consumerMock = $this->getMockBuilder('Magento\\Integration\\Model\\Oauth\\Consumer')->disableOriginalConstructor()->getMock();
$this->_consumerFactory->expects($this->any())->method('create')->will($this->returnValue($this->_consumerMock));
$this->_tokenFactory = $this->getMockBuilder('Magento\\Integration\\Model\\Oauth\\TokenFactory')->disableOriginalConstructor()->setMethods(['create'])->getMock();
$this->_tokenMock = $this->getMockBuilder('Magento\\Integration\\Model\\Oauth\\Token')->disableOriginalConstructor()->getMock();
$this->_tokenFactory->expects($this->any())->method('create')->will($this->returnValue($this->_tokenMock));
$this->_storeManagerMock = $this->getMockBuilder('Magento\\Framework\\Store\\StoreManagerInterface')->disableOriginalConstructor()->getMockForAbstractClass();
$this->_storeMock = $this->getMockBuilder('Magento\\Store\\Model\\Store')->disableOriginalConstructor()->getMock();
$this->_storeManagerMock->expects($this->any())->method('getStore')->will($this->returnValue($this->_storeMock));
$this->_dataHelper = $this->getMockBuilder('Magento\\Integration\\Helper\\Oauth\\Data')->disableOriginalConstructor()->getMock();
$oauthHelperMock = $this->getMockBuilder('Magento\\Framework\\Oauth\\Helper\\Oauth')->disableOriginalConstructor()->getMock();
$tokenProviderMock = $this->getMockBuilder('Magento\\Integration\\Model\\Oauth\\Token\\Provider')->disableOriginalConstructor()->getMock();
$this->_httpClientMock = $this->getMockBuilder('Magento\\Framework\\HTTP\\ZendClient')->disableOriginalConstructor()->getMock();
$this->_loggerMock = $this->getMockBuilder('Psr\\Log\\LoggerInterface')->getMock();
$this->_oauthService = new \Magento\Integration\Service\V1\Oauth($this->_storeManagerMock, $this->_consumerFactory, $this->_tokenFactory, $this->_dataHelper, $this->_httpClientMock, $this->_loggerMock, $oauthHelperMock, $tokenProviderMock);
}
/**
* Load token object given a consumer Id.
*
* @param int $consumerId - The Id of the consumer.
* @return Token
* @throws \Magento\Framework\Oauth\Exception
*/
public function getIntegrationTokenByConsumerId($consumerId)
{
/** @var \Magento\Integration\Model\Oauth\Token $token */
$token = $this->_tokenFactory->create();
$token->loadByConsumerIdAndUserType($consumerId, UserContextInterface::USER_TYPE_INTEGRATION);
if (!$token->getId()) {
throw new \Magento\Framework\Oauth\Exception(__('A token with consumer ID %1 does not exist', [$consumerId]));
}
return $token;
}
public function testCreateAccessTokenInvalidConsumerId()
{
$this->_consumerMock->expects($this->any())->method('load')->with(0)->will($this->returnValue($this->_consumerMock));
$this->_tokenProviderMock->expects($this->any())->method('getIntegrationTokenByConsumerId')->will($this->throwException(new \Magento\Framework\Oauth\Exception('A token with consumer ID 0 does not exist')));
$this->_tokenMock->expects($this->never())->method('delete');
$this->_tokenFactoryMock->expects($this->once())->method('create')->will($this->returnValue($this->_tokenMock));
$this->_tokenMock->expects($this->once())->method('createVerifierToken');
$this->_tokenProviderMock->expects($this->once())->method('createRequestToken');
$this->_tokenProviderMock->expects($this->once())->method('getAccessToken');
$this->assertTrue($this->_service->createAccessToken(0, false));
}
public function setUp()
{
$this->_consumerFactory = $this->getMockBuilder('Magento\\Integration\\Model\\Oauth\\ConsumerFactory')->disableOriginalConstructor()->setMethods(['create'])->getMock();
$this->_consumerMock = $this->getMockBuilder('Magento\\Integration\\Model\\Oauth\\Consumer')->disableOriginalConstructor()->setMethods(['getCreatedAt', 'loadByKey', 'load', 'getId', 'getSecret', 'getCallbackUrl', 'save', 'getData', 'isValidForTokenExchange', '__wakeup'])->getMock();
$this->_consumerFactory->expects($this->any())->method('create')->will($this->returnValue($this->_consumerMock));
$this->_nonceFactory = $this->getMockBuilder('Magento\\Integration\\Model\\Oauth\\NonceFactory')->disableOriginalConstructor()->setMethods(['create'])->getMock();
$this->_tokenFactory = $this->getMockBuilder('Magento\\Integration\\Model\\Oauth\\TokenFactory')->disableOriginalConstructor()->setMethods(['create'])->getMock();
$this->_tokenMock = $this->getMockBuilder('Magento\\Integration\\Model\\Oauth\\Token')->disableOriginalConstructor()->setMethods(['getId', 'load', 'getType', 'createRequestToken', 'getToken', 'getSecret', 'createVerifierToken', 'getVerifier', 'getConsumerId', 'convertToAccess', 'getRevoked', 'getResource', 'loadByConsumerIdAndUserType', '__wakeup'])->getMock();
$this->_tokenFactory->expects($this->any())->method('create')->will($this->returnValue($this->_tokenMock));
$this->_oauthHelperMock = $this->getMockBuilder('Magento\\Framework\\Oauth\\Helper\\Oauth')->setConstructorArgs([new \Magento\Framework\Math\Random()])->getMock();
$this->_httpUtilityMock = $this->getMockBuilder('Zend_Oauth_Http_Utility')->setMethods(['sign'])->getMock();
$this->_dateMock = $this->getMockBuilder('Magento\\Framework\\Stdlib\\DateTime\\DateTime')->disableOriginalConstructor()->getMock();
$this->_loggerMock = $this->getMockBuilder('Psr\\Log\\LoggerInterface')->disableOriginalConstructor()->getMock();
$nonceGenerator = new \Magento\Integration\Model\Oauth\Nonce\Generator($this->_oauthHelperMock, $this->_nonceFactory, $this->_dateMock);
$tokenProvider = new \Magento\Integration\Model\Oauth\Token\Provider($this->_consumerFactory, $this->_tokenFactory, $this->_loggerMock);
$this->_oauth = new \Magento\Framework\Oauth\Oauth($this->_oauthHelperMock, $nonceGenerator, $tokenProvider, $this->_httpUtilityMock);
$this->_oauthToken = $this->_generateRandomString(\Magento\Framework\Oauth\Helper\Oauth::LENGTH_TOKEN);
$this->_oauthSecret = $this->_generateRandomString(\Magento\Framework\Oauth\Helper\Oauth::LENGTH_TOKEN_SECRET);
$this->_oauthVerifier = $this->_generateRandomString(\Magento\Framework\Oauth\Helper\Oauth::LENGTH_TOKEN_VERIFIER);
}
/**
* {@inheritdoc}
*/
public function createAdminAccessToken($username, $password)
{
$this->validatorHelper->validateCredentials($username, $password);
try {
$this->userModel->login($username, $password);
if (!$this->userModel->getId()) {
/*
* This message is same as one thrown in \Magento\Backend\Model\Auth to keep the behavior consistent.
* Constant cannot be created in Auth Model since it uses legacy translation that doesn't support it.
* Need to make sure that this is refactored once exception handling is updated in Auth Model.
*/
throw new AuthenticationException('Please correct the user name or password.');
}
} catch (\Magento\Backend\Model\Auth\Exception $e) {
throw new AuthenticationException($e->getMessage(), [], $e);
} catch (\Magento\Framework\Model\Exception $e) {
throw new LocalizedException($e->getMessage(), [], $e);
}
return $this->tokenModelFactory->create()->createAdminToken($this->userModel->getId())->getToken();
}
/**
* @expectedException \Magento\Framework\Oauth\Exception
* @expectedExceptionMessage Access token has been revoked
*/
public function testValidateAccessTokenRevoked()
{
$accessTokenString = '12345678901234567890123456789012';
$tokenId = 1;
$consumerId = 1;
$this->accessTokenMock->expects($this->once())->method('load')->with($accessTokenString, 'token')->willReturnSelf();
$this->tokenFactoryMock->expects($this->once())->method('create')->willReturn($this->accessTokenMock);
$this->accessTokenMock->expects($this->any())->method('getId')->willReturn($tokenId);
$this->accessTokenMock->expects($this->any())->method('getConsumerId')->willReturn($consumerId);
$this->consumerFactoryMock->expects($this->any())->method('create')->willReturn($this->consumerMock);
$this->consumerMock->expects($this->any())->method('load')->willReturnSelf();
$this->consumerMock->expects($this->any())->method('getId')->willReturn($consumerId);
$this->accessTokenMock->expects($this->once())->method('getType')->willReturn(Token::TYPE_ACCESS);
$this->accessTokenMock->expects($this->once())->method('getRevoked')->willReturn(1);
$this->tokenProvider->validateAccessToken($accessTokenString);
}
/**
* {@inheritdoc}
*/
public function createCustomerAccessToken($username, $password)
{
$this->validatorHelper->validateCredentials($username, $password);
$customerDataObject = $this->accountManagement->authenticate($username, $password);
return $this->tokenModelFactory->create()->createCustomerToken($customerDataObject->getId())->getToken();
}
