/** * Authenticate user. * * @throws Mage_Webapi_Exception If authentication failed */ public function authenticate() { try { $consumer = $this->_oauthServer->authenticateTwoLegged(); $this->_roleLocator->setRoleId($consumer->getRoleId()); } catch (Exception $e) { throw new Mage_Webapi_Exception($this->_oauthServer->reportProblem($e), Mage_Webapi_Exception::HTTP_UNAUTHORIZED); } }
/** * Test two legged authentication */ public function testAuthenticateTwoLegged() { $testUserKey = 'foo_user'; $testUserSecret = 'bar_secret'; $testUrl = 'http://foo.bar/api/rest/v1/baz'; // Prepare signature and oAuth parameters $utility = new Zend_Oauth_Http_Utility(); $params = array('oauth_consumer_key' => $testUserKey, 'oauth_nonce' => $utility->generateNonce(), 'oauth_timestamp' => $utility->generateTimestamp(), 'oauth_version' => '1.0', 'oauth_signature_method' => Mage_Oauth_Model_Server::SIGNATURE_PLAIN); $params['oauth_signature'] = $utility->sign($params, Mage_Oauth_Model_Server::SIGNATURE_PLAIN, $testUserSecret, '', 'GET', $testUrl); $authHeader = $utility->toAuthorizationHeader($params); $this->_requestMock->expects($this->at(0))->method('getHeader')->with('Authorization')->will($this->returnValue($authHeader)); $this->_requestMock->expects($this->at(1))->method('getHeader')->with(Zend_Http_Client::CONTENT_TYPE)->will($this->returnValue('application/json')); $this->_requestMock->expects($this->any())->method('getScheme')->with()->will($this->returnValue(Zend_Controller_Request_Http::SCHEME_HTTP)); $this->_requestMock->expects($this->any())->method('getHttpHost')->with()->will($this->returnValue('foo.bar')); $this->_requestMock->expects($this->any())->method('getRequestUri')->with()->will($this->returnValue('/api/rest/v1/baz')); $userMock = $this->getMockBuilder('Mage_Webapi_Model_Acl_User')->setMethods(array('loadByKey', 'getId', 'getSecret'))->disableOriginalConstructor()->getMock(); $this->_consumerFactoryMock->expects($this->once())->method('create')->will($this->returnValue($userMock)); $userMock->expects($this->once())->method('loadByKey')->with($testUserKey)->will($this->returnSelf()); $userMock->expects($this->once())->method('getId')->with()->will($this->returnValue(1)); $userMock->expects($this->once())->method('getSecret')->with()->will($this->returnValue($testUserSecret)); $this->assertEquals($userMock, $this->_server->authenticateTwoLegged()); }