/** * @param int|null $integrationId * @param array $oauthRequest * @return void */ public function setupUserId($integrationId, $oauthRequest) { $integration = $this->getMockBuilder('Magento\\Integration\\Model\\Integration')->disableOriginalConstructor()->setMethods(['getId', '__wakeup'])->getMock(); $this->integrationService->expects($this->any())->method('findActiveIntegrationByConsumerId')->will($this->returnValue($integration)); $this->oauthRequestHelper->expects($this->once())->method('prepareRequest')->will($this->returnValue($oauthRequest)); $this->oauthService->expects($this->any())->method('validateAccessTokenRequest')->will($this->returnValue(1)); $integration->expects($this->any())->method('getId')->will($this->returnValue($integrationId)); }
/** * Set the selected resources, which is an array of resource ids. If everything is allowed, the * array will contain just the root resource id, which is "Magento_Backend::all". * * @return void */ protected function _construct() { parent::_construct(); $integrationData = $this->_coreRegistry->registry(IntegrationController::REGISTRY_KEY_CURRENT_INTEGRATION); if (is_array($integrationData) && isset($integrationData['integration_id']) && $integrationData['integration_id']) { $this->_selectedResources = $this->integrationService->getSelectedResources($integrationData['integration_id']); } else { $this->_selectedResources = []; } }
/** * {@inheritdoc} */ public function getUserId() { if ($this->integrationId) { return $this->integrationId; } $oauthRequest = $this->oauthHelper->prepareRequest($this->request); //If its not a valid Oauth request no further processing is needed if (empty($oauthRequest)) { return null; } $consumerId = $this->oauthService->validateAccessTokenRequest($oauthRequest, $this->oauthHelper->getRequestUrl($this->request), $this->request->getMethod()); $integration = $this->integrationService->findActiveIntegrationByConsumerId($consumerId); return $this->integrationId = $integration->getId() ? (int) $integration->getId() : null; }
public function testFindByConsumerIdNotFound() { $this->_emptyIntegrationMock->expects($this->any())->method('getData')->will($this->returnValue(null)); $this->_integrationMock->expects($this->once())->method('load')->with(self::VALUE_INTEGRATION_CONSUMER_ID, 'consumer_id')->will($this->returnValue($this->_emptyIntegrationMock)); $integration = $this->_service->findByConsumerId(1); $this->assertNull($integration->getData()); }
/** * @dataProvider getValidTokenData */ public function testValidToken($userType, $userId, $expectedUserType, $expectedUserId) { $bearerToken = 'bearer1234'; $this->request->expects($this->once())->method('getHeader')->with('Authorization')->will($this->returnValue("Bearer {$bearerToken}")); $token = $this->getMockBuilder('Magento\\Integration\\Model\\Oauth\\Token')->disableOriginalConstructor()->setMethods(['loadByToken', 'getId', 'getUserType', 'getCustomerId', 'getAdminId', '__wakeup'])->getMock(); $this->tokenFactory->expects($this->once())->method('create')->will($this->returnValue($token)); $token->expects($this->once())->method('loadByToken')->with($bearerToken)->will($this->returnSelf()); $token->expects($this->once())->method('getId')->will($this->returnValue(1)); $token->expects($this->once())->method('getUserType')->will($this->returnValue($userType)); $integration = $this->getMockBuilder('Magento\\Integration\\Model\\Integration')->disableOriginalConstructor()->setMethods(['getId', '__wakeup'])->getMock(); switch ($userType) { case UserContextInterface::USER_TYPE_INTEGRATION: $integration->expects($this->once())->method('getId')->will($this->returnValue($userId)); $this->integrationService->expects($this->once())->method('findByConsumerId')->will($this->returnValue($integration)); break; case UserContextInterface::USER_TYPE_ADMIN: $token->expects($this->once())->method('getAdminId')->will($this->returnValue($userId)); break; case UserContextInterface::USER_TYPE_CUSTOMER: $token->expects($this->once())->method('getCustomerId')->will($this->returnValue($userId)); break; } $this->assertEquals($expectedUserType, $this->tokenUserContext->getUserType()); $this->assertEquals($expectedUserId, $this->tokenUserContext->getUserId()); /* check again to make sure that the above methods were only called once */ $this->assertEquals($expectedUserType, $this->tokenUserContext->getUserType()); $this->assertEquals($expectedUserId, $this->tokenUserContext->getUserId()); }
/** * Check whether integration is inactive and don't allow using this integration in this case. * * It's ok that we break invocation chain since we're dealing with ACL here - if something is not allowed at any * point it couldn't be made allowed at some other point. * * @param \Magento\Authz\Service\AuthorizationV1 $subject * @param callable $proceed * @param mixed $resources * @param UserIdentifier $userIdentifier * * @return bool * @SuppressWarnings(PHPMD.UnusedFormalParameter) */ public function aroundIsAllowed(\Magento\Authz\Service\AuthorizationV1 $subject, \Closure $proceed, $resources, \Magento\Authz\Model\UserIdentifier $userIdentifier = null) { /** @var UserIdentifier $userIdentifierObject */ $userIdentifierObject = $userIdentifier ?: $this->_userIdentifier; if ($userIdentifierObject->getUserType() !== UserIdentifier::USER_TYPE_INTEGRATION) { return $proceed($resources, $userIdentifier); } try { $integration = $this->_integrationService->get($userIdentifierObject->getUserId()); } catch (\Exception $e) { // Wrong integration ID or DB not reachable or whatever - give up and don't allow just in case $this->_logger->logException($e); return false; } if ($integration->getStatus() !== Integration::STATUS_ACTIVE) { return false; } return $proceed($resources, $userIdentifier); }
/** * @param Token $token * @return void */ protected function setUserDataViaToken(Token $token) { $this->userType = $token->getUserType(); switch ($this->userType) { case UserContextInterface::USER_TYPE_INTEGRATION: $this->userId = $this->integrationService->findByConsumerId($token->getConsumerId())->getId(); $this->userType = UserContextInterface::USER_TYPE_INTEGRATION; break; case UserContextInterface::USER_TYPE_ADMIN: $this->userId = $token->getAdminId(); $this->userType = UserContextInterface::USER_TYPE_ADMIN; break; case UserContextInterface::USER_TYPE_CUSTOMER: $this->userId = $token->getCustomerId(); $this->userType = UserContextInterface::USER_TYPE_CUSTOMER; break; default: /* this is an unknown user type so reset the cached user type */ $this->userType = null; } }