public function it_errors_on_invalid_passCode(Token $token)
{
$uuid = Uuid::uuid4();
$passCode = bin2hex(random_bytes(20));
$this->tokenRepository->getByUuid($uuid)->willReturn($token);
$token->getPassCode()->willReturn('nope');
$this->shouldThrow(LoginFailedException::invalidCredentials())->duringGetToken($uuid, $passCode);
}
public function getToken(UuidInterface $uuid, string $passCode) : Token
{
try {
$token = $this->tokenRepository->getByUuid($uuid);
} catch (NoUniqueResultException $exception) {
throw LoginFailedException::invalidToken($exception);
}
if (!hash_equals($token->getPassCode(), $passCode)) {
throw LoginFailedException::invalidCredentials();
}
if ($token->getExpires() < new \DateTimeImmutable()) {
throw LoginFailedException::invalidToken();
}
return $token;
}
public function getUserForToken(UuidInterface $tokenUuid, string $passCode) : User
{
try {
try {
$token = $this->tokenService->getToken($tokenUuid, $passCode);
} catch (NoUniqueResultException $exception) {
throw LoginFailedException::invalidToken($exception);
}
return $this->userRepository->getByUuid($token->getUserUuid());
} catch (\Throwable $exception) {
if ($exception instanceof AuthException) {
throw $exception;
}
$this->log(LogLevel::ERROR, $exception->getMessage());
throw LoginFailedException::systemError($exception);
}
}
public function it_handles_other_exceptions()
{
$tokenUuid = Uuid::uuid4();
$passCode = bin2hex(random_bytes(20));
$this->tokenService->getToken($tokenUuid, $passCode)->willThrow(new \Exception());
$this->shouldThrow(LoginFailedException::systemError())->duringGetUserForToken($tokenUuid, $passCode);
}
