public function it_errors_on_invalid_passCode(Token $token) { $uuid = Uuid::uuid4(); $passCode = bin2hex(random_bytes(20)); $this->tokenRepository->getByUuid($uuid)->willReturn($token); $token->getPassCode()->willReturn('nope'); $this->shouldThrow(LoginFailedException::invalidCredentials())->duringGetToken($uuid, $passCode); }
public function getToken(UuidInterface $uuid, string $passCode) : Token { try { $token = $this->tokenRepository->getByUuid($uuid); } catch (NoUniqueResultException $exception) { throw LoginFailedException::invalidToken($exception); } if (!hash_equals($token->getPassCode(), $passCode)) { throw LoginFailedException::invalidCredentials(); } if ($token->getExpires() < new \DateTimeImmutable()) { throw LoginFailedException::invalidToken(); } return $token; }
public function getUserForToken(UuidInterface $tokenUuid, string $passCode) : User { try { try { $token = $this->tokenService->getToken($tokenUuid, $passCode); } catch (NoUniqueResultException $exception) { throw LoginFailedException::invalidToken($exception); } return $this->userRepository->getByUuid($token->getUserUuid()); } catch (\Throwable $exception) { if ($exception instanceof AuthException) { throw $exception; } $this->log(LogLevel::ERROR, $exception->getMessage()); throw LoginFailedException::systemError($exception); } }
public function it_handles_other_exceptions() { $tokenUuid = Uuid::uuid4(); $passCode = bin2hex(random_bytes(20)); $this->tokenService->getToken($tokenUuid, $passCode)->willThrow(new \Exception()); $this->shouldThrow(LoginFailedException::systemError())->duringGetUserForToken($tokenUuid, $passCode); }