markitosgv · markitosgv · Jul 16, 2021 · Jul 14, 2021
diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml
@@ -46,6 +46,13 @@ jobs:
           extensions: curl, iconv, mbstring, mongodb, pdo, pdo_sqlite, sqlite, zip
           coverage: none
 
+      - name: Setup MongoDB
+        id: setup-mongodb
+        uses: mongodb-labs/drivers-evergreen-tools@master
+        with:
+          version: 4.4
+          topology: server
+
       - name: Install dependencies
         run: |
           composer global require --no-scripts --no-plugins symfony/flex
@@ -58,3 +65,5 @@ jobs:
 
       - name: Run PHPUnit
         run: bin/phpunit --verbose
+        env:
+          DOCTRINE_MONGODB_SERVER: ${{ steps.setup-mongodb.outputs.cluster-uri }}
diff --git a/Document/RefreshTokenRepository.php b/Document/RefreshTokenRepository.php
@@ -4,7 +4,7 @@
 
 use Doctrine\ODM\MongoDB\DocumentRepository;
 use Doctrine\ODM\MongoDB\Repository\DocumentRepository as MongoDBDocumentRepository;
-use Gesdinet\JWTRefreshTokenBundle\Service\RefreshToken;
+use Gesdinet\JWTRefreshTokenBundle\Model\RefreshTokenInterface;
 
 if (class_exists(MongoDBDocumentRepository::class)) {
     // Support for doctrine/mongodb-odm >= 2.0
@@ -18,18 +18,12 @@ class BaseRepository extends DocumentRepository
     }
 }
 
-/**
- * RefreshTokenRepository.
- *
- * This class was generated by the Doctrine ORM. Add your own custom
- * repository methods below.
- */
 class RefreshTokenRepository extends BaseRepository
 {
     /**
-     * @param null $datetime
+     * @param \DateTimeInterface|null $datetime
      *
-     * @return RefreshToken[]
+     * @return RefreshTokenInterface[]
      */
     public function findInvalid($datetime = null)
     {

diff --git a/Entity/RefreshTokenRepository.php b/Entity/RefreshTokenRepository.php
@@ -3,19 +3,14 @@
 namespace Gesdinet\JWTRefreshTokenBundle\Entity;
 
 use Doctrine\ORM\EntityRepository;
+use Gesdinet\JWTRefreshTokenBundle\Model\RefreshTokenInterface;
 
-/**
- * RefreshTokenRepository.
- *
- * This class was generated by the Doctrine ORM. Add your own custom
- * repository methods below.
- */
 class RefreshTokenRepository extends EntityRepository
 {
     /**
-     * @param null $datetime
+     * @param \DateTimeInterface|null $datetime
      *
-     * @return RefreshToken[]
+     * @return RefreshTokenInterface[]
      */
     public function findInvalid($datetime = null)
     {

diff --git a/Resources/config/doctrine/RefreshToken.mongodb.xml b/Resources/config/doctrine/RefreshToken.mongodb.xml
@@ -6,7 +6,7 @@
                     http://doctrine-project.org/schemas/odm/doctrine-mongo-mapping.xsd">
 
     <document name="Gesdinet\JWTRefreshTokenBundle\Document\RefreshToken" collection="refresh_tokens" repository-class="Gesdinet\JWTRefreshTokenBundle\Document\RefreshTokenRepository">
-        <field field-name="id" type="id" />
+        <id />
         <field field-name="refreshToken" type="string" unique="true" />
         <field field-name="username" type="string" />
         <field field-name="valid" type="date"/>

diff --git a/Security/Http/Authenticator/RefreshTokenAuthenticator.php b/Security/Http/Authenticator/RefreshTokenAuthenticator.php
@@ -20,7 +20,6 @@
 use Gesdinet\JWTRefreshTokenBundle\Security\Exception\MissingTokenException;
 use Gesdinet\JWTRefreshTokenBundle\Security\Exception\TokenNotFoundException;
 use Gesdinet\JWTRefreshTokenBundle\Security\Http\Authenticator\Token\PostRefreshTokenAuthenticationToken;
-use Symfony\Component\EventDispatcher\EventDispatcherInterface;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
@@ -35,7 +34,7 @@
 use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
 use Symfony\Component\Security\Http\Authenticator\Passport\UserPassportInterface;
 use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
-use Symfony\Contracts\EventDispatcher\EventDispatcherInterface as ContractsEventDispatcherInterface;
+use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;
 
 class RefreshTokenAuthenticator extends AbstractAuthenticator implements AuthenticationEntryPointInterface
 {
@@ -173,11 +172,7 @@ public function start(Request $request, AuthenticationException $authException =
             new RefreshAuthenticationFailureResponse($authException->getMessageKey())
         );
 
-        if ($this->eventDispatcher instanceof ContractsEventDispatcherInterface) {
-            $this->eventDispatcher->dispatch($event, 'gesdinet.refresh_token_not_found');
-        } else {
-            $this->eventDispatcher->dispatch('gesdinet.refresh_token_not_found', $event);
-        }
+        $this->eventDispatcher->dispatch($event, 'gesdinet.refresh_token_not_found');
 
         return $event->getResponse();
     }

diff --git a/Security/Provider/RefreshTokenProvider.php b/Security/Provider/RefreshTokenProvider.php
@@ -48,6 +48,11 @@ public function setCustomUserProvider(UserProviderInterface $customUserProvider)
         $this->customUserProvider = $customUserProvider;
     }
 
+    /**
+     * @param string $token
+     *
+     * @return string|null
+     */
     public function getUsernameForRefreshToken($token)
     {
         $refreshToken = $this->refreshTokenManager->get($token);

diff --git a/Tests/Functional/Document/RefreshTokenRepositoryTest.php b/Tests/Functional/Document/RefreshTokenRepositoryTest.php
@@ -0,0 +1,101 @@
+<?php
+
+namespace Gesdinet\JWTRefreshTokenBundle\Tests\Functional\Document;
+
+use Gesdinet\JWTRefreshTokenBundle\Doctrine\RefreshTokenManager;
+use Gesdinet\JWTRefreshTokenBundle\Document\RefreshToken;
+use Gesdinet\JWTRefreshTokenBundle\Document\RefreshTokenRepository;
+use Gesdinet\JWTRefreshTokenBundle\Generator\RefreshTokenGenerator;
+use Gesdinet\JWTRefreshTokenBundle\Tests\Functional\Fixtures\Document\User;
+use Gesdinet\JWTRefreshTokenBundle\Tests\Functional\ODMTestCase;
+
+/**
+ * @requires extension mongodb
+ */
+final class RefreshTokenRepositoryTest extends ODMTestCase
+{
+    /**
+     * @var RefreshTokenGenerator
+     */
+    private $generator;
+
+    protected function setUp(): void
+    {
+        parent::setUp();
+
+        foreach ($this->documentManager->getMetadataFactory()->getAllMetadata() as $class) {
+            if ($class->isMappedSuperclass || $class->isEmbeddedDocument || $class->isQueryResultDocument) {
+                continue;
+            }
+
+            $this->documentManager->getSchemaManager()->createDocumentCollection($class->name);
+        }
+
+        $this->documentManager->getSchemaManager()->ensureIndexes();
+
+        $this->generator = new RefreshTokenGenerator(
+            new RefreshTokenManager($this->documentManager, RefreshToken::class)
+        );
+    }
+
+    public function test_retrieves_no_tokens_when_all_tokens_are_valid(): void
+    {
+        for ($i = 1; $i <= 5; ++$i) {
+            $user = new User(sprintf('user-%d@localhost', $i));
+            $token = $this->generator->createForUserWithTtl($user, 600);
+
+            $this->documentManager->persist($user);
+            $this->documentManager->persist($token);
+        }
+
+        $this->documentManager->flush();
+
+        /** @var RefreshTokenRepository $repo */
+        $repo = $this->documentManager->getRepository(RefreshToken::class);
+
+        $this->assertCount(0, $repo->findInvalid());
+    }
+
+    public function test_retrieves_invalid_tokens_when_they_are_expired(): void
+    {
+        $ttl = 500;
+
+        for ($i = 1; $i <= 5; ++$i) {
+            $user = new User(sprintf('user-%d@localhost', $i));
+            $token = $this->generator->createForUserWithTtl($user, $ttl);
+
+            $this->documentManager->persist($user);
+            $this->documentManager->persist($token);
+
+            $ttl -= 300;
+        }
+
+        $this->documentManager->flush();
+
+        /** @var RefreshTokenRepository $repo */
+        $repo = $this->documentManager->getRepository(RefreshToken::class);
+
+        $this->assertCount(3, $repo->findInvalid());
+    }
+
+    public function test_retrieves_all_tokens_older_than_the_specified_time(): void
+    {
+        for ($i = 1; $i <= 5; ++$i) {
+            $user = new User(sprintf('user-%d@localhost', $i));
+            $token = $this->generator->createForUserWithTtl($user, 600);
+
+            $this->documentManager->persist($user);
+            $this->documentManager->persist($token);
+        }
+
+        $this->documentManager->flush();
+
+        /** @var RefreshTokenRepository $repo */
+        $repo = $this->documentManager->getRepository(RefreshToken::class);
+
+        $time = new \DateTime();
+        $time->modify('+1200 seconds');
+
+        $this->assertCount(5, $repo->findInvalid($time));
+    }
+}
diff --git a/Tests/Functional/Entity/RefreshTokenRepositoryTest.php b/Tests/Functional/Entity/RefreshTokenRepositoryTest.php
@@ -0,0 +1,97 @@
+<?php
+
+namespace Gesdinet\JWTRefreshTokenBundle\Tests\Functional\Entity;
+
+use Doctrine\ORM\Tools\SchemaTool;
+use Gesdinet\JWTRefreshTokenBundle\Doctrine\RefreshTokenManager;
+use Gesdinet\JWTRefreshTokenBundle\Entity\RefreshToken;
+use Gesdinet\JWTRefreshTokenBundle\Entity\RefreshTokenRepository;
+use Gesdinet\JWTRefreshTokenBundle\Generator\RefreshTokenGenerator;
+use Gesdinet\JWTRefreshTokenBundle\Tests\Functional\Fixtures\Entity\User;
+use Gesdinet\JWTRefreshTokenBundle\Tests\Functional\ORMTestCase;
+
+/**
+ * @requires extension pdo_sqlite
+ */
+final class RefreshTokenRepositoryTest extends ORMTestCase
+{
+    /**
+     * @var RefreshTokenGenerator
+     */
+    private $generator;
+
+    protected function setUp(): void
+    {
+        parent::setUp();
+
+        (new SchemaTool($this->entityManager))->createSchema([
+            $this->entityManager->getClassMetadata(RefreshToken::class),
+            $this->entityManager->getClassMetadata(User::class),
+        ]);
+
+        $this->generator = new RefreshTokenGenerator(
+            new RefreshTokenManager($this->entityManager, RefreshToken::class)
+        );
+    }
+
+    public function test_retrieves_no_tokens_when_all_tokens_are_valid(): void
+    {
+        for ($i = 1; $i <= 5; ++$i) {
+            $user = new User(sprintf('user-%d@localhost', $i));
+            $token = $this->generator->createForUserWithTtl($user, 600);
+
+            $this->entityManager->persist($user);
+            $this->entityManager->persist($token);
+        }
+
+        $this->entityManager->flush();
+
+        /** @var RefreshTokenRepository $repo */
+        $repo = $this->entityManager->getRepository(RefreshToken::class);
+
+        $this->assertCount(0, $repo->findInvalid());
+    }
+
+    public function test_retrieves_invalid_tokens_when_they_are_expired(): void
+    {
+        $ttl = 500;
+
+        for ($i = 1; $i <= 5; ++$i) {
+            $user = new User(sprintf('user-%d@localhost', $i));
+            $token = $this->generator->createForUserWithTtl($user, $ttl);
+
+            $this->entityManager->persist($user);
+            $this->entityManager->persist($token);
+
+            $ttl -= 300;
+        }
+
+        $this->entityManager->flush();
+
+        /** @var RefreshTokenRepository $repo */
+        $repo = $this->entityManager->getRepository(RefreshToken::class);
+
+        $this->assertCount(3, $repo->findInvalid());
+    }
+
+    public function test_retrieves_all_tokens_older_than_the_specified_time(): void
+    {
+        for ($i = 1; $i <= 5; ++$i) {
+            $user = new User(sprintf('user-%d@localhost', $i));
+            $token = $this->generator->createForUserWithTtl($user, 600);
+
+            $this->entityManager->persist($user);
+            $this->entityManager->persist($token);
+        }
+
+        $this->entityManager->flush();
+
+        /** @var RefreshTokenRepository $repo */
+        $repo = $this->entityManager->getRepository(RefreshToken::class);
+
+        $time = new \DateTime();
+        $time->modify('+1200 seconds');
+
+        $this->assertCount(5, $repo->findInvalid($time));
+    }
+}
diff --git a/Tests/Functional/Fixtures/Document/User.php b/Tests/Functional/Fixtures/Document/User.php
@@ -0,0 +1,72 @@
+<?php
+
+namespace Gesdinet\JWTRefreshTokenBundle\Tests\Functional\Fixtures\Document;
+
+use Doctrine\ODM\MongoDB\Mapping\Annotations as ODM;
+use Symfony\Component\Security\Core\User\UserInterface;
+
+/**
+ * @ODM\Document
+ */
+class User implements UserInterface
+{
+    /**
+     * @var int|null
+     *
+     * @ODM\Id
+     */
+    private $id;
+
+    /**
+     * @var string
+     *
+     * @ODM\Field
+     */
+    private $email;
+
+    /**
+     * @var string|null
+     *
+     * @ODM\Field(nullable=true)
+     */
+    private $password;
+
+    public function __construct(string $email, ?string $password = null)
+    {
+        $this->email = $email;
+        $this->password = $password;
+    }
+
+    public function getId(): ?int
+    {
+        return $this->id;
+    }
+
+    public function getRoles(): array
+    {
+        return [];
+    }
+
+    public function getPassword(): ?string
+    {
+        return $this->password;
+    }
+
+    public function getSalt(): void
+    {
+    }
+
+    public function eraseCredentials(): void
+    {
+    }
+
+    public function getUsername(): string
+    {
+        return $this->getUserIdentifier();
+    }
+
+    public function getUserIdentifier(): string
+    {
+        return $this->email;
+    }
+}