Merge branch 'develop'

Author: samnotsowise

composer.json

@@ -16,7 +16,8 @@
     "rhubarbphp/rhubarb": "*"
   },
   "require-dev": {
-    "phpunit/phpunit": "3.*"
+    "phpunit/phpunit": "4.*",
+    "codeception/codeception": "*"
   }
 }
 

src/Authentication/LoginProviderBasedAuthenticationProviders/LoginProviderCredentialsAuthenticationProvider.php

@@ -0,0 +1,30 @@
+<?php
+
+/*
+ *	Copyright 2015 RhubarbPHP
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+namespace Rhubarb\Scaffolds\TokenBasedRestApi\Authentication\LoginProviderBasedAuthenticationProviders;
+
+use Rhubarb\RestApi\Authentication\ModelLoginProviderAuthenticationProvider;
+use Rhubarb\Scaffolds\Authentication\LoginProviders\LoginProvider;
+
+class LoginProviderCredentialsAuthenticationProvider extends ModelLoginProviderAuthenticationProvider
+{
+    protected function getLoginProviderClassName()
+    {
+        return LoginProvider::class;
+    }
+}

src/Authentication/LoginProviderBasedAuthenticationProviders/LoginProviderTokenAuthenticationProvider.php

@@ -0,0 +1,32 @@
+<?php
+
+/*
+ *	Copyright 2015 RhubarbPHP
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+namespace Rhubarb\Scaffolds\TokenBasedRestApi\Authentication\LoginProviderBasedAuthenticationProviders;
+
+use Rhubarb\Crown\LoginProviders\LoginProvider;
+use Rhubarb\Scaffolds\TokenBasedRestApi\Authentication\TokenAuthenticationProvider;
+use Rhubarb\Stem\Models\Model;
+
+class LoginProviderTokenAuthenticationProvider extends TokenAuthenticationProvider
+{
+    protected function logUserIn(Model $user)
+    {
+        $loginProvider = LoginProvider::getProvider();
+        $loginProvider->forceLogin($user);
+    }
+}

src/Model/ApiToken.php

@@ -19,31 +19,34 @@
 namespace Rhubarb\Scaffolds\TokenBasedRestApi\Model;
 
 use Rhubarb\Scaffolds\TokenBasedRestApi\Exceptions\TokenInvalidException;
+use Rhubarb\Stem\Exceptions\RecordNotFoundException;
 use Rhubarb\Stem\Filters\AndGroup;
 use Rhubarb\Stem\Filters\Equals;
 use Rhubarb\Stem\Filters\GreaterThan;
 use Rhubarb\Stem\Models\Model;
 use Rhubarb\Stem\Models\Validation\HasValue;
 use Rhubarb\Stem\Models\Validation\Validator;
-use Rhubarb\Stem\Repositories\MySql\Schema\Columns\AutoIncrement;
-use Rhubarb\Stem\Repositories\MySql\Schema\Columns\DateTime;
-use Rhubarb\Stem\Repositories\MySql\Schema\Columns\ForeignKey;
-use Rhubarb\Stem\Repositories\MySql\Schema\Columns\Varchar;
-use Rhubarb\Stem\Repositories\MySql\Schema\Index;
-use Rhubarb\Stem\Repositories\MySql\Schema\MySqlSchema;
+use Rhubarb\Stem\Schema\Columns\AutoIncrementColumn;
+use Rhubarb\Stem\Schema\Columns\DateTimeColumn;
+use Rhubarb\Stem\Schema\Columns\ForeignKeyColumn;
+use Rhubarb\Stem\Schema\Columns\StringColumn;
+use Rhubarb\Stem\Schema\Index;
+use Rhubarb\Stem\Schema\ModelSchema;
 
 class ApiToken extends Model
 {
+    const TOKEN_EXPIRATION = "+1 day";
+
     protected function createSchema()
     {
-        $schema = new MySqlSchema("tblApiToken");
+        $schema = new ModelSchema("tblApiToken");
 
         $schema->addColumn(
-            new AutoIncrement("ApiTokenID"),
-            new ForeignKey("AuthenticatedUserID"),
-            new Varchar("Token", 100),
-            new Varchar("IpAddress", 20),
-            new DateTime("Expires")
+            new AutoIncrementColumn("ApiTokenID"),
+            new ForeignKeyColumn("AuthenticatedUserID"),
+            new StringColumn("Token", 100),
+            new StringColumn("IpAddress", 20),
+            new DateTimeColumn("Expires")
         );
 
         $schema->labelColumnName = "Token";
@@ -91,6 +94,32 @@ public static function createToken(Model $user, $ipAddress)
         return $token;
     }
 
+    /**
+     * Looks up an existing valid token for the user at the specified IP address. If none is found, it
+     * creates a new one.
+     *
+     * @param Model $user
+     * @param string $ipAddress Usually the current HTTP requester's IP, retrieved from $_SERVER[REMOTE_ADDR]
+     * @return ApiToken
+     */
+    public static function retrieveOrCreateToken(Model $user, $ipAddress)
+    {
+        try {
+            $token = self::findFirst(new AndGroup([
+                new Equals("AuthenticatedUserID", $user->UniqueIdentifier),
+                new Equals("IpAddress", $ipAddress),
+                new GreaterThan("Expires", "now", true)
+            ]));
+
+            $token->Expires = self::TOKEN_EXPIRATION;
+            $token->save();
+        } catch (RecordNotFoundException $ex) {
+            $token = self::createToken($user, $ipAddress);
+        }
+
+        return $token;
+    }
+
     protected function createConsistencyValidator()
     {
         $validator = new Validator();
@@ -102,9 +131,9 @@ protected function createConsistencyValidator()
     protected function beforeSave()
     {
         if ($this->isNewRecord()) {
-            $this->Expires = "+1 day";
+            $this->Expires = self::TOKEN_EXPIRATION;
         }
 
         parent::beforeSave();
     }
-}
+}

src/TokenBasedRestApiModule.php

@@ -33,8 +33,8 @@ class TokenBasedRestApiModule extends Module
     private static $authenticationUserModelName = "User";
 
     public function __construct(
-        $loginProviderAuthenticationProviderClassName,
-        $tokenAuthenticationProviderClassName,
+        $loginProviderAuthenticationProviderClassName = '\Rhubarb\Scaffolds\TokenBasedRestApi\Authentication\LoginProviderBasedAuthenticationProviders\LoginProviderCredentialsAuthenticationProvider',
+        $tokenAuthenticationProviderClassName = '\Rhubarb\Scaffolds\TokenBasedRestApi\Authentication\LoginProviderBasedAuthenticationProviders\LoginProviderTokenAuthenticationProvider',
         $apiStubUrl = "/api/",
         $authenticationUserModelName = "User",
         $tokenResourceClassName = '\Rhubarb\Scaffolds\TokenBasedRestApi\Resources\TokenResource'
@@ -64,7 +64,7 @@ protected function initialise()
         SolutionSchema::registerSchema("TokenBasedRestApi",
             '\Rhubarb\Scaffolds\TokenBasedRestApi\Model\TokenBasedRestApiSolutionSchema');
 
-        AuthenticationProvider::setDefaultAuthenticationProviderClassName($this->tokenAuthenticationProviderClassName);
+        AuthenticationProvider::setProviderClassName($this->tokenAuthenticationProviderClassName);
 
         $tokenHandler = new TokenCreationUrlHandler($this->loginProviderAuthenticationProviderClassName, [],
             $this->tokenResourceClassName);

tests/Fixtures/TokenAuthenticatedRestApiClientTestCase.php

@@ -0,0 +1,50 @@
+<?php
+
+namespace Rhubarb\Scaffolds\TokenBasedRestApi\Tests\Fixtures;
+
+use Rhubarb\Crown\Tests\RhubarbTestCase;
+use Rhubarb\RestApi\Clients\RestHttpRequest;
+use Rhubarb\RestApi\Clients\TokenAuthenticatedRestClient;
+
+abstract class TokenAuthenticatedRestApiClientTestCase extends RhubarbTestCase
+{
+    protected function getApiUri()
+    {
+        return "/api";
+    }
+
+    protected function getTokensUri()
+    {
+        return "/tokens";
+    }
+
+    abstract protected function getUsername();
+
+    abstract protected function getPassword();
+
+    protected function getToken()
+    {
+        return false;
+    }
+
+    public function makeApiCall($uri, $method = "get", $payload = null)
+    {
+        $client = new TokenAuthenticatedRestClient(
+            $this->getApiUri(),
+            $this->getUsername(),
+            $this->getPassword(),
+            $this->getTokensUri()
+        );
+
+        $token = $this->getToken();
+
+        if ($token) {
+            $client->setToken($token);
+        }
+
+        $request = new RestHttpRequest($uri, $method, $payload);
+        $response = $client->makeRequest($request);
+
+        return $response;
+    }
+} 

tests/Model/ApiTokenTest.php

@@ -20,8 +20,10 @@
 
 use Rhubarb\Crown\DateTime\RhubarbDateTime;
 use Rhubarb\Crown\Tests\RhubarbTestCase;
+use Rhubarb\Scaffolds\Authentication\DatabaseSchema;
 use Rhubarb\Scaffolds\Authentication\User;
 use Rhubarb\Scaffolds\TokenBasedRestApi\Model\ApiToken;
+use Rhubarb\Scaffolds\TokenBasedRestApi\Model\TokenBasedRestApiSolutionSchema;
 use Rhubarb\Stem\Schema\SolutionSchema;
 
 class ApiTokenTest extends RhubarbTestCase
@@ -30,21 +32,18 @@ public static function setUpBeforeClass()
     {
         parent::setUpBeforeClass();
 
-        SolutionSchema::registerSchema("Authentication",
-            "\Rhubarb\Scaffolds\Authentication\DatabaseSchema");
-        SolutionSchema::registerSchema("TokenBasedRestApi",
-            "\Rhubarb\Scaffolds\TokenBasedRestApi\Model\TokenBasedRestApiSolutionSchema");
-        SolutionSchema::registerSchema("ApiTokenTest",
-            "\Rhubarb\Scaffolds\TokenBasedRestApi\Tests\Model\UnitTestTokenBaseRestApiSolutionSchema");
+        SolutionSchema::registerSchema("Authentication", DatabaseSchema::class);
+        SolutionSchema::registerSchema("TokenBasedRestApi", TokenBasedRestApiSolutionSchema::class);
+        SolutionSchema::registerSchema("ApiTokenTest", UnitTestTokenBaseRestApiSolutionSchema::class);
     }
 
     public function testTokenGetsExpiry()
     {
         $token = new ApiToken();
         $token->Token = "abc123";
-        $token->Save();
+        $token->save();
 
-        $this->assertInstanceOf("Rhubarb\Crown\DateTime\RhubarbDateTime", $token->Expires);
+        $this->assertInstanceOf(RhubarbDateTime::class, $token->Expires);
         $this->assertGreaterThanOrEqual(new RhubarbDateTime("+1 day"), $token->Expires);
     }
 
@@ -53,7 +52,7 @@ public function testTokenCreation()
         $user = new User();
         $user->Username = "billy";
         $user->Forename = "bob";
-        $user->Save();
+        $user->save();
 
         $token = ApiToken::createToken($user, "127.0.0.5");
 
@@ -66,7 +65,7 @@ public function testTokenCanBeValidated()
         $user = new User();
         $user->Username = "billy2";
         $user->Forename = "bob2";
-        $user->Save();
+        $user->save();
 
         $token = ApiToken::createToken($user, "127.0.0.5");
 
@@ -88,12 +87,12 @@ protected function defineRelationships()
     {
         parent::defineRelationships();
 
-        $this->DeclareOneToManyRelationships(
+        $this->declareOneToManyRelationships(
             [
                 "User" =>
                     [
                         "Tokens" => "ApiToken.AuthenticatedUserID:AuthenticatedUser"
                     ]
             ]);
     }
-}
+}