Auth transport can be applied when existing middleware stack

ilijastuden · ilijastuden · commit 0820938a0eb9 · 2016-12-12T00:10:12.000+01:00
diff --git a/src/Middleware/ApplyAuthenticationMiddleware.php b/src/Middleware/ApplyAuthenticationMiddleware.php
@@ -22,12 +22,27 @@ class ApplyAuthenticationMiddleware
      */
     private $request_attribute_name;
 
+    /**
+     * @var bool
+     */
+    private $apply_on_exit;
+
     /**
      * @param string $request_attribute_name
+     * @param bool   $apply_on_exit
      */
-    public function __construct($request_attribute_name = '')
+    public function __construct($request_attribute_name = '', $apply_on_exit = false)
     {
         $this->request_attribute_name = $request_attribute_name;
+        $this->apply_on_exit = (bool) $apply_on_exit;
+    }
+
+    /**
+     * @return bool
+     */
+    public function applyOnExit()
+    {
+        return $this->apply_on_exit;
     }
 
     /**
@@ -38,19 +53,37 @@ public function __construct($request_attribute_name = '')
      */
     public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next = null)
     {
-        $transport = $this->getTransportFrom($request);
-
-        if ($transport instanceof TransportInterface && !$transport->isEmpty() && !$transport->isApplied()) {
-            list($request, $response) = $transport->applyTo($request, $response);
+        if (!$this->apply_on_exit) {
+            list($request, $response) = $this->apply($request, $response);
         }
 
         if ($next) {
             $response = $next($request, $response);
         }
 
+        if ($this->apply_on_exit) {
+            $response = $this->apply($request, $response)[1];
+        }
+
         return $response;
     }
 
+    /**
+     * @param  ServerRequestInterface $request
+     * @param  ResponseInterface      $response
+     * @return array
+     */
+    private function apply(ServerRequestInterface $request, ResponseInterface $response)
+    {
+        $transport = $this->getTransportFrom($request);
+
+        if ($transport instanceof TransportInterface && !$transport->isEmpty() && !$transport->isApplied()) {
+            list($request, $response) = $transport->applyTo($request, $response);
+        }
+
+        return [$request, $response];
+    }
+
     /**
      * Get authentication response transport from request.
      *
diff --git a/test/src/ApplyAuthenticationMiddlewareTest.php b/test/src/ApplyAuthenticationMiddlewareTest.php
@@ -61,8 +61,73 @@ public function testUserIsAuthenticated()
         /** @var ServerRequestInterface $request */
         $request = $this->request->withAttribute('test_transport', new AuthorizationTransport($session_adapter, $user, $session, [1, 2, 3]));
 
+        $middleware = new ApplyAuthenticationMiddleware('test_transport');
+        $this->assertFalse($middleware->applyOnExit());
+
+        /** @var ResponseInterface $response */
+        $response = call_user_func($middleware, $request, $this->response);
+
+        $this->assertInstanceOf(ResponseInterface::class, $response);
+
+        $set_cookie_header = $response->getHeaderLine('Set-Cookie');
+
+        $this->assertNotEmpty($set_cookie_header);
+        $this->assertContains($session_cookie_name, $set_cookie_header);
+        $this->assertContains('my-session-id', $set_cookie_header);
+    }
+
+    /**
+     * Test if next middleware in stack is called.
+     */
+    public function testNextIsCalled()
+    {
         /** @var ResponseInterface $response */
-        $response = call_user_func(new ApplyAuthenticationMiddleware('test_transport'), $request, $this->response);
+        $response = call_user_func(new ApplyAuthenticationMiddleware('test_transport'), $this->request, $this->response, function (ServerRequestInterface $request, ResponseInterface $response, callable $next = null) {
+            $response = $response->withHeader('X-Test', 'Yes, found!');
+
+            if ($next) {
+                $response = $next($request, $response);
+            }
+
+            return $response;
+        });
+
+        $this->assertInstanceOf(ResponseInterface::class, $response);
+        $this->assertSame('Yes, found!', $response->getHeaderLine('X-Test'));
+    }
+
+    /**
+     * Test if authentication is applied based on request attribute.
+     */
+    public function testUserIsAuthentiatedOnExit()
+    {
+        $user = new AuthenticatedUser(1, 'ilija.studen@activecollab.com', 'Ilija Studen', '123');
+        $user_repository = new UserRepository([
+            'ilija.studen@activecollab.com' => new AuthenticatedUser(1, 'ilija.studen@activecollab.com', 'Ilija Studen', '123'),
+        ]);
+        $session_repository = new SessionRepository([new Session('my-session-id', 'ilija.studen@activecollab.com')]);
+
+        $session_cookie_name = 'test-session-cookie';
+
+        $session_adapter = new BrowserSessionAdapter($user_repository, $session_repository, $this->cookies, $session_cookie_name);
+        $session = $session_adapter->authenticate($user, []);
+
+        /** @var ServerRequestInterface $request */
+        $request = $this->request->withAttribute('test_transport', new AuthorizationTransport($session_adapter, $user, $session, [1, 2, 3]));
+
+        $middleware = new ApplyAuthenticationMiddleware('test_transport', true);
+        $this->assertTrue($middleware->applyOnExit());
+
+        /** @var ResponseInterface $response */
+        $response = call_user_func($middleware, $request, $this->response, function (ServerRequestInterface $request, ResponseInterface $response, callable $next = null) {
+            $this->assertEmpty($response->getHeaderLine('Set-Cookie'));
+
+            if ($next) {
+                $response = $next($request, $response);
+            }
+
+            return $response;
+        });
 
         $this->assertInstanceOf(ResponseInterface::class, $response);
 
