Merge pull request #5 from activecollab/authentication-improvement

Authentication improvement

Author: ilijastuden

.php_cs.php

@@ -37,7 +37,7 @@
     'standardize_not_equal',
     'ternary_spaces',
     'trim_array_spaces',
-    'unused_use ',
+    'unused_use',
     'whitespacy_lines',
     'ordered_use',
     'short_array_syntax',

composer.json

@@ -24,7 +24,7 @@
     "require-dev": {
         "fabpot/php-cs-fixer": "^1.0",
         "phpunit/phpunit": "~5",
-        "slim/slim": "3.0.0-RC2"
+        "slim/slim": "~3.2"
     },
     "minimum-stability": "dev",
     "autoload": {
@@ -37,4 +37,4 @@
             "ActiveCollab\\Authentication\\Test\\": "test/src"
         }
     }
-}
+}

composer.lock

@@ -9,10 +9,10 @@
 namespace ActiveCollab\Authentication\Adapter;
 
 use ActiveCollab\Authentication\AuthenticatedUser\AuthenticatedUserInterface;
-use ActiveCollab\Authentication\AuthenticatedUser\RepositoryInterface as UserRepositoryInterface;
-use ActiveCollab\Authentication\Exception\InvalidAuthenticateRequest;
-use ActiveCollab\Authentication\Exception\InvalidPassword;
-use ActiveCollab\Authentication\Exception\UserNotFound;
+use ActiveCollab\Authentication\AuthenticatedUser\RepositoryInterface;
+use ActiveCollab\Authentication\Exception\InvalidAuthenticationRequestException;
+use ActiveCollab\Authentication\Exception\InvalidPasswordException;
+use ActiveCollab\Authentication\Exception\UserNotFoundException;
 use Psr\Http\Message\ServerRequestInterface;
 
 /**
@@ -32,32 +32,32 @@ protected function getAuthenticationCredentialsFromRequest(ServerRequestInterfac
         $credentials = $request->getParsedBody();
 
         if (!is_array($credentials) || empty($credentials['username']) || ($check_password && empty($credentials['password']))) {
-            throw new InvalidAuthenticateRequest();
+            throw new InvalidAuthenticationRequestException();
         }
 
         return $credentials;
     }
 
     /**
-     * @param  UserRepositoryInterface    $repository
+     * @param  RepositoryInterface        $repository
      * @param  array                      $credentials
      * @param  bool                       $check_password
      * @return AuthenticatedUserInterface
      */
-    protected function getUserFromCredentials(UserRepositoryInterface $repository, array $credentials, $check_password = true)
+    protected function getUserFromCredentials(RepositoryInterface $repository, array $credentials, $check_password = true)
     {
         $user = $repository->findByUsername($credentials['username']);
 
         if (!$user) {
-            throw new UserNotFound();
+            throw new UserNotFoundException();
         }
 
         if ($check_password && !$user->isValidPassword($credentials['password'])) {
-            throw new InvalidPassword();
+            throw new InvalidPasswordException();
         }
 
         if (!$user->canAuthenticate()) {
-            throw new UserNotFound();
+            throw new UserNotFoundException();
         }
 
         return $user;

src/Adapter/Adapter.php

@@ -9,7 +9,7 @@
 namespace ActiveCollab\Authentication\Adapter;
 
 use ActiveCollab\Authentication\AuthenticatedUser\AuthenticatedUserInterface;
-use ActiveCollab\Authentication\AuthenticationResultInterface;
+use ActiveCollab\Authentication\AuthenticationResult\AuthenticationResultInterface;
 use Psr\Http\Message\ServerRequestInterface;
 
 /**
@@ -20,14 +20,14 @@ interface AdapterInterface
     /**
      * Initialize authentication layer and see if we have a user who's already logged in.
      *
-     * @param  ServerRequestInterface     $request
-     * @param  null                       $authenticated_with
-     * @return AuthenticatedUserInterface
+     * @param  ServerRequestInterface          $request
+     * @param  null                            $authenticated_with
+     * @return AuthenticatedUserInterface|null
      */
     public function initialize(ServerRequestInterface $request, &$authenticated_with = null);
 
     /**
-     * Authenticate with given credential agains authentication source.
+     * Authenticate with given credential against authentication source.
      *
      * @param  ServerRequestInterface        $request
      * @param  bool                          $check_password

src/Adapter/AdapterInterface.php

@@ -9,8 +9,8 @@
 namespace ActiveCollab\Authentication\Adapter;
 
 use ActiveCollab\Authentication\AuthenticatedUser\RepositoryInterface as UserRepositoryInterface;
-use ActiveCollab\Authentication\AuthenticationResultInterface;
-use ActiveCollab\Authentication\Exception\InvalidSession;
+use ActiveCollab\Authentication\AuthenticationResult\AuthenticationResultInterface;
+use ActiveCollab\Authentication\Exception\InvalidSessionException;
 use ActiveCollab\Authentication\Session\RepositoryInterface as SessionRepositoryInterface;
 use ActiveCollab\Authentication\Session\SessionInterface;
 use ActiveCollab\Cookies\CookiesInterface;
@@ -25,12 +25,12 @@ class BrowserSession extends Adapter
     /**
      * @var UserRepositoryInterface
      */
-    private $users_repository;
+    private $user_repository;
 
     /**
      * @var SessionRepositoryInterface
      */
-    private $sessions_repository;
+    private $session_repository;
 
     /**
      * @var CookiesInterface
@@ -43,19 +43,19 @@ class BrowserSession extends Adapter
     private $session_cookie_name;
 
     /**
-     * @param UserRepositoryInterface    $users_repository
-     * @param SessionRepositoryInterface $sessions_repository
+     * @param UserRepositoryInterface    $user_repository
+     * @param SessionRepositoryInterface $session_repository
      * @param CookiesInterface           $cookies
      * @param string                     $session_cookie_name
      */
-    public function __construct(UserRepositoryInterface $users_repository, SessionRepositoryInterface $sessions_repository, CookiesInterface $cookies, $session_cookie_name = 'sessid')
+    public function __construct(UserRepositoryInterface $user_repository, SessionRepositoryInterface $session_repository, CookiesInterface $cookies, $session_cookie_name = 'sessid')
     {
         if (empty($session_cookie_name)) {
             throw new InvalidArgumentException('Session cookie name is required');
         }
 
-        $this->users_repository = $users_repository;
-        $this->sessions_repository = $sessions_repository;
+        $this->user_repository = $user_repository;
+        $this->session_repository = $session_repository;
         $this->cookies = $cookies;
         $this->session_cookie_name = $session_cookie_name;
     }
@@ -65,32 +65,34 @@ public function __construct(UserRepositoryInterface $users_repository, SessionRe
      */
     public function initialize(ServerRequestInterface $request, &$authenticated_with = null)
     {
-        if ($session_id = $this->cookies->get($request, $this->session_cookie_name)) {
-            $session = $this->sessions_repository->getById($session_id);
+        $session_id = $this->cookies->get($request, $this->session_cookie_name);
 
-            if ($session instanceof SessionInterface) {
-                if ($user = $session->getAuthenticatedUser($this->users_repository)) {
-                    $this->sessions_repository->recordUsage($session);
-                    $authenticated_with = $session;
+        if (!$session_id) {
+            return null;
+        }
 
-                    return $user;
-                }
-            }
+        $session = $this->session_repository->getById($session_id);
 
-            throw new InvalidSession();
+        if ($session instanceof SessionInterface) {
+            if ($user = $session->getAuthenticatedUser($this->user_repository)) {
+                $this->session_repository->recordUsageBySession($session);
+                $authenticated_with = $session;
+
+                return $user;
+            }
         }
 
-        return null;
+        throw new InvalidSessionException();
     }
 
     /**
      * {@inheritdoc}
      */
     public function authenticate(ServerRequestInterface $request, $check_password = true)
     {
-        return $this->sessions_repository->createSession(
+        return $this->session_repository->createSession(
             $this->getUserFromCredentials(
-                $this->users_repository,
+                $this->user_repository,
                 $this->getAuthenticationCredentialsFromRequest($request, $check_password),
                 $check_password
             )
@@ -103,7 +105,7 @@ public function authenticate(ServerRequestInterface $request, $check_password =
     public function terminate(AuthenticationResultInterface $authenticated_with)
     {
         if ($authenticated_with instanceof SessionInterface) {
-            $this->sessions_repository->terminateSession($authenticated_with);
+            $this->session_repository->terminateSession($authenticated_with);
         } else {
             throw new InvalidArgumentException('Instance is not a browser session');
         }

src/Adapter/BrowserSession.php

@@ -9,8 +9,8 @@
 namespace ActiveCollab\Authentication\Adapter;
 
 use ActiveCollab\Authentication\AuthenticatedUser\RepositoryInterface as UserRepositoryInterface;
-use ActiveCollab\Authentication\AuthenticationResultInterface;
-use ActiveCollab\Authentication\Exception\InvalidToken;
+use ActiveCollab\Authentication\AuthenticationResult\AuthenticationResultInterface;
+use ActiveCollab\Authentication\Exception\InvalidTokenException;
 use ActiveCollab\Authentication\Token\RepositoryInterface as TokenRepositoryInterface;
 use ActiveCollab\Authentication\Token\TokenInterface;
 use InvalidArgumentException;
@@ -24,21 +24,21 @@ class TokenBearer extends Adapter
     /**
      * @var UserRepositoryInterface
      */
-    private $users_repository;
+    private $user_repository;
 
     /**
      * @var TokenRepositoryInterface
      */
-    private $tokens_repository;
+    private $token_repository;
 
     /**
-     * @param UserRepositoryInterface  $users_repository
-     * @param TokenRepositoryInterface $tokens_repository
+     * @param UserRepositoryInterface  $user_repository
+     * @param TokenRepositoryInterface $token_repository
      */
-    public function __construct(UserRepositoryInterface $users_repository, TokenRepositoryInterface $tokens_repository)
+    public function __construct(UserRepositoryInterface $user_repository, TokenRepositoryInterface $token_repository)
     {
-        $this->users_repository = $users_repository;
-        $this->tokens_repository = $tokens_repository;
+        $this->user_repository = $user_repository;
+        $this->token_repository = $token_repository;
     }
 
     /**
@@ -48,23 +48,23 @@ public function initialize(ServerRequestInterface $request, &$authenticated_with
     {
         $authorization = $request->getHeaderLine('Authorization');
 
-        if (!empty($authorization) && substr($authorization, 0, 7) == 'Bearer ') {
+        if (!empty($authorization) && substr($authorization, 0, 7) === 'Bearer ') {
             $token_id = trim(substr($authorization, 7));
 
-            if (empty($token_id)) {
-                throw new InvalidToken();
+            if ($token_id === null || $token_id === '') {
+                throw new InvalidTokenException();
             }
 
-            if ($token = $this->tokens_repository->getById($token_id)) {
-                if ($user = $token->getAuthenticatedUser($this->users_repository)) {
-                    $this->tokens_repository->recordUsage($token);
+            if ($token = $this->token_repository->getById($token_id)) {
+                if ($user = $token->getAuthenticatedUser($this->user_repository)) {
+                    $this->token_repository->recordUsageByToken($token);
                     $authenticated_with = $token;
 
                     return $user;
                 }
             }
 
-            throw new InvalidToken();
+            throw new InvalidTokenException();
         }
 
         return null;
@@ -79,7 +79,11 @@ public function initialize(ServerRequestInterface $request, &$authenticated_with
      */
     public function authenticate(ServerRequestInterface $request, $check_password = true)
     {
-        return $this->tokens_repository->issueToken($this->getUserFromCredentials($this->users_repository, $this->getAuthenticationCredentialsFromRequest($request), $check_password));
+        return $this->token_repository->issueToken($this->getUserFromCredentials(
+            $this->user_repository,
+            $this->getAuthenticationCredentialsFromRequest($request),
+            $check_password
+        ));
     }
 
     /**
@@ -90,7 +94,7 @@ public function authenticate(ServerRequestInterface $request, $check_password =
     public function terminate(AuthenticationResultInterface $authenticated_with)
     {
         if ($authenticated_with instanceof TokenInterface) {
-            $this->tokens_repository->terminateToken($authenticated_with);
+            $this->token_repository->terminateToken($authenticated_with);
         } else {
             throw new InvalidArgumentException('Instance is not a token');
         }

src/Adapter/TokenBearer.php

@@ -11,7 +11,7 @@
 use ActiveCollab\User\UserInterface;
 
 /**
- * @package ActiveCollab\Authentication
+ * @package ActiveCollab\Authentication\AuthenticatedUser
  */
 interface AuthenticatedUserInterface extends UserInterface
 {

src/AuthenticatedUser/AuthenticatedUserInterface.php

@@ -6,24 +6,25 @@
  * (c) A51 doo <[email protected]>. All rights reserved.
  */
 
-namespace ActiveCollab\Authentication;
+namespace ActiveCollab\Authentication\AuthenticationResult;
 
 use ActiveCollab\Authentication\AuthenticatedUser\AuthenticatedUserInterface;
-use ActiveCollab\Authentication\AuthenticatedUser\RepositoryInterface as UserRepositoryInterface;
+use ActiveCollab\Authentication\AuthenticatedUser\RepositoryInterface;
+use JsonSerializable;
 use Psr\Http\Message\ResponseInterface;
 
 /**
- * @package ActiveCollab\Authentication
+ * @package ActiveCollab\Authentication\AuthenticationResult
  */
-interface AuthenticationResultInterface extends \JsonSerializable
+interface AuthenticationResultInterface extends JsonSerializable
 {
     /**
      * Get authenticated user from the repository.
      *
-     * @param  UserRepositoryInterface    $repository
+     * @param  RepositoryInterface        $repository
      * @return AuthenticatedUserInterface
      */
-    public function getAuthenticatedUser(UserRepositoryInterface $repository);
+    public function getAuthenticatedUser(RepositoryInterface $repository);
 
     /**
      * @param  ResponseInterface $response