Improve Authentication class

It has better guards and it is simplified a bit.

Author: perajovic

src/AuthenticatedParameters.php

@@ -11,7 +11,7 @@
 use ActiveCollab\Authentication\Adapter\AdapterInterface;
 use ActiveCollab\Authentication\Authorizer\AuthorizerInterface;
 use ActiveCollab\Authentication\Exception\InvalidAuthenticationRequestException;
-use ActiveCollab\Authentication\Exception\InvalidCredentialsException;
+use Exception;
 use Psr\Http\Message\RequestInterface;
 use RuntimeException;
 
@@ -23,15 +23,9 @@ class Authentication implements AuthenticationInterface
     private $adapters;
 
     /**
-     * @var AuthorizerInterface
+     * @param array $adapters
      */
-    private $authorizer;
-
-    /**
-     * @param array                    $adapters
-     * @param AuthorizerInterface|null $authorizer
-     */
-    public function __construct(array $adapters, AuthorizerInterface $authorizer = null)
+    public function __construct(array $adapters)
     {
         foreach ($adapters as $adapter) {
             if (!($adapter instanceof AdapterInterface)) {
@@ -40,15 +34,6 @@ public function __construct(array $adapters, AuthorizerInterface $authorizer = n
         }
 
         $this->adapters = $adapters;
-        $this->authorizer = $authorizer;
-    }
-
-    /**
-     * {@inheritdoc}
-     */
-    public function setAuthorizer(AuthorizerInterface $authorizer)
-    {
-        $this->authorizer = $authorizer;
     }
 
     /**
@@ -57,45 +42,44 @@ public function setAuthorizer(AuthorizerInterface $authorizer)
     public function initialize(RequestInterface $request)
     {
         $exception = null;
-        $results = ['authenticated_parameters' => []];
+        $results = ['authenticated_user' => [], 'authentication_result' => []];
 
         foreach ($this->adapters as $adapter) {
             try {
                 $result = $adapter->initialize($request);
-                if ($result instanceof AuthenticatedParameters) {
-                    $results['authenticated_parameters'][] = $result;
+                if ($result) {
+                    $results['authenticated_user'][] = $result['authenticated_user'];
+                    $results['authentication_result'][] = $result['authentication_result'];
                 }
             } catch (Exception $e) {
                 $exception = $e;
             }
         }
 
-        if (empty($results['authenticated_parameters']) && $exception) {
-            throw $exception;
+        if (empty($results['authenticated_user'])) {
+            if ($exception) {
+                throw $exception;
+            }
+
+            return $request;
         }
 
-        if (count($results['authenticated_parameters']) > 1) {
+        if (count($results['authenticated_user']) > 1) {
             throw new InvalidAuthenticationRequestException('You can not be authenticated with more than one authentication method');
         }
 
-        return $request->withAttribute('authenticated_parameters', $results['authenticated_parameters'][0]);
+        return $request
+            ->withAttribute('authenticated_user', $results['authenticated_user'][0])
+            ->withAttribute('authentication_result', $results['authentication_result'][0]);
     }
 
     /**
      * {@inheritdoc}
      */
-    public function authorize(RequestInterface $request, array $credentials = [])
+    public function authorize(AuthorizerInterface $authorizer, AdapterInterface $adapter, array $credentials)
     {
-        if (!$this->authorizer) {
-            throw new RuntimeException('Authorizer object is not configured');
-        }
-
-        if (!$this->authorizer->verifyCredentials($credentials)) {
-            throw new InvalidCredentialsException();
-        }
-
-        $authenticated_parameters = $request->getAttribute('authenticated_parameters');
+        $user = $authorizer->verifyCredentials($credentials);
 
-        return $authenticated_parameters->adapter->authenticate($authenticated_parameters->authenticated_user);
+        return $adapter->authenticate($user);
     }
 }

src/Authentication.php

@@ -8,6 +8,7 @@
 
 namespace ActiveCollab\Authentication;
 
+use ActiveCollab\Authentication\Adapter\AdapterInterface;
 use ActiveCollab\Authentication\AuthenticatedUser\AuthenticatedUserInterface;
 use ActiveCollab\Authentication\Authorizer\AuthorizerInterface;
 use Psr\Http\Message\RequestInterface;
@@ -26,18 +27,12 @@ interface AuthenticationInterface
     public function initialize(RequestInterface $request);
 
     /**
-     * Set Authorizer object.
+     * Authorize and authenticate with given credentials against authorization/authentication source.
      *
-     * @param AuthorizerInterface $authorizer
-     */
-    public function setAuthorizer(AuthorizerInterface $authorizer);
-
-    /**
-     * Authenticate with given credential agains authentication source.
-     *
-     * @param  RequestInterface           $request
+     * @param  AuthorizerInterface        $authorizer
+     * @param  AdapterInterface           $adapter
      * @param  array                      $credentials
      * @return AuthenticatedUserInterface
      */
-    public function authorize(RequestInterface $request, array $credentials = []);
+    public function authorize(AuthorizerInterface $authorizer, AdapterInterface $adapter, array $credentials);
 }

src/AuthenticationInterface.php

@@ -55,14 +55,13 @@ public function setUp()
     {
         parent::setUp();
 
-        $this->authorizer = new Authorizer();
-        $this->user_repository = new UserRepository([
-            '[email protected]' => new AuthenticatedUser(1, '[email protected]', 'John Doe', '123'),
-        ]);
+        $authenticated_user = new AuthenticatedUser(1, '[email protected]', 'John Doe', '123');
+        $this->authorizer = new Authorizer($authenticated_user);
+        $this->user_repository = new UserRepository(['[email protected]' => $authenticated_user]);
         $this->empty_user_repository = new UserRepository();
         $this->token_repository = new TokenRepository([
-            '123' => new Token(123, '[email protected]'), ]
-        );
+            '123' => new Token(123, '[email protected]'),
+        ]);
         $this->empty_token_repository = new TokenRepository();
         $this->authenticated_user = new AuthenticatedUser(1, '[email protected]', 'John Doe', '123');
         $this->request = $this->request->withHeader('Authorization', 'Bearer 123');
@@ -74,21 +73,14 @@ public function setUp()
      */
     public function testForInvalidAdapterExceptionIsThrown()
     {
-        new Authentication([new stdClass()], $this->authorizer);
+        new Authentication([new stdClass()]);
     }
 
-    /**
-     * @expectedException ActiveCollab\Authentication\Exception\InvalidCredentialsException
-     * @expectedExceptionMessage Invalid credentials provided
-     */
-    public function testForInvalidCredentialsExceptionIsThrown()
+    public function testAdaptersNotInitializedReturnsRequest()
     {
-        $authentication = new Authentication(
-            [new TokenBearer($this->user_repository, $this->token_repository)],
-            $this->authorizer
-        );
+        $request = (new Authentication([]))->initialize($this->request);
 
-        $authentication->authorize($this->request, ['username' => '[email protected]']);
+        $this->assertSame($request, $this->request);
     }
 
     /**
@@ -99,7 +91,7 @@ public function testFailedAdapterInitializationThrowsException()
     {
         $token_bearer = new TokenBearer($this->empty_user_repository, $this->empty_token_repository);
 
-        (new Authentication([$token_bearer], $this->authorizer))->initialize($this->request);
+        (new Authentication([$token_bearer]))->initialize($this->request);
     }
 
     /**
@@ -116,27 +108,13 @@ public function testMultipleAdapterSuccessfullyInitializedThrowsException()
         $authentication->initialize($this->request);
     }
 
-    /**
-     * @expectedException RuntimeException
-     * @expectedExceptionMessage Authorizer object is not configured
-     */
-    public function testForNotConfiguredAuthorizerExceptionIsThrown()
-    {
-        $authentication = new Authentication([new TokenBearer($this->user_repository, $this->token_repository)], null);
-
-        $authentication->authorize($this->request, ['username' => '[email protected]']);
-    }
-
     public function testUserIsAuthorized()
     {
-        $authentication = new Authentication(
-            [new TokenBearer($this->user_repository, $this->token_repository)],
-            $this->authorizer
-        );
+        $token_bearer = new TokenBearer($this->user_repository, $this->token_repository);
 
+        $authentication = new Authentication([$token_bearer]);
         $request = $authentication->initialize($this->request);
-
-        $authentication_result = $authentication->authorize($request, ['username' => '[email protected]']);
+        $authentication_result = $authentication->authorize($this->authorizer, $token_bearer, ['username' => '[email protected]']);
 
         $this->assertInstanceOf(AuthenticationResultInterface::class, $authentication_result);
     }

test/src/AuthenticationTest.php

@@ -9,6 +9,7 @@
 namespace ActiveCollab\Authentication\Test\Authorizer;
 
 use ActiveCollab\Authentication\Authorizer\AuthorizerInterface;
+use ActiveCollab\Authentication\Test\AuthenticatedUser\AuthenticatedUser;
 
 /**
  * @package ActiveCollab\Authentication\Test\Authorizer
@@ -17,11 +18,19 @@ class Authorizer implements AuthorizerInterface
 {
     private $username = '[email protected]';
 
+    /**
+     * @param AuthenticatedUser $authenticated_user
+     */
+    public function __construct(AuthenticatedUser $authenticated_user)
+    {
+        $this->authenticated_user = $authenticated_user;
+    }
+
     public function verifyCredentials(array $payload)
     {
-        return isset($payload['username']) && $payload['username'] === $this->username
-            ? true
-            : false;
+        if (isset($payload['username']) && $payload['username'] === $this->username) {
+            return $this->authenticated_user;
+        }
     }
 
     public function onLogin(array $payload)