-
-
Notifications
You must be signed in to change notification settings - Fork 601
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1053 from freebuu/has-claim-constraint
HasClaim constraint
- Loading branch information
Showing
3 changed files
with
115 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
<?php | ||
declare(strict_types=1); | ||
|
||
namespace Lcobucci\JWT\Validation\Constraint; | ||
|
||
use Lcobucci\JWT\Token; | ||
use Lcobucci\JWT\UnencryptedToken; | ||
use Lcobucci\JWT\Validation\Constraint; | ||
use Lcobucci\JWT\Validation\ConstraintViolation; | ||
|
||
use function in_array; | ||
|
||
final class HasClaim implements Constraint | ||
{ | ||
/** @param non-empty-string $claim */ | ||
public function __construct(private readonly string $claim) | ||
{ | ||
if (in_array($claim, Token\RegisteredClaims::ALL, true)) { | ||
throw CannotValidateARegisteredClaim::create($claim); | ||
} | ||
} | ||
|
||
public function assert(Token $token): void | ||
{ | ||
if (! $token instanceof UnencryptedToken) { | ||
throw ConstraintViolation::error('You should pass a plain token', $this); | ||
} | ||
|
||
$claims = $token->claims(); | ||
|
||
if (! $claims->has($this->claim)) { | ||
throw ConstraintViolation::error('The token does not have the claim "' . $this->claim . '"', $this); | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,79 @@ | ||
<?php | ||
declare(strict_types=1); | ||
|
||
namespace Lcobucci\JWT\Tests\Validation\Constraint; | ||
|
||
use Lcobucci\JWT\Token; | ||
use Lcobucci\JWT\Validation\Constraint\CannotValidateARegisteredClaim; | ||
use Lcobucci\JWT\Validation\Constraint\HasClaim; | ||
use Lcobucci\JWT\Validation\ConstraintViolation; | ||
|
||
/** | ||
* @covers \Lcobucci\JWT\Validation\ConstraintViolation | ||
* @covers \Lcobucci\JWT\Validation\Constraint\HasClaim | ||
* | ||
* @uses \Lcobucci\JWT\Token\DataSet | ||
* @uses \Lcobucci\JWT\Token\Plain | ||
* @uses \Lcobucci\JWT\Token\Signature | ||
*/ | ||
final class HasClaimTest extends ConstraintTestCase | ||
{ | ||
/** | ||
* @test | ||
* @dataProvider registeredClaims | ||
* | ||
* @covers \Lcobucci\JWT\Validation\Constraint\CannotValidateARegisteredClaim | ||
* | ||
* @param non-empty-string $claim | ||
*/ | ||
public function registeredClaimsCannotBeValidatedUsingThisConstraint(string $claim): void | ||
{ | ||
$this->expectException(CannotValidateARegisteredClaim::class); | ||
$this->expectExceptionMessage( | ||
'The claim "' . $claim . '" is a registered claim, another constraint must be used to validate its value', | ||
); | ||
|
||
new HasClaim($claim); | ||
} | ||
|
||
/** @return iterable<non-empty-string, array{non-empty-string}> */ | ||
public static function registeredClaims(): iterable | ||
{ | ||
foreach (Token\RegisteredClaims::ALL as $claim) { | ||
yield $claim => [$claim]; | ||
} | ||
} | ||
|
||
/** @test */ | ||
public function assertShouldRaiseExceptionWhenClaimIsNotSet(): void | ||
{ | ||
$constraint = new HasClaim('claimId'); | ||
|
||
$this->expectException(ConstraintViolation::class); | ||
$this->expectExceptionMessage('The token does not have the claim "claimId"'); | ||
|
||
$constraint->assert($this->buildToken()); | ||
} | ||
|
||
/** @test */ | ||
public function assertShouldRaiseExceptionWhenTokenIsNotAPlainToken(): void | ||
{ | ||
$token = $this->createMock(Token::class); | ||
$constraint = new HasClaim('claimId'); | ||
|
||
$this->expectException(ConstraintViolation::class); | ||
$this->expectExceptionMessage('You should pass a plain token'); | ||
|
||
$constraint->assert($token); | ||
} | ||
|
||
/** @test */ | ||
public function assertShouldNotRaiseExceptionWhenClaimMatches(): void | ||
{ | ||
$token = $this->buildToken(['claimId' => 'claimValue']); | ||
$constraint = new HasClaim('claimId'); | ||
|
||
$constraint->assert($token); | ||
$this->addToAssertionCount(1); | ||
} | ||
} |