Authenticator init: login

Authenticator.php

@@ -4,6 +4,13 @@ namespace fphammerle\yii2\auth\clientcert;
 
 class Authenticator extends \yii\base\Component
 {
+    public function init()
+    {
+        parent::init();
+
+        $this->loginByClientCertficiate();
+    }
+
     /**
      * @see \yii\web\User::switchIdentity
      * @return IdentityInterface|null

README.md

@@ -1,2 +1,16 @@
 [![PHP version](https://badge.fury.io/ph/fphammerle%2Fyii2-client-cert-auth.svg)](https://badge.fury.io/ph/fphammerle%2Fyii2-client-cert-auth)
 [![Build Status](https://travis-ci.org/fphammerle/yii2-client-cert-auth.svg?branch=master)](https://travis-ci.org/fphammerle/yii2-client-cert-auth)
+
+## Setup
+
+```
+$config = [
+    // ...
+    'bootstrap' => ['clientCertAuth'],
+    'components' => [
+        // ...
+        'clientCertAuth' => \fphammerle\yii2\auth\clientcert\Authenticator::className(),
+    ],
+    // ...
+];
+```

tests/AuthenticatorTest.php

@@ -55,11 +55,10 @@ class AuthenticatorTest extends TestCase
      */
     public function testLoginByClientCert($request_params, $username)
     {
-        $_SERVER = $request_params;
-
         $a = new Authenticator;
         $this->assertNull($this->getIdentity());
 
+        $_SERVER = $request_params;
         $u = $a->loginByClientCertficiate();
 
         if($username) {

tests/SqliteTest.php

@@ -0,0 +1,94 @@
+<?php
+
+namespace fphammerle\yii2\auth\clientcert\tests;
+
+use \yii\db\Connection;
+
+class SqliteTest extends TestCase
+{
+    public function createConnection($persistent)
+    {
+        return new Connection([
+            'dsn' => 'sqlite::memory:',
+            'attributes' => [
+                \PDO::ATTR_PERSISTENT => $persistent,
+            ],
+        ]);
+    }
+
+    public function getTableNames(Connection $db)
+    {
+        return array_map(
+            function($tbl) { return $tbl['name']; },
+            $db->createCommand('SELECT name FROM sqlite_master')->queryAll()
+        );
+    }
+
+    public function testPersistence()
+    {
+        $a = $this->createConnection(false);
+        $this->assertEquals([], $this->getTableNames($a));
+        $a->createCommand('CREATE TABLE a (aa INT)')->execute();
+        $this->assertEquals(['a'], $this->getTableNames($a));
+
+        $b = $this->createConnection(false);
+        $this->assertEquals([], $this->getTableNames($b));
+        $b->createCommand('CREATE TABLE b (bb INT)')->execute();
+        $this->assertEquals(['a'], $this->getTableNames($a));
+        $this->assertEquals(['b'], $this->getTableNames($b));
+
+        $c = $this->createConnection(true);
+        $this->assertEquals([], $this->getTableNames($c));
+        $c->createCommand('CREATE TABLE c (cc INT)')->execute();
+        $this->assertEquals(['b'], $this->getTableNames($b));
+        $this->assertEquals(['c'], $this->getTableNames($c));
+
+        $d = $this->createConnection(false);
+        $this->assertEquals([], $this->getTableNames($d));
+
+        $e = $this->createConnection(true);
+        $this->assertEquals(['c'], $this->getTableNames($e));
+        $e->createCommand('CREATE TABLE e (ee INT)')->execute();
+        $this->assertEquals(['c', 'e'], $this->getTableNames($c));
+        $this->assertEquals([], $this->getTableNames($d));
+        $this->assertEquals(['c', 'e'], $this->getTableNames($e));
+    }
+
+    public function testCopyConnection()
+    {
+        $a = $this->mockApplication();
+        $default_tables = $this->getTableNames($a->db);
+        $a->db->createCommand('CREATE TABLE a (aa INT)')->execute();
+        $this->assertEquals(
+            array_merge($default_tables, ['a']),
+            $this->getTableNames($a->db)
+        );
+
+        $b = $this->mockApplication();
+        $this->assertEquals($default_tables, $this->getTableNames($b->db));
+
+        $c = $this->mockApplication([
+            'components' => [
+                'db' => $a->db,
+            ],
+        ]);
+        $this->assertEquals(
+            array_merge($default_tables, ['a']),
+            $this->getTableNames($c->db)
+        );
+
+        $c->db->createCommand('CREATE TABLE c (cc INT)')->execute();
+        $this->assertEquals(
+            array_merge($default_tables, ['a', 'c']),
+            $this->getTableNames($c->db)
+        );
+        $this->assertEquals(
+            $this->getTableNames($c->db),
+            $this->getTableNames($a->db)
+        );
+        $this->assertEquals(
+            $default_tables,
+            $this->getTableNames($b->db)
+        );
+    }
+}

tests/TestCase.php

@@ -8,9 +8,9 @@ use \fphammerle\yii2\auth\clientcert\tests\migrations\CreateUserTable;
 
 abstract class TestCase extends \PHPUnit_Framework_TestCase
 {
-    public function mockApplication()
+    public function mockApplication($app_config = [])
     {
-        $app = new \yii\web\Application([
+        $app_config_default = [
             'id' => 'yii2-client-cert-auth-test',
             'basePath' => __DIR__,
             // 'vendorPath' => dirname(__DIR__) . '/vendor',
@@ -23,12 +23,19 @@ abstract class TestCase extends \PHPUnit_Framework_TestCase
                     'identityClass' => models\User::className(),
                 ],
             ],
-        ]);
-        $this->assertEquals([], $app->db->getSchema()->getTableNames());
-        ob_start();
-        (new CreateUserTable)->up();
-        ob_end_clean();
-        $this->assertNull($app->user->getIdentity());
+        ];
+        $app = new \yii\web\Application(
+            array_replace_recursive($app_config_default, $app_config)
+        );
+
+        if(!isset($app_config['components']['db'])
+            || !is_object($app_config['components']['db'])) {
+            $this->assertEquals([], $app->db->getSchema()->getTableNames());
+            ob_start();
+            (new CreateUserTable)->up();
+            ob_end_clean();
+        }
+
         return $app;
     }
 

tests/UserTest.php

@@ -23,6 +23,7 @@ class UserTest extends TestCase
     public function testLoginLogout()
     {
         $app = $this->mockApplication();
+        $this->assertNull($app->user->identity);
         $alice = new models\User('alice');
         $alice->save();
         $this->assertTrue($app->user->login($alice));

tests/integration/AuthenticatorTest.php

@@ -0,0 +1,63 @@
+<?php
+
+namespace fphammerle\yii2\auth\clientcert\tests\integration;
+
+use \fphammerle\yii2\auth\clientcert\Authenticator;
+use \fphammerle\yii2\auth\clientcert\tests\TestCase;
+
+class AuthenticatorTest extends TestCase
+{
+    protected $alice;
+    protected $bob;
+
+    protected function setUp()
+    {
+        $this->mockApplication();
+
+        $this->createSubjectTable();
+
+        $this->alice = $this->createUser('alice');
+        $this->bob = $this->createUser('bob');
+
+        $this->createSubject($this->alice, 'CN=Alice,C=AT');
+        $this->createSubject($this->alice, 'CN=Alice,O=Office,C=AT');
+        $this->createSubject($this->bob, 'CN=Bob,C=AT');
+    }
+
+    /**
+     * @dataProvider loginByClientCertProvider
+     */
+    public function testLoginByClientCert($request_params, $username)
+    {
+        $_SERVER = array_replace_recursive($_SERVER, $request_params);
+
+        $app = $this->mockApplication([
+            'bootstrap' => ['clientCertAuth'],
+            'components' => [
+                'db' => \Yii::$app->db,
+                'clientCertAuth' => Authenticator::className(),
+            ],
+        ]);
+
+        if($username) {
+            $this->assertEquals($username, $this->getIdentity()->username);
+        } else {
+            $this->assertNull($this->getIdentity());
+        }
+    }
+
+    public function loginByClientCertProvider()
+    {
+        return [
+            [['SSL_CLIENT_VERIFY' => null, 'SSL_CLIENT_S_DN' => null], null],
+            [['SSL_CLIENT_VERIFY' => null, 'SSL_CLIENT_S_DN' => 'CN=Alice,C=AT'], null],
+            [['SSL_CLIENT_VERIFY' => 'FAILED', 'SSL_CLIENT_S_DN' => 'CN=Alice,C=AT'], null],
+            [['SSL_CLIENT_VERIFY' => 'NONE', 'SSL_CLIENT_S_DN' => 'CN=Alice,C=AT'], null],
+            [['SSL_CLIENT_VERIFY' => 'SUCCESS', 'SSL_CLIENT_S_DN' => null], null],
+            [['SSL_CLIENT_VERIFY' => 'SUCCESS', 'SSL_CLIENT_S_DN' => ''], null],
+            [['SSL_CLIENT_VERIFY' => 'SUCCESS', 'SSL_CLIENT_S_DN' => 'CN=Alice,C=AT'], 'alice'],
+            [['SSL_CLIENT_VERIFY' => 'SUCCESS', 'SSL_CLIENT_S_DN' => 'CN=Alice,O=Office,C=AT'], 'alice'],
+            [['SSL_CLIENT_VERIFY' => 'SUCCESS', 'SSL_CLIENT_S_DN' => 'CN=Bob,C=AT'], 'bob'],
+        ];
+    }
+}