cleanup JWTProvider, added and updated tests

.gitignore

@@ -1,4 +1,5 @@
 phpunit.xml
+build
 vendor
 composer.lock
 composer.phar

Encoder/JWTEncoder.php

@@ -41,15 +41,15 @@ public function __construct($privateKey, $publicKey, $passPhrase)
     /**
      * @param array $data
      *
-     * @return JWS
+     * @return string the token
      */
     public function encode(array $data)
     {
         $jws = new JWS('RS256');
         $jws->setPayload($data);
         $jws->sign($this->getPrivateKey());
 
-        return $jws;
+        return $jws->getTokenString();
     }
 
     /**

README.md

@@ -174,15 +174,31 @@ lexik_jwt_authentication:
 In your functional tests, create an authenticated client :
 
 ``` php
-protected function createAuthenticatedClient($username = '[email protected]')
+/**
+ * Create a client with a default Authorization header.
+ *
+ * @param string $username
+ * @param string $password
+ *
+ * @return \Symfony\Bundle\FrameworkBundle\Client
+ */
+protected function createAuthenticatedClient($username = 'user', $password = 'password')
 {
     $client = static::createClient();
+    $client->request(
+        'POST',
+        '/login_check',
+        array(
+            'username' => $username,
+            'password' => $password,
+        )
+    );
 
-    $jwt = $client->getContainer()->get('lexik_jwt_authentication.jwt_encoder')->encode([
-        'username' => $username,
-    ]);
+    $response = $client->getResponse();
+    $data     = json_decode($response->getContent(), true);
 
-    $client->setServerParameter('HTTP_Authorization', sprintf('Bearer %s', $jwt->getTokenString()));
+    $client = static::createClient();
+    $client->setServerParameter('HTTP_Authorization', sprintf('Bearer %s', $data['token']));
 
     return $client;
 }

Security/Authentication/Provider/JWTProvider.php

@@ -43,17 +43,11 @@ public function authenticate(TokenInterface $token)
     {
         $payload = $this->jwtManager->decode($token);
 
-        if (!$payload) {
+        if (!$payload || !isset($payload['username'])) {
             throw new AuthenticationException('Invalid JWT Token');
         }
 
-        if (!isset($payload['username'])) {
-            throw new AuthenticationException('No username found in token.');
-        }
-
-        if (!($user = $this->userProvider->loadUserByUsername($payload['username']))) {
-            throw new AuthenticationException('User "' . $payload['username'] . '" could not be found.');
-        }
+        $user = $this->userProvider->loadUserByUsername($payload['username']);
 
         $authToken = new JWTUserToken($user->getRoles());
         $authToken->setUser($user);

Security/Http/Authentication/AuthenticationSuccessHandler.php

@@ -46,6 +46,8 @@ public function onAuthenticationSuccess(Request $request, TokenInterface $token)
         $user = $token->getUser();
         $jwt  = $this->jwtManager->create($user);
 
+        // todo : move that dispatch to the jwt manager
+
         $event = new AuthenticationSuccessEvent(array('token' => $jwt), $user, $request);
         $this->dispatcher->dispatch(Events::AUTHENTICATION_SUCCESS, $event);
 

Services/JWTManager.php

@@ -67,10 +67,7 @@ public function create(UserInterface $user)
         $event = new JWTCreatedEvent($payload, $user, $this->request);
         $this->dispatcher->dispatch(Events::JWT_CREATED, $event);
 
-        return $this
-            ->jwtEncoder
-            ->encode($event->getData())
-            ->getTokenString();
+        return $this->jwtEncoder->encode($event->getData());
     }
 
     /**

Tests/Security/Authentication/Firewall/JWTListenerTest.php

@@ -120,4 +120,4 @@ protected function getEvent()
 
         return $event;
     }
-} 
+}

Tests/Security/Authentication/Provider/JWTProviderTest.php

@@ -4,6 +4,7 @@
 
 use Lexik\Bundle\JWTAuthenticationBundle\Security\Authentication\Provider\JWTProvider;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
 
 /**
  * JWTProviderTest
@@ -17,7 +18,7 @@ class JWTProviderTest extends \PHPUnit_Framework_TestCase
      */
     public function testSupports()
     {
-        $provider = new JWTProvider($this->getUserProviderMock(), $this->getJWTEncoderMock());
+        $provider = new JWTProvider($this->getUserProviderMock(), $this->getJWTManagerMock());
 
         /** @var TokenInterface $usernamePasswordToken */
         $usernamePasswordToken = $this
@@ -38,17 +39,81 @@ public function testSupports()
 
     /**
      * test authenticate method
+     *
+     * @expectedException        Symfony\Component\Security\Core\Exception\AuthenticationException
      */
-    public function testAuthenticate()
+    public function testAuthenticateWithInvalidJWT()
+    {
+        /** @var TokenInterface $jwtUserToken */
+        $jwtUserToken = $this
+            ->getMockBuilder('Lexik\Bundle\JWTAuthenticationBundle\Security\Authentication\Token\JWTUserToken')
+            ->disableOriginalConstructor()
+            ->getMock();
+
+        $userProvider = $this->getUserProviderMock();
+
+        $jwtManager = $this->getJWTManagerMock();
+        $jwtManager->expects($this->any())->method('decode')->will($this->returnValue(false));
+
+        $provider = new JWTProvider($userProvider, $jwtManager);
+        $provider->authenticate($jwtUserToken);
+    }
+
+    /**
+     * test authenticate method
+     *
+     * @expectedException        Symfony\Component\Security\Core\Exception\AuthenticationException
+     */
+    public function testAuthenticateWithoutUsername()
     {
         /** @var TokenInterface $jwtUserToken */
         $jwtUserToken = $this
             ->getMockBuilder('Lexik\Bundle\JWTAuthenticationBundle\Security\Authentication\Token\JWTUserToken')
             ->disableOriginalConstructor()
             ->getMock();
 
-        $jwtEncoder = $this->getJWTEncoderMock();
-        $jwtEncoder->expects($this->any())->method('decode')->will($this->returnValue(array('username' => 'user')));
+        $userProvider = $this->getUserProviderMock();
+
+        $jwtManager = $this->getJWTManagerMock();
+        $jwtManager->expects($this->any())->method('decode')->will($this->returnValue(array('foo' => 'bar')));
+
+        $provider = new JWTProvider($userProvider, $jwtManager);
+        $provider->authenticate($jwtUserToken);
+    }
+
+    /**
+     * test authenticate method
+     *
+     * @expectedException Symfony\Component\Security\Core\Exception\UsernameNotFoundException
+     */
+    public function testAuthenticateWithNotExistingUser()
+    {
+        /** @var TokenInterface $jwtUserToken */
+        $jwtUserToken = $this
+            ->getMockBuilder('Lexik\Bundle\JWTAuthenticationBundle\Security\Authentication\Token\JWTUserToken')
+            ->disableOriginalConstructor()
+            ->getMock();
+
+        $userProvider = $this->getUserProviderMock();
+        $userProvider->expects($this->any())->method('loadUserByUsername')->willThrowException(new UsernameNotFoundException());
+
+        $jwtManager = $this->getJWTManagerMock();
+        $jwtManager->expects($this->any())->method('decode')->will($this->returnValue(array('username' => 'user')));
+
+        $provider = new JWTProvider($userProvider, $jwtManager);
+        $provider->authenticate($jwtUserToken);
+    }
+
+    /**
+     * test authenticate method
+     */
+    public function testAuthenticate()
+    {
+        /** @var TokenInterface $jwtUserToken */
+        $jwtUserToken = $this
+            ->getMockBuilder('Lexik\Bundle\JWTAuthenticationBundle\Security\Authentication\Token\JWTUserToken')
+            ->disableOriginalConstructor()
+            ->getMock();
 
         $user = $this
             ->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')
@@ -59,14 +124,27 @@ public function testAuthenticate()
         $userProvider = $this->getUserProviderMock();
         $userProvider->expects($this->any())->method('loadUserByUsername')->will($this->returnValue($user));
 
-        $provider = new JWTProvider($userProvider, $jwtEncoder);
+        $jwtManager = $this->getJWTManagerMock();
+        $jwtManager->expects($this->any())->method('decode')->will($this->returnValue(array('username' => 'user')));
+
+        $provider = new JWTProvider($userProvider, $jwtManager);
 
         $this->assertInstanceOf(
             'Lexik\Bundle\JWTAuthenticationBundle\Security\Authentication\Token\JWTUserToken',
             $provider->authenticate($jwtUserToken)
         );
     }
 
+    /**
+     * @return \PHPUnit_Framework_MockObject_MockObject
+     */
+    protected function getJWTManagerMock()
+    {
+        return $this->getMockBuilder('Lexik\Bundle\JWTAuthenticationBundle\Services\JWTManager')
+            ->disableOriginalConstructor()
+            ->getMock();
+    }
+
     /**
      * @return \PHPUnit_Framework_MockObject_MockObject
      */

Tests/Security/Http/Authentication/AuthenticationSuccessHandlerTest.php

@@ -2,6 +2,7 @@
 
 namespace Lexik\Bundle\JWTAuthenticationBundle\Tests\Security\Http\Authentication;
 
+use Lexik\Bundle\JWTAuthenticationBundle\Events;
 use Lexik\Bundle\JWTAuthenticationBundle\Security\Http\Authentication\AuthenticationSuccessHandler;
 
 /**
@@ -25,38 +26,36 @@ public function testOnAuthenticationSuccess()
 
         $content = json_decode($response->getContent(), true);
         $this->assertArrayHasKey('token', $content);
-        $this->assertEquals('tokenstring', $content['token']);
+        $this->assertEquals('secrettoken', $content['token']);
     }
 
     /**
      * @return AuthenticationSuccessHandler
      */
     protected function getHandler()
     {
-        $jws = $this
-            ->getMockBuilder('Namshi\JOSE\JWS')
+        $jwtManager = $this->getMockBuilder('Lexik\Bundle\JWTAuthenticationBundle\Services\JWTManager')
             ->disableOriginalConstructor()
             ->getMock();
 
-        $jws
-            ->expects($this->any())
-            ->method('getTokenString')
-            ->will($this->returnValue('tokenstring'));
-
-        $creator = $this->getMockBuilder('Lexik\Bundle\JWTAuthenticationBundle\Services\JWTCreator')
-            ->disableOriginalConstructor()
-            ->getMock();
-
-        $creator
+        $jwtManager
             ->expects($this->any())
             ->method('create')
-            ->will($this->returnValue($jws->getTokenString()));
+            ->will($this->returnValue('secrettoken'));
 
         $dispatcher = $this->getMockBuilder('Symfony\Component\EventDispatcher\EventDispatcher')
             ->disableOriginalConstructor()
             ->getMock();
 
-        return new AuthenticationSuccessHandler($creator, $dispatcher);
+        $dispatcher
+            ->expects($this->once())
+            ->method('dispatch')
+            ->with(
+                $this->equalTo(Events::AUTHENTICATION_SUCCESS),
+                $this->isInstanceOf('Lexik\Bundle\JWTAuthenticationBundle\Event\AuthenticationSuccessEvent')
+            );
+
+        return new AuthenticationSuccessHandler($jwtManager, $dispatcher);
     }
 
     /**

Tests/Security/Http/EntryPoint/JWTEntryPointTest.php

@@ -5,6 +5,7 @@
 
 /**
  * JWTEntryPointTest
+ *
  * @author Jérémie Augustin <[email protected]>
  */
 class JWTEntryPointTest extends \PHPUnit_Framework_TestCase
@@ -15,11 +16,9 @@ class JWTEntryPointTest extends \PHPUnit_Framework_TestCase
     public function testStart()
     {
         $entryPoint = new JWTEntryPoint();
-
         $this->assertInstanceOf('Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface', $entryPoint);
 
         $response = $entryPoint->start($this->getRequest());
-
         $this->assertInstanceOf('Symfony\Component\HttpFoundation\Response', $response);
         $this->assertEquals(401, $response->getStatusCode(), 'status code should be 401');
     }