Because we need a JWT not required mode

clearbooks · Oct 23, 2015 · 174941a · 174941a
1 parent 1781f19
commit 174941a
Show file tree

Hide file tree

Showing 4 changed files with 52 additions and 3 deletions.
diff --git a/src/JwtGuard.php b/src/JwtGuard.php
@@ -1,5 +1,6 @@
 <?php
 namespace Clearbooks\Dilex;
+use Clearbooks\Dilex\JwtGuard\NoJwtRequired;
 use Clearbooks\Dilex\JwtGuard\RequestAuthoriser;
 use Symfony\Component\HttpFoundation\JsonResponse;
 use Symfony\Component\HttpFoundation\Request;
@@ -27,10 +28,30 @@ public function __construct( RequestAuthoriser $authoriser )
      */
     public function execute( Request $request )
     {
+        $controllerClass = $request->attributes->get('_controller');
+        if( !($this->isJwtRequired($controllerClass))) {
+            return null;
+        }
 
         if( !$this->authoriser->isAuthorised( $request ) ) {
             return new JsonResponse( ['error' => 'Invalid token'], 403 );
         }
         return null;
     }
+
+    /**
+     * @param $controllerClass
+     * @return bool
+     */
+    private function isJwtRequired($controllerClass)
+    {
+        if ($controllerClass) {
+            $reflection = new \ReflectionClass($controllerClass);
+            $jwtRequired = !$reflection->implementsInterface(NoJwtRequired::class);
+            return $jwtRequired;
+        } else {
+            $jwtRequired = true;
+            return $jwtRequired;
+        }
+    }
 }
diff --git a/src/JwtGuard/NoJwtRequired.php b/src/JwtGuard/NoJwtRequired.php
@@ -0,0 +1,10 @@
+<?php
+
+
+namespace Clearbooks\Dilex\JwtGuard;
+
+
+interface NoJwtRequired
+{
+
+}
diff --git a/test/JwtGuard/MockNoJwtRequiredController.php b/test/JwtGuard/MockNoJwtRequiredController.php
@@ -0,0 +1,9 @@
+<?php
+
+
+namespace Clearbooks\Dilex\JwtGuard;
+
+class MockNoJwtRequiredController implements NoJwtRequired
+{
+
+}
diff --git a/test/JwtGuardTest.php b/test/JwtGuardTest.php
@@ -6,12 +6,10 @@
  * Time: 11:44
  */
 
-namespace Authentication;
+namespace Clearbooks\Dilex\JwtGuard;
 
 
 use Clearbooks\Dilex\JwtGuard;
-use Emarref\Jwt\Algorithm\Hs512;
-use Emarref\Jwt\Algorithm\None;
 use Symfony\Component\HttpFoundation\JsonResponse;
 use Symfony\Component\HttpFoundation\Request;
 
@@ -58,4 +56,15 @@ public function givenValidRequest_whenExecuting_returnNull()
         $guard = new JwtGuard( new JwtGuard\RequestAuthoriserStub( true ) );
         $this->assertNull($guard->execute($this->request));
     }
+
+    /**
+     * @test
+     */
+    public function givenInvalidRequest_AndControllerDoesNotRequireJwt_whenExecuting_returnNull()
+    {
+        $guard = new JwtGuard( new JwtGuard\RequestAuthoriserStub( false ) );
+        $this->request->attributes->set('_controller', MockNoJwtRequiredController::class );
+        $this->assertNull($guard->execute($this->request));
+    }
+
 }