OXDEV-8407 Refactor tests and subscriber

OXID-eSales · Oct 8, 2024 · de11a31 · de11a31
1 parent c103c64
commit de11a31
Show file tree

Hide file tree

Showing 8 changed files with 212 additions and 226 deletions.
diff --git a/services.yaml b/services.yaml
@@ -63,9 +63,6 @@ services:
   OxidEsales\GraphQL\Base\Infrastructure\Token:
     class: OxidEsales\GraphQL\Base\Infrastructure\Token
 
-  OxidEsales\GraphQL\Base\Infrastructure\RefreshTokenRepository:
-    class: OxidEsales\GraphQL\Base\Infrastructure\RefreshTokenRepository
-
   OxidEsales\GraphQL\Base\Infrastructure\Repository:
     class: OxidEsales\GraphQL\Base\Infrastructure\Repository
 

diff --git a/src/Event/Subscriber/PasswordChangeSubscriber.php b/src/Event/Subscriber/PasswordChangeSubscriber.php
@@ -12,7 +12,7 @@
 use OxidEsales\Eshop\Application\Model\User;
 use OxidEsales\EshopCommunity\Internal\Transition\ShopEvents\AfterModelUpdateEvent;
 use OxidEsales\EshopCommunity\Internal\Transition\ShopEvents\BeforeModelUpdateEvent;
-use OxidEsales\GraphQL\Base\Infrastructure\RefreshTokenRepository;
+use OxidEsales\GraphQL\Base\Infrastructure\RefreshTokenRepositoryInterface;
 use OxidEsales\GraphQL\Base\Infrastructure\Token;
 use OxidEsales\GraphQL\Base\Service\UserModelService;
 use Symfony\Component\EventDispatcher\EventSubscriberInterface;
@@ -23,13 +23,13 @@ class PasswordChangeSubscriber implements EventSubscriberInterface
     /**
      * Whether the password had been changed.
      *
-     * @var string|null
+     * @var array
      */
-    protected ?string $userIdWithChangedPwd = null;
+    protected array $userIdWithChangedPwd = [];
 
     public function __construct(
         private readonly UserModelService $userModelService,
-        private readonly RefreshTokenRepository $refreshTokenRepository,
+        private readonly RefreshTokenRepositoryInterface $refreshTokenRepository,
         private readonly Token $tokenInfrastructure
     ) {
     }
@@ -44,7 +44,7 @@ public function handleBeforeUpdate(Event $event): Event
         /** @phpstan-ignore-next-line method.notFound */
         $model = $event->getModel();
 
-        if (!$model instanceof User || !$model->getId()) {
+        if (!$model instanceof User) {
             return $event;
         }
 
@@ -53,7 +53,7 @@ public function handleBeforeUpdate(Event $event): Event
             return $event;
         }
 
-        $this->userIdWithChangedPwd = $model->getId();
+        $this->userIdWithChangedPwd[$model->getId()] = true;
 
         return $event;
     }
@@ -68,16 +68,13 @@ public function handleAfterUpdate(Event $event): Event
         /** @phpstan-ignore-next-line method.notFound */
         $model = $event->getModel();
 
-        if (!$model instanceof User) {
-            return $event;
-        }
-
-        if ($model->getId() !== $this->userIdWithChangedPwd || !$this->userIdWithChangedPwd) {
+        if (!$model instanceof User || !isset($this->userIdWithChangedPwd[$model->getId()])) {
             return $event;
         }
 
         $this->refreshTokenRepository->invalidateUserTokens($model->getId());
         $this->tokenInfrastructure->invalidateUserTokens($model->getId());
+        unset($this->userIdWithChangedPwd[$model->getId()]);
 
         return $event;
     }

diff --git a/tests/Integration/Event/PasswordChangeTest.php b/tests/Integration/Event/PasswordChangeTest.php
diff --git a/tests/Integration/Event/UserDeleteTest.php b/tests/Integration/Event/UserDeleteTest.php
diff --git a/tests/Integration/Infrastructure/RefreshTokenRepositoryTest.php b/tests/Integration/Infrastructure/RefreshTokenRepositoryTest.php
@@ -10,10 +10,11 @@
 namespace OxidEsales\GraphQL\Base\Tests\Integration\Infrastructure;
 
 use DateTime;
+use DateTimeImmutable;
 use Doctrine\DBAL\Connection;
 use OxidEsales\EshopCommunity\Internal\Framework\Database\ConnectionProviderInterface;
+use OxidEsales\GraphQL\Base\DataType\UserInterface;
 use OxidEsales\GraphQL\Base\Exception\InvalidRefreshToken;
-use OxidEsales\GraphQL\Base\Exception\InvalidToken;
 use OxidEsales\GraphQL\Base\Infrastructure\RefreshTokenRepository;
 use OxidEsales\GraphQL\Base\Infrastructure\RefreshTokenRepositoryInterface;
 use OxidEsales\GraphQL\Base\Tests\Integration\TestCase;
@@ -138,6 +139,41 @@ public function testGetTokenUserExplodesOnWrongToken(): void
         $sut->getTokenUser(uniqid());
     }
 
+    public function testInvalidateRefreshTokens(): void
+    {
+        $expires = new DateTimeImmutable('+8 hours');
+        $this->addToken(
+            oxid: 'pwd_change_token',
+            expires: $expires->format('Y-m-d H:i:s'),
+            userId: $userId = '_testUser',
+            token: $token = uniqid(),
+        );
+
+        $sut = $this->getSut();
+        $result = $sut->invalidateUserTokens($userId);
+        $this->assertTrue($result !== 0);
+
+        $this->expectException(InvalidRefreshToken::class);
+        $sut->getTokenUser($token);
+    }
+
+    public function testInvalidateRefreshTokensWrongUserId(): void
+    {
+        $expires = new DateTimeImmutable('+8 hours');
+        $this->addToken(
+            oxid: 'pwd_change_token',
+            expires: $expires->format('Y-m-d H:i:s'),
+            userId: '_testUser',
+            token: $token = uniqid(),
+        );
+
+        $sut = $this->getSut();
+        $result = $sut->invalidateUserTokens('some_user_id');
+        $this->assertTrue($result == 0);
+
+        $this->assertTrue($sut->getTokenUser($token) instanceof UserInterface);
+    }
+
     private function getDbConnection(): Connection
     {
         return $this->get(ConnectionProviderInterface::class)->get();