diff --git a/app/controllers/apis/ApiEndpointController.php b/app/controllers/apis/ApiEndpointController.php index 9c66dafc..94fd7cf0 100644 --- a/app/controllers/apis/ApiEndpointController.php +++ b/app/controllers/apis/ApiEndpointController.php @@ -137,7 +137,7 @@ class ApiEndpointController extends AbstractRESTController implements ICRUDContr 'allow_cors' => 'sometimes|required|boolean', 'route' => 'sometimes|required|route', 'http_method' => 'sometimes|required|httpmethod', - 'rate_limit' => 'required|integer', + 'rate_limit' => 'sometimes|integer', ); // Creates a Validator instance and validates the data. @@ -162,37 +162,37 @@ class ApiEndpointController extends AbstractRESTController implements ICRUDContr } } - public function activate($id){ - try { - $res = $this->api_endpoint_service->setStatus($id,true); - return $res?$this->ok():$this->error400(array('error'=>'operation failed')); - } - catch (InvalidApiEndpoint $ex1) { - $this->log_service->error($ex1); - return $this->error404(array('error'=>$ex1->getMessage())); - } - catch (Exception $ex) { - $this->log_service->error($ex); - return $this->error500($ex); - } - } + public function activate($id){ + try { + $res = $this->api_endpoint_service->setStatus($id,true); + return $res?$this->ok():$this->error400(array('error'=>'operation failed')); + } + catch (InvalidApiEndpoint $ex1) { + $this->log_service->error($ex1); + return $this->error404(array('error'=>$ex1->getMessage())); + } + catch (Exception $ex) { + $this->log_service->error($ex); + return $this->error500($ex); + } + } - public function deactivate($id){ - try { - $res = $this->api_endpoint_service->setStatus($id,false); - return $res?$this->ok():$this->error400(array('error'=>'operation failed')); - } - catch (InvalidApiEndpoint $ex1) { - $this->log_service->error($ex1); - return $this->error404(array('error'=>$ex1->getMessage())); - } - catch (Exception $ex) { - $this->log_service->error($ex); - return $this->error500($ex); - } - } + public function deactivate($id){ + try { + $res = $this->api_endpoint_service->setStatus($id,false); + return $res?$this->ok():$this->error400(array('error'=>'operation failed')); + } + catch (InvalidApiEndpoint $ex1) { + $this->log_service->error($ex1); + return $this->error404(array('error'=>$ex1->getMessage())); + } + catch (Exception $ex) { + $this->log_service->error($ex); + return $this->error500($ex); + } + } - public function addRequiredScope($id, $scope_id){ + public function addRequiredScope($id, $scope_id){ try { $res = $this->api_endpoint_service->addRequiredScope($id,$scope_id); return $res?$this->ok():$this->error400(array('error'=>'operation failed')); diff --git a/app/filters.php b/app/filters.php index b0a4dc85..1950eb3c 100644 --- a/app/filters.php +++ b/app/filters.php @@ -36,19 +36,10 @@ App::before(function($request){ }); App::after(function($request, $response){ - $response->headers->set('X-content-type-options','nosniff'); $response->headers->set('X-xss-protection','1; mode=block'); $cors = ServiceLocator::getInstance()->getService('CORSMiddleware'); $cors->modifyResponse($request, $response); - - if ( Auth::check()){ - //Get the name of the cookie, where remember me expiration time is stored - $ckname = Auth::getRecallerName(); - //Get the value of the cookie - $ckval = Cookie::get($ckname); - return $response->withCookie(Cookie::make($ckname,$ckval,ServerConfigurationService::getConfigValue("Remember.ExpirationTime"))); //change the expiration time - } }); /* @@ -123,7 +114,7 @@ Route::filter("openid.needs.auth.request", function () { if ($openid_message == null || !$openid_message->isValid()) throw new InvalidOpenIdMessageException(); - $configuration_service = ServiceLocator::getInstance()->getService(OpenIdServiceCatalog::ServerConfigurationService); + $configuration_service = ServiceLocator::getInstance()->getService(OpenIdServiceCatalog::ServerConfigurationService); $auth_request = new OpenIdAuthenticationRequest($openid_message, $configuration_service->getUserIdentityEndpointURL('@identifier')); if (!$auth_request->isValid()) throw new InvalidOpenIdMessageException(); @@ -164,9 +155,9 @@ Route::filter("ssl", function () { }); Route::filter("oauth2.enabled",function(){ - if(!ServerConfigurationService::getConfigValue("OAuth2.Enable")){ - return View::make('404'); - } + if(!ServerConfigurationService::getConfigValue("OAuth2.Enable")){ + return View::make('404'); + } }); Route::filter('user.owns.client.policy',function($route, $request){ diff --git a/app/tests/ApiEndpointTest.php b/app/tests/ApiEndpointTest.php index 30c9f2ab..59dcc989 100644 --- a/app/tests/ApiEndpointTest.php +++ b/app/tests/ApiEndpointTest.php @@ -66,7 +66,8 @@ class ApiEndpointTest extends TestCase { 'route' => '/api/v1/api-endpoint/test', 'http_method' => 'POST', 'api_id' => $api->id, - 'allow_cors' => true + 'allow_cors' => true, + 'rate_limit' => 60, ); $response = $this->action("POST", "ApiEndpointController@create", @@ -94,7 +95,8 @@ class ApiEndpointTest extends TestCase { 'route' => '/api/v1/api-endpoint/test', 'http_method' => 'POST', 'api_id' => $api->id, - 'allow_cors' => true + 'allow_cors' => true, + 'rate_limit' => 60, ); $response = $this->action("POST", "ApiEndpointController@create", @@ -139,11 +141,12 @@ class ApiEndpointTest extends TestCase { 'route' => '/api/v1/api-endpoint/test', 'http_method' => 'POST', 'api_id' => $api->id, - 'allow_cors' => true + 'allow_cors' => true, + 'rate_limit' => 60, ); $response = $this->action("POST", "ApiEndpointController@create", $data); - $this->assertResponseStatus(201); + $this->assertResponseStatus(201); $content = $response->getContent(); $json_response = json_decode($content); $this->assertTrue(isset($json_response->api_endpoint_id) && !empty($json_response->api_endpoint_id)); @@ -151,13 +154,13 @@ class ApiEndpointTest extends TestCase { //update status $response = $this->action('DELETE',"ApiEndpointController@deactivate", array('id' => $new_id) ); - $this->assertResponseStatus(200); + $this->assertResponseStatus(200); $content = $response->getContent(); $json_response = json_decode($content); $this->assertTrue($json_response==='ok'); $response = $this->action("GET", "ApiEndpointController@get",array('id' => $new_id)); - $this->assertResponseStatus(200); + $this->assertResponseStatus(200); $content = $response->getContent(); $updated_values = json_decode($content); $this->assertTrue($updated_values->active == false); @@ -195,8 +198,8 @@ class ApiEndpointTest extends TestCase { $this->assertTrue(!is_null($scope)); $response = $this->action("PUT", "ApiEndpointController@addRequiredScope",array( - 'id' => $api_endpoint->id, - 'scope_id' => $scope->id), array(), + 'id' => $api_endpoint->id, + 'scope_id' => $scope->id), array(), array(), array()); @@ -224,8 +227,8 @@ class ApiEndpointTest extends TestCase { $this->assertTrue(!is_null($scope)); $response = $this->action("DELETE", "ApiEndpointController@removeRequiredScope",array( - 'id' => $api_endpoint->id, - 'scope_id' => $scope->id), array(), + 'id' => $api_endpoint->id, + 'scope_id' => $scope->id), array(), array(), array()); diff --git a/app/tests/CacheServiceStub.php b/app/tests/CacheServiceStub.php index 91a3ae4f..0f3efc1e 100644 --- a/app/tests/CacheServiceStub.php +++ b/app/tests/CacheServiceStub.php @@ -151,4 +151,13 @@ class CacheServiceStub implements ICacheService{ { // TODO: Implement boot() method. } + + /**Returns the remaining time to live of a key that has a timeout. + * @param string $key + * @return int + */ + public function ttl($key) + { + // TODO: Implement ttl() method. + } } \ No newline at end of file diff --git a/app/tests/ExceptionTest.php b/app/tests/ExceptionTest.php index 3b4a8434..0852f0b6 100644 --- a/app/tests/ExceptionTest.php +++ b/app/tests/ExceptionTest.php @@ -15,6 +15,6 @@ class ExceptionTest extends TestCase{ public function testExceptionTypes(){ $ex1 = new ReplayAttackException(); $class_name = $this->getExName($ex1); - $this->assertTrue($class_name == 'ReplayAttackException'); + $this->assertTrue($class_name == 'openid\exceptions\ReplayAttackException'); } } \ No newline at end of file