From 6d582852f1a722584265d87769ff8ac39ac26d00 Mon Sep 17 00:00:00 2001 From: Lucas Michot Date: Thu, 24 Jun 2021 16:21:29 +0200 Subject: [PATCH 1/2] Use Util::getShopifyConfig instead of env. --- tests/Actions/AuthorizeShopTest.php | 5 +-- tests/Http/Middleware/AuthTokenTest.php | 20 +++++------ tests/Services/ApiHelperTest.php | 5 +-- tests/Traits/ApiControllerTest.php | 48 ++++++++++++------------- tests/Traits/AuthControllerTest.php | 4 +-- 5 files changed, 42 insertions(+), 40 deletions(-) diff --git a/tests/Actions/AuthorizeShopTest.php b/tests/Actions/AuthorizeShopTest.php index 13ddc7a1..bf18be86 100644 --- a/tests/Actions/AuthorizeShopTest.php +++ b/tests/Actions/AuthorizeShopTest.php @@ -6,6 +6,7 @@ use Osiset\ShopifyApp\Objects\Values\ShopDomain; use Osiset\ShopifyApp\Test\Stubs\Api as ApiStub; use Osiset\ShopifyApp\Test\TestCase; +use Osiset\ShopifyApp\Util; class AuthorizeShopTest extends TestCase { @@ -30,7 +31,7 @@ public function testNoShopShouldBeMade(): void ); $this->assertStringContainsString( - '/admin/oauth/authorize?client_id='.env('SHOPIFY_API_KEY').'&scope=read_products%2Cwrite_products&redirect_uri=https%3A%2F%2Flocalhost%2Fauthenticate', + '/admin/oauth/authorize?client_id='.Util::getShopifyConfig('api_key').'&scope=read_products%2Cwrite_products&redirect_uri=https%3A%2F%2Flocalhost%2Fauthenticate', $result->url ); $this->assertFalse($result->completed); @@ -48,7 +49,7 @@ public function testWithoutCode(): void ); $this->assertStringContainsString( - '/admin/oauth/authorize?client_id='.env('SHOPIFY_API_KEY').'&scope=read_products%2Cwrite_products&redirect_uri=https%3A%2F%2Flocalhost%2Fauthenticate', + '/admin/oauth/authorize?client_id='.Util::getShopifyConfig('api_key').'&scope=read_products%2Cwrite_products&redirect_uri=https%3A%2F%2Flocalhost%2Fauthenticate', $result->url ); $this->assertFalse($result->completed); diff --git a/tests/Http/Middleware/AuthTokenTest.php b/tests/Http/Middleware/AuthTokenTest.php index a8b770a5..b800fb2e 100644 --- a/tests/Http/Middleware/AuthTokenTest.php +++ b/tests/Http/Middleware/AuthTokenTest.php @@ -172,7 +172,7 @@ public function testDenysForValidRegexValidSignatureBadBody(): void $invalidPayload = sprintf('eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.%s', $invalidBody); - $secret = env('SHOPIFY_API_SECRET'); + $secret = Util::getShopifyConfig('api_secret'); $hmac = Util::base64UrlEncode(hash_hmac('sha256', $invalidPayload, $secret, true)); @@ -213,7 +213,7 @@ public function testDenysForExpiredToken(): void $expiredBody = Util::base64UrlEncode(json_encode([ 'iss' => 'https://shop-name.myshopify.com/admin', 'dest' => 'https://shop-name.myshopify.com', - 'aud' => env('SHOPIFY_API_KEY'), + 'aud' => Util::getShopifyConfig('api_key'), 'sub' => '123', 'exp' => $now - 60, 'nbf' => $now - 120, @@ -224,7 +224,7 @@ public function testDenysForExpiredToken(): void $payload = sprintf('eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.%s', $expiredBody); - $secret = env('SHOPIFY_API_SECRET'); + $secret = Util::getShopifyConfig('api_secret'); $hmac = Util::base64UrlEncode(hash_hmac('sha256', $payload, $secret, true)); @@ -265,7 +265,7 @@ public function testDenysForFutureToken(): void $expiredBody = Util::base64UrlEncode(json_encode([ 'iss' => 'https://shop-name.myshopify.com/admin', 'dest' => 'https://shop-name.myshopify.com', - 'aud' => env('SHOPIFY_API_KEY'), + 'aud' => Util::getShopifyConfig('api_key'), 'sub' => '123', 'exp' => $now + 60, 'nbf' => $now + 120, @@ -276,7 +276,7 @@ public function testDenysForFutureToken(): void $payload = sprintf('eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.%s', $expiredBody); - $secret = env('SHOPIFY_API_SECRET'); + $secret = Util::getShopifyConfig('api_secret'); $hmac = Util::base64UrlEncode(hash_hmac('sha256', $payload, $secret, true)); @@ -317,7 +317,7 @@ public function testDenysForInvalidUrl(): void $expiredBody = Util::base64UrlEncode(json_encode([ 'iss' => 'https://shop-name.myshopify.com/admin', 'dest' => 'https://another-name.myshopify.com', - 'aud' => env('SHOPIFY_API_KEY'), + 'aud' => Util::getShopifyConfig('api_key'), 'sub' => '123', 'exp' => $now + 60, 'nbf' => $now, @@ -328,7 +328,7 @@ public function testDenysForInvalidUrl(): void $payload = sprintf('eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.%s', $expiredBody); - $secret = env('SHOPIFY_API_SECRET'); + $secret = Util::getShopifyConfig('api_secret'); $hmac = Util::base64UrlEncode(hash_hmac('sha256', $payload, $secret, true)); @@ -380,7 +380,7 @@ public function testDenysForInvalidApiKey(): void $payload = sprintf('eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.%s', $expiredBody); - $secret = env('SHOPIFY_API_SECRET'); + $secret = Util::getShopifyConfig('api_secret'); $hmac = Util::base64UrlEncode(hash_hmac('sha256', $payload, $secret, true)); @@ -421,7 +421,7 @@ public function testRuns(): void $body = Util::base64UrlEncode(json_encode([ 'iss' => 'https://shop-name.myshopify.com/admin', 'dest' => 'https://shop-name.myshopify.com', - 'aud' => env('SHOPIFY_API_KEY'), + 'aud' => Util::getShopifyConfig('api_key'), 'sub' => '123', 'exp' => $now + 60, 'nbf' => $now, @@ -432,7 +432,7 @@ public function testRuns(): void $payload = sprintf('eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.%s', $body); - $secret = env('SHOPIFY_API_SECRET'); + $secret = Util::getShopifyConfig('api_secret'); $hmac = Util::base64UrlEncode(hash_hmac('sha256', $payload, $secret, true)); diff --git a/tests/Services/ApiHelperTest.php b/tests/Services/ApiHelperTest.php index 78564803..f2218c0a 100644 --- a/tests/Services/ApiHelperTest.php +++ b/tests/Services/ApiHelperTest.php @@ -15,6 +15,7 @@ use Osiset\ShopifyApp\Objects\Values\ChargeReference; use Osiset\ShopifyApp\Test\Stubs\Api as ApiStub; use Osiset\ShopifyApp\Test\TestCase; +use Osiset\ShopifyApp\Util; class ApiHelperTest extends TestCase { @@ -39,8 +40,8 @@ public function testMake(): void $api = $this->api->make()->getApi(); $this->assertInstanceOf(BasicShopifyAPI::class, $api); - $this->assertSame(env('SHOPIFY_API_SECRET'), $this->app['config']->get('shopify-app.api_secret')); - $this->assertSame(env('SHOPIFY_API_KEY'), $this->app['config']->get('shopify-app.api_key')); + $this->assertSame(Util::getShopifyConfig('api_secret'), $this->app['config']->get('shopify-app.api_secret')); + $this->assertSame(Util::getShopifyConfig('api_key'), $this->app['config']->get('shopify-app.api_key')); $this->assertSame($this->app['config']->get('shopify-app.api_version'), '2020-01'); } diff --git a/tests/Traits/ApiControllerTest.php b/tests/Traits/ApiControllerTest.php index c2aa1bcb..98a2b6b1 100644 --- a/tests/Traits/ApiControllerTest.php +++ b/tests/Traits/ApiControllerTest.php @@ -44,7 +44,7 @@ public function testApiWithToken(): void $body = Util::base64UrlEncode(json_encode([ 'iss' => 'https://shop-name.myshopify.com/admin', 'dest' => 'https://shop-name.myshopify.com', - 'aud' => env('SHOPIFY_API_KEY'), + 'aud' => Util::getShopifyConfig('api_key'), 'sub' => '123', 'exp' => $now + 60, 'nbf' => $now, @@ -55,7 +55,7 @@ public function testApiWithToken(): void $payload = sprintf('eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.%s', $body); - $secret = env('SHOPIFY_API_SECRET'); + $secret = Util::getShopifyConfig('api_secret'); $hmac = Util::base64UrlEncode(hash_hmac('sha256', $payload, $secret, true)); @@ -82,7 +82,7 @@ public function testApiWithTokenJson(): void $body = Util::base64UrlEncode(json_encode([ 'iss' => 'https://shop-name.myshopify.com/admin', 'dest' => 'https://shop-name.myshopify.com', - 'aud' => env('SHOPIFY_API_KEY'), + 'aud' => Util::getShopifyConfig('api_key'), 'sub' => '123', 'exp' => $now + 60, 'nbf' => $now, @@ -93,7 +93,7 @@ public function testApiWithTokenJson(): void $payload = sprintf('eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.%s', $body); - $secret = env('SHOPIFY_API_SECRET'); + $secret = Util::getShopifyConfig('api_secret'); $hmac = Util::base64UrlEncode(hash_hmac('sha256', $payload, $secret, true)); @@ -121,7 +121,7 @@ public function testApiWithExpiredToken(): void $body = Util::base64UrlEncode(json_encode([ 'iss' => 'https://shop-name.myshopify.com/admin', 'dest' => 'https://shop-name.myshopify.com', - 'aud' => env('SHOPIFY_API_KEY'), + 'aud' => Util::getShopifyConfig('api_key'), 'sub' => '123', 'exp' => $now - 120, 'nbf' => $now - 180, @@ -132,7 +132,7 @@ public function testApiWithExpiredToken(): void $payload = sprintf('eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.%s', $body); - $secret = env('SHOPIFY_API_SECRET'); + $secret = Util::getShopifyConfig('api_secret'); $hmac = Util::base64UrlEncode(hash_hmac('sha256', $payload, $secret, true)); @@ -159,7 +159,7 @@ public function testApiWithExpiredTokenJson(): void $body = Util::base64UrlEncode(json_encode([ 'iss' => 'https://shop-name.myshopify.com/admin', 'dest' => 'https://shop-name.myshopify.com', - 'aud' => env('SHOPIFY_API_KEY'), + 'aud' => Util::getShopifyConfig('api_key'), 'sub' => '123', 'exp' => $now - 120, 'nbf' => $now - 180, @@ -170,7 +170,7 @@ public function testApiWithExpiredTokenJson(): void $payload = sprintf('eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.%s', $body); - $secret = env('SHOPIFY_API_SECRET'); + $secret = Util::getShopifyConfig('api_secret'); $hmac = Util::base64UrlEncode(hash_hmac('sha256', $payload, $secret, true)); @@ -198,7 +198,7 @@ public function testApiWithMalformedToken(): void $body = Util::base64UrlEncode(json_encode([ 'iss' => 'https://shop-name.myshopify.com/admin', 'dest' => 'https://shop-name.myshopify.com', - 'aud' => env('SHOPIFY_API_KEY'), + 'aud' => Util::getShopifyConfig('api_key'), 'sub' => '123', 'exp' => $now + 60, 'nbf' => $now, @@ -208,7 +208,7 @@ public function testApiWithMalformedToken(): void $payload = sprintf('eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.%s', $body); - $secret = env('SHOPIFY_API_SECRET'); + $secret = Util::getShopifyConfig('api_secret'); $hmac = Util::base64UrlEncode(hash_hmac('sha256', $payload, $secret, true)); @@ -235,7 +235,7 @@ public function testApiWithMalformedTokenJson(): void $body = Util::base64UrlEncode(json_encode([ 'iss' => 'https://shop-name.myshopify.com/admin', 'dest' => 'https://shop-name.myshopify.com', - 'aud' => env('SHOPIFY_API_KEY'), + 'aud' => Util::getShopifyConfig('api_key'), 'sub' => '123', 'exp' => $now + 60, 'nbf' => $now, @@ -245,7 +245,7 @@ public function testApiWithMalformedTokenJson(): void $payload = sprintf('eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.%s', $body); - $secret = env('SHOPIFY_API_SECRET'); + $secret = Util::getShopifyConfig('api_secret'); $hmac = Util::base64UrlEncode(hash_hmac('sha256', $payload, $secret, true)); @@ -273,7 +273,7 @@ public function testApiWithDomainMismatch(): void $body = Util::base64UrlEncode(json_encode([ 'iss' => 'https://shop-name.myshopify.com/admin', 'dest' => 'https://another-shop-name.myshopify.com', - 'aud' => env('SHOPIFY_API_KEY'), + 'aud' => Util::getShopifyConfig('api_key'), 'sub' => '123', 'exp' => $now + 60, 'nbf' => $now, @@ -284,7 +284,7 @@ public function testApiWithDomainMismatch(): void $payload = sprintf('eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.%s', $body); - $secret = env('SHOPIFY_API_SECRET'); + $secret = Util::getShopifyConfig('api_secret'); $hmac = Util::base64UrlEncode(hash_hmac('sha256', $payload, $secret, true)); @@ -311,7 +311,7 @@ public function testApiWithDomainMismatchJson(): void $body = Util::base64UrlEncode(json_encode([ 'iss' => 'https://shop-name.myshopify.com/admin', 'dest' => 'https://another-shop-name.myshopify.com', - 'aud' => env('SHOPIFY_API_KEY'), + 'aud' => Util::getShopifyConfig('api_key'), 'sub' => '123', 'exp' => $now + 60, 'nbf' => $now, @@ -322,7 +322,7 @@ public function testApiWithDomainMismatchJson(): void $payload = sprintf('eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.%s', $body); - $secret = env('SHOPIFY_API_SECRET'); + $secret = Util::getShopifyConfig('api_secret'); $hmac = Util::base64UrlEncode(hash_hmac('sha256', $payload, $secret, true)); @@ -350,7 +350,7 @@ public function testApiWithInvalidTokenHeader(): void $body = Util::base64UrlEncode(json_encode([ 'iss' => 'https://shop-name.myshopify.com/admin', 'dest' => 'https://shop-name.myshopify.com', - 'aud' => env('SHOPIFY_API_KEY'), + 'aud' => Util::getShopifyConfig('api_key'), 'sub' => '123', 'exp' => $now + 60, 'nbf' => $now, @@ -361,7 +361,7 @@ public function testApiWithInvalidTokenHeader(): void $payload = sprintf('xxxxxx.%s', $body); - $secret = env('SHOPIFY_API_SECRET'); + $secret = Util::getShopifyConfig('api_secret'); $hmac = Util::base64UrlEncode(hash_hmac('sha256', $payload, $secret, true)); @@ -388,7 +388,7 @@ public function testApiWithInvalidTokenHeaderJson(): void $body = Util::base64UrlEncode(json_encode([ 'iss' => 'https://shop-name.myshopify.com/admin', 'dest' => 'https://shop-name.myshopify.com', - 'aud' => env('SHOPIFY_API_KEY'), + 'aud' => Util::getShopifyConfig('api_key'), 'sub' => '123', 'exp' => $now + 60, 'nbf' => $now, @@ -399,7 +399,7 @@ public function testApiWithInvalidTokenHeaderJson(): void $payload = sprintf('xxxxxx.%s', $body); - $secret = env('SHOPIFY_API_SECRET'); + $secret = Util::getShopifyConfig('api_secret'); $hmac = Util::base64UrlEncode(hash_hmac('sha256', $payload, $secret, true)); @@ -427,7 +427,7 @@ public function testApiGetSelf(): void $body = Util::base64UrlEncode(json_encode([ 'iss' => 'https://shop-name.myshopify.com/admin', 'dest' => 'https://shop-name.myshopify.com', - 'aud' => env('SHOPIFY_API_KEY'), + 'aud' => Util::getShopifyConfig('api_key'), 'sub' => '123', 'exp' => $now + 60, 'nbf' => $now, @@ -438,7 +438,7 @@ public function testApiGetSelf(): void $payload = sprintf('eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.%s', $body); - $secret = env('SHOPIFY_API_SECRET'); + $secret = Util::getShopifyConfig('api_secret'); $hmac = Util::base64UrlEncode(hash_hmac('sha256', $payload, $secret, true)); @@ -465,7 +465,7 @@ public function testApiGetPlans(): void $body = Util::base64UrlEncode(json_encode([ 'iss' => 'https://shop-name.myshopify.com/admin', 'dest' => 'https://shop-name.myshopify.com', - 'aud' => env('SHOPIFY_API_KEY'), + 'aud' => Util::getShopifyConfig('api_key'), 'sub' => '123', 'exp' => $now + 60, 'nbf' => $now, @@ -476,7 +476,7 @@ public function testApiGetPlans(): void $payload = sprintf('eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.%s', $body); - $secret = env('SHOPIFY_API_SECRET'); + $secret = Util::getShopifyConfig('api_secret'); $hmac = Util::base64UrlEncode(hash_hmac('sha256', $payload, $secret, true)); diff --git a/tests/Traits/AuthControllerTest.php b/tests/Traits/AuthControllerTest.php index 55ba75ef..6e09d127 100644 --- a/tests/Traits/AuthControllerTest.php +++ b/tests/Traits/AuthControllerTest.php @@ -33,7 +33,7 @@ public function testAuthRedirectsToShopifyWhenNoCode(): void $response->assertViewHas('shopDomain', 'example.myshopify.com'); $response->assertViewHas( 'authUrl', - 'https://example.myshopify.com/admin/oauth/authorize?client_id='.env('SHOPIFY_API_KEY').'&scope=read_products%2Cwrite_products&redirect_uri=https%3A%2F%2Flocalhost%2Fauthenticate' + 'https://example.myshopify.com/admin/oauth/authorize?client_id='.Util::getShopifyConfig('api_key').'&scope=read_products%2Cwrite_products&redirect_uri=https%3A%2F%2Flocalhost%2Fauthenticate' ); } @@ -98,7 +98,7 @@ public function testOauthRedirect(): void $response = $this->call('get', '/authenticate/oauth', ['shop' => 'example.myshopify.com']); $response->assertViewHas( 'authUrl', - 'https://example.myshopify.com/admin/oauth/authorize?client_id='.env('SHOPIFY_API_KEY').'&scope=read_products%2Cwrite_products&redirect_uri=https%3A%2F%2Flocalhost%2Fauthenticate' + 'https://example.myshopify.com/admin/oauth/authorize?client_id='.Util::getShopifyConfig('api_key').'&scope=read_products%2Cwrite_products&redirect_uri=https%3A%2F%2Flocalhost%2Fauthenticate' ); } } From e8a71ae0ec0de0a909aafc45462d40fbfcfbf019 Mon Sep 17 00:00:00 2001 From: Lucas Michot Date: Thu, 24 Jun 2021 16:23:16 +0200 Subject: [PATCH 2/2] Add missing import. --- tests/Traits/AuthControllerTest.php | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/Traits/AuthControllerTest.php b/tests/Traits/AuthControllerTest.php index 6e09d127..fbb7aa0b 100644 --- a/tests/Traits/AuthControllerTest.php +++ b/tests/Traits/AuthControllerTest.php @@ -5,6 +5,7 @@ use Osiset\ShopifyApp\Services\ShopSession; use Osiset\ShopifyApp\Test\Stubs\Api as ApiStub; use Osiset\ShopifyApp\Test\TestCase; +use Osiset\ShopifyApp\Util; class AuthControllerTest extends TestCase {