From 09ef067243d36c7633c27e1c5504c11b507fa041 Mon Sep 17 00:00:00 2001 From: mohammad-alavi Date: Wed, 29 Sep 2021 18:18:06 +0330 Subject: [PATCH] better status code: on invalid credentials return 422 instead of 400 now. added tests --- .../Exceptions/LoginFailedException.php | 2 +- .../Tasks/CallOAuthServerTask.php | 2 +- .../ApiLoginProxyForWebClientTest.php | 21 +++++++++++++------ 3 files changed, 17 insertions(+), 8 deletions(-) diff --git a/app/Containers/AppSection/Authentication/Exceptions/LoginFailedException.php b/app/Containers/AppSection/Authentication/Exceptions/LoginFailedException.php index b47a87a16..4bf01b629 100644 --- a/app/Containers/AppSection/Authentication/Exceptions/LoginFailedException.php +++ b/app/Containers/AppSection/Authentication/Exceptions/LoginFailedException.php @@ -7,6 +7,6 @@ class LoginFailedException extends Exception { - protected $code = Response::HTTP_BAD_REQUEST; + protected $code = Response::HTTP_UNPROCESSABLE_ENTITY; protected $message = 'An Exception happened during the Login Process.'; } diff --git a/app/Containers/AppSection/Authentication/Tasks/CallOAuthServerTask.php b/app/Containers/AppSection/Authentication/Tasks/CallOAuthServerTask.php index bbe14cd87..97a6b9aad 100644 --- a/app/Containers/AppSection/Authentication/Tasks/CallOAuthServerTask.php +++ b/app/Containers/AppSection/Authentication/Tasks/CallOAuthServerTask.php @@ -30,7 +30,7 @@ public function run(array $data, string $languageHeader = null): float|object|in // If the internal request to the oauth token endpoint was not successful we throw an exception if (!$response->isSuccessful()) { - throw new LoginFailedException($content['message'], $response->getStatusCode()); + throw new LoginFailedException($content['message']); } return $content; diff --git a/app/Containers/AppSection/Authentication/UI/API/Tests/Functional/ApiLoginProxyForWebClientTest.php b/app/Containers/AppSection/Authentication/UI/API/Tests/Functional/ApiLoginProxyForWebClientTest.php index 5727ab087..3f388963e 100644 --- a/app/Containers/AppSection/Authentication/UI/API/Tests/Functional/ApiLoginProxyForWebClientTest.php +++ b/app/Containers/AppSection/Authentication/UI/API/Tests/Functional/ApiLoginProxyForWebClientTest.php @@ -21,8 +21,7 @@ public function testClientWebAdminProxyLogin(): void 'email' => 'testing@mail.com', 'password' => 'testingpass', ]; - $user = $this->getTestingUser($data); - $this->actingAs($user, 'web'); + $this->getTestingUser($data); $response = $this->makeCall($data); @@ -40,8 +39,7 @@ public function testClientWebAdminProxyUnconfirmedLogin(): void 'password' => 'testingpass', 'email_verified_at' => null, ]; - $user = $this->getTestingUser($data); - $this->actingAs($user, 'web'); + $this->getTestingUser($data); $response = $this->makeCall($data); @@ -59,8 +57,7 @@ public function testLoginWithNameAttribute(): void 'password' => 'testingpass', 'name' => 'username', ]; - $user = $this->getTestingUser($data); - $this->actingAs($user, 'web'); + $this->getTestingUser($data); $this->setLoginAttributes([ 'email' => [], 'name' => [], @@ -117,4 +114,16 @@ public function testGivenMultipleLoginAttributeIsSetThenAtLeastOneShouldBeRequir 'name' => 'The name field is required when none of email are present.', ]); } + + public function testGivenWrongCredential_Throw422(): void + { + $data = [ + 'email' => 'none@existing.mail', + 'password' => 'some-unbelievable-password', + ]; + + $response = $this->makeCall($data); + + $response->assertStatus(422); + } }