add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks - Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists - Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services - Add Microsoft OIDC SSO, API token management, and user lifecycle features - Add swagger-ui vendor integration and OpenAPI spec - Add production Docker setup and bin/ scripts - Update composer dependencies, config, templates, and frontend assets throughout Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
BIN
tests/.DS_Store
vendored
BIN
tests/.DS_Store
vendored
Binary file not shown.
69
tests/Http/ApiAuthTest.php
Normal file
69
tests/Http/ApiAuthTest.php
Normal file
@@ -0,0 +1,69 @@
|
||||
<?php
|
||||
|
||||
namespace MintyPHP\Tests\Http;
|
||||
|
||||
use MintyPHP\Http\ApiAuth;
|
||||
use PHPUnit\Framework\TestCase;
|
||||
|
||||
class ApiAuthTest extends TestCase
|
||||
{
|
||||
private array $serverBackup = [];
|
||||
|
||||
protected function setUp(): void
|
||||
{
|
||||
$this->serverBackup = $_SERVER;
|
||||
}
|
||||
|
||||
protected function tearDown(): void
|
||||
{
|
||||
$_SERVER = $this->serverBackup;
|
||||
}
|
||||
|
||||
public function testExtractsValidBearerToken(): void
|
||||
{
|
||||
$_SERVER['HTTP_AUTHORIZATION'] = 'Bearer abc123def456';
|
||||
unset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']);
|
||||
$this->assertSame('abc123def456', ApiAuth::extractBearerToken());
|
||||
}
|
||||
|
||||
public function testReturnsEmptyStringWhenNoHeader(): void
|
||||
{
|
||||
unset($_SERVER['HTTP_AUTHORIZATION'], $_SERVER['REDIRECT_HTTP_AUTHORIZATION']);
|
||||
$this->assertSame('', ApiAuth::extractBearerToken());
|
||||
}
|
||||
|
||||
public function testReturnsEmptyStringForNonBearerScheme(): void
|
||||
{
|
||||
$_SERVER['HTTP_AUTHORIZATION'] = 'Basic dXNlcjpwYXNz';
|
||||
unset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']);
|
||||
$this->assertSame('', ApiAuth::extractBearerToken());
|
||||
}
|
||||
|
||||
public function testReturnsEmptyStringForBearerWithNoToken(): void
|
||||
{
|
||||
$_SERVER['HTTP_AUTHORIZATION'] = 'Bearer ';
|
||||
unset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']);
|
||||
$this->assertSame('', ApiAuth::extractBearerToken());
|
||||
}
|
||||
|
||||
public function testFallsBackToRedirectHeader(): void
|
||||
{
|
||||
unset($_SERVER['HTTP_AUTHORIZATION']);
|
||||
$_SERVER['REDIRECT_HTTP_AUTHORIZATION'] = 'Bearer fallback_token';
|
||||
$this->assertSame('fallback_token', ApiAuth::extractBearerToken());
|
||||
}
|
||||
|
||||
public function testIsCaseInsensitiveForBearerScheme(): void
|
||||
{
|
||||
$_SERVER['HTTP_AUTHORIZATION'] = 'bearer lowercase_token';
|
||||
unset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']);
|
||||
$this->assertSame('lowercase_token', ApiAuth::extractBearerToken());
|
||||
}
|
||||
|
||||
public function testTrimsWhitespaceFromToken(): void
|
||||
{
|
||||
$_SERVER['HTTP_AUTHORIZATION'] = 'Bearer token_with_spaces ';
|
||||
unset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']);
|
||||
$this->assertSame('token_with_spaces', ApiAuth::extractBearerToken());
|
||||
}
|
||||
}
|
||||
@@ -45,7 +45,7 @@ class RepoQueryTest extends TestCase
|
||||
$this->assertSame([], $params);
|
||||
|
||||
RepoQuery::addLikeFilter($where, $params, ['a', 'b'], 'foo');
|
||||
$this->assertSame(['(a like ? or b like ?)'], $where);
|
||||
$this->assertSame(["(a like ? escape '\\\\' or b like ? escape '\\\\')"], $where);
|
||||
$this->assertSame(['%foo%', '%foo%'], $params);
|
||||
}
|
||||
|
||||
|
||||
@@ -1,49 +1,33 @@
|
||||
<?php
|
||||
namespace MintyPHP\Service;
|
||||
|
||||
if (!function_exists(__NAMESPACE__ . '\\t')) {
|
||||
function t($string, ...$arguments)
|
||||
{
|
||||
$string = (string) $string;
|
||||
return $arguments ? sprintf($string, ...$arguments) : $string;
|
||||
}
|
||||
}
|
||||
|
||||
namespace MintyPHP\Tests\Service;
|
||||
|
||||
use MintyPHP\Service\User\UserService;
|
||||
use PHPUnit\Framework\TestCase;
|
||||
use ReflectionMethod;
|
||||
|
||||
class UserServicePasswordTest extends TestCase
|
||||
{
|
||||
private function validate(string $password, string $password2, bool $required, ?string $email = null): array
|
||||
{
|
||||
$method = new ReflectionMethod(UserService::class, 'validatePasswordStrength');
|
||||
return $method->invoke(null, $password, $password2, $required, $email);
|
||||
}
|
||||
|
||||
public function testRequiresPasswordWhenRequired(): void
|
||||
{
|
||||
$errors = $this->validate('', '', true, 'test@example.com');
|
||||
$errors = UserService::validatePassword('', '', true, 'test@example.com');
|
||||
$this->assertNotEmpty($errors);
|
||||
}
|
||||
|
||||
public function testRejectsMismatch(): void
|
||||
{
|
||||
$errors = $this->validate('Abcd1234$efg', 'Abcd1234$xxx', true, 'test@example.com');
|
||||
$errors = UserService::validatePassword('Abcd1234$efg', 'Abcd1234$xxx', true, 'test@example.com');
|
||||
$this->assertNotEmpty($errors);
|
||||
}
|
||||
|
||||
public function testAcceptsStrongPassword(): void
|
||||
{
|
||||
$errors = $this->validate('StrongPass1!', 'StrongPass1!', true, 'test@example.com');
|
||||
$errors = UserService::validatePassword('StrongPass1!', 'StrongPass1!', true, 'test@example.com');
|
||||
$this->assertSame([], $errors);
|
||||
}
|
||||
|
||||
public function testRejectsPasswordContainingEmail(): void
|
||||
{
|
||||
$errors = $this->validate('test@example.comA1!', 'test@example.comA1!', true, 'test@example.com');
|
||||
$errors = UserService::validatePassword('test@example.comA1!', 'test@example.comA1!', true, 'test@example.com');
|
||||
$this->assertNotEmpty($errors);
|
||||
}
|
||||
}
|
||||
|
||||
4
tests/bootstrap.php
Normal file
4
tests/bootstrap.php
Normal file
@@ -0,0 +1,4 @@
|
||||
<?php
|
||||
|
||||
require __DIR__ . '/../vendor/autoload.php';
|
||||
require __DIR__ . '/../lib/Support/helpers.php';
|
||||
Reference in New Issue
Block a user