add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks - Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists - Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services - Add Microsoft OIDC SSO, API token management, and user lifecycle features - Add swagger-ui vendor integration and OpenAPI spec - Add production Docker setup and bin/ scripts - Update composer dependencies, config, templates, and frontend assets throughout Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
69
tests/Http/ApiAuthTest.php
Normal file
69
tests/Http/ApiAuthTest.php
Normal file
@@ -0,0 +1,69 @@
|
||||
<?php
|
||||
|
||||
namespace MintyPHP\Tests\Http;
|
||||
|
||||
use MintyPHP\Http\ApiAuth;
|
||||
use PHPUnit\Framework\TestCase;
|
||||
|
||||
class ApiAuthTest extends TestCase
|
||||
{
|
||||
private array $serverBackup = [];
|
||||
|
||||
protected function setUp(): void
|
||||
{
|
||||
$this->serverBackup = $_SERVER;
|
||||
}
|
||||
|
||||
protected function tearDown(): void
|
||||
{
|
||||
$_SERVER = $this->serverBackup;
|
||||
}
|
||||
|
||||
public function testExtractsValidBearerToken(): void
|
||||
{
|
||||
$_SERVER['HTTP_AUTHORIZATION'] = 'Bearer abc123def456';
|
||||
unset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']);
|
||||
$this->assertSame('abc123def456', ApiAuth::extractBearerToken());
|
||||
}
|
||||
|
||||
public function testReturnsEmptyStringWhenNoHeader(): void
|
||||
{
|
||||
unset($_SERVER['HTTP_AUTHORIZATION'], $_SERVER['REDIRECT_HTTP_AUTHORIZATION']);
|
||||
$this->assertSame('', ApiAuth::extractBearerToken());
|
||||
}
|
||||
|
||||
public function testReturnsEmptyStringForNonBearerScheme(): void
|
||||
{
|
||||
$_SERVER['HTTP_AUTHORIZATION'] = 'Basic dXNlcjpwYXNz';
|
||||
unset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']);
|
||||
$this->assertSame('', ApiAuth::extractBearerToken());
|
||||
}
|
||||
|
||||
public function testReturnsEmptyStringForBearerWithNoToken(): void
|
||||
{
|
||||
$_SERVER['HTTP_AUTHORIZATION'] = 'Bearer ';
|
||||
unset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']);
|
||||
$this->assertSame('', ApiAuth::extractBearerToken());
|
||||
}
|
||||
|
||||
public function testFallsBackToRedirectHeader(): void
|
||||
{
|
||||
unset($_SERVER['HTTP_AUTHORIZATION']);
|
||||
$_SERVER['REDIRECT_HTTP_AUTHORIZATION'] = 'Bearer fallback_token';
|
||||
$this->assertSame('fallback_token', ApiAuth::extractBearerToken());
|
||||
}
|
||||
|
||||
public function testIsCaseInsensitiveForBearerScheme(): void
|
||||
{
|
||||
$_SERVER['HTTP_AUTHORIZATION'] = 'bearer lowercase_token';
|
||||
unset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']);
|
||||
$this->assertSame('lowercase_token', ApiAuth::extractBearerToken());
|
||||
}
|
||||
|
||||
public function testTrimsWhitespaceFromToken(): void
|
||||
{
|
||||
$_SERVER['HTTP_AUTHORIZATION'] = 'Bearer token_with_spaces ';
|
||||
unset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']);
|
||||
$this->assertSame('token_with_spaces', ApiAuth::extractBearerToken());
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user