2025-02-11 09:02:20 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
namespace Tests\Unit\Auth;
|
|
|
|
|
|
|
|
|
|
use Ahc\Jwt\JWT;
|
|
|
|
|
use Appwrite\Auth\Auth;
|
|
|
|
|
use Appwrite\Auth\Key;
|
|
|
|
|
use PHPUnit\Framework\TestCase;
|
|
|
|
|
use Utopia\Config\Config;
|
|
|
|
|
use Utopia\Database\Document;
|
|
|
|
|
use Utopia\System\System;
|
|
|
|
|
|
|
|
|
|
class KeyTest extends TestCase
|
|
|
|
|
{
|
|
|
|
|
public function testDecode(): void
|
|
|
|
|
{
|
|
|
|
|
$projectId = 'test';
|
|
|
|
|
$usage = false;
|
|
|
|
|
$scopes = [
|
|
|
|
|
'databases.read',
|
|
|
|
|
'collections.read',
|
|
|
|
|
'documents.read',
|
|
|
|
|
];
|
|
|
|
|
$roleScopes = Config::getParam('roles', [])[Auth::USER_ROLE_APPS]['scopes'];
|
|
|
|
|
|
|
|
|
|
$key = static::generateKey($projectId, $usage, $scopes);
|
|
|
|
|
$project = new Document(['$id' => $projectId,]);
|
|
|
|
|
$decoded = Key::decode($project, $key);
|
|
|
|
|
|
|
|
|
|
$this->assertEquals($projectId, $decoded->getProjectId());
|
|
|
|
|
$this->assertEquals(API_KEY_DYNAMIC, $decoded->getType());
|
|
|
|
|
$this->assertEquals(Auth::USER_ROLE_APPS, $decoded->getRole());
|
|
|
|
|
$this->assertEquals(\array_merge($scopes, $roleScopes), $decoded->getScopes());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private static function generateKey(
|
|
|
|
|
string $projectId,
|
|
|
|
|
bool $usage,
|
|
|
|
|
array $scopes,
|
2025-02-11 09:04:52 +00:00
|
|
|
): string {
|
2025-02-11 09:02:20 +00:00
|
|
|
$jwt = new JWT(
|
|
|
|
|
key: System::getEnv('_APP_OPENSSL_KEY_V1'),
|
|
|
|
|
algo: 'HS256',
|
|
|
|
|
maxAge: 86400,
|
|
|
|
|
leeway: 0,
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
$apiKey = $jwt->encode([
|
|
|
|
|
'projectId' => $projectId,
|
|
|
|
|
'usage' => $usage,
|
|
|
|
|
'scopes' => $scopes,
|
|
|
|
|
]);
|
|
|
|
|
|
|
|
|
|
return API_KEY_DYNAMIC . '_' . $apiKey;
|
|
|
|
|
}
|
2025-02-11 09:04:52 +00:00
|
|
|
}
|
