Validate JWT expiry (#776)

* Validate JWT expiry * Fixing bad merge conflict from Github UI * whitespace Co-authored-by: dannylamb <dlamb@islandora.ca>
4 years ago · bbcd28ccb5
2 changed files with 63 additions and 2 deletions
--- a/src/Form/IslandoraSettingsForm.php
+++ b/src/Form/IslandoraSettingsForm.php
@ -28,6 +28,16 @@ class IslandoraSettingsForm extends ConfigFormBase {
  const GEMINI_URL = 'gemini_url';
  const GEMINI_PSEUDO = 'gemini_pseudo_bundles';
  const FEDORA_URL = 'fedora_url';
+  const TIME_INTERVALS = [
+    'sec',
+    'second',
+    'min',
+    'minute',
+    'hour',
+    'week',
+    'month',
+    'year',
+  ];

  /**
   * To list the available bundle types.
@ -133,7 +143,9 @@ class IslandoraSettingsForm extends ConfigFormBase {
      '#type' => 'textfield',
      '#title' => $this->t('JWT Expiry'),
      '#default_value' => $config->get(self::JWT_EXPIRY),
-      '#description' => $this->t('Eg: 60, "2 days", "10h", "7d". A numeric value is interpreted as a seconds count. If you use a string be sure you provide the time units (days, hours, etc), otherwise milliseconds unit is used by default ("120" is equal to "120ms").'),
+      '#description' => $this->t('A positive time interval expression. Eg: "60 secs", "2 days", "10 hours", "7 weeks". Be sure you provide the time units (@unit), plurals are accepted.',
+        ['@unit' => implode(self::TIME_INTERVALS, ", ")]
+      ),
    ];

    $form[self::GEMINI_URL] = [
@ -219,7 +231,8 @@ class IslandoraSettingsForm extends ConfigFormBase {
    }

    // Validate jwt expiry as a valid time string.
-    $expiry = $form_state->getValue(self::JWT_EXPIRY);
+    $expiry = trim($form_state->getValue(self::JWT_EXPIRY));
+    $expiry = strtolower($expiry);
    if (strtotime($expiry) === FALSE) {
      $form_state->setErrorByName(
        self::JWT_EXPIRY,
@ -229,6 +242,28 @@ class IslandoraSettingsForm extends ConfigFormBase {
        )
      );
    }
+    elseif (substr($expiry, 0, 1) == "-") {
+      $form_state->setErrorByName(
+        self::JWT_EXPIRY,
+        $this->t('Time or interval expression cannot be negative')
+          );
+    }
+    elseif (intval($expiry) === 0) {
+      $form_state->setErrorByName(
+        self::JWT_EXPIRY,
+        $this->t('No numeric interval specified, for example "1 day"')
+          );
+    }
+    else {
+      if (!preg_match("/\b(" . implode(self::TIME_INTERVALS, "|") . ")s?\b/", $expiry)) {
+        $form_state->setErrorByName(
+          self::JWT_EXPIRY,
+          $this->t("No time interval found, please include one of (@int). Plurals are also accepted.",
+            ['@int' => implode(self::TIME_INTERVALS, ", ")]
+          )
+        );
+      }
+    }

    // Needed for the elseif below.
    $pseudo_types = array_filter($form_state->getValue(self::GEMINI_PSEUDO));
--- a/tests/src/Functional/IslandoraSettingsFormTest.php
+++ b/tests/src/Functional/IslandoraSettingsFormTest.php
@ -58,4 +58,30 @@ class IslandoraSettingsFormTest extends IslandoraFunctionalTestBase {

  }

+  /**
+   * Test form validation for JWT expiry.
+   */
+  public function testJwtExpiry() {
+    $this->drupalGet('/admin/config/islandora/core');
+    $this->assertSession()->statusCodeEquals(200);
+    $this->assertSession()->pageTextContains("JWT Expiry");
+    $this->assertSession()->fieldValueEquals('edit-jwt-expiry', '+2 hour');
+    // Blank is not allowed.
+    $this->drupalPostForm('/admin/config/islandora/core', ['edit-jwt-expiry' => ""], t('Save configuration'));
+    $this->assertSession()->pageTextContainsOnce('"" is not a valid time or interval expression.');
+    // Negative is not allowed.
+    $this->drupalPostForm('/admin/config/islandora/core', ['edit-jwt-expiry' => "-2 hours"], t('Save configuration'));
+    $this->assertSession()->pageTextContainsOnce('Time or interval expression cannot be negative');
+    // Must include an integer value.
+    $this->drupalPostForm('/admin/config/islandora/core', ['edit-jwt-expiry' => "last hour"], t('Save configuration'));
+    $this->assertSession()->pageTextContainsOnce('No numeric interval specified, for example "1 day"');
+    // Must have an accepted interval.
+    $this->drupalPostForm('/admin/config/islandora/core', ['edit-jwt-expiry' => "1 fortnight"], t('Save configuration'));
+    $this->assertSession()->pageTextContainsOnce('No time interval found, please include one of');
+    // Test a valid setting.
+    $this->drupalPostForm('/admin/config/islandora/core', ['edit-jwt-expiry' => "2 weeks"], t('Save configuration'));
+    $this->assertSession()->pageTextContainsOnce('The configuration options have been saved.');
+
+  }
+
 }