Browse Source

Validate JWT expiry (#776)

* Validate JWT expiry

* Fixing bad merge conflict from Github UI

* whitespace

Co-authored-by: dannylamb <dlamb@islandora.ca>
pull/784/head
Jared Whiklo 5 years ago committed by GitHub
parent
commit
bbcd28ccb5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 39
      src/Form/IslandoraSettingsForm.php
  2. 26
      tests/src/Functional/IslandoraSettingsFormTest.php

39
src/Form/IslandoraSettingsForm.php

@ -28,6 +28,16 @@ class IslandoraSettingsForm extends ConfigFormBase {
const GEMINI_URL = 'gemini_url';
const GEMINI_PSEUDO = 'gemini_pseudo_bundles';
const FEDORA_URL = 'fedora_url';
const TIME_INTERVALS = [
'sec',
'second',
'min',
'minute',
'hour',
'week',
'month',
'year',
];
/**
* To list the available bundle types.
@ -133,7 +143,9 @@ class IslandoraSettingsForm extends ConfigFormBase {
'#type' => 'textfield',
'#title' => $this->t('JWT Expiry'),
'#default_value' => $config->get(self::JWT_EXPIRY),
'#description' => $this->t('Eg: 60, "2 days", "10h", "7d". A numeric value is interpreted as a seconds count. If you use a string be sure you provide the time units (days, hours, etc), otherwise milliseconds unit is used by default ("120" is equal to "120ms").'),
'#description' => $this->t('A positive time interval expression. Eg: "60 secs", "2 days", "10 hours", "7 weeks". Be sure you provide the time units (@unit), plurals are accepted.',
['@unit' => implode(self::TIME_INTERVALS, ", ")]
),
];
$form[self::GEMINI_URL] = [
@ -219,7 +231,8 @@ class IslandoraSettingsForm extends ConfigFormBase {
}
// Validate jwt expiry as a valid time string.
$expiry = $form_state->getValue(self::JWT_EXPIRY);
$expiry = trim($form_state->getValue(self::JWT_EXPIRY));
$expiry = strtolower($expiry);
if (strtotime($expiry) === FALSE) {
$form_state->setErrorByName(
self::JWT_EXPIRY,
@ -229,6 +242,28 @@ class IslandoraSettingsForm extends ConfigFormBase {
)
);
}
elseif (substr($expiry, 0, 1) == "-") {
$form_state->setErrorByName(
self::JWT_EXPIRY,
$this->t('Time or interval expression cannot be negative')
);
}
elseif (intval($expiry) === 0) {
$form_state->setErrorByName(
self::JWT_EXPIRY,
$this->t('No numeric interval specified, for example "1 day"')
);
}
else {
if (!preg_match("/\b(" . implode(self::TIME_INTERVALS, "|") . ")s?\b/", $expiry)) {
$form_state->setErrorByName(
self::JWT_EXPIRY,
$this->t("No time interval found, please include one of (@int). Plurals are also accepted.",
['@int' => implode(self::TIME_INTERVALS, ", ")]
)
);
}
}
// Needed for the elseif below.
$pseudo_types = array_filter($form_state->getValue(self::GEMINI_PSEUDO));

26
tests/src/Functional/IslandoraSettingsFormTest.php

@ -58,4 +58,30 @@ class IslandoraSettingsFormTest extends IslandoraFunctionalTestBase {
}
/**
* Test form validation for JWT expiry.
*/
public function testJwtExpiry() {
$this->drupalGet('/admin/config/islandora/core');
$this->assertSession()->statusCodeEquals(200);
$this->assertSession()->pageTextContains("JWT Expiry");
$this->assertSession()->fieldValueEquals('edit-jwt-expiry', '+2 hour');
// Blank is not allowed.
$this->drupalPostForm('/admin/config/islandora/core', ['edit-jwt-expiry' => ""], t('Save configuration'));
$this->assertSession()->pageTextContainsOnce('"" is not a valid time or interval expression.');
// Negative is not allowed.
$this->drupalPostForm('/admin/config/islandora/core', ['edit-jwt-expiry' => "-2 hours"], t('Save configuration'));
$this->assertSession()->pageTextContainsOnce('Time or interval expression cannot be negative');
// Must include an integer value.
$this->drupalPostForm('/admin/config/islandora/core', ['edit-jwt-expiry' => "last hour"], t('Save configuration'));
$this->assertSession()->pageTextContainsOnce('No numeric interval specified, for example "1 day"');
// Must have an accepted interval.
$this->drupalPostForm('/admin/config/islandora/core', ['edit-jwt-expiry' => "1 fortnight"], t('Save configuration'));
$this->assertSession()->pageTextContainsOnce('No time interval found, please include one of');
// Test a valid setting.
$this->drupalPostForm('/admin/config/islandora/core', ['edit-jwt-expiry' => "2 weeks"], t('Save configuration'));
$this->assertSession()->pageTextContainsOnce('The configuration options have been saved.');
}
}

Loading…
Cancel
Save