Browse Source

Validate JWT expiry (#776)

* Validate JWT expiry

* Fixing bad merge conflict from Github UI

* whitespace

Co-authored-by: dannylamb <dlamb@islandora.ca>
pull/784/head
Jared Whiklo 5 years ago committed by GitHub
parent
commit
bbcd28ccb5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 39
      src/Form/IslandoraSettingsForm.php
  2. 26
      tests/src/Functional/IslandoraSettingsFormTest.php

39
src/Form/IslandoraSettingsForm.php

@ -28,6 +28,16 @@ class IslandoraSettingsForm extends ConfigFormBase {
const GEMINI_URL = 'gemini_url'; const GEMINI_URL = 'gemini_url';
const GEMINI_PSEUDO = 'gemini_pseudo_bundles'; const GEMINI_PSEUDO = 'gemini_pseudo_bundles';
const FEDORA_URL = 'fedora_url'; const FEDORA_URL = 'fedora_url';
const TIME_INTERVALS = [
'sec',
'second',
'min',
'minute',
'hour',
'week',
'month',
'year',
];
/** /**
* To list the available bundle types. * To list the available bundle types.
@ -133,7 +143,9 @@ class IslandoraSettingsForm extends ConfigFormBase {
'#type' => 'textfield', '#type' => 'textfield',
'#title' => $this->t('JWT Expiry'), '#title' => $this->t('JWT Expiry'),
'#default_value' => $config->get(self::JWT_EXPIRY), '#default_value' => $config->get(self::JWT_EXPIRY),
'#description' => $this->t('Eg: 60, "2 days", "10h", "7d". A numeric value is interpreted as a seconds count. If you use a string be sure you provide the time units (days, hours, etc), otherwise milliseconds unit is used by default ("120" is equal to "120ms").'), '#description' => $this->t('A positive time interval expression. Eg: "60 secs", "2 days", "10 hours", "7 weeks". Be sure you provide the time units (@unit), plurals are accepted.',
['@unit' => implode(self::TIME_INTERVALS, ", ")]
),
]; ];
$form[self::GEMINI_URL] = [ $form[self::GEMINI_URL] = [
@ -219,7 +231,8 @@ class IslandoraSettingsForm extends ConfigFormBase {
} }
// Validate jwt expiry as a valid time string. // Validate jwt expiry as a valid time string.
$expiry = $form_state->getValue(self::JWT_EXPIRY); $expiry = trim($form_state->getValue(self::JWT_EXPIRY));
$expiry = strtolower($expiry);
if (strtotime($expiry) === FALSE) { if (strtotime($expiry) === FALSE) {
$form_state->setErrorByName( $form_state->setErrorByName(
self::JWT_EXPIRY, self::JWT_EXPIRY,
@ -229,6 +242,28 @@ class IslandoraSettingsForm extends ConfigFormBase {
) )
); );
} }
elseif (substr($expiry, 0, 1) == "-") {
$form_state->setErrorByName(
self::JWT_EXPIRY,
$this->t('Time or interval expression cannot be negative')
);
}
elseif (intval($expiry) === 0) {
$form_state->setErrorByName(
self::JWT_EXPIRY,
$this->t('No numeric interval specified, for example "1 day"')
);
}
else {
if (!preg_match("/\b(" . implode(self::TIME_INTERVALS, "|") . ")s?\b/", $expiry)) {
$form_state->setErrorByName(
self::JWT_EXPIRY,
$this->t("No time interval found, please include one of (@int). Plurals are also accepted.",
['@int' => implode(self::TIME_INTERVALS, ", ")]
)
);
}
}
// Needed for the elseif below. // Needed for the elseif below.
$pseudo_types = array_filter($form_state->getValue(self::GEMINI_PSEUDO)); $pseudo_types = array_filter($form_state->getValue(self::GEMINI_PSEUDO));

26
tests/src/Functional/IslandoraSettingsFormTest.php

@ -58,4 +58,30 @@ class IslandoraSettingsFormTest extends IslandoraFunctionalTestBase {
} }
/**
* Test form validation for JWT expiry.
*/
public function testJwtExpiry() {
$this->drupalGet('/admin/config/islandora/core');
$this->assertSession()->statusCodeEquals(200);
$this->assertSession()->pageTextContains("JWT Expiry");
$this->assertSession()->fieldValueEquals('edit-jwt-expiry', '+2 hour');
// Blank is not allowed.
$this->drupalPostForm('/admin/config/islandora/core', ['edit-jwt-expiry' => ""], t('Save configuration'));
$this->assertSession()->pageTextContainsOnce('"" is not a valid time or interval expression.');
// Negative is not allowed.
$this->drupalPostForm('/admin/config/islandora/core', ['edit-jwt-expiry' => "-2 hours"], t('Save configuration'));
$this->assertSession()->pageTextContainsOnce('Time or interval expression cannot be negative');
// Must include an integer value.
$this->drupalPostForm('/admin/config/islandora/core', ['edit-jwt-expiry' => "last hour"], t('Save configuration'));
$this->assertSession()->pageTextContainsOnce('No numeric interval specified, for example "1 day"');
// Must have an accepted interval.
$this->drupalPostForm('/admin/config/islandora/core', ['edit-jwt-expiry' => "1 fortnight"], t('Save configuration'));
$this->assertSession()->pageTextContainsOnce('No time interval found, please include one of');
// Test a valid setting.
$this->drupalPostForm('/admin/config/islandora/core', ['edit-jwt-expiry' => "2 weeks"], t('Save configuration'));
$this->assertSession()->pageTextContainsOnce('The configuration options have been saved.');
}
} }

Loading…
Cancel
Save