refactor: move $authenticatorHeader and $unusedTokenLifetime to Config\AuthToken

kenjis · kenjis · commit 75cf64d4db7e · 2023-09-24T12:41:58.000+09:00
diff --git a/src/Authentication/Authenticators/AccessTokens.php b/src/Authentication/Authenticators/AccessTokens.php
@@ -124,7 +124,7 @@ public function check(array $credentials): Result
         if (! array_key_exists('token', $credentials) || empty($credentials['token'])) {
             return new Result([
                 'success' => false,
-                'reason'  => lang('Auth.noToken', [config('Auth')->authenticatorHeader['tokens']]),
+                'reason'  => lang('Auth.noToken', [config('AuthToken')->authenticatorHeader['tokens']]),
             ]);
         }
 
@@ -149,7 +149,9 @@ public function check(array $credentials): Result
         // Hasn't been used in a long time
         if (
             $token->last_used_at
-            && $token->last_used_at->isBefore(Time::now()->subSeconds(config('Auth')->unusedTokenLifetime))
+            && $token->last_used_at->isBefore(
+                Time::now()->subSeconds(config('AuthToken')->unusedTokenLifetime)
+            )
         ) {
             return new Result([
                 'success' => false,
@@ -188,7 +190,7 @@ public function loggedIn(): bool
         $request = service('request');
 
         return $this->attempt([
-            'token' => $request->getHeaderLine(config('Auth')->authenticatorHeader['tokens']),
+            'token' => $request->getHeaderLine(config('AuthToken')->authenticatorHeader['tokens']),
         ])->isOK();
     }
 
@@ -246,7 +248,7 @@ public function getBearerToken(): ?string
         /** @var IncomingRequest $request */
         $request = service('request');
 
-        $header = $request->getHeaderLine(config('Auth')->authenticatorHeader['tokens']);
+        $header = $request->getHeaderLine(config('AuthToken')->authenticatorHeader['tokens']);
 
         if (empty($header)) {
             return null;
diff --git a/src/Authentication/Authenticators/HmacSha256.php b/src/Authentication/Authenticators/HmacSha256.php
@@ -124,7 +124,7 @@ public function check(array $credentials): Result
         if (! array_key_exists('token', $credentials) || $credentials['token'] === '') {
             return new Result([
                 'success' => false,
-                'reason'  => lang('Auth.noToken', [config('Auth')->authenticatorHeader['hmac']]),
+                'reason'  => lang('Auth.noToken', [config('AuthToken')->authenticatorHeader['hmac']]),
             ]);
         }
 
@@ -161,7 +161,9 @@ public function check(array $credentials): Result
         // Hasn't been used in a long time
         if (
             isset($token->last_used_at)
-            && $token->last_used_at->isBefore(Time::now()->subSeconds(config('Auth')->unusedTokenLifetime))
+            && $token->last_used_at->isBefore(
+                Time::now()->subSeconds(config('AuthToken')->unusedTokenLifetime)
+            )
         ) {
             return new Result([
                 'success' => false,
@@ -200,7 +202,7 @@ public function loggedIn(): bool
         $request = service('request');
 
         return $this->attempt([
-            'token' => $request->getHeaderLine(config('Auth')->authenticatorHeader['hmac']),
+            'token' => $request->getHeaderLine(config('AuthToken')->authenticatorHeader['hmac']),
         ])->isOK();
     }
 
@@ -260,7 +262,7 @@ public function getFullHmacToken(): ?string
         /** @var IncomingRequest $request */
         $request = service('request');
 
-        $header = $request->getHeaderLine(config('Auth')->authenticatorHeader['hmac']);
+        $header = $request->getHeaderLine(config('AuthToken')->authenticatorHeader['hmac']);
 
         if ($header === '') {
             return null;
diff --git a/src/Config/Auth.php b/src/Config/Auth.php
@@ -146,6 +146,8 @@ class Auth extends BaseConfig
      * The name of Header that the Authorization token should be found.
      * According to the specs, this should be `Authorization`, but rare
      * circumstances might need a different header.
+     *
+     * @deprecated Moved to AuthToken. No longer used.
      */
     public array $authenticatorHeader = [
         'tokens' => 'Authorization',
@@ -158,6 +160,8 @@ class Auth extends BaseConfig
      * --------------------------------------------------------------------
      * Determines the amount of time, in seconds, that an unused
      * access token can be used.
+     *
+     * @deprecated Moved to AuthToken. No longer used.
      */
     public int $unusedTokenLifetime = YEAR;
 
diff --git a/src/Config/AuthToken.php b/src/Config/AuthToken.php
@@ -24,6 +24,28 @@ class AuthToken extends BaseConfig
      */
     public int $recordLoginAttempt = Auth::RECORD_LOGIN_ATTEMPT_FAILURE;
 
+    /**
+     * --------------------------------------------------------------------
+     * Name of Authenticator Header
+     * --------------------------------------------------------------------
+     * The name of Header that the Authorization token should be found.
+     * According to the specs, this should be `Authorization`, but rare
+     * circumstances might need a different header.
+     */
+    public array $authenticatorHeader = [
+        'tokens' => 'Authorization',
+        'hmac'   => 'Authorization',
+    ];
+
+    /**
+     * --------------------------------------------------------------------
+     * Unused Token Lifetime
+     * --------------------------------------------------------------------
+     * Determines the amount of time, in seconds, that an unused token can
+     * be used.
+     */
+    public int $unusedTokenLifetime = YEAR;
+
     /**
      * --------------------------------------------------------------------
      * HMAC secret key byte size
diff --git a/tests/Authentication/Authenticators/AccessTokenAuthenticatorTest.php b/tests/Authentication/Authenticators/AccessTokenAuthenticatorTest.php
@@ -110,7 +110,7 @@ public function testCheckNoToken(): void
         $result = $this->auth->check([]);
 
         $this->assertFalse($result->isOK());
-        $this->assertSame(lang('Auth.noToken', [config('Auth')->authenticatorHeader['tokens']]), $result->reason());
+        $this->assertSame(lang('Auth.noToken', [config('AuthToken')->authenticatorHeader['tokens']]), $result->reason());
     }
 
     public function testCheckBadToken(): void
diff --git a/tests/Authentication/Authenticators/HmacAuthenticatorTest.php b/tests/Authentication/Authenticators/HmacAuthenticatorTest.php
@@ -131,7 +131,7 @@ public function testCheckNoToken(): void
         $result = $this->auth->check([]);
 
         $this->assertFalse($result->isOK());
-        $this->assertSame(lang('Auth.noToken', [config('Auth')->authenticatorHeader['hmac']]), $result->reason());
+        $this->assertSame(lang('Auth.noToken', [config('AuthToken')->authenticatorHeader['hmac']]), $result->reason());
     }
 
     public function testCheckBadSignature(): void

Original file line number	Diff line number	Diff line change
`@@ -110,7 +110,7 @@ public function testCheckNoToken(): void`
`110`	`110`	`$result = $this->auth->check([]);`
`111`	`111`
`112`	`112`	`$this->assertFalse($result->isOK());`
`113`		`- $this->assertSame(lang('Auth.noToken', [config('Auth')->authenticatorHeader['tokens']]), $result->reason());`
	`113`	`+ $this->assertSame(lang('Auth.noToken', [config('AuthToken')->authenticatorHeader['tokens']]), $result->reason());`
`114`	`114`	`}`
`115`	`115`
`116`	`116`	`public function testCheckBadToken(): void`
Original file line number	Diff line number	Diff line change
`@@ -131,7 +131,7 @@ public function testCheckNoToken(): void`
`131`	`131`	`$result = $this->auth->check([]);`
`132`	`132`
`133`	`133`	`$this->assertFalse($result->isOK());`
`134`		`- $this->assertSame(lang('Auth.noToken', [config('Auth')->authenticatorHeader['hmac']]), $result->reason());`
	`134`	`+ $this->assertSame(lang('Auth.noToken', [config('AuthToken')->authenticatorHeader['hmac']]), $result->reason());`
`135`	`135`	`}`
`136`	`136`
`137`	`137`	`public function testCheckBadSignature(): void`