Merge pull request #59 from chadicus/DOD-4315

Allow API Gateway Authentication

Author: chadicus

.coveralls.yml

@@ -0,0 +1,29 @@
+name: PHP Composer
+
+on:
+  push:
+    branches: [ v3.x ]
+  pull_request:
+    branches: [ v3.x ]
+
+jobs:
+  build:
+    runs-on: ubuntu-20.04
+    strategy:
+      matrix:
+        php-versions: ['7.0', '7.3', '7.4']
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v2
+    - name: Install PHP
+      uses: shivammathur/setup-php@v2
+      with:
+        php-version: ${{ matrix.php-versions }}
+    - name: Validate composer.json and composer.lock
+      run: composer validate
+    - name: Install dependencies
+      run: composer install --prefer-dist --no-progress
+    - name: Run PHPCS
+      run: composer run-script lint
+    - name: Run PHPUnit
+      run: composer run-script test

.github/workflows/php.yml

@@ -40,7 +40,6 @@
     },
     "require-dev": {
         "helmich/mongomock": "^2.1",
-        "php-coveralls/php-coveralls": "^2.1",
         "phpunit/phpunit": "^6.5.2",
         "squizlabs/php_codesniffer": "^3.2",
         "subjective-php/psr-cache-mongodb": "^2.1"
@@ -50,5 +49,9 @@
     },
     "autoload-dev": {
         "psr-4": { "TraderInteractive\\Api\\": "tests" }
+    },
+    "scripts": {
+        "lint": "vendor/bin/phpcs",
+        "test": "vendor/bin/phpunit"
     }
 }

.scrutinizer.yml

@@ -138,6 +138,43 @@ public static function createOwnerCredentials(
         return new self($getTokenRequestFunc);
     }
 
+    /**
+     * Creates a new instance of Authentication for Client Credentials grant type
+     *
+     * @param string $clientId        The oauth client id
+     * @param string $clientSecret    The oauth client secret
+     * @param string $authUrl         The oauth auth url
+     * @param string $tokenResource   The access token resource of the API
+     *
+     * @return Authentication
+     */
+    public static function createApiGatewayClientCredentials(
+        string $clientId,
+        string $clientSecret,
+        string $authUrl,
+        string $tokenResource = 'token'
+    ) : Authentication {
+        $getTokenRequestFunc = function (
+            string $unusedBaseUrl,
+            string $unusedRefreshToken = null
+        ) use (
+            $clientId,
+            $clientSecret,
+            $authUrl,
+            $tokenResource
+        ) {
+            $data = ['client_id' => $clientId, 'client_secret' => $clientSecret, 'grant_type' => 'client_credentials'];
+            return new Request(
+                'POST',
+                "{$authUrl}/oauth2/{$tokenResource}",
+                ['Content-Type' => 'application/x-www-form-urlencoded'],
+                Http::buildQueryString($data)
+            );
+        };
+
+        return new self($getTokenRequestFunc);
+    }
+
     /**
      * Extracts an access token from the given API response
      *

.travis.yml

@@ -166,6 +166,34 @@ public function getTokenRequestClientCredentialsCustomTokenResource()
         );
         $this->assertSame(['Content-Type' => ['application/x-www-form-urlencoded']], $request->getHeaders());
     }
+
+    /**
+     * @test
+     * @covers ::createApiGatewayClientCredentials
+     */
+    public function createApiGatewayClientCredentials()
+    {
+        $auth = Authentication::createApiGatewayClientCredentials('not under test', 'not under test', 'http://auth');
+        $this->assertInstanceOf('\TraderInteractive\Api\Authentication', $auth);
+    }
+
+    /**
+     * @test
+     * @covers ::createApiGatewayClientCredentials
+     * @covers ::getTokenRequest
+     */
+    public function getTokenRequestApiGatewayClientCredentials()
+    {
+        $auth = Authentication::createApiGatewayClientCredentials('id', 'secret', 'authUrl');
+        $request = $auth->getTokenRequest('baseUrl');
+        $this->assertSame('authUrl/oauth2/token', (string)$request->getUri());
+        $this->assertSame('POST', $request->getMethod());
+        $this->assertSame(
+            'client_id=id&client_secret=secret&grant_type=client_credentials',
+            (string)$request->getBody()
+        );
+        $this->assertSame(['Content-Type' => ['application/x-www-form-urlencoded']], $request->getHeaders());
+    }
 }
 
 function time()