Merge pull request #348 from PrestaShopCorp/feat/5.x/rotate-refresh-t…

…oken feat: update refresh token returned by firebase
PrestaShopCorp · Jun 19, 2023 · f58d408 · f58d408
2 parents 8a54bb6 + 8ff9563
commit f58d408
Show file tree

Hide file tree

Showing 5 changed files with 100 additions and 4 deletions.
diff --git a/classes/Repository/AbstractTokenRepository.php b/classes/Repository/AbstractTokenRepository.php
@@ -39,6 +39,7 @@ abstract class AbstractTokenRepository
 
     const TOKEN_TYPE = '';
     const TOKEN_KEY = '';
+    const REFRESH_TOKEN_KEY = '';
 
     /**
      * @var ConfigurationRepository
@@ -109,10 +110,10 @@ public function getOrRefreshToken($forceRefresh = false)
             $refreshToken = $this->getRefreshToken();
             if (is_string($refreshToken) && '' != $refreshToken) {
                 try {
-                    $token = $this->refreshToken($refreshToken);
+                    $token = $this->refreshToken($refreshToken, $newRefreshToken);
                     $this->updateCredentials(
                         (string) $token,
-                        $refreshToken
+                        $newRefreshToken
                     );
                 } catch (RefreshTokenException $e) {
                     Logger::getInstance()->debug($e);
@@ -151,18 +152,20 @@ public function parseToken($token)
 
     /**
      * @param string $refreshToken
+     * @param string $newRefreshToken
      *
-     * @return Token|null idToken
+     * @return Token|null
      *
      * @throws RefreshTokenException
      * @throws Exception
      */
-    public function refreshToken($refreshToken)
+    public function refreshToken($refreshToken, &$newRefreshToken = null)
     {
         $response = $this->client()->refreshToken($refreshToken);
 
         if ($response && true === $response['status']) {
             $token = $this->parseToken($response['body'][static::TOKEN_KEY]);
+            $newRefreshToken = $response['body'][static::REFRESH_TOKEN_KEY];
 
             $this->onRefreshTokenSuccess();
 

diff --git a/classes/Repository/ShopTokenRepository.php b/classes/Repository/ShopTokenRepository.php
@@ -31,6 +31,7 @@ class ShopTokenRepository extends AbstractTokenRepository
 {
     const TOKEN_TYPE = 'shop';
     const TOKEN_KEY = 'token';
+    const REFRESH_TOKEN_KEY = 'refresh_token';
 
     /**
      * @return AccountsClient

diff --git a/classes/Repository/UserTokenRepository.php b/classes/Repository/UserTokenRepository.php
@@ -32,6 +32,7 @@ class UserTokenRepository extends AbstractTokenRepository
 {
     const TOKEN_TYPE = 'user';
     const TOKEN_KEY = 'idToken';
+    const REFRESH_TOKEN_KEY = 'refreshToken';
 
     /**
      * @return SsoClient

diff --git a/tests/Unit/Repository/ShopTokenRepository/GetOrRefreshTokenTest.php b/tests/Unit/Repository/ShopTokenRepository/GetOrRefreshTokenTest.php
@@ -62,4 +62,49 @@ public function itShouldRefreshExpiredToken()
 
         $this->assertEquals((string) $idTokenRefreshed, (string) $tokenRepos->getOrRefreshToken());
     }
+
+    /**
+     * @test
+     * @throws \Exception
+     */
+    public function itShouldUpdateRefreshToken()
+    {
+        $payload = [
+            'token' => $this->makeJwtToken(new \DateTimeImmutable('yesterday'), [
+                'user_id' => $this->faker->uuid,
+            ]),
+            'refresh_token' => $this->makeJwtToken(new \DateTimeImmutable('+1 year')),
+        ];
+
+        $client = $this->createMock(AccountsClient::class);
+        $client->method('refreshToken')->willReturn($payload);
+
+        /** @var ConfigurationRepository $configuration */
+        $configuration = $this->module->getService(ConfigurationRepository::class);
+
+        /** @var ShopTokenRepository $tokenRepos */
+        $tokenRepos = $this->getMockBuilder(ShopTokenRepository::class)
+            ->setConstructorArgs([$configuration])
+            //->disableOriginalConstructor()
+            //->disableOriginalClone()
+            ->disableArgumentCloning()
+            ->disallowMockingUnknownTypes()
+            ->getMock();
+
+        $tokenRepos->method('client')
+            ->willReturn($client);
+
+        $tokenRepos->updateCredentials(
+            $this->makeJwtToken(new \DateTimeImmutable('yesterday'), [
+                'user_id' => $this->faker->uuid,
+                'email' => $this->faker->safeEmail,
+            ]),
+            $this->makeJwtToken(new \DateTimeImmutable('+1 year'))
+        );
+
+        $tokenRepos->getOrRefreshToken();
+
+        $this->assertEquals($payload['token'], $tokenRepos->getToken());
+        $this->assertEquals($payload['refresh_token'], $tokenRepos->getRefreshToken());
+    }
 }
diff --git a/tests/Unit/Repository/UserTokenRepository/GetOrRefreshTokenTest.php b/tests/Unit/Repository/UserTokenRepository/GetOrRefreshTokenTest.php
@@ -2,6 +2,7 @@
 
 namespace PrestaShop\Module\PsAccounts\Tests\Unit\Repository\UserTokenRepository;
 
+use PrestaShop\Module\PsAccounts\Api\Client\SsoClient;
 use PrestaShop\Module\PsAccounts\Repository\ConfigurationRepository;
 use PrestaShop\Module\PsAccounts\Repository\UserTokenRepository;
 use PrestaShop\Module\PsAccounts\Tests\TestCase;
@@ -61,4 +62,49 @@ public function itShouldRefreshExpiredToken()
 
         $this->assertEquals((string) $idTokenRefreshed, $tokenRepos->getOrRefreshToken());
     }
+
+    /**
+     * @test
+     * @throws \Exception
+     */
+    public function itShouldUpdateRefreshToken()
+    {
+        $payload = [
+            'idToken' => $this->makeJwtToken(new \DateTimeImmutable('tomorrow'), [
+                'user_id' => $this->faker->uuid,
+            ]),
+            'refreshToken' => $this->makeJwtToken(new \DateTimeImmutable('+1 year')),
+        ];
+
+        $client = $this->createMock(SsoClient::class);
+        $client->method('refreshToken')->willReturn($payload);
+
+        /** @var ConfigurationRepository $configuration */
+        $configuration = $this->module->getService(ConfigurationRepository::class);
+
+        /** @var UserTokenRepository $tokenRepos */
+        $tokenRepos = $this->getMockBuilder(UserTokenRepository::class)
+            ->setConstructorArgs([$configuration])
+            //->disableOriginalConstructor()
+            //->disableOriginalClone()
+            ->disableArgumentCloning()
+            ->disallowMockingUnknownTypes()
+            ->getMock();
+
+        $tokenRepos->method('client')
+            ->willReturn($client);
+
+        $tokenRepos->updateCredentials(
+            $this->makeJwtToken(new \DateTimeImmutable('yesterday'), [
+                'user_id' => $this->faker->uuid,
+                'email' => $this->faker->safeEmail,
+            ]),
+            $this->makeJwtToken(new \DateTimeImmutable('+1 year'))
+        );
+
+        $tokenRepos->getOrRefreshToken();
+
+        $this->assertEquals($payload['idToken'], $tokenRepos->getToken());
+        $this->assertEquals($payload['refreshToken'], $tokenRepos->getRefreshToken());
+    }
 }