ykiakao/api-ranking-jogos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

funcional a parte de token

Browse Source
This commit is contained in:
gabriellina640
2026-05-19 16:24:51 -05:00
parent cd38287503
commit edc6e6486b
6 changed files with 32 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
tests/Feature/GameRankingApiTest.php
View File

@@ -11,6 +11,7 @@ class GameRankingApiTest extends TestCase
use RefreshDatabase;
private string $jwt;
private string $privateKey;
protected function setUp(): void
{
@@ -101,16 +102,23 @@ class GameRankingApiTest extends TestCase
->assertJson(['userId' => 'consumer-project']);
}
public function test_can_accept_any_bearer_token_when_enabled_for_demo_integration(): void
public function test_accepts_token_with_audience_array_containing_expected_audience(): void
{
config(['jwt.allow_any_token' => true]);
$this->jwt = $this->makeJwt($this->privateKey, ['other-api', 'ranking-api']);
$this->withHeader('Authorization', 'Bearer token-do-front')
->getJson('/api/v1/rankings/weekly')
$this->getJsonWithJwt('/api/v1/games/most-played')
->assertOk()
->assertJsonCount(10);
}
public function test_rejects_generic_bearer_token(): void
{
$this->withHeader('Authorization', 'Bearer token-do-front')
->getJson('/api/v1/rankings/weekly')
->assertUnauthorized()
->assertJson(['message' => 'Invalid or expired token']);
}
private function getJsonWithJwt(string $uri)
{
return $this->withHeader('Authorization', 'Bearer '.$this->jwt)
@@ -125,6 +133,7 @@ class GameRankingApiTest extends TestCase
]);
openssl_pkey_export($key, $privateKey);
$this->privateKey = $privateKey;
$publicKey = openssl_pkey_get_details($key)['key'];
config([
@@ -136,14 +145,14 @@ class GameRankingApiTest extends TestCase
$this->jwt = $this->makeJwt($privateKey);
}
private function makeJwt(string $privateKey): string
private function makeJwt(string $privateKey, string|array $audience = 'ranking-api'): string
{
$encode = fn (string $value): string => rtrim(strtr(base64_encode($value), '+/', '-_'), '=');
$header = $encode(json_encode(['alg' => 'RS256', 'typ' => 'JWT']));
$payload = $encode(json_encode([
'iss' => 'gameverse-auth',
'aud' => 'ranking-api',
'aud' => $audience,
'sub' => 'consumer-project',
'iat' => time(),
'exp' => time() + 3600,