Skip to content

Commit

Permalink
TASK: Add tests for CorsHeaderMiddleware.php
Browse files Browse the repository at this point in the history
  • Loading branch information
3m5/frohberg committed Oct 22, 2024
1 parent c70113d commit ad79d13
Show file tree
Hide file tree
Showing 3 changed files with 123 additions and 1 deletion.
4 changes: 3 additions & 1 deletion Classes/Http/CorsHeaderMiddleware.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@

namespace Flowpack\Cors\Http;

use GuzzleHttp\Psr7\MessageTrait;
use Neos\Flow\Annotations as Flow;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
Expand Down Expand Up @@ -126,10 +127,11 @@ private function initializeConfiguration(): void
private function handlePreflight(ServerRequestInterface $request, ResponseInterface $response): ResponseInterface
{
$headersToAdd = [];
/*
/**
* Always set Vary headers, see
* https://github.com/rs/cors/issues/10 and
* https://github.com/rs/cors/commit/dbdca4d95feaa7511a46e6f1efb3b3aa505bc43f#commitcomment-12352001
* @var MessageTrait $response
*/
$response = $response->withHeader(
'Vary', ['Origin', 'Access-Control-Request-Method', 'Access-Control-Request-Headers']
Expand Down
117 changes: 117 additions & 0 deletions Tests/Unit/Http/CorsHeaderMiddlewareTest.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,117 @@
<?php
declare(strict_types=1);

namespace Flowpack\Cors\Tests\Unit\Http;

use Flowpack\Cors\Http\CorsHeaderMiddleware;
use GuzzleHttp\Psr7\Response;
use Neos\Utility\ObjectAccess;
use PHPUnit\Framework\Attributes\CoversClass;
use PHPUnit\Framework\MockObject\MockObject;
use PHPUnit\Framework\TestCase;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Server\RequestHandlerInterface;
use Psr\Log\LoggerInterface;

#[CoversClass(CorsHeaderMiddleware::class)]
class CorsHeaderMiddlewareTest extends TestCase {

private CorsHeaderMiddleware $middleware;
private ServerRequestInterface|MockObject $mockRequest;
private ResponseInterface $response;
private RequestHandlerInterface|MockObject $mockHandler;
private LoggerInterface|MockObject $logger;
protected function setUp(): void
{
parent::setUp();
$this->middleware = new CorsHeaderMiddleware();
$this->mockRequest = $this->createMock(ServerRequestInterface::class);
$this->mockResponse = $this->createMock(ResponseInterface::class);
$this->mockHandler = $this->createMock(RequestHandlerInterface::class);
$this->logger = $this->createMock(LoggerInterface::class);
$this->response = new Response();

ObjectAccess::setProperty($this->middleware, 'enabled', true, true);
ObjectAccess::setProperty($this->middleware, 'logger', $this->logger, true);
}

private function injectConfiguration(): void
{
ObjectAccess::setProperty(
$this->middleware,
'allowedOrigins',
[
0 => 'https://google.com',
],
true
);
ObjectAccess::setProperty(
$this->middleware,
'allowedMethods',
[
0 => 'GET',
1 => 'POST',
],
true
);
}


public function testMiddlewareIsNotEnabled(): void
{
$this->mockHandler->expects($this->once())->method('handle')->willReturn($this->response);

ObjectAccess::setProperty($this->middleware, 'enabled', false, true);
$response = $this->middleware->process($this->mockRequest, $this->mockHandler);

$this->assertSame($response->getHeader('Access-Control-Allow-Origin'), []);
$this->assertSame($response->getHeader('Access-Control-Allow-Methods'), []);
$this->assertSame($response->getHeader('Access-Control-Allow-Headers'), []);
$this->assertSame($response->getHeader('Access-Control-Allow-Credentials'), []);
$this->assertSame($response->getHeader('Access-Control-Max-Age'), []);
}

public function testMiddlewarePreflightWithConfig(): void
{
$this->injectConfiguration();
$this->mockHandler->expects($this->once())->method('handle')->willReturn($this->response);
$this->mockRequest->expects($this->once())->method('getMethod')->willReturn('OPTIONS');
$this->mockRequest->expects($this->any())->method('getHeader')->willReturnCallback(function (string $value) {
return match($value) {
'Origin' => ['https://google.com'],
'Access-Control-Request-Method' => ['GET'],
'Access-Control-Request-Headers' => [],
};
});

$response = $this->middleware->process($this->mockRequest, $this->mockHandler);
$this->assertCount(3, $response->getHeaders());
$this->assertSame($response->getHeader('Vary'), [
0 => 'Origin',
1 => 'Access-Control-Request-Method',
2 => 'Access-Control-Request-Headers',
]);
$this->assertSame($response->getHeader('Access-Control-Allow-Origin'), ['https://google.com']);
$this->assertSame($response->getHeader('Access-Control-Allow-Methods'), ['GET']);
}

public function testMiddlewareActualRequestWithConfig(): void
{
$this->injectConfiguration();
$this->mockHandler->expects($this->once())->method('handle')->willReturn($this->response);
$this->mockRequest->expects($this->any())->method('getMethod')->willReturn('POST');
$this->mockRequest->expects($this->any())->method('getHeader')->willReturnCallback(function (string $value) {
return match($value) {
'Origin' => ['https://google.com'],
'Access-Control-Request-Method' => ['GET'],
'Access-Control-Request-Headers' => [],
};
});
$response = $this->middleware->process($this->mockRequest, $this->mockHandler);
$this->assertCount(3, $response->getHeaders());
$this->assertSame($response->getHeader('Access-Control-Allow-Credentials'), ['true']);
$this->assertSame($response->getHeader('Vary'), ['Origin']);
$this->assertSame($response->getHeader('Access-Control-Allow-Origin'), ['https://google.com']);
}
}
3 changes: 3 additions & 0 deletions composer.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,5 +21,8 @@
"allow-plugins": {
"neos/composer-plugin": true
}
},
"require-dev": {
"phpunit/phpunit": "^11.4"
}
}

0 comments on commit ad79d13

Please sign in to comment.