PLAT-3884 Add extra logging (#27)

techfromsage · Sep 24, 2020 · 2b88d4f · 2b88d4f
1 parent 30bc9b7
commit 2b88d4f
Show file tree

Hide file tree

Showing 4 changed files with 53 additions and 8 deletions.
diff --git a/.travis.yml b/.travis.yml
@@ -12,6 +12,7 @@ php:
   - 5.6
   - 5.5
 install:
+  - composer self-update
   - composer install
 script: |
   set -xe

diff --git a/composer.json b/composer.json
@@ -1,7 +1,7 @@
 {
   "name": "talis/talis-php",
   "description": "This is a php client library for talis APIs",
-  "version": "0.6.1",
+  "version": "0.6.2",
   "keywords": [
     "persona",
     "echo",

diff --git a/src/Talis/Persona/Client/Login.php b/src/Talis/Persona/Client/Login.php
@@ -79,13 +79,19 @@ public function validateAuth()
             throw new \Exception('Payload not json');
         }
 
-        if (
-            !isset($_SESSION[self::LOGIN_PREFIX . ':loginState'])
-            || !isset($payload['state'])
-            || $payload['state'] !== $_SESSION[self::LOGIN_PREFIX . ':loginState']
-        ) {
-            // Error with state - not authenticated
-            $this->getLogger()->error('Login state does not match');
+        if (!isset($_SESSION[self::LOGIN_PREFIX . ':loginState'])) {
+            $this->getLogger()->error('Login state not found on Session');
+            throw new \Exception('Login state does not match');
+        }
+
+        if (!isset($payload['state'])) {
+            $this->getLogger()->error('Payload does not contain login state');
+            unset($_SESSION[self::LOGIN_PREFIX . ':loginState']);
+            throw new \Exception('Login state does not match');
+        }
+
+        if ($payload['state'] !== $_SESSION[self::LOGIN_PREFIX . ':loginState']) {
+            $this->getLogger()->error('Session login state does not match payload state');
             unset($_SESSION[self::LOGIN_PREFIX . ':loginState']);
             throw new \Exception('Login state does not match');
         }

diff --git a/test/unit/Persona/LoginTest.php b/test/unit/Persona/LoginTest.php
@@ -204,6 +204,44 @@ public function testValidateAuthThrowsExceptionWhenPayloadIsMissingState()
         $personaClient->validateAuth();
     }
 
+    public function testValidateAuthThrowsExceptionWhenSessionIsMissingState()
+    {
+        $this->setExpectedException('Exception', 'Login state does not match');
+        $personaClient = new Login(
+            [
+                'userAgent' => 'unittest',
+                'persona_host' => 'localhost',
+                'cacheBackend' => $this->cacheBackend,
+            ]
+        );
+        $_SESSION = [];
+        $_POST['persona:signature'] = 'DummySignature';
+        $_POST['persona:payload'] = base64_encode(json_encode([
+            'test' => 'YouShallNotPass',
+            'state' => 'Tennessee'
+        ]));
+        $personaClient->validateAuth();
+    }
+
+    public function testValidateAuthThrowsExceptionWhenSessionStateDoNotMatchPayloadState()
+    {
+        $this->setExpectedException('Exception', 'Login state does not match');
+        $personaClient = new Login(
+            [
+                'userAgent' => 'unittest',
+                'persona_host' => 'localhost',
+                'cacheBackend' => $this->cacheBackend,
+            ]
+        );
+        $_SESSION[Login::LOGIN_PREFIX . ':loginState'] = 'Alabama';
+        $_POST['persona:signature'] = 'DummySignature';
+        $_POST['persona:payload'] = base64_encode(json_encode([
+            'test' => 'YouShallNotPass',
+            'state' => 'Tennessee'
+        ]));
+        $personaClient->validateAuth();
+    }
+
     public function testValidateAuthPayloadMismatchingSignature()
     {
         $this->setExpectedException('Exception', 'Signature does not match');