Merge remote-tracking branch 'gl_adobe_ims/CABPI-503-phase2' into Arrows_IMS_17Mar23

Author: mahesh-singh-rajawat

AdminAdobeIms/Plugin/ValidateAccessTokenPlugin.php

@@ -0,0 +1,61 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+declare(strict_types=1);
+
+namespace Magento\AdminAdobeIms\Plugin;
+
+use Magento\AdminAdobeIms\Logger\AdminAdobeImsLogger;
+use Magento\AdobeImsApi\Api\IsTokenValidInterface;
+use Magento\Backend\Model\Auth;
+
+/**
+ * Validate ims access token
+ */
+class ValidateAccessTokenPlugin
+{
+    /**
+     * @var AdminAdobeImsLogger
+     */
+    private AdminAdobeImsLogger $logger;
+
+    /**
+     * @var IsTokenValidInterface
+     */
+    private IsTokenValidInterface $isTokenValid;
+
+    /**
+     * @param IsTokenValidInterface $isTokenValid
+     * @param AdminAdobeImsLogger $logger
+     */
+    public function __construct(
+        IsTokenValidInterface $isTokenValid,
+        AdminAdobeImsLogger $logger
+    ) {
+        $this->isTokenValid = $isTokenValid;
+        $this->logger = $logger;
+    }
+
+    /**
+     * Check if IMS access token is still valid
+     *
+     * @param Auth $subject
+     * @param bool $result
+     * @return bool
+     * @throws \Magento\Framework\Exception\AuthorizationException
+     */
+    public function afterIsLoggedIn(Auth $subject, bool $result): bool
+    {
+        $accessToken = $subject->getAuthStorage()->getAdobeAccessToken();
+        if ($result && $accessToken) {
+            if (!$this->isTokenValid->validateToken($accessToken)) {
+                $subject->logout();
+                $this->logger->error('Admin Access Token is not valid');
+                return false;
+            }
+        }
+        return $result;
+    }
+}

AdminAdobeIms/Test/Unit/Plugin/ValidateAccessTokenPluginTest.php

@@ -0,0 +1,93 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+declare(strict_types=1);
+
+namespace Magento\AdminAdobeIms\Test\Unit\Plugin;
+
+use Magento\AdminAdobeIms\Logger\AdminAdobeImsLogger;
+use Magento\AdminAdobeIms\Model\Auth;
+use Magento\AdminAdobeIms\Plugin\ValidateAccessTokenPlugin;
+use Magento\AdobeImsApi\Api\IsTokenValidInterface;
+use Magento\Backend\Model\Auth\Session;
+use PHPUnit\Framework\TestCase;
+
+class ValidateAccessTokenPluginTest extends TestCase
+{
+    /**
+     * @var ValidateAccessTokenPlugin
+     */
+    private $plugin;
+
+    /**
+     * @var IsTokenValidInterface
+     */
+    private $isTokenValid;
+
+    /**
+     * @var AdminAdobeImsLogger
+     */
+    private $logger;
+
+    /**
+     * @var Session
+     */
+    protected $adminSession;
+
+    /**
+     * @return void
+     */
+    protected function setUp(): void
+    {
+        $this->isTokenValid = $this->createMock(IsTokenValidInterface::class);
+        $this->logger = $this->createMock(AdminAdobeImsLogger::class);
+        $this->adminSession = $this->getMockBuilder(Session::class)
+            ->disableOriginalConstructor()
+            ->setMethods(['getAdobeAccessToken'])
+            ->getMock();
+
+        $this->plugin = new ValidateAccessTokenPlugin(
+            $this->isTokenValid,
+            $this->logger
+        );
+    }
+
+    /**
+     * Test plugin session logout when access token is expired
+     *
+     * @return void
+     * @param array $responseData
+     * @dataProvider responseDataProvider
+     */
+    public function testPluginSessionLogoutWhenAccessTokenIsExpired($responseData): void
+    {
+        $subject = $this->createMock(Auth::class);
+
+        $this->adminSession->expects($this->any())
+            ->method('getAdobeAccessToken')
+            ->willReturn('test');
+
+        $subject->method('getAuthStorage')
+            ->willReturn($this->adminSession);
+
+        $this->isTokenValid
+            ->expects($this->once())
+            ->method('validateToken')
+            ->willReturn($responseData);
+
+        $this->assertEquals($responseData, $this->plugin->afterIsLoggedIn($subject, true));
+    }
+
+    /**
+     * @return array
+     */
+    public function responseDataProvider(): array
+    {
+        return [
+            [true],
+            [false]
+        ];
+    }
+}

AdminAdobeIms/etc/di.xml

@@ -64,6 +64,8 @@
     <type name="Magento\Backend\Model\Auth">
         <plugin name="disable_admin_login_auth"
                 type="Magento\AdminAdobeIms\Plugin\DisableAdminLoginAuthPlugin"/>
+        <plugin name="admin_ims_auth_validate_access_token"
+                type="Magento\AdminAdobeIms\Plugin\ValidateAccessTokenPlugin"/>
     </type>
 
     <type name="Magento\Integration\Model\AdminTokenService">