Validate JWT expiry (#776)

* Validate JWT expiry * Fixing bad merge conflict from Github UI * whitespace Co-authored-by: dannylamb <dlamb@islandora.ca>
Islandora · Jun 22, 2020 · bbcd28c · bbcd28c
1 parent bc6e5a3
commit bbcd28c
Show file tree

Hide file tree

Showing 2 changed files with 63 additions and 2 deletions.
diff --git a/src/Form/IslandoraSettingsForm.php b/src/Form/IslandoraSettingsForm.php
@@ -28,6 +28,16 @@ class IslandoraSettingsForm extends ConfigFormBase {
   const GEMINI_URL = 'gemini_url';
   const GEMINI_PSEUDO = 'gemini_pseudo_bundles';
   const FEDORA_URL = 'fedora_url';
+  const TIME_INTERVALS = [
+    'sec',
+    'second',
+    'min',
+    'minute',
+    'hour',
+    'week',
+    'month',
+    'year',
+  ];
 
   /**
    * To list the available bundle types.
@@ -133,7 +143,9 @@ public function buildForm(array $form, FormStateInterface $form_state) {
       '#type' => 'textfield',
       '#title' => $this->t('JWT Expiry'),
       '#default_value' => $config->get(self::JWT_EXPIRY),
-      '#description' => $this->t('Eg: 60, "2 days", "10h", "7d". A numeric value is interpreted as a seconds count. If you use a string be sure you provide the time units (days, hours, etc), otherwise milliseconds unit is used by default ("120" is equal to "120ms").'),
+      '#description' => $this->t('A positive time interval expression. Eg: "60 secs", "2 days", "10 hours", "7 weeks". Be sure you provide the time units (@unit), plurals are accepted.',
+        ['@unit' => implode(self::TIME_INTERVALS, ", ")]
+      ),
     ];
 
     $form[self::GEMINI_URL] = [
@@ -219,7 +231,8 @@ public function validateForm(array &$form, FormStateInterface $form_state) {
     }
 
     // Validate jwt expiry as a valid time string.
-    $expiry = $form_state->getValue(self::JWT_EXPIRY);
+    $expiry = trim($form_state->getValue(self::JWT_EXPIRY));
+    $expiry = strtolower($expiry);
     if (strtotime($expiry) === FALSE) {
       $form_state->setErrorByName(
         self::JWT_EXPIRY,
@@ -229,6 +242,28 @@ public function validateForm(array &$form, FormStateInterface $form_state) {
         )
       );
     }
+    elseif (substr($expiry, 0, 1) == "-") {
+      $form_state->setErrorByName(
+        self::JWT_EXPIRY,
+        $this->t('Time or interval expression cannot be negative')
+          );
+    }
+    elseif (intval($expiry) === 0) {
+      $form_state->setErrorByName(
+        self::JWT_EXPIRY,
+        $this->t('No numeric interval specified, for example "1 day"')
+          );
+    }
+    else {
+      if (!preg_match("/\b(" . implode(self::TIME_INTERVALS, "|") . ")s?\b/", $expiry)) {
+        $form_state->setErrorByName(
+          self::JWT_EXPIRY,
+          $this->t("No time interval found, please include one of (@int). Plurals are also accepted.",
+            ['@int' => implode(self::TIME_INTERVALS, ", ")]
+          )
+        );
+      }
+    }
 
     // Needed for the elseif below.
     $pseudo_types = array_filter($form_state->getValue(self::GEMINI_PSEUDO));

diff --git a/tests/src/Functional/IslandoraSettingsFormTest.php b/tests/src/Functional/IslandoraSettingsFormTest.php
@@ -58,4 +58,30 @@ public function testPseudoFieldBundles() {
 
   }
 
+  /**
+   * Test form validation for JWT expiry.
+   */
+  public function testJwtExpiry() {
+    $this->drupalGet('/admin/config/islandora/core');
+    $this->assertSession()->statusCodeEquals(200);
+    $this->assertSession()->pageTextContains("JWT Expiry");
+    $this->assertSession()->fieldValueEquals('edit-jwt-expiry', '+2 hour');
+    // Blank is not allowed.
+    $this->drupalPostForm('/admin/config/islandora/core', ['edit-jwt-expiry' => ""], t('Save configuration'));
+    $this->assertSession()->pageTextContainsOnce('"" is not a valid time or interval expression.');
+    // Negative is not allowed.
+    $this->drupalPostForm('/admin/config/islandora/core', ['edit-jwt-expiry' => "-2 hours"], t('Save configuration'));
+    $this->assertSession()->pageTextContainsOnce('Time or interval expression cannot be negative');
+    // Must include an integer value.
+    $this->drupalPostForm('/admin/config/islandora/core', ['edit-jwt-expiry' => "last hour"], t('Save configuration'));
+    $this->assertSession()->pageTextContainsOnce('No numeric interval specified, for example "1 day"');
+    // Must have an accepted interval.
+    $this->drupalPostForm('/admin/config/islandora/core', ['edit-jwt-expiry' => "1 fortnight"], t('Save configuration'));
+    $this->assertSession()->pageTextContainsOnce('No time interval found, please include one of');
+    // Test a valid setting.
+    $this->drupalPostForm('/admin/config/islandora/core', ['edit-jwt-expiry' => "2 weeks"], t('Save configuration'));
+    $this->assertSession()->pageTextContainsOnce('The configuration options have been saved.');
+
+  }
+
 }