Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

https://github.com/magento/magento2/issues/24716 #24769

Merged
merged 5 commits into from
Oct 8, 2019
Merged

https://github.com/magento/magento2/issues/24716 #24769

merged 5 commits into from
Oct 8, 2019

Conversation

ivanko-dev
Copy link
Contributor

Not Able to set Rest API oAuth admin token expire in minutes or seconds. #24716

Description (*)

Checking of expiration time for oAuth tokens worked only with integers. After update it is able to use float values without rounding.

Fixed Issues (if relevant)

  1. Not Able to set Rest API oAuth admin token expire in minutes or seconds. #24716: Not Able to set Rest API oAuth admin token expire in minutes or seconds.

Manual testing scenarios (*)

  1. Update Customer Token Lifetime (hours) or Admin Token Lifetime (hours) in Stores-->Configuration-->Services-->OAuth to values less then 0. For examle 0.05 is 3 minutes
  2. Get Access token using API POST request to /rest/V1/integration/admin/token with username and password parameters in request
  3. Try to access protected API endpoints using received token
  4. Token should expire after time defined on step (3 minutes in described case)

Questions or comments

app/code/Magento/Webapi/Model/Authorization/TokenUserContext.php: Line 140 - deprecated \Magento\Framework\Stdlib\DateTime:strToTime replaced to \Magento\Framework\Stdlib\DateTime\DateTime:timestamp method

Contribution checklist (*)

  • Pull request has a meaningful description of its purpose
  • All commits are accompanied by meaningful commit messages
  • All new or changed code is covered with unit/integration tests (if applicable)
  • All automated tests passed successfully (all builds are green)

@m2-assistant
Copy link

m2-assistant bot commented Sep 27, 2019

Hi @ivan-koliadynskyy. Thank you for your contribution
Here is some useful tips how you can test your changes using Magento test environment.
Add the comment under your pull request to deploy test or vanilla Magento instance:

  • @magento give me test instance - deploy test instance based on PR changes
  • @magento give me 2.3-develop instance - deploy vanilla Magento instance

For more details, please, review the Magento Contributor Guide documentation.

@magento-engcom-team magento-engcom-team added Component: Integration Component: Webapi Use with concrete module component label E.g. "Component: Webapi" + "Catalog" Release Line: 2.3 labels Sep 27, 2019
@orlangur orlangur self-assigned this Sep 27, 2019
@ghost ghost assigned sidolov Sep 27, 2019
@sidolov
Copy link
Contributor

sidolov commented Sep 27, 2019

Hi @ivan-koliadynskyy , please, sign CLA, otherwise, we can't process your pull request

@ivanko-dev ivanko-dev force-pushed the admin-token-expire-time-24716 branch from a82ebd9 to e314f3c Compare September 27, 2019 21:02
@magento-cicd2
Copy link
Contributor

magento-cicd2 commented Sep 27, 2019
edited
Loading

CLA assistant check
All committers have signed the CLA.

@ivanko-dev
Copy link
Contributor Author

Hi @ivan-koliadynskyy , please, sign CLA, otherwise, we can't process your pull request

Hello @sidolov , thank you for pointing to required changes. Author of commit updated and CLA was signed. Please let me know if more changes required.

@sidolov
Copy link
Contributor

sidolov commented Sep 27, 2019

@ivan-koliadynskyy looks like you cherry-picked the first commit and it has two authors right now (ivan_ko and ivan-koliadynskyy). I propose you to make one commit with the correct account and force push the branch.

@ivanko-dev ivanko-dev force-pushed the admin-token-expire-time-24716 branch from 72f31f4 to 5cda6c4 Compare September 30, 2019 09:22
@ivanko-dev
https://github.com/magento/magento2/issues/24716
218c164 
Not Able to set Rest API oAuth admin token expire in minutes or seconds. magento#24716
@ivanko-dev
Fix return type in comments
c283bba
@ivanko-dev ivanko-dev force-pushed the admin-token-expire-time-24716 branch from 5cda6c4 to c283bba Compare September 30, 2019 09:27
@ivanko-dev
Copy link
Contributor Author

@ivan-koliadynskyy looks like you cherry-picked the first commit and it has two authors right now (ivan_ko and ivan-koliadynskyy). I propose you to make one commit with the correct account and force push the branch.

@sidolov , sorry for delay with these changes. Commit updated again and looks like CLA test passed well. Please let me know if more changes required. Thanks.

@sidolov
Copy link
Contributor

sidolov commented Sep 30, 2019

@ivan-koliadynskyy , please, take a look at failed tests.

@ivanko-dev
Copy link
Contributor Author

@sidolov , thanks for hints. Code updated to pass failed tests but I have doubt about unit test for update. Initially I have updated app/code/Magento/Webapi/Model/Authorization/TokenUserContext.php: 140 to use \Magento\Framework\Stdlib\DateTime\DateTime::timestamp() instead of \Magento\Framework\Stdlib\DateTime::strToTime() which is simple wrapper for php strtotime(), because strToTime() noted like deprecated method. Everything looks good in this case but unit test not pass because of lib/internal/Magento/Framework/Stdlib/DateTime/DateTime.php:147. On unit test I have received $this->_localeDate equal null and error that can not call date() on null.
I have used strtotime() directly in TokenUserContext.php: 140 with last update but I am not sure that this is proper approach in this case.

@sidolov
Copy link
Contributor

sidolov commented Oct 1, 2019

@ivan-koliadynskyy you are right, you should return back usage of \Magento\Framework\Stdlib\DateTime::strToTime instead of strtotime function.

Regarding the failed test: please, make sure that getCustomerTokenLifetime and getAdminTokenLifetime will always return a positive integer. For example is_numeric(-1) will return true.

@ivanko-dev
Reverted change for time compression to use \Magento\Framework\Stdlib…
fc5ff12 
…\DateTime::strToTime instead of php strtotime.

Updated helpers to get token expire time to check  if value is positive before response.
@ivanko-dev
Copy link
Contributor Author

@ivan-koliadynskyy you are right, you should return back usage of \Magento\Framework\Stdlib\DateTime::strToTime instead of strtotime function.

Regarding the failed test: please, make sure that getCustomerTokenLifetime and getAdminTokenLifetime will always return a positive integer. For example is_numeric(-1) will return true.

@sidolov, thank you for hints. Code for time comparison reverted to use \Magento\Framework\Stdlib\DateTime::strToTime and getCustomerTokenLifetime, getAdminTokenLifetime have checking if result value is numeric and positive before response. Unit test on local instance passed well.

@ivanko-dev ivanko-dev closed this Oct 2, 2019
@m2-assistant
Copy link

m2-assistant bot commented Oct 2, 2019

Hi @ivan-koliadynskyy, thank you for your contribution!
Please, complete Contribution Survey, it will take less than a minute.
Your feedback will help us to improve contribution process.

@ivanko-dev ivanko-dev reopened this Oct 2, 2019
@ghost ghost unassigned orlangur and sidolov Oct 2, 2019
@ivanko-dev ivanko-dev requested a review from sidolov October 2, 2019 12:05
@ghost ghost assigned sidolov Oct 2, 2019
@sidolov sidolov added Award: bug fix Auto-Tests: Not Required Changes in Pull Request does not require coverage by auto-tests labels Oct 2, 2019
@magento-engcom-team
Copy link
Contributor

Hi @sidolov, thank you for the review.
ENGCOM-5987 has been created to process this Pull Request
✳️ @sidolov, could you please add one of the following labels to the Pull Request?

Label Description
Auto-Tests: Covered All changes in Pull Request is covered by auto-tests
Auto-Tests: Not Covered Changes in Pull Request requires coverage by auto-tests
Auto-Tests: Not Required Changes in Pull Request does not require coverage by auto-tests

@engcom-Alfa engcom-Alfa self-assigned this Oct 4, 2019
@engcom-Alfa
Copy link
Contributor

✔️ QA Passed

@engcom-Foxtrot engcom-Foxtrot self-assigned this Oct 4, 2019
@magento-engcom-team magento-engcom-team mentioned this pull request Oct 8, 2019
Closed
magento-engcom-team pushed a commit that referenced this pull request Oct 8, 2019
@sidolov
ENGCOM-5987: #24716 #24769
b6c7de5
@magento-engcom-team magento-engcom-team merged commit 867925d into magento:2.3-develop Oct 8, 2019
@m2-assistant
Copy link

m2-assistant bot commented Oct 8, 2019

Hi @ivan-koliadynskyy, thank you for your contribution!
Please, complete Contribution Survey, it will take less than a minute.
Your feedback will help us to improve contribution process.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sidolov sidolov sidolov approved these changes

@paliarush paliarush Awaiting requested review from paliarush

Assignees

@sidolov sidolov

@engcom-Alfa engcom-Alfa

@engcom-Foxtrot engcom-Foxtrot

Labels
Auto-Tests: Not Required Changes in Pull Request does not require coverage by auto-tests Award: bug fix Component: Integration Component: Webapi Use with concrete module component label E.g. "Component: Webapi" + "Catalog" Progress: accept Release Line: 2.3
Projects
None yet
Milestone
Release: 2.3.4
Development

Successfully merging this pull request may close these issues.
7 participants
@ivanko-dev @sidolov @magento-cicd2 @magento-engcom-team @engcom-Alfa @orlangur @engcom-Foxtrot