ENGCOM-4861: #628 Check if email or password are empty (generateCustomerToken) #636

naydav · web-flow · commit 18ab161b8bd6 · 2019-05-01T15:17:17.000-05:00
diff --git a/app/code/Magento/CustomerGraphQl/Model/Resolver/GenerateCustomerToken.php b/app/code/Magento/CustomerGraphQl/Model/Resolver/GenerateCustomerToken.php
@@ -44,11 +44,11 @@ public function resolve(
         array $value = null,
         array $args = null
     ) {
-        if (!isset($args['email'])) {
+        if (!isset($args['email']) || empty($args['email'])) {
             throw new GraphQlInputException(__('Specify the "email" value.'));
         }
 
-        if (!isset($args['password'])) {
+        if (!isset($args['password']) || empty($args['password'])) {
             throw new GraphQlInputException(__('Specify the "password" value.'));
         }
 
diff --git a/dev/tests/api-functional/testsuite/Magento/GraphQl/Customer/GenerateCustomerTokenTest.php b/dev/tests/api-functional/testsuite/Magento/GraphQl/Customer/GenerateCustomerTokenTest.php
@@ -68,4 +68,54 @@ public function testGenerateCustomerTokenWithInvalidCredentials()
             'was incorrect or your account is disabled temporarily. Please wait and try again later.');
         $this->graphQlMutation($mutation);
     }
+
+    /**
+     * Verify customer with empty email
+     */
+    public function testGenerateCustomerTokenWithEmptyEmail()
+    {
+        $email = '';
+        $password = 'bad-password';
+
+        $mutation
+            = <<<MUTATION
+mutation {
+	generateCustomerToken(
+        email: "{$email}"
+        password: "{$password}"
+    ) {
+        token
+    }
+}
+MUTATION;
+
+        $this->expectException(\Exception::class);
+        $this->expectExceptionMessage('GraphQL response contains errors: Specify the "email" value.');
+        $this->graphQlMutation($mutation);
+    }
+
+    /**
+     * Verify customer with empty password
+     */
+    public function testGenerateCustomerTokenWithEmptyPassword()
+    {
+        $email = 'customer@example.com';
+        $password = '';
+
+        $mutation
+            = <<<MUTATION
+mutation {
+	generateCustomerToken(
+        email: "{$email}"
+        password: "{$password}"
+    ) {
+        token
+    }
+}
+MUTATION;
+
+        $this->expectException(\Exception::class);
+        $this->expectExceptionMessage('GraphQL response contains errors: Specify the "password" value.');
+        $this->graphQlMutation($mutation);
+    }
 }

Original file line number	Diff line number	Diff line change
`@@ -44,11 +44,11 @@ public function resolve(`
`44`	`44`	`array $value = null,`
`45`	`45`	`array $args = null`
`46`	`46`	`) {`
`47`		`- if (!isset($args['email'])) {`
	`47`	`+ if (!isset($args['email']) \|\| empty($args['email'])) {`
`48`	`48`	`throw new GraphQlInputException(__('Specify the "email" value.'));`
`49`	`49`	`}`
`50`	`50`
`51`		`- if (!isset($args['password'])) {`
	`51`	`+ if (!isset($args['password']) \|\| empty($args['password'])) {`
`52`	`52`	`throw new GraphQlInputException(__('Specify the "password" value.'));`
`53`	`53`	`}`
`54`	`54`