MAGETWO-31999: oAuth issue [from github]

- Added isValidForTokenExchange to the consumer interface
- Fixed expiry message for Oauth Consumer Settings

Author: anupdugar

app/code/Magento/Integration/Model/Oauth/Consumer.php

@@ -37,11 +37,17 @@ class Consumer extends \Magento\Framework\Model\AbstractModel implements Consume
      */
     protected $_keyLengthFactory;
 
+    /**
+     * @var  \Magento\Integration\Helper\Oauth\Data
+     */
+    protected $dataHelper;
+
     /**
      * @param \Magento\Framework\Model\Context $context
      * @param \Magento\Framework\Registry $registry
      * @param \Magento\Integration\Model\Oauth\Consumer\Validator\KeyLengthFactory $keyLengthFactory
      * @param \Magento\Framework\Url\Validator $urlValidator
+     * @param \Magento\Integration\Helper\Oauth\Data $dataHelper
      * @param \Magento\Framework\Model\Resource\AbstractResource $resource
      * @param \Magento\Framework\Data\Collection\Db $resourceCollection
      * @param array $data
@@ -51,12 +57,14 @@ public function __construct(
         \Magento\Framework\Registry $registry,
         \Magento\Integration\Model\Oauth\Consumer\Validator\KeyLengthFactory $keyLengthFactory,
         \Magento\Framework\Url\Validator $urlValidator,
+        \Magento\Integration\Helper\Oauth\Data $dataHelper,
         \Magento\Framework\Model\Resource\AbstractResource $resource = null,
         \Magento\Framework\Data\Collection\Db $resourceCollection = null,
         array $data = []
     ) {
         $this->_keyLengthFactory = $keyLengthFactory;
         $this->_urlValidator = $urlValidator;
+        $this->dataHelper = $dataHelper;
         parent::__construct($context, $registry, $resource, $resourceCollection, $data);
     }
 
@@ -167,13 +175,11 @@ public function getCreatedAt()
     }
 
     /**
-     * Get time in seconds since consumer was created
-     *
-     * @param int $consumerId
-     * @return int - time lapsed in seconds
+     * {@inheritdoc}
      */
-    public function getTimeInSecondsSinceCreation($consumerId)
+    public function isValidForTokenExchange()
     {
-        return $this->getResource()->getTimeInSecondsSinceCreation($consumerId);
+        $expiry = $this->dataHelper->getConsumerExpirationPeriod();
+        return $this->getResource()->getTimeInSecondsSinceCreation($this->getId()) > $expiry;
     }
 }

app/code/Magento/Integration/Model/Oauth/Token/Provider.php

@@ -21,34 +21,25 @@ class Provider implements TokenProviderInterface
      */
     protected $_tokenFactory;
 
-    /**
-     * @var  \Magento\Integration\Helper\Oauth\Data
-     */
-    protected $_dataHelper;
-
     /**
      * @param \Magento\Integration\Model\Oauth\Consumer\Factory $consumerFactory
      * @param \Magento\Integration\Model\Oauth\TokenFactory $tokenFactory
-     * @param \Magento\Integration\Helper\Oauth\Data $dataHelper
      */
     public function __construct(
         \Magento\Integration\Model\Oauth\Consumer\Factory $consumerFactory,
-        \Magento\Integration\Model\Oauth\TokenFactory $tokenFactory,
-        \Magento\Integration\Helper\Oauth\Data $dataHelper
+        \Magento\Integration\Model\Oauth\TokenFactory $tokenFactory
     ) {
         $this->_consumerFactory = $consumerFactory;
         $this->_tokenFactory = $tokenFactory;
-        $this->_dataHelper = $dataHelper;
     }
 
     /**
      * {@inheritdoc}
      */
     public function validateConsumer($consumer)
     {
-        $expiry = $this->_dataHelper->getConsumerExpirationPeriod();
         // Must use consumer within expiration period.
-        if ($this->_consumerFactory->create()->getTimeInSecondsSinceCreation($consumer->getId()) > $expiry) {
+        if (!$consumer->isValidForTokenExchange()) {
             throw new \Magento\Framework\Oauth\Exception(
                 'Consumer key has expired'
             );

app/code/Magento/Integration/etc/adminhtml/system.xml

@@ -25,7 +25,7 @@
                 <label>Consumer Settings</label>
                 <field id="expiration_period" translate="label" type="text" sortOrder="30" showInDefault="1" showInWebsite="0" showInStore="0">
                     <label>Expiration Period</label>
-                    <comment>Disable consumer key/secret credentials if not used within X seconds.</comment>
+                    <comment>Consumer key/secret will expire if not used within X seconds after Oauth token exchange starts.</comment>
                 </field>
                 <field id="post_maxredirects" translate="label" type="text" sortOrder="30" showInDefault="1" showInWebsite="0" showInStore="0">
                     <label>OAuth consumer credentials HTTP Post maxredirects</label>

dev/tests/unit/testsuite/Magento/Integration/Oauth/OauthTest.php

@@ -65,7 +65,7 @@ public function setUp()
                     'getCallbackUrl',
                     'save',
                     'getData',
-                    'getTimeInSecondsSinceCreation',
+                    'isValidForTokenExchange',
                     '__wakeup',
                 ]
             )
@@ -219,15 +219,8 @@ public function testGetRequestTokenOutdatedConsumerKey()
         $this->_setupConsumer();
         $this->_consumerMock
             ->expects($this->any())
-            ->method('getTimeInSecondsSinceCreation')
-            ->will($this->returnValue(9999999999));
-        $this->_dataHelperMock->expects(
-            $this->once()
-        )->method(
-            'getConsumerExpirationPeriod'
-        )->will(
-            $this->returnValue(0)
-        );
+            ->method('isValidForTokenExchange')
+            ->will($this->returnValue(false));
 
         $this->_oauth->getRequestToken($this->_getRequestTokenParams(), self::REQUEST_URL);
     }
@@ -271,12 +264,8 @@ protected function _makeValidExpirationPeriod()
     {
         $this->_consumerMock
             ->expects($this->any())
-            ->method('getTimeInSecondsSinceCreation')
-            ->will($this->returnValue(0));
-        $this->_dataHelperMock
-            ->expects($this->once())
-            ->method('getConsumerExpirationPeriod')
-            ->will($this->returnValue(300));
+            ->method('isValidForTokenExchange')
+            ->will($this->returnValue(true));
     }
 
     /**

lib/internal/Magento/Framework/Oauth/ConsumerInterface.php

@@ -54,4 +54,11 @@ public function getCallbackUrl();
      * @return string
      */
     public function getCreatedAt();
+
+    /**
+     * Check if the consumer key has not expired for Oauth token exchange usage
+     *
+     * @return bool
+     */
+    public function isValidForTokenExchange();
 }