LYNX-361: Implemented GraphQL email confirmation

svera · svera · commit 98cdea063824 · 2024-03-08T12:12:14.000+01:00
diff --git a/app/code/Magento/CustomerGraphQl/Model/Resolver/ConfirmEmail.php b/app/code/Magento/CustomerGraphQl/Model/Resolver/ConfirmEmail.php
@@ -0,0 +1,78 @@
+<?php
+/**
+ * Copyright 2024 Adobe
+ * All Rights Reserved.
+ *
+ * NOTICE: All information contained herein is, and remains
+ * the property of Adobe and its suppliers, if any. The intellectual
+ * and technical concepts contained herein are proprietary to Adobe
+ * and its suppliers and are protected by all applicable intellectual
+ * property laws, including trade secret and copyright laws.
+ * Dissemination of this information or reproduction of this material
+ * is strictly forbidden unless prior written permission is obtained from
+ * Adobe.
+ */
+declare(strict_types=1);
+
+namespace Magento\CustomerGraphQl\Model\Resolver;
+
+use Magento\Customer\Api\AccountManagementInterface;
+use Magento\CustomerGraphQl\Model\Customer\ExtractCustomerData;
+use Magento\Framework\Exception\State\InputMismatchException;
+use Magento\Framework\Exception\State\InvalidTransitionException;
+use Magento\Framework\GraphQl\Config\Element\Field;
+use Magento\Framework\GraphQl\Exception\GraphQlInputException;
+use Magento\Framework\GraphQl\Query\Resolver\Value;
+use Magento\Framework\GraphQl\Query\ResolverInterface;
+use Magento\Framework\GraphQl\Schema\Type\ResolveInfo;
+use Magento\Framework\Validator\EmailAddress as EmailValidator;
+
+/**
+ * Customer email confirmation, used for GraphQL request processing
+ */
+class ConfirmEmail implements ResolverInterface
+{
+    /**
+     * @param AccountManagementInterface $accountManagement
+     * @param EmailValidator $emailValidator
+     * @param ExtractCustomerData $extractCustomerData
+     */
+    public function __construct(
+        private readonly AccountManagementInterface $accountManagement,
+        private readonly EmailValidator $emailValidator,
+        private readonly ExtractCustomerData $extractCustomerData
+    ) {
+    }
+
+    /**
+     * Confirm customer email mutation
+     *
+     * @param \Magento\Framework\GraphQl\Config\Element\Field $field
+     * @param \Magento\Framework\GraphQl\Query\Resolver\ContextInterface $context
+     * @param ResolveInfo $info
+     * @param array|null $value
+     * @param array|null $args
+     * @return array|Value
+     * @throws \Exception
+     * @SuppressWarnings(PHPMD.UnusedFormalParameter)
+     */
+    public function resolve(
+        Field $field,
+        $context,
+        ResolveInfo $info,
+        array $value = null,
+        array $args = null
+    ) {
+        if (!$this->emailValidator->isValid($args['input']['email'])) {
+            throw new GraphQlInputException(__('Email is invalid'));
+        }
+
+        try {
+            $customer = $this->accountManagement->activate($args['input']['email'], $args['input']['confirmation_key']);
+        } catch (InvalidTransitionException | InputMismatchException $e) {
+            throw new GraphQlInputException(__($e->getMessage()));
+        }
+
+        return ['customer' => $this->extractCustomerData->execute($customer)];
+    }
+}
diff --git a/app/code/Magento/CustomerGraphQl/etc/schema.graphqls b/app/code/Magento/CustomerGraphQl/etc/schema.graphqls
@@ -29,6 +29,12 @@ type Mutation {
     requestPasswordResetEmail(email: String! @doc(description: "The customer's email address.")): Boolean  @resolver(class: "\\Magento\\CustomerGraphQl\\Model\\Resolver\\RequestPasswordResetEmail") @doc(description: "Request an email with a reset password token for the registered customer identified by the specified email.")
     resetPassword(email: String! @doc(description: "The customer's email address."), resetPasswordToken: String! @doc(description: "A runtime token generated by the `requestPasswordResetEmail` mutation."), newPassword: String! @doc(description: "The customer's new password.")): Boolean  @resolver(class: "\\Magento\\CustomerGraphQl\\Model\\Resolver\\ResetPassword") @doc(description: "Reset a customer's password using the reset password token that the customer received in an email after requesting it using `requestPasswordResetEmail`.")
     updateCustomerEmail(email: String! @doc(description: "The customer's email address."), password: String! @doc(description: "The customer's password.")): CustomerOutput @resolver(class: "\\Magento\\CustomerGraphQl\\Model\\Resolver\\UpdateCustomerEmail") @doc(description: "Change the email address for the logged-in customer.")
+    confirmEmail(input: ConfirmEmailInput! @doc(description: "An input object to identify the customer to confirm the email.")): CustomerOutput @resolver(class: "\\Magento\\CustomerGraphQl\\Model\\Resolver\\ConfirmEmail") @doc(description: "Confirms the email address for a customer.")
+}
+
+input ConfirmEmailInput @doc(description: "Contains details about a customer email address to confirm.") {
+    email: String! @doc(description: "The email address to be confirmed.")
+    confirmation_key: String! @doc(description: "The key to confirm the email address.")
 }
 
 input CustomerAddressInput @doc(description: "Contains details about a billing or shipping address."){
diff --git a/dev/tests/api-functional/testsuite/Magento/GraphQl/Customer/ConfirmEmailTest.php b/dev/tests/api-functional/testsuite/Magento/GraphQl/Customer/ConfirmEmailTest.php
@@ -0,0 +1,158 @@
+<?php
+/**
+ * Copyright 2024 Adobe
+ * All Rights Reserved.
+ *
+ * NOTICE: All information contained herein is, and remains
+ * the property of Adobe and its suppliers, if any. The intellectual
+ * and technical concepts contained herein are proprietary to Adobe
+ * and its suppliers and are protected by all applicable intellectual
+ * property laws, including trade secret and copyright laws.
+ * Dissemination of this information or reproduction of this material
+ * is strictly forbidden unless prior written permission is obtained from
+ * Adobe.
+ */
+declare(strict_types=1);
+
+namespace Magento\GraphQl\Customer;
+
+use Magento\Customer\Test\Fixture\Customer as CustomerFixture;
+use Magento\Framework\Exception\AuthenticationException;
+use Magento\Integration\Api\CustomerTokenServiceInterface;
+use Magento\TestFramework\Fixture\DataFixture;
+use Magento\TestFramework\Helper\Bootstrap;
+use Magento\TestFramework\TestCase\GraphQlAbstract;
+
+/**
+ * Tests for confirm customer email
+ */
+#[
+    DataFixture(
+        CustomerFixture::class,
+        [
+            'email' => 'customer@example.com',
+            'confirmation' => 'abcde',
+        ],
+        'customer'
+    )
+]
+class ConfirmEmailTest extends GraphQlAbstract
+{
+    private const QUERY = <<<QUERY
+mutation {
+  confirmEmail(input: {
+    email: "%s"
+    confirmation_key: "%s"
+  }) {
+    customer {
+      email
+    }
+  }
+}
+QUERY;
+
+    /**
+     * @var string
+     */
+    private const PASSWORD = 'password';
+
+    /**
+     * @return void
+     * @throws AuthenticationException
+     */
+    public function testConfirmEmail()
+    {
+        $response = $this->graphQlMutation(
+            sprintf(
+                self::QUERY,
+                'customer@example.com',
+                'abcde',
+            ),
+            [],
+            '',
+            $this->getCustomerAuthHeaders('customer@example.com', self::PASSWORD)
+        );
+
+        $this->assertEquals(
+            [
+                'confirmEmail' => [
+                    'customer' => [
+                        'email' => 'customer@example.com'
+                    ]
+                ]
+            ],
+            $response
+        );
+
+        $this->expectException(\Exception::class);
+        $this->expectExceptionMessage('The account is already active.');
+
+        $this->graphQlMutation(
+            sprintf(
+                self::QUERY,
+                'customer@example.com',
+                'abcde',
+            ),
+            [],
+            '',
+            $this->getCustomerAuthHeaders('customer@example.com', self::PASSWORD)
+        );
+    }
+
+    /**
+     * @return void
+     * @throws AuthenticationException
+     */
+    public function testConfirmEmailWrongEmail()
+    {
+        $this->expectException(\Exception::class);
+
+        $this->graphQlMutation(
+            sprintf(
+                self::QUERY,
+                'bad-email',
+                'abcde',
+            ),
+            [],
+            '',
+            $this->getCustomerAuthHeaders('customer@example.com', self::PASSWORD)
+        );
+    }
+
+    /**
+     * @return void
+     * @throws AuthenticationException
+     */
+    public function testConfirmEmailWrongConfirmation()
+    {
+        $this->expectException(\Exception::class);
+
+        $this->graphQlMutation(
+            sprintf(
+                self::QUERY,
+                'customer@example.com',
+                'wrong-confirmation',
+            ),
+            [],
+            '',
+            $this->getCustomerAuthHeaders('customer@example.com', self::PASSWORD)
+        );
+    }
+
+    /**
+     * @param string $email
+     * @param string $password
+     * @return array
+     * @throws AuthenticationException
+     */
+    private function getCustomerAuthHeaders(string $email, string $password): array
+    {
+        $customerToken = Bootstrap::getObjectManager()->get(
+            CustomerTokenServiceInterface::class
+        )->createCustomerAccessToken(
+            $email,
+            $password
+        );
+        return ['Authorization' => 'Bearer ' . $customerToken];
+    }
+}
