Changed DefaultUser to immutable and added UserInterfaceFactory

Author: ezimuel

src/ConfigProvider.php

@@ -59,15 +59,12 @@ public function getDependencies() : array
                 // AuthenticationInterface::class => Basic\BasicAccess::class,
                 // Provide an alias for the UserRepository adapter based on your application needs.
                 // UserRepositoryInterface::class => UserRepository\Htpasswd::class
-                UserInterface::class => DefaultUser::class
             ],
             'factories' => [
                 AuthenticationMiddleware::class => AuthenticationMiddlewareFactory::class,
                 UserRepository\Htpasswd::class => UserRepository\HtpasswdFactory::class,
-                UserRepository\PdoDatabase::class => UserRepository\PdoDatabaseFactory::class
-            ],
-            'invokables' => [
-                DefaultUser::class => DefaultUser::class
+                UserRepository\PdoDatabase::class => UserRepository\PdoDatabaseFactory::class,
+                UserInterface::class => UserInterfaceFactory::class
             ]
         ];
     }

src/DefaultUser.php

@@ -1,35 +1,31 @@
 <?php
 /**
  * @see       https://github.com/zendframework/zend-expressive-authentication for the canonical source repository
- * @copyright Copyright (c) 2017 Zend Technologies USA Inc. (https://www.zend.com)
+ * @copyright Copyright (c) 2018 Zend Technologies USA Inc. (https://www.zend.com)
  * @license   https://github.com/zendframework/zend-expressive-authentication/blob/master/LICENSE.md New BSD License
  */
 
 declare(strict_types=1);
 
 namespace Zend\Expressive\Authentication;
 
-class DefaultUser implements UserInterface
+final class DefaultUser implements UserInterface
 {
-    protected $identity;
+    private $identity;
 
-    protected $roles = [];
+    private $roles;
 
-    public function setIdentity(string $identity) : void
+    public function __construct(string $identity, array $roles = [])
     {
         $this->identity = $identity;
+        $this->roles = $roles;
     }
 
     public function getIdentity() : string
     {
         return $this->identity;
     }
 
-    public function setRoles(array $roles) : void
-    {
-        $this->roles = $roles;
-    }
-
     public function getRoles() : array
     {
         return $this->roles;

src/UserInterface.php

@@ -11,21 +11,11 @@
 
 interface UserInterface
 {
-    /**
-     * Set the user's identity
-     */
-    public function setIdentity(string $identity) : void;
-
     /**
      * Get the unique user identity (id, username, email address or ...)
      */
     public function getIdentity() : string;
 
-    /**
-     * Set the user's roles
-     */
-    public function setRoles(array $roles) : void;
-
     /**
      * Get all user roles
      *

src/UserInterfaceFactory.php

@@ -0,0 +1,20 @@
+<?php
+/**
+ * @see       https://github.com/zendframework/zend-expressive-authentication for the canonical source repository
+ * @copyright Copyright (c) 2017 Zend Technologies USA Inc. (https://www.zend.com)
+ * @license   https://github.com/zendframework/zend-expressive-authentication/blob/master/LICENSE.md New BSD License
+ */
+
+declare(strict_types=1);
+
+namespace Zend\Expressive\Authentication;
+
+use Psr\Container\ContainerInterface;
+
+class UserInterfaceFactory
+{
+    public function generate(string $identity, array $roles = []) : UserInterface
+    {
+        return new DefaultUser($identity, $roles);
+    }
+}

src/UserRepository/Htpasswd.php

@@ -11,6 +11,7 @@
 
 use Zend\Expressive\Authentication\Exception;
 use Zend\Expressive\Authentication\UserInterface;
+use Zend\Expressive\Authentication\UserInterfaceFactory;
 use Zend\Expressive\Authentication\UserRepositoryInterface;
 
 /**
@@ -26,14 +27,14 @@ class Htpasswd implements UserRepositoryInterface
     private $filename;
 
     /**
-     * @var UserInterface
+     * @var UserInterfaceFactory
      */
-    private $user;
+    private $userFactory;
 
     /**
      * @throws Exception\InvalidConfigException
      */
-    public function __construct(string $filename, UserInterface $user)
+    public function __construct(string $filename, UserInterfaceFactory $userFactory)
     {
         if (! file_exists($filename)) {
             throw new Exception\InvalidConfigException(sprintf(
@@ -42,7 +43,7 @@ public function __construct(string $filename, UserInterface $user)
             ));
         }
         $this->filename = $filename;
-        $this->user = $user;
+        $this->userFactory = $userFactory;
     }
 
     /**
@@ -65,10 +66,8 @@ public function authenticate(string $credential, string $password = null) : ?Use
         }
         fclose($handle);
 
-        if ($found && password_verify($password === null ? '' : $password, $hash)) {
-            $this->user->setIdentity($credential);
-            $this->user->setRoles($this->getRolesFromUser($credential));
-            return $this->user;
+        if ($found && password_verify($password ?? '', $hash)) {
+            return $this->userFactory->generate($credential, $this->getRolesFromUser($credential));
         }
         return null;
     }

src/UserRepository/PdoDatabase.php

@@ -13,6 +13,7 @@
 use PDOException;
 use Zend\Expressive\Authentication\Exception;
 use Zend\Expressive\Authentication\UserInterface;
+use Zend\Expressive\Authentication\UserInterfaceFactory;
 use Zend\Expressive\Authentication\UserRepositoryInterface;
 
 /**
@@ -32,15 +33,18 @@ class PdoDatabase implements UserRepositoryInterface
     private $config;
 
     /**
-     * @var UserInterface
+     * @var UserInterfaceFactory
      */
-    private $user;
+    private $userFactory;
 
-    public function __construct(PDO $pdo, array $config, UserInterface $user)
-    {
+    public function __construct(
+        PDO $pdo,
+        array $config,
+        UserInterfaceFactory $userFactory
+    ) {
         $this->pdo = $pdo;
         $this->config = $config;
-        $this->user = $user;
+        $this->userFactory = $userFactory;
     }
 
     /**
@@ -71,9 +75,10 @@ public function authenticate(string $credential, string $password = null) : ?Use
         }
 
         if (password_verify($password, $result->{$this->config['field']['password']})) {
-            $this->user->setIdentity($credential);
-            $this->user->setRoles($this->getRolesFromUser($credential));
-            return $this->user;
+            return $this->userFactory->generate(
+                $credential,
+                $this->getRolesFromUser($credential)
+            );
         }
         return null;
     }

test/DefaultUserTest.php

@@ -17,21 +17,19 @@ class DefaultUserTest extends TestCase
 {
     public function testConstructor()
     {
-        $user = new DefaultUser();
+        $user = new DefaultUser('foo');
         $this->assertInstanceOf(UserInterface::class, $user);
     }
 
-    public function testSetGetIdentity()
+    public function testGetIdentity()
     {
-        $user = new DefaultUser();
-        $user->setIdentity('foo');
+        $user = new DefaultUser('foo');
         $this->assertEquals('foo', $user->getIdentity());
     }
 
-    public function testSetGetRoles()
+    public function testGetRoles()
     {
-        $user = new DefaultUser();
-        $user->setRoles(['foo', 'bar']);
+        $user = new DefaultUser('foo', ['foo', 'bar']);
         $this->assertEquals(['foo', 'bar'], $user->getRoles());
     }
 }

test/UserRepository/HtpasswdFactoryTest.php

@@ -13,6 +13,7 @@
 use Psr\Container\ContainerInterface;
 use Zend\Expressive\Authentication\Exception\InvalidConfigException;
 use Zend\Expressive\Authentication\UserInterface;
+use Zend\Expressive\Authentication\UserInterfaceFactory;
 use Zend\Expressive\Authentication\UserRepository\Htpasswd;
 use Zend\Expressive\Authentication\UserRepository\HtpasswdFactory;
 
@@ -21,7 +22,7 @@ class HtpasswdFactoryTest extends TestCase
     protected function setUp()
     {
         $this->container = $this->prophesize(ContainerInterface::class);
-        $this->user = $this->prophesize(UserInterface::class);
+        $this->user = $this->prophesize(UserInterfaceFactory::class);
         $this->factory = new HtpasswdFactory();
     }
 

test/UserRepository/HtpasswdTest.php

@@ -12,35 +12,35 @@
 use PHPUnit\Framework\TestCase;
 use Prophecy\Argument;
 use Zend\Expressive\Authentication\UserInterface;
+use Zend\Expressive\Authentication\UserInterfaceFactory;
 use Zend\Expressive\Authentication\UserRepositoryInterface;
 use Zend\Expressive\Authentication\UserRepository\Htpasswd;
 
 class HtpasswdTest extends TestCase
 {
+    const EXAMPLE_IDENTITY = 'test';
+
     protected function setUp()
     {
-        $user = $this->prophesize(UserInterface::class);
-        $user->setIdentity(Argument::type('string'))->will(function ($args) use ($user) {
-            $user->getIdentity()->willReturn($args[0]);
-        });
-        $user->setRoles(Argument::type('array'))->will(function ($args) use ($user) {
-            $user->getRoles()->willReturn($args[0]);
-        });
-        $this->user = $user;
+        $this->user = $this->prophesize(UserInterface::class);
+        $this->user->getIdentity()->willReturn(self::EXAMPLE_IDENTITY);
+        $this->userFactory = $this->prophesize(UserInterfaceFactory::class);
+        $this->userFactory->generate(Argument::type('string'), Argument::type('array'))
+                          ->willReturn($this->user->reveal());
     }
     /**
      * @expectedException Zend\Expressive\Authentication\Exception\InvalidConfigException
      */
     public function testConstructorWithNoFile()
     {
-        $htpasswd = new Htpasswd('foo', $this->user->reveal());
+        $htpasswd = new Htpasswd('foo', $this->userFactory->reveal());
     }
 
     public function testConstructor()
     {
         $htpasswd = new Htpasswd(
             __DIR__ . '/../TestAssets/htpasswd',
-            $this->user->reveal()
+            $this->userFactory->reveal()
         );
         $this->assertInstanceOf(UserRepositoryInterface::class, $htpasswd);
     }
@@ -49,30 +49,30 @@ public function testAuthenticate()
     {
         $htpasswd = new Htpasswd(
             __DIR__ . '/../TestAssets/htpasswd',
-            $this->user->reveal()
+            $this->userFactory->reveal()
         );
 
-        $user = $htpasswd->authenticate('test', 'password');
+        $user = $htpasswd->authenticate(self::EXAMPLE_IDENTITY, 'password');
         $this->assertInstanceOf(UserInterface::class, $user);
-        $this->assertEquals('test', $user->getIdentity());
+        $this->assertEquals(self::EXAMPLE_IDENTITY, $user->getIdentity());
     }
 
     public function testAuthenticateInvalidUser()
     {
         $htpasswd = new Htpasswd(
             __DIR__ . '/../TestAssets/htpasswd',
-            $this->user->reveal()
+            $this->userFactory->reveal()
         );
-        $this->assertNull($htpasswd->authenticate('test', 'foo'));
+        $this->assertNull($htpasswd->authenticate(self::EXAMPLE_IDENTITY, 'foo'));
     }
 
     public function testAuthenticateWithoutPassword()
     {
         $htpasswd = new Htpasswd(
             __DIR__ . '/../TestAssets/htpasswd',
-            $this->user->reveal()
+            $this->userFactory->reveal()
         );
-        $this->assertNull($htpasswd->authenticate('test', null));
+        $this->assertNull($htpasswd->authenticate(self::EXAMPLE_IDENTITY, null));
     }
 
     /**
@@ -82,8 +82,8 @@ public function testAuthenticateWithInsecureHash()
     {
         $htpasswd = new Htpasswd(
             __DIR__ . '/../TestAssets/htpasswd_insecure',
-            $this->user->reveal()
+            $this->userFactory->reveal()
         );
-        $htpasswd->authenticate('test', 'password');
+        $htpasswd->authenticate(self::EXAMPLE_IDENTITY, 'password');
     }
 }

test/UserRepository/PdoDatabaseFactoryTest.php

@@ -13,6 +13,7 @@
 use Psr\Container\ContainerInterface;
 use Zend\Expressive\Authentication\Exception\InvalidConfigException;
 use Zend\Expressive\Authentication\UserInterface;
+use Zend\Expressive\Authentication\UserInterfaceFactory;
 use Zend\Expressive\Authentication\UserRepository\PdoDatabase;
 use Zend\Expressive\Authentication\UserRepository\PdoDatabaseFactory;
 
@@ -21,7 +22,7 @@ class PdoDatabaseFactoryTest extends TestCase
     protected function setUp()
     {
         $this->container = $this->prophesize(ContainerInterface::class);
-        $this->user = $this->prophesize(UserInterface::class);
+        $this->userFactory = $this->prophesize(UserInterfaceFactory::class);
         $this->factory = new PdoDatabaseFactory();
     }
 
@@ -79,7 +80,7 @@ public function testInvokeWithInvalidConfig($pdoConfig)
         $this->container->get('config')->willReturn([
             'authentication' => [ 'pdo' => $pdoConfig ]
         ]);
-        $this->container->get(UserInterface::class)->willReturn($this->user->reveal());
+        $this->container->get(UserInterface::class)->willReturn($this->userFactory->reveal());
         $pdoDatabase = ($this->factory)($this->container->reveal());
     }
 
@@ -97,7 +98,7 @@ public function testInvokeWithValidConfig()
                 ]
             ]
         ]);
-        $this->container->get(UserInterface::class)->willReturn($this->user->reveal());
+        $this->container->get(UserInterface::class)->willReturn($this->userFactory->reveal());
         $pdoDatabase = ($this->factory)($this->container->reveal());
         $this->assertInstanceOf(PdoDatabase::class, $pdoDatabase);
     }