Fix E2E test API responses (#35)

* fix: updated API response format for auth request, configured backend URL for Playwright, and fixed responses for invite API

* chore: update MOCKIN URL to use localhost instead of 127.0.0.1

* Uncomment the e2e tests from GHA.

* Convert GET request with op and login_hint to POST params before routing in HelloClient handler

* Command handler: default sub to empty string when JWT claim is missing; add GET /post-test (REQUEST_METHOD=GET) to simulate POST

* fix: unit test, invalid schema for mock redirect url

* add redirect to login when request contains iss, login_hint, domain_hint, target_link_uri, or redirect_uri and validate issuer

* fix: tighten types and null checks in HelloClient

- Updated getAuth() return docblock and added array checks before accessing authCookie
- Casted fields (email, name, picture, sub) to string/bool to satisfy static analysis
- Ensured json() always receives associative array<string, mixed>
- Casted $iss and $op to string before use and fixed error message format

* test: fix asset string in testCanGenerateInviteUrl

- Corrected invite URL asset string in InviteTest::testCanGenerateInviteUrl
- Verified Invite handler generates expected URL

* refactor: clean up HelloClient constructor and remove unreachable ternary

- Directly use getHelloDomain() for issuer initialization (typed as string)
- Removed redundant else branch flagged by PHPStan
- Preserved all other logic and type safety

* fix(invite): normalize return_uri to remove unreachable ternary

- Precompute $returnUri before building request to avoid PHPStan warning
- Keeps logic same but eliminates 'else branch is unreachable' issue

* fix(invite): replace ternary with if block for returnUri

- Removed unreachable else branch flagged by PHPStan
- Now sets $returnUri using a simple if statement

* Name the artifact uniquely e2e matrix.

* Fix lint issues.

getHelloDomain() method will never return a null, so no need to do
a null check on it.

---------

Co-authored-by: Unnikrishnan B <unnikrishnanadoor@gmail.com>

Author: fraggerfox

.github/workflows/continuous-integration.yml

@@ -187,14 +187,14 @@ jobs:
       - name: Install dependencies
         run: cd e2e-tests && npm ci && npx playwright install --with-deps
 
-      # # Run the e2e tests
-      # - name: Run Playwright tests
-      #   run: cd e2e-tests && npx playwright test
-
-      # # Upload report after each run
-      # - uses: actions/upload-artifact@v4
-      #   if: ${{ !cancelled() }}
-      #   with:
-      #     name: playwright-report
-      #     path: ./e2e-tests/playwright-report/
-      #     retention-days: 30
+      # Run the e2e tests
+      - name: Run Playwright tests
+        run: cd e2e-tests && npx playwright test
+
+      # Upload report after each run
+      - uses: actions/upload-artifact@v4
+        if: ${{ !cancelled() }}
+        with:
+          name: playwright-report-${{ matrix.php-version }}-${{ matrix.operating-system }}
+          path: ./e2e-tests/playwright-report/
+          retention-days: 30

e2e-tests/index.php

@@ -5,15 +5,14 @@
 use HelloCoop\Config\HelloConfigBuilder;
 use HelloCoop\HelloClient;
 
-
 define('API_ROUTE', '/api/hellocoop');
 
 $builder = new HelloConfigBuilder();
 $config = $builder
-    ->setApiRoute('/api/hellocoop')
-    ->setAuthApiRoute('/api/hellocoop?op=auth')
-    ->setLoginApiRoute('/api/hellocoop?op=login')
-    ->setLogoutApiRoute('/api/hellocoop?op=logout')
+    ->setApiRoute(API_ROUTE)
+    ->setAuthApiRoute(API_ROUTE . '?op=auth')
+    ->setLoginApiRoute(API_ROUTE . '?op=login')
+    ->setLogoutApiRoute(API_ROUTE . '?op=logout')
     ->setSameSiteStrict(false)
     ->setClientId('000000-0000-0000-0000-000000000000')
     ->setRedirectURI('http://localhost:8000/api/hellocoop')
@@ -22,17 +21,42 @@
     ->setScope(['openid', 'profile', 'email'])
     ->build();
 
-// Step 3: Create an instance of HelloClient
 $helloClient = new HelloClient($config);
 
-$requestUri = $_SERVER['REQUEST_URI'];
-$parsedUrl = parse_url($requestUri); // Extract the path from the request URI, ignoring query parameters
-$requestPath = $parsedUrl['path'] ?? '';
+// Current request path (ignore query string)
+$requestUri  = $_SERVER['REQUEST_URI'] ?? '/';
+$parsedUrl   = parse_url($requestUri);
+$requestPath = $parsedUrl['path'] ?? '/';
 
-// Step 4: Route Hellō API requests
+// 1) Direct Hellō API route → just route it
 if ($requestPath === API_ROUTE) {
-    $helloClient->route(); // Handle the routing of the API request
+    print $helloClient->route();
+    exit;
+}
+
+// 2) If a GET like /post-test?op=login&login_hint=... arrives,
+// convert it into a POST and let HelloClient handle it.
+// Handle GET /post-test?... by converting selected query params to POST
+if ($requestPath === '/post-test' && $_SERVER['REQUEST_METHOD'] === 'GET') {
+    $allowed = ['op', 'login_hint', 'domain_hint', 'iss', 'command_token'];
+
+    $payload = [];
+    foreach ($allowed as $key) {
+        if (isset($_GET[$key])) {
+            $payload[$key] = $_GET[$key];
+        }
+    }
+
+    if (!empty($payload)) {
+        $_POST = $payload;
+        $_SERVER['REQUEST_METHOD'] = 'POST';
+        $_SERVER['CONTENT_TYPE'] = $_SERVER['CONTENT_TYPE'] ?? 'application/x-www-form-urlencoded';
+
+        print $helloClient->route();
+        exit;
+    }
 }
 
+// 3) Fallback: return current auth status
 header('Content-Type: application/json');
 print json_encode($helloClient->getAuth());

e2e-tests/php.spec.ts

@@ -1,5 +1,6 @@
 const APP_HOME = 'http://localhost:8000/'
 const MOCKIN = 'http://localhost:3333/'
+
 const APP_API = APP_HOME + 'api/hellocoop'
 
 import { test, expect } from '@playwright/test'

src/Handler/Command.php

@@ -145,7 +145,7 @@ public function handleCommand(): string
         /** @var string $iss */
         $iss = $claims['iss'];
         /** @var string $sub */
-        $sub = $claims['sub'];
+        $sub = $claims['sub'] ?? '';
         /** @var string|null $tenant */
         $tenant = isset($claims['tenant']) ? $claims['tenant'] : null;
         /** @var array<string>|null $groups */

src/Handler/Invite.php

@@ -1,5 +1,7 @@
 <?php
 
+declare(strict_types=1);
+
 namespace HelloCoop\Handler;
 
 use Exception;
@@ -8,7 +10,7 @@
 use HelloCoop\Config\ConfigInterface;
 use HelloCoop\Lib\Auth as AuthLib;
 
-class Invite
+final class Invite
 {
     private HelloResponseInterface $helloResponse;
     private HelloRequestInterface $helloRequest;
@@ -20,9 +22,9 @@ public function __construct(
         HelloResponseInterface $helloResponse,
         ConfigInterface $config
     ) {
-        $this->helloRequest = $helloRequest;
+        $this->helloRequest  = $helloRequest;
         $this->helloResponse = $helloResponse;
-        $this->config = $config;
+        $this->config        = $config;
     }
 
     private function getAuthLib(): AuthLib
@@ -34,43 +36,123 @@ private function getAuthLib(): AuthLib
         );
     }
 
+    /**
+     * Build origin like "https://example.com[:port]" from a URL.
+     * Falls back to empty string if not derivable.
+     */
+    private function buildOrigin(?string $url): string
+    {
+        if ($url === null || $url === '') {
+            return '';
+        }
+        $parts = parse_url($url);
+        if ($parts === false || !isset($parts['scheme'], $parts['host'])) {
+            return '';
+        }
+        $origin = $parts['scheme'] . '://' . $parts['host'];
+        if (isset($parts['port'])) {
+            $origin .= ':' . (string)$parts['port'];
+        }
+        return $origin;
+    }
+
+    /**
+     * Safely fetch a string from an array of mixed.
+     * @param array<string,mixed> $arr
+     */
+    private function strFrom(array $arr, string $key, ?string $default = null): ?string
+    {
+        $v = $arr[$key] ?? null;
+        return is_string($v) ? $v : $default;
+    }
+
     /**
      * @throws Exception
      */
     public function generateInviteUrl(): string
     {
+        /** @var array<string,mixed> $params */
         $params = $this->helloRequest->fetchMultiple([
             'target_uri',
             'app_name',
             'prompt',
             'role',
             'tenant',
             'state',
-            'redirect_uri'
+            'redirect_uri',
         ]);
 
-        $auth = $this->getAuthLib()->getAuthfromCookies();
-        if (empty($auth->toArray()['authCookie'])) {
-            throw new Exception("User not logged in");
+        $auth    = $this->getAuthLib()->getAuthfromCookies();
+        $authArr = $auth->toArray();
+
+        /** @var array<string,mixed>|null $cookie */
+        $cookie = isset($authArr['authCookie']) && is_array($authArr['authCookie'])
+            ? $authArr['authCookie']
+            : null;
+
+        if ($cookie === null) {
+            throw new Exception('User not logged in');
+        }
+
+        $inviterSub = $this->strFrom($cookie, 'sub', '');
+        if ($inviterSub === '') {
+            throw new Exception('User cookie missing');
         }
 
-        if (empty($auth->toArray()['authCookie']['sub'])) {
-            throw new Exception("User coookie missing");
+        // Choose redirect URI: request param overrides config if present
+        $redirectURIParam = $this->strFrom($params, 'redirect_uri');
+        $redirectURIConf  = $this->config->getRedirectURI(); // ?string
+        $redirectURI      = $redirectURIParam !== null && $redirectURIParam !== ''
+            ? $redirectURIParam
+            : ($redirectURIConf ?? '');
+
+        $origin = $this->buildOrigin($redirectURI);
+        $defaultTargetURI = ($origin !== '' ? $origin . '/' : '/');
+
+        // Safe inviter/app names
+        $inviterName = $this->strFrom($cookie, 'name')
+            ?? $this->strFrom($authArr, 'name')
+            ?? 'Someone';
+
+        $appName = $this->strFrom($params, 'app_name', 'your app');
+
+        $defaultPrompt = sprintf(
+            '%s has invited you to join %s',
+            $inviterName,
+            $appName
+        );
+
+        // Safe scalar config values
+        $clientIdRaw    = $this->config->getClientId();
+        $clientId       = is_string($clientIdRaw) ? $clientIdRaw : '';
+        $helloDomain    = $this->config->getHelloDomain();
+
+        $targetUri = $this->strFrom($params, 'target_uri');
+        $returnUri = $defaultTargetURI;
+        if ($targetUri !== null && $targetUri !== '') {
+            $returnUri = $targetUri;
         }
 
         $request = [
-            'app_name' => $params['app_name'],
-            'prompt' => $params['prompt'],
-            'role' =>  $params['role'],
-            'tenant' => $params['tenant'],
-            'state' => $params['state'],
-            'inviter' => $auth->toArray()['authCookie']['sub'], //TODO: add a getter function for this value.
-            'client_id' => $this->config->getClientId(),
-            'initiate_login_uri' => $this->config->getRedirectURI() ?? '/', //TODO: need to fix this
-            'return_uri' => $params['target_uri']
+            'app_name'           => $this->strFrom($params, 'app_name'),
+            'prompt'             => $this->strFrom($params, 'prompt', $defaultPrompt),
+            'role'               => $this->strFrom($params, 'role'),
+            'tenant'             => $this->strFrom($params, 'tenant'),
+            'state'              => $this->strFrom($params, 'state'),
+            'inviter'            => $inviterSub,
+            'client_id'          => $clientId,
+            'initiate_login_uri' => $redirectURI !== '' ? $redirectURI : '/',
+            'return_uri'         => $returnUri,
         ];
 
-        $queryString = http_build_query($request);
-        return "https://wallet.{$this->config->getHelloDomain()}/invite?" . $queryString;
+        // Remove nulls so http_build_query only serializes present fields
+        $request = array_filter(
+            $request,
+            static fn($v) => $v !== null
+        );
+
+        $queryString = http_build_query($request, '', '&', PHP_QUERY_RFC3986);
+
+        return 'https://wallet.' . $helloDomain . '/invite?' . $queryString;
     }
 }

src/Handler/Login.php

@@ -126,7 +126,7 @@ public function generateLoginUrl(): string
         $authResponse = $this->getAuthHelper()->createAuthRequest($request);
 
         /** @var string $targetUri */
-        $targetUri = $params['target_uri'];
+        $targetUri = $params['target_uri'] ?? '/';
 
         $this->getOIDCManager()->saveOidc(OIDC::fromArray([
             'nonce' => $authResponse['nonce'],