Skip to content

Commit 342c052

Browse files
committed
160 - Add Revoke Customer token func, and test
1 parent 6e05396 commit 342c052

File tree

3 files changed

+140
-0
lines changed

3 files changed

+140
-0
lines changed
Lines changed: 80 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,80 @@
1+
<?php
2+
/**
3+
* Copyright © Magento, Inc. All rights reserved.
4+
* See COPYING.txt for license details.
5+
*/
6+
declare(strict_types=1);
7+
8+
namespace Magento\CustomerGraphQl\Model\Resolver\Customer\Account;
9+
10+
use Magento\Authorization\Model\UserContextInterface;
11+
use Magento\Framework\GraphQl\Config\Element\Field;
12+
use Magento\Framework\GraphQl\Exception\GraphQlAuthorizationException;
13+
use Magento\Framework\GraphQl\Query\Resolver\Value;
14+
use Magento\Framework\GraphQl\Query\Resolver\ValueFactory;
15+
use Magento\Framework\GraphQl\Query\ResolverInterface;
16+
use Magento\Framework\GraphQl\Schema\Type\ResolveInfo;
17+
use Magento\Integration\Api\CustomerTokenServiceInterface;
18+
19+
/**
20+
* Customers Revoke Token resolver, used for GraphQL request processing.
21+
*/
22+
class RevokeCustomerToken implements ResolverInterface
23+
{
24+
/**
25+
* @var UserContextInterface
26+
*/
27+
private $userContext;
28+
29+
/**
30+
* @var CustomerTokenServiceInterface
31+
*/
32+
private $customerTokenService;
33+
34+
/**
35+
* @var ValueFactory
36+
*/
37+
private $valueFactory;
38+
39+
/**
40+
* @param UserContextInterface $userContext
41+
* @param CustomerTokenServiceInterface $customerTokenService
42+
* @param ValueFactory $valueFactory
43+
*/
44+
public function __construct(
45+
UserContextInterface $userContext,
46+
CustomerTokenServiceInterface $customerTokenService,
47+
ValueFactory $valueFactory
48+
) {
49+
$this->userContext = $userContext;
50+
$this->customerTokenService = $customerTokenService;
51+
$this->valueFactory = $valueFactory;
52+
}
53+
54+
/**
55+
* @inheritdoc
56+
*/
57+
public function resolve(
58+
Field $field,
59+
$context,
60+
ResolveInfo $info,
61+
array $value = null,
62+
array $args = null
63+
): Value {
64+
if ((!$context->getUserId()) || $context->getUserType() == UserContextInterface::USER_TYPE_GUEST) {
65+
throw new GraphQlAuthorizationException(
66+
__(
67+
'Current customer does not have access to the resource "%1"',
68+
[\Magento\Customer\Model\Customer::ENTITY]
69+
)
70+
);
71+
}
72+
$customerId = $context->getUserId();
73+
74+
$result = function () use ($customerId) {
75+
return $this->customerTokenService->revokeCustomerAccessToken($customerId);
76+
};
77+
78+
return $this->valueFactory->create($result);
79+
}
80+
}

app/code/Magento/CustomerGraphQl/etc/schema.graphqls

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@ type Query {
88
type Mutation {
99
generateCustomerToken(email: String!, password: String!): CustomerToken @resolver(class: "\\Magento\\CustomerGraphQl\\Model\\Resolver\\Customer\\Account\\GenerateCustomerToken") @doc(description:"Retrieve Customer token")
1010
changeCustomerPassword(currentPassword: String!, newPassword: String!): Customer @resolver(class: "\\Magento\\CustomerGraphQl\\Model\\Resolver\\Customer\\Account\\ChangePassword") @doc(description:"Changes password for logged in customer")
11+
revokeCustomerToken: Boolean @resolver(class: "\\Magento\\CustomerGraphQl\\Model\\Resolver\\Customer\\Account\\RevokeCustomerToken") @doc(description:"Revoke Customer token")
1112
}
1213

1314
type CustomerToken {
Lines changed: 59 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,59 @@
1+
<?php
2+
/**
3+
* Copyright © Magento, Inc. All rights reserved.
4+
* See COPYING.txt for license details.
5+
*/
6+
declare(strict_types=1);
7+
8+
namespace Magento\GraphQl\Customer;
9+
10+
use Magento\TestFramework\ObjectManager;
11+
use Magento\TestFramework\TestCase\GraphQlAbstract;
12+
13+
/**
14+
* Test for revoke customer token mutation
15+
*/
16+
class RevokeCustomerTokenTest extends GraphQlAbstract
17+
{
18+
/**
19+
* Verify customers with valid credentials
20+
* @magentoApiDataFixture Magento/Customer/_files/customer.php
21+
*/
22+
public function testRevokeCustomerTokenValidCredentials()
23+
{
24+
$query = <<<QUERY
25+
mutation {
26+
revokeCustomerToken
27+
}
28+
QUERY;
29+
30+
$userName = '[email protected]';
31+
$password = 'password';
32+
/** @var CustomerTokenServiceInterface $customerTokenService */
33+
$customerTokenService = ObjectManager::getInstance()
34+
->get(\Magento\Integration\Api\CustomerTokenServiceInterface::class);
35+
$customerToken = $customerTokenService->createCustomerAccessToken($userName, $password);
36+
37+
$headerMap = ['Authorization' => 'Bearer ' . $customerToken];
38+
$response = $this->graphQlQuery($query, [], '', $headerMap);
39+
$this->assertTrue($response['revokeCustomerToken']);
40+
}
41+
42+
/**
43+
* Verify guest customers
44+
*/
45+
public function testRevokeCustomerTokenForGuestCustomer()
46+
{
47+
$query = <<<QUERY
48+
mutation {
49+
revokeCustomerToken
50+
}
51+
QUERY;
52+
$this->expectException(\Exception::class);
53+
$this->expectExceptionMessage(
54+
'GraphQL response contains errors: Current customer' . ' ' .
55+
'does not have access to the resource "customer"'
56+
);
57+
$response = $this->graphQlQuery($query, [], '');
58+
}
59+
}

0 commit comments

Comments
 (0)