fixed issue with renewing licenses

Author: Tbaile

app/Http/Controllers/NetifyLicenseController.php

@@ -20,13 +20,19 @@ public function community(NetifydLicenseRepository $licenseProvider): JsonRespon
     private function run(NetifydLicenseRepository $licenseProvider, NetifydLicenseType $licenseType): JsonResponse
     {
         // If license is in cache, return it.
-        if (Cache::has($licenseType->cacheLabel())) {
-            Log::debug('Requested netifyd license found in cache, returning it.');
-
-            return response()->json(Cache::get($licenseType->cacheLabel()));
+        $license = Cache::get($licenseType->cacheLabel());
+        if ($license != null) {
+            Log::debug('Requested netifyd license found in cache.');
+            $expiration = Carbon::createFromTimestampUTC($license['expire_at']['unix'])->startOfDay()->toImmutable();
+            // License is still valid, return it.
+            if ($expiration > now()->utc()->startOfDay()) {
+                return response()->json($license);
+            }
+            Log::warning('Found license expired in cache, pruning.');
+            Cache::forget($licenseType->cacheLabel());
         }
 
-        Log::debug('Requested netifyd license not found in cache, checking remote server.');
+        Log::debug('Checking remote server for license.');
         // Check if the community license is on the remote server.
         try {
             $licenses = $licenseProvider->listLicenses();
@@ -46,16 +52,18 @@ private function run(NetifydLicenseRepository $licenseProvider, NetifydLicenseTy
         // Got license, checking if everything is in place.
         Log::debug('Netifyd license recovered from remote server, checking if it can be renewed.');
         $expiration = Carbon::createFromTimestampUTC($license['expire_at']['unix'])->startOfDay()->toImmutable();
-        $creation = Carbon::createFromTimestampUTC($license['created_at']['unix'])->startOfDay()->toImmutable();
-        $diff = $creation->diff($expiration)->cascade()->totalDays;
-        $renewalThreshold = $creation->addDays(ceil($diff / 2));
+        $renewalThreshold = $expiration->subDays(floor($licenseType->durationDays() / 2));
         $now = now()->utc()->startOfDay();
         if ($renewalThreshold <= $now) {
             Log::debug('Netifyd license can be renewed, renewing it.');
             try {
                 $license = $licenseProvider->renewLicense($licenseType, $license['serial']);
             } catch (Exception $e) {
-                return response()->json(['message' => $e->getMessage()], 500);
+                if ($expiration <= $now) {
+                    return response()->json(['message' => 'License has expired and could not be renewed: '.$e->getPrevious()?->getMessage()], 500);
+                } else {
+                    Log::warning('License could not be renewed, but is still valid: '.$e->getPrevious()?->getMessage());
+                }
             }
         }
         Cache::put($licenseType->cacheLabel(), $license, now()->addHour());

app/Http/Middleware/CommunityLicenceCheck.php

@@ -20,10 +20,8 @@ public function handle(Request $request, Closure $next): Response
     {
         $systemId = $request->headers->get('php-auth-user');
         $secret = $request->headers->get('php-auth-pw');
+        abort_unless($this->licenceVerification->communityCheck($systemId, $secret), 401, 'Unauthorized.');
 
-        if ($this->licenceVerification->communityCheck($systemId, $secret)) {
-            return $next($request);
-        }
-        abort(401);
+        return $next($request);
     }
 }

app/Http/Middleware/EnterpriseLicenceCheck.php

@@ -20,10 +20,8 @@ public function handle(Request $request, Closure $next): Response
     {
         $systemId = $request->headers->get('php-auth-user');
         $secret = $request->headers->get('php-auth-pw');
+        abort_unless($this->licenceVerification->enterpriseCheck($systemId, $secret), 401, 'Unauthorized.');
 
-        if ($this->licenceVerification->enterpriseCheck($systemId, $secret)) {
-            return $next($request);
-        }
-        abort(401);
+        return $next($request);
     }
 }

app/Logic/NetifydLicenseRepository.php

@@ -58,7 +58,7 @@ public function renewLicense(NetifydLicenseType $licenseType, string $serial): a
         try {
             return Http::withHeader('x-api-key', config('netifyd.api-key'))
                 ->post(config('netifyd.endpoint').'/api/v2/integrator/licenses/'.$serial.'/renew', [
-                    'duration_days' => $licenseType->durationDays(),
+                    'expire_at' => now()->utc()->startOfDay()->addDays($licenseType->durationDays())->subDay()->toDateString(),
                 ])->throw()
                 ->json('data');
 

tests/Feature/Http/Controllers/NetifyLicenceControllerTest.php

@@ -22,11 +22,16 @@
     ]);
 
     it('can access free license without credentials', function () {
-        Cache::expects('has')->with(NetifydLicenseType::COMMUNITY->cacheLabel())->andReturnTrue();
-        Cache::expects('get')->with(NetifydLicenseType::COMMUNITY->cacheLabel())->andReturn(['license_key' => 'cache']);
+        $fakeLicense = [
+            'issued_to' => NetifydLicenseType::COMMUNITY->label(),
+            'expire_at' => [
+                'unix' => now()->addDays(2)->unix(),
+            ],
+        ];
+        Cache::expects('get')->with(NetifydLicenseType::COMMUNITY->cacheLabel())->andReturn($fakeLicense);
         get('/api/netifyd/license')
             ->assertOk()
-            ->assertJson(['license_key' => 'cache']);
+            ->assertJson($fakeLicense);
     });
 });
 
@@ -41,25 +46,60 @@
     });
 
     it('can access enterprise license with credentials', function () {
-        Cache::expects('has')->with(NetifydLicenseType::ENTERPRISE->cacheLabel())->andReturnTrue();
-        Cache::expects('get')->with(NetifydLicenseType::ENTERPRISE->cacheLabel())->andReturn(['license_key' => 'cache']);
+        $fakeLicense = [
+            'issued_to' => NetifydLicenseType::ENTERPRISE->label(),
+            'expire_at' => [
+                'unix' => now()->addDays(2)->unix(),
+            ],
+        ];
+        Cache::expects('get')->with(NetifydLicenseType::ENTERPRISE->cacheLabel())->andReturn($fakeLicense);
         withBasicAuth('', '')
             ->get('/api/netifyd/community/license')
             ->assertOk()
-            ->assertJson(['license_key' => 'cache']);
+            ->assertJson($fakeLicense);
     });
 
-    it('serves correctly cache if present', function () {
-        Cache::expects('has')->with(NetifydLicenseType::ENTERPRISE->cacheLabel())->andReturnTrue();
-        Cache::expects('get')->with(NetifydLicenseType::ENTERPRISE->cacheLabel())->andReturn(['license_key' => 'cached-license-key']);
+    it('serves correctly cache if present and not expired', function () {
+        $fakeLicense = [
+            'issued_to' => NetifydLicenseType::ENTERPRISE->label(),
+            'expire_at' => [
+                'unix' => now()->addDays(2)->unix(),
+            ],
+        ];
+        Cache::expects('get')->with(NetifydLicenseType::ENTERPRISE->cacheLabel())->andReturn($fakeLicense);
         Http::preventStrayRequests();
         Http::fake();
         withBasicAuth('system-id', 'secret')
             ->get('/api/netifyd/community/license')
             ->assertOk()
-            ->assertJson([
-                'license_key' => 'cached-license-key',
-            ]);
+            ->assertJson($fakeLicense);
+    });
+
+    it('throws away the cache if license is expired', function () {
+        $fakeLicense = [
+            'issued_to' => NetifydLicenseType::ENTERPRISE->label(),
+            'expire_at' => [
+                'unix' => now()->subDay()->unix(),
+            ],
+        ];
+        Cache::expects('get')->with(NetifydLicenseType::ENTERPRISE->cacheLabel())->andReturn($fakeLicense);
+        Cache::expects('forget')->with(NetifydLicenseType::ENTERPRISE->cacheLabel());
+        $license = [
+            'issued_to' => NetifydLicenseType::ENTERPRISE->label(),
+            'serial' => 'EXAMPLE-ENTERPRISE-SERIAL',
+            'expire_at' => [
+                'unix' => now()->addDays(2)->unix(),
+            ],
+        ];
+        Cache::expects('put')->withSomeOfArgs(NetifydLicenseType::ENTERPRISE->cacheLabel(), $license);
+        partialMock(NetifydLicenseRepository::class, function (MockInterface $mock) use ($license) {
+            $mock->expects('listLicenses')
+                ->andReturn([$license]);
+        });
+        withBasicAuth('system-id', 'secret')
+            ->get('/api/netifyd/community/license')
+            ->assertOk()
+            ->json($license);
     });
 
     it('handles errors from netifyd server', function () {
@@ -82,15 +122,12 @@
             'expire_at' => [
                 'unix' => now()->addDays(2)->unix(),
             ],
-            'created_at' => [
-                'unix' => now()->subDay()->unix(),
-            ],
         ];
         partialMock(NetifydLicenseRepository::class, function (MockInterface $mock) use ($license) {
             $mock->expects('listLicenses')
                 ->andReturn([$license]);
         });
-        Cache::expects('has')->with(NetifydLicenseType::ENTERPRISE->cacheLabel())->andReturnFalse();
+        Cache::expects('get')->with(NetifydLicenseType::ENTERPRISE->cacheLabel())->andReturnNull();
         Cache::expects('put')->withSomeOfArgs(NetifydLicenseType::ENTERPRISE->cacheLabel(), $license);
         withBasicAuth('system-id', 'secret')
             ->get('/api/netifyd/community/license')
@@ -130,9 +167,6 @@
             'expire_at' => [
                 'unix' => now()->addDay()->unix(),
             ],
-            'created_at' => [
-                'unix' => now()->subDays(3)->unix(),
-            ],
         ];
         partialMock(NetifydLicenseRepository::class, function (MockInterface $mock) use ($license) {
             $mock->expects('listLicenses')
@@ -148,15 +182,35 @@
             ->assertOk();
     });
 
-    it('cannot renew license', function () {
+    it('cannot renew license, but it\'s not expired', function () {
         $license = [
             'issued_to' => NetifydLicenseType::ENTERPRISE->label(),
             'serial' => 'EXAMPLE-ENTERPRISE-SERIAL',
             'expire_at' => [
                 'unix' => now()->addDay()->unix(),
             ],
-            'created_at' => [
-                'unix' => now()->subDays(3)->unix(),
+        ];
+        partialMock(NetifydLicenseRepository::class, function (MockInterface $mock) use ($license) {
+            $mock->expects('listLicenses')
+                ->andReturn([
+                    $license,
+                ]);
+            $mock->expects('renewLicense')
+                ->with(NetifydLicenseType::ENTERPRISE, 'EXAMPLE-ENTERPRISE-SERIAL')
+                ->andThrow(new Exception('Cannot renew license'));
+        });
+        withBasicAuth('', '')
+            ->get('/api/netifyd/community/license')
+            ->assertOk()
+            ->assertJson($license);
+    });
+
+    it('cannot renew license, but it\'s expired', function () {
+        $license = [
+            'issued_to' => NetifydLicenseType::ENTERPRISE->label(),
+            'serial' => 'EXAMPLE-ENTERPRISE-SERIAL',
+            'expire_at' => [
+                'unix' => now()->subDay()->unix(),
             ],
         ];
         partialMock(NetifydLicenseRepository::class, function (MockInterface $mock) use ($license) {
@@ -170,8 +224,7 @@
         });
         withBasicAuth('', '')
             ->get('/api/netifyd/community/license')
-            ->assertInternalServerError()
-            ->assertJson(['message' => 'Cannot renew license']);
+            ->assertInternalServerError();
     });
 
 });

tests/Feature/Logic/NetifydLicenceRepositoryTest.php

@@ -41,6 +41,6 @@
     Http::fake([
         '*' => Http::response(json_encode(['error' => 'error']), 500),
     ]);
-    $repository->renewLicense($licenseType, 'dummy');
+    $repository->renewLicense($licenseType, 'example serial', now());
 })->throws('Could not renew license on netifyd:')
     ->with(NetifydLicenseType::cases());