Add coverage

Author: cicnavi

config/module_oidc.php.dist

@@ -379,7 +379,7 @@ $config = [
     // and value is Trust Mark Issuer ID, each representing a Trust Mark issued to this entity. Each Trust Mark ID
     // in this array will be dynamically fetched from noted Trust Mark Issuer as necessary. If federation caching
     // is enabled (recommended), fetched Trust Marks will also be cached until their expiry.
-    ModuleConfig::OPTION_FEDERATION_DYNAMIC_TRUST_MARK_TOKENS => [
+    ModuleConfig::OPTION_FEDERATION_DYNAMIC_TRUST_MARKS => [
 //        'trust-mark-id' => 'trust-mark-issuer-id',
     ],
 

src/ModuleConfig.php

@@ -76,7 +76,7 @@ class ModuleConfig
     final public const OPTION_FEDERATION_CACHE_MAX_DURATION_FOR_FETCHED = 'federation_cache_max_duration_for_fetched';
     final public const OPTION_FEDERATION_TRUST_ANCHORS = 'federation_trust_anchors';
     final public const OPTION_FEDERATION_TRUST_MARK_TOKENS = 'federation_trust_mark_tokens';
-    final public const OPTION_FEDERATION_DYNAMIC_TRUST_MARK_TOKENS = 'federation_dynamic_trust_mark_tokens';
+    final public const OPTION_FEDERATION_DYNAMIC_TRUST_MARKS = 'federation_dynamic_trust_mark_tokens';
     final public const OPTION_FEDERATION_CACHE_DURATION_FOR_PRODUCED = 'federation_cache_duration_for_produced';
     final public const OPTION_PROTOCOL_CACHE_ADAPTER = 'protocol_cache_adapter';
     final public const OPTION_PROTOCOL_CACHE_ADAPTER_ARGUMENTS = 'protocol_cache_adapter_arguments';
@@ -636,7 +636,7 @@ public function getFederationTrustMarkTokens(): ?array
     public function getFederationDynamicTrustMarks(): ?array
     {
         $dynamicTrustMarks = $this->config()->getOptionalArray(
-            self::OPTION_FEDERATION_DYNAMIC_TRUST_MARK_TOKENS,
+            self::OPTION_FEDERATION_DYNAMIC_TRUST_MARKS,
             null,
         );
 

tests/unit/src/Controllers/Admin/ConfigControllerTest.php

@@ -28,6 +28,8 @@ class ConfigControllerTest extends TestCase
     protected MockObject $federationMock;
     protected MockObject $routesMock;
     protected MockObject $trustMarkFactoryMock;
+    protected MockObject $entityStatementFetcherMock;
+    protected MockObject $trustMarkFetcherMock;
 
     protected function setUp(): void
     {
@@ -41,6 +43,12 @@ protected function setUp(): void
 
         $this->trustMarkFactoryMock = $this->createMock(TrustMarkFactory::class);
         $this->federationMock->method('trustMarkFactory')->willReturn($this->trustMarkFactoryMock);
+
+        $this->entityStatementFetcherMock = $this->createMock(Federation\EntityStatementFetcher::class);
+        $this->federationMock->method('entityStatementFetcher')->willReturn($this->entityStatementFetcherMock);
+
+        $this->trustMarkFetcherMock = $this->createMock(Federation\TrustMarkFetcher::class);
+        $this->federationMock->method('trustMarkFetcher')->willReturn($this->trustMarkFetcherMock);
     }
 
     public function sut(
@@ -129,4 +137,25 @@ public function testCanIncludeTrustMarksInFederationSettings(): void
 
         $this->sut()->federationSettings();
     }
+
+    public function testCanIncludeDynamicTrustMarksInFederationSettings(): void
+    {
+        $this->moduleConfigMock->method('getIssuer')->willReturn('issuer-id');
+        $this->moduleConfigMock->method('getFederationDynamicTrustMarks')
+            ->willReturn(['trust-mark-id' => 'trust-mark-issuer-id']);
+
+        $this->entityStatementFetcherMock->expects($this->once())->method('fromCacheOrWellKnownEndpoint')
+            ->with('trust-mark-issuer-id');
+
+        $this->trustMarkFetcherMock->expects($this->once())->method('fromCacheOrFederationTrustMarkEndpoint')
+            ->with(
+                'trust-mark-id',
+                'issuer-id',
+            );
+
+        $this->templateFactoryMock->expects($this->once())->method('build')
+            ->with('oidc:config/federation.twig');
+
+        $this->sut()->federationSettings();
+    }
 }

tests/unit/src/ModuleConfigTest.php

@@ -378,9 +378,86 @@ public function testCanGetProtocolDiscoveryShowClaimsSupported(): void
         $this->assertFalse($this->sut()->getProtocolDiscoveryShowClaimsSupported());
         $this->assertTrue(
             $this->sut(
-                null,
-                [ModuleConfig::OPTION_PROTOCOL_DISCOVERY_SHOW_CLAIMS_SUPPORTED => true],
+                overrides: [ModuleConfig::OPTION_PROTOCOL_DISCOVERY_SHOW_CLAIMS_SUPPORTED => true],
             )->getProtocolDiscoveryShowClaimsSupported(),
         );
     }
+
+    public function testCanGetProtocolNewCertPath(): void
+    {
+        $this->assertNull($this->sut()->getProtocolNewCertPath());
+
+        $sut = $this->sut(
+            overrides: [ModuleConfig::OPTION_PKI_NEW_CERTIFICATE_FILENAME => 'new-cert'],
+        );
+
+        $this->assertStringContainsString('new-cert', $sut->getProtocolNewCertPath());
+    }
+
+    public function testCanGetFederationNewCertPath(): void
+    {
+        $this->assertNull($this->sut()->getFederationNewCertPath());
+
+        $sut = $this->sut(
+            overrides: [ModuleConfig::OPTION_PKI_FEDERATION_NEW_CERTIFICATE_FILENAME => 'new-cert'],
+        );
+
+        $this->assertStringContainsString('new-cert', $sut->getFederationNewCertPath());
+    }
+
+    public function testCanGetFederationDynamicTrustMarks(): void
+    {
+        $this->assertNull($this->sut()->getFederationDynamicTrustMarks());
+
+        $sut = $this->sut(
+            overrides: [
+                ModuleConfig::OPTION_FEDERATION_DYNAMIC_TRUST_MARKS => [
+                    'trust-mark-id' => 'trust-mark-issuer-id',
+                ],
+            ],
+        );
+
+        $this->assertArrayHasKey(
+            'trust-mark-id',
+            $sut->getFederationDynamicTrustMarks(),
+        );
+    }
+
+    public function testCanGetFederationParticipationLimitByTrustMarks(): void
+    {
+        $this->assertArrayHasKey(
+            'https://ta.example.org/',
+            $this->sut()->getFederationParticipationLimitByTrustMarks(),
+        );
+    }
+
+    public function testCanGetTrustMarksNeededForFederationParticipationFor(): void
+    {
+        $neededTrustMarks = $this->sut()->getTrustMarksNeededForFederationParticipationFor('https://ta.example.org/');
+
+        $this->assertArrayHasKey('one_of', $neededTrustMarks);
+        $this->assertTrue(in_array('trust-mark-id', $neededTrustMarks['one_of']));
+    }
+
+    public function testGetTrustMarksNeededForFederationParticipationForThrowsOnInvalidConfigValue(): void
+    {
+        $sut = $this->sut(
+            overrides: [
+                ModuleConfig::OPTION_FEDERATION_PARTICIPATION_LIMIT_BY_TRUST_MARKS => [
+                    'https://ta.example.org/' => 'invalid',
+                ],
+            ],
+        );
+
+        $this->expectException(ConfigurationError::class);
+
+        $sut->getTrustMarksNeededForFederationParticipationFor('https://ta.example.org/');
+    }
+
+    public function testCanGetIsFederationParticipationLimitedByTrustMarksFor(): void
+    {
+        $this->assertTrue(
+            $this->sut()->isFederationParticipationLimitedByTrustMarksFor('https://ta.example.org/'),
+        );
+    }
 }