chore: PHP-JWT upgraded to v6.1.0 (#633)

kidunot89 · web-flow · commit b073dce13483 · 2022-06-24T17:42:05.000-04:00
* chore: PHP-JWT upgraded to v6.1.0, Unit tests updated to work with WPGraphQL Testcase v2.3

* chore: PHP7.2 removed from testing workflow matrix.
diff --git a/.github/workflows/continous-integration.yml b/.github/workflows/continous-integration.yml
@@ -22,8 +22,8 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        php: ['8.0', '7.4', '7.3', '7.2']
-        wordpress: ['5.9', '5.6', '5.3']
+        php: ['8.0', '7.4', '7.3']
+        wordpress: ['6.0', '5.9', '5.6']
         composer_version: ['v2']
         include:
           - php: '7.4'
diff --git a/Dockerfile b/Dockerfile
@@ -35,20 +35,18 @@ RUN curl -sS https://getcomposer.org/installer | php -- \
 # Add composer global binaries to PATH
 ENV PATH "$PATH:~/.composer/vendor/bin"
 
-# Set PHPUnit version.
-ARG PHPUNIT_VERSION="<=8.1"
 # Install wp-browser globally
 RUN composer global require --optimize-autoloader \
 	wp-cli/wp-cli-bundle:* \
     lucatume/wp-browser \
-    codeception/module-asserts:^1.0 \
-    codeception/module-cli:^1.0  \
-    codeception/module-db:^1.0  \
-    codeception/module-filesystem:^1.0  \
-    codeception/module-phpbrowser:^1.0  \
-    codeception/module-rest:^1.0  \
-    codeception/module-webdriver:^1.0  \
-    codeception/util-universalframework:^1.0  \
+    codeception/module-asserts:* \
+    codeception/module-cli:*  \
+    codeception/module-db:*  \
+    codeception/module-filesystem:*  \
+    codeception/module-phpbrowser:*  \
+    codeception/module-rest:*  \
+    codeception/module-webdriver:*  \
+    codeception/util-universalframework:*  \
     league/factory-muffin \
     league/factory-muffin-faker \
 	stripe/stripe-php \
diff --git a/bin/_env.sh b/bin/_env.sh
@@ -14,7 +14,6 @@ fi
 DB_HOST=${DB_HOST-localhost}
 DB_PASS=${DB_PASSWORD-""}
 WP_VERSION=${WP_VERSION-5}
-PHPUNIT_VERSION=${PHPUNIT_VERSION-"<=8.1"}
 PROJECT_ROOT_DIR=$(pwd)
 WP_CORE_DIR=${WP_CORE_DIR:-local/public}
 PLUGINS_DIR=${PLUGINS_DIR:-"$WP_CORE_DIR/wp-content/plugins"}
diff --git a/bin/entrypoint.sh b/bin/entrypoint.sh
@@ -73,7 +73,7 @@ fi
 
 if ! wp config has GRAPHQL_WOOCOMMERCE_SECRET_KEY --allow-root; then
 	echo "Adding WooGraphQL JWT Session Handler salt..."
-	wp config set GRAPHQL_WOOCOMMERCE_SECRET_KEY 'test' --allow-root
+	wp config set GRAPHQL_WOOCOMMERCE_SECRET_KEY 'testestestestest' --allow-root
 fi
 
 if wp config has GRAPHQL_DEBUG --allow-root; then
diff --git a/composer.json b/composer.json
@@ -28,7 +28,7 @@
     ],
     "require": {
         "php": ">=7.1.0",
-        "firebase/php-jwt": "^5.0"
+        "firebase/php-jwt": "^6.1.0"
     },
     "require-dev": {
         "squizlabs/php_codesniffer": "^3.5",
diff --git a/composer.lock b/composer.lock
diff --git a/docs/content/contributing/1-testing-quick-start.md b/docs/content/contributing/1-testing-quick-start.md
@@ -45,7 +45,6 @@ Until the documentation is in full effect, it's recommended that a [GraphiQL](ht
   GRAPHQL_JWT_AUTH_SECRET_KEY=testingtesting123
   STRIPE_API_PUBLISHABLE_KEY=""
   STRIPE_API_SECRET_KEY=""
-  PHPUNIT_VERSION=":<=9.4.4"
   ```
   - Typical you should only have to change the **WordPress database configurations** to use local testing.
 3. Once you have finished modifying the `.env` file. Run `composer install-test-env` from the project directory. This will install WordPress + Codeception w/ WPBrowser, as well as setup the database if needed.
diff --git a/includes/utils/class-ql-session-handler.php b/includes/utils/class-ql-session-handler.php
@@ -9,6 +9,7 @@
 namespace WPGraphQL\WooCommerce\Utils;
 
 use Firebase\JWT\JWT;
+use Firebase\JWT\Key;
 use GraphQL\Error\UserError;
 use WC_Session_Handler;
 
@@ -191,7 +192,8 @@ public function get_session_token() {
 			JWT::$leeway = 60;
 
 			$secret = $this->get_secret_key();
-			$token  = ! empty( $token ) ? JWT::decode( $token, $secret, array( 'HS256' ) ) : null;
+			$key    = new Key( $secret, 'HS256' );
+			$token  = ! empty( $token ) ? JWT::decode( $token, $key ) : null;
 
 			// Check if token was successful decoded.
 			if ( ! $token ) {
diff --git a/tests/_support/TestCase/WooGraphQLTestCase.php b/tests/_support/TestCase/WooGraphQLTestCase.php
@@ -9,6 +9,8 @@
  */
 namespace Tests\WPGraphQL\WooCommerce\TestCase;
 
+use Automattic\WooCommerce\Internal\ProductDownloads\ApprovedDirectories\Register as Download_Directories;
+
 class WooGraphQLTestCase extends \Tests\WPGraphQL\TestCase\WPGraphQLTestCase {
 	/**
 	 * Holds the User ID of an user with the "shop_manager" role.
@@ -57,6 +59,10 @@ public function setUp(): void {
 		$this->shop_manager = $this->factory->user->create( array( 'role' => 'shop_manager' ) );
 		$this->customer     = $this->factory->customer->create();
 
+		// For these tests, we are not concerned with Approved Download Directory functionality.
+		wc_get_container()->get( Download_Directories::class )->set_mode( Download_Directories::MODE_DISABLED );
+
+		// Clear cached schema.
 		$this->clearSchema();
 	}
 
diff --git a/tests/functional/QLSessionHandlerCest.php b/tests/functional/QLSessionHandlerCest.php
@@ -1,6 +1,7 @@
 <?php
 
 use Firebase\JWT\JWT;
+use Firebase\JWT\Key;
 class QLSessionHandlerCest {
 	private $product_catalog;
 
@@ -9,7 +10,7 @@ public function _before( FunctionalTester $I ) {
 		$this->product_catalog = $I->getCatalog();
 
 		if ( ! defined( 'GRAPHQL_WOOCOMMERCE_SECRET_KEY' ) ) {
-			define( 'GRAPHQL_WOOCOMMERCE_SECRET_KEY', 'test' );
+			define( 'GRAPHQL_WOOCOMMERCE_SECRET_KEY', 'testestestestest' );
 		}
 	}
 
@@ -42,7 +43,7 @@ public function testCartMutationsWithValidCartSessionToken( FunctionalTester $I
 		// Decode token
 		JWT::$leeway = 60;
 		$token_data  = ! empty( $session_token )
-			? JWT::decode( $session_token, GRAPHQL_WOOCOMMERCE_SECRET_KEY, array( 'HS256' ) )
+			? JWT::decode( $session_token, new Key( GRAPHQL_WOOCOMMERCE_SECRET_KEY, 'HS256' ) )
 			: null;
 
 		$I->assertNotEmpty( $token_data );
@@ -213,7 +214,7 @@ public function testCartMutationsWithInvalidCartSessionToken( FunctionalTester $
 
 		// Decode token
 		$token_data = ! empty( $valid_token )
-			? JWT::decode( $valid_token, GRAPHQL_WOOCOMMERCE_SECRET_KEY, array( 'HS256' ) )
+			? JWT::decode( $valid_token, new Key( GRAPHQL_WOOCOMMERCE_SECRET_KEY, 'HS256' ) )
 			: null;
 
 		/**
@@ -222,7 +223,7 @@ public function testCartMutationsWithInvalidCartSessionToken( FunctionalTester $
 		 */
 		$invalid_token                    = $token_data;
 		$invalid_token->data->customer_id = '';
-		$invalid_token                    = JWT::encode( $invalid_token, GRAPHQL_WOOCOMMERCE_SECRET_KEY );
+		$invalid_token                    = JWT::encode( (array) $invalid_token, GRAPHQL_WOOCOMMERCE_SECRET_KEY, 'HS256' );
 
 		$failed = $I->addToCart(
 			array(
@@ -241,7 +242,7 @@ public function testCartMutationsWithInvalidCartSessionToken( FunctionalTester $
 		 */
 		$invalid_token      = $token_data;
 		$invalid_token->iss = '';
-		$invalid_token      = JWT::encode( $invalid_token, GRAPHQL_WOOCOMMERCE_SECRET_KEY );
+		$invalid_token      = JWT::encode( (array) $invalid_token, GRAPHQL_WOOCOMMERCE_SECRET_KEY, 'HS256' );
 
 		$failed = $I->removeItemsFromCart(
 			array(
@@ -417,7 +418,7 @@ public function testCartSessionDataMutations( FunctionalTester $I ) {
 		// Decode token
 		JWT::$leeway = 60;
 		$token_data  = ! empty( $session_token )
-			? JWT::decode( $session_token, GRAPHQL_WOOCOMMERCE_SECRET_KEY, array( 'HS256' ) )
+			? JWT::decode( $session_token, new Key( GRAPHQL_WOOCOMMERCE_SECRET_KEY, 'HS256' ) )
 			: null;
 
 		$I->assertNotEmpty( $token_data );
diff --git a/tests/wpunit/CouponMutationsTest.php b/tests/wpunit/CouponMutationsTest.php
@@ -82,6 +82,8 @@ public function testUpdateCoupon() {
 						id
 						databaseId
 						code
+						amount
+						discountType
 					}
 				}
 			}
diff --git a/tests/wpunit/CouponQueriesTest.php b/tests/wpunit/CouponQueriesTest.php
@@ -221,10 +221,7 @@ public function testCouponsQueryAndWhereArgs() {
 		$this->loginAsCustomer();
 		$response = $this->graphql( compact( 'query' ) );
 		$expected = array(
-			$this->expectedField( 'coupons.nodes', array() ),
-			$this->not()->expectedNode( 'coupons.nodes', array( 'id' => $this->toRelayId( 'shop_coupon', $coupons['0'] ) ) ),
-			$this->not()->expectedNode( 'coupons.nodes', array( 'id' => $this->toRelayId( 'shop_coupon', $coupons['1'] ) ) ),
-			$this->not()->expectedNode( 'coupons.nodes', array( 'id' => $this->toRelayId( 'shop_coupon', $coupons['2'] ) ) ),
+			$this->expectedField( 'coupons.nodes', self::IS_NULL ),
 		);
 
 		$this->assertQuerySuccessful( $response, $expected );
diff --git a/tests/wpunit/DownloadableItemQueriesTest.php b/tests/wpunit/DownloadableItemQueriesTest.php
@@ -355,7 +355,10 @@ function( $item ) {
 					'customer.downloadableItems.nodes',
 					array(
 						$this->expectedField( 'url', $item['download_url'] ),
-						$this->expectedField( 'accessExpires', $item['access_expires'] ),
+						$this->expectedField(
+							'accessExpires',
+							! empty( $item['access_expires'] ) ? $item['access_expires'] : self::IS_NULL
+						),
 						$this->expectedField( 'downloadId', $item['download_id'] ),
 						$this->expectedField(
 							'downloadsRemaining',
diff --git a/tests/wpunit/QLSessionHandlerTest.php b/tests/wpunit/QLSessionHandlerTest.php
@@ -4,6 +4,7 @@
  */
 
 use Firebase\JWT\JWT;
+use Firebase\JWT\Key;
 use WPGraphQL\WooCommerce\Utils\QL_Session_Handler;
 
 if ( ! defined( 'GRAPHQL_WOOCOMMERCE_SECRET_KEY' ) ) {
@@ -41,7 +42,7 @@ public function test_init_session_token() {
 
 		// Get token for future request.
 		$old_token         = $session->build_token();
-		$decoded_old_token = JWT::decode( $old_token, GRAPHQL_WOOCOMMERCE_SECRET_KEY, array( 'HS256' ) );
+		$decoded_old_token = JWT::decode( $old_token, new Key( GRAPHQL_WOOCOMMERCE_SECRET_KEY, 'HS256' ) );
 
 		// Sent token to HTTP header to simulate a new request.
 		$_SERVER['HTTP_WOOCOMMERCE_SESSION'] = 'Session ' . $old_token;
@@ -52,7 +53,7 @@ public function test_init_session_token() {
 		// Initialize session token for next request.
 		$session->init_session_token();
 		$new_token         = $session->build_token();
-		$decoded_new_token = JWT::decode( $new_token, GRAPHQL_WOOCOMMERCE_SECRET_KEY, array( 'HS256' ) );
+		$decoded_new_token = JWT::decode( $new_token, new Key( GRAPHQL_WOOCOMMERCE_SECRET_KEY, 'HS256' ) );
 
 		// Assert new token is different than old token.
 		$this->assertNotEquals( $old_token, $new_token, 'New token should not match token from last request.' );
@@ -106,7 +107,7 @@ public function test_build_token() {
 		$session->init_session_token();
 		$token = $session->build_token();
 
-		$decode_token = JWT::decode( $token, GRAPHQL_WOOCOMMERCE_SECRET_KEY, array( 'HS256' ) );
+		$decode_token = JWT::decode( $token, new Key( GRAPHQL_WOOCOMMERCE_SECRET_KEY, 'HS256' ) );
 		$this->assertObjectHasAttribute( 'iat', $decode_token );
 		$this->assertObjectHasAttribute( 'exp', $decode_token );
 		$this->assertObjectHasAttribute( 'data', $decode_token );
