Merge branch 'feature/47' into develop

Close #47

Author: Xerkus

CHANGELOG.md

@@ -7,6 +7,10 @@ All notable changes to this project will be documented in this file, in reverse
 ### Added
 
 - [#44](https://github.com/zendframework/zend-authentication/pull/44) adds support for PHP 7.3.
+- [#47](https://github.com/zendframework/zend-authentication/pull/47) adds
+  configuration option to `Zend\Authentication\Validator\Authentication` for
+  mapping custom authentication result codes to existing and new validation
+  message types.
 
 ### Changed
 

docs/book/validator.md

@@ -13,6 +13,7 @@ The available configuration options include:
 - `identity`: the identity or name of the identity field in the provided context.
 - `credential`: credential or the name of the credential field in the provided context.
 - `service`: an instance of `Zend\Authentication\AuthenticationService`.
+- `code_map`: map of `Zend\Authentication\Result` codes to validator message identifiers.
 
 ## Usage
 
@@ -33,3 +34,65 @@ $validator->isValid('myIdentity', [
      'myCredentialContext' => 'myCredential',
 ]);
 ```
+
+## Validation messages
+
+The authentication validator defines five failure message types; identifiers
+for them are available as constants for convenience.
+Common authentication failure codes, defined as constants in
+`Zend\Authentication\Result`, are mapped to validation messages
+using a map in `CODE_MAP` constant. Other authentication codes default to the
+`general` message type.
+
+```php
+namespace Zend\Authentication\Validator;
+
+use Zend\Authentication\Result;
+
+class Authentication
+{
+    const IDENTITY_NOT_FOUND = 'identityNotFound';
+    const IDENTITY_AMBIGUOUS = 'identityAmbiguous';
+    const CREDENTIAL_INVALID = 'credentialInvalid';
+    const UNCATEGORIZED      = 'uncategorized';
+    const GENERAL            = 'general';
+
+    const CODE_MAP = [
+        Result::FAILURE_IDENTITY_NOT_FOUND => self::IDENTITY_NOT_FOUND,
+        Result::FAILURE_CREDENTIAL_INVALID => self::CREDENTIAL_INVALID,
+        Result::FAILURE_IDENTITY_AMBIGUOUS => self::IDENTITY_AMBIGUOUS,
+        Result::FAILURE_UNCATEGORIZED      => self::UNCATEGORIZED,
+    ];
+}
+```
+
+The authentication validator extends `Zend\Validator\AbstractValidator`, providing
+a way common for all framework validators to access, change or translate message templates.  
+More information is available in the
+[zend-validator documentation](https://docs.zendframework.com/zend-validator/messages/)
+
+## Configure validation messages for custom authentication result codes
+
+The constructor configuration option `code_map` allows mapping custom codes
+from `Zend\Authentication\Result` to validation message identifiers.  
+`code_map` is an array of integer code => string message identifier pairs
+
+A new custom message identifier can be specified in `code_map` which will then
+be registered as a new message type with the template value set to the `general` message.
+Once registered, the message template for the new identifier can be changed
+as described in the [zend-validator documentation](https://docs.zendframework.com/zend-validator/messages/).
+
+```php
+use Zend\Authentication\Validator\Authentication as AuthenticationValidator;
+
+$validator = new AuthenticationValidator([
+    'code_map' => [
+        // map custom result code to existing message
+        -990 => AuthenticationValidator::IDENTITY_NOT_FOUND,
+        // map custom result code to a new message type
+        -991 => 'custom_failure_identifier',
+    ],
+]);
+
+$validator->setMessage('Custom Error Happened', 'custom_failure_identifier');
+```

src/Validator/Authentication.php

@@ -1,7 +1,7 @@
 <?php
 /**
  * @see       https://github.com/zendframework/zend-authentication for the canonical source repository
- * @copyright Copyright (c) 2013-2018 Zend Technologies USA Inc. (https://www.zend.com)
+ * @copyright Copyright (c) 2013-2019 Zend Technologies USA Inc. (https://www.zend.com)
  * @license   https://github.com/zendframework/zend-authentication/blob/master/LICENSE.md New BSD License
  */
 
@@ -15,6 +15,9 @@
 use Zend\Stdlib\ArrayUtils;
 use Zend\Validator\AbstractValidator;
 
+use function is_array;
+use function is_string;
+
 /**
  * Authentication Validator
  */
@@ -41,6 +44,12 @@ class Authentication extends AbstractValidator
         Result::FAILURE_UNCATEGORIZED      => self::UNCATEGORIZED,
     ];
 
+    /**
+     * Authentication\Result codes mapping configurable overrides
+     * @var string[]
+     */
+    protected $codeMap = [];
+
     /**
      * Error Messages
      * @var array
@@ -89,18 +98,31 @@ public function __construct($options = null)
         }
 
         if (is_array($options)) {
-            if (array_key_exists('adapter', $options)) {
+            if (isset($options['adapter'])) {
                 $this->setAdapter($options['adapter']);
             }
-            if (array_key_exists('identity', $options)) {
+            if (isset($options['identity'])) {
                 $this->setIdentity($options['identity']);
             }
-            if (array_key_exists('credential', $options)) {
+            if (isset($options['credential'])) {
                 $this->setCredential($options['credential']);
             }
-            if (array_key_exists('service', $options)) {
+            if (isset($options['service'])) {
                 $this->setService($options['service']);
             }
+            if (isset($options['code_map'])) {
+                foreach ($options['code_map'] as $code => $template) {
+                    if (empty($template) || ! is_string($template)) {
+                        throw new Exception\InvalidArgumentException(
+                            'Message key in code_map option must be a non-empty string'
+                        );
+                    }
+                    if (! isset($this->messageTemplates[$template])) {
+                        $this->messageTemplates[$template] = $this->messageTemplates[static::GENERAL];
+                    }
+                    $this->codeMap[(int) $code] = $template;
+                }
+            }
         }
         parent::__construct($options);
     }
@@ -244,15 +266,27 @@ public function isValid($value = null, $context = null)
             return true;
         }
 
-        $code = self::GENERAL;
-        if (array_key_exists($result->getCode(), self::CODE_MAP)) {
-            $code = self::CODE_MAP[$result->getCode()];
-        }
-        $this->error($code);
+        $messageKey = $this->mapResultCodeToMessageKey($result->getCode());
+        $this->error($messageKey);
 
         return false;
     }
 
+    /**
+     * @param int $code Authentication result code
+     * @return string Message key that should be used for the code
+     */
+    protected function mapResultCodeToMessageKey($code)
+    {
+        if (isset($this->codeMap[$code])) {
+            return $this->codeMap[$code];
+        }
+        if (array_key_exists($code, static::CODE_MAP)) {
+            return static::CODE_MAP[$code];
+        }
+        return self::GENERAL;
+    }
+
     /**
      * @return ValidatableAdapterInterface
      * @throws Exception\RuntimeException if no adapter present in

test/Validator/AuthenticationTest.php

@@ -1,14 +1,13 @@
 <?php
 /**
  * @see       https://github.com/zendframework/zend-authentication for the canonical source repository
- * @copyright Copyright (c) 2013-2018 Zend Technologies USA Inc. (https://www.zend.com)
+ * @copyright Copyright (c) 2013-2019 Zend Technologies USA Inc. (https://www.zend.com)
  * @license   https://github.com/zendframework/zend-authentication/blob/master/LICENSE.md New BSD License
  */
 
 namespace ZendTest\Authentication\Validator;
 
 use PHPUnit\Framework\TestCase;
-use RuntimeException;
 use Zend\Authentication\Adapter\ValidatableAdapterInterface;
 use Zend\Authentication\AuthenticationService;
 use Zend\Authentication\Exception;
@@ -54,6 +53,124 @@ public function testOptions()
         $this->assertSame($auth->getCredential(), 'password');
     }
 
+    public function testConstructorOptionCodeMapOverridesDefaultMap()
+    {
+        $authAdapter = new AuthTest\TestAsset\ValidatableAdapter(AuthenticationResult::FAILURE_UNCATEGORIZED);
+        $auth = new AuthenticationValidator([
+            'adapter' => $authAdapter,
+            'service' => $this->authService,
+            'identity' => 'username',
+            'credential' => 'password',
+            'code_map' => [
+                AuthenticationResult::FAILURE_UNCATEGORIZED => AuthenticationValidator::IDENTITY_NOT_FOUND,
+            ]
+        ]);
+        $this->assertFalse($auth->isValid());
+        $this->assertArrayHasKey(
+            AuthenticationValidator::IDENTITY_NOT_FOUND,
+            $auth->getMessages(),
+            print_r($auth->getMessages(), true)
+        );
+    }
+
+    public function testConstructorOptionCodeMapUsesDefaultMapForOmittedCodes()
+    {
+        $authAdapter = new AuthTest\TestAsset\ValidatableAdapter(AuthenticationResult::FAILURE_IDENTITY_AMBIGUOUS);
+        $auth = new AuthenticationValidator([
+            'adapter' => $authAdapter,
+            'service' => $this->authService,
+            'identity' => 'username',
+            'credential' => 'password',
+            'code_map' => [
+                AuthenticationResult::FAILURE_UNCATEGORIZED => AuthenticationValidator::IDENTITY_NOT_FOUND,
+            ]
+        ]);
+        $this->assertFalse($auth->isValid());
+        $this->assertArrayHasKey(
+            AuthenticationValidator::IDENTITY_AMBIGUOUS,
+            $auth->getMessages(),
+            print_r($auth->getMessages(), true)
+        );
+    }
+
+    public function testCodeMapAllowsToSpecifyCustomCodes()
+    {
+        $authAdapter = new AuthTest\TestAsset\ValidatableAdapter(-999);
+        $auth = new AuthenticationValidator([
+            'adapter' => $authAdapter,
+            'service' => $this->authService,
+            'identity' => 'username',
+            'credential' => 'password',
+            'code_map' => [
+                -999 => AuthenticationValidator::IDENTITY_NOT_FOUND,
+            ]
+        ]);
+        $this->assertFalse($auth->isValid());
+        $this->assertArrayHasKey(
+            AuthenticationValidator::IDENTITY_NOT_FOUND,
+            $auth->getMessages(),
+            print_r($auth->getMessages(), true)
+        );
+    }
+
+    public function testCodeMapAllowsToAddCustomMessageTemplates()
+    {
+        $auth = new AuthenticationValidator([
+            'code_map' => [
+                -999 => 'custom_error',
+            ]
+        ]);
+        $templates = $auth->getMessageTemplates();
+        $this->assertArrayHasKey(
+            'custom_error',
+            $templates,
+            print_r($templates, true)
+        );
+    }
+
+    /**
+     * @depends testCodeMapAllowsToAddCustomMessageTemplates
+     */
+    public function testCodeMapCustomMessageTemplateValueDefaultsToGeneralMessageTemplate()
+    {
+        $auth = new AuthenticationValidator([
+            'code_map' => [
+                -999 => 'custom_error',
+            ]
+        ]);
+        $templates = $auth->getMessageTemplates();
+        $this->assertEquals($templates['general'], $templates['custom_error']);
+    }
+
+    /**
+     * @depends testCodeMapAllowsToAddCustomMessageTemplates
+     */
+    public function testCustomMessageTemplateValueCanBeProvidedAsOption()
+    {
+        $auth = new AuthenticationValidator([
+            'code_map' => [
+                -999 => 'custom_error',
+            ],
+            'messages' => [
+                'custom_error' => 'Custom Error'
+            ]
+
+        ]);
+        $templates = $auth->getMessageTemplates();
+        $this->assertEquals('Custom Error', $templates['custom_error']);
+    }
+
+    public function testCodeMapOptionRequiresMessageKeyToBeString()
+    {
+        $this->expectException(Exception\InvalidArgumentException::class);
+        $this->expectExceptionMessage('Message key in code_map option must be a non-empty string');
+        $auth = new AuthenticationValidator([
+            'code_map' => [
+                -999 => [],
+            ]
+        ]);
+    }
+
     public function testSetters()
     {
         $this->validator->setAdapter($this->authAdapter);