Merge pull request #578 from thebiggive/DON-706-cont

DON-706: Refactor, extract constant PersonManagementAuthMiddleware::P…
thebiggive · Jul 21, 2023 · bbbea9a · bbbea9a
2 parents 44549e5 + 55633e9
commit bbbea9a
Show file tree

Hide file tree

Showing 7 changed files with 14 additions and 9 deletions.
diff --git a/src/Application/Actions/DeletePaymentMethod.php b/src/Application/Actions/DeletePaymentMethod.php
@@ -30,7 +30,7 @@ public function __construct(
      */
     protected function action(Request $request, Response $response, array $args): Response
     {
-        $customerId = $request->getAttribute('pspId');
+        $customerId = $request->getAttribute(PersonWithPasswordAuthMiddleware::PSP_ATTRIBUTE_NAME);
         \assert(is_string($customerId));
 
         $paymentMethodId = $args['payment_method_id'];

diff --git a/src/Application/Actions/Donations/Create.php b/src/Application/Actions/Donations/Create.php
@@ -12,6 +12,7 @@
 use MatchBot\Application\Actions\ActionPayload;
 use MatchBot\Application\Auth\DonationToken;
 use MatchBot\Application\Auth\PersonManagementAuthMiddleware;
+use MatchBot\Application\Auth\PersonWithPasswordAuthMiddleware;
 use MatchBot\Application\HttpModels\DonationCreate;
 use MatchBot\Application\HttpModels\DonationCreatedResponse;
 use MatchBot\Domain\Campaign;
@@ -51,7 +52,7 @@ protected function action(Request $request, Response $response, array $args): Re
         // as the person, and sets this attribute to the Stripe Customer ID based on JWS claims, all
         // in `PersonManagementAuthMiddleware`. If the legacy route was used or if no such ID was in the
         // JWS, this is null.
-        $customerId = $request->getAttribute('pspId');
+        $customerId = $request->getAttribute(PersonWithPasswordAuthMiddleware::PSP_ATTRIBUTE_NAME);
 
         $body = (string) $request->getBody();
 

diff --git a/src/Application/Actions/GetPaymentMethods.php b/src/Application/Actions/GetPaymentMethods.php
@@ -29,7 +29,7 @@ protected function action(Request $request, Response $response, array $args): Re
         // The route at `/people/{personId}/donations` validates that the donor has permission to act
         // as the person, and sets this attribute to the Stripe Customer ID based on JWS claims, all
         // in `PersonWithPasswordAuthMiddleware`.
-        $customerId = $request->getAttribute('pspId');
+        $customerId = $request->getAttribute(PersonWithPasswordAuthMiddleware::PSP_ATTRIBUTE_NAME);
 
         $paymentMethods = $this->stripeClient->customers->allPaymentMethods(
             $customerId,

diff --git a/src/Application/Actions/UpdatePaymentMethod.php b/src/Application/Actions/UpdatePaymentMethod.php
@@ -4,6 +4,7 @@
 
 use Fig\Http\Message\StatusCodeInterface;
 use JetBrains\PhpStorm\Pure;
+use MatchBot\Application\Auth\PersonWithPasswordAuthMiddleware;
 use Psr\Http\Message\ResponseInterface as Response;
 use Psr\Http\Message\ServerRequestInterface as Request;
 use Psr\Log\LoggerInterface;
@@ -23,7 +24,7 @@ public function __construct(
 
     protected function action(Request $request, Response $response, array $args): Response
     {
-        $customerId = $request->getAttribute('pspId');
+        $customerId = $request->getAttribute(PersonWithPasswordAuthMiddleware::PSP_ATTRIBUTE_NAME);
         \assert(is_string($customerId));
 
         $paymentMethodId = $args['payment_method_id'];

diff --git a/src/Application/Auth/PersonManagementAuthMiddleware.php b/src/Application/Auth/PersonManagementAuthMiddleware.php
@@ -24,6 +24,7 @@ class PersonManagementAuthMiddleware implements MiddlewareInterface
 {
     use ErrorTrait;
 
+    public const PSP_ATTRIBUTE_NAME = 'pspId';
     protected ?string $jws = null;
 
     #[Pure]
@@ -57,7 +58,7 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface
 
         $this->checkCompleteness($request);
 
-        return $handler->handle($request->withAttribute('pspId', IdentityToken::getPspId($this->jws)));
+        return $handler->handle($request->withAttribute(self::PSP_ATTRIBUTE_NAME, IdentityToken::getPspId($this->jws)));
     }
 
     protected function checkCompleteness(ServerRequestInterface $request): void

diff --git a/tests/Application/Actions/DeletePaymentMethodTest.php b/tests/Application/Actions/DeletePaymentMethodTest.php
@@ -4,6 +4,7 @@
 
 use Laminas\Diactoros\ServerRequest;
 use MatchBot\Application\Actions\DeletePaymentMethod;
+use MatchBot\Application\Auth\PersonWithPasswordAuthMiddleware;
 use MatchBot\Tests\TestCase;
 use PHPUnit\Framework\MockObject\Stub;
 use Prophecy\Argument;
@@ -33,7 +34,7 @@ public function testItDeletesAPaymentMethod(): void
         $sut = new DeletePaymentMethod($fakeStripeClient, new NullLogger());
 
         $request = (new ServerRequest())
-            ->withAttribute('pspId', 'stripe_customer_id_12');
+            ->withAttribute(PersonWithPasswordAuthMiddleware::PSP_ATTRIBUTE_NAME, 'stripe_customer_id_12');
 
         // assert
         $stripePaymentMethodServiceProphecy->detach('stripe_payment_method_id_35')
@@ -58,7 +59,7 @@ public function testItRefusesToToDeletePaymentMethodThatDoesNotBelongToRquester(
         $sut = new DeletePaymentMethod($fakeStripeClient, new NullLogger());
 
         $request = (new ServerRequest())
-            ->withAttribute('pspId', 'stripe_customer_id_12');
+            ->withAttribute(PersonWithPasswordAuthMiddleware::PSP_ATTRIBUTE_NAME, 'stripe_customer_id_12');
 
         // assert
         $stripePaymentMethodServiceProphecy->detach(Argument::any())->shouldNotBeCalled();

diff --git a/tests/Application/Actions/UpdatePaymentMethodTest.php b/tests/Application/Actions/UpdatePaymentMethodTest.php
@@ -5,6 +5,7 @@
 use Laminas\Diactoros\ServerRequest;
 use MatchBot\Application\Actions\DeletePaymentMethod;
 use MatchBot\Application\Actions\UpdatePaymentMethod;
+use MatchBot\Application\Auth\PersonWithPasswordAuthMiddleware;
 use MatchBot\Tests\TestCase;
 use PHPUnit\Framework\MockObject\Stub;
 use Prophecy\Argument;
@@ -45,7 +46,7 @@ public function testItUpdatesAPaymentMethod(): void
         ];
 
         $request = $this->createRequest('PUT', '/', \json_encode($updatedBillingDetails))
-            ->withAttribute('pspId', 'stripe_customer_id_12');
+            ->withAttribute(PersonWithPasswordAuthMiddleware::PSP_ATTRIBUTE_NAME, 'stripe_customer_id_12');
 
         // assert
         $stripePaymentMethodServiceProphecy->update('stripe_payment_method_id_35', $updatedBillingDetails)
@@ -70,7 +71,7 @@ public function testItRefusesToToUpdatePaymentMethodThatDoesNotBelongToRquester(
         $sut = new DeletePaymentMethod($fakeStripeClient, new NullLogger());
 
         $request = (new ServerRequest())
-            ->withAttribute('pspId', 'stripe_customer_id_12');
+            ->withAttribute(PersonWithPasswordAuthMiddleware::PSP_ATTRIBUTE_NAME, 'stripe_customer_id_12');
 
         // assert
         $stripePaymentMethodServiceProphecy->detach(Argument::any())->shouldNotBeCalled();