[6.x] fix for actions (#390)

composer.json

@@ -26,12 +26,12 @@
         "paragonie/constant_time_encoding": "^2.7"
     },
     "require-dev": {
-        "laravel/breeze": "^2.0",
         "laravel/jetstream": "^5.0",
         "laravel/sanctum": "^4.0",
         "livewire/livewire": "^3.3.5",
         "mockery/mockery": "^1.6",
         "orchestra/testbench": "^9.0",
+        "orchestra/testbench-core": "^9.9.1",
         "pestphp/pest": "^2.0",
         "pestphp/pest-plugin-laravel": "^2.2",
         "phpunit/phpunit": "^10.5"

src/Http/Controllers/OAuthController.php

@@ -80,6 +80,10 @@ public function prompt(string $provider): View
 
     public function confirm(string $provider): SocialstreamResponse|RedirectResponse
     {
+        request()->validate([
+            'result' => ['required', 'in:confirm,deny'],
+        ]);
+
         $user = auth()->user();
         $providerAccount = cache()->pull("socialstream.{$user->id}:$provider.provider");
 

stubs/jetstream/app/Models/User.php

@@ -71,7 +71,7 @@ protected function casts(): array
     /**
      * Get the URL to the user's profile photo.
      */
-    public function profilePhotoUrl(): Attribute
+    protected function profilePhotoUrl(): Attribute
     {
         return filter_var($this->profile_photo_path, FILTER_VALIDATE_URL)
             ? Attribute::get(fn () => $this->profile_photo_path)

stubs/jetstream/app/Models/UserWithTeams.php

@@ -70,7 +70,7 @@ class User extends Authenticatable
     /**
      * Get the URL to the user's profile photo.
      */
-    public function profilePhotoUrl(): Attribute
+    protected function profilePhotoUrl(): Attribute
     {
         return filter_var($this->profile_photo_path, FILTER_VALIDATE_URL)
             ? Attribute::get(fn () => $this->profile_photo_path)

tests/Feature/CreateAccountOnFirstLoginTest.php

@@ -12,9 +12,11 @@
 use Laravel\Socialite\Two\User as SocialiteUser;
 use Mockery;
 
+use Orchestra\Testbench\Concerns\WithWorkbench;
+
 use function Pest\Laravel\get;
 
-uses(RefreshDatabase::class);
+uses(RefreshDatabase::class, WithWorkbench::class);
 
 test('new users can register from login page', function (): void {
     Config::set('socialstream.features', [

tests/Feature/GenerateMissingEmailsTest.php

@@ -13,9 +13,11 @@
 use Laravel\Socialite\Two\User as SocialiteUser;
 use Mockery;
 
+use Orchestra\Testbench\Concerns\WithWorkbench;
+
 use function Pest\Laravel\get;
 
-uses(RefreshDatabase::class);
+uses(RefreshDatabase::class, WithWorkbench::class);
 
 it('generates missing emails', function (): void {
     Config::set('socialstream.features', [

tests/Feature/LoginOnRegistrationTest.php

@@ -14,9 +14,11 @@
 use Laravel\Socialite\Two\User as SocialiteUser;
 use Mockery;
 
+use Orchestra\Testbench\Concerns\WithWorkbench;
+
 use function Pest\Laravel\get;
 
-uses(RefreshDatabase::class);
+uses(RefreshDatabase::class, WithWorkbench::class);
 
 test('users can login on registration', function (): void {
     Config::set('socialstream.features', [

tests/Feature/RedirectTest.php

@@ -11,9 +11,11 @@
 use Laravel\Socialite\Facades\Socialite;
 use Laravel\Socialite\Two\GithubProvider;
 use Laravel\Socialite\Two\User as SocialiteUser;
+use Orchestra\Testbench\Concerns\WithWorkbench;
+
 use function Pest\Laravel\get;
 
-uses(RefreshDatabase::class);
+uses(RefreshDatabase::class, WithWorkbench::class);
 
 it('can configure a login redirect', function () {
     Config::set('socialstream.redirects.login', '/foo');

tests/Feature/RouteCachingTest.php

@@ -2,40 +2,34 @@
 
 namespace JoelButcher\Socialstream\Tests\Feature;
 
-use App\Providers\RouteServiceProvider;
-use Illuminate\Contracts\Console\Kernel;
-use Illuminate\Filesystem\Filesystem;
 use Illuminate\Foundation\Testing\RefreshDatabase;
 use Illuminate\Support\Facades\Session;
 use Laravel\Socialite\Facades\Socialite;
 use Laravel\Socialite\Two\GithubProvider;
 use Laravel\Socialite\Two\User as SocialiteUser;
 use Mockery;
 
-use function Illuminate\Filesystem\join_paths;
 use function Pest\Laravel\get;
 use function Pest\Laravel\post;
 
 uses(RefreshDatabase::class);
 
-beforeEach(function () {
-    $files = (new Filesystem());
-    $files->cleanDirectory($this->app->basePath('routes'));
-    if($files->exists($this->app->bootstrapPath(join_paths('cache', 'routes-v7.php')))) {
-        $files->delete($this->app->bootstrapPath(join_paths('cache', 'routes-v7.php')));
-    }
-
+it('caches routes and redirects to provider', function () {
+    // Cache routes
     $this->defineCacheRoutes(file_get_contents(
         __DIR__ . '/../../routes/inertia.php',
     ));
-});
 
-it('caches routes and redirects to provider', function () {
     get('/oauth/github')
         ->assertRedirect();
 });
 
 it('caches routes and authenticates via GET', function () {
+    // Cache routes
+    $this->defineCacheRoutes(file_get_contents(
+        __DIR__ . '/../../routes/inertia.php',
+    ));
+
     $user = (new SocialiteUser())
         ->map([
             'id' => fake()->numerify('########'),
@@ -60,6 +54,11 @@
 });
 
 it('caches routes and authenticates via POST', function () {
+    // Cache routes
+    $this->defineCacheRoutes(file_get_contents(
+        __DIR__ . '/../../routes/inertia.php',
+    ));
+
     $user = (new SocialiteUser())
         ->map([
             'id' => fake()->numerify('########'),

tests/Feature/SocialstreamTest.php

@@ -4,6 +4,7 @@
 
 use App\Models\User;
 use Illuminate\Foundation\Testing\RefreshDatabase;
+use Illuminate\Support\Facades\Cache;
 use Illuminate\Support\Facades\Config;
 use Illuminate\Support\Facades\DB;
 use Illuminate\Support\Facades\Hash;
@@ -14,15 +15,18 @@
 use JoelButcher\Socialstream\Providers;
 use JoelButcher\Socialstream\Socialstream;
 use Laravel\Fortify\Features;
+use Laravel\Fortify\Fortify;
 use Laravel\Socialite\Facades\Socialite;
 use Laravel\Socialite\Two\GithubProvider;
 use Laravel\Socialite\Two\User as SocialiteUser;
 use Mockery;
+use Orchestra\Testbench\Concerns\WithWorkbench;
 use Symfony\Component\HttpFoundation\RedirectResponse;
 
 use function Pest\Laravel\get;
+use function Pest\Laravel\post;
 
-uses(RefreshDatabase::class);
+uses(RefreshDatabase::class, WithWorkbench::class);
 
 it('redirects users', function (): void {
     $response = get('http://localhost/oauth/github');
@@ -238,7 +242,12 @@ public function generate(string $provider): RedirectResponse
     Socialite::shouldReceive('driver')->with('github')->andReturn($provider);
 
     get('http://localhost/oauth/github/callback')
-        ->assertRedirect('/user/profile');
+        ->assertRedirect('/oauth/github/callback/prompt');
+
+    post('http://localhost/oauth/github/callback/confirm', data: [
+        'provider' => 'github',
+        'result' => 'confirm',
+    ]);
 
     $this->assertAuthenticated();
     $this->assertDatabaseHas('connected_accounts', [
@@ -288,3 +297,87 @@ public function generate(string $provider): RedirectResponse
 
     $this->assertAuthenticated();
 });
+
+it('can render the prompt page', function () {
+    $this->actingAs(User::create([
+        'name' => 'Joel Butcher',
+        'email' => '[email protected]',
+        'password' => Hash::make('password'),
+    ]));
+
+    get('http://localhost/oauth/github/callback/prompt')
+        ->assertSee('Confirm connection of your GitHub account.');
+});
+
+it('denies an attempt to link an account', function () {
+    $this->actingAs(User::create([
+        'name' => 'Joel Butcher',
+        'email' => '[email protected]',
+        'password' => Hash::make('password'),
+    ]));
+
+    $user = (new SocialiteUser())
+        ->map([
+            'id' => fake()->numerify('########'),
+            'nickname' => 'joel',
+            'name' => 'Joel',
+            'email' => '[email protected]',
+            'avatar' => null,
+            'avatar_original' => null,
+        ])
+        ->setToken('user-token')
+        ->setRefreshToken('refresh-token')
+        ->setExpiresIn(3600);
+
+    Cache::shouldReceive('pull')->andReturn($user);
+
+    post('http://localhost/oauth/github/callback/confirm', data: [
+        'provider' => 'github',
+        'result' => 'deny',
+    ])
+        ->assertRedirect('/user/profile')
+        ->assertSessionHas([
+            'flash.banner' => 'Failed to link GitHub account. User denied request.',
+            'flash.bannerStyle' => 'danger',
+        ]);
+});
+
+it('confirms an attempt to link an account', function () {
+    $this->actingAs(User::create([
+        'name' => 'Joel Butcher',
+        'email' => '[email protected]',
+        'password' => Hash::make('password'),
+    ]));
+
+    $user = (new SocialiteUser())
+        ->map([
+            'id' => $githubId = fake()->numerify('########'),
+            'nickname' => 'joel',
+            'name' => 'Joel',
+            'email' => '[email protected]',
+            'avatar' => null,
+            'avatar_original' => null,
+        ])
+        ->setToken('user-token')
+        ->setRefreshToken('refresh-token')
+        ->setExpiresIn(3600);
+
+    Cache::shouldReceive('pull')->andReturn($user);
+
+    post('http://localhost/oauth/github/callback/confirm', data: [
+        'provider' => 'github',
+        'result' => 'confirm',
+    ])
+        ->assertRedirect('/user/profile')
+        ->assertSessionHas([
+            'flash.banner' => 'You have successfully linked your GitHub account.',
+            'flash.bannerStyle' => 'success',
+        ]);
+
+    $this->assertAuthenticated();
+    $this->assertDatabaseHas('connected_accounts', [
+        'provider' => 'github',
+        'provider_id' => $githubId,
+        'email' => '[email protected]',
+    ]);
+});

tests/OrchestraTestCase.php

@@ -16,6 +16,7 @@ protected function defineEnvironment($app): void
     {
         $app['config']->set('app.debug', true);
         $app['config']->set('database.default', 'testing');
+        $app['config']->set('cache.default', 'file');
 
         $app['config']->set('services.github', [
             'client_id' => 'github-client-id',