Merge pull request #421 from magento-performance/CABPI-327-tokens-cleanup

slopukhov · web-flow · commit 269e2d9b4e89 · 2022-04-11T12:41:38.000-05:00
CABPI-327 - [BUG] Magento token remains valid after IMS is enabled
diff --git a/app/code/Magento/AdminAdobeIms/Console/Command/AdminAdobeImsEnableCommand.php b/app/code/Magento/AdminAdobeIms/Console/Command/AdminAdobeImsEnableCommand.php
@@ -9,6 +9,7 @@
 namespace Magento\AdminAdobeIms\Console\Command;
 
 use Magento\AdminAdobeIms\Model\ImsConnection;
+use Magento\AdminAdobeIms\Service\UpdateTokensService;
 use Magento\AdminAdobeIms\Service\ImsCommandOptionService;
 use Magento\AdminAdobeIms\Service\ImsConfig;
 use Magento\Framework\App\Cache\Type\Config;
@@ -61,23 +62,31 @@ class AdminAdobeImsEnableCommand extends Command
      */
     private TypeListInterface $cacheTypeList;
 
+    /**
+     * @var UpdateTokensService
+     */
+    private UpdateTokensService $updateTokensService;
+
     /**
      * @param ImsConfig $imsConfig
      * @param ImsConnection $imsConnection
      * @param ImsCommandOptionService $imsCommandOptionService
      * @param TypeListInterface $cacheTypeList
+     * @param UpdateTokensService $cleanupTokensService
      */
     public function __construct(
         ImsConfig $imsConfig,
         ImsConnection $imsConnection,
         ImsCommandOptionService $imsCommandOptionService,
-        TypeListInterface $cacheTypeList
+        TypeListInterface $cacheTypeList,
+        UpdateTokensService $updateTokensService
     ) {
         parent::__construct();
         $this->imsConfig = $imsConfig;
         $this->imsConnection = $imsConnection;
         $this->imsCommandOptionService = $imsCommandOptionService;
         $this->cacheTypeList = $cacheTypeList;
+        $this->updateTokensService = $updateTokensService;
 
         $this->setName('admin:adobe-ims:enable')
             ->setDescription('Enable Adobe IMS Module.')
@@ -171,6 +180,7 @@ private function enableModule(
         if ($testAuth) {
             $this->imsConfig->enableModule($clientId, $clientSecret, $organizationId);
             $this->cacheTypeList->cleanType(Config::TYPE_IDENTIFIER);
+            $this->updateTokensService->execute();
             return true;
         }
 
diff --git a/app/code/Magento/AdminAdobeIms/Service/UpdateTokensService.php b/app/code/Magento/AdminAdobeIms/Service/UpdateTokensService.php
@@ -0,0 +1,55 @@
+<?php
+
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+
+declare(strict_types=1);
+
+namespace Magento\AdminAdobeIms\Service;
+
+use Magento\Authorization\Model\UserContextInterface;
+use Magento\JwtUserToken\Api\Data\Revoked;
+use Magento\JwtUserToken\Api\RevokedRepositoryInterface;
+use Magento\User\Model\ResourceModel\User\Collection;
+use Magento\User\Model\ResourceModel\User\CollectionFactory;
+
+class UpdateTokensService
+{
+    /**
+     * @var RevokedRepositoryInterface
+     */
+    private RevokedRepositoryInterface $revokedRepo;
+
+    /**
+     * @var Collection
+     */
+    private Collection $adminUserCollection;
+
+    /**
+     * @param RevokedRepositoryInterface $revokedRepo
+     * @param CollectionFactory $adminUserCollectionFactory
+     */
+    public function __construct(RevokedRepositoryInterface $revokedRepo, CollectionFactory $adminUserCollectionFactory)
+    {
+        $this->revokedRepo = $revokedRepo;
+        $this->adminUserCollection = $adminUserCollectionFactory->create();
+    }
+
+    /**
+     * Token invalidation for the admin users
+     *
+     * return @void
+     */
+    public function execute()
+    {
+        $adminUsers = $this->adminUserCollection->getItems();
+        foreach ($adminUsers as $adminUser) {
+            //Invalidating all tokens issued before current datetime.
+            $this->revokedRepo->saveRevoked(
+                new Revoked((int) UserContextInterface::USER_TYPE_ADMIN, (int) $adminUser->getId(), time())
+            );
+        }
+    }
+}
diff --git a/app/code/Magento/AdminAdobeIms/Test/Unit/Command/AdminAdobeImsEnableCommandTest.php b/app/code/Magento/AdminAdobeIms/Test/Unit/Command/AdminAdobeImsEnableCommandTest.php
@@ -11,6 +11,7 @@
 use Exception;
 use Magento\AdminAdobeIms\Console\Command\AdminAdobeImsEnableCommand;
 use Magento\AdminAdobeIms\Model\ImsConnection;
+use Magento\AdminAdobeIms\Service\UpdateTokensService;
 use Magento\AdminAdobeIms\Service\ImsCommandOptionService;
 use Magento\AdminAdobeIms\Service\ImsConfig;
 use Magento\Framework\App\Cache\Type\Config;
@@ -53,6 +54,11 @@ class AdminAdobeImsEnableCommandTest extends TestCase
      */
     private $typeListInterface;
 
+    /**
+     * @var UpdateTokensService
+     */
+    private $updateTokensService;
+
     /**
      * @var QuestionHelper
      */
@@ -71,6 +77,7 @@ protected function setUp(): void
         $this->imsConnectionMock = $this->createMock(ImsConnection::class);
         $this->imsCommandOptionService = $this->createMock(ImsCommandOptionService::class);
         $this->typeListInterface = $this->createMock(TypeListInterface::class);
+        $this->updateTokensService = $this->createMock(UpdateTokensService::class);
 
         $this->questionHelperMock = $this->getMockBuilder(QuestionHelper::class)
             ->disableOriginalConstructor()
@@ -83,6 +90,7 @@ protected function setUp(): void
                 'imsConnection' => $this->imsConnectionMock,
                 'imsCommandOptionService' => $this->imsCommandOptionService,
                 'cacheTypeList' => $this->typeListInterface,
+                'updateTokenService' => $this->updateTokensService
             ]
         );
     }
@@ -128,11 +136,16 @@ public function testAdminAdobeImsModuleEnableWillClearCacheWhenSuccessful(
             ->method('cleanType')
             ->with(Config::TYPE_IDENTIFIER);
 
+        $this->updateTokensService
+            ->expects($cleanMethodCallExpection)
+            ->method('execute');
+
         $outputMock->expects($this->once())
             ->method('writeln')
             ->with($outputMessage, null)
             ->willReturnSelf();
 
+
         $this->enableCommand->setHelperSet($this->getHelperSet());
         $this->enableCommand->run($inputMock, $outputMock);
     }
diff --git a/app/code/Magento/AdminAdobeIms/composer.json b/app/code/Magento/AdminAdobeIms/composer.json
@@ -16,7 +16,8 @@
         "magento/module-authorization": "*",
         "magento/module-store": "*",
         "magento/module-email": "*",
-        "magento/module-integration": "*"
+        "magento/module-integration": "*",
+        "magento/module-jwt-user-token": "*"
     },
     "suggest": {
         "magento/module-theme": "*"
diff --git a/app/code/Magento/AdminAdobeIms/etc/module.xml b/app/code/Magento/AdminAdobeIms/etc/module.xml
@@ -18,6 +18,7 @@
             <module name="Magento_Store"/>
             <module name="Magento_Email"/>
             <module name="Magento_Integration"/>
+            <module name="Magento_JwtUserToken"/>
         </sequence>
     </module>
 </config>
