Refactor StorageInterface to an abstract class

src/Authenticator.php

@@ -24,7 +24,7 @@ class Authenticator
     protected $cookie;
 
     /**
-     * @var Storage\StorageInterface
+     * @var Storage\AbstractStorage
      */
     protected $storage;
 
@@ -62,11 +62,11 @@ class Authenticator
     protected $salt = "";
 
     /**
-     * @param Storage\StorageInterface $storage
-     * @param TokenInterface           $tokenGenerator
-     * @param Cookie\CookieInterface   $cookie
+     * @param Storage\AbstractStorage $storage
+     * @param TokenInterface          $tokenGenerator
+     * @param Cookie\CookieInterface  $cookie
      */
-    public function __construct(Storage\StorageInterface $storage, TokenInterface $tokenGenerator = null, Cookie\CookieInterface $cookie = null)
+    public function __construct(Storage\AbstractStorage $storage, TokenInterface $tokenGenerator = null, Cookie\CookieInterface $cookie = null)
     {
         if (is_null($tokenGenerator)) {
             $tokenGenerator = new DefaultToken();
@@ -109,7 +109,7 @@ public function login()
             $triplet->getSaltedPersistentToken($this->salt)
         );
         switch ($tripletLookupResult) {
-            case Storage\StorageInterface::TRIPLET_FOUND:
+            case Storage\AbstractStorage::TRIPLET_FOUND:
                 $expire = time() + $this->expireTime;
                 $newTriplet = new Triplet($triplet->getCredential(), $this->tokenGenerator->createToken(), $triplet->getPersistentToken());
                 $this->storage->replaceTriplet(
@@ -122,7 +122,7 @@ public function login()
 
                 return LoginResult::newSuccessResult($triplet->getCredential());
 
-            case Storage\StorageInterface::TRIPLET_INVALID:
+            case Storage\AbstractStorage::TRIPLET_INVALID:
                 $this->cookie->deleteCookie();
 
                 if ($this->cleanStoredTokensOnInvalidResult) {

src/Storage/AbstractDBStorage.php

@@ -12,7 +12,7 @@
  *
  * @author Gabriel Birke
  */
-abstract class AbstractDBStorage implements StorageInterface
+abstract class AbstractDBStorage extends AbstractStorage
 {
     /**
      *

src/Storage/StorageInterface.php → src/Storage/AbstractStorage.php

@@ -6,12 +6,12 @@
 namespace Birke\Rememberme\Storage;
 
 /**
- * This interface is for storing the credential/token/persistentToken triplets
+ * This abstract class is for storing the credential/token/persistentToken triplets
  *
  * IMPORTANT SECURITY NOTICE: The storage should not store the token values in the clear.
  * Always use a secure hash function!
  */
-interface StorageInterface
+abstract class AbstractStorage
 {
     const TRIPLET_FOUND = 1;
     const TRIPLET_NOT_FOUND = 0;
@@ -26,7 +26,7 @@ interface StorageInterface
      *
      * @return int
      */
-    public function findTriplet($credential, $token, $persistentToken);
+    abstract public function findTriplet($credential, $token, $persistentToken);
 
     /**
      * Store the new token for the credential and the persistent token.
@@ -38,7 +38,7 @@ public function findTriplet($credential, $token, $persistentToken);
      * @param string $persistentToken
      * @param int    $expire          Timestamp when this triplet will expire
      */
-    public function storeTriplet($credential, $token, $persistentToken, $expire);
+    abstract public function storeTriplet($credential, $token, $persistentToken, $expire);
 
     /**
      * Replace current token after successful authentication
@@ -47,7 +47,7 @@ public function storeTriplet($credential, $token, $persistentToken, $expire);
      * @param string $persistentToken
      * @param int    $expire
      */
-    public function replaceTriplet($credential, $token, $persistentToken, $expire);
+    abstract public function replaceTriplet($credential, $token, $persistentToken, $expire);
 
     /**
      * Remove one triplet of the user from the store
@@ -59,7 +59,7 @@ public function replaceTriplet($credential, $token, $persistentToken, $expire);
      *
      * @return void
      */
-    public function cleanTriplet($credential, $persistentToken);
+    abstract public function cleanTriplet($credential, $persistentToken);
 
     /**
      * Remove all triplets of a user, effectively logging him out on all machines
@@ -70,7 +70,7 @@ public function cleanTriplet($credential, $persistentToken);
      *
      * @return void
      */
-    public function cleanAllTriplets($credential);
+    abstract public function cleanAllTriplets($credential);
 
     /**
      * Remove all expired triplets of all users.
@@ -81,5 +81,15 @@ public function cleanAllTriplets($credential);
      *
      * @return void
      */
-    public function cleanExpiredTokens($expiryTime);
+    abstract public function cleanExpiredTokens($expiryTime);
+
+    /**
+     * @param string $value
+     *
+     * @return string
+     */
+    protected function hash($value)
+    {
+        return sha1($value);
+    }
 }

src/Storage/FileStorage.php

@@ -9,7 +9,7 @@
 /**
  * File-Based Storage
  */
-class FileStorage implements StorageInterface
+class FileStorage extends AbstractStorage
 {
     /**
      * @var string
@@ -41,8 +41,8 @@ public function __construct($path = "", $suffix = ".txt")
     public function findTriplet($credential, $token, $persistentToken)
     {
         // Hash the tokens, because they can contain a salt and can be accessed in the file system
-        $persistentToken = sha1($persistentToken);
-        $token = sha1($token);
+        $persistentToken = $this->hash($persistentToken);
+        $token = $this->hash($token);
         $fn = $this->getFilename($credential, $persistentToken);
 
         if (!file_exists($fn)) {
@@ -69,8 +69,8 @@ public function findTriplet($credential, $token, $persistentToken)
     public function storeTriplet($credential, $token, $persistentToken, $expire)
     {
         // Hash the tokens, because they can contain a salt and can be accessed in the file system
-        $persistentToken = sha1($persistentToken);
-        $token = sha1($token);
+        $persistentToken = $this->hash($persistentToken);
+        $token = $this->hash($token);
         $fn = $this->getFilename($credential, $persistentToken);
         file_put_contents($fn, $token);
 
@@ -83,7 +83,7 @@ public function storeTriplet($credential, $token, $persistentToken, $expire)
      */
     public function cleanTriplet($credential, $persistentToken)
     {
-        $persistentToken = sha1($persistentToken);
+        $persistentToken = $this->hash($persistentToken);
         $fn = $this->getFilename($credential, $persistentToken);
 
         if (file_exists($fn)) {

src/Storage/PDOStorage.php

@@ -34,15 +34,15 @@ public function findTriplet($credential, $token, $persistentToken)
             "AND {$this->persistentTokenColumn} = ? AND {$this->expiresColumn} > ? LIMIT 1";
 
         $query = $this->connection->prepare($sql);
-        $query->execute(array($credential, sha1($persistentToken), date("Y-m-d H:i:s")));
+        $query->execute(array($credential, $this->hash($persistentToken), date("Y-m-d H:i:s")));
 
         $result = $query->fetchColumn();
 
         if (!$result) {
             return self::TRIPLET_NOT_FOUND;
         }
 
-        if (sha1($token) === $result) {
+        if ($this->hash($token) === $result) {
             return self::TRIPLET_FOUND;
         }
 
@@ -62,7 +62,7 @@ public function storeTriplet($credential, $token, $persistentToken, $expire = 0)
             "{$this->expiresColumn}) VALUES(?, ?, ?, ?)";
 
         $query = $this->connection->prepare($sql);
-        $query->execute(array($credential, sha1($token), sha1($persistentToken), date("Y-m-d H:i:s", $expire)));
+        $query->execute(array($credential, $this->hash($token), $this->hash($persistentToken), date("Y-m-d H:i:s", $expire)));
     }
 
     /**
@@ -75,7 +75,7 @@ public function cleanTriplet($credential, $persistentToken)
             "AND {$this->persistentTokenColumn} = ?";
 
         $query = $this->connection->prepare($sql);
-        $query->execute(array($credential, sha1($persistentToken)));
+        $query->execute(array($credential, $this->hash($persistentToken)));
     }
 
     /**

src/Storage/RedisStorage.php

@@ -11,7 +11,7 @@
  *
  * @author Michaël Thieulin
  */
-class Redis implements StorageInterface
+class Redis extends AbstractStorage
 {
     /**
      * @var Predis\Client
@@ -44,8 +44,8 @@ public function __construct(Predis\Client $client, $keyPrefix = 'rememberme')
     public function findTriplet($credential, $token, $persistentToken)
     {
         // Hash the tokens, because they can contain a salt and can be accessed in redis
-        $persistentToken = sha1($persistentToken);
-        $token = sha1($token);
+        $persistentToken = $this->hash($persistentToken);
+        $token = $this->hash($token);
         $key = $this->getKeyname($credential, $persistentToken);
 
         if ($this->client->exists($key) === 0) {
@@ -72,8 +72,8 @@ public function findTriplet($credential, $token, $persistentToken)
     public function storeTriplet($credential, $token, $persistentToken, $expire = 0)
     {
         // Hash the tokens, because they can contain a salt and can be accessed in redis
-        $persistentToken = sha1($persistentToken);
-        $token = sha1($token);
+        $persistentToken = $this->hash($persistentToken);
+        $token = $this->hash($token);
         $key = $this->getKeyname($credential, $persistentToken);
         $this->client->set($key, $token);
 
@@ -103,7 +103,7 @@ public function replaceTriplet($credential, $token, $persistentToken, $expire =
      */
     public function cleanTriplet($credential, $persistentToken)
     {
-        $persistentToken = sha1($persistentToken);
+        $persistentToken = $this->hash($persistentToken);
         $key = $this->getKeyname($credential, $persistentToken);
 
         if ($this->client->exists($key) === 1) {

test/RemembermeTest.php

@@ -1,7 +1,7 @@
 <?php
 
 use Birke\Rememberme\Cookie\CookieInterface;
-use Birke\Rememberme\Storage\StorageInterface;
+use Birke\Rememberme\Storage\AbstractStorage;
 use PHPUnit\Framework\TestCase;
 
 class RemembermeTest extends TestCase
@@ -28,7 +28,7 @@ class RemembermeTest extends TestCase
 
     function setUp(): void
     {
-        $this->storage = $this->getMockBuilder(StorageInterface::class)->getMock();
+        $this->storage = $this->getMockBuilder(AbstractStorage::class)->getMock();
         $this->rememberme = new Birke\Rememberme\Authenticator($this->storage);
 
         $this->cookie = $this->getMockBuilder(CookieInterface::class)
@@ -83,7 +83,7 @@ public function testSuccessIsTrueIfTripletIsFound()
 
         $this->storage->expects($this->once())
         ->method("findTriplet")
-        ->will($this->returnValue(Birke\Rememberme\Storage\StorageInterface::TRIPLET_FOUND));
+        ->will($this->returnValue(Birke\Rememberme\Storage\AbstractStorage::TRIPLET_FOUND));
         $this->assertTrue($this->rememberme->login()->isSuccess());
     }
 
@@ -97,7 +97,7 @@ public function testCredentialsAreInResultIfTripletIsFound()
 
         $this->storage->expects($this->once())
             ->method("findTriplet")
-            ->will($this->returnValue(Birke\Rememberme\Storage\StorageInterface::TRIPLET_FOUND));
+            ->will($this->returnValue(Birke\Rememberme\Storage\AbstractStorage::TRIPLET_FOUND));
         $this->assertEquals($this->userid, $this->rememberme->login()->getCredential());
     }
 
@@ -108,7 +108,7 @@ public function testStoreNewTripletInCookieIfTripletIsFound()
         $this->cookie->method("getValue")->willReturn($oldcookieValue);
         $this->storage->expects($this->once())
         ->method("findTriplet")
-        ->will($this->returnValue(Birke\Rememberme\Storage\StorageInterface::TRIPLET_FOUND));
+        ->will($this->returnValue(Birke\Rememberme\Storage\AbstractStorage::TRIPLET_FOUND));
         $this->cookie->expects($this->once())
         ->method("setValue")
         ->with(
@@ -129,7 +129,7 @@ public function testReplaceTripletInStorageIfTripletIsFound()
         )));
         $this->storage->expects($this->once())
         ->method("findTriplet")
-        ->will($this->returnValue(Birke\Rememberme\Storage\StorageInterface::TRIPLET_FOUND));
+        ->will($this->returnValue(Birke\Rememberme\Storage\AbstractStorage::TRIPLET_FOUND));
         $this->storage->expects($this->once())
         ->method("replaceTriplet")
         ->with(
@@ -152,7 +152,7 @@ public function testCookieContainsUserIDAndHexTokensIfTripletIsFound()
         )));
         $this->storage->expects($this->once())
         ->method("findTriplet")
-        ->will($this->returnValue(Birke\Rememberme\Storage\StorageInterface::TRIPLET_FOUND));
+        ->will($this->returnValue(Birke\Rememberme\Storage\AbstractStorage::TRIPLET_FOUND));
         $this->cookie->expects($this->once())
         ->method("setValue")
         ->with(
@@ -168,7 +168,7 @@ public function testCookieContainsNewTokenIfTripletIsFound()
         $this->cookie->method("getValue")->willReturn($oldcookieValue);
         $this->storage->expects($this->once())
         ->method("findTriplet")
-        ->will($this->returnValue(Birke\Rememberme\Storage\StorageInterface::TRIPLET_FOUND));
+        ->will($this->returnValue(Birke\Rememberme\Storage\AbstractStorage::TRIPLET_FOUND));
         $this->cookie->expects($this->once())
         ->method("setValue")
         ->with(
@@ -188,7 +188,7 @@ public function testResultIndicatesExpiredWhenTripletIsNotFound()
         $this->userid, $this->validToken, $this->validPersistentToken, )));
         $this->storage->expects($this->once())
           ->method("findTriplet")
-          ->will($this->returnValue(Birke\Rememberme\Storage\StorageInterface::TRIPLET_NOT_FOUND));
+          ->will($this->returnValue(Birke\Rememberme\Storage\AbstractStorage::TRIPLET_NOT_FOUND));
 
         $result = $this->rememberme->login();
 
@@ -202,7 +202,7 @@ public function testResultIndicatesManipulationIfTripletIsInvalid()
         $this->userid, $this->invalidToken, $this->validPersistentToken, )));
         $this->storage->expects($this->once())
           ->method("findTriplet")
-          ->will($this->returnValue(Birke\Rememberme\Storage\StorageInterface::TRIPLET_INVALID));
+          ->will($this->returnValue(Birke\Rememberme\Storage\AbstractStorage::TRIPLET_INVALID));
 
         $result = $this->rememberme->login();
 
@@ -216,7 +216,7 @@ public function testCookieIsExpiredIfTripletIsInvalid()
         $this->userid, $this->invalidToken, $this->validPersistentToken, )));
         $this->storage->expects($this->once())
           ->method("findTriplet")
-          ->will($this->returnValue(Birke\Rememberme\Storage\StorageInterface::TRIPLET_INVALID));
+          ->will($this->returnValue(Birke\Rememberme\Storage\AbstractStorage::TRIPLET_INVALID));
         $this->cookie->expects($this->once())
           ->method("deleteCookie");
         $this->rememberme->login();
@@ -228,7 +228,7 @@ public function testAllStoredTokensAreClearedIfTripletIsInvalid()
         $this->userid, $this->invalidToken, $this->validPersistentToken, )));
         $this->storage->expects($this->any())
         ->method("findTriplet")
-        ->will($this->returnValue(Birke\Rememberme\Storage\StorageInterface::TRIPLET_INVALID));
+        ->will($this->returnValue(Birke\Rememberme\Storage\AbstractStorage::TRIPLET_INVALID));
         $this->storage->expects($this->once())
         ->method("cleanAllTriplets")
         ->with($this->equalTo($this->userid));
@@ -248,7 +248,7 @@ public function testSaltIsAddedToTokensOnLogin()
         $this->storage->expects($this->once())
         ->method("findTriplet")
         ->with($this->equalTo($this->userid), $this->equalTo($this->validToken.$salt), $this->equalTo($this->validPersistentToken.$salt))
-        ->will($this->returnValue(Birke\Rememberme\Storage\StorageInterface::TRIPLET_FOUND));
+        ->will($this->returnValue(Birke\Rememberme\Storage\AbstractStorage::TRIPLET_FOUND));
         $this->storage->expects($this->once())
         ->method("replaceTriplet")
         ->with(

test/Storage/PDOTest.php

@@ -3,7 +3,7 @@
  */
 
 use Birke\Rememberme\Storage\PDOStorage;
-use Birke\Rememberme\Storage\StorageInterface;
+use Birke\Rememberme\Storage\AbstractStorage;
 use PHPUnit\Framework\TestCase;
 
 /**
@@ -66,21 +66,21 @@ public function testFindTripletReturnsFoundIfDataMatches()
     {
         $this->insertFixtures();
         $result = $this->storage->findTriplet($this->userid, $this->validToken, $this->validPersistentToken);
-        $this->assertEquals(StorageInterface::TRIPLET_FOUND, $result);
+        $this->assertEquals(AbstractStorage::TRIPLET_FOUND, $result);
     }
 
     public function testFindTripletReturnsNotFoundIfNoDataMatches()
     {
         $this->pdo->exec("TRUNCATE tokens");
         $result = $this->storage->findTriplet($this->userid, $this->validToken, $this->validPersistentToken);
-        $this->assertEquals(StorageInterface::TRIPLET_NOT_FOUND, $result);
+        $this->assertEquals(AbstractStorage::TRIPLET_NOT_FOUND, $result);
     }
 
     public function testFindTripletReturnsInvalidTokenIfTokenIsInvalid()
     {
         $this->insertFixtures();
         $result = $this->storage->findTriplet($this->userid, $this->invalidToken, $this->validPersistentToken);
-        $this->assertEquals(StorageInterface::TRIPLET_INVALID, $result);
+        $this->assertEquals(AbstractStorage::TRIPLET_INVALID, $result);
     }
 
     public function testStoreTripletSavesValuesIntoDatabase()