Merge pull request #18 from mollie/smit/assert-app-prefix-client-id

Assert that the clientId starts with the expected token
mollie · Oct 23, 2019 · d870741 · d870741
2 parents 0aff391 + c71358d
commit d870741
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 2 deletions.
diff --git a/src/Provider/Mollie.php b/src/Provider/Mollie.php
@@ -25,6 +25,13 @@ class Mollie extends AbstractProvider
 	 */
 	const MOLLIE_WEB_URL = 'https://www.mollie.com';
 
+	/**
+	 * The prefix for the Client ID
+	 *
+	 * @const string
+	 */
+	const CLIENT_ID_PREFIX = 'app_';
+
 	/**
 	 * Shortcuts to the available Mollie scopes.
 	 *
@@ -56,6 +63,15 @@ class Mollie extends AbstractProvider
 	const SCOPE_ONBOARDING_READ     = 'onboarding.read';
 	const SCOPE_ONBOARDING_WRITE    = 'onboarding.write';
 
+	public function __construct(array $options = [], array $collaborators = [])
+	{
+		parent::__construct($options, $collaborators);
+
+		if (isset($options["clientId"]) && strpos($options["clientId"], self::CLIENT_ID_PREFIX) !== 0) {
+			throw new \DomainException("Mollie needs the client ID to be prefixed with " . self::CLIENT_ID_PREFIX . ".");
+		}
+	}
+
 	/**
 	 * Returns the base URL for authorizing a client.
 	 *

diff --git a/tests/src/Provider/MollieTest.php b/tests/src/Provider/MollieTest.php
@@ -1,15 +1,16 @@
 <?php namespace Mollie\OAuth2\Client\Test\Provider;
 
 use Mockery as m;
+use Mollie\OAuth2\Client\Provider\Mollie;
 
 class MollieTest extends \PHPUnit_Framework_TestCase
 {
     protected $provider;
 
 	protected function setUp ()
 	{
-		$this->provider = new \Mollie\OAuth2\Client\Provider\Mollie([
-			'clientId'     => 'mock_client_id',
+		$this->provider = new Mollie([
+			'clientId'     => 'app_mock_client_id',
 			'clientSecret' => 'mock_secret',
 			'redirectUri'  => 'none',
 		]);
@@ -21,6 +22,18 @@ public function tearDown()
         parent::tearDown();
     }
 
+    public function testClientIdShouldThrowExceptionWhenNotPrefixed()
+    {
+        $this->expectException(\DomainException::class);
+        $this->expectExceptionMessage("Mollie needs the client ID to be prefixed with " . Mollie::CLIENT_ID_PREFIX . ".");
+
+        $provider = new \Mollie\OAuth2\Client\Provider\Mollie([
+            'clientId'     => 'not_pefixed_client_id',
+            'clientSecret' => 'mock_secret',
+            'redirectUri'  => 'none',
+        ]);
+    }
+
     public function testGetBaseAccessTokenUrl()
     {
         $params = [];