Added validation for Silent Auth (#491)

Author: SecondeJK

src/Verify2/Client.php

@@ -7,6 +7,8 @@
 use Vonage\Client\Exception\Exception;
 use Vonage\Client\Exception\Request;
 use Vonage\Verify2\Request\BaseVerifyRequest;
+use Vonage\Verify2\Request\SilentAuthRequest;
+use Vonage\Verify2\VerifyObjects\VerificationWorkflow;
 
 class Client implements APIClient
 {
@@ -21,6 +23,14 @@ public function getAPIResource(): APIResource
 
     public function startVerification(BaseVerifyRequest $request): ?array
     {
+        if (self::isSilentAuthRequest($request)) {
+            if (SilentAuthRequest::isValidWorkflow($request->getWorkflows())) {
+                return $this->getAPIResource()->create($request->toArray());
+            }
+
+            throw new \InvalidArgumentException('Silent Auth must be the first workflow if used');
+        }
+
         return $this->getAPIResource()->create($request->toArray());
     }
 
@@ -53,4 +63,15 @@ public function nextWorkflow(string $requestId): bool
 
         return true;
     }
+
+    public static function isSilentAuthRequest(BaseVerifyRequest $request): bool
+    {
+        foreach ($request->getWorkflows() as $workflow) {
+            if ($workflow['channel'] == VerificationWorkflow::WORKFLOW_SILENT_AUTH) {
+                return true;
+            }
+        }
+
+        return false;
+    }
 }

src/Verify2/Request/SilentAuthRequest.php

@@ -32,4 +32,15 @@ public function toArray(): array
             'workflow' => $this->getWorkflows()
         ];
     }
+
+    public static function isValidWorkflow(array $workflows): bool
+    {
+        $firstWorkflow = $workflows[0];
+
+        if ($firstWorkflow['channel'] == VerificationWorkflow::WORKFLOW_SILENT_AUTH) {
+            return true;
+        }
+
+        return false;
+    }
 }

test/Verify2/Request/SilentAuthRequestTest.php

@@ -0,0 +1,74 @@
+<?php
+
+declare(strict_types=1);
+
+namespace VonageTest\Verify2\Request;
+
+use PHPUnit\Framework\TestCase;
+use Vonage\Client;
+use Vonage\Verify2\Request\BaseVerifyRequest;
+use Vonage\Verify2\Request\SilentAuthRequest;
+use Vonage\Verify2\Request\SMSRequest;
+use Vonage\Verify2\VerifyObjects\VerificationLocale;
+use Vonage\Verify2\VerifyObjects\VerificationWorkflow;
+
+class SilentAuthRequestTest extends TestCase
+{
+    public function testIsValidSilentAuthRequest(): void
+    {
+        $silentAuthRequest = new SilentAuthRequest(
+            '077377775555',
+            'VONAGE',
+            'https://silent-auth.example'
+        );
+
+        $extraWorkflow = new VerificationWorkflow(
+            VerificationWorkflow::WORKFLOW_SMS,
+            '077377775555'
+        );
+
+        $silentAuthRequest->addWorkflow($extraWorkflow);
+
+        $client = new Client(new Client\Credentials\Basic('test', 'test2'));
+        $this->assertTrue($client->verify2()::isSilentAuthRequest($silentAuthRequest));
+        $this->assertTrue(SilentAuthRequest::isValidWorkflow($silentAuthRequest->getWorkflows()));
+    }
+
+    public function testIsInvalidSilentAuthRequest(): void
+    {
+        $request = new SMSRequest(
+            '077377775555',
+            'VONAGE',
+        );
+
+        $extraWorkflow = new VerificationWorkflow(
+            VerificationWorkflow::WORKFLOW_SILENT_AUTH,
+            '077377775555'
+        );
+
+        $request->addWorkflow($extraWorkflow);
+        $client = new Client(new Client\Credentials\Basic('test', 'test2'));
+
+        $this->assertTrue($client->verify2()::isSilentAuthRequest($request));
+        $this->assertFalse(SilentAuthRequest::isValidWorkflow($request->getWorkflows()));
+    }
+
+    public function testIsNotSilentAuthRequest(): void
+    {
+        $request = new SMSRequest(
+            '077377775555',
+            'VONAGE',
+        );
+
+        $extraWorkflow = new VerificationWorkflow(
+            VerificationWorkflow::WORKFLOW_EMAIL,
+            'jim@jim.com'
+        );
+
+        $request->addWorkflow($extraWorkflow);
+        $client = new Client(new Client\Credentials\Basic('test', 'test2'));
+
+        $this->assertFalse($client->verify2()::isSilentAuthRequest($request));
+        // No second test to see if the workflow is valid, why are you checking a workflow on a non SA request?
+    }
+}