Fixes ACCOUNTS-37R

api/modules/authserver/exceptions/IllegalArgumentException.php

@@ -3,8 +3,8 @@ namespace api\modules\authserver\exceptions;
 
 class IllegalArgumentException extends AuthserverException {
 
-    public function __construct($status = null, $message = null, $code = 0, \Exception $previous = null) {
-        parent::__construct(400, 'credentials can not be null.', $code, $previous);
+    public function __construct($message = 'credentials can not be null.') {
+        parent::__construct(400, $message);
     }
 
 }

api/modules/authserver/models/AuthenticationForm.php

@@ -5,6 +5,7 @@ use api\models\authentication\LoginForm;
 use api\models\base\ApiForm;
 use api\modules\authserver\exceptions\ForbiddenOperationException;
 use api\modules\authserver\Module as Authserver;
+use api\modules\authserver\validators\ClientTokenValidator;
 use api\modules\authserver\validators\RequiredValidator;
 use common\helpers\Error as E;
 use common\models\Account;
@@ -19,6 +20,7 @@ class AuthenticationForm extends ApiForm {
     public function rules() {
         return [
             [['username', 'password', 'clientToken'], RequiredValidator::class],
+            [['clientToken'], ClientTokenValidator::class],
         ];
     }
 

api/modules/authserver/validators/ClientTokenValidator.php

@@ -0,0 +1,25 @@
+<?php
+namespace api\modules\authserver\validators;
+
+use api\modules\authserver\exceptions\IllegalArgumentException;
+
+/**
+ * Максимальная длина clientToken для нашей базы данных составляет 255.
+ * После этого мы не принимаем указанный токен
+ */
+class ClientTokenValidator extends \yii\validators\RequiredValidator {
+
+    /**
+     * @param string $value
+     * @return null
+     * @throws \api\modules\authserver\exceptions\AuthserverException
+     */
+    protected function validateValue($value) {
+        if (mb_strlen($value) > 255) {
+            throw new IllegalArgumentException('clientToken is too long.');
+        }
+
+        return null;
+    }
+
+}