From 8e9d1246af153e38ee74489a94a8fca108509afc Mon Sep 17 00:00:00 2001
From: vagrant <vagrant@vagrant.vm>
Date: Thu, 1 Mar 2018 17:29:51 +0000
Subject: [PATCH 1/3] Fixes unknown user will throw an exception

---
 src/Repository/Pdo/UserRepository.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/Repository/Pdo/UserRepository.php b/src/Repository/Pdo/UserRepository.php
index 7dcc6b3..cc6d4fc 100644
--- a/src/Repository/Pdo/UserRepository.php
+++ b/src/Repository/Pdo/UserRepository.php
@@ -30,11 +30,13 @@ public function getUserEntityByUserCredentials(
         if (false === $sth->execute()) {
             return;
         }
+
         $row = $sth->fetch();
 
-        if (password_verify($password, $row['password'])) {
+        if (!empty($row) && password_verify($password, $row['password'])) {
             return new UserEntity($username);
         }
+
         return;
     }
 }

From 2ab521b46234e65e54c11a1c67d01c8da4d8b483 Mon Sep 17 00:00:00 2001
From: Westin Shafer <shafer_w2002@yahoo.com>
Date: Thu, 1 Mar 2018 11:08:04 -0700
Subject: [PATCH 2/3] Fix code style

---
 src/Repository/Pdo/UserRepository.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Repository/Pdo/UserRepository.php b/src/Repository/Pdo/UserRepository.php
index cc6d4fc..7b86b66 100644
--- a/src/Repository/Pdo/UserRepository.php
+++ b/src/Repository/Pdo/UserRepository.php
@@ -33,7 +33,7 @@ public function getUserEntityByUserCredentials(
 
         $row = $sth->fetch();
 
-        if (!empty($row) && password_verify($password, $row['password'])) {
+        if (! empty($row) && password_verify($password, $row['password'])) {
             return new UserEntity($username);
         }
 

From c493122a02de32d5cc37aaebe54807222725fcca Mon Sep 17 00:00:00 2001
From: Westin Shafer <shafer_w2002@yahoo.com>
Date: Thu, 1 Mar 2018 11:25:11 -0700
Subject: [PATCH 3/3] Added test for no user found in db

---
 test/Repository/Pdo/UserRepositoryTest.php | 25 ++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/test/Repository/Pdo/UserRepositoryTest.php b/test/Repository/Pdo/UserRepositoryTest.php
index d2a01f6..6cd1e4e 100644
--- a/test/Repository/Pdo/UserRepositoryTest.php
+++ b/test/Repository/Pdo/UserRepositoryTest.php
@@ -73,4 +73,29 @@ public function testGetUserEntityByCredentialsReturnsNullIfPasswordVerificationF
             )
         );
     }
+
+    public function testGetUserEntityByCredentialsReturnsNullIfUserIsNotFound()
+    {
+        $statement = $this->prophesize(PDOStatement::class);
+        $statement->bindParam(':username', 'username')->shouldBeCalled();
+        $statement->execute()->will(function () use ($statement) {
+            $statement->fetch()->willReturn(null);
+            return null;
+        });
+
+        $this->pdo
+            ->prepare(Argument::containingString('SELECT password FROM oauth_users'))
+            ->will([$statement, 'reveal']);
+
+        $client = $this->prophesize(ClientEntityInterface::class);
+
+        $this->assertNull(
+            $this->repo ->getUserEntityByUserCredentials(
+                'username',
+                'password',
+                'auth',
+                $client->reveal()
+            )
+        );
+    }
 }