accounts/api/tests/functional/oauth/AccessTokenCest.php

<?php
declare(strict_types=1);

namespace api\tests\functional\oauth;

use api\tests\functional\_steps\OauthSteps;

class AccessTokenCest {

    public function successfullyIssueToken(OauthSteps $I) {
        $I->wantTo('complete oauth flow and obtain access_token');
        $authCode = $I->obtainAuthCode();
        $I->sendPOST('/api/oauth2/v1/token', [
            'grant_type' => 'authorization_code',
            'code' => $authCode,
            'client_id' => 'ely',
            'client_secret' => 'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM',
            'redirect_uri' => 'http://ely.by',
        ]);
        $I->canSeeResponseCodeIs(200);
        $I->canSeeResponseContainsJson([
            'token_type' => 'Bearer',
        ]);
        $I->canSeeResponseJsonMatchesJsonPath('$.access_token');
        $I->canSeeResponseJsonMatchesJsonPath('$.expires_in');
        $I->cantSeeResponseJsonMatchesJsonPath('$.refresh_token');
    }

    public function successfullyIssueOfflineToken(OauthSteps $I) {
        $I->wantTo('complete oauth flow with offline_access scope and obtain access_token and refresh_token');
        $authCode = $I->obtainAuthCode(['offline_access']);
        $I->sendPOST('/api/oauth2/v1/token', [
            'grant_type' => 'authorization_code',
            'code' => $authCode,
            'client_id' => 'ely',
            'client_secret' => 'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM',
            'redirect_uri' => 'http://ely.by',
        ]);
        $I->canSeeResponseCodeIs(200);
        $I->canSeeResponseContainsJson([
            'token_type' => 'Bearer',
        ]);
        $I->canSeeResponseJsonMatchesJsonPath('$.access_token');
        $I->canSeeResponseJsonMatchesJsonPath('$.expires_in');
        $I->canSeeResponseJsonMatchesJsonPath('$.refresh_token');
    }

    public function callEndpointWithByEmptyRequest(OauthSteps $I) {
        $I->wantTo('check behavior on on request without any params');
        $I->sendPOST('/api/oauth2/v1/token');
        $I->canSeeResponseCodeIs(400);
        $I->canSeeResponseContainsJson([
            'error' => 'unsupported_grant_type',
            'message' => 'The authorization grant type is not supported by the authorization server.',
        ]);
    }

    public function issueTokenByPassingInvalidAuthCode(OauthSteps $I) {
        $I->wantTo('check behavior on passing invalid auth code');
        $I->sendPOST('/api/oauth2/v1/token', [
            'grant_type' => 'authorization_code',
            'code' => 'wrong-auth-code',
            'client_id' => 'ely',
            'client_secret' => 'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM',
            'redirect_uri' => 'http://ely.by',
        ]);
        $I->canSeeResponseCodeIs(400);
        $I->canSeeResponseContainsJson([
            'error' => 'invalid_request',
            'message' => 'The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the "code" parameter.',
        ]);
    }

    public function issueTokenByPassingInvalidRedirectUri(OauthSteps $I) {
        $I->wantTo('check behavior on passing invalid redirect_uri');
        $authCode = $I->obtainAuthCode();
        $I->sendPOST('/api/oauth2/v1/token', [
            'grant_type' => 'authorization_code',
            'code' => $authCode,
            'client_id' => 'ely',
            'client_secret' => 'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM',
            'redirect_uri' => 'http://some-other.domain',
        ]);
        $I->canSeeResponseCodeIs(401);
        $I->canSeeResponseContainsJson([
            'error' => 'invalid_client',
            'message' => 'Client authentication failed',
        ]);
    }

}
Протестирована логика подписи access_token и refresh_token, добавлены базовые скоупы, подчищен проект 2016-02-23 00:49:46 +03:00			`<?php`
Completely restored authorization_code grant for user side. Reworked oauth_sessions table. Added extension to use MariaDB's JSON columns. Rewritten tests for authorization_code grant for client side. Deprecate some old shit. [skip ci] 2019-09-18 02:14:05 +03:00			`declare(strict_types=1);`

Rework tests structure. Upgrade codeception to 2.5.3. Merge params configuration into app configuration. 2019-02-20 22:58:52 +03:00			`namespace api\tests\functional\oauth;`
Протестирована логика подписи access_token и refresh_token, добавлены базовые скоупы, подчищен проект 2016-02-23 00:49:46 +03:00
Rework tests structure. Upgrade codeception to 2.5.3. Merge params configuration into app configuration. 2019-02-20 22:58:52 +03:00			`use api\tests\functional\_steps\OauthSteps;`
Протестирована логика подписи access_token и refresh_token, добавлены базовые скоупы, подчищен проект 2016-02-23 00:49:46 +03:00
Функциональные тесты для oauth вынесены в отдельную группу 2017-06-12 14:34:39 +03:00			`class AccessTokenCest {`
Протестирована логика подписи access_token и refresh_token, добавлены базовые скоупы, подчищен проект 2016-02-23 00:49:46 +03:00
Completely restored authorization_code grant for user side. Reworked oauth_sessions table. Added extension to use MariaDB's JSON columns. Rewritten tests for authorization_code grant for client side. Deprecate some old shit. [skip ci] 2019-09-18 02:14:05 +03:00			`public function successfullyIssueToken(OauthSteps $I) {`
			`$I->wantTo('complete oauth flow and obtain access_token');`
			`$authCode = $I->obtainAuthCode();`
			`$I->sendPOST('/api/oauth2/v1/token', [`
			`'grant_type' => 'authorization_code',`
			`'code' => $authCode,`
			`'client_id' => 'ely',`
			`'client_secret' => 'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM',`
			`'redirect_uri' => 'http://ely.by',`
Протестирована логика подписи access_token и refresh_token, добавлены базовые скоупы, подчищен проект 2016-02-23 00:49:46 +03:00			`]);`
			`$I->canSeeResponseCodeIs(200);`
			`$I->canSeeResponseContainsJson([`
			`'token_type' => 'Bearer',`
			`]);`
			`$I->canSeeResponseJsonMatchesJsonPath('$.access_token');`
			`$I->canSeeResponseJsonMatchesJsonPath('$.expires_in');`
Completely restored authorization_code grant for user side. Reworked oauth_sessions table. Added extension to use MariaDB's JSON columns. Rewritten tests for authorization_code grant for client side. Deprecate some old shit. [skip ci] 2019-09-18 02:14:05 +03:00			`$I->cantSeeResponseJsonMatchesJsonPath('$.refresh_token');`
Протестирована логика подписи access_token и refresh_token, добавлены базовые скоупы, подчищен проект 2016-02-23 00:49:46 +03:00			`}`

Completely restored authorization_code grant for user side. Reworked oauth_sessions table. Added extension to use MariaDB's JSON columns. Rewritten tests for authorization_code grant for client side. Deprecate some old shit. [skip ci] 2019-09-18 02:14:05 +03:00			`public function successfullyIssueOfflineToken(OauthSteps $I) {`
			`$I->wantTo('complete oauth flow with offline_access scope and obtain access_token and refresh_token');`
			`$authCode = $I->obtainAuthCode(['offline_access']);`
			`$I->sendPOST('/api/oauth2/v1/token', [`
			`'grant_type' => 'authorization_code',`
			`'code' => $authCode,`
			`'client_id' => 'ely',`
			`'client_secret' => 'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM',`
			`'redirect_uri' => 'http://ely.by',`
			`]);`
Протестирована логика подписи access_token и refresh_token, добавлены базовые скоупы, подчищен проект 2016-02-23 00:49:46 +03:00			`$I->canSeeResponseCodeIs(200);`
			`$I->canSeeResponseContainsJson([`
			`'token_type' => 'Bearer',`
			`]);`
			`$I->canSeeResponseJsonMatchesJsonPath('$.access_token');`
			`$I->canSeeResponseJsonMatchesJsonPath('$.expires_in');`
Completely restored authorization_code grant for user side. Reworked oauth_sessions table. Added extension to use MariaDB's JSON columns. Rewritten tests for authorization_code grant for client side. Deprecate some old shit. [skip ci] 2019-09-18 02:14:05 +03:00			`$I->canSeeResponseJsonMatchesJsonPath('$.refresh_token');`
Протестирована логика подписи access_token и refresh_token, добавлены базовые скоупы, подчищен проект 2016-02-23 00:49:46 +03:00			`}`

Completely restored authorization_code grant for user side. Reworked oauth_sessions table. Added extension to use MariaDB's JSON columns. Rewritten tests for authorization_code grant for client side. Deprecate some old shit. [skip ci] 2019-09-18 02:14:05 +03:00			`public function callEndpointWithByEmptyRequest(OauthSteps $I) {`
			`$I->wantTo('check behavior on on request without any params');`
			`$I->sendPOST('/api/oauth2/v1/token');`
			`$I->canSeeResponseCodeIs(400);`
			`$I->canSeeResponseContainsJson([`
			`'error' => 'unsupported_grant_type',`
			`'message' => 'The authorization grant type is not supported by the authorization server.',`
			`]);`
			`}`
Протестирована логика подписи access_token и refresh_token, добавлены базовые скоупы, подчищен проект 2016-02-23 00:49:46 +03:00
Completely restored authorization_code grant for user side. Reworked oauth_sessions table. Added extension to use MariaDB's JSON columns. Rewritten tests for authorization_code grant for client side. Deprecate some old shit. [skip ci] 2019-09-18 02:14:05 +03:00			`public function issueTokenByPassingInvalidAuthCode(OauthSteps $I) {`
			`$I->wantTo('check behavior on passing invalid auth code');`
			`$I->sendPOST('/api/oauth2/v1/token', [`
			`'grant_type' => 'authorization_code',`
			`'code' => 'wrong-auth-code',`
			`'client_id' => 'ely',`
			`'client_secret' => 'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM',`
			`'redirect_uri' => 'http://ely.by',`
			`]);`
			`$I->canSeeResponseCodeIs(400);`
			`$I->canSeeResponseContainsJson([`
			`'error' => 'invalid_request',`
			`'message' => 'The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the "code" parameter.',`
			`]);`
			`}`
Протестирована логика подписи access_token и refresh_token, добавлены базовые скоупы, подчищен проект 2016-02-23 00:49:46 +03:00
Completely restored authorization_code grant for user side. Reworked oauth_sessions table. Added extension to use MariaDB's JSON columns. Rewritten tests for authorization_code grant for client side. Deprecate some old shit. [skip ci] 2019-09-18 02:14:05 +03:00			`public function issueTokenByPassingInvalidRedirectUri(OauthSteps $I) {`
			`$I->wantTo('check behavior on passing invalid redirect_uri');`
			`$authCode = $I->obtainAuthCode();`
			`$I->sendPOST('/api/oauth2/v1/token', [`
			`'grant_type' => 'authorization_code',`
			`'code' => $authCode,`
			`'client_id' => 'ely',`
			`'client_secret' => 'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM',`
			`'redirect_uri' => 'http://some-other.domain',`
			`]);`
Restore full functionality of OAuth2 server [skip ci] 2019-09-22 00:17:21 +03:00			`$I->canSeeResponseCodeIs(401);`
Completely restored authorization_code grant for user side. Reworked oauth_sessions table. Added extension to use MariaDB's JSON columns. Rewritten tests for authorization_code grant for client side. Deprecate some old shit. [skip ci] 2019-09-18 02:14:05 +03:00			`$I->canSeeResponseContainsJson([`
			`'error' => 'invalid_client',`
Restore full functionality of OAuth2 server [skip ci] 2019-09-22 00:17:21 +03:00			`'message' => 'Client authentication failed',`
Completely restored authorization_code grant for user side. Reworked oauth_sessions table. Added extension to use MariaDB's JSON columns. Rewritten tests for authorization_code grant for client side. Deprecate some old shit. [skip ci] 2019-09-18 02:14:05 +03:00			`]);`
Протестирована логика подписи access_token и refresh_token, добавлены базовые скоупы, подчищен проект 2016-02-23 00:49:46 +03:00			`}`

			`}`