2016-02-23 00:49:46 +03:00
< ? php
namespace tests\codeception\api ;
2016-08-06 16:36:24 +03:00
use common\models\OauthScope as S ;
2016-02-23 00:49:46 +03:00
use tests\codeception\api\_pages\OauthRoute ;
use tests\codeception\api\functional\_steps\OauthSteps ;
class OauthAccessTokenCest {
/**
* @ var OauthRoute
*/
private $route ;
public function _before ( FunctionalTester $I ) {
$this -> route = new OauthRoute ( $I );
}
2017-02-05 15:35:15 +03:00
public function testIssueTokenWithWrongArgs ( OauthSteps $I ) {
2016-02-23 00:49:46 +03:00
$I -> wantTo ( 'check behavior on on request without any credentials' );
$this -> route -> issueToken ();
$I -> canSeeResponseCodeIs ( 400 );
$I -> canSeeResponseContainsJson ([
'error' => 'invalid_request' ,
2017-02-05 15:35:15 +03:00
'message' => 'The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the "grant_type" parameter.' ,
2016-02-23 00:49:46 +03:00
]);
$I -> wantTo ( 'check behavior on passing invalid auth code' );
$this -> route -> issueToken ( $this -> buildParams (
'wrong-auth-code' ,
'ely' ,
'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM' ,
'http://ely.by'
));
$I -> canSeeResponseCodeIs ( 400 );
$I -> canSeeResponseContainsJson ([
'error' => 'invalid_request' ,
2017-02-05 15:35:15 +03:00
'message' => 'The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the "code" parameter.' ,
]);
$authCode = $I -> getAuthCode ();
$I -> wantTo ( 'check behavior on passing invalid redirect_uri' );
$this -> route -> issueToken ( $this -> buildParams (
$authCode ,
'ely' ,
'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM' ,
'http://some-other.domain'
));
$I -> canSeeResponseCodeIs ( 401 );
$I -> canSeeResponseContainsJson ([
'error' => 'invalid_client' ,
'message' => 'Client authentication failed.' ,
2016-02-23 00:49:46 +03:00
]);
}
2016-05-10 15:07:32 +03:00
public function testIssueToken ( OauthSteps $I ) {
2016-02-23 00:49:46 +03:00
$authCode = $I -> getAuthCode ();
$this -> route -> issueToken ( $this -> buildParams (
$authCode ,
'ely' ,
'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM' ,
'http://ely.by'
));
$I -> canSeeResponseCodeIs ( 200 );
$I -> canSeeResponseIsJson ();
$I -> canSeeResponseContainsJson ([
'token_type' => 'Bearer' ,
]);
$I -> canSeeResponseJsonMatchesJsonPath ( '$.access_token' );
$I -> canSeeResponseJsonMatchesJsonPath ( '$.expires_in' );
}
2016-05-10 15:07:32 +03:00
public function testIssueTokenWithRefreshToken ( OauthSteps $I ) {
2016-08-06 16:36:24 +03:00
$authCode = $I -> getAuthCode ([ S :: OFFLINE_ACCESS ]);
2016-02-23 00:49:46 +03:00
$this -> route -> issueToken ( $this -> buildParams (
$authCode ,
'ely' ,
'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM' ,
'http://ely.by'
));
$I -> canSeeResponseCodeIs ( 200 );
$I -> canSeeResponseIsJson ();
$I -> canSeeResponseContainsJson ([
'token_type' => 'Bearer' ,
]);
$I -> canSeeResponseJsonMatchesJsonPath ( '$.access_token' );
$I -> canSeeResponseJsonMatchesJsonPath ( '$.refresh_token' );
$I -> canSeeResponseJsonMatchesJsonPath ( '$.expires_in' );
}
private function buildParams ( $code = null , $clientId = null , $clientSecret = null , $redirectUri = null ) {
$params = [ 'grant_type' => 'authorization_code' ];
if ( $code !== null ) {
$params [ 'code' ] = $code ;
}
if ( $clientId !== null ) {
$params [ 'client_id' ] = $clientId ;
}
if ( $clientSecret !== null ) {
$params [ 'client_secret' ] = $clientSecret ;
}
if ( $redirectUri !== null ) {
$params [ 'redirect_uri' ] = $redirectUri ;
}
return $params ;
}
}