oauth2-server/tests/Middleware/AuthorizationServerMiddlewareTest.php

125 lines
4.8 KiB
PHP
Raw Permalink Normal View History

2016-03-10 22:52:48 +05:30
<?php
namespace LeagueTests\Middleware;
use DateInterval;
2016-04-17 17:36:17 +05:30
use League\OAuth2\Server\AuthorizationServer;
2016-04-10 20:28:01 +05:30
use League\OAuth2\Server\Exception\OAuthServerException;
2016-03-10 22:52:48 +05:30
use League\OAuth2\Server\Grant\ClientCredentialsGrant;
2016-04-17 17:24:25 +05:30
use League\OAuth2\Server\Middleware\AuthorizationServerMiddleware;
2016-03-10 22:52:48 +05:30
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
2016-04-09 20:16:40 +05:30
use LeagueTests\Stubs\AccessTokenEntity;
2016-03-15 05:40:47 +05:30
use LeagueTests\Stubs\ClientEntity;
use LeagueTests\Stubs\ScopeEntity;
2016-03-10 22:52:48 +05:30
use LeagueTests\Stubs\StubResponseType;
use PHPUnit\Framework\TestCase;
2016-03-10 22:52:48 +05:30
use Zend\Diactoros\Response;
use Zend\Diactoros\ServerRequestFactory;
class AuthorizationServerMiddlewareTest extends TestCase
2016-03-10 22:52:48 +05:30
{
const DEFAULT_SCOPE = 'basic';
2016-03-10 22:52:48 +05:30
public function testValidResponse()
{
$client = new ClientEntity();
$client->setConfidential();
2016-07-08 18:59:21 +05:30
$clientRepository = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
$clientRepository->method('getClientEntity')->willReturn($client);
2016-03-10 22:52:48 +05:30
$scopeEntity = new ScopeEntity;
2016-03-24 00:20:14 +05:30
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scopeEntity);
2016-03-24 00:20:14 +05:30
$scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);
2016-07-08 18:59:21 +05:30
$accessRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
$accessRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity());
2016-04-17 17:24:25 +05:30
$server = new AuthorizationServer(
2016-03-10 22:52:48 +05:30
$clientRepository,
$accessRepositoryMock,
2016-03-24 00:20:14 +05:30
$scopeRepositoryMock,
2016-03-28 20:40:41 +05:30
'file://' . __DIR__ . '/../Stubs/private.key',
2017-07-01 22:41:19 +05:30
base64_encode(random_bytes(36)),
2016-03-10 22:52:48 +05:30
new StubResponseType()
);
$server->setDefaultScope(self::DEFAULT_SCOPE);
2016-04-10 20:28:01 +05:30
$server->enableGrantType(new ClientCredentialsGrant());
2016-03-10 22:52:48 +05:30
$_POST['grant_type'] = 'client_credentials';
$_POST['client_id'] = 'foo';
$_POST['client_secret'] = 'bar';
$request = ServerRequestFactory::fromGlobals();
2016-04-17 17:24:25 +05:30
$middleware = new AuthorizationServerMiddleware($server);
2016-03-10 22:52:48 +05:30
$response = $middleware->__invoke(
$request,
new Response(),
function () {
return func_get_args()[1];
}
);
$this->assertEquals(200, $response->getStatusCode());
}
public function testOAuthErrorResponse()
{
2016-07-08 18:59:21 +05:30
$clientRepository = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
$clientRepository->method('validateClient')->willReturn(false);
2016-03-10 22:52:48 +05:30
2016-04-17 17:24:25 +05:30
$server = new AuthorizationServer(
2016-03-10 22:52:48 +05:30
$clientRepository,
2016-07-08 18:59:21 +05:30
$this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock(),
$this->getMockBuilder(ScopeRepositoryInterface::class)->getMock(),
2016-03-28 20:40:41 +05:30
'file://' . __DIR__ . '/../Stubs/private.key',
2017-07-01 22:41:19 +05:30
base64_encode(random_bytes(36)),
2016-03-10 22:52:48 +05:30
new StubResponseType()
);
$server->enableGrantType(new ClientCredentialsGrant(), new DateInterval('PT1M'));
2016-03-10 22:52:48 +05:30
$_POST['grant_type'] = 'client_credentials';
$_POST['client_id'] = 'foo';
$_POST['client_secret'] = 'bar';
$request = ServerRequestFactory::fromGlobals();
2016-04-17 17:24:25 +05:30
$middleware = new AuthorizationServerMiddleware($server);
2016-03-10 22:52:48 +05:30
$response = $middleware->__invoke(
$request,
new Response(),
function () {
return func_get_args()[1];
}
);
$this->assertEquals(401, $response->getStatusCode());
}
2016-04-10 20:28:01 +05:30
public function testOAuthErrorResponseRedirectUri()
{
$exception = OAuthServerException::invalidScope('test', 'http://foo/bar');
$response = $exception->generateHttpResponse(new Response());
$this->assertEquals(302, $response->getStatusCode());
$this->assertEquals('http://foo/bar?error=invalid_scope&error_description=The+requested+scope+is+invalid%2C+unknown%2C+or+malformed&hint=Check+the+%60test%60+scope&message=The+requested+scope+is+invalid%2C+unknown%2C+or+malformed',
2017-07-01 22:41:19 +05:30
$response->getHeader('location')[0]);
2016-04-10 20:28:01 +05:30
}
public function testOAuthErrorResponseRedirectUriFragment()
{
$exception = OAuthServerException::invalidScope('test', 'http://foo/bar');
$response = $exception->generateHttpResponse(new Response(), true);
$this->assertEquals(302, $response->getStatusCode());
$this->assertEquals('http://foo/bar#error=invalid_scope&error_description=The+requested+scope+is+invalid%2C+unknown%2C+or+malformed&hint=Check+the+%60test%60+scope&message=The+requested+scope+is+invalid%2C+unknown%2C+or+malformed',
2017-07-01 22:41:19 +05:30
$response->getHeader('location')[0]);
2016-04-10 20:28:01 +05:30
}
2016-03-10 22:52:48 +05:30
}