oauth2-server/tests/Grant/AbstractGrantTest.php

490 lines
20 KiB
PHP
Raw Normal View History

2016-02-12 23:23:07 +05:30
<?php
namespace LeagueTests\Grant;
use DateInterval;
2018-05-23 21:04:39 +05:30
use League\OAuth2\Server\CryptKey;
2016-04-09 19:55:45 +05:30
use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
use League\OAuth2\Server\Entities\AuthCodeEntityInterface;
use League\OAuth2\Server\Entities\RefreshTokenEntityInterface;
2016-02-12 23:23:07 +05:30
use League\OAuth2\Server\Grant\AbstractGrant;
2016-02-18 17:37:50 +05:30
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\AuthCodeRepositoryInterface;
2016-02-20 04:39:39 +05:30
use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
2016-04-10 20:28:01 +05:30
use League\OAuth2\Server\RequestTypes\AuthorizationRequest;
2016-04-09 20:14:38 +05:30
use LeagueTests\Stubs\AccessTokenEntity;
2016-04-09 20:16:40 +05:30
use LeagueTests\Stubs\AuthCodeEntity;
use LeagueTests\Stubs\ClientEntity;
2016-04-09 20:14:38 +05:30
use LeagueTests\Stubs\RefreshTokenEntity;
2016-03-15 05:40:47 +05:30
use LeagueTests\Stubs\ScopeEntity;
use PHPUnit\Framework\TestCase;
2016-02-12 23:23:07 +05:30
use Zend\Diactoros\ServerRequest;
class AbstractGrantTest extends TestCase
2016-02-12 23:23:07 +05:30
{
public function testHttpBasicWithPassword()
{
/** @var AbstractGrant $grantMock */
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$abstractGrantReflection = new \ReflectionClass($grantMock);
$serverRequest = (new ServerRequest())->withHeader('Authorization', 'Basic ' . base64_encode('Open:Sesame'));
$basicAuthMethod = $abstractGrantReflection->getMethod('getBasicAuthCredentials');
$basicAuthMethod->setAccessible(true);
$this->assertSame(['Open', 'Sesame'], $basicAuthMethod->invoke($grantMock, $serverRequest));
}
public function testHttpBasicNoPassword()
{
/** @var AbstractGrant $grantMock */
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$abstractGrantReflection = new \ReflectionClass($grantMock);
$serverRequest = (new ServerRequest())->withHeader('Authorization', 'Basic ' . base64_encode('Open:'));
$basicAuthMethod = $abstractGrantReflection->getMethod('getBasicAuthCredentials');
$basicAuthMethod->setAccessible(true);
$this->assertSame(['Open', ''], $basicAuthMethod->invoke($grantMock, $serverRequest));
}
public function testHttpBasicNotBasic()
{
/** @var AbstractGrant $grantMock */
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$abstractGrantReflection = new \ReflectionClass($grantMock);
$serverRequest = (new ServerRequest())->withHeader('Authorization', 'Foo ' . base64_encode('Open:Sesame'));
$basicAuthMethod = $abstractGrantReflection->getMethod('getBasicAuthCredentials');
$basicAuthMethod->setAccessible(true);
$this->assertSame([null, null], $basicAuthMethod->invoke($grantMock, $serverRequest));
}
public function testHttpBasicNotBase64()
{
/** @var AbstractGrant $grantMock */
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$abstractGrantReflection = new \ReflectionClass($grantMock);
$serverRequest = (new ServerRequest())->withHeader('Authorization', 'Basic ||');
$basicAuthMethod = $abstractGrantReflection->getMethod('getBasicAuthCredentials');
$basicAuthMethod->setAccessible(true);
$this->assertSame([null, null], $basicAuthMethod->invoke($grantMock, $serverRequest));
}
public function testHttpBasicNoColon()
{
/** @var AbstractGrant $grantMock */
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$abstractGrantReflection = new \ReflectionClass($grantMock);
$serverRequest = (new ServerRequest())->withHeader('Authorization', 'Basic ' . base64_encode('OpenSesame'));
$basicAuthMethod = $abstractGrantReflection->getMethod('getBasicAuthCredentials');
$basicAuthMethod->setAccessible(true);
$this->assertSame([null, null], $basicAuthMethod->invoke($grantMock, $serverRequest));
}
2016-02-18 17:06:20 +05:30
public function testValidateClientPublic()
2016-02-12 23:23:07 +05:30
{
$client = new ClientEntity();
2016-02-18 17:06:20 +05:30
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
/** @var AbstractGrant $grantMock */
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$grantMock->setClientRepository($clientRepositoryMock);
$abstractGrantReflection = new \ReflectionClass($grantMock);
$serverRequest = (new ServerRequest())->withParsedBody([
'client_id' => 'foo',
]);
2016-02-18 17:06:20 +05:30
$validateClientMethod = $abstractGrantReflection->getMethod('validateClient');
$validateClientMethod->setAccessible(true);
2018-05-13 21:59:07 +05:30
$result = $validateClientMethod->invoke($grantMock, $serverRequest);
2016-02-18 17:06:20 +05:30
$this->assertEquals($client, $result);
}
public function testValidateClientConfidential()
{
$client = new ClientEntity();
2016-02-12 23:23:07 +05:30
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
/** @var AbstractGrant $grantMock */
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$grantMock->setClientRepository($clientRepositoryMock);
$abstractGrantReflection = new \ReflectionClass($grantMock);
$serverRequest = (new ServerRequest())->withParsedBody([
'client_id' => 'foo',
'client_secret' => 'bar',
'redirect_uri' => 'http://foo/bar',
]);
2016-02-12 23:23:07 +05:30
$validateClientMethod = $abstractGrantReflection->getMethod('validateClient');
$validateClientMethod->setAccessible(true);
$result = $validateClientMethod->invoke($grantMock, $serverRequest, true, true);
$this->assertEquals($client, $result);
}
public function testValidateClientMissingClientId()
{
$client = new ClientEntity();
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
/** @var AbstractGrant $grantMock */
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$grantMock->setClientRepository($clientRepositoryMock);
$abstractGrantReflection = new \ReflectionClass($grantMock);
$serverRequest = new ServerRequest();
$validateClientMethod = $abstractGrantReflection->getMethod('validateClient');
$validateClientMethod->setAccessible(true);
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
2016-02-12 23:23:07 +05:30
$validateClientMethod->invoke($grantMock, $serverRequest, true, true);
}
public function testValidateClientMissingClientSecret()
{
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
$clientRepositoryMock->method('validateClient')->willReturn(false);
2016-02-12 23:23:07 +05:30
/** @var AbstractGrant $grantMock */
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$grantMock->setClientRepository($clientRepositoryMock);
$abstractGrantReflection = new \ReflectionClass($grantMock);
$serverRequest = (new ServerRequest())->withParsedBody([
2016-02-12 23:23:07 +05:30
'client_id' => 'foo',
]);
$validateClientMethod = $abstractGrantReflection->getMethod('validateClient');
$validateClientMethod->setAccessible(true);
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
2016-02-12 23:23:07 +05:30
$validateClientMethod->invoke($grantMock, $serverRequest, true, true);
}
2016-02-18 17:06:20 +05:30
public function testValidateClientInvalidClientSecret()
2016-02-12 23:23:07 +05:30
{
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
$clientRepositoryMock->method('validateClient')->willReturn(false);
2016-02-12 23:23:07 +05:30
/** @var AbstractGrant $grantMock */
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$grantMock->setClientRepository($clientRepositoryMock);
$abstractGrantReflection = new \ReflectionClass($grantMock);
$serverRequest = (new ServerRequest())->withParsedBody([
2016-02-20 04:39:39 +05:30
'client_id' => 'foo',
2016-02-18 17:06:20 +05:30
'client_secret' => 'foo',
2016-02-12 23:23:07 +05:30
]);
$validateClientMethod = $abstractGrantReflection->getMethod('validateClient');
$validateClientMethod->setAccessible(true);
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
2016-02-12 23:23:07 +05:30
$validateClientMethod->invoke($grantMock, $serverRequest, true, true);
}
2016-02-18 17:06:20 +05:30
public function testValidateClientInvalidRedirectUri()
2016-02-12 23:23:07 +05:30
{
$client = new ClientEntity();
2016-02-18 17:06:20 +05:30
$client->setRedirectUri('http://foo/bar');
2016-02-12 23:23:07 +05:30
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
/** @var AbstractGrant $grantMock */
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$grantMock->setClientRepository($clientRepositoryMock);
$abstractGrantReflection = new \ReflectionClass($grantMock);
$serverRequest = (new ServerRequest())->withParsedBody([
2016-04-09 20:14:38 +05:30
'client_id' => 'foo',
'redirect_uri' => 'http://bar/foo',
2016-02-12 23:23:07 +05:30
]);
$validateClientMethod = $abstractGrantReflection->getMethod('validateClient');
$validateClientMethod->setAccessible(true);
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
2016-02-12 23:23:07 +05:30
$validateClientMethod->invoke($grantMock, $serverRequest, true, true);
}
public function testValidateClientInvalidRedirectUriArray()
{
$client = new ClientEntity();
$client->setRedirectUri(['http://foo/bar']);
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
/** @var AbstractGrant $grantMock */
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$grantMock->setClientRepository($clientRepositoryMock);
$abstractGrantReflection = new \ReflectionClass($grantMock);
$serverRequest = (new ServerRequest())->withParsedBody([
2016-04-09 20:14:38 +05:30
'client_id' => 'foo',
'redirect_uri' => 'http://bar/foo',
]);
$validateClientMethod = $abstractGrantReflection->getMethod('validateClient');
$validateClientMethod->setAccessible(true);
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
$validateClientMethod->invoke($grantMock, $serverRequest, true, true);
}
2016-02-18 17:06:20 +05:30
public function testValidateClientBadClient()
{
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
$clientRepositoryMock->method('validateClient')->willReturn(false);
2016-02-18 17:06:20 +05:30
/** @var AbstractGrant $grantMock */
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$grantMock->setClientRepository($clientRepositoryMock);
$abstractGrantReflection = new \ReflectionClass($grantMock);
$serverRequest = (new ServerRequest())->withParsedBody([
2016-02-18 17:06:20 +05:30
'client_id' => 'foo',
'client_secret' => 'bar',
]);
$validateClientMethod = $abstractGrantReflection->getMethod('validateClient');
$validateClientMethod->setAccessible(true);
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
2016-02-18 17:06:20 +05:30
$validateClientMethod->invoke($grantMock, $serverRequest, true);
}
2016-02-12 23:23:07 +05:30
public function testCanRespondToRequest()
{
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$grantMock->method('getIdentifier')->willReturn('foobar');
$serverRequest = (new ServerRequest())->withParsedBody([
2016-02-12 23:23:07 +05:30
'grant_type' => 'foobar',
]);
2016-04-10 14:58:12 +05:30
$this->assertTrue($grantMock->canRespondToAccessTokenRequest($serverRequest));
2016-02-12 23:23:07 +05:30
}
public function testIssueRefreshToken()
{
2016-07-08 18:59:21 +05:30
$refreshTokenRepoMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
$refreshTokenRepoMock
->expects($this->once())
->method('getNewRefreshToken')
->willReturn(new RefreshTokenEntity());
2016-02-18 17:37:50 +05:30
2016-02-12 23:23:07 +05:30
/** @var AbstractGrant $grantMock */
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$grantMock->setRefreshTokenTTL(new DateInterval('PT1M'));
2016-02-18 17:37:50 +05:30
$grantMock->setRefreshTokenRepository($refreshTokenRepoMock);
2016-02-12 23:23:07 +05:30
$abstractGrantReflection = new \ReflectionClass($grantMock);
$issueRefreshTokenMethod = $abstractGrantReflection->getMethod('issueRefreshToken');
$issueRefreshTokenMethod->setAccessible(true);
$accessToken = new AccessTokenEntity();
/** @var RefreshTokenEntityInterface $refreshToken */
$refreshToken = $issueRefreshTokenMethod->invoke($grantMock, $accessToken);
2017-12-07 01:54:42 +05:30
$this->assertInstanceOf(RefreshTokenEntityInterface::class, $refreshToken);
2016-02-12 23:23:07 +05:30
$this->assertEquals($accessToken, $refreshToken->getAccessToken());
}
public function testIssueNullRefreshToken()
{
$refreshTokenRepoMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
$refreshTokenRepoMock
->expects($this->once())
->method('getNewRefreshToken')
->willReturn(null);
/** @var AbstractGrant $grantMock */
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$grantMock->setRefreshTokenTTL(new \DateInterval('PT1M'));
$grantMock->setRefreshTokenRepository($refreshTokenRepoMock);
$abstractGrantReflection = new \ReflectionClass($grantMock);
$issueRefreshTokenMethod = $abstractGrantReflection->getMethod('issueRefreshToken');
$issueRefreshTokenMethod->setAccessible(true);
$accessToken = new AccessTokenEntity();
$this->assertNull($issueRefreshTokenMethod->invoke($grantMock, $accessToken));
}
2016-02-12 23:23:07 +05:30
public function testIssueAccessToken()
{
2016-07-08 18:59:21 +05:30
$accessTokenRepoMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
$accessTokenRepoMock->method('getNewToken')->willReturn(new AccessTokenEntity());
2016-02-18 17:37:50 +05:30
2016-02-12 23:23:07 +05:30
/** @var AbstractGrant $grantMock */
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
2018-05-23 21:04:39 +05:30
$grantMock->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
2016-02-18 17:37:50 +05:30
$grantMock->setAccessTokenRepository($accessTokenRepoMock);
2016-02-12 23:23:07 +05:30
$abstractGrantReflection = new \ReflectionClass($grantMock);
$issueAccessTokenMethod = $abstractGrantReflection->getMethod('issueAccessToken');
$issueAccessTokenMethod->setAccessible(true);
/** @var AccessTokenEntityInterface $accessToken */
$accessToken = $issueAccessTokenMethod->invoke(
$grantMock,
new DateInterval('PT1H'),
2016-02-12 23:23:07 +05:30
new ClientEntity(),
123,
[new ScopeEntity()]
);
2017-12-07 01:54:42 +05:30
$this->assertInstanceOf(AccessTokenEntityInterface::class, $accessToken);
2016-02-12 23:23:07 +05:30
}
public function testIssueAuthCode()
{
2016-07-08 18:59:21 +05:30
$authCodeRepoMock = $this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock();
$authCodeRepoMock->expects($this->once())->method('getNewAuthCode')->willReturn(new AuthCodeEntity());
2016-02-18 17:37:50 +05:30
2016-02-12 23:23:07 +05:30
/** @var AbstractGrant $grantMock */
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
2016-02-18 17:37:50 +05:30
$grantMock->setAuthCodeRepository($authCodeRepoMock);
2016-02-12 23:23:07 +05:30
$abstractGrantReflection = new \ReflectionClass($grantMock);
$issueAuthCodeMethod = $abstractGrantReflection->getMethod('issueAuthCode');
$issueAuthCodeMethod->setAccessible(true);
2017-12-07 01:54:42 +05:30
$this->assertInstanceOf(
AuthCodeEntityInterface::class,
2016-02-12 23:23:07 +05:30
$issueAuthCodeMethod->invoke(
$grantMock,
new DateInterval('PT1H'),
2016-02-12 23:23:07 +05:30
new ClientEntity(),
123,
'http://foo/bar',
[new ScopeEntity()]
2017-12-07 01:54:42 +05:30
)
2016-02-12 23:23:07 +05:30
);
}
public function testGetCookieParameter()
{
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$grantMock->method('getIdentifier')->willReturn('foobar');
$abstractGrantReflection = new \ReflectionClass($grantMock);
$method = $abstractGrantReflection->getMethod('getCookieParameter');
$method->setAccessible(true);
$serverRequest = (new ServerRequest())->withCookieParams([
2016-02-12 23:23:07 +05:30
'foo' => 'bar',
]);
$this->assertEquals('bar', $method->invoke($grantMock, 'foo', $serverRequest));
$this->assertEquals('foo', $method->invoke($grantMock, 'bar', $serverRequest, 'foo'));
}
public function testGetQueryStringParameter()
{
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$grantMock->method('getIdentifier')->willReturn('foobar');
$abstractGrantReflection = new \ReflectionClass($grantMock);
$method = $abstractGrantReflection->getMethod('getQueryStringParameter');
$method->setAccessible(true);
$serverRequest = (new ServerRequest())->withQueryParams([
2016-02-12 23:23:07 +05:30
'foo' => 'bar',
]);
$this->assertEquals('bar', $method->invoke($grantMock, 'foo', $serverRequest));
$this->assertEquals('foo', $method->invoke($grantMock, 'bar', $serverRequest, 'foo'));
}
public function testValidateScopes()
{
$scope = new ScopeEntity();
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scope);
/** @var AbstractGrant $grantMock */
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$grantMock->setScopeRepository($scopeRepositoryMock);
$this->assertEquals([$scope], $grantMock->validateScopes('basic '));
2016-02-12 23:23:07 +05:30
}
public function testValidateScopesBadScope()
{
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn(null);
/** @var AbstractGrant $grantMock */
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$grantMock->setScopeRepository($scopeRepositoryMock);
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
$grantMock->validateScopes('basic ');
2016-02-12 23:23:07 +05:30
}
public function testGenerateUniqueIdentifier()
{
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$abstractGrantReflection = new \ReflectionClass($grantMock);
$method = $abstractGrantReflection->getMethod('generateUniqueIdentifier');
$method->setAccessible(true);
$this->assertIsString($method->invoke($grantMock));
}
2016-04-10 20:28:01 +05:30
public function testCanRespondToAuthorizationRequest()
{
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$this->assertFalse($grantMock->canRespondToAuthorizationRequest(new ServerRequest()));
}
public function testValidateAuthorizationRequest()
{
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$this->expectException(\LogicException::class);
2016-04-10 20:28:01 +05:30
$grantMock->validateAuthorizationRequest(new ServerRequest());
}
public function testCompleteAuthorizationRequest()
{
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$this->expectException(\LogicException::class);
2016-04-10 20:28:01 +05:30
$grantMock->completeAuthorizationRequest(new AuthorizationRequest());
}
2016-02-12 23:23:07 +05:30
}