oauth2-server/tests/AuthorizationServerTest.php

222 lines
8.4 KiB
PHP
Raw Normal View History

2016-02-18 17:37:50 +05:30
<?php
namespace LeagueTests;
2016-04-17 17:36:17 +05:30
use League\OAuth2\Server\AuthorizationServer;
2016-04-10 20:28:01 +05:30
use League\OAuth2\Server\CryptKey;
2016-03-10 22:04:32 +05:30
use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Grant\AuthCodeGrant;
2016-02-18 17:37:50 +05:30
use League\OAuth2\Server\Grant\ClientCredentialsGrant;
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
2016-03-10 22:04:32 +05:30
use League\OAuth2\Server\Repositories\AuthCodeRepositoryInterface;
2016-02-20 04:39:39 +05:30
use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
2016-03-10 22:04:32 +05:30
use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
2016-02-18 17:37:50 +05:30
use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
2016-04-10 20:28:01 +05:30
use League\OAuth2\Server\RequestTypes\AuthorizationRequest;
2016-03-10 22:04:32 +05:30
use League\OAuth2\Server\ResponseTypes\BearerTokenResponse;
2016-04-09 20:16:40 +05:30
use LeagueTests\Stubs\AccessTokenEntity;
use LeagueTests\Stubs\AuthCodeEntity;
2016-03-15 05:40:47 +05:30
use LeagueTests\Stubs\ClientEntity;
use LeagueTests\Stubs\ScopeEntity;
2016-02-20 04:39:39 +05:30
use LeagueTests\Stubs\StubResponseType;
use LeagueTests\Stubs\UserEntity;
2016-02-18 17:37:50 +05:30
use Psr\Http\Message\ResponseInterface;
use Zend\Diactoros\Response;
2016-04-10 20:28:01 +05:30
use Zend\Diactoros\ServerRequest;
use Zend\Diactoros\ServerRequestFactory;
2016-02-18 17:37:50 +05:30
2016-04-17 17:24:25 +05:30
class AuthorizationServerTest extends \PHPUnit_Framework_TestCase
2016-02-18 17:37:50 +05:30
{
const DEFAULT_SCOPE = 'basic ';
public function setUp()
{
// Make sure the keys have the correct permissions.
chmod(__DIR__ . '/Stubs/private.key', 0600);
chmod(__DIR__ . '/Stubs/public.key', 0600);
}
2016-02-18 17:37:50 +05:30
public function testRespondToRequestInvalidGrantType()
{
2016-04-17 17:24:25 +05:30
$server = new AuthorizationServer(
2016-07-08 18:59:21 +05:30
$this->getMockBuilder(ClientRepositoryInterface::class)->getMock(),
$this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock(),
$this->getMockBuilder(ScopeRepositoryInterface::class)->getMock(),
2016-03-28 20:40:41 +05:30
'file://' . __DIR__ . '/Stubs/private.key',
2017-07-01 22:41:19 +05:30
base64_encode(random_bytes(36)),
self::DEFAULT_SCOPE,
2016-02-18 17:37:50 +05:30
new StubResponseType()
);
$server->enableGrantType(new ClientCredentialsGrant(), new \DateInterval('PT1M'));
2016-03-11 04:53:29 +05:30
try {
$server->respondToAccessTokenRequest(ServerRequestFactory::fromGlobals(), new Response);
2016-03-11 04:53:29 +05:30
} catch (OAuthServerException $e) {
$this->assertEquals('unsupported_grant_type', $e->getErrorType());
$this->assertEquals(400, $e->getHttpStatusCode());
}
2016-02-18 17:37:50 +05:30
}
public function testRespondToRequest()
{
2016-07-08 18:59:21 +05:30
$clientRepository = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
2016-02-18 17:37:50 +05:30
$clientRepository->method('getClientEntity')->willReturn(new ClientEntity());
$scope = new ScopeEntity();
2016-03-24 00:20:14 +05:30
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scope);
2016-03-24 00:20:14 +05:30
$scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);
2016-07-08 18:59:21 +05:30
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
$accessTokenRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity());
2016-04-17 17:24:25 +05:30
$server = new AuthorizationServer(
2016-02-18 17:37:50 +05:30
$clientRepository,
$accessTokenRepositoryMock,
2016-03-24 00:20:14 +05:30
$scopeRepositoryMock,
2016-03-28 20:40:41 +05:30
'file://' . __DIR__ . '/Stubs/private.key',
2017-07-01 22:41:19 +05:30
base64_encode(random_bytes(36)),
self::DEFAULT_SCOPE,
2016-02-18 17:37:50 +05:30
new StubResponseType()
);
$server->enableGrantType(new ClientCredentialsGrant(), new \DateInterval('PT1M'));
$_POST['grant_type'] = 'client_credentials';
$_POST['client_id'] = 'foo';
$_POST['client_secret'] = 'bar';
$response = $server->respondToAccessTokenRequest(ServerRequestFactory::fromGlobals(), new Response);
2016-02-18 17:37:50 +05:30
$this->assertEquals(200, $response->getStatusCode());
}
2016-03-10 22:04:32 +05:30
2016-04-10 20:28:01 +05:30
public function testGetResponseType()
2016-03-10 22:04:32 +05:30
{
2016-07-08 18:59:21 +05:30
$clientRepository = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
2016-03-24 00:20:14 +05:30
2016-04-17 17:24:25 +05:30
$server = new AuthorizationServer(
2016-03-10 22:04:32 +05:30
$clientRepository,
2016-07-08 18:59:21 +05:30
$this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock(),
$this->getMockBuilder(ScopeRepositoryInterface::class)->getMock(),
'file://' . __DIR__ . '/Stubs/private.key',
2016-04-10 20:28:01 +05:30
'file://' . __DIR__ . '/Stubs/public.key'
2016-03-10 22:04:32 +05:30
);
2016-04-10 20:28:01 +05:30
$abstractGrantReflection = new \ReflectionClass($server);
$method = $abstractGrantReflection->getMethod('getResponseType');
$method->setAccessible(true);
2016-04-10 20:28:01 +05:30
$this->assertTrue($method->invoke($server) instanceof BearerTokenResponse);
}
2016-04-17 17:36:17 +05:30
2016-04-10 20:28:01 +05:30
public function testCompleteAuthorizationRequest()
2016-03-10 22:04:32 +05:30
{
2016-07-08 18:59:21 +05:30
$clientRepository = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
2016-03-10 22:04:32 +05:30
2016-04-17 17:24:25 +05:30
$server = new AuthorizationServer(
2016-03-10 22:04:32 +05:30
$clientRepository,
2016-07-08 18:59:21 +05:30
$this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock(),
$this->getMockBuilder(ScopeRepositoryInterface::class)->getMock(),
2016-03-28 20:40:41 +05:30
'file://' . __DIR__ . '/Stubs/private.key',
'file://' . __DIR__ . '/Stubs/public.key'
2016-03-10 22:04:32 +05:30
);
2016-04-10 20:28:01 +05:30
$authCodeRepository = $this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock();
$authCodeRepository->method('getNewAuthCode')->willReturn(new AuthCodeEntity());
2016-03-10 22:04:32 +05:30
2016-04-10 20:28:01 +05:30
$grant = new AuthCodeGrant(
$authCodeRepository,
2016-07-08 18:59:21 +05:30
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
2016-04-10 20:28:01 +05:30
new \DateInterval('PT10M')
);
$server->enableGrantType($grant);
$authRequest = new AuthorizationRequest();
$authRequest->setAuthorizationApproved(true);
$authRequest->setClient(new ClientEntity());
$authRequest->setGrantTypeId('authorization_code');
$authRequest->setUser(new UserEntity());
$this->assertTrue(
$server->completeAuthorizationRequest($authRequest, new Response) instanceof ResponseInterface
);
2016-03-10 22:04:32 +05:30
}
2016-04-10 20:28:01 +05:30
public function testValidateAuthorizationRequest()
2016-03-10 22:04:32 +05:30
{
2016-04-10 20:28:01 +05:30
$client = new ClientEntity();
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
$scope = new ScopeEntity();
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scope);
2016-04-10 20:28:01 +05:30
$grant = new AuthCodeGrant(
2016-07-08 18:59:21 +05:30
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
2016-04-10 20:28:01 +05:30
new \DateInterval('PT10M')
);
$grant->setClientRepository($clientRepositoryMock);
2016-03-10 22:04:32 +05:30
2016-04-17 17:24:25 +05:30
$server = new AuthorizationServer(
2016-04-10 20:28:01 +05:30
$clientRepositoryMock,
2016-07-08 18:59:21 +05:30
$this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock(),
$scopeRepositoryMock,
2016-03-28 20:40:41 +05:30
'file://' . __DIR__ . '/Stubs/private.key',
'file://' . __DIR__ . '/Stubs/public.key',
self::DEFAULT_SCOPE
2016-03-10 22:04:32 +05:30
);
2016-04-10 20:28:01 +05:30
$server->enableGrantType($grant);
$request = new ServerRequest(
[],
[],
null,
null,
'php://input',
$headers = [],
$cookies = [],
$queryParams = [
'response_type' => 'code',
'client_id' => 'foo',
]
);
2016-03-10 22:04:32 +05:30
2016-04-10 20:28:01 +05:30
$this->assertTrue($server->validateAuthorizationRequest($request) instanceof AuthorizationRequest);
}
/**
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
* @expectedExceptionCode 2
*/
public function testValidateAuthorizationRequestUnregistered()
{
2016-04-17 17:24:25 +05:30
$server = new AuthorizationServer(
2016-07-08 18:59:21 +05:30
$this->getMockBuilder(ClientRepositoryInterface::class)->getMock(),
$this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock(),
$this->getMockBuilder(ScopeRepositoryInterface::class)->getMock(),
2016-04-10 20:28:01 +05:30
'file://' . __DIR__ . '/Stubs/private.key',
'file://' . __DIR__ . '/Stubs/public.key'
);
$request = new ServerRequest(
[],
[],
null,
null,
'php://input',
$headers = [],
$cookies = [],
$queryParams = [
'response_type' => 'code',
'client_id' => 'foo',
]
);
$server->validateAuthorizationRequest($request);
2016-03-10 22:04:32 +05:30
}
2016-02-18 17:37:50 +05:30
}