Updated Refresh Token and Password grants

This commit is contained in:
Alex Bilbie 2014-03-09 19:35:23 +00:00
parent af06f9f3ea
commit 4e37d9bb61
4 changed files with 841 additions and 9 deletions

View File

@ -11,7 +11,7 @@
namespace League\OAuth2\Server\Grant; namespace League\OAuth2\Server\Grant;
use League\OAuth2\Server\Authorization; use League\OAuth2\Server\AuthorizationServer;
use League\OAuth2\Server\Entity\AccessToken; use League\OAuth2\Server\Entity\AccessToken;
use League\OAuth2\Server\Entity\Client; use League\OAuth2\Server\Entity\Client;
use League\OAuth2\Server\Entity\RefreshToken; use League\OAuth2\Server\Entity\RefreshToken;
@ -87,7 +87,7 @@ class Password extends AbstractGrant
$clientId = $this->server->getRequest()->request->get('client_id', null); $clientId = $this->server->getRequest()->request->get('client_id', null);
if (is_null($clientId)) { if (is_null($clientId)) {
throw new ClientException( throw new ClientException(
sprintf(Authorization::getExceptionMessage('invalid_request'), 'client_id'), sprintf(AuthorizationServer::getExceptionMessage('invalid_request'), 'client_id'),
0 0
); );
} }
@ -95,7 +95,7 @@ class Password extends AbstractGrant
$clientSecret = $this->server->getRequest()->request->get('client_secret', null); $clientSecret = $this->server->getRequest()->request->get('client_secret', null);
if (is_null($clientSecret)) { if (is_null($clientSecret)) {
throw new ClientException( throw new ClientException(
sprintf(Authorization::getExceptionMessage('invalid_request'), 'client_secret'), sprintf(AuthorizationServer::getExceptionMessage('invalid_request'), 'client_secret'),
0 0
); );
} }
@ -109,13 +109,13 @@ class Password extends AbstractGrant
); );
if (($client instanceof Client) === false) { if (($client instanceof Client) === false) {
throw new ClientException(Authorization::getExceptionMessage('invalid_client'), 8); throw new ClientException(AuthorizationServer::getExceptionMessage('invalid_client'), 8);
} }
$username = $this->server->getRequest()->request->get('username', null); $username = $this->server->getRequest()->request->get('username', null);
if (is_null($username)) { if (is_null($username)) {
throw new ClientException( throw new ClientException(
sprintf(Authorization::getExceptionMessage('invalid_request'), 'username'), sprintf(AuthorizationServer::getExceptionMessage('invalid_request'), 'username'),
0 0
); );
} }
@ -123,7 +123,7 @@ class Password extends AbstractGrant
$password = $this->server->getRequest()->request->get('password', null); $password = $this->server->getRequest()->request->get('password', null);
if (is_null($password)) { if (is_null($password)) {
throw new ClientException( throw new ClientException(
sprintf(Authorization::getExceptionMessage('invalid_request'), 'password'), sprintf(AuthorizationServer::getExceptionMessage('invalid_request'), 'password'),
0 0
); );
} }

View File

@ -12,7 +12,7 @@
namespace League\OAuth2\Server\Grant; namespace League\OAuth2\Server\Grant;
use League\OAuth2\Server\Request; use League\OAuth2\Server\Request;
use League\OAuth2\Server\Authorization; use League\OAuth2\Server\AuthorizationServer;
use League\OAuth2\Server\Exception; use League\OAuth2\Server\Exception;
use League\OAuth2\Server\Util\SecureKey; use League\OAuth2\Server\Util\SecureKey;
use League\OAuth2\Server\Storage\SessionInterface; use League\OAuth2\Server\Storage\SessionInterface;
@ -88,7 +88,7 @@ class RefreshToken extends AbstractGrant
); );
if ($client === null) { if ($client === null) {
throw new ClientException(Authorization::getExceptionMessage('invalid_client'), 8); throw new ClientException(AuthorizationServer::getExceptionMessage('invalid_client'), 8);
} }
$oldRefreshTokenParam = $this->server->getRequest()->request->get('refresh_token', null); $oldRefreshTokenParam = $this->server->getRequest()->request->get('refresh_token', null);
@ -122,7 +122,6 @@ class RefreshToken extends AbstractGrant
} else { } else {
// The OAuth spec says that a refreshed access token can have the original scopes or fewer so ensure // The OAuth spec says that a refreshed access token can have the original scopes or fewer so ensure
// the request doesn't include any new scopes // the request doesn't include any new scopes
foreach ($requestedScopes as $requestedScope) { foreach ($requestedScopes as $requestedScope) {
if (!isset($scopes[$requestedScope->getId()])) { if (!isset($scopes[$requestedScope->getId()])) {
throw new Exception\ClientException( throw new Exception\ClientException(

View File

@ -0,0 +1,474 @@
<?php
namespace LeagueTests\Grant;
use League\OAuth2\Server\Grant\Password;
use League\OAuth2\Server\Grant\RefreshToken;
use League\OAuth2\Server\Entity\Scope;
use League\OAuth2\Server\Entity\Client;
use League\OAuth2\Server\AuthorizationServer;
use League\OAuth2\Server\Grant\ClientException;
use Mockery as M;
class PasswordTest extends \PHPUnit_Framework_TestCase
{
function testCompleteFlowMissingClientId()
{
$this->setExpectedException('League\OAuth2\Server\Exception\ClientException');
$_POST['grant_type'] = 'password';
$server = new AuthorizationServer;
$grant = new Password;
$server->addGrantType($grant);
$server->issueAccessToken();
}
function testCompleteFlowMissingClientSecret()
{
$this->setExpectedException('League\OAuth2\Server\Exception\ClientException');
$_POST = [
'grant_type' => 'password',
'client_id' => 'testapp'
];
$server = new AuthorizationServer;
$grant = new Password;
$server->addGrantType($grant);
$server->issueAccessToken();
}
function testCompleteFlowInvalidClient()
{
$this->setExpectedException('League\OAuth2\Server\Exception\ClientException');
$_POST = [
'grant_type' => 'password',
'client_id' => 'testapp',
'client_secret' => 'foobar'
];
$server = new AuthorizationServer;
$grant = new Password;
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(null);
$server->setClientStorage($clientStorage);
$server->addGrantType($grant);
$server->issueAccessToken();
}
function testNoUsername()
{
$this->setExpectedException('League\OAuth2\Server\Exception\ClientException');
$_POST = [
'grant_type' => 'password',
'client_id' => 'testapp',
'client_secret' => 'foobar'
];
$server = new AuthorizationServer;
$grant = new Password;
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new Client($server))->setId('testapp')
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
$sessionStorage->shouldReceive('setServer');
$sessionStorage->shouldReceive('create');
$sessionStorage->shouldReceive('getScopes')->andReturn([]);
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
$accessTokenStorage->shouldReceive('setServer');
$accessTokenStorage->shouldReceive('create');
$accessTokenStorage->shouldReceive('getScopes')->andReturn([]);
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
$scopeStorage->shouldReceive('setServer');
$scopeStorage->shouldReceive('get')->andReturn(null);
$server->setClientStorage($clientStorage);
$server->setScopeStorage($scopeStorage);
$server->setSessionStorage($sessionStorage);
$server->setAccessTokenStorage($accessTokenStorage);
$server->addGrantType($grant);
$server->issueAccessToken();
}
function testNoPassword()
{
$this->setExpectedException('League\OAuth2\Server\Exception\ClientException');
$_POST = [
'grant_type' => 'password',
'client_id' => 'testapp',
'client_secret' => 'foobar',
'username' => 'foo'
];
$server = new AuthorizationServer;
$grant = new Password;
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new Client($server))->setId('testapp')
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
$sessionStorage->shouldReceive('setServer');
$sessionStorage->shouldReceive('create');
$sessionStorage->shouldReceive('getScopes')->andReturn([]);
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
$accessTokenStorage->shouldReceive('setServer');
$accessTokenStorage->shouldReceive('create');
$accessTokenStorage->shouldReceive('getScopes')->andReturn([]);
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
$scopeStorage->shouldReceive('setServer');
$scopeStorage->shouldReceive('get')->andReturn(null);
$server->setClientStorage($clientStorage);
$server->setScopeStorage($scopeStorage);
$server->setSessionStorage($sessionStorage);
$server->setAccessTokenStorage($accessTokenStorage);
$server->addGrantType($grant);
$server->issueAccessToken();
}
function testNoCallable()
{
$this->setExpectedException('League\OAuth2\Server\Exception\InvalidGrantTypeException');
$_POST = [
'grant_type' => 'password',
'client_id' => 'testapp',
'client_secret' => 'foobar',
'username' => 'foo',
'password' => 'foobar'
];
$server = new AuthorizationServer;
$grant = new Password;
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new Client($server))->setId('testapp')
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
$sessionStorage->shouldReceive('setServer');
$sessionStorage->shouldReceive('create');
$sessionStorage->shouldReceive('getScopes')->andReturn([]);
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
$accessTokenStorage->shouldReceive('setServer');
$accessTokenStorage->shouldReceive('create');
$accessTokenStorage->shouldReceive('getScopes')->andReturn([]);
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
$scopeStorage->shouldReceive('setServer');
$scopeStorage->shouldReceive('get')->andReturn(null);
$server->setClientStorage($clientStorage);
$server->setScopeStorage($scopeStorage);
$server->setSessionStorage($sessionStorage);
$server->setAccessTokenStorage($accessTokenStorage);
$server->addGrantType($grant);
$server->issueAccessToken();
}
function testCompleteFlowInvalidScope()
{
$this->setExpectedException('League\OAuth2\Server\Exception\ClientException');
$_POST = [
'grant_type' => 'password',
'client_id' => 'testapp',
'client_secret' => 'foobar',
'scope' => 'foo'
];
$server = new AuthorizationServer;
$grant = new Password;
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new Client($server))->setId('testapp')
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
$sessionStorage->shouldReceive('setServer');
$sessionStorage->shouldReceive('create');
$sessionStorage->shouldReceive('getScopes')->andReturn([]);
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
$accessTokenStorage->shouldReceive('setServer');
$accessTokenStorage->shouldReceive('create');
$accessTokenStorage->shouldReceive('getScopes')->andReturn([]);
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
$scopeStorage->shouldReceive('setServer');
$scopeStorage->shouldReceive('get')->andReturn(null);
$server->setClientStorage($clientStorage);
$server->setScopeStorage($scopeStorage);
$server->setSessionStorage($sessionStorage);
$server->setAccessTokenStorage($accessTokenStorage);
$grant->setVerifyCredentialsCallback(function () {
return 123;
});
$server->addGrantType($grant);
$server->issueAccessToken();
}
function testCompleteFlowNoScopes()
{
$this->setExpectedException('League\OAuth2\Server\Exception\ClientException');
$_POST = [
'grant_type' => 'password',
'client_id' => 'testapp',
'client_secret' => 'foobar',
'username' => 'username',
'password' => 'password'
];
$server = new AuthorizationServer;
$grant = new Password;
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new Client($server))->setId('testapp')
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
$sessionStorage->shouldReceive('setServer');
$sessionStorage->shouldReceive('create')->andreturn(123);
$sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([]);
$sessionStorage->shouldReceive('associateScope');
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
$accessTokenStorage->shouldReceive('setServer');
$accessTokenStorage->shouldReceive('create');
$accessTokenStorage->shouldReceive('getScopes')->andReturn([]);
$accessTokenStorage->shouldReceive('associateScope');
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
$scopeStorage->shouldReceive('setServer');
$server->setClientStorage($clientStorage);
$server->setScopeStorage($scopeStorage);
$server->setSessionStorage($sessionStorage);
$server->setAccessTokenStorage($accessTokenStorage);
$server->requireScopeParam(true);
$grant->setVerifyCredentialsCallback(function () {
return 123;
});
$server->addGrantType($grant);
$server->issueAccessToken();
}
function testCompleteFlowInvalidCredentials()
{
$this->setExpectedException('League\OAuth2\Server\Exception\ClientException');
$_POST = [
'grant_type' => 'password',
'client_id' => 'testapp',
'client_secret' => 'foobar',
'scope' => 'foo',
'username' => 'username',
'password' => 'password'
];
$server = new AuthorizationServer;
$grant = new Password;
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new Client($server))->setId('testapp')
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
$sessionStorage->shouldReceive('setServer');
$sessionStorage->shouldReceive('create')->andreturn(123);
$sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([
(new Scope($server))->setId('foo')
]);
$sessionStorage->shouldReceive('associateScope');
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
$accessTokenStorage->shouldReceive('setServer');
$accessTokenStorage->shouldReceive('create');
$accessTokenStorage->shouldReceive('getScopes')->andReturn([
(new Scope($server))->setId('foo')
]);
$accessTokenStorage->shouldReceive('associateScope');
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
$scopeStorage->shouldReceive('setServer');
$scopeStorage->shouldReceive('get')->andReturn(
(new Scope($server))->setId('foo')
);
$server->setClientStorage($clientStorage);
$server->setScopeStorage($scopeStorage);
$server->setSessionStorage($sessionStorage);
$server->setAccessTokenStorage($accessTokenStorage);
$grant->setVerifyCredentialsCallback(function () {
return false;
});
$server->addGrantType($grant);
$server->issueAccessToken();
}
function testCompleteFlow()
{
$_POST = [
'grant_type' => 'password',
'client_id' => 'testapp',
'client_secret' => 'foobar',
'scope' => 'foo',
'username' => 'username',
'password' => 'password'
];
$server = new AuthorizationServer;
$grant = new Password;
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new Client($server))->setId('testapp')
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
$sessionStorage->shouldReceive('setServer');
$sessionStorage->shouldReceive('create')->andreturn(123);
$sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([
(new Scope($server))->setId('foo')
]);
$sessionStorage->shouldReceive('associateScope');
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
$accessTokenStorage->shouldReceive('setServer');
$accessTokenStorage->shouldReceive('create');
$accessTokenStorage->shouldReceive('getScopes')->andReturn([
(new Scope($server))->setId('foo')
]);
$accessTokenStorage->shouldReceive('associateScope');
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
$scopeStorage->shouldReceive('setServer');
$scopeStorage->shouldReceive('get')->andReturn(
(new Scope($server))->setId('foo')
);
$server->setClientStorage($clientStorage);
$server->setScopeStorage($scopeStorage);
$server->setSessionStorage($sessionStorage);
$server->setAccessTokenStorage($accessTokenStorage);
$grant->setVerifyCredentialsCallback(function () {
return 123;
});
$server->addGrantType($grant);
$response = $server->issueAccessToken();
$this->assertTrue(isset($response['access_token']));
$this->assertTrue(isset($response['token_type']));
$this->assertTrue(isset($response['expires_in']));
$this->assertTrue(isset($response['expires']));
}
function testCompleteFlowRefreshToken()
{
$_POST = [
'grant_type' => 'password',
'client_id' => 'testapp',
'client_secret' => 'foobar',
'scope' => 'foo',
'username' => 'username',
'password' => 'password'
];
$server = new AuthorizationServer;
$grant = new Password;
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new Client($server))->setId('testapp')
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
$sessionStorage->shouldReceive('setServer');
$sessionStorage->shouldReceive('create')->andreturn(123);
$sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([
(new Scope($server))->setId('foo')
]);
$sessionStorage->shouldReceive('associateScope');
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
$accessTokenStorage->shouldReceive('setServer');
$accessTokenStorage->shouldReceive('create');
$accessTokenStorage->shouldReceive('getScopes')->andReturn([
(new Scope($server))->setId('foo')
]);
$accessTokenStorage->shouldReceive('associateScope');
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
$scopeStorage->shouldReceive('setServer');
$scopeStorage->shouldReceive('get')->andReturn(
(new Scope($server))->setId('foo')
);
$refreshTokenStorage = M::mock('League\OAuth2\Server\Storage\RefreshTokenInterface');
$refreshTokenStorage->shouldReceive('setServer');
$refreshTokenStorage->shouldReceive('create');
$refreshTokenStorage->shouldReceive('associateScope');
$server->setClientStorage($clientStorage);
$server->setScopeStorage($scopeStorage);
$server->setSessionStorage($sessionStorage);
$server->setAccessTokenStorage($accessTokenStorage);
$server->setRefreshTokenStorage($refreshTokenStorage);
$grant->setVerifyCredentialsCallback(function () {
return 123;
});
$server->addGrantType($grant);
$server->addGrantType(new RefreshToken);
$response = $server->issueAccessToken();
$this->assertTrue(isset($response['access_token']));
$this->assertTrue(isset($response['refresh_token']));
$this->assertTrue(isset($response['token_type']));
$this->assertTrue(isset($response['expires_in']));
$this->assertTrue(isset($response['expires']));
}
}

View File

@ -0,0 +1,359 @@
<?php
namespace LeagueTests\Grant;
use League\OAuth2\Server\Grant\RefreshToken;
use League\OAuth2\Server\Entity\Scope;
use League\OAuth2\Server\Entity\Client;
use League\OAuth2\Server\Entity\AccessToken;
use League\OAuth2\Server\Entity\Session;
use League\OAuth2\Server\Entity\RefreshToken as RT;
use League\OAuth2\Server\AuthorizationServer;
use League\OAuth2\Server\Grant\ClientException;
use Mockery as M;
class RefreshTokenTest extends \PHPUnit_Framework_TestCase
{
function testSetRefreshTokenTTL()
{
$grant = new RefreshToken;
$grant->setRefreshTokenTTL(86400);
$property = new \ReflectionProperty($grant, 'refreshTokenTTL');
$property->setAccessible(true);
$this->assertEquals(86400, $property->getValue($grant));
}
function testCompleteFlowMissingClientId()
{
$this->setExpectedException('League\OAuth2\Server\Exception\ClientException');
$_POST['grant_type'] = 'refresh_token';
$server = new AuthorizationServer;
$grant = new RefreshToken;
$server->addGrantType($grant);
$server->issueAccessToken();
}
function testCompleteFlowMissingClientSecret()
{
$this->setExpectedException('League\OAuth2\Server\Exception\ClientException');
$_POST = [
'grant_type' => 'refresh_token',
'client_id' => 'testapp'
];
$server = new AuthorizationServer;
$grant = new RefreshToken;
$server->addGrantType($grant);
$server->issueAccessToken();
}
function testCompleteFlowInvalidClient()
{
$this->setExpectedException('League\OAuth2\Server\Exception\ClientException');
$_POST = [
'grant_type' => 'refresh_token',
'client_id' => 'testapp',
'client_secret' => 'foobar'
];
$server = new AuthorizationServer;
$grant = new RefreshToken;
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(null);
$server->setClientStorage($clientStorage);
$server->addGrantType($grant);
$server->issueAccessToken();
}
function testCompleteFlowMissingRefreshToken()
{
$this->setExpectedException('League\OAuth2\Server\Exception\ClientException');
$_POST = [
'grant_type' => 'refresh_token',
'client_id' => 'testapp',
'client_secret' => 'foobar',
];
$server = new AuthorizationServer;
$grant = new RefreshToken;
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new Client($server))->setId('testapp')
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
$sessionStorage->shouldReceive('setServer');
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
$scopeStorage->shouldReceive('setServer');
$server->setClientStorage($clientStorage);
$server->setScopeStorage($scopeStorage);
$server->setSessionStorage($sessionStorage);
$server->requireScopeParam(true);
$server->addGrantType($grant);
$server->issueAccessToken();
}
function testCompleteFlowInvalidRefreshToken()
{
$this->setExpectedException('League\OAuth2\Server\Exception\ClientException');
$_POST = [
'grant_type' => 'refresh_token',
'client_id' => 'testapp',
'client_secret' => 'foobar',
'refresh_token' => 'meh'
];
$server = new AuthorizationServer;
$grant = new RefreshToken;
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new Client($server))->setId('testapp')
);
$refreshTokenStorage = M::mock('League\OAuth2\Server\Storage\RefreshTokenInterface');
$refreshTokenStorage->shouldReceive('get');
$refreshTokenStorage->shouldReceive('setServer');
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
$scopeStorage->shouldReceive('setServer');
$server->setClientStorage($clientStorage);
$server->setScopeStorage($scopeStorage);
$server->setRefreshTokenStorage($refreshTokenStorage);
$server->requireScopeParam(true);
$server->addGrantType($grant);
$server->issueAccessToken();
}
function testCompleteFlowExistingScopes()
{
$_POST = [
'grant_type' => 'refresh_token',
'client_id' => 'testapp',
'client_secret' => 'foobar',
'refresh_token' => 'refresh_token'
];
$server = new AuthorizationServer;
$grant = new RefreshToken;
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new Client($server))->setId('testapp')
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
$sessionStorage->shouldReceive('setServer');
$sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([]);
$sessionStorage->shouldReceive('associateScope');
$sessionStorage->shouldReceive('getByAccessToken')->andReturn(
(new Session($server))
);
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
$accessTokenStorage->shouldReceive('setServer');
$accessTokenStorage->shouldReceive('getByRefreshToken')->andReturn(
(new AccessToken($server))
);
$accessTokenStorage->shouldReceive('delete');
$accessTokenStorage->shouldReceive('create');
$accessTokenStorage->shouldReceive('getScopes')->andReturn([
(new Scope($server))->setId('foo')
]);
$accessTokenStorage->shouldReceive('associateScope');
$refreshTokenStorage = M::mock('League\OAuth2\Server\Storage\RefreshTokenInterface');
$refreshTokenStorage->shouldReceive('setServer');
$refreshTokenStorage->shouldReceive('associateScope');
$refreshTokenStorage->shouldReceive('delete');
$refreshTokenStorage->shouldReceive('create');
$refreshTokenStorage->shouldReceive('get')->andReturn(
(new RT($server))
);
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
$scopeStorage->shouldReceive('setServer');
$scopeStorage->shouldReceive('get')->andReturn(
(new Scope($server))->setId('foo')
);
$server->setClientStorage($clientStorage);
$server->setScopeStorage($scopeStorage);
$server->setSessionStorage($sessionStorage);
$server->setAccessTokenStorage($accessTokenStorage);
$server->setRefreshTokenStorage($refreshTokenStorage);
$server->addGrantType($grant);
$response = $server->issueAccessToken();
$this->assertTrue(isset($response['access_token']));
$this->assertTrue(isset($response['refresh_token']));
$this->assertTrue(isset($response['token_type']));
$this->assertTrue(isset($response['expires_in']));
$this->assertTrue(isset($response['expires']));
}
function testCompleteFlowRequestScopes()
{
$_POST = [
'grant_type' => 'refresh_token',
'client_id' => 'testapp',
'client_secret' => 'foobar',
'refresh_token' => 'refresh_token',
'scope' => 'foo'
];
$server = new AuthorizationServer;
$grant = new RefreshToken;
$oldSession = (new Session($server))->associateScope((new Scope($server))->setId('foo'));
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new Client($server))->setId('testapp')
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
$sessionStorage->shouldReceive('setServer');
$sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([]);
$sessionStorage->shouldReceive('associateScope');
$sessionStorage->shouldReceive('getByAccessToken')->andReturn(
$oldSession
);
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
$accessTokenStorage->shouldReceive('setServer');
$accessTokenStorage->shouldReceive('getByRefreshToken')->andReturn(
(new AccessToken($server))
);
$accessTokenStorage->shouldReceive('delete');
$accessTokenStorage->shouldReceive('create');
$accessTokenStorage->shouldReceive('getScopes')->andReturn([
(new Scope($server))->setId('foo')
]);
$accessTokenStorage->shouldReceive('associateScope');
$refreshTokenStorage = M::mock('League\OAuth2\Server\Storage\RefreshTokenInterface');
$refreshTokenStorage->shouldReceive('setServer');
$refreshTokenStorage->shouldReceive('associateScope');
$refreshTokenStorage->shouldReceive('delete');
$refreshTokenStorage->shouldReceive('create');
$refreshTokenStorage->shouldReceive('get')->andReturn(
(new RT($server))
);
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
$scopeStorage->shouldReceive('setServer');
$scopeStorage->shouldReceive('get')->andReturn(
(new Scope($server))->setId('foo')
);
$server->setClientStorage($clientStorage);
$server->setScopeStorage($scopeStorage);
$server->setSessionStorage($sessionStorage);
$server->setAccessTokenStorage($accessTokenStorage);
$server->setRefreshTokenStorage($refreshTokenStorage);
$server->addGrantType($grant);
$response = $server->issueAccessToken();
$this->assertTrue(isset($response['access_token']));
$this->assertTrue(isset($response['refresh_token']));
$this->assertTrue(isset($response['token_type']));
$this->assertTrue(isset($response['expires_in']));
$this->assertTrue(isset($response['expires']));
}
function testCompleteFlowRequestScopesInvalid()
{
$_POST = [
'grant_type' => 'refresh_token',
'client_id' => 'testapp',
'client_secret' => 'foobar',
'refresh_token' => 'refresh_token',
'scope' => 'blah'
];
$server = new AuthorizationServer;
$grant = new RefreshToken;
$oldSession = (new Session($server))->associateScope((new Scope($server))->setId('foo'));
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new Client($server))->setId('testapp')
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
$sessionStorage->shouldReceive('setServer');
$sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([]);
$sessionStorage->shouldReceive('associateScope');
$sessionStorage->shouldReceive('getByAccessToken')->andReturn(
$oldSession
);
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
$accessTokenStorage->shouldReceive('setServer');
$accessTokenStorage->shouldReceive('getByRefreshToken')->andReturn(
(new AccessToken($server))
);
$accessTokenStorage->shouldReceive('delete');
$accessTokenStorage->shouldReceive('create');
$accessTokenStorage->shouldReceive('getScopes')->andReturn([
(new Scope($server))->setId('foo')
]);
$accessTokenStorage->shouldReceive('associateScope');
$refreshTokenStorage = M::mock('League\OAuth2\Server\Storage\RefreshTokenInterface');
$refreshTokenStorage->shouldReceive('setServer');
$refreshTokenStorage->shouldReceive('associateScope');
$refreshTokenStorage->shouldReceive('delete');
$refreshTokenStorage->shouldReceive('create');
$refreshTokenStorage->shouldReceive('get')->andReturn(
(new RT($server))
);
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
$scopeStorage->shouldReceive('setServer');
$scopeStorage->shouldReceive('get')->andReturn(
(new Scope($server))->setId('blah')
);
$server->setClientStorage($clientStorage);
$server->setScopeStorage($scopeStorage);
$server->setSessionStorage($sessionStorage);
$server->setAccessTokenStorage($accessTokenStorage);
$server->setRefreshTokenStorage($refreshTokenStorage);
$server->addGrantType($grant);
$this->setExpectedException('League\OAuth2\Server\Exception\ClientException');
$server->issueAccessToken();
}
}