mirror of
https://github.com/elyby/oauth2-server.git
synced 2024-12-22 21:19:46 +05:30
Updated Refresh Token and Password grants
This commit is contained in:
Alex Bilbie
parent
af06f9f3ea
commit
4e37d9bb61
@ -11,7 +11,7 @@
|
||||
|
||||
namespace League\OAuth2\Server\Grant;
|
||||
|
||||
use League\OAuth2\Server\Authorization;
|
||||
use League\OAuth2\Server\AuthorizationServer;
|
||||
use League\OAuth2\Server\Entity\AccessToken;
|
||||
use League\OAuth2\Server\Entity\Client;
|
||||
use League\OAuth2\Server\Entity\RefreshToken;
|
||||
@ -87,7 +87,7 @@ class Password extends AbstractGrant
|
||||
$clientId = $this->server->getRequest()->request->get('client_id', null);
|
||||
if (is_null($clientId)) {
|
||||
throw new ClientException(
|
||||
sprintf(Authorization::getExceptionMessage('invalid_request'), 'client_id'),
|
||||
sprintf(AuthorizationServer::getExceptionMessage('invalid_request'), 'client_id'),
|
||||
0
|
||||
);
|
||||
}
|
||||
@ -95,7 +95,7 @@ class Password extends AbstractGrant
|
||||
$clientSecret = $this->server->getRequest()->request->get('client_secret', null);
|
||||
if (is_null($clientSecret)) {
|
||||
throw new ClientException(
|
||||
sprintf(Authorization::getExceptionMessage('invalid_request'), 'client_secret'),
|
||||
sprintf(AuthorizationServer::getExceptionMessage('invalid_request'), 'client_secret'),
|
||||
0
|
||||
);
|
||||
}
|
||||
@ -109,13 +109,13 @@ class Password extends AbstractGrant
|
||||
);
|
||||
|
||||
if (($client instanceof Client) === false) {
|
||||
throw new ClientException(Authorization::getExceptionMessage('invalid_client'), 8);
|
||||
throw new ClientException(AuthorizationServer::getExceptionMessage('invalid_client'), 8);
|
||||
}
|
||||
|
||||
$username = $this->server->getRequest()->request->get('username', null);
|
||||
if (is_null($username)) {
|
||||
throw new ClientException(
|
||||
sprintf(Authorization::getExceptionMessage('invalid_request'), 'username'),
|
||||
sprintf(AuthorizationServer::getExceptionMessage('invalid_request'), 'username'),
|
||||
0
|
||||
);
|
||||
}
|
||||
@ -123,7 +123,7 @@ class Password extends AbstractGrant
|
||||
$password = $this->server->getRequest()->request->get('password', null);
|
||||
if (is_null($password)) {
|
||||
throw new ClientException(
|
||||
sprintf(Authorization::getExceptionMessage('invalid_request'), 'password'),
|
||||
sprintf(AuthorizationServer::getExceptionMessage('invalid_request'), 'password'),
|
||||
0
|
||||
);
|
||||
}
|
||||
|
||||
@ -12,7 +12,7 @@
|
||||
namespace League\OAuth2\Server\Grant;
|
||||
|
||||
use League\OAuth2\Server\Request;
|
||||
use League\OAuth2\Server\Authorization;
|
||||
use League\OAuth2\Server\AuthorizationServer;
|
||||
use League\OAuth2\Server\Exception;
|
||||
use League\OAuth2\Server\Util\SecureKey;
|
||||
use League\OAuth2\Server\Storage\SessionInterface;
|
||||
@ -88,7 +88,7 @@ class RefreshToken extends AbstractGrant
|
||||
);
|
||||
|
||||
if ($client === null) {
|
||||
throw new ClientException(Authorization::getExceptionMessage('invalid_client'), 8);
|
||||
throw new ClientException(AuthorizationServer::getExceptionMessage('invalid_client'), 8);
|
||||
}
|
||||
|
||||
$oldRefreshTokenParam = $this->server->getRequest()->request->get('refresh_token', null);
|
||||
@ -122,7 +122,6 @@ class RefreshToken extends AbstractGrant
|
||||
} else {
|
||||
// The OAuth spec says that a refreshed access token can have the original scopes or fewer so ensure
|
||||
// the request doesn't include any new scopes
|
||||
|
||||
foreach ($requestedScopes as $requestedScope) {
|
||||
if (!isset($scopes[$requestedScope->getId()])) {
|
||||
throw new Exception\ClientException(
|
||||
|
||||
474
tests/Grant/PasswordTest.php
Normal file
474
tests/Grant/PasswordTest.php
Normal file
@ -0,0 +1,474 @@
|
||||
<?php
|
||||
|
||||
namespace LeagueTests\Grant;
|
||||
|
||||
use League\OAuth2\Server\Grant\Password;
|
||||
use League\OAuth2\Server\Grant\RefreshToken;
|
||||
use League\OAuth2\Server\Entity\Scope;
|
||||
use League\OAuth2\Server\Entity\Client;
|
||||
use League\OAuth2\Server\AuthorizationServer;
|
||||
use League\OAuth2\Server\Grant\ClientException;
|
||||
use Mockery as M;
|
||||
|
||||
class PasswordTest extends \PHPUnit_Framework_TestCase
|
||||
{
|
||||
function testCompleteFlowMissingClientId()
|
||||
{
|
||||
$this->setExpectedException('League\OAuth2\Server\Exception\ClientException');
|
||||
|
||||
$_POST['grant_type'] = 'password';
|
||||
|
||||
$server = new AuthorizationServer;
|
||||
$grant = new Password;
|
||||
|
||||
$server->addGrantType($grant);
|
||||
$server->issueAccessToken();
|
||||
|
||||
}
|
||||
|
||||
function testCompleteFlowMissingClientSecret()
|
||||
{
|
||||
$this->setExpectedException('League\OAuth2\Server\Exception\ClientException');
|
||||
|
||||
$_POST = [
|
||||
'grant_type' => 'password',
|
||||
'client_id' => 'testapp'
|
||||
];
|
||||
|
||||
$server = new AuthorizationServer;
|
||||
$grant = new Password;
|
||||
|
||||
$server->addGrantType($grant);
|
||||
$server->issueAccessToken();
|
||||
}
|
||||
|
||||
function testCompleteFlowInvalidClient()
|
||||
{
|
||||
$this->setExpectedException('League\OAuth2\Server\Exception\ClientException');
|
||||
|
||||
$_POST = [
|
||||
'grant_type' => 'password',
|
||||
'client_id' => 'testapp',
|
||||
'client_secret' => 'foobar'
|
||||
];
|
||||
|
||||
$server = new AuthorizationServer;
|
||||
$grant = new Password;
|
||||
|
||||
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
|
||||
$clientStorage->shouldReceive('setServer');
|
||||
$clientStorage->shouldReceive('get')->andReturn(null);
|
||||
|
||||
$server->setClientStorage($clientStorage);
|
||||
|
||||
$server->addGrantType($grant);
|
||||
$server->issueAccessToken();
|
||||
}
|
||||
|
||||
function testNoUsername()
|
||||
{
|
||||
$this->setExpectedException('League\OAuth2\Server\Exception\ClientException');
|
||||
|
||||
$_POST = [
|
||||
'grant_type' => 'password',
|
||||
'client_id' => 'testapp',
|
||||
'client_secret' => 'foobar'
|
||||
];
|
||||
|
||||
$server = new AuthorizationServer;
|
||||
$grant = new Password;
|
||||
|
||||
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
|
||||
$clientStorage->shouldReceive('setServer');
|
||||
$clientStorage->shouldReceive('get')->andReturn(
|
||||
(new Client($server))->setId('testapp')
|
||||
);
|
||||
|
||||
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
|
||||
$sessionStorage->shouldReceive('setServer');
|
||||
$sessionStorage->shouldReceive('create');
|
||||
$sessionStorage->shouldReceive('getScopes')->andReturn([]);
|
||||
|
||||
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
|
||||
$accessTokenStorage->shouldReceive('setServer');
|
||||
$accessTokenStorage->shouldReceive('create');
|
||||
$accessTokenStorage->shouldReceive('getScopes')->andReturn([]);
|
||||
|
||||
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
|
||||
$scopeStorage->shouldReceive('setServer');
|
||||
$scopeStorage->shouldReceive('get')->andReturn(null);
|
||||
|
||||
$server->setClientStorage($clientStorage);
|
||||
$server->setScopeStorage($scopeStorage);
|
||||
$server->setSessionStorage($sessionStorage);
|
||||
$server->setAccessTokenStorage($accessTokenStorage);
|
||||
|
||||
$server->addGrantType($grant);
|
||||
$server->issueAccessToken();
|
||||
}
|
||||
|
||||
function testNoPassword()
|
||||
{
|
||||
$this->setExpectedException('League\OAuth2\Server\Exception\ClientException');
|
||||
|
||||
$_POST = [
|
||||
'grant_type' => 'password',
|
||||
'client_id' => 'testapp',
|
||||
'client_secret' => 'foobar',
|
||||
'username' => 'foo'
|
||||
];
|
||||
|
||||
$server = new AuthorizationServer;
|
||||
$grant = new Password;
|
||||
|
||||
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
|
||||
$clientStorage->shouldReceive('setServer');
|
||||
$clientStorage->shouldReceive('get')->andReturn(
|
||||
(new Client($server))->setId('testapp')
|
||||
);
|
||||
|
||||
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
|
||||
$sessionStorage->shouldReceive('setServer');
|
||||
$sessionStorage->shouldReceive('create');
|
||||
$sessionStorage->shouldReceive('getScopes')->andReturn([]);
|
||||
|
||||
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
|
||||
$accessTokenStorage->shouldReceive('setServer');
|
||||
$accessTokenStorage->shouldReceive('create');
|
||||
$accessTokenStorage->shouldReceive('getScopes')->andReturn([]);
|
||||
|
||||
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
|
||||
$scopeStorage->shouldReceive('setServer');
|
||||
$scopeStorage->shouldReceive('get')->andReturn(null);
|
||||
|
||||
$server->setClientStorage($clientStorage);
|
||||
$server->setScopeStorage($scopeStorage);
|
||||
$server->setSessionStorage($sessionStorage);
|
||||
$server->setAccessTokenStorage($accessTokenStorage);
|
||||
|
||||
$server->addGrantType($grant);
|
||||
$server->issueAccessToken();
|
||||
}
|
||||
|
||||
function testNoCallable()
|
||||
{
|
||||
$this->setExpectedException('League\OAuth2\Server\Exception\InvalidGrantTypeException');
|
||||
|
||||
$_POST = [
|
||||
'grant_type' => 'password',
|
||||
'client_id' => 'testapp',
|
||||
'client_secret' => 'foobar',
|
||||
'username' => 'foo',
|
||||
'password' => 'foobar'
|
||||
];
|
||||
|
||||
$server = new AuthorizationServer;
|
||||
$grant = new Password;
|
||||
|
||||
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
|
||||
$clientStorage->shouldReceive('setServer');
|
||||
$clientStorage->shouldReceive('get')->andReturn(
|
||||
(new Client($server))->setId('testapp')
|
||||
);
|
||||
|
||||
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
|
||||
$sessionStorage->shouldReceive('setServer');
|
||||
$sessionStorage->shouldReceive('create');
|
||||
$sessionStorage->shouldReceive('getScopes')->andReturn([]);
|
||||
|
||||
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
|
||||
$accessTokenStorage->shouldReceive('setServer');
|
||||
$accessTokenStorage->shouldReceive('create');
|
||||
$accessTokenStorage->shouldReceive('getScopes')->andReturn([]);
|
||||
|
||||
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
|
||||
$scopeStorage->shouldReceive('setServer');
|
||||
$scopeStorage->shouldReceive('get')->andReturn(null);
|
||||
|
||||
$server->setClientStorage($clientStorage);
|
||||
$server->setScopeStorage($scopeStorage);
|
||||
$server->setSessionStorage($sessionStorage);
|
||||
$server->setAccessTokenStorage($accessTokenStorage);
|
||||
|
||||
$server->addGrantType($grant);
|
||||
$server->issueAccessToken();
|
||||
}
|
||||
|
||||
function testCompleteFlowInvalidScope()
|
||||
{
|
||||
$this->setExpectedException('League\OAuth2\Server\Exception\ClientException');
|
||||
|
||||
$_POST = [
|
||||
'grant_type' => 'password',
|
||||
'client_id' => 'testapp',
|
||||
'client_secret' => 'foobar',
|
||||
'scope' => 'foo'
|
||||
];
|
||||
|
||||
$server = new AuthorizationServer;
|
||||
$grant = new Password;
|
||||
|
||||
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
|
||||
$clientStorage->shouldReceive('setServer');
|
||||
$clientStorage->shouldReceive('get')->andReturn(
|
||||
(new Client($server))->setId('testapp')
|
||||
);
|
||||
|
||||
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
|
||||
$sessionStorage->shouldReceive('setServer');
|
||||
$sessionStorage->shouldReceive('create');
|
||||
$sessionStorage->shouldReceive('getScopes')->andReturn([]);
|
||||
|
||||
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
|
||||
$accessTokenStorage->shouldReceive('setServer');
|
||||
$accessTokenStorage->shouldReceive('create');
|
||||
$accessTokenStorage->shouldReceive('getScopes')->andReturn([]);
|
||||
|
||||
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
|
||||
$scopeStorage->shouldReceive('setServer');
|
||||
$scopeStorage->shouldReceive('get')->andReturn(null);
|
||||
|
||||
$server->setClientStorage($clientStorage);
|
||||
$server->setScopeStorage($scopeStorage);
|
||||
$server->setSessionStorage($sessionStorage);
|
||||
$server->setAccessTokenStorage($accessTokenStorage);
|
||||
$grant->setVerifyCredentialsCallback(function () {
|
||||
return 123;
|
||||
});
|
||||
|
||||
$server->addGrantType($grant);
|
||||
$server->issueAccessToken();
|
||||
}
|
||||
|
||||
function testCompleteFlowNoScopes()
|
||||
{
|
||||
$this->setExpectedException('League\OAuth2\Server\Exception\ClientException');
|
||||
|
||||
$_POST = [
|
||||
'grant_type' => 'password',
|
||||
'client_id' => 'testapp',
|
||||
'client_secret' => 'foobar',
|
||||
'username' => 'username',
|
||||
'password' => 'password'
|
||||
];
|
||||
|
||||
$server = new AuthorizationServer;
|
||||
$grant = new Password;
|
||||
|
||||
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
|
||||
$clientStorage->shouldReceive('setServer');
|
||||
$clientStorage->shouldReceive('get')->andReturn(
|
||||
(new Client($server))->setId('testapp')
|
||||
);
|
||||
|
||||
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
|
||||
$sessionStorage->shouldReceive('setServer');
|
||||
$sessionStorage->shouldReceive('create')->andreturn(123);
|
||||
$sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([]);
|
||||
$sessionStorage->shouldReceive('associateScope');
|
||||
|
||||
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
|
||||
$accessTokenStorage->shouldReceive('setServer');
|
||||
$accessTokenStorage->shouldReceive('create');
|
||||
$accessTokenStorage->shouldReceive('getScopes')->andReturn([]);
|
||||
$accessTokenStorage->shouldReceive('associateScope');
|
||||
|
||||
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
|
||||
$scopeStorage->shouldReceive('setServer');
|
||||
|
||||
$server->setClientStorage($clientStorage);
|
||||
$server->setScopeStorage($scopeStorage);
|
||||
$server->setSessionStorage($sessionStorage);
|
||||
$server->setAccessTokenStorage($accessTokenStorage);
|
||||
$server->requireScopeParam(true);
|
||||
$grant->setVerifyCredentialsCallback(function () {
|
||||
return 123;
|
||||
});
|
||||
|
||||
$server->addGrantType($grant);
|
||||
$server->issueAccessToken();
|
||||
}
|
||||
|
||||
function testCompleteFlowInvalidCredentials()
|
||||
{
|
||||
$this->setExpectedException('League\OAuth2\Server\Exception\ClientException');
|
||||
|
||||
$_POST = [
|
||||
'grant_type' => 'password',
|
||||
'client_id' => 'testapp',
|
||||
'client_secret' => 'foobar',
|
||||
'scope' => 'foo',
|
||||
'username' => 'username',
|
||||
'password' => 'password'
|
||||
];
|
||||
|
||||
$server = new AuthorizationServer;
|
||||
$grant = new Password;
|
||||
|
||||
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
|
||||
$clientStorage->shouldReceive('setServer');
|
||||
$clientStorage->shouldReceive('get')->andReturn(
|
||||
(new Client($server))->setId('testapp')
|
||||
);
|
||||
|
||||
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
|
||||
$sessionStorage->shouldReceive('setServer');
|
||||
$sessionStorage->shouldReceive('create')->andreturn(123);
|
||||
$sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([
|
||||
(new Scope($server))->setId('foo')
|
||||
]);
|
||||
$sessionStorage->shouldReceive('associateScope');
|
||||
|
||||
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
|
||||
$accessTokenStorage->shouldReceive('setServer');
|
||||
$accessTokenStorage->shouldReceive('create');
|
||||
$accessTokenStorage->shouldReceive('getScopes')->andReturn([
|
||||
(new Scope($server))->setId('foo')
|
||||
]);
|
||||
$accessTokenStorage->shouldReceive('associateScope');
|
||||
|
||||
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
|
||||
$scopeStorage->shouldReceive('setServer');
|
||||
$scopeStorage->shouldReceive('get')->andReturn(
|
||||
(new Scope($server))->setId('foo')
|
||||
);
|
||||
|
||||
$server->setClientStorage($clientStorage);
|
||||
$server->setScopeStorage($scopeStorage);
|
||||
$server->setSessionStorage($sessionStorage);
|
||||
$server->setAccessTokenStorage($accessTokenStorage);
|
||||
$grant->setVerifyCredentialsCallback(function () {
|
||||
return false;
|
||||
});
|
||||
|
||||
$server->addGrantType($grant);
|
||||
$server->issueAccessToken();
|
||||
}
|
||||
|
||||
function testCompleteFlow()
|
||||
{
|
||||
$_POST = [
|
||||
'grant_type' => 'password',
|
||||
'client_id' => 'testapp',
|
||||
'client_secret' => 'foobar',
|
||||
'scope' => 'foo',
|
||||
'username' => 'username',
|
||||
'password' => 'password'
|
||||
];
|
||||
|
||||
$server = new AuthorizationServer;
|
||||
$grant = new Password;
|
||||
|
||||
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
|
||||
$clientStorage->shouldReceive('setServer');
|
||||
$clientStorage->shouldReceive('get')->andReturn(
|
||||
(new Client($server))->setId('testapp')
|
||||
);
|
||||
|
||||
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
|
||||
$sessionStorage->shouldReceive('setServer');
|
||||
$sessionStorage->shouldReceive('create')->andreturn(123);
|
||||
$sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([
|
||||
(new Scope($server))->setId('foo')
|
||||
]);
|
||||
$sessionStorage->shouldReceive('associateScope');
|
||||
|
||||
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
|
||||
$accessTokenStorage->shouldReceive('setServer');
|
||||
$accessTokenStorage->shouldReceive('create');
|
||||
$accessTokenStorage->shouldReceive('getScopes')->andReturn([
|
||||
(new Scope($server))->setId('foo')
|
||||
]);
|
||||
$accessTokenStorage->shouldReceive('associateScope');
|
||||
|
||||
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
|
||||
$scopeStorage->shouldReceive('setServer');
|
||||
$scopeStorage->shouldReceive('get')->andReturn(
|
||||
(new Scope($server))->setId('foo')
|
||||
);
|
||||
|
||||
$server->setClientStorage($clientStorage);
|
||||
$server->setScopeStorage($scopeStorage);
|
||||
$server->setSessionStorage($sessionStorage);
|
||||
$server->setAccessTokenStorage($accessTokenStorage);
|
||||
$grant->setVerifyCredentialsCallback(function () {
|
||||
return 123;
|
||||
});
|
||||
|
||||
$server->addGrantType($grant);
|
||||
$response = $server->issueAccessToken();
|
||||
|
||||
$this->assertTrue(isset($response['access_token']));
|
||||
$this->assertTrue(isset($response['token_type']));
|
||||
$this->assertTrue(isset($response['expires_in']));
|
||||
$this->assertTrue(isset($response['expires']));
|
||||
}
|
||||
|
||||
function testCompleteFlowRefreshToken()
|
||||
{
|
||||
$_POST = [
|
||||
'grant_type' => 'password',
|
||||
'client_id' => 'testapp',
|
||||
'client_secret' => 'foobar',
|
||||
'scope' => 'foo',
|
||||
'username' => 'username',
|
||||
'password' => 'password'
|
||||
];
|
||||
|
||||
$server = new AuthorizationServer;
|
||||
$grant = new Password;
|
||||
|
||||
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
|
||||
$clientStorage->shouldReceive('setServer');
|
||||
$clientStorage->shouldReceive('get')->andReturn(
|
||||
(new Client($server))->setId('testapp')
|
||||
);
|
||||
|
||||
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
|
||||
$sessionStorage->shouldReceive('setServer');
|
||||
$sessionStorage->shouldReceive('create')->andreturn(123);
|
||||
$sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([
|
||||
(new Scope($server))->setId('foo')
|
||||
]);
|
||||
$sessionStorage->shouldReceive('associateScope');
|
||||
|
||||
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
|
||||
$accessTokenStorage->shouldReceive('setServer');
|
||||
$accessTokenStorage->shouldReceive('create');
|
||||
$accessTokenStorage->shouldReceive('getScopes')->andReturn([
|
||||
(new Scope($server))->setId('foo')
|
||||
]);
|
||||
$accessTokenStorage->shouldReceive('associateScope');
|
||||
|
||||
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
|
||||
$scopeStorage->shouldReceive('setServer');
|
||||
$scopeStorage->shouldReceive('get')->andReturn(
|
||||
(new Scope($server))->setId('foo')
|
||||
);
|
||||
|
||||
$refreshTokenStorage = M::mock('League\OAuth2\Server\Storage\RefreshTokenInterface');
|
||||
$refreshTokenStorage->shouldReceive('setServer');
|
||||
$refreshTokenStorage->shouldReceive('create');
|
||||
$refreshTokenStorage->shouldReceive('associateScope');
|
||||
|
||||
$server->setClientStorage($clientStorage);
|
||||
$server->setScopeStorage($scopeStorage);
|
||||
$server->setSessionStorage($sessionStorage);
|
||||
$server->setAccessTokenStorage($accessTokenStorage);
|
||||
$server->setRefreshTokenStorage($refreshTokenStorage);
|
||||
|
||||
$grant->setVerifyCredentialsCallback(function () {
|
||||
return 123;
|
||||
});
|
||||
|
||||
$server->addGrantType($grant);
|
||||
$server->addGrantType(new RefreshToken);
|
||||
$response = $server->issueAccessToken();
|
||||
|
||||
$this->assertTrue(isset($response['access_token']));
|
||||
$this->assertTrue(isset($response['refresh_token']));
|
||||
$this->assertTrue(isset($response['token_type']));
|
||||
$this->assertTrue(isset($response['expires_in']));
|
||||
$this->assertTrue(isset($response['expires']));
|
||||
}
|
||||
}
|
||||
359
tests/Grant/RefreshTokenTest.php
Normal file
359
tests/Grant/RefreshTokenTest.php
Normal file
@ -0,0 +1,359 @@
|
||||
<?php
|
||||
|
||||
namespace LeagueTests\Grant;
|
||||
|
||||
use League\OAuth2\Server\Grant\RefreshToken;
|
||||
use League\OAuth2\Server\Entity\Scope;
|
||||
use League\OAuth2\Server\Entity\Client;
|
||||
use League\OAuth2\Server\Entity\AccessToken;
|
||||
use League\OAuth2\Server\Entity\Session;
|
||||
use League\OAuth2\Server\Entity\RefreshToken as RT;
|
||||
use League\OAuth2\Server\AuthorizationServer;
|
||||
use League\OAuth2\Server\Grant\ClientException;
|
||||
use Mockery as M;
|
||||
|
||||
class RefreshTokenTest extends \PHPUnit_Framework_TestCase
|
||||
{
|
||||
function testSetRefreshTokenTTL()
|
||||
{
|
||||
$grant = new RefreshToken;
|
||||
$grant->setRefreshTokenTTL(86400);
|
||||
|
||||
$property = new \ReflectionProperty($grant, 'refreshTokenTTL');
|
||||
$property->setAccessible(true);
|
||||
|
||||
$this->assertEquals(86400, $property->getValue($grant));
|
||||
}
|
||||
|
||||
function testCompleteFlowMissingClientId()
|
||||
{
|
||||
$this->setExpectedException('League\OAuth2\Server\Exception\ClientException');
|
||||
|
||||
$_POST['grant_type'] = 'refresh_token';
|
||||
|
||||
$server = new AuthorizationServer;
|
||||
$grant = new RefreshToken;
|
||||
|
||||
$server->addGrantType($grant);
|
||||
$server->issueAccessToken();
|
||||
}
|
||||
|
||||
function testCompleteFlowMissingClientSecret()
|
||||
{
|
||||
$this->setExpectedException('League\OAuth2\Server\Exception\ClientException');
|
||||
|
||||
$_POST = [
|
||||
'grant_type' => 'refresh_token',
|
||||
'client_id' => 'testapp'
|
||||
];
|
||||
|
||||
$server = new AuthorizationServer;
|
||||
$grant = new RefreshToken;
|
||||
|
||||
$server->addGrantType($grant);
|
||||
$server->issueAccessToken();
|
||||
}
|
||||
|
||||
function testCompleteFlowInvalidClient()
|
||||
{
|
||||
$this->setExpectedException('League\OAuth2\Server\Exception\ClientException');
|
||||
|
||||
$_POST = [
|
||||
'grant_type' => 'refresh_token',
|
||||
'client_id' => 'testapp',
|
||||
'client_secret' => 'foobar'
|
||||
];
|
||||
|
||||
$server = new AuthorizationServer;
|
||||
$grant = new RefreshToken;
|
||||
|
||||
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
|
||||
$clientStorage->shouldReceive('setServer');
|
||||
$clientStorage->shouldReceive('get')->andReturn(null);
|
||||
|
||||
$server->setClientStorage($clientStorage);
|
||||
|
||||
$server->addGrantType($grant);
|
||||
$server->issueAccessToken();
|
||||
}
|
||||
|
||||
function testCompleteFlowMissingRefreshToken()
|
||||
{
|
||||
$this->setExpectedException('League\OAuth2\Server\Exception\ClientException');
|
||||
|
||||
$_POST = [
|
||||
'grant_type' => 'refresh_token',
|
||||
'client_id' => 'testapp',
|
||||
'client_secret' => 'foobar',
|
||||
];
|
||||
|
||||
$server = new AuthorizationServer;
|
||||
$grant = new RefreshToken;
|
||||
|
||||
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
|
||||
$clientStorage->shouldReceive('setServer');
|
||||
$clientStorage->shouldReceive('get')->andReturn(
|
||||
(new Client($server))->setId('testapp')
|
||||
);
|
||||
|
||||
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
|
||||
$sessionStorage->shouldReceive('setServer');
|
||||
|
||||
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
|
||||
$scopeStorage->shouldReceive('setServer');
|
||||
|
||||
$server->setClientStorage($clientStorage);
|
||||
$server->setScopeStorage($scopeStorage);
|
||||
$server->setSessionStorage($sessionStorage);
|
||||
$server->requireScopeParam(true);
|
||||
|
||||
$server->addGrantType($grant);
|
||||
$server->issueAccessToken();
|
||||
}
|
||||
|
||||
function testCompleteFlowInvalidRefreshToken()
|
||||
{
|
||||
$this->setExpectedException('League\OAuth2\Server\Exception\ClientException');
|
||||
|
||||
$_POST = [
|
||||
'grant_type' => 'refresh_token',
|
||||
'client_id' => 'testapp',
|
||||
'client_secret' => 'foobar',
|
||||
'refresh_token' => 'meh'
|
||||
];
|
||||
|
||||
$server = new AuthorizationServer;
|
||||
$grant = new RefreshToken;
|
||||
|
||||
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
|
||||
$clientStorage->shouldReceive('setServer');
|
||||
$clientStorage->shouldReceive('get')->andReturn(
|
||||
(new Client($server))->setId('testapp')
|
||||
);
|
||||
|
||||
$refreshTokenStorage = M::mock('League\OAuth2\Server\Storage\RefreshTokenInterface');
|
||||
$refreshTokenStorage->shouldReceive('get');
|
||||
$refreshTokenStorage->shouldReceive('setServer');
|
||||
|
||||
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
|
||||
$scopeStorage->shouldReceive('setServer');
|
||||
|
||||
$server->setClientStorage($clientStorage);
|
||||
$server->setScopeStorage($scopeStorage);
|
||||
$server->setRefreshTokenStorage($refreshTokenStorage);
|
||||
$server->requireScopeParam(true);
|
||||
|
||||
$server->addGrantType($grant);
|
||||
$server->issueAccessToken();
|
||||
}
|
||||
|
||||
function testCompleteFlowExistingScopes()
|
||||
{
|
||||
$_POST = [
|
||||
'grant_type' => 'refresh_token',
|
||||
'client_id' => 'testapp',
|
||||
'client_secret' => 'foobar',
|
||||
'refresh_token' => 'refresh_token'
|
||||
];
|
||||
|
||||
$server = new AuthorizationServer;
|
||||
$grant = new RefreshToken;
|
||||
|
||||
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
|
||||
$clientStorage->shouldReceive('setServer');
|
||||
$clientStorage->shouldReceive('get')->andReturn(
|
||||
(new Client($server))->setId('testapp')
|
||||
);
|
||||
|
||||
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
|
||||
$sessionStorage->shouldReceive('setServer');
|
||||
$sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([]);
|
||||
$sessionStorage->shouldReceive('associateScope');
|
||||
$sessionStorage->shouldReceive('getByAccessToken')->andReturn(
|
||||
(new Session($server))
|
||||
);
|
||||
|
||||
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
|
||||
$accessTokenStorage->shouldReceive('setServer');
|
||||
$accessTokenStorage->shouldReceive('getByRefreshToken')->andReturn(
|
||||
(new AccessToken($server))
|
||||
);
|
||||
$accessTokenStorage->shouldReceive('delete');
|
||||
$accessTokenStorage->shouldReceive('create');
|
||||
$accessTokenStorage->shouldReceive('getScopes')->andReturn([
|
||||
(new Scope($server))->setId('foo')
|
||||
]);
|
||||
$accessTokenStorage->shouldReceive('associateScope');
|
||||
|
||||
$refreshTokenStorage = M::mock('League\OAuth2\Server\Storage\RefreshTokenInterface');
|
||||
$refreshTokenStorage->shouldReceive('setServer');
|
||||
$refreshTokenStorage->shouldReceive('associateScope');
|
||||
$refreshTokenStorage->shouldReceive('delete');
|
||||
$refreshTokenStorage->shouldReceive('create');
|
||||
$refreshTokenStorage->shouldReceive('get')->andReturn(
|
||||
(new RT($server))
|
||||
);
|
||||
|
||||
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
|
||||
$scopeStorage->shouldReceive('setServer');
|
||||
$scopeStorage->shouldReceive('get')->andReturn(
|
||||
(new Scope($server))->setId('foo')
|
||||
);
|
||||
|
||||
$server->setClientStorage($clientStorage);
|
||||
$server->setScopeStorage($scopeStorage);
|
||||
$server->setSessionStorage($sessionStorage);
|
||||
$server->setAccessTokenStorage($accessTokenStorage);
|
||||
$server->setRefreshTokenStorage($refreshTokenStorage);
|
||||
|
||||
$server->addGrantType($grant);
|
||||
$response = $server->issueAccessToken();
|
||||
|
||||
$this->assertTrue(isset($response['access_token']));
|
||||
$this->assertTrue(isset($response['refresh_token']));
|
||||
$this->assertTrue(isset($response['token_type']));
|
||||
$this->assertTrue(isset($response['expires_in']));
|
||||
$this->assertTrue(isset($response['expires']));
|
||||
}
|
||||
|
||||
function testCompleteFlowRequestScopes()
|
||||
{
|
||||
$_POST = [
|
||||
'grant_type' => 'refresh_token',
|
||||
'client_id' => 'testapp',
|
||||
'client_secret' => 'foobar',
|
||||
'refresh_token' => 'refresh_token',
|
||||
'scope' => 'foo'
|
||||
];
|
||||
|
||||
$server = new AuthorizationServer;
|
||||
$grant = new RefreshToken;
|
||||
|
||||
$oldSession = (new Session($server))->associateScope((new Scope($server))->setId('foo'));
|
||||
|
||||
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
|
||||
$clientStorage->shouldReceive('setServer');
|
||||
$clientStorage->shouldReceive('get')->andReturn(
|
||||
(new Client($server))->setId('testapp')
|
||||
);
|
||||
|
||||
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
|
||||
$sessionStorage->shouldReceive('setServer');
|
||||
$sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([]);
|
||||
$sessionStorage->shouldReceive('associateScope');
|
||||
$sessionStorage->shouldReceive('getByAccessToken')->andReturn(
|
||||
$oldSession
|
||||
);
|
||||
|
||||
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
|
||||
$accessTokenStorage->shouldReceive('setServer');
|
||||
$accessTokenStorage->shouldReceive('getByRefreshToken')->andReturn(
|
||||
(new AccessToken($server))
|
||||
);
|
||||
$accessTokenStorage->shouldReceive('delete');
|
||||
$accessTokenStorage->shouldReceive('create');
|
||||
$accessTokenStorage->shouldReceive('getScopes')->andReturn([
|
||||
(new Scope($server))->setId('foo')
|
||||
]);
|
||||
$accessTokenStorage->shouldReceive('associateScope');
|
||||
|
||||
$refreshTokenStorage = M::mock('League\OAuth2\Server\Storage\RefreshTokenInterface');
|
||||
$refreshTokenStorage->shouldReceive('setServer');
|
||||
$refreshTokenStorage->shouldReceive('associateScope');
|
||||
$refreshTokenStorage->shouldReceive('delete');
|
||||
$refreshTokenStorage->shouldReceive('create');
|
||||
$refreshTokenStorage->shouldReceive('get')->andReturn(
|
||||
(new RT($server))
|
||||
);
|
||||
|
||||
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
|
||||
$scopeStorage->shouldReceive('setServer');
|
||||
$scopeStorage->shouldReceive('get')->andReturn(
|
||||
(new Scope($server))->setId('foo')
|
||||
);
|
||||
|
||||
$server->setClientStorage($clientStorage);
|
||||
$server->setScopeStorage($scopeStorage);
|
||||
$server->setSessionStorage($sessionStorage);
|
||||
$server->setAccessTokenStorage($accessTokenStorage);
|
||||
$server->setRefreshTokenStorage($refreshTokenStorage);
|
||||
|
||||
$server->addGrantType($grant);
|
||||
$response = $server->issueAccessToken();
|
||||
|
||||
$this->assertTrue(isset($response['access_token']));
|
||||
$this->assertTrue(isset($response['refresh_token']));
|
||||
$this->assertTrue(isset($response['token_type']));
|
||||
$this->assertTrue(isset($response['expires_in']));
|
||||
$this->assertTrue(isset($response['expires']));
|
||||
}
|
||||
|
||||
function testCompleteFlowRequestScopesInvalid()
|
||||
{
|
||||
$_POST = [
|
||||
'grant_type' => 'refresh_token',
|
||||
'client_id' => 'testapp',
|
||||
'client_secret' => 'foobar',
|
||||
'refresh_token' => 'refresh_token',
|
||||
'scope' => 'blah'
|
||||
];
|
||||
|
||||
$server = new AuthorizationServer;
|
||||
$grant = new RefreshToken;
|
||||
|
||||
$oldSession = (new Session($server))->associateScope((new Scope($server))->setId('foo'));
|
||||
|
||||
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
|
||||
$clientStorage->shouldReceive('setServer');
|
||||
$clientStorage->shouldReceive('get')->andReturn(
|
||||
(new Client($server))->setId('testapp')
|
||||
);
|
||||
|
||||
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
|
||||
$sessionStorage->shouldReceive('setServer');
|
||||
$sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([]);
|
||||
$sessionStorage->shouldReceive('associateScope');
|
||||
$sessionStorage->shouldReceive('getByAccessToken')->andReturn(
|
||||
$oldSession
|
||||
);
|
||||
|
||||
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
|
||||
$accessTokenStorage->shouldReceive('setServer');
|
||||
$accessTokenStorage->shouldReceive('getByRefreshToken')->andReturn(
|
||||
(new AccessToken($server))
|
||||
);
|
||||
$accessTokenStorage->shouldReceive('delete');
|
||||
$accessTokenStorage->shouldReceive('create');
|
||||
$accessTokenStorage->shouldReceive('getScopes')->andReturn([
|
||||
(new Scope($server))->setId('foo')
|
||||
]);
|
||||
$accessTokenStorage->shouldReceive('associateScope');
|
||||
|
||||
$refreshTokenStorage = M::mock('League\OAuth2\Server\Storage\RefreshTokenInterface');
|
||||
$refreshTokenStorage->shouldReceive('setServer');
|
||||
$refreshTokenStorage->shouldReceive('associateScope');
|
||||
$refreshTokenStorage->shouldReceive('delete');
|
||||
$refreshTokenStorage->shouldReceive('create');
|
||||
$refreshTokenStorage->shouldReceive('get')->andReturn(
|
||||
(new RT($server))
|
||||
);
|
||||
|
||||
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
|
||||
$scopeStorage->shouldReceive('setServer');
|
||||
$scopeStorage->shouldReceive('get')->andReturn(
|
||||
(new Scope($server))->setId('blah')
|
||||
);
|
||||
|
||||
$server->setClientStorage($clientStorage);
|
||||
$server->setScopeStorage($scopeStorage);
|
||||
$server->setSessionStorage($sessionStorage);
|
||||
$server->setAccessTokenStorage($accessTokenStorage);
|
||||
$server->setRefreshTokenStorage($refreshTokenStorage);
|
||||
|
||||
$server->addGrantType($grant);
|
||||
|
||||
$this->setExpectedException('League\OAuth2\Server\Exception\ClientException');
|
||||
|
||||
$server->issueAccessToken();
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue
Block a user