ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2025-01-09 13:27:51 +05:30
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'develop'

Browse Source
This commit is contained in:
Alex Bilbie 2014-07-11 15:27:19 +01:00
commit 6d81c1e57e
11 changed files with 381 additions and 196 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored
View File

@ -2,4 +2,5 @@
/composer.lock /composer.lock
/tests/coverage /tests/coverage
/docs /docs
/testing /testing
build/coverage

27
phpunit.xml
View File

@ -1,27 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<phpunit colors="true" convertNoticesToExceptions="true" convertWarningsToExceptions="true" stopOnError="false" stopOnFailure="false" stopOnIncomplete="false" stopOnSkipped="false" bootstrap="tests/Bootstrap.php">
<testsuites>
<testsuite name="Authorization Server">
<directory suffix="Test.php">tests/authorization</directory>
</testsuite>
<testsuite name="Resource Server">
<directory suffix="Test.php">tests/resource</directory>
</testsuite>
<testsuite name="Utility Methods">
<directory suffix="Test.php">tests/util</directory>
</testsuite>
</testsuites>
<filter>
<blacklist>
<directory suffix=".php">PEAR_INSTALL_DIR</directory>
<directory suffix=".php">PHP_LIBDIR</directory>
<directory suffix=".php">vendor</directory>
<directory suffix=".php">tests</directory>
<directory suffix=".php">testing</directory>
</blacklist>
</filter>
<logging>
<log type="coverage-text" target="php://stdout" title="lncd/OAuth" charset="UTF-8" yui="true" highlight="true" lowUpperBound="60" highLowerBound="99"/>
<log type="coverage-html" target="tests/coverage" title="lncd/OAuth" charset="UTF-8" yui="true" highlight="true" lowUpperBound="60" highLowerBound="99"/>
</logging>
</phpunit>

20
sql/mysql.sql
View File

@ -5,7 +5,7 @@ CREATE TABLE `oauth_clients` (
`auto_approve` TINYINT(1) NOT NULL DEFAULT '0', `auto_approve` TINYINT(1) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`), PRIMARY KEY (`id`),
UNIQUE KEY `u_oacl_clse_clid` (`secret`,`id`) UNIQUE KEY `u_oacl_clse_clid` (`secret`,`id`)
) ENGINE=INNODB DEFAULT CHARSET=utf8; ) ENGINE=INNODB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci;
CREATE TABLE `oauth_client_endpoints` ( CREATE TABLE `oauth_client_endpoints` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT, `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
@ -14,7 +14,7 @@ CREATE TABLE `oauth_client_endpoints` (
PRIMARY KEY (`id`), PRIMARY KEY (`id`),
KEY `i_oaclen_clid` (`client_id`), KEY `i_oaclen_clid` (`client_id`),
CONSTRAINT `f_oaclen_clid` FOREIGN KEY (`client_id`) REFERENCES `oauth_clients` (`id`) ON DELETE CASCADE ON UPDATE CASCADE CONSTRAINT `f_oaclen_clid` FOREIGN KEY (`client_id`) REFERENCES `oauth_clients` (`id`) ON DELETE CASCADE ON UPDATE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8; ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci;
CREATE TABLE `oauth_sessions` ( CREATE TABLE `oauth_sessions` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT, `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
@ -24,7 +24,7 @@ CREATE TABLE `oauth_sessions` (
PRIMARY KEY (`id`), PRIMARY KEY (`id`),
KEY `i_uase_clid_owty_owid` (`client_id`,`owner_type`,`owner_id`), KEY `i_uase_clid_owty_owid` (`client_id`,`owner_type`,`owner_id`),
CONSTRAINT `f_oase_clid` FOREIGN KEY (`client_id`) REFERENCES `oauth_clients` (`id`) ON DELETE CASCADE ON UPDATE CASCADE CONSTRAINT `f_oase_clid` FOREIGN KEY (`client_id`) REFERENCES `oauth_clients` (`id`) ON DELETE CASCADE ON UPDATE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8; ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci;
CREATE TABLE `oauth_session_access_tokens` ( CREATE TABLE `oauth_session_access_tokens` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT, `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
@ -35,7 +35,7 @@ CREATE TABLE `oauth_session_access_tokens` (
UNIQUE KEY `u_oaseacto_acto_seid` (`access_token`,`session_id`), UNIQUE KEY `u_oaseacto_acto_seid` (`access_token`,`session_id`),
KEY `f_oaseto_seid` (`session_id`), KEY `f_oaseto_seid` (`session_id`),
CONSTRAINT `f_oaseto_seid` FOREIGN KEY (`session_id`) REFERENCES `oauth_sessions` (`id`) ON DELETE CASCADE ON UPDATE NO ACTION CONSTRAINT `f_oaseto_seid` FOREIGN KEY (`session_id`) REFERENCES `oauth_sessions` (`id`) ON DELETE CASCADE ON UPDATE NO ACTION
) ENGINE=InnoDB DEFAULT CHARSET=utf8; ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci;
CREATE TABLE `oauth_session_authcodes` ( CREATE TABLE `oauth_session_authcodes` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT, `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
@ -45,14 +45,14 @@ CREATE TABLE `oauth_session_authcodes` (
PRIMARY KEY (`id`), PRIMARY KEY (`id`),
KEY `session_id` (`session_id`), KEY `session_id` (`session_id`),
CONSTRAINT `oauth_session_authcodes_ibfk_1` FOREIGN KEY (`session_id`) REFERENCES `oauth_sessions` (`id`) ON DELETE CASCADE CONSTRAINT `oauth_session_authcodes_ibfk_1` FOREIGN KEY (`session_id`) REFERENCES `oauth_sessions` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8; ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci;
CREATE TABLE `oauth_session_redirects` ( CREATE TABLE `oauth_session_redirects` (
`session_id` int(10) unsigned NOT NULL, `session_id` int(10) unsigned NOT NULL,
`redirect_uri` varchar(255) NOT NULL, `redirect_uri` varchar(255) NOT NULL,
PRIMARY KEY (`session_id`), PRIMARY KEY (`session_id`),
CONSTRAINT `f_oasere_seid` FOREIGN KEY (`session_id`) REFERENCES `oauth_sessions` (`id`) ON DELETE CASCADE ON UPDATE NO ACTION CONSTRAINT `f_oasere_seid` FOREIGN KEY (`session_id`) REFERENCES `oauth_sessions` (`id`) ON DELETE CASCADE ON UPDATE NO ACTION
) ENGINE=InnoDB DEFAULT CHARSET=utf8; ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci;
CREATE TABLE `oauth_session_refresh_tokens` ( CREATE TABLE `oauth_session_refresh_tokens` (
`session_access_token_id` int(10) unsigned NOT NULL, `session_access_token_id` int(10) unsigned NOT NULL,
@ -63,7 +63,7 @@ CREATE TABLE `oauth_session_refresh_tokens` (
KEY `client_id` (`client_id`), KEY `client_id` (`client_id`),
CONSTRAINT `oauth_session_refresh_tokens_ibfk_1` FOREIGN KEY (`client_id`) REFERENCES `oauth_clients` (`id`) ON DELETE CASCADE, CONSTRAINT `oauth_session_refresh_tokens_ibfk_1` FOREIGN KEY (`client_id`) REFERENCES `oauth_clients` (`id`) ON DELETE CASCADE,
CONSTRAINT `f_oasetore_setoid` FOREIGN KEY (`session_access_token_id`) REFERENCES `oauth_session_access_tokens` (`id`) ON DELETE CASCADE ON UPDATE NO ACTION CONSTRAINT `f_oasetore_setoid` FOREIGN KEY (`session_access_token_id`) REFERENCES `oauth_session_access_tokens` (`id`) ON DELETE CASCADE ON UPDATE NO ACTION
) ENGINE=InnoDB DEFAULT CHARSET=utf8; ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci;
CREATE TABLE `oauth_scopes` ( CREATE TABLE `oauth_scopes` (
`id` smallint(5) unsigned NOT NULL AUTO_INCREMENT, `id` smallint(5) unsigned NOT NULL AUTO_INCREMENT,
@ -72,7 +72,7 @@ CREATE TABLE `oauth_scopes` (
`description` varchar(255) DEFAULT NULL, `description` varchar(255) DEFAULT NULL,
PRIMARY KEY (`id`), PRIMARY KEY (`id`),
UNIQUE KEY `u_oasc_sc` (`scope`) UNIQUE KEY `u_oasc_sc` (`scope`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8; ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci;
CREATE TABLE `oauth_session_token_scopes` ( CREATE TABLE `oauth_session_token_scopes` (
`id` bigint(20) unsigned NOT NULL AUTO_INCREMENT, `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT,
@ -83,7 +83,7 @@ CREATE TABLE `oauth_session_token_scopes` (
KEY `f_oasetosc_scid` (`scope_id`), KEY `f_oasetosc_scid` (`scope_id`),
CONSTRAINT `f_oasetosc_scid` FOREIGN KEY (`scope_id`) REFERENCES `oauth_scopes` (`id`) ON DELETE CASCADE ON UPDATE NO ACTION, CONSTRAINT `f_oasetosc_scid` FOREIGN KEY (`scope_id`) REFERENCES `oauth_scopes` (`id`) ON DELETE CASCADE ON UPDATE NO ACTION,
CONSTRAINT `f_oasetosc_setoid` FOREIGN KEY (`session_access_token_id`) REFERENCES `oauth_session_access_tokens` (`id`) ON DELETE CASCADE ON UPDATE NO ACTION CONSTRAINT `f_oasetosc_setoid` FOREIGN KEY (`session_access_token_id`) REFERENCES `oauth_session_access_tokens` (`id`) ON DELETE CASCADE ON UPDATE NO ACTION
) ENGINE=InnoDB DEFAULT CHARSET=utf8; ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci;
CREATE TABLE `oauth_session_authcode_scopes` ( CREATE TABLE `oauth_session_authcode_scopes` (
`oauth_session_authcode_id` int(10) unsigned NOT NULL, `oauth_session_authcode_id` int(10) unsigned NOT NULL,
@ -92,4 +92,4 @@ CREATE TABLE `oauth_session_authcode_scopes` (
KEY `scope_id` (`scope_id`), KEY `scope_id` (`scope_id`),
CONSTRAINT `oauth_session_authcode_scopes_ibfk_2` FOREIGN KEY (`scope_id`) REFERENCES `oauth_scopes` (`id`) ON DELETE CASCADE, CONSTRAINT `oauth_session_authcode_scopes_ibfk_2` FOREIGN KEY (`scope_id`) REFERENCES `oauth_scopes` (`id`) ON DELETE CASCADE,
CONSTRAINT `oauth_session_authcode_scopes_ibfk_1` FOREIGN KEY (`oauth_session_authcode_id`) REFERENCES `oauth_session_authcodes` (`id`) ON DELETE CASCADE CONSTRAINT `oauth_session_authcode_scopes_ibfk_1` FOREIGN KEY (`oauth_session_authcode_id`) REFERENCES `oauth_session_authcodes` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8; ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci;

20
src/League/OAuth2/Server/Exception/InsufficientScopeException.php Normal file
View File

@ -0,0 +1,20 @@
<?php
/**
* OAuth 2.0 Insufficient Scope Exception
*
* @package php-loep/oauth2-server
* @author Woody Gilk <woody@shadowhand.me>
* @copyright Copyright (c) 2014 PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/
namespace League\OAuth2\Server\Exception;
/**
* InsufficientScope Exception
*/
class InsufficientScopeException extends OAuth2Exception
{
}

20
src/League/OAuth2/Server/Exception/MissingAccessTokenException.php Normal file
View File

@ -0,0 +1,20 @@
<?php
/**
* OAuth 2.0 Missing Access Token Exception
*
* @package php-loep/oauth2-server
* @author Woody Gilk <woody@shadowhand.me>
* @copyright Copyright (c) 2014 PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/
namespace League\OAuth2\Server\Exception;
/**
* MissingAccessToken Exception
*/
class MissingAccessTokenException extends OAuth2Exception
{
}

2
src/League/OAuth2/Server/Grant/RefreshToken.php
View File

@ -192,7 +192,7 @@ class RefreshToken implements GrantTypeInterface {
$response = array( $response = array(
'access_token' => $accessToken, 'access_token' => $accessToken,
'token_type' => 'bearer', 'token_type' => 'Bearer',
'expires' => $accessTokenExpires, 'expires' => $accessTokenExpires,
'expires_in' => $accessTokenExpiresIn 'expires_in' => $accessTokenExpiresIn
); );

147
src/League/OAuth2/Server/Resource.php
View File

@ -4,7 +4,8 @@
* *
* @package php-loep/oauth2-server * @package php-loep/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com> * @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages * @author Woody Gilk <woody@shadowhand.me>
* @copyright Copyright (c) 2013-2014 PHP League of Extraordinary Packages
* @license http://mit-license.org/ * @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server * @link http://github.com/php-loep/oauth2-server
*/ */
@ -75,6 +76,117 @@ class Resource
*/ */
protected $clientId = null; protected $clientId = null;
/**
* Exception error codes
* @var array
*/
protected static $exceptionCodes = array(
0 => 'invalid_request',
1 => 'invalid_token',
2 => 'insufficient_scope',
);
/**
* Exception error messages
* @var array
*/
protected static $exceptionMessages = array(
'invalid_request' => 'The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the "%s" parameter.',
'invalid_token' => 'The access token provided is expired, revoked, malformed, or invalid for other reasons.',
'insufficient_scope' => 'The request requires higher privileges than provided by the access token. Required scopes are: %s.',
);
/**
* Exception error HTTP status codes
* @var array
*
* RFC 6750, section 3.1:
* When a request fails, the resource server responds using the
* appropriate HTTP status code (typically, 400, 401, 403, or 405) and
* includes one of the following error codes in the response:
*/
protected static $exceptionHttpStatusCodes = array(
'invalid_request' => 400,
'invalid_token' => 401,
'insufficient_scope' => 403,
);
/**
* Get an exception message
*
* @param string $error The error message key
* @return string The error message
*/
public static function getExceptionMessage($error = '')
{
return self::$exceptionMessages[$error];
}
/**
* Get an exception code
*
* @param integer $code The exception code
* @return string The exception code type
*/
public static function getExceptionType($code = 0)
{
return self::$exceptionCodes[$code];
}
/**
* Get all headers that have to be send with the error response
*
* @param string $error The error message key
* @return array Array with header values
*/
public static function getExceptionHttpHeaders($error)
{
$headers = array();
switch (self::$exceptionHttpStatusCodes[$error]) {
case 401:
$headers[] = 'HTTP/1.1 401 Unauthorized';
break;
case 403:
$headers[] = 'HTTP/1.1 403 Forbidden';
break;
case 400:
default:
$headers[] = 'HTTP/1.1 400 Bad Request';
}
// Add "WWW-Authenticate" header
//
// RFC 6749, section 5.2.:
// "If the client attempted to authenticate via the 'Authorization'
// request header field, the authorization server MUST
// respond with an HTTP 401 (Unauthorized) status code and
// include the "WWW-Authenticate" response header field
// matching the authentication scheme used by the client.
// @codeCoverageIgnoreStart
if ($error === 'insufficient_scope') {
$authScheme = null;
$request = new Request();
if ($request->server('PHP_AUTH_USER') !== null) {
$authScheme = 'Basic';
} else {
$authHeader = $request->header('Authorization');
if ($authHeader !== null) {
if (strpos($authHeader, 'Bearer') === 0) {
$authScheme = 'Bearer';
} elseif (strpos($authHeader, 'Basic') === 0) {
$authScheme = 'Basic';
}
}
}
if ($authScheme !== null) {
$headers[] = 'WWW-Authenticate: '.$authScheme.' realm=""';
}
}
// @codeCoverageIgnoreEnd
return $headers;
}
/** /**
* Sets up the Resource * Sets up the Resource
* *
@ -186,7 +298,7 @@ class Resource
$result = $this->storages['session']->validateAccessToken($accessToken); $result = $this->storages['session']->validateAccessToken($accessToken);
if (! $result) { if (! $result) {
throw new Exception\InvalidAccessTokenException('Access token is not valid'); throw new Exception\InvalidAccessTokenException(self::$exceptionMessages['invalid_token'], 1);
} }
$this->accessToken = $accessToken; $this->accessToken = $accessToken;
@ -216,25 +328,26 @@ class Resource
* Checks if the presented access token has the given scope(s). * Checks if the presented access token has the given scope(s).
* *
* @param array|string An array of scopes or a single scope as a string * @param array|string An array of scopes or a single scope as a string
* @param bool If scopes are required, missing scope will trigger an exception
* @throws Exception\InsufficientScopeException Thrown if the any of the given scopes are not in the session
* @return bool Returns bool if all scopes are found, false if any fail * @return bool Returns bool if all scopes are found, false if any fail
*/ */
public function hasScope($scopes) public function hasScope($scopes, $required = false)
{ {
if (is_string($scopes)) { if (!is_array($scopes)) {
if (in_array($scopes, $this->sessionScopes)) { $scopes = array($scopes);
return true;
}
return false;
} elseif (is_array($scopes)) {
foreach ($scopes as $scope) {
if (! in_array($scope, $this->sessionScopes)) {
return false;
}
}
return true;
} }
return false; $missing = array_diff($scopes, $this->sessionScopes);
if ($missing) {
if ($required) {
$missing = implode(', ', $missing);
throw new Exception\InsufficientScopeException(sprintf(self::$exceptionMessages['insufficient_scope'], $missing), 3);
}
return false;
}
return true;
} }
/** /**
@ -274,7 +387,7 @@ class Resource
} }
if (empty($accessToken)) { if (empty($accessToken)) {
throw new Exception\InvalidAccessTokenException('Access token is missing'); throw new Exception\MissingAccessTokenException(self::$exceptionMessages['invalid_request'], 0);
} }
return $accessToken; return $accessToken;

158
tests/resource/ResourceServerTest.php
View File

@ -4,19 +4,45 @@ use \Mockery as m;
class Resource_Server_test extends PHPUnit_Framework_TestCase class Resource_Server_test extends PHPUnit_Framework_TestCase
{ {
private $session; private $session;
public function setUp() public function setUp()
{ {
$this->session = M::mock('League\OAuth2\Server\Storage\SessionInterface'); $this->session = M::mock('League\OAuth2\Server\Storage\SessionInterface');
} }
private function returnDefault() private function returnDefault()
{ {
return new League\OAuth2\Server\Resource($this->session); return new League\OAuth2\Server\Resource($this->session);
} }
public function test_setRequest() public function test_getExceptionMessage()
{
$m = League\OAuth2\Server\Resource::getExceptionMessage('invalid_request');
$reflector = new ReflectionClass($this->returnDefault());
$exceptionMessages = $reflector->getProperty('exceptionMessages');
$exceptionMessages->setAccessible(true);
$v = $exceptionMessages->getValue();
$this->assertEquals($v['invalid_request'], $m);
}
public function test_getExceptionCode()
{
$this->assertEquals('invalid_request', League\OAuth2\Server\Resource::getExceptionType(0));
$this->assertEquals('invalid_token', League\OAuth2\Server\Resource::getExceptionType(1));
$this->assertEquals('insufficient_scope', League\OAuth2\Server\Resource::getExceptionType(2));
}
public function test_getExceptionHttpHeaders()
{
$this->assertEquals(array('HTTP/1.1 400 Bad Request'), League\OAuth2\Server\Resource::getExceptionHttpHeaders('invalid_request'));
$this->assertEquals(array('HTTP/1.1 401 Unauthorized'), League\OAuth2\Server\Resource::getExceptionHttpHeaders('invalid_token'));
$this->assertContains('HTTP/1.1 403 Forbidden', League\OAuth2\Server\Resource::getExceptionHttpHeaders('insufficient_scope'));
}
public function test_setRequest()
{ {
$s = $this->returnDefault(); $s = $this->returnDefault();
$request = new League\OAuth2\Server\Util\Request(); $request = new League\OAuth2\Server\Util\Request();
@ -49,7 +75,7 @@ class Resource_Server_test extends PHPUnit_Framework_TestCase
public function test_setTokenKey() public function test_setTokenKey()
{ {
$s = $this->returnDefault(); $s = $this->returnDefault();
$s->setTokenKey('oauth_token'); $s->setTokenKey('oauth_token');
$reflector = new ReflectionClass($s); $reflector = new ReflectionClass($s);
$requestProperty = $reflector->getProperty('tokenKey'); $requestProperty = $reflector->getProperty('tokenKey');
@ -66,25 +92,25 @@ class Resource_Server_test extends PHPUnit_Framework_TestCase
} }
/** /**
* @expectedException League\OAuth2\Server\Exception\InvalidAccessTokenException * @expectedException League\OAuth2\Server\Exception\MissingAccessTokenException
*/ */
public function test_determineAccessToken_missingToken() public function test_determineAccessToken_missingToken()
{ {
$_SERVER['HTTP_AUTHORIZATION'] = 'Bearer'; $_SERVER['HTTP_AUTHORIZATION'] = 'Bearer';
$request = new League\OAuth2\Server\Util\Request(array(), array(), array(), array(), $_SERVER); $request = new League\OAuth2\Server\Util\Request(array(), array(), array(), array(), $_SERVER);
$s = $this->returnDefault(); $s = $this->returnDefault();
$s->setRequest($request); $s->setRequest($request);
$reflector = new ReflectionClass($s); $reflector = new ReflectionClass($s);
$method = $reflector->getMethod('determineAccessToken'); $method = $reflector->getMethod('determineAccessToken');
$method->setAccessible(true); $method->setAccessible(true);
$method->invoke($s); $method->invoke($s);
} }
/** /**
* @expectedException League\OAuth2\Server\Exception\InvalidAccessTokenException * @expectedException League\OAuth2\Server\Exception\MissingAccessTokenException
*/ */
public function test_determineAccessToken_brokenCurlRequest() public function test_determineAccessToken_brokenCurlRequest()
{ {
@ -114,14 +140,14 @@ class Resource_Server_test extends PHPUnit_Framework_TestCase
$s = $this->returnDefault(); $s = $this->returnDefault();
$s->setRequest($request); $s->setRequest($request);
$reflector = new ReflectionClass($s); $reflector = new ReflectionClass($s);
$method = $reflector->getMethod('determineAccessToken'); $method = $reflector->getMethod('determineAccessToken');
$method->setAccessible(true); $method->setAccessible(true);
$result = $method->invoke($s); $result = $method->invoke($s);
$this->assertEquals('abcdef', $result); $this->assertEquals('abcdef', $result);
} }
public function test_determineAccessToken_fromBrokenCurlHeader() public function test_determineAccessToken_fromBrokenCurlHeader()
@ -149,21 +175,54 @@ class Resource_Server_test extends PHPUnit_Framework_TestCase
public function test_determineAccessToken_fromMethod() public function test_determineAccessToken_fromMethod()
{ {
$s = $this->returnDefault(); $s = $this->returnDefault();
$_GET[$s->getTokenKey()] = 'abcdef'; $_GET[$s->getTokenKey()] = 'abcdef';
$_SERVER['REQUEST_METHOD'] = 'get'; $_SERVER['REQUEST_METHOD'] = 'get';
$request = new League\OAuth2\Server\Util\Request($_GET, array(), array(), array(), $_SERVER); $request = new League\OAuth2\Server\Util\Request($_GET, array(), array(), array(), $_SERVER);
$s->setRequest($request); $s->setRequest($request);
$reflector = new ReflectionClass($s); $reflector = new ReflectionClass($s);
$method = $reflector->getMethod('determineAccessToken'); $method = $reflector->getMethod('determineAccessToken');
$method->setAccessible(true); $method->setAccessible(true);
$result = $method->invoke($s); $result = $method->invoke($s);
$this->assertEquals('abcdef', $result); $this->assertEquals('abcdef', $result);
}
public function test_hasScope_isRequired()
{
$s = $this->returnDefault();
$reflector = new ReflectionClass($s);
$param = $reflector->getProperty('sessionScopes');
$param->setAccessible(true);
$param->setValue($s, array(
'a', 'b', 'c'
));
$result = $s->hasScope(array('a', 'b'), true);
$this->assertEquals(true, $result);
}
/**
* @expectedException League\OAuth2\Server\Exception\InsufficientScopeException
*/
public function test_hasScope_isRequiredFailure()
{
$s = $this->returnDefault();
$reflector = new ReflectionClass($s);
$param = $reflector->getProperty('sessionScopes');
$param->setAccessible(true);
$param->setValue($s, array(
'a', 'b', 'c'
));
$s->hasScope('d', true);
} }
/** /**
@ -171,9 +230,9 @@ class Resource_Server_test extends PHPUnit_Framework_TestCase
*/ */
public function test_isValid_notValid() public function test_isValid_notValid()
{ {
$this->session->shouldReceive('validateAccessToken')->andReturn(false); $this->session->shouldReceive('validateAccessToken')->andReturn(false);
$request = new League\OAuth2\Server\Util\Request(); $request = new League\OAuth2\Server\Util\Request();
$requestReflector = new ReflectionClass($request); $requestReflector = new ReflectionClass($request);
$param = $requestReflector->getProperty('headers'); $param = $requestReflector->getProperty('headers');
$param->setAccessible(true); $param->setAccessible(true);
@ -188,19 +247,19 @@ class Resource_Server_test extends PHPUnit_Framework_TestCase
public function test_isValid_valid() public function test_isValid_valid()
{ {
$this->session->shouldReceive('validateAccessToken')->andReturn(array( $this->session->shouldReceive('validateAccessToken')->andReturn(array(
'session_id' => 1, 'session_id' => 1,
'owner_type' => 'user', 'owner_type' => 'user',
'owner_id' => 123, 'owner_id' => 123,
'client_id' => 'testapp' 'client_id' => 'testapp'
)); ));
$this->session->shouldReceive('getScopes')->andReturn(array( $this->session->shouldReceive('getScopes')->andReturn(array(
array('scope' => 'foo'), array('scope' => 'foo'),
array('scope' => 'bar') array('scope' => 'bar')
)); ));
$request = new League\OAuth2\Server\Util\Request(); $request = new League\OAuth2\Server\Util\Request();
$requestReflector = new ReflectionClass($request); $requestReflector = new ReflectionClass($request);
$param = $requestReflector->getProperty('headers'); $param = $requestReflector->getProperty('headers');
$param->setAccessible(true); $param->setAccessible(true);
@ -211,16 +270,15 @@ class Resource_Server_test extends PHPUnit_Framework_TestCase
$s = $this->returnDefault(); $s = $this->returnDefault();
$s->setRequest($request); $s->setRequest($request);
$this->assertTrue($s->isValid()); $this->assertTrue($s->isValid());
$this->assertEquals(123, $s->getOwnerId()); $this->assertEquals(123, $s->getOwnerId());
$this->assertEquals('user', $s->getOwnerType()); $this->assertEquals('user', $s->getOwnerType());
$this->assertEquals('abcdef', $s->getAccessToken()); $this->assertEquals('abcdef', $s->getAccessToken());
$this->assertEquals('testapp', $s->getClientId()); $this->assertEquals('testapp', $s->getClientId());
$this->assertTrue($s->hasScope('foo')); $this->assertTrue($s->hasScope('foo'));
$this->assertTrue($s->hasScope('bar')); $this->assertTrue($s->hasScope('bar'));
$this->assertTrue($s->hasScope(array('foo', 'bar'))); $this->assertTrue($s->hasScope(array('foo', 'bar')));
$this->assertFalse($s->hasScope(array('foobar'))); $this->assertFalse($s->hasScope(array('foobar')));
$this->assertFalse($s->hasScope('foobar')); $this->assertFalse($s->hasScope('foobar'));
$this->assertFalse($s->hasScope(new StdClass));
} }
} }

20
tests/util/RedirectUriTest.php
View File

@ -2,14 +2,14 @@
class RedirectUri_test extends PHPUnit_Framework_TestCase class RedirectUri_test extends PHPUnit_Framework_TestCase
{ {
function test_make() function test_make()
{ {
$v1 = League\OAuth2\Server\Util\RedirectUri::make('https://foobar/', array('foo'=>'bar')); $v1 = League\OAuth2\Server\Util\RedirectUri::make('https://foobar/', array('foo'=>'bar'));
$v2 = League\OAuth2\Server\Util\RedirectUri::make('https://foobar/', array('foo'=>'bar'), '#'); $v2 = League\OAuth2\Server\Util\RedirectUri::make('https://foobar/', array('foo'=>'bar'), '#');
$v3 = League\OAuth2\Server\Util\RedirectUri::make('https://foobar/', array('foo'=>'bar', 'bar' => 'foo')); $v3 = League\OAuth2\Server\Util\RedirectUri::make('https://foobar/', array('foo'=>'bar', 'bar' => 'foo'));
$this->assertEquals('https://foobar/?foo=bar', $v1); $this->assertEquals('https://foobar/?foo=bar', $v1);
$this->assertEquals('https://foobar/#foo=bar', $v2); $this->assertEquals('https://foobar/#foo=bar', $v2);
$this->assertEquals('https://foobar/?foo=bar&bar=foo', $v3); $this->assertEquals('https://foobar/?foo=bar&bar=foo', $v3);
} }
} }

140
tests/util/RequestTest.php
View File

@ -2,86 +2,86 @@
class Request_test extends PHPUnit_Framework_TestCase class Request_test extends PHPUnit_Framework_TestCase
{ {
private $request; private $request;
function setUp() function setUp()
{ {
$this->request = new League\OAuth2\Server\Util\Request( $this->request = new League\OAuth2\Server\Util\Request(
array('foo' => 'bar'), array('foo' => 'bar'),
array('foo' => 'bar'), array('foo' => 'bar'),
array('foo' => 'bar'), array('foo' => 'bar'),
array('foo' => 'bar'), array('foo' => 'bar'),
array('HTTP_HOST' => 'foobar.com') array('HTTP_HOST' => 'foobar.com')
); );
} }
function test_buildFromIndex() function test_buildFromIndex()
{ {
$r = new League\OAuth2\Server\Util\Request(); $r = new League\OAuth2\Server\Util\Request();
$r->buildFromGlobals(); $r->buildFromGlobals();
$this->assertTrue($r instanceof League\OAuth2\Server\Util\Request); $this->assertTrue($r instanceof League\OAuth2\Server\Util\Request);
} }
function test_get() function test_get()
{ {
$this->assertEquals('bar', $this->request->get('foo')); $this->assertEquals('bar', $this->request->get('foo'));
$this->assertEquals(array('foo' => 'bar'), $this->request->get()); $this->assertEquals(array('foo' => 'bar'), $this->request->get());
} }
function test_post() function test_post()
{ {
$this->assertEquals('bar', $this->request->post('foo')); $this->assertEquals('bar', $this->request->post('foo'));
$this->assertEquals(array('foo' => 'bar'), $this->request->post()); $this->assertEquals(array('foo' => 'bar'), $this->request->post());
} }
function test_file() function test_file()
{ {
$this->assertEquals('bar', $this->request->file('foo')); $this->assertEquals('bar', $this->request->file('foo'));
$this->assertEquals(array('foo' => 'bar'), $this->request->file()); $this->assertEquals(array('foo' => 'bar'), $this->request->file());
} }
function test_cookie() function test_cookie()
{ {
$this->assertEquals('bar', $this->request->cookie('foo')); $this->assertEquals('bar', $this->request->cookie('foo'));
$this->assertEquals(array('foo' => 'bar'), $this->request->cookie()); $this->assertEquals(array('foo' => 'bar'), $this->request->cookie());
} }
function test_server() function test_server()
{ {
$this->assertEquals('foobar.com', $this->request->server('HTTP_HOST')); $this->assertEquals('foobar.com', $this->request->server('HTTP_HOST'));
$this->assertEquals(array('HTTP_HOST' => 'foobar.com'), $this->request->server()); $this->assertEquals(array('HTTP_HOST' => 'foobar.com'), $this->request->server());
} }
function test_header() function test_header()
{ {
$this->assertEquals('foobar.com', $this->request->header('Host')); $this->assertEquals('foobar.com', $this->request->header('Host'));
$this->assertEquals(array('Host' => 'foobar.com'), $this->request->header()); $this->assertEquals(array('Host' => 'foobar.com'), $this->request->header());
} }
function test_canonical_header() function test_canonical_header()
{ {
$request = new League\OAuth2\Server\Util\Request( $request = new League\OAuth2\Server\Util\Request(
array('foo' => 'bar'), array('foo' => 'bar'),
array('foo' => 'bar'), array('foo' => 'bar'),
array('foo' => 'bar'), array('foo' => 'bar'),
array('foo' => 'bar'), array('foo' => 'bar'),
array('HTTP_HOST' => 'foobar.com'), array('HTTP_HOST' => 'foobar.com'),
array('authorization' => 'Bearer ajdfkljadslfjasdlkj') array('authorization' => 'Bearer ajdfkljadslfjasdlkj')
); );
$this->assertEquals('Bearer ajdfkljadslfjasdlkj', $request->header('Authorization')); $this->assertEquals('Bearer ajdfkljadslfjasdlkj', $request->header('Authorization'));
} }
/** /**
* @expectedException InvalidArgumentException * @expectedException InvalidArgumentException
*/ */
function test_unknownProperty() function test_unknownProperty()
{ {
$reflector = new ReflectionClass($this->request); $reflector = new ReflectionClass($this->request);
$method = $reflector->getMethod('getPropertyValue'); $method = $reflector->getMethod('getPropertyValue');
$method->setAccessible(true); $method->setAccessible(true);
$method->invoke($this->request, 'blah'); $method->invoke($this->request, 'blah');
} }
} }

20
tests/util/SecureKeyTest.php
View File

@ -2,16 +2,16 @@
class Secure_Key_test extends PHPUnit_Framework_TestCase class Secure_Key_test extends PHPUnit_Framework_TestCase
{ {
function test_make() function test_make()
{ {
$v1 = League\OAuth2\Server\Util\SecureKey::make(); $v1 = League\OAuth2\Server\Util\SecureKey::make();
$v2 = League\OAuth2\Server\Util\SecureKey::make(); $v2 = League\OAuth2\Server\Util\SecureKey::make();
$v3 = League\OAuth2\Server\Util\SecureKey::make(50); $v3 = League\OAuth2\Server\Util\SecureKey::make(50);
$this->assertEquals(40, strlen($v1)); $this->assertEquals(40, strlen($v1));
$this->assertTrue($v1 !== $v2); $this->assertTrue($v1 !== $v2);
$this->assertEquals(50, strlen($v3)); $this->assertEquals(50, strlen($v3));
} }
public function test_make_with_different_algorithm() public function test_make_with_different_algorithm()
{ {
@ -29,4 +29,4 @@ class Secure_Key_test extends PHPUnit_Framework_TestCase
$this->assertSame($algorithm, League\OAuth2\Server\Util\SecureKey::getAlgorithm()); $this->assertSame($algorithm, League\OAuth2\Server\Util\SecureKey::getAlgorithm());
$this->assertEquals($result, League\OAuth2\Server\Util\SecureKey::make(11)); $this->assertEquals($result, League\OAuth2\Server\Util\SecureKey::make(11));
} }
} }