ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2025-01-03 10:41:51 +05:30
Code Issues Packages Projects Releases Wiki Activity

Added AuthCodeGrant tests

Browse Source
This commit is contained in:
Alex Bilbie 2016-02-21 17:08:57 +00:00
parent 2488cbd55d
commit 9675dff220
1 changed files with 412 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

419
tests/Grant/AuthCodeGrantTest.php
View File

@ -23,7 +23,9 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
$this->getMock(AuthCodeRepositoryInterface::class), $this->getMock(AuthCodeRepositoryInterface::class),
$this->getMock(RefreshTokenRepositoryInterface::class), $this->getMock(RefreshTokenRepositoryInterface::class),
$this->getMock(UserRepositoryInterface::class), $this->getMock(UserRepositoryInterface::class),
new \DateInterval('PT10M') new \DateInterval('PT10M'),
'',
''
); );
$this->assertEquals('authorization_code', $grant->getIdentifier()); $this->assertEquals('authorization_code', $grant->getIdentifier());
@ -49,7 +51,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
$cookies = [], $cookies = [],
$queryParams = [ $queryParams = [
'response_type' => 'code', 'response_type' => 'code',
'client_id' => 'foo' 'client_id' => 'foo',
] ]
); );
@ -76,8 +78,8 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
'' ''
); );
$grant->setClientRepository($clientRepositoryMock); $grant->setClientRepository($clientRepositoryMock);
$grant->setPathToPublicKey('file://'.__DIR__.'/../Utils/public.key'); $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
$grant->setPathToPrivateKey('file://'.__DIR__.'/../Utils/private.key'); $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
$request = new ServerRequest( $request = new ServerRequest(
[ [
@ -93,8 +95,187 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
[ [
'oauth_authorize_request' => KeyCrypt::encrypt( 'oauth_authorize_request' => KeyCrypt::encrypt(
json_encode(['user_id' => 123]), json_encode(['user_id' => 123]),
'file://'.__DIR__.'/../Utils/private.key' 'file://' . __DIR__ . '/../Utils/private.key'
) ),
],
[
'response_type' => 'code',
'client_id' => 'foo',
'state' => 'foobar',
],
[
'username' => 'alex',
'password' => 'whisky',
'action' => 'approve',
]
);
$response = $grant->respondToRequest($request, new StubResponseType(), new \DateInterval('PT10M'));
$this->assertTrue($response instanceof ResponseInterface);
$this->assertTrue(strstr($response->getHeader('location')[0], 'http://foo/bar') !== false);
}
public function testRespondToAuthorizationRequestUserDenied()
{
$client = new ClientEntity();
$client->setRedirectUri('http://foo/bar');
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
$userRepositoryMock = $this->getMockBuilder(UserRepositoryInterface::class)->getMock();
$userEntity = new UserEntity();
$userRepositoryMock->method('getUserEntityByUserCredentials')->willReturn($userEntity);
$grant = new AuthCodeGrant(
$this->getMock(AuthCodeRepositoryInterface::class),
$this->getMock(RefreshTokenRepositoryInterface::class),
$userRepositoryMock,
new \DateInterval('PT10M'),
'',
''
);
$grant->setClientRepository($clientRepositoryMock);
$grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
$grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
$request = new ServerRequest(
[
'HTTP_HOST' => 'auth-server.tld',
'REQUEST_URI' => '/authorize',
],
[]
,
null,
'POST',
'php://input',
[],
[
'oauth_authorize_request' => KeyCrypt::encrypt(
json_encode(['user_id' => 123]),
'file://' . __DIR__ . '/../Utils/private.key'
),
],
[
'response_type' => 'code',
'client_id' => 'foo',
'state' => 'foobar',
],
[
'username' => 'alex',
'password' => 'whisky',
'action' => 'denied',
]
);
$response = $grant->respondToRequest($request, new StubResponseType(), new \DateInterval('PT10M'));
$this->assertTrue($response instanceof ResponseInterface);
$this->assertTrue(strstr($response->getHeader('location')[0], 'http://foo/bar') !== false);
$this->assertTrue(strstr($response->getHeader('location')[0], 'access_denied') !== false);
}
/**
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
* @expectedExceptionCode 3
*/
public function testRespondToAuthorizationRequestMissingClientId()
{
$client = new ClientEntity();
$client->setRedirectUri('http://foo/bar');
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
$userRepositoryMock = $this->getMockBuilder(UserRepositoryInterface::class)->getMock();
$userEntity = new UserEntity();
$userRepositoryMock->method('getUserEntityByUserCredentials')->willReturn($userEntity);
$grant = new AuthCodeGrant(
$this->getMock(AuthCodeRepositoryInterface::class),
$this->getMock(RefreshTokenRepositoryInterface::class),
$userRepositoryMock,
new \DateInterval('PT10M'),
'',
''
);
$grant->setClientRepository($clientRepositoryMock);
$grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
$grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
$request = new ServerRequest(
[
'HTTP_HOST' => 'auth-server.tld',
'REQUEST_URI' => '/authorize',
],
[]
,
null,
'POST',
'php://input',
[],
[
'oauth_authorize_request' => KeyCrypt::encrypt(
json_encode(['user_id' => 123]),
'file://' . __DIR__ . '/../Utils/private.key'
),
],
[
'response_type' => 'code',
],
[
'username' => 'alex',
'password' => 'whisky',
'action' => 'approve',
]
);
$response = $grant->respondToRequest($request, new StubResponseType(), new \DateInterval('PT10M'));
$this->assertTrue($response instanceof ResponseInterface);
}
/**
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
* @expectedExceptionCode 4
*/
public function testRespondToAuthorizationRequestBadClient()
{
$client = null;
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
$userRepositoryMock = $this->getMockBuilder(UserRepositoryInterface::class)->getMock();
$userEntity = new UserEntity();
$userRepositoryMock->method('getUserEntityByUserCredentials')->willReturn($userEntity);
$grant = new AuthCodeGrant(
$this->getMock(AuthCodeRepositoryInterface::class),
$this->getMock(RefreshTokenRepositoryInterface::class),
$userRepositoryMock,
new \DateInterval('PT10M'),
'',
''
);
$grant->setClientRepository($clientRepositoryMock);
$grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
$grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
$request = new ServerRequest(
[
'HTTP_HOST' => 'auth-server.tld',
'REQUEST_URI' => '/authorize',
],
[]
,
null,
'POST',
'php://input',
[],
[
'oauth_authorize_request' => KeyCrypt::encrypt(
json_encode(['user_id' => 123]),
'file://' . __DIR__ . '/../Utils/private.key'
),
], ],
[ [
'response_type' => 'code', 'response_type' => 'code',
@ -103,7 +284,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
[ [
'username' => 'alex', 'username' => 'alex',
'password' => 'whisky', 'password' => 'whisky',
'action' => 'approve' 'action' => 'approve',
] ]
); );
@ -111,4 +292,228 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
$this->assertTrue($response instanceof ResponseInterface); $this->assertTrue($response instanceof ResponseInterface);
} }
/**
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
* @expectedExceptionCode 7
*/
public function testRespondToAuthorizationRequestBadCookie()
{
$client = new ClientEntity();
$client->setRedirectUri('http://foo/bar');
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
$userRepositoryMock = $this->getMockBuilder(UserRepositoryInterface::class)->getMock();
$userEntity = new UserEntity();
$userRepositoryMock->method('getUserEntityByUserCredentials')->willReturn($userEntity);
$grant = new AuthCodeGrant(
$this->getMock(AuthCodeRepositoryInterface::class),
$this->getMock(RefreshTokenRepositoryInterface::class),
$userRepositoryMock,
new \DateInterval('PT10M'),
'',
''
);
$grant->setClientRepository($clientRepositoryMock);
$grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
$grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
$request = new ServerRequest(
[
'HTTP_HOST' => 'auth-server.tld',
'REQUEST_URI' => '/authorize',
],
[]
,
null,
'POST',
'php://input',
[],
[
'oauth_authorize_request' => 'blah',
],
[
'response_type' => 'code',
'client_id' => 'foo',
],
[
'username' => 'alex',
'password' => 'whisky',
'action' => 'approve',
]
);
$response = $grant->respondToRequest($request, new StubResponseType(), new \DateInterval('PT10M'));
$this->assertTrue($response instanceof ResponseInterface);
}
public function testRespondToAuthorizationRequestTryLogin()
{
$client = new ClientEntity();
$client->setRedirectUri('http://foo/bar');
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
$userRepositoryMock = $this->getMockBuilder(UserRepositoryInterface::class)->getMock();
$userEntity = new UserEntity();
$userRepositoryMock->method('getUserEntityByUserCredentials')->willReturn($userEntity);
$grant = new AuthCodeGrant(
$this->getMock(AuthCodeRepositoryInterface::class),
$this->getMock(RefreshTokenRepositoryInterface::class),
$userRepositoryMock,
new \DateInterval('PT10M'),
'',
''
);
$grant->setClientRepository($clientRepositoryMock);
$grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
$grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
$request = new ServerRequest(
[
'HTTP_HOST' => 'auth-server.tld',
'REQUEST_URI' => '/authorize',
],
[]
,
null,
'POST',
'php://input',
[],
[
'oauth_authorize_request' => KeyCrypt::encrypt(
json_encode(['user_id' => null]),
'file://' . __DIR__ . '/../Utils/private.key'
),
],
[
'response_type' => 'code',
'client_id' => 'foo',
],
[
'username' => 'alex',
'password' => 'whisky',
'action' => 'approve',
]
);
$response = $grant->respondToRequest($request, new StubResponseType(), new \DateInterval('PT10M'));
$this->assertTrue($response instanceof ResponseInterface);
$this->assertTrue(strstr($response->getHeader('location')[0], 'http://foo/bar') !== false);
}
public function testRespondToAuthorizationRequestShowLoginForm()
{
$client = new ClientEntity();
$client->setRedirectUri('http://foo/bar');
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
$userRepositoryMock = $this->getMockBuilder(UserRepositoryInterface::class)->getMock();
$userEntity = null;
$userRepositoryMock->method('getUserEntityByUserCredentials')->willReturn($userEntity);
$grant = new AuthCodeGrant(
$this->getMock(AuthCodeRepositoryInterface::class),
$this->getMock(RefreshTokenRepositoryInterface::class),
$userRepositoryMock,
new \DateInterval('PT10M')
);
$grant->setClientRepository($clientRepositoryMock);
$grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
$grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
$request = new ServerRequest(
[
'HTTP_HOST' => 'auth-server.tld',
'REQUEST_URI' => '/authorize',
],
[]
,
null,
'POST',
'php://input',
[],
[
'oauth_authorize_request' => KeyCrypt::encrypt(
json_encode(['user_id' => null]),
'file://' . __DIR__ . '/../Utils/private.key'
),
],
[
'response_type' => 'code',
'client_id' => 'foo',
],
[
'username' => 'alex',
'password' => 'whisky',
'action' => 'approve',
]
);
$response = $grant->respondToRequest($request, new StubResponseType(), new \DateInterval('PT10M'));
$this->assertTrue($response instanceof ResponseInterface);
$this->assertTrue(strstr($response->getHeader('content-type')[0], 'text/html') !== false);
$this->assertTrue(strstr($response->getBody()->getContents(), 'Incorrect username or password') !== false);
}
public function testRespondToAuthorizationRequestShowAuthorizeForm()
{
$client = new ClientEntity();
$client->setRedirectUri('http://foo/bar');
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
$userRepositoryMock = $this->getMockBuilder(UserRepositoryInterface::class)->getMock();
$userEntity = new UserEntity();
$userRepositoryMock->method('getUserEntityByUserCredentials')->willReturn($userEntity);
$grant = new AuthCodeGrant(
$this->getMock(AuthCodeRepositoryInterface::class),
$this->getMock(RefreshTokenRepositoryInterface::class),
$userRepositoryMock,
new \DateInterval('PT10M')
);
$grant->setClientRepository($clientRepositoryMock);
$grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
$grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
$request = new ServerRequest(
[
'HTTP_HOST' => 'auth-server.tld',
'REQUEST_URI' => '/authorize',
],
[]
,
null,
'POST',
'php://input',
[],
[
'oauth_authorize_request' => KeyCrypt::encrypt(
json_encode(['user_id' => 123]),
'file://' . __DIR__ . '/../Utils/private.key'
),
],
[
'response_type' => 'code',
'client_id' => 'foo',
],
[
'username' => 'alex',
'password' => 'whisky',
]
);
$response = $grant->respondToRequest($request, new StubResponseType(), new \DateInterval('PT10M'));
$this->assertTrue($response instanceof ResponseInterface);
$this->assertTrue(strstr($response->getHeader('set-cookie')[0], 'oauth_authorize_request') !== false);
}
} }