From 890fdeba160fa37c1d2603db688c720dde5081bd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Juli=C3=A1n=20Guti=C3=A9rrez?= <juliangut@gmail.com>
Date: Thu, 17 Mar 2016 21:18:28 +0100
Subject: [PATCH 1/5] CryptTrait tests

---
 src/Entities/AccessTokenEntity.php            |   6 +-
 .../Interfaces/AccessTokenEntityInterface.php |   4 +-
 src/Grant/GrantTypeInterface.php              |   8 +-
 tests/CryptTraitTest.php                      |  46 +++++++
 tests/Grant/AbstractGrantTest.php             |   4 +-
 tests/Grant/AuthCodeGrantTest.php             | 124 ++++++++++--------
 tests/Grant/ImplicitGrantTest.php             |  67 ++++++----
 tests/Grant/RefreshTokenGrantTest.php         |  67 ++++++----
 .../ResponseTypes/BearerResponseTypeTest.php  |  20 +--
 tests/Stubs/CryptTraitStub.php                |  26 ++++
 tests/{Utils => Stubs}/private.key            |   0
 tests/{Utils => Stubs}/public.key             |   0
 tests/Utils/KeyCryptTest.php                  |  34 -----
 13 files changed, 236 insertions(+), 170 deletions(-)
 create mode 100644 tests/CryptTraitTest.php
 create mode 100644 tests/Stubs/CryptTraitStub.php
 rename tests/{Utils => Stubs}/private.key (100%)
 rename tests/{Utils => Stubs}/public.key (100%)
 delete mode 100644 tests/Utils/KeyCryptTest.php

diff --git a/src/Entities/AccessTokenEntity.php b/src/Entities/AccessTokenEntity.php
index fc31a9fd..5b4b34a1 100644
--- a/src/Entities/AccessTokenEntity.php
+++ b/src/Entities/AccessTokenEntity.php
@@ -16,11 +16,11 @@ class AccessTokenEntity implements AccessTokenEntityInterface
     /**
      * Generate a JWT from the access token
      *
-     * @param string $pathToPrivateKey
+     * @param string $privateKeyPath
      *
      * @return string
      */
-    public function convertToJWT($pathToPrivateKey)
+    public function convertToJWT($privateKeyPath)
     {
         return (new Builder())
             ->setAudience($this->getClient()->getIdentifier())
@@ -30,7 +30,7 @@ class AccessTokenEntity implements AccessTokenEntityInterface
             ->setExpiration($this->getExpiryDateTime()->getTimestamp())
             ->setSubject($this->getUserIdentifier())
             ->set('scopes', $this->getScopes())
-            ->sign(new Sha256(), new Key($pathToPrivateKey))
+            ->sign(new Sha256(), new Key($privateKeyPath))
             ->getToken();
     }
 }
diff --git a/src/Entities/Interfaces/AccessTokenEntityInterface.php b/src/Entities/Interfaces/AccessTokenEntityInterface.php
index 884c0187..86ad1107 100644
--- a/src/Entities/Interfaces/AccessTokenEntityInterface.php
+++ b/src/Entities/Interfaces/AccessTokenEntityInterface.php
@@ -7,9 +7,9 @@ interface AccessTokenEntityInterface extends TokenInterface
     /**
      * Generate a JWT from the access token
      *
-     * @param string $pathToPrivateKey
+     * @param string $privateKeyPath
      *
      * @return string
      */
-    public function convertToJWT($pathToPrivateKey);
+    public function convertToJWT($privateKeyPath);
 }
diff --git a/src/Grant/GrantTypeInterface.php b/src/Grant/GrantTypeInterface.php
index 8e7572c2..cb60bf90 100644
--- a/src/Grant/GrantTypeInterface.php
+++ b/src/Grant/GrantTypeInterface.php
@@ -89,14 +89,14 @@ interface GrantTypeInterface extends EmitterAwareInterface
     /**
      * Set the path to the private key.
      *
-     * @param string $pathToPrivateKey
+     * @param string $privateKeyPath
      */
-    public function setPrivateKeyPath($pathToPrivateKey);
+    public function setPrivateKeyPath($privateKeyPath);
 
     /**
      * Set the path to the public key.
      *
-     * @param string $pathToPublicKey
+     * @param string $publicKeyPath
      */
-    public function setPublicKeyPath($pathToPublicKey);
+    public function setPublicKeyPath($publicKeyPath);
 }
diff --git a/tests/CryptTraitTest.php b/tests/CryptTraitTest.php
new file mode 100644
index 00000000..fad2fdcf
--- /dev/null
+++ b/tests/CryptTraitTest.php
@@ -0,0 +1,46 @@
+<?php
+
+namespace LeagueTests\Utils;
+
+use LeagueTests\Stubs\CryptTraitStub;
+
+class CryptTraitTest extends \PHPUnit_Framework_TestCase
+{
+    /**
+     * CryptTrait stub
+     */
+    protected $cryptStub;
+
+    public function setUp()
+    {
+        $this->cryptStub = new CryptTraitStub;
+    }
+
+    public function testEncryptDecrypt()
+    {
+        $payload = 'alex loves whisky';
+        $encrypted = $this->cryptStub->doEncrypt($payload);
+        $plainText = $this->cryptStub->doDecrypt($encrypted);
+
+        $this->assertNotEquals($payload, $encrypted);
+        $this->assertEquals($payload, $plainText);
+    }
+
+    /**
+     * @expectedException \LogicException
+     */
+    public function testBadPrivateKey()
+    {
+        $this->cryptStub->setPrivateKeyPath(__DIR__ . '/Stubs/public.key');
+        $this->cryptStub->doEncrypt('');
+    }
+
+    /**
+     * @expectedException \LogicException
+     */
+    public function testBadPublicKey()
+    {
+        $this->cryptStub->setPublicKeyPath(__DIR__ . '/Stubs/private.key');
+        $this->cryptStub->doDecrypt('');
+    }
+}
diff --git a/tests/Grant/AbstractGrantTest.php b/tests/Grant/AbstractGrantTest.php
index 4820e3a2..5e71bdf7 100644
--- a/tests/Grant/AbstractGrantTest.php
+++ b/tests/Grant/AbstractGrantTest.php
@@ -23,8 +23,8 @@ class AbstractGrantTest extends \PHPUnit_Framework_TestCase
     {
         /** @var AbstractGrant $grantMock */
         $grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
-        $grantMock->setPathToPrivateKey('./private.key');
-        $grantMock->setPathToPublicKey('./public.key');
+        $grantMock->setPrivateKeyPath('./private.key');
+        $grantMock->setPublicKeyPath('./public.key');
         $grantMock->setEmitter(new Emitter());
     }
 
diff --git a/tests/Grant/AuthCodeGrantTest.php b/tests/Grant/AuthCodeGrantTest.php
index 54973d8e..31cd2f53 100644
--- a/tests/Grant/AuthCodeGrantTest.php
+++ b/tests/Grant/AuthCodeGrantTest.php
@@ -12,8 +12,8 @@ use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
 use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
 use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
 use League\OAuth2\Server\Repositories\UserRepositoryInterface;
-use League\OAuth2\Server\Utils\KeyCrypt;
 use LeagueTests\Stubs\ClientEntity;
+use LeagueTests\Stubs\CryptTraitStub;
 use LeagueTests\Stubs\ScopeEntity;
 use LeagueTests\Stubs\StubResponseType;
 use LeagueTests\Stubs\UserEntity;
@@ -22,6 +22,16 @@ use Zend\Diactoros\ServerRequest;
 
 class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
 {
+    /**
+     * CryptTrait stub
+     */
+    protected $cryptStub;
+
+    public function setUp()
+    {
+        $this->cryptStub = new CryptTraitStub;
+    }
+
     public function testGetIdentifier()
     {
         $grant = new AuthCodeGrant(
@@ -78,8 +88,8 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             new \DateInterval('PT10M')
         );
         $grant->setClientRepository($clientRepositoryMock);
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
         $request = new ServerRequest(
             [
@@ -92,9 +102,9 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             'php://input',
             [],
             [
-                'oauth_authorize_request' => KeyCrypt::encrypt(
+                'oauth_authorize_request' => $this->cryptStub->doEncrypt(
                     json_encode(['user_id' => 123]),
-                    'file://' . __DIR__ . '/../Utils/private.key'
+                    'file://' . __DIR__ . '/../Stubs/private.key'
                 ),
             ],
             [
@@ -133,8 +143,8 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             new \DateInterval('PT10M')
         );
         $grant->setClientRepository($clientRepositoryMock);
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
         $request = new ServerRequest(
             [
@@ -147,9 +157,9 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             'php://input',
             [],
             [
-                'oauth_authorize_request' => KeyCrypt::encrypt(
+                'oauth_authorize_request' => $this->cryptStub->doEncrypt(
                     json_encode(['user_id' => 123]),
-                    'file://' . __DIR__ . '/../Utils/private.key'
+                    'file://' . __DIR__ . '/../Stubs/private.key'
                 ),
             ],
             [
@@ -193,8 +203,8 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             new \DateInterval('PT10M')
         );
         $grant->setClientRepository($clientRepositoryMock);
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
         $request = new ServerRequest(
             [
@@ -207,9 +217,9 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             'php://input',
             [],
             [
-                'oauth_authorize_request' => KeyCrypt::encrypt(
+                'oauth_authorize_request' => $this->cryptStub->doEncrypt(
                     json_encode(['user_id' => 123]),
-                    'file://' . __DIR__ . '/../Utils/private.key'
+                    'file://' . __DIR__ . '/../Stubs/private.key'
                 ),
             ],
             [
@@ -244,8 +254,8 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             new \DateInterval('PT10M')
         );
         $grant->setClientRepository($clientRepositoryMock);
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
         $request = new ServerRequest(
             [
@@ -258,9 +268,9 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             'php://input',
             [],
             [
-                'oauth_authorize_request' => KeyCrypt::encrypt(
+                'oauth_authorize_request' => $this->cryptStub->doEncrypt(
                     json_encode(['user_id' => 123]),
-                    'file://' . __DIR__ . '/../Utils/private.key'
+                    'file://' . __DIR__ . '/../Stubs/private.key'
                 ),
             ],
             [
@@ -299,8 +309,8 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             new \DateInterval('PT10M')
         );
         $grant->setClientRepository($clientRepositoryMock);
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
         $request = new ServerRequest(
             [
@@ -313,9 +323,9 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             'php://input',
             [],
             [
-                'oauth_authorize_request' => KeyCrypt::encrypt(
+                'oauth_authorize_request' => $this->cryptStub->doEncrypt(
                     json_encode(['user_id' => 123]),
-                    'file://' . __DIR__ . '/../Utils/private.key'
+                    'file://' . __DIR__ . '/../Stubs/private.key'
                 ),
             ],
             [
@@ -360,8 +370,8 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             new \DateInterval('PT10M')
         );
         $grant->setClientRepository($clientRepositoryMock);
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
         $request = new ServerRequest(
             [
@@ -410,8 +420,8 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             new \DateInterval('PT10M')
         );
         $grant->setClientRepository($clientRepositoryMock);
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
         $request = new ServerRequest(
             [
@@ -424,9 +434,9 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             'php://input',
             [],
             [
-                'oauth_authorize_request' => KeyCrypt::encrypt(
+                'oauth_authorize_request' => $this->cryptStub->doEncrypt(
                     json_encode(['user_id' => null]),
-                    'file://' . __DIR__ . '/../Utils/private.key'
+                    'file://' . __DIR__ . '/../Stubs/private.key'
                 ),
             ],
             [
@@ -464,8 +474,8 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             new \DateInterval('PT10M')
         );
         $grant->setClientRepository($clientRepositoryMock);
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
         $request = new ServerRequest(
             [
@@ -478,9 +488,9 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             'php://input',
             [],
             [
-                'oauth_authorize_request' => KeyCrypt::encrypt(
+                'oauth_authorize_request' => $this->cryptStub->doEncrypt(
                     json_encode(['user_id' => null]),
-                    'file://' . __DIR__ . '/../Utils/private.key'
+                    'file://' . __DIR__ . '/../Stubs/private.key'
                 ),
             ],
             [
@@ -520,8 +530,8 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             new \DateInterval('PT10M')
         );
         $grant->setClientRepository($clientRepositoryMock);
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
         $request = new ServerRequest(
             [
@@ -534,9 +544,9 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             'php://input',
             [],
             [
-                'oauth_authorize_request' => KeyCrypt::encrypt(
+                'oauth_authorize_request' => $this->cryptStub->doEncrypt(
                     json_encode(['user_id' => 123]),
-                    'file://' . __DIR__ . '/../Utils/private.key'
+                    'file://' . __DIR__ . '/../Stubs/private.key'
                 ),
             ],
             [
@@ -587,8 +597,8 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
         $grant->setScopeRepository($scopeRepositoryMock);
         $grant->setAccessTokenRepository($accessTokenRepositoryMock);
         $grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
         $request = new ServerRequest(
             [],
@@ -603,7 +613,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
                 'grant_type'   => 'authorization_code',
                 'client_id'    => 'foo',
                 'redirect_uri' => 'http://foo/bar',
-                'code'         => KeyCrypt::encrypt(
+                'code'         => $this->cryptStub->doEncrypt(
                     json_encode(
                         [
                             'auth_code_id' => uniqid(),
@@ -614,7 +624,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
                             'redirect_uri' => 'http://foo/bar',
                         ]
                     ),
-                    'file://' . __DIR__ . '/../Utils/private.key'
+                    'file://' . __DIR__ . '/../Stubs/private.key'
                 ),
             ]
         );
@@ -646,8 +656,8 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
         $grant->setClientRepository($clientRepositoryMock);
         $grant->setAccessTokenRepository($accessTokenRepositoryMock);
         $grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
         $request = new ServerRequest(
             [],
@@ -692,8 +702,8 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
         $grant->setClientRepository($clientRepositoryMock);
         $grant->setAccessTokenRepository($accessTokenRepositoryMock);
         $grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
         $request = new ServerRequest(
             [],
@@ -743,8 +753,8 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
         $grant->setClientRepository($clientRepositoryMock);
         $grant->setAccessTokenRepository($accessTokenRepositoryMock);
         $grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
         $request = new ServerRequest(
             [],
@@ -759,7 +769,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
                 'grant_type'   => 'authorization_code',
                 'client_id'    => 'foo',
                 'redirect_uri' => 'http://foo/bar',
-                'code'         => KeyCrypt::encrypt(
+                'code'         => $this->cryptStub->doEncrypt(
                     json_encode(
                         [
                             'auth_code_id' => uniqid(),
@@ -770,7 +780,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
                             'redirect_uri' => 'http://foo/bar',
                         ]
                     ),
-                    'file://' . __DIR__ . '/../Utils/private.key'
+                    'file://' . __DIR__ . '/../Stubs/private.key'
                 ),
             ]
         );
@@ -813,8 +823,8 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
         $grant->setClientRepository($clientRepositoryMock);
         $grant->setAccessTokenRepository($accessTokenRepositoryMock);
         $grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
         $request = new ServerRequest(
             [],
@@ -829,7 +839,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
                 'grant_type'   => 'authorization_code',
                 'client_id'    => 'foo',
                 'redirect_uri' => 'http://foo/bar',
-                'code'         => KeyCrypt::encrypt(
+                'code'         => $this->cryptStub->doEncrypt(
                     json_encode(
                         [
                             'auth_code_id' => uniqid(),
@@ -840,7 +850,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
                             'redirect_uri' => 'http://foo/bar',
                         ]
                     ),
-                    'file://' . __DIR__ . '/../Utils/private.key'
+                    'file://' . __DIR__ . '/../Stubs/private.key'
                 ),
             ]
         );
@@ -880,8 +890,8 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
         $grant->setClientRepository($clientRepositoryMock);
         $grant->setAccessTokenRepository($accessTokenRepositoryMock);
         $grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
         $request = new ServerRequest(
             [],
@@ -896,7 +906,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
                 'grant_type'   => 'authorization_code',
                 'client_id'    => 'foo',
                 'redirect_uri' => 'http://foo/bar',
-                'code'         => KeyCrypt::encrypt(
+                'code'         => $this->cryptStub->doEncrypt(
                     json_encode(
                         [
                             'auth_code_id' => uniqid(),
@@ -907,7 +917,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
                             'redirect_uri' => 'http://foo/bar',
                         ]
                     ),
-                    'file://' . __DIR__ . '/../Utils/private.key'
+                    'file://' . __DIR__ . '/../Stubs/private.key'
                 ),
             ]
         );
@@ -947,8 +957,8 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
         $grant->setClientRepository($clientRepositoryMock);
         $grant->setAccessTokenRepository($accessTokenRepositoryMock);
         $grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
         $request = new ServerRequest(
             [],
diff --git a/tests/Grant/ImplicitGrantTest.php b/tests/Grant/ImplicitGrantTest.php
index 5bc1156e..3c597978 100644
--- a/tests/Grant/ImplicitGrantTest.php
+++ b/tests/Grant/ImplicitGrantTest.php
@@ -7,7 +7,6 @@ use League\OAuth2\Server\Grant\ImplicitGrant;
 use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
 use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
 use League\OAuth2\Server\Repositories\UserRepositoryInterface;
-use League\OAuth2\Server\Utils\KeyCrypt;
 use LeagueTests\Stubs\ClientEntity;
 use LeagueTests\Stubs\StubResponseType;
 use LeagueTests\Stubs\UserEntity;
@@ -16,6 +15,16 @@ use Zend\Diactoros\ServerRequest;
 
 class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
 {
+    /**
+     * CryptTrait stub
+     */
+    protected $cryptStub;
+
+    public function setUp()
+    {
+        $this->cryptStub = new CryptTraitStub;
+    }
+
     public function testGetIdentifier()
     {
         $grant = new ImplicitGrant($this->getMock(UserRepositoryInterface::class));
@@ -60,8 +69,8 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
         $grant = new ImplicitGrant($userRepositoryMock);
         $grant->setClientRepository($clientRepositoryMock);
         $grant->setAccessTokenRepository($accessTokenRepositoryMock);
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
         $request = new ServerRequest(
             [
@@ -99,8 +108,8 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
     public function testRespondToAuthorizationRequestMissingClientId()
     {
         $grant = new ImplicitGrant($this->getMock(UserRepositoryInterface::class));
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
         $request = new ServerRequest(
             [
@@ -113,9 +122,9 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
             'php://input',
             [],
             [
-                'oauth_authorize_request' => KeyCrypt::encrypt(
+                'oauth_authorize_request' => $this->cryptStub->doEncrypt(
                     json_encode(['user_id' => 123]),
-                    'file://' . __DIR__ . '/../Utils/private.key'
+                    'file://' . __DIR__ . '/../Stubs/private.key'
                 ),
             ],
             [
@@ -141,8 +150,8 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
 
         $grant = new ImplicitGrant($this->getMock(UserRepositoryInterface::class));
         $grant->setClientRepository($clientRepositoryMock);
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
         $request = new ServerRequest(
             [
@@ -155,9 +164,9 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
             'php://input',
             [],
             [
-                'oauth_authorize_request' => KeyCrypt::encrypt(
+                'oauth_authorize_request' => $this->cryptStub->doEncrypt(
                     json_encode(['user_id' => 123]),
-                    'file://' . __DIR__ . '/../Utils/private.key'
+                    'file://' . __DIR__ . '/../Stubs/private.key'
                 ),
             ],
             [
@@ -191,8 +200,8 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
 
         $grant = new ImplicitGrant($this->getMock(UserRepositoryInterface::class));
         $grant->setClientRepository($clientRepositoryMock);
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
         $request = new ServerRequest(
             [
@@ -205,9 +214,9 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
             'php://input',
             [],
             [
-                'oauth_authorize_request' => KeyCrypt::encrypt(
+                'oauth_authorize_request' => $this->cryptStub->doEncrypt(
                     json_encode(['user_id' => 123]),
-                    'file://' . __DIR__ . '/../Utils/private.key'
+                    'file://' . __DIR__ . '/../Stubs/private.key'
                 ),
             ],
             [
@@ -247,8 +256,8 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
 
         $grant = new ImplicitGrant($this->getMock(UserRepositoryInterface::class));
         $grant->setClientRepository($clientRepositoryMock);
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
         $request = new ServerRequest(
             [
@@ -292,8 +301,8 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
 
         $grant = new ImplicitGrant($this->getMock(UserRepositoryInterface::class));
         $grant->setClientRepository($clientRepositoryMock);
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
         $request = new ServerRequest(
             [
@@ -306,9 +315,9 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
             'php://input',
             [],
             [
-                'oauth_authorize_request' => KeyCrypt::encrypt(
+                'oauth_authorize_request' => $this->cryptStub->doEncrypt(
                     json_encode(['user_id' => null]),
-                    'file://' . __DIR__ . '/../Utils/private.key'
+                    'file://' . __DIR__ . '/../Stubs/private.key'
                 ),
             ],
             [
@@ -341,8 +350,8 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
 
         $grant = new ImplicitGrant($this->getMock(UserRepositoryInterface::class));
         $grant->setClientRepository($clientRepositoryMock);
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
         $request = new ServerRequest(
             [
@@ -355,9 +364,9 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
             'php://input',
             [],
             [
-                'oauth_authorize_request' => KeyCrypt::encrypt(
+                'oauth_authorize_request' => $this->cryptStub->doEncrypt(
                     json_encode(['user_id' => 123]),
-                    'file://' . __DIR__ . '/../Utils/private.key'
+                    'file://' . __DIR__ . '/../Stubs/private.key'
                 ),
             ],
             [
@@ -389,8 +398,8 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
 
         $grant = new ImplicitGrant($this->getMock(UserRepositoryInterface::class));
         $grant->setClientRepository($clientRepositoryMock);
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
         $request = new ServerRequest(
             [
@@ -403,9 +412,9 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
             'php://input',
             [],
             [
-                'oauth_authorize_request' => KeyCrypt::encrypt(
+                'oauth_authorize_request' => $this->cryptStub->doEncrypt(
                     json_encode(['user_id' => 123]),
-                    'file://' . __DIR__ . '/../Utils/private.key'
+                    'file://' . __DIR__ . '/../Stubs/private.key'
                 ),
             ],
             [
diff --git a/tests/Grant/RefreshTokenGrantTest.php b/tests/Grant/RefreshTokenGrantTest.php
index d6b63203..dc2056cb 100644
--- a/tests/Grant/RefreshTokenGrantTest.php
+++ b/tests/Grant/RefreshTokenGrantTest.php
@@ -9,7 +9,6 @@ use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
 use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
 use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
 use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
-use League\OAuth2\Server\Utils\KeyCrypt;
 use LeagueTests\Stubs\ClientEntity;
 use LeagueTests\Stubs\ScopeEntity;
 use LeagueTests\Stubs\StubResponseType;
@@ -17,6 +16,16 @@ use Zend\Diactoros\ServerRequest;
 
 class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
 {
+    /**
+     * CryptTrait stub
+     */
+    protected $cryptStub;
+
+    public function setUp()
+    {
+        $this->cryptStub = new CryptTraitStub;
+    }
+
     public function testGetIdentifier()
     {
         $refreshTokenRepositoryMock = $this->getMock(RefreshTokenRepositoryInterface::class);
@@ -47,10 +56,10 @@ class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
         $grant->setClientRepository($clientRepositoryMock);
         $grant->setScopeRepository($scopeRepositoryMock);
         $grant->setAccessTokenRepository($accessTokenRepositoryMock);
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
-        $oldRefreshToken = KeyCrypt::encrypt(
+        $oldRefreshToken = $this->cryptStub->doEncrypt(
             json_encode(
                 [
                     'client_id'        => 'foo',
@@ -61,7 +70,7 @@ class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
                     'expire_time'      => time() + 3600,
                 ]
             ),
-            'file://' . __DIR__ . '/../Utils/private.key'
+            'file://' . __DIR__ . '/../Stubs/private.key'
         );
 
         $serverRequest = new ServerRequest();
@@ -103,10 +112,10 @@ class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
         $grant->setClientRepository($clientRepositoryMock);
         $grant->setAccessTokenRepository($accessTokenRepositoryMock);
         $grant->setScopeRepository($scopeRepositoryMock);
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
-        $oldRefreshToken = KeyCrypt::encrypt(
+        $oldRefreshToken = $this->cryptStub->doEncrypt(
             json_encode(
                 [
                     'client_id'        => 'foo',
@@ -117,7 +126,7 @@ class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
                     'expire_time'      => time() + 3600,
                 ]
             ),
-            'file://' . __DIR__ . '/../Utils/private.key'
+            'file://' . __DIR__ . '/../Stubs/private.key'
         );
 
         $serverRequest = new ServerRequest();
@@ -164,10 +173,10 @@ class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
         $grant->setClientRepository($clientRepositoryMock);
         $grant->setAccessTokenRepository($accessTokenRepositoryMock);
         $grant->setScopeRepository($scopeRepositoryMock);
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
-        $oldRefreshToken = KeyCrypt::encrypt(
+        $oldRefreshToken = $this->cryptStub->doEncrypt(
             json_encode(
                 [
                     'client_id'        => 'foo',
@@ -178,7 +187,7 @@ class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
                     'expire_time'      => time() + 3600,
                 ]
             ),
-            'file://' . __DIR__ . '/../Utils/private.key'
+            'file://' . __DIR__ . '/../Stubs/private.key'
         );
 
         $serverRequest = new ServerRequest();
@@ -213,8 +222,8 @@ class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
         $grant = new RefreshTokenGrant($refreshTokenRepositoryMock);
         $grant->setClientRepository($clientRepositoryMock);
         $grant->setAccessTokenRepository($accessTokenRepositoryMock);
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
         $serverRequest = new ServerRequest();
         $serverRequest = $serverRequest->withParsedBody(
@@ -246,8 +255,8 @@ class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
         $grant = new RefreshTokenGrant($refreshTokenRepositoryMock);
         $grant->setClientRepository($clientRepositoryMock);
         $grant->setAccessTokenRepository($accessTokenRepositoryMock);
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
         $oldRefreshToken = 'foobar';
 
@@ -286,10 +295,10 @@ class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
         $grant = new RefreshTokenGrant($refreshTokenRepositoryMock);
         $grant->setClientRepository($clientRepositoryMock);
         $grant->setAccessTokenRepository($accessTokenRepositoryMock);
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
-        $oldRefreshToken = KeyCrypt::encrypt(
+        $oldRefreshToken = $this->cryptStub->doEncrypt(
             json_encode(
                 [
                     'client_id'        => 'bar',
@@ -300,7 +309,7 @@ class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
                     'expire_time'      => time() + 3600,
                 ]
             ),
-            'file://' . __DIR__ . '/../Utils/private.key'
+            'file://' . __DIR__ . '/../Stubs/private.key'
         );
 
         $serverRequest = new ServerRequest();
@@ -334,10 +343,10 @@ class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
         $grant = new RefreshTokenGrant($refreshTokenRepositoryMock);
         $grant->setClientRepository($clientRepositoryMock);
         $grant->setAccessTokenRepository($accessTokenRepositoryMock);
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
-        $oldRefreshToken = KeyCrypt::encrypt(
+        $oldRefreshToken = $this->cryptStub->doEncrypt(
             json_encode(
                 [
                     'client_id'        => 'foo',
@@ -348,7 +357,7 @@ class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
                     'expire_time'      => time() - 3600,
                 ]
             ),
-            'file://' . __DIR__ . '/../Utils/private.key'
+            'file://' . __DIR__ . '/../Stubs/private.key'
         );
 
         $serverRequest = new ServerRequest();
@@ -383,10 +392,10 @@ class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
         $grant = new RefreshTokenGrant($refreshTokenRepositoryMock);
         $grant->setClientRepository($clientRepositoryMock);
         $grant->setAccessTokenRepository($accessTokenRepositoryMock);
-        $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
-        $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');
+        $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+        $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
-        $oldRefreshToken = KeyCrypt::encrypt(
+        $oldRefreshToken = $this->cryptStub->doEncrypt(
             json_encode(
                 [
                     'client_id'        => 'foo',
@@ -397,7 +406,7 @@ class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
                     'expire_time'      => time() + 3600,
                 ]
             ),
-            'file://' . __DIR__ . '/../Utils/private.key'
+            'file://' . __DIR__ . '/../Stubs/private.key'
         );
 
         $serverRequest = new ServerRequest();
diff --git a/tests/ResponseTypes/BearerResponseTypeTest.php b/tests/ResponseTypes/BearerResponseTypeTest.php
index ce7620ea..fb9b91ca 100644
--- a/tests/ResponseTypes/BearerResponseTypeTest.php
+++ b/tests/ResponseTypes/BearerResponseTypeTest.php
@@ -20,8 +20,8 @@ class BearerResponseTypeTest extends \PHPUnit_Framework_TestCase
         $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
 
         $responseType = new BearerTokenResponse(
-            'file://' . __DIR__ . '/../Utils/private.key',
-            'file://' . __DIR__ . '/../Utils/public.key',
+            'file://' . __DIR__ . '/../Stubs/private.key',
+            'file://' . __DIR__ . '/../Stubs/public.key',
             $accessTokenRepositoryMock
         );
 
@@ -66,8 +66,8 @@ class BearerResponseTypeTest extends \PHPUnit_Framework_TestCase
         $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
 
         $responseType = new BearerTokenResponse(
-            'file://' . __DIR__ . '/../Utils/private.key',
-            'file://' . __DIR__ . '/../Utils/public.key',
+            'file://' . __DIR__ . '/../Stubs/private.key',
+            'file://' . __DIR__ . '/../Stubs/public.key',
             $accessTokenRepositoryMock
         );
 
@@ -108,8 +108,8 @@ class BearerResponseTypeTest extends \PHPUnit_Framework_TestCase
         $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
 
         $responseType = new BearerTokenResponse(
-            'file://' . __DIR__ . '/../Utils/private.key',
-            'file://' . __DIR__ . '/../Utils/public.key',
+            'file://' . __DIR__ . '/../Stubs/private.key',
+            'file://' . __DIR__ . '/../Stubs/public.key',
             $accessTokenRepositoryMock
         );
 
@@ -154,8 +154,8 @@ class BearerResponseTypeTest extends \PHPUnit_Framework_TestCase
 
 
         $responseType = new BearerTokenResponse(
-            'file://' . __DIR__ . '/../Utils/private.key',
-            'file://' . __DIR__ . '/../Utils/public.key',
+            'file://' . __DIR__ . '/../Stubs/private.key',
+            'file://' . __DIR__ . '/../Stubs/public.key',
             $accessTokenRepositoryMock
         );
 
@@ -198,8 +198,8 @@ class BearerResponseTypeTest extends \PHPUnit_Framework_TestCase
         $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
 
         $responseType = new BearerTokenResponse(
-            'file://' . __DIR__ . '/../Utils/private.key',
-            'file://' . __DIR__ . '/../Utils/public.key',
+            'file://' . __DIR__ . '/../Stubs/private.key',
+            'file://' . __DIR__ . '/../Stubs/public.key',
             $accessTokenRepositoryMock
         );
 
diff --git a/tests/Stubs/CryptTraitStub.php b/tests/Stubs/CryptTraitStub.php
new file mode 100644
index 00000000..583a851c
--- /dev/null
+++ b/tests/Stubs/CryptTraitStub.php
@@ -0,0 +1,26 @@
+<?php
+
+namespace LeagueTests\Stubs;
+
+use League\OAuth2\Server\CryptTrait;
+
+class CryptTraitStub
+{
+    use CryptTrait;
+
+    public function __construct()
+    {
+        $this->setPrivateKeyPath('file://' . __DIR__ . '/private.key');
+        $this->setPublicKeyPath('file://' . __DIR__ . '/public.key');
+    }
+
+    public function doEncrypt($unencryptedData)
+    {
+        return $this->encrypt($unencryptedData);
+    }
+
+    public function doDecrypt($encryptedData)
+    {
+        return $this->decrypt($encryptedData);
+    }
+}
diff --git a/tests/Utils/private.key b/tests/Stubs/private.key
similarity index 100%
rename from tests/Utils/private.key
rename to tests/Stubs/private.key
diff --git a/tests/Utils/public.key b/tests/Stubs/public.key
similarity index 100%
rename from tests/Utils/public.key
rename to tests/Stubs/public.key
diff --git a/tests/Utils/KeyCryptTest.php b/tests/Utils/KeyCryptTest.php
deleted file mode 100644
index 3fa1f17c..00000000
--- a/tests/Utils/KeyCryptTest.php
+++ /dev/null
@@ -1,34 +0,0 @@
-<?php
-
-namespace LeagueTests\Utils;
-
-use League\OAuth2\Server\Utils\KeyCrypt;
-
-class KeyCryptTest extends \PHPUnit_Framework_TestCase
-{
-    public function testEncryptDecrypt()
-    {
-        $payload = 'alex loves whisky';
-        $encrypted = KeyCrypt::encrypt($payload, 'file://' . __DIR__ . '/private.key');
-        $plainText = KeyCrypt::decrypt($encrypted, 'file://' . __DIR__ . '/public.key');
-
-        $this->assertNotEquals($payload, $encrypted);
-        $this->assertEquals($payload, $plainText);
-    }
-
-    /**
-     * @expectedException \LogicException
-     */
-    public function testBadPrivateKey()
-    {
-        KeyCrypt::encrypt('', 'file://' . __DIR__ . '/public.key');
-    }
-
-    /**
-     * @expectedException \LogicException
-     */
-    public function testBadPublicKey()
-    {
-        KeyCrypt::decrypt('', 'file://' . __DIR__ . '/private.key');
-    }
-}

From 8196f5c832eedf28fea97675ada5635b76b26cbc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Juli=C3=A1n=20Guti=C3=A9rrez?= <juliangut@gmail.com>
Date: Thu, 17 Mar 2016 21:33:04 +0100
Subject: [PATCH 2/5] code against interface

---
 src/Grant/AuthCodeGrant.php | 6 +++---
 src/Grant/ImplicitGrant.php | 8 ++++----
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/Grant/AuthCodeGrant.php b/src/Grant/AuthCodeGrant.php
index 05ea1f38..b031e6e6 100644
--- a/src/Grant/AuthCodeGrant.php
+++ b/src/Grant/AuthCodeGrant.php
@@ -13,7 +13,7 @@ use League\OAuth2\Server\Repositories\UserRepositoryInterface;
 use League\OAuth2\Server\ResponseTypes\HtmlResponse;
 use League\OAuth2\Server\ResponseTypes\RedirectResponse;
 use League\OAuth2\Server\ResponseTypes\ResponseTypeInterface;
-use League\OAuth2\Server\TemplateRenderer\AbstractRenderer;
+use League\OAuth2\Server\TemplateRenderer\RendererInterface;
 use Psr\Http\Message\ServerRequestInterface;
 
 class AuthCodeGrant extends AbstractAuthorizeGrant
@@ -28,14 +28,14 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
      * @param \League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface $refreshTokenRepository
      * @param \League\OAuth2\Server\Repositories\UserRepositoryInterface         $userRepository
      * @param \DateInterval                                                      $authCodeTTL
-     * @param \League\OAuth2\Server\TemplateRenderer\AbstractRenderer|null       $templateRenderer
+     * @param \League\OAuth2\Server\TemplateRenderer\RendererInterface|null      $templateRenderer
      */
     public function __construct(
         AuthCodeRepositoryInterface $authCodeRepository,
         RefreshTokenRepositoryInterface $refreshTokenRepository,
         UserRepositoryInterface $userRepository,
         \DateInterval $authCodeTTL,
-        AbstractRenderer $templateRenderer = null
+        RendererInterface $templateRenderer = null
     ) {
         $this->setAuthCodeRepository($authCodeRepository);
         $this->setRefreshTokenRepository($refreshTokenRepository);
diff --git a/src/Grant/ImplicitGrant.php b/src/Grant/ImplicitGrant.php
index 7da987d7..573d869f 100644
--- a/src/Grant/ImplicitGrant.php
+++ b/src/Grant/ImplicitGrant.php
@@ -10,16 +10,16 @@ use League\OAuth2\Server\Repositories\UserRepositoryInterface;
 use League\OAuth2\Server\ResponseTypes\HtmlResponse;
 use League\OAuth2\Server\ResponseTypes\RedirectResponse;
 use League\OAuth2\Server\ResponseTypes\ResponseTypeInterface;
-use League\OAuth2\Server\TemplateRenderer\AbstractRenderer;
+use League\OAuth2\Server\TemplateRenderer\RendererInterface;
 use Psr\Http\Message\ServerRequestInterface;
 
 class ImplicitGrant extends AbstractAuthorizeGrant
 {
     /**
-     * @param \League\OAuth2\Server\Repositories\UserRepositoryInterface   $userRepository
-     * @param \League\OAuth2\Server\TemplateRenderer\AbstractRenderer|null $templateRenderer
+     * @param \League\OAuth2\Server\Repositories\UserRepositoryInterface    $userRepository
+     * @param \League\OAuth2\Server\TemplateRenderer\RendererInterface|null $templateRenderer
      */
-    public function __construct(UserRepositoryInterface $userRepository, AbstractRenderer $templateRenderer = null)
+    public function __construct(UserRepositoryInterface $userRepository, RendererInterface $templateRenderer = null)
     {
         $this->setUserRepository($userRepository);
         $this->refreshTokenTTL = new \DateInterval('P1M');

From 4b775fe24139f212e8f7a7fd3155383ff370cb97 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Juli=C3=A1n=20Guti=C3=A9rrez?= <juliangut@gmail.com>
Date: Fri, 18 Mar 2016 00:25:32 +0100
Subject: [PATCH 3/5] include CryptTrait tests, allow Server::respondToRequest
 trhow exceptions and fix ResposeType tests

---
 src/CryptTrait.php                            |   2 +-
 src/Grant/AuthCodeGrant.php                   |   2 +
 src/Grant/ImplicitGrant.php                   |   6 +-
 src/Grant/RefreshTokenGrant.php               |   2 +
 src/Server.php                                |  34 +++---
 tests/Grant/AuthCodeGrantTest.php             | 108 +++++++++---------
 tests/Grant/ImplicitGrantTest.php             |  82 ++++++-------
 tests/Grant/RefreshTokenGrantTest.php         |  21 ++--
 .../ResourceServerMiddlewareTest.php          |  23 +++-
 .../ResponseTypes/BearerResponseTypeTest.php  |  79 +++++++------
 tests/ServerTest.php                          |  27 +++--
 11 files changed, 200 insertions(+), 186 deletions(-)

diff --git a/src/CryptTrait.php b/src/CryptTrait.php
index 844f810f..3c648b79 100644
--- a/src/CryptTrait.php
+++ b/src/CryptTrait.php
@@ -108,7 +108,7 @@ trait CryptTrait
         while ($encryptedData) {
             $chunk = substr($encryptedData, 0, $chunkSize);
             $encryptedData = substr($encryptedData, $chunkSize);
-            if (openssl_public_decrypt($chunk, $decrypted, $publicKey, OPENSSL_PKCS1_OAEP_PADDING) === false) {
+            if (openssl_public_decrypt($chunk, $decrypted, $publicKey/*, OPENSSL_PKCS1_OAEP_PADDING*/) === false) {
                 // @codeCoverageIgnoreStart
                 throw new \LogicException('Failed to decrypt data');
                 // @codeCoverageIgnoreEnd
diff --git a/src/Grant/AuthCodeGrant.php b/src/Grant/AuthCodeGrant.php
index b031e6e6..17ccf76c 100644
--- a/src/Grant/AuthCodeGrant.php
+++ b/src/Grant/AuthCodeGrant.php
@@ -282,7 +282,9 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
                 );
 
                 if (!$scope) {
+                    // @codeCoverageIgnoreStart
                     throw OAuthServerException::invalidScope($scopeId);
+                    // @codeCoverageIgnoreEnd
                 }
 
                 $scopes[] = $scope;
diff --git a/src/Grant/ImplicitGrant.php b/src/Grant/ImplicitGrant.php
index 573d869f..9b46d019 100644
--- a/src/Grant/ImplicitGrant.php
+++ b/src/Grant/ImplicitGrant.php
@@ -176,7 +176,7 @@ class ImplicitGrant extends AbstractAuthorizeGrant
         }
 
         // The user has either approved or denied the client, so redirect them back
-        $redirectUri = new Uri($client->getRedirectUri());
+        $redirectUri = $client->getRedirectUri();
         $redirectPayload = [];
 
         $stateParameter = $this->getQueryStringParameter('state', $request);
@@ -208,8 +208,6 @@ class ImplicitGrant extends AbstractAuthorizeGrant
         }
 
         // The user denied the client, redirect them back with an error
-        $exception = OAuthServerException::accessDenied('The user denied the request', (string) $redirectUri);
-
-        return $exception->generateHttpResponse(null, true);
+        throw OAuthServerException::accessDenied('The user denied the request', (string) $redirectUri);
     }
 }
diff --git a/src/Grant/RefreshTokenGrant.php b/src/Grant/RefreshTokenGrant.php
index be0d803e..3dee1073 100644
--- a/src/Grant/RefreshTokenGrant.php
+++ b/src/Grant/RefreshTokenGrant.php
@@ -54,7 +54,9 @@ class RefreshTokenGrant extends AbstractGrant
                 );
 
                 if (!$scope) {
+                    // @codeCoverageIgnoreStart
                     throw OAuthServerException::invalidScope($scopeId);
+                    // @codeCoverageIgnoreEnd
                 }
 
                 return $scope;
diff --git a/src/Server.php b/src/Server.php
index 5e0f2190..e77a344b 100644
--- a/src/Server.php
+++ b/src/Server.php
@@ -127,27 +127,23 @@ class Server implements EmitterAwareInterface
      */
     public function respondToRequest(ServerRequestInterface $request, ResponseInterface $response)
     {
-        try {
-            $tokenResponse = null;
-            while ($tokenResponse === null && $grantType = array_shift($this->enabledGrantTypes)) {
-                /** @var \League\OAuth2\Server\Grant\GrantTypeInterface $grantType */
-                if ($grantType->canRespondToRequest($request)) {
-                    $tokenResponse = $grantType->respondToRequest(
-                        $request,
-                        $this->getResponseType(),
-                        $this->grantTypeAccessTokenTTL[$grantType->getIdentifier()]
-                    );
-                }
+        $tokenResponse = null;
+        while ($tokenResponse === null && $grantType = array_shift($this->enabledGrantTypes)) {
+            /** @var \League\OAuth2\Server\Grant\GrantTypeInterface $grantType */
+            if ($grantType->canRespondToRequest($request)) {
+                $tokenResponse = $grantType->respondToRequest(
+                    $request,
+                    $this->getResponseType(),
+                    $this->grantTypeAccessTokenTTL[$grantType->getIdentifier()]
+                );
             }
-
-            if ($tokenResponse instanceof ResponseTypeInterface) {
-                return $tokenResponse->generateHttpResponse($response);
-            }
-
-            throw OAuthServerException::unsupportedGrantType();
-        } catch (OAuthServerException $e) {
-            return $e->generateHttpResponse($response);
         }
+
+        if ($tokenResponse instanceof ResponseTypeInterface) {
+            return $tokenResponse->generateHttpResponse($response);
+        }
+
+        throw OAuthServerException::unsupportedGrantType();
     }
 
     /**
diff --git a/tests/Grant/AuthCodeGrantTest.php b/tests/Grant/AuthCodeGrantTest.php
index 31cd2f53..44bba0fc 100644
--- a/tests/Grant/AuthCodeGrantTest.php
+++ b/tests/Grant/AuthCodeGrantTest.php
@@ -12,12 +12,15 @@ use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
 use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
 use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
 use League\OAuth2\Server\Repositories\UserRepositoryInterface;
+use League\OAuth2\Server\ResponseTypes\HtmlResponse;
+use League\OAuth2\Server\ResponseTypes\RedirectResponse;
 use LeagueTests\Stubs\ClientEntity;
 use LeagueTests\Stubs\CryptTraitStub;
 use LeagueTests\Stubs\ScopeEntity;
 use LeagueTests\Stubs\StubResponseType;
 use LeagueTests\Stubs\UserEntity;
 use Psr\Http\Message\ResponseInterface;
+use Zend\Diactoros\Response;
 use Zend\Diactoros\ServerRequest;
 
 class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
@@ -81,6 +84,9 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
         $userEntity = new UserEntity();
         $userRepositoryMock->method('getUserEntityByUserCredentials')->willReturn($userEntity);
 
+        $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
+        $accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();
+
         $grant = new AuthCodeGrant(
             $this->getMock(AuthCodeRepositoryInterface::class),
             $this->getMock(RefreshTokenRepositoryInterface::class),
@@ -88,6 +94,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             new \DateInterval('PT10M')
         );
         $grant->setClientRepository($clientRepositoryMock);
+        $grant->setAccessTokenRepository($accessTokenRepositoryMock);
         $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
         $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
@@ -102,10 +109,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             'php://input',
             [],
             [
-                'oauth_authorize_request' => $this->cryptStub->doEncrypt(
-                    json_encode(['user_id' => 123]),
-                    'file://' . __DIR__ . '/../Stubs/private.key'
-                ),
+                'oauth_authorize_request' => $this->cryptStub->doEncrypt(json_encode(['user_id' => 123])),
             ],
             [
                 'response_type' => 'code',
@@ -121,10 +125,16 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
 
         $response = $grant->respondToRequest($request, new StubResponseType(), new \DateInterval('PT10M'));
 
-        $this->assertTrue($response instanceof ResponseInterface);
+        $this->assertTrue($response instanceof RedirectResponse);
+
+        $response = $response->generateHttpResponse(new Response);
         $this->assertTrue(strstr($response->getHeader('location')[0], 'http://foo/bar') !== false);
     }
 
+    /**
+     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
+     * @expectedExceptionCode 9
+     */
     public function testRespondToAuthorizationRequestUserDenied()
     {
         $client = new ClientEntity();
@@ -136,6 +146,9 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
         $userEntity = new UserEntity();
         $userRepositoryMock->method('getUserEntityByUserCredentials')->willReturn($userEntity);
 
+        $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
+        $accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();
+
         $grant = new AuthCodeGrant(
             $this->getMock(AuthCodeRepositoryInterface::class),
             $this->getMock(RefreshTokenRepositoryInterface::class),
@@ -143,6 +156,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             new \DateInterval('PT10M')
         );
         $grant->setClientRepository($clientRepositoryMock);
+        $grant->setAccessTokenRepository($accessTokenRepositoryMock);
         $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
         $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
@@ -157,10 +171,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             'php://input',
             [],
             [
-                'oauth_authorize_request' => $this->cryptStub->doEncrypt(
-                    json_encode(['user_id' => 123]),
-                    'file://' . __DIR__ . '/../Stubs/private.key'
-                ),
+                'oauth_authorize_request' => $this->cryptStub->doEncrypt(json_encode(['user_id' => 123])),
             ],
             [
                 'response_type' => 'code',
@@ -174,11 +185,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             ]
         );
 
-        $response = $grant->respondToRequest($request, new StubResponseType(), new \DateInterval('PT10M'));
-
-        $this->assertTrue($response instanceof ResponseInterface);
-        $this->assertTrue(strstr($response->getHeader('location')[0], 'http://foo/bar') !== false);
-        $this->assertTrue(strstr($response->getHeader('location')[0], 'access_denied') !== false);
+        $grant->respondToRequest($request, new StubResponseType(), new \DateInterval('PT10M'));
     }
 
     /**
@@ -217,10 +224,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             'php://input',
             [],
             [
-                'oauth_authorize_request' => $this->cryptStub->doEncrypt(
-                    json_encode(['user_id' => 123]),
-                    'file://' . __DIR__ . '/../Stubs/private.key'
-                ),
+                'oauth_authorize_request' => $this->cryptStub->doEncrypt(json_encode(['user_id' => 123])),
             ],
             [
                 'response_type' => 'code',
@@ -232,9 +236,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             ]
         );
 
-        $response = $grant->respondToRequest($request, new StubResponseType(), new \DateInterval('PT10M'));
-
-        $this->assertTrue($response instanceof ResponseInterface);
+        $grant->respondToRequest($request, new StubResponseType(), new \DateInterval('PT10M'));
     }
 
     public function testRespondToAuthorizationRequestBadClient()
@@ -268,10 +270,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             'php://input',
             [],
             [
-                'oauth_authorize_request' => $this->cryptStub->doEncrypt(
-                    json_encode(['user_id' => 123]),
-                    'file://' . __DIR__ . '/../Stubs/private.key'
-                ),
+                'oauth_authorize_request' => $this->cryptStub->doEncrypt(json_encode(['user_id' => 123])),
             ],
             [
                 'response_type' => 'code',
@@ -323,10 +322,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             'php://input',
             [],
             [
-                'oauth_authorize_request' => $this->cryptStub->doEncrypt(
-                    json_encode(['user_id' => 123]),
-                    'file://' . __DIR__ . '/../Stubs/private.key'
-                ),
+                'oauth_authorize_request' => $this->cryptStub->doEncrypt(json_encode(['user_id' => 123])),
             ],
             [
                 'response_type' => 'code',
@@ -397,9 +393,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             ]
         );
 
-        $response = $grant->respondToRequest($request, new StubResponseType(), new \DateInterval('PT10M'));
-
-        $this->assertTrue($response instanceof ResponseInterface);
+        $grant->respondToRequest($request, new StubResponseType(), new \DateInterval('PT10M'));
     }
 
     public function testRespondToAuthorizationRequestTryLogin()
@@ -413,6 +407,9 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
         $userEntity = new UserEntity();
         $userRepositoryMock->method('getUserEntityByUserCredentials')->willReturn($userEntity);
 
+        $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
+        $accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();
+
         $grant = new AuthCodeGrant(
             $this->getMock(AuthCodeRepositoryInterface::class),
             $this->getMock(RefreshTokenRepositoryInterface::class),
@@ -420,6 +417,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             new \DateInterval('PT10M')
         );
         $grant->setClientRepository($clientRepositoryMock);
+        $grant->setAccessTokenRepository($accessTokenRepositoryMock);
         $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
         $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
@@ -434,10 +432,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             'php://input',
             [],
             [
-                'oauth_authorize_request' => $this->cryptStub->doEncrypt(
-                    json_encode(['user_id' => null]),
-                    'file://' . __DIR__ . '/../Stubs/private.key'
-                ),
+                'oauth_authorize_request' => $this->cryptStub->doEncrypt(json_encode(['user_id' => null])),
             ],
             [
                 'response_type' => 'code',
@@ -452,7 +447,9 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
 
         $response = $grant->respondToRequest($request, new StubResponseType(), new \DateInterval('PT10M'));
 
-        $this->assertTrue($response instanceof ResponseInterface);
+        $this->assertTrue($response instanceof RedirectResponse);
+
+        $response = $response->generateHttpResponse(new Response);
         $this->assertTrue(strstr($response->getHeader('location')[0], 'http://foo/bar') !== false);
     }
 
@@ -467,6 +464,9 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
         $userEntity = null;
         $userRepositoryMock->method('getUserEntityByUserCredentials')->willReturn($userEntity);
 
+        $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
+        $accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();
+
         $grant = new AuthCodeGrant(
             $this->getMock(AuthCodeRepositoryInterface::class),
             $this->getMock(RefreshTokenRepositoryInterface::class),
@@ -474,6 +474,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             new \DateInterval('PT10M')
         );
         $grant->setClientRepository($clientRepositoryMock);
+        $grant->setAccessTokenRepository($accessTokenRepositoryMock);
         $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
         $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
@@ -488,10 +489,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             'php://input',
             [],
             [
-                'oauth_authorize_request' => $this->cryptStub->doEncrypt(
-                    json_encode(['user_id' => null]),
-                    'file://' . __DIR__ . '/../Stubs/private.key'
-                ),
+                'oauth_authorize_request' => $this->cryptStub->doEncrypt(json_encode(['user_id' => null])),
             ],
             [
                 'response_type' => 'code',
@@ -506,9 +504,11 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
 
         $response = $grant->respondToRequest($request, new StubResponseType(), new \DateInterval('PT10M'));
 
-        $this->assertTrue($response instanceof ResponseInterface);
+        $this->assertTrue($response instanceof HtmlResponse);
+
+        $response = $response->generateHttpResponse(new Response);
         $this->assertTrue(strstr($response->getHeader('content-type')[0], 'text/html') !== false);
-        $this->assertTrue(strstr($response->getBody()->getContents(), 'Incorrect username or password') !== false);
+        $this->assertTrue(strstr((string) $response->getBody(), 'Incorrect username or password') !== false);
     }
 
     public function testRespondToAuthorizationRequestShowAuthorizeForm()
@@ -523,6 +523,9 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
         $userEntity = new UserEntity();
         $userRepositoryMock->method('getUserEntityByUserCredentials')->willReturn($userEntity);
 
+        $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
+        $accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();
+
         $grant = new AuthCodeGrant(
             $this->getMock(AuthCodeRepositoryInterface::class),
             $this->getMock(RefreshTokenRepositoryInterface::class),
@@ -530,6 +533,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             new \DateInterval('PT10M')
         );
         $grant->setClientRepository($clientRepositoryMock);
+        $grant->setAccessTokenRepository($accessTokenRepositoryMock);
         $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
         $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
@@ -544,10 +548,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
             'php://input',
             [],
             [
-                'oauth_authorize_request' => $this->cryptStub->doEncrypt(
-                    json_encode(['user_id' => 123]),
-                    'file://' . __DIR__ . '/../Stubs/private.key'
-                ),
+                'oauth_authorize_request' => $this->cryptStub->doEncrypt(json_encode(['user_id' => 123])),
             ],
             [
                 'response_type' => 'code',
@@ -561,6 +562,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
 
         $response = $grant->respondToRequest($request, new StubResponseType(), new \DateInterval('PT10M'));
 
+        $response = $response->generateHttpResponse(new Response);
         $this->assertTrue($response instanceof ResponseInterface);
         $this->assertTrue(strstr($response->getHeader('set-cookie')[0], 'oauth_authorize_request') !== false);
     }
@@ -623,8 +625,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
                             'scopes'       => ['foo'],
                             'redirect_uri' => 'http://foo/bar',
                         ]
-                    ),
-                    'file://' . __DIR__ . '/../Stubs/private.key'
+                    )
                 ),
             ]
         );
@@ -779,8 +780,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
                             'scopes'       => ['foo'],
                             'redirect_uri' => 'http://foo/bar',
                         ]
-                    ),
-                    'file://' . __DIR__ . '/../Stubs/private.key'
+                    )
                 ),
             ]
         );
@@ -849,8 +849,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
                             'scopes'       => ['foo'],
                             'redirect_uri' => 'http://foo/bar',
                         ]
-                    ),
-                    'file://' . __DIR__ . '/../Stubs/private.key'
+                    )
                 ),
             ]
         );
@@ -916,8 +915,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
                             'scopes'       => ['foo'],
                             'redirect_uri' => 'http://foo/bar',
                         ]
-                    ),
-                    'file://' . __DIR__ . '/../Stubs/private.key'
+                    )
                 ),
             ]
         );
diff --git a/tests/Grant/ImplicitGrantTest.php b/tests/Grant/ImplicitGrantTest.php
index 3c597978..e4e10db0 100644
--- a/tests/Grant/ImplicitGrantTest.php
+++ b/tests/Grant/ImplicitGrantTest.php
@@ -7,10 +7,12 @@ use League\OAuth2\Server\Grant\ImplicitGrant;
 use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
 use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
 use League\OAuth2\Server\Repositories\UserRepositoryInterface;
+use League\OAuth2\Server\ResponseTypes\HtmlResponse;
 use LeagueTests\Stubs\ClientEntity;
+use LeagueTests\Stubs\CryptTraitStub;
 use LeagueTests\Stubs\StubResponseType;
 use LeagueTests\Stubs\UserEntity;
-use Psr\Http\Message\ResponseInterface;
+use Zend\Diactoros\Response;
 use Zend\Diactoros\ServerRequest;
 
 class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
@@ -22,7 +24,7 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
 
     public function setUp()
     {
-        $this->cryptStub = new CryptTraitStub;
+        $this->cryptStub = new CryptTraitStub();
     }
 
     public function testGetIdentifier()
@@ -52,6 +54,10 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
         $this->assertTrue($grant->canRespondToRequest($request));
     }
 
+    /**
+     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
+     * @expectedExceptionCode 9
+     */
     public function testRespondToAuthorizationRequest()
     {
         $client = new ClientEntity();
@@ -95,10 +101,7 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
             ]
         );
 
-        $response = $grant->respondToRequest($request, new StubResponseType(), new \DateInterval('PT10M'));
-
-        $this->assertTrue($response instanceof ResponseInterface);
-        $this->assertTrue(strstr($response->getHeader('location')[0], 'http://foo/bar') !== false);
+        $grant->respondToRequest($request, new StubResponseType(), new \DateInterval('PT10M'));
     }
 
     /**
@@ -122,10 +125,7 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
             'php://input',
             [],
             [
-                'oauth_authorize_request' => $this->cryptStub->doEncrypt(
-                    json_encode(['user_id' => 123]),
-                    'file://' . __DIR__ . '/../Stubs/private.key'
-                ),
+                'oauth_authorize_request' => $this->cryptStub->doEncrypt(json_encode(['user_id' => 123])),
             ],
             [
                 'response_type' => 'token',
@@ -137,9 +137,7 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
             ]
         );
 
-        $response = $grant->respondToRequest($request, new StubResponseType(), new \DateInterval('PT10M'));
-
-        $this->assertTrue($response instanceof ResponseInterface);
+        $grant->respondToRequest($request, new StubResponseType(), new \DateInterval('PT10M'));
     }
 
     public function testRespondToAuthorizationRequestBadClient()
@@ -164,10 +162,7 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
             'php://input',
             [],
             [
-                'oauth_authorize_request' => $this->cryptStub->doEncrypt(
-                    json_encode(['user_id' => 123]),
-                    'file://' . __DIR__ . '/../Stubs/private.key'
-                ),
+                'oauth_authorize_request' => $this->cryptStub->doEncrypt(json_encode(['user_id' => 123])),
             ],
             [
                 'response_type' => 'token',
@@ -214,10 +209,7 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
             'php://input',
             [],
             [
-                'oauth_authorize_request' => $this->cryptStub->doEncrypt(
-                    json_encode(['user_id' => 123]),
-                    'file://' . __DIR__ . '/../Stubs/private.key'
-                ),
+                'oauth_authorize_request' => $this->cryptStub->doEncrypt(json_encode(['user_id' => 123])),
             ],
             [
                 'response_type' => 'token',
@@ -283,9 +275,7 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
             ]
         );
 
-        $response = $grant->respondToRequest($request, new StubResponseType(), new \DateInterval('PT10M'));
-
-        $this->assertTrue($response instanceof ResponseInterface);
+        $grant->respondToRequest($request, new StubResponseType(), new \DateInterval('PT10M'));
     }
 
     public function testRespondToAuthorizationRequestTryLogin()
@@ -299,8 +289,12 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
         $userEntity = new UserEntity();
         $userRepositoryMock->method('getUserEntityByUserCredentials')->willReturn($userEntity);
 
+        $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
+        $accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();
+
         $grant = new ImplicitGrant($this->getMock(UserRepositoryInterface::class));
         $grant->setClientRepository($clientRepositoryMock);
+        $grant->setAccessTokenRepository($accessTokenRepositoryMock);
         $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
         $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
@@ -315,10 +309,7 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
             'php://input',
             [],
             [
-                'oauth_authorize_request' => $this->cryptStub->doEncrypt(
-                    json_encode(['user_id' => null]),
-                    'file://' . __DIR__ . '/../Stubs/private.key'
-                ),
+                'oauth_authorize_request' => $this->cryptStub->doEncrypt(json_encode(['user_id' => null])),
             ],
             [
                 'response_type' => 'token',
@@ -332,9 +323,10 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
         );
 
         $response = $grant->respondToRequest($request, new StubResponseType(), new \DateInterval('PT10M'));
-        $this->assertTrue($response instanceof ResponseInterface);
-        $this->assertTrue(strstr($response->getHeader('content-type')[0], 'text/html') !== false);
-        $this->assertTrue(strstr($response->getBody()->getContents(), 'Incorrect username or password') !== false);
+        $this->assertTrue($response instanceof HtmlResponse);
+
+        $response = $response->generateHttpResponse(new Response);
+        $this->assertTrue(strstr((string) $response->getBody(), 'Incorrect username or password') !== false);
     }
 
     public function testRespondToAuthorizationRequestShowAuthorizeForm()
@@ -348,8 +340,12 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
         $userEntity = new UserEntity();
         $userRepositoryMock->method('getUserEntityByUserCredentials')->willReturn($userEntity);
 
+        $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
+        $accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();
+
         $grant = new ImplicitGrant($this->getMock(UserRepositoryInterface::class));
         $grant->setClientRepository($clientRepositoryMock);
+        $grant->setAccessTokenRepository($accessTokenRepositoryMock);
         $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
         $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
 
@@ -364,10 +360,7 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
             'php://input',
             [],
             [
-                'oauth_authorize_request' => $this->cryptStub->doEncrypt(
-                    json_encode(['user_id' => 123]),
-                    'file://' . __DIR__ . '/../Stubs/private.key'
-                ),
+                'oauth_authorize_request' => $this->cryptStub->doEncrypt(json_encode(['user_id' => 123])),
             ],
             [
                 'response_type' => 'code',
@@ -381,10 +374,16 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
 
         $response = $grant->respondToRequest($request, new StubResponseType(), new \DateInterval('PT10M'));
 
-        $this->assertTrue($response instanceof ResponseInterface);
+        $this->assertTrue($response instanceof HtmlResponse);
+
+        $response = $response->generateHttpResponse(new Response);
         $this->assertTrue(strstr($response->getHeader('set-cookie')[0], 'oauth_authorize_request') !== false);
     }
 
+    /**
+     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
+     * @expectedExceptionCode 9
+     */
     public function testRespondToAuthorizationRequestUserDenied()
     {
         $client = new ClientEntity();
@@ -412,10 +411,7 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
             'php://input',
             [],
             [
-                'oauth_authorize_request' => $this->cryptStub->doEncrypt(
-                    json_encode(['user_id' => 123]),
-                    'file://' . __DIR__ . '/../Stubs/private.key'
-                ),
+                'oauth_authorize_request' => $this->cryptStub->doEncrypt(json_encode(['user_id' => 123])),
             ],
             [
                 'response_type' => 'code',
@@ -429,10 +425,6 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
             ]
         );
 
-        $response = $grant->respondToRequest($request, new StubResponseType(), new \DateInterval('PT10M'));
-
-        $this->assertTrue($response instanceof ResponseInterface);
-        $this->assertTrue(strstr($response->getHeader('location')[0], 'http://foo/bar') !== false);
-        $this->assertTrue(strstr($response->getHeader('location')[0], 'access_denied') !== false);
+        $grant->respondToRequest($request, new StubResponseType(), new \DateInterval('PT10M'));
     }
 }
diff --git a/tests/Grant/RefreshTokenGrantTest.php b/tests/Grant/RefreshTokenGrantTest.php
index dc2056cb..0250855b 100644
--- a/tests/Grant/RefreshTokenGrantTest.php
+++ b/tests/Grant/RefreshTokenGrantTest.php
@@ -10,6 +10,7 @@ use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
 use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
 use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
 use LeagueTests\Stubs\ClientEntity;
+use LeagueTests\Stubs\CryptTraitStub;
 use LeagueTests\Stubs\ScopeEntity;
 use LeagueTests\Stubs\StubResponseType;
 use Zend\Diactoros\ServerRequest;
@@ -23,7 +24,7 @@ class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
 
     public function setUp()
     {
-        $this->cryptStub = new CryptTraitStub;
+        $this->cryptStub = new CryptTraitStub();
     }
 
     public function testGetIdentifier()
@@ -69,8 +70,7 @@ class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
                     'user_id'          => 123,
                     'expire_time'      => time() + 3600,
                 ]
-            ),
-            'file://' . __DIR__ . '/../Stubs/private.key'
+            )
         );
 
         $serverRequest = new ServerRequest();
@@ -125,8 +125,7 @@ class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
                     'user_id'          => 123,
                     'expire_time'      => time() + 3600,
                 ]
-            ),
-            'file://' . __DIR__ . '/../Stubs/private.key'
+            )
         );
 
         $serverRequest = new ServerRequest();
@@ -186,8 +185,7 @@ class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
                     'user_id'          => 123,
                     'expire_time'      => time() + 3600,
                 ]
-            ),
-            'file://' . __DIR__ . '/../Stubs/private.key'
+            )
         );
 
         $serverRequest = new ServerRequest();
@@ -308,8 +306,7 @@ class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
                     'user_id'          => 123,
                     'expire_time'      => time() + 3600,
                 ]
-            ),
-            'file://' . __DIR__ . '/../Stubs/private.key'
+            )
         );
 
         $serverRequest = new ServerRequest();
@@ -356,8 +353,7 @@ class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
                     'user_id'          => 123,
                     'expire_time'      => time() - 3600,
                 ]
-            ),
-            'file://' . __DIR__ . '/../Stubs/private.key'
+            )
         );
 
         $serverRequest = new ServerRequest();
@@ -405,8 +401,7 @@ class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
                     'user_id'          => 123,
                     'expire_time'      => time() + 3600,
                 ]
-            ),
-            'file://' . __DIR__ . '/../Stubs/private.key'
+            )
         );
 
         $serverRequest = new ServerRequest();
diff --git a/tests/Middleware/ResourceServerMiddlewareTest.php b/tests/Middleware/ResourceServerMiddlewareTest.php
index 590ae438..aff01cce 100644
--- a/tests/Middleware/ResourceServerMiddlewareTest.php
+++ b/tests/Middleware/ResourceServerMiddlewareTest.php
@@ -2,11 +2,17 @@
 
 namespace LeagueTests\Middleware;
 
+use Lcobucci\JWT\Builder;
+use Lcobucci\JWT\Signer\Key;
+use Lcobucci\JWT\Signer\Rsa\Sha256;
+use Lcobucci\JWT\Token;
+use League\OAuth2\Server\Entities\AccessTokenEntity;
 use League\OAuth2\Server\Middleware\ResourceServerMiddleware;
 use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
 use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
 use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
 use League\OAuth2\Server\Server;
+use LeagueTests\Stubs\ClientEntity;
 use LeagueTests\Stubs\StubResponseType;
 use Zend\Diactoros\Response;
 use Zend\Diactoros\ServerRequest;
@@ -21,13 +27,24 @@ class ResourceServerMiddlewareTest extends \PHPUnit_Framework_TestCase
             $clientRepository,
             $this->getMock(AccessTokenRepositoryInterface::class),
             $this->getMock(ScopeRepositoryInterface::class),
-            '',
-            '',
+            'file://' . __DIR__ . '/../Stubs/private.key',
+            'file://' . __DIR__ . '/../Stubs/public.key',
             new StubResponseType()
         );
 
+        $client = new ClientEntity();
+        $client->setIdentifier('clientName');
+
+        $accessToken = new AccessTokenEntity();
+        $accessToken->setIdentifier('test');
+        $accessToken->setUserIdentifier(123);
+        $accessToken->setExpiryDateTime((new \DateTime())->add(new \DateInterval('PT1H')));
+        $accessToken->setClient($client);
+
+        $token = $accessToken->convertToJWT('file://' . __DIR__ . '/../Stubs/private.key');
+
         $request = new ServerRequest();
-        $request = $request->withHeader('authorization', 'Basic test');
+        $request = $request->withHeader('authorization', sprintf('Bearer %s', $token));
 
         $middleware = new ResourceServerMiddleware($server);
         $response = $middleware->__invoke(
diff --git a/tests/ResponseTypes/BearerResponseTypeTest.php b/tests/ResponseTypes/BearerResponseTypeTest.php
index fb9b91ca..a8b62f0e 100644
--- a/tests/ResponseTypes/BearerResponseTypeTest.php
+++ b/tests/ResponseTypes/BearerResponseTypeTest.php
@@ -2,6 +2,7 @@
 
 namespace LeagueTests\ResponseTypes;
 
+use League\OAuth2\Server\AuthorizationValidators\BearerTokenValidator;
 use League\OAuth2\Server\Entities\AccessTokenEntity;
 use League\OAuth2\Server\Entities\RefreshTokenEntity;
 use League\OAuth2\Server\Exception\OAuthServerException;
@@ -19,11 +20,9 @@ class BearerResponseTypeTest extends \PHPUnit_Framework_TestCase
     {
         $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
 
-        $responseType = new BearerTokenResponse(
-            'file://' . __DIR__ . '/../Stubs/private.key',
-            'file://' . __DIR__ . '/../Stubs/public.key',
-            $accessTokenRepositoryMock
-        );
+        $responseType = new BearerTokenResponse($accessTokenRepositoryMock);
+        $responseType->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
+        $responseType->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
 
         $client = new ClientEntity();
         $client->setIdentifier('clientName');
@@ -64,12 +63,11 @@ class BearerResponseTypeTest extends \PHPUnit_Framework_TestCase
     public function testDetermineAccessTokenInHeaderValidToken()
     {
         $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
+        $accessTokenRepositoryMock->method('isAccessTokenRevoked')->willReturn(false);
 
-        $responseType = new BearerTokenResponse(
-            'file://' . __DIR__ . '/../Stubs/private.key',
-            'file://' . __DIR__ . '/../Stubs/public.key',
-            $accessTokenRepositoryMock
-        );
+        $responseType = new BearerTokenResponse($accessTokenRepositoryMock);
+        $responseType->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
+        $responseType->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
 
         $client = new ClientEntity();
         $client->setIdentifier('clientName');
@@ -89,13 +87,16 @@ class BearerResponseTypeTest extends \PHPUnit_Framework_TestCase
         $responseType->setRefreshToken($refreshToken);
 
         $response = $responseType->generateHttpResponse(new Response());
-        $response->getBody()->rewind();
-        $json = json_decode($response->getBody()->getContents());
+        $json = json_decode((string) $response->getBody());
+
+        $authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock);
+        $authorizationValidator->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
+        $authorizationValidator->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
 
         $request = new ServerRequest();
         $request = $request->withHeader('authorization', sprintf('Bearer %s', $json->access_token));
 
-        $request = $responseType->validateAccessToken($request);
+        $request = $authorizationValidator->validateAuthorization($request);
 
         $this->assertEquals('abcdef', $request->getAttribute('oauth_access_token_id'));
         $this->assertEquals('clientName', $request->getAttribute('oauth_client_id'));
@@ -106,12 +107,11 @@ class BearerResponseTypeTest extends \PHPUnit_Framework_TestCase
     public function testDetermineAccessTokenInHeaderInvalidJWT()
     {
         $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
+        $accessTokenRepositoryMock->method('isAccessTokenRevoked')->willReturn(false);
 
-        $responseType = new BearerTokenResponse(
-            'file://' . __DIR__ . '/../Stubs/private.key',
-            'file://' . __DIR__ . '/../Stubs/public.key',
-            $accessTokenRepositoryMock
-        );
+        $responseType = new BearerTokenResponse($accessTokenRepositoryMock);
+        $responseType->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
+        $responseType->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
 
         $client = new ClientEntity();
         $client->setIdentifier('clientName');
@@ -131,14 +131,17 @@ class BearerResponseTypeTest extends \PHPUnit_Framework_TestCase
         $responseType->setRefreshToken($refreshToken);
 
         $response = $responseType->generateHttpResponse(new Response());
-        $response->getBody()->rewind();
-        $json = json_decode($response->getBody()->getContents());
+        $json = json_decode((string) $response->getBody());
+
+        $authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock);
+        $authorizationValidator->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
+        $authorizationValidator->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
 
         $request = new ServerRequest();
         $request = $request->withHeader('authorization', sprintf('Bearer %s', $json->access_token . 'foo'));
 
         try {
-            $responseType->validateAccessToken($request);
+            $authorizationValidator->validateAuthorization($request);
         } catch (OAuthServerException $e) {
             $this->assertEquals(
                 'Access token could not be verified',
@@ -150,14 +153,11 @@ class BearerResponseTypeTest extends \PHPUnit_Framework_TestCase
     public function testDetermineAccessTokenInHeaderRevokedToken()
     {
         $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
-        $accessTokenRepositoryMock->expects($this->once())->method('isAccessTokenRevoked')->willReturn(true);
+        $accessTokenRepositoryMock->method('isAccessTokenRevoked')->willReturn(true);
 
-
-        $responseType = new BearerTokenResponse(
-            'file://' . __DIR__ . '/../Stubs/private.key',
-            'file://' . __DIR__ . '/../Stubs/public.key',
-            $accessTokenRepositoryMock
-        );
+        $responseType = new BearerTokenResponse($accessTokenRepositoryMock);
+        $responseType->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
+        $responseType->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
 
         $client = new ClientEntity();
         $client->setIdentifier('clientName');
@@ -177,14 +177,17 @@ class BearerResponseTypeTest extends \PHPUnit_Framework_TestCase
         $responseType->setRefreshToken($refreshToken);
 
         $response = $responseType->generateHttpResponse(new Response());
-        $response->getBody()->rewind();
-        $json = json_decode($response->getBody()->getContents());
+        $json = json_decode((string) $response->getBody());
+
+        $authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock);
+        $authorizationValidator->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
+        $authorizationValidator->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
 
         $request = new ServerRequest();
         $request = $request->withHeader('authorization', sprintf('Bearer %s', $json->access_token));
 
         try {
-            $responseType->validateAccessToken($request);
+            $authorizationValidator->validateAuthorization($request);
         } catch (OAuthServerException $e) {
             $this->assertEquals(
                 'Access token has been revoked',
@@ -197,17 +200,19 @@ class BearerResponseTypeTest extends \PHPUnit_Framework_TestCase
     {
         $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
 
-        $responseType = new BearerTokenResponse(
-            'file://' . __DIR__ . '/../Stubs/private.key',
-            'file://' . __DIR__ . '/../Stubs/public.key',
-            $accessTokenRepositoryMock
-        );
+        $responseType = new BearerTokenResponse($accessTokenRepositoryMock);
+        $responseType->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
+        $responseType->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
+
+        $authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock);
+        $authorizationValidator->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key');
+        $authorizationValidator->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key');
 
         $request = new ServerRequest();
         $request = $request->withHeader('authorization', 'Bearer blah');
 
         try {
-            $responseType->validateAccessToken($request);
+            $authorizationValidator->validateAuthorization($request);
         } catch (OAuthServerException $e) {
             $this->assertEquals(
                 'The JWT string must have two dots',
diff --git a/tests/ServerTest.php b/tests/ServerTest.php
index 1563e34a..cf52cf8f 100644
--- a/tests/ServerTest.php
+++ b/tests/ServerTest.php
@@ -15,8 +15,10 @@ use League\OAuth2\Server\ResponseTypes\BearerTokenResponse;
 use League\OAuth2\Server\Server;
 use LeagueTests\Stubs\ClientEntity;
 use LeagueTests\Stubs\StubResponseType;
+use LeagueTests\Stubs\UserEntity;
 use Psr\Http\Message\ResponseInterface;
-use Zend\Diactoros\ServerRequest;
+use Zend\Diactoros\Response;
+use Zend\Diactoros\ServerRequestFactory;
 
 class ServerTest extends \PHPUnit_Framework_TestCase
 {
@@ -34,7 +36,7 @@ class ServerTest extends \PHPUnit_Framework_TestCase
         $server->enableGrantType(new ClientCredentialsGrant(), new \DateInterval('PT1M'));
 
         try {
-            $server->respondToRequest();
+            $server->respondToRequest(ServerRequestFactory::fromGlobals(), new Response);
         } catch (OAuthServerException $e) {
             $this->assertEquals('unsupported_grant_type', $e->getErrorType());
             $this->assertEquals(400, $e->getHttpStatusCode());
@@ -60,7 +62,7 @@ class ServerTest extends \PHPUnit_Framework_TestCase
         $_POST['grant_type'] = 'client_credentials';
         $_POST['client_id'] = 'foo';
         $_POST['client_secret'] = 'bar';
-        $response = $server->respondToRequest();
+        $response = $server->respondToRequest(ServerRequestFactory::fromGlobals(), new Response);
         $this->assertEquals(200, $response->getStatusCode());
     }
 
@@ -77,16 +79,19 @@ class ServerTest extends \PHPUnit_Framework_TestCase
             $clientRepository,
             $this->getMock(AccessTokenRepositoryInterface::class),
             $this->getMock(ScopeRepositoryInterface::class),
-            '',
-            '',
+            'file://' . __DIR__ . '/Stubs/private.key',
+            'file://' . __DIR__ . '/Stubs/public.key',
             new StubResponseType()
         );
 
+        $userRepository = $this->getMock(UserRepositoryInterface::class);
+        $userRepository->method('getUserEntityByUserCredentials')->willReturn(new UserEntity());
+
         $server->enableGrantType(
             new AuthCodeGrant(
                 $this->getMock(AuthCodeRepositoryInterface::class),
                 $this->getMock(RefreshTokenRepositoryInterface::class),
-                $this->getMock(UserRepositoryInterface::class),
+                $userRepository,
                 new \DateInterval('PT1H')
             ),
             new \DateInterval('PT1M')
@@ -97,9 +102,13 @@ class ServerTest extends \PHPUnit_Framework_TestCase
         $_GET['response_type'] = 'code';
         $_GET['client_id'] = $client->getIdentifier();
         $_GET['redirect_uri'] = $client->getRedirectUri();
-        $response = $server->respondToRequest();
-        $this->assertEquals(200, $response->getStatusCode());
+        $_POST['action'] = 'approve';
+        $_POST['username'] = 'user';
+        $_POST['password'] = 'pass';
+        $response = $server->respondToRequest(ServerRequestFactory::fromGlobals(), new Response);
         $this->assertTrue($response instanceof ResponseInterface);
+        $this->assertEquals(302, $response->getStatusCode());
+        $this->assertTrue(strstr($response->getHeaderLine('location'), 'code=') !== false);
     }
 
     public function testGetResponseType()
@@ -134,7 +143,7 @@ class ServerTest extends \PHPUnit_Framework_TestCase
         );
 
         try {
-            $server->validateAuthenticatedRequest(new ServerRequest());
+            $server->validateAuthenticatedRequest(ServerRequestFactory::fromGlobals());
         } catch (OAuthServerException $e) {
             $this->assertEquals('Missing "Authorization" header', $e->getHint());
         }

From b629b5e53f9da1bd8c4089694d469bb79735d16d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Juli=C3=A1n=20Guti=C3=A9rrez?= <juliangut@gmail.com>
Date: Fri, 18 Mar 2016 00:38:37 +0100
Subject: [PATCH 4/5] styleCI request

---
 tests/Middleware/ResourceServerMiddlewareTest.php | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/tests/Middleware/ResourceServerMiddlewareTest.php b/tests/Middleware/ResourceServerMiddlewareTest.php
index aff01cce..960113db 100644
--- a/tests/Middleware/ResourceServerMiddlewareTest.php
+++ b/tests/Middleware/ResourceServerMiddlewareTest.php
@@ -2,10 +2,6 @@
 
 namespace LeagueTests\Middleware;
 
-use Lcobucci\JWT\Builder;
-use Lcobucci\JWT\Signer\Key;
-use Lcobucci\JWT\Signer\Rsa\Sha256;
-use Lcobucci\JWT\Token;
 use League\OAuth2\Server\Entities\AccessTokenEntity;
 use League\OAuth2\Server\Middleware\ResourceServerMiddleware;
 use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;

From 9ee2e7271f0bdfb4fe3cdc9b9f6cd95fe047f38f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Juli=C3=A1n=20Guti=C3=A9rrez?= <juliangut@gmail.com>
Date: Fri, 18 Mar 2016 00:41:38 +0100
Subject: [PATCH 5/5] require-dev zend-diactoros

---
 composer.json | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/composer.json b/composer.json
index c5a6cbbd..e392d1e6 100644
--- a/composer.json
+++ b/composer.json
@@ -12,7 +12,8 @@
     },
     "require-dev": {
         "phpunit/phpunit": "^4.8",
-        "league/plates": "^3.1"
+        "league/plates": "^3.1",
+        "zendframework/zend-diactoros": "^1.0"
     },
     "repositories": [
         {