diff --git a/composer.json b/composer.json index 8f7f2dca..7991a0cc 100644 --- a/composer.json +++ b/composer.json @@ -6,18 +6,17 @@ "require": { "php": ">=7.1.0", "ext-openssl": "*", - "league/event": "^2.1", - "lcobucci/jwt": "^3.2.2", + "league/event": "^2.2", + "lcobucci/jwt": "^3.3.1", "psr/http-message": "^1.0.1", - "defuse/php-encryption": "^2.1", + "defuse/php-encryption": "^2.2.1", "ext-json": "*" }, "require-dev": { - "phpunit/phpunit": "^6.3 || ^7.0", - "zendframework/zend-diactoros": "^1.3.2", - "phpstan/phpstan": "^0.9.2", - "phpstan/phpstan-phpunit": "^0.9.4", - "phpstan/phpstan-strict-rules": "^0.9.0", + "phpunit/phpunit": "^7.5.13 || ^8.2.3", + "zendframework/zend-diactoros": "^2.1.2", + "phpstan/phpstan": "^0.11.8", + "phpstan/phpstan-phpunit": "^0.11.2", "roave/security-advisories": "dev-master" }, "repositories": [ diff --git a/phpstan.neon b/phpstan.neon index 5cd9d80d..ba1fb491 100644 --- a/phpstan.neon +++ b/phpstan.neon @@ -1,8 +1,6 @@ includes: - vendor/phpstan/phpstan-phpunit/extension.neon - vendor/phpstan/phpstan-phpunit/rules.neon - - vendor/phpstan/phpstan-phpunit/strictRules.neon - - vendor/phpstan/phpstan-strict-rules/rules.neon services: - class: LeagueTests\PHPStan\AbstractGrantExtension diff --git a/src/AuthorizationValidators/BearerTokenValidator.php b/src/AuthorizationValidators/BearerTokenValidator.php index b2035ccc..7218f413 100644 --- a/src/AuthorizationValidators/BearerTokenValidator.php +++ b/src/AuthorizationValidators/BearerTokenValidator.php @@ -63,7 +63,7 @@ class BearerTokenValidator implements AuthorizationValidatorInterface } $header = $request->getHeader('authorization'); - $jwt = trim(preg_replace('/^(?:\s+)?Bearer\s/', '', $header[0])); + $jwt = trim((string) preg_replace('/^(?:\s+)?Bearer\s/', '', $header[0])); try { // Attempt to parse and validate the JWT diff --git a/src/CryptTrait.php b/src/CryptTrait.php index 1196e9dc..5709940d 100644 --- a/src/CryptTrait.php +++ b/src/CryptTrait.php @@ -19,7 +19,7 @@ use LogicException; trait CryptTrait { /** - * @var string|Key + * @var string|Key|null */ protected $encryptionKey; @@ -39,9 +39,13 @@ trait CryptTrait return Crypto::encrypt($unencryptedData, $this->encryptionKey); } - return Crypto::encryptWithPassword($unencryptedData, $this->encryptionKey); + if (is_string($this->encryptionKey)) { + return Crypto::encryptWithPassword($unencryptedData, $this->encryptionKey); + } + + throw new LogicException('Encryption key not set when attempting to encrypt'); } catch (Exception $e) { - throw new LogicException($e->getMessage(), null, $e); + throw new LogicException($e->getMessage(), 0, $e); } } @@ -61,9 +65,13 @@ trait CryptTrait return Crypto::decrypt($encryptedData, $this->encryptionKey); } - return Crypto::decryptWithPassword($encryptedData, $this->encryptionKey); + if (is_string($this->encryptionKey)) { + return Crypto::decryptWithPassword($encryptedData, $this->encryptionKey); + } + + throw new LogicException('Encryption key not set when attempting to decrypt'); } catch (Exception $e) { - throw new LogicException($e->getMessage(), null, $e); + throw new LogicException($e->getMessage(), 0, $e); } } diff --git a/src/Entities/Traits/AccessTokenTrait.php b/src/Entities/Traits/AccessTokenTrait.php index 872e8c18..e9757264 100644 --- a/src/Entities/Traits/AccessTokenTrait.php +++ b/src/Entities/Traits/AccessTokenTrait.php @@ -48,7 +48,7 @@ trait AccessTokenTrait ->setIssuedAt(time()) ->setNotBefore(time()) ->setExpiration($this->getExpiryDateTime()->getTimestamp()) - ->setSubject($this->getUserIdentifier()) + ->setSubject((string) $this->getUserIdentifier()) ->set('scopes', $this->getScopes()) ->sign(new Sha256(), new Key($privateKey->getKeyPath(), $privateKey->getPassPhrase())) ->getToken(); diff --git a/src/Exception/OAuthServerException.php b/src/Exception/OAuthServerException.php index 3c3c7129..8e628baa 100644 --- a/src/Exception/OAuthServerException.php +++ b/src/Exception/OAuthServerException.php @@ -308,7 +308,9 @@ class OAuthServerException extends Exception $response = $response->withHeader($header, $content); } - $response->getBody()->write(json_encode($payload, $jsonOptions)); + $responseBody = json_encode($payload, $jsonOptions) ?: 'JSON encoding of payload failed'; + + $response->getBody()->write($responseBody); return $response->withStatus($this->getHttpStatusCode()); } diff --git a/src/Grant/AbstractGrant.php b/src/Grant/AbstractGrant.php index aed0e6c7..0ac9e395 100644 --- a/src/Grant/AbstractGrant.php +++ b/src/Grant/AbstractGrant.php @@ -185,7 +185,7 @@ abstract class AbstractGrant implements GrantTypeInterface throw OAuthServerException::invalidClient($request); } - $client = $this->clientRepository->getClientEntity($clientId); + $client = $this->getClientEntityOrFail($clientId, $request); // If a redirect URI is provided ensure it matches what is pre-registered $redirectUri = $this->getRequestParameter('redirect_uri', $request, null); diff --git a/src/Grant/AuthCodeGrant.php b/src/Grant/AuthCodeGrant.php index a11828d7..f85a0898 100644 --- a/src/Grant/AuthCodeGrant.php +++ b/src/Grant/AuthCodeGrant.php @@ -142,19 +142,21 @@ class AuthCodeGrant extends AbstractAuthorizeGrant ); } - if (isset($this->codeChallengeVerifiers[$authCodePayload->code_challenge_method])) { - $codeChallengeVerifier = $this->codeChallengeVerifiers[$authCodePayload->code_challenge_method]; + if (property_exists($authCodePayload, 'code_challenge_method')) { + if (isset($this->codeChallengeVerifiers[$authCodePayload->code_challenge_method])) { + $codeChallengeVerifier = $this->codeChallengeVerifiers[$authCodePayload->code_challenge_method]; - if ($codeChallengeVerifier->verifyCodeChallenge($codeVerifier, $authCodePayload->code_challenge) === false) { - throw OAuthServerException::invalidGrant('Failed to verify `code_verifier`.'); + if ($codeChallengeVerifier->verifyCodeChallenge($codeVerifier, $authCodePayload->code_challenge) === false) { + throw OAuthServerException::invalidGrant('Failed to verify `code_verifier`.'); + } + } else { + throw OAuthServerException::serverError( + sprintf( + 'Unsupported code challenge method `%s`', + $authCodePayload->code_challenge_method + ) + ); } - } else { - throw OAuthServerException::serverError( - sprintf( - 'Unsupported code challenge method `%s`', - $authCodePayload->code_challenge_method - ) - ); } } @@ -351,12 +353,18 @@ class AuthCodeGrant extends AbstractAuthorizeGrant 'code_challenge_method' => $authorizationRequest->getCodeChallengeMethod(), ]; + $jsonPayload = json_encode($payload); + + if ($jsonPayload === false) { + throw new LogicException('An error was encountered when JSON encoding the authorization request response'); + } + $response = new RedirectResponse(); $response->setRedirectUri( $this->makeRedirectUri( $finalRedirectUri, [ - 'code' => $this->encrypt(json_encode($payload)), + 'code' => $this->encrypt($jsonPayload), 'state' => $authorizationRequest->getState(), ] ) diff --git a/src/Repositories/ClientRepositoryInterface.php b/src/Repositories/ClientRepositoryInterface.php index 47b6083a..7eef494f 100644 --- a/src/Repositories/ClientRepositoryInterface.php +++ b/src/Repositories/ClientRepositoryInterface.php @@ -21,7 +21,7 @@ interface ClientRepositoryInterface extends RepositoryInterface * * @param string $clientIdentifier The client's identifier * - * @return ClientEntityInterface + * @return ClientEntityInterface|null */ public function getClientEntity($clientIdentifier); diff --git a/src/Repositories/ScopeRepositoryInterface.php b/src/Repositories/ScopeRepositoryInterface.php index 52db05de..997aac2c 100644 --- a/src/Repositories/ScopeRepositoryInterface.php +++ b/src/Repositories/ScopeRepositoryInterface.php @@ -22,7 +22,7 @@ interface ScopeRepositoryInterface extends RepositoryInterface * * @param string $identifier The scope identifier * - * @return ScopeEntityInterface + * @return ScopeEntityInterface|null */ public function getScopeEntityByIdentifier($identifier); diff --git a/src/Repositories/UserRepositoryInterface.php b/src/Repositories/UserRepositoryInterface.php index 0a9efef0..8ad49aa7 100644 --- a/src/Repositories/UserRepositoryInterface.php +++ b/src/Repositories/UserRepositoryInterface.php @@ -22,7 +22,7 @@ interface UserRepositoryInterface extends RepositoryInterface * @param string $grantType The grant type used * @param ClientEntityInterface $clientEntity * - * @return UserEntityInterface + * @return UserEntityInterface|null */ public function getUserEntityByUserCredentials( $username, diff --git a/src/RequestTypes/AuthorizationRequest.php b/src/RequestTypes/AuthorizationRequest.php index 5faa45d4..6441e144 100644 --- a/src/RequestTypes/AuthorizationRequest.php +++ b/src/RequestTypes/AuthorizationRequest.php @@ -111,7 +111,7 @@ class AuthorizationRequest } /** - * @return UserEntityInterface + * @return UserEntityInterface|null */ public function getUser() { diff --git a/src/ResponseTypes/BearerTokenResponse.php b/src/ResponseTypes/BearerTokenResponse.php index ddcadd63..f24a9485 100644 --- a/src/ResponseTypes/BearerTokenResponse.php +++ b/src/ResponseTypes/BearerTokenResponse.php @@ -13,6 +13,7 @@ namespace League\OAuth2\Server\ResponseTypes; use League\OAuth2\Server\Entities\AccessTokenEntityInterface; use League\OAuth2\Server\Entities\RefreshTokenEntityInterface; +use LogicException; use Psr\Http\Message\ResponseInterface; class BearerTokenResponse extends AbstractResponseType @@ -31,23 +32,27 @@ class BearerTokenResponse extends AbstractResponseType ]; if ($this->refreshToken instanceof RefreshTokenEntityInterface) { - $refreshToken = $this->encrypt( - json_encode( - [ - 'client_id' => $this->accessToken->getClient()->getIdentifier(), - 'refresh_token_id' => $this->refreshToken->getIdentifier(), - 'access_token_id' => $this->accessToken->getIdentifier(), - 'scopes' => $this->accessToken->getScopes(), - 'user_id' => $this->accessToken->getUserIdentifier(), - 'expire_time' => $this->refreshToken->getExpiryDateTime()->getTimestamp(), - ] - ) - ); + $refreshTokenPayload = json_encode([ + 'client_id' => $this->accessToken->getClient()->getIdentifier(), + 'refresh_token_id' => $this->refreshToken->getIdentifier(), + 'access_token_id' => $this->accessToken->getIdentifier(), + 'scopes' => $this->accessToken->getScopes(), + 'user_id' => $this->accessToken->getUserIdentifier(), + 'expire_time' => $this->refreshToken->getExpiryDateTime()->getTimestamp(), + ]); - $responseParams['refresh_token'] = $refreshToken; + if ($refreshTokenPayload === false) { + throw new LogicException('Error encountered JSON encoding the refresh token payload'); + } + + $responseParams['refresh_token'] = $this->encrypt($refreshTokenPayload); } - $responseParams = array_merge($this->getExtraParams($this->accessToken), $responseParams); + $responseParams = json_encode(array_merge($this->getExtraParams($this->accessToken), $responseParams)); + + if ($responseParams === false) { + throw new LogicException('Error encountered JSON encoding response parameters'); + } $response = $response ->withStatus(200) @@ -55,7 +60,7 @@ class BearerTokenResponse extends AbstractResponseType ->withHeader('cache-control', 'no-store') ->withHeader('content-type', 'application/json; charset=UTF-8'); - $response->getBody()->write(json_encode($responseParams)); + $response->getBody()->write($responseParams); return $response; } diff --git a/tests/AuthorizationServerTest.php b/tests/AuthorizationServerTest.php index f88cd733..bcd87b5b 100644 --- a/tests/AuthorizationServerTest.php +++ b/tests/AuthorizationServerTest.php @@ -31,7 +31,7 @@ class AuthorizationServerTest extends TestCase { const DEFAULT_SCOPE = 'basic'; - public function setUp() + public function setUp(): void { // Make sure the keys have the correct permissions. chmod(__DIR__ . '/Stubs/private.key', 0600); @@ -117,35 +117,31 @@ class AuthorizationServerTest extends TestCase $privateKey = 'file://' . __DIR__ . '/Stubs/private.key'; $encryptionKey = 'file://' . __DIR__ . '/Stubs/public.key'; - $server = new class($clientRepository, $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock(), $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock(), $privateKey, $encryptionKey) extends AuthorizationServer { - protected function getResponseType() - { - $this->responseType = new class extends BearerTokenResponse { - /* @return null|CryptKey */ - public function getPrivateKey() - { - return $this->privateKey; - } - - public function getEncryptionKey() - { - return $this->encryptionKey; - } - }; - - return parent::getResponseType(); - } - }; + $server = new AuthorizationServer( + $clientRepository, + $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock(), + $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock(), + 'file://' . __DIR__ . '/Stubs/private.key', + 'file://' . __DIR__ . '/Stubs/public.key' + ); $abstractGrantReflection = new \ReflectionClass($server); $method = $abstractGrantReflection->getMethod('getResponseType'); $method->setAccessible(true); + $responseType = $method->invoke($server); - $this->assertInstanceOf(BearerTokenResponse::class, $responseType); + $responseTypeReflection = new \ReflectionClass($responseType); + + $privateKeyProperty = $responseTypeReflection->getProperty('privateKey'); + $privateKeyProperty->setAccessible(true); + + $encryptionKeyProperty = $responseTypeReflection->getProperty('encryptionKey'); + $encryptionKeyProperty->setAccessible(true); + // generated instances should have keys setup - $this->assertSame($privateKey, $responseType->getPrivateKey()->getKeyPath()); - $this->assertSame($encryptionKey, $responseType->getEncryptionKey()); + $this->assertSame($privateKey, $privateKeyProperty->getValue($responseType)->getKeyPath()); + $this->assertSame($encryptionKey, $encryptionKeyProperty->getValue($responseType)); } public function testMultipleRequestsGetDifferentResponseTypeInstances() @@ -326,10 +322,6 @@ class AuthorizationServerTest extends TestCase } } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - * @expectedExceptionCode 2 - */ public function testValidateAuthorizationRequestUnregistered() { $server = new AuthorizationServer( @@ -340,19 +332,13 @@ class AuthorizationServerTest extends TestCase 'file://' . __DIR__ . '/Stubs/public.key' ); - $request = new ServerRequest( - [], - [], - null, - null, - 'php://input', - $headers = [], - $cookies = [], - $queryParams = [ - 'response_type' => 'code', - 'client_id' => 'foo', - ] - ); + $request = (new ServerRequest())->withQueryParams([ + 'response_type' => 'code', + 'client_id' => 'foo', + ]); + + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $this->expectExceptionCode(2); $server->validateAuthorizationRequest($request); } diff --git a/tests/AuthorizationValidators/BearerTokenValidatorTest.php b/tests/AuthorizationValidators/BearerTokenValidatorTest.php index 801846cb..69e56995 100644 --- a/tests/AuthorizationValidators/BearerTokenValidatorTest.php +++ b/tests/AuthorizationValidators/BearerTokenValidatorTest.php @@ -11,10 +11,6 @@ use Zend\Diactoros\ServerRequest; class BearerTokenValidatorTest extends TestCase { - /** - * @expectedException League\OAuth2\Server\Exception\OAuthServerException - * @expectedExceptionCode 9 - */ public function testThrowExceptionWhenAccessTokenIsNotSigned() { $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock(); @@ -32,8 +28,10 @@ class BearerTokenValidatorTest extends TestCase ->set('scopes', 'scope1 scope2 scope3 scope4') ->getToken(); - $request = new ServerRequest(); - $request = $request->withHeader('authorization', sprintf('Bearer %s', $unsignedJwt)); + $request = (new ServerRequest())->withHeader('authorization', sprintf('Bearer %s', $unsignedJwt)); + + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $this->expectExceptionCode(9); $bearerTokenValidator->validateAuthorization($request); } diff --git a/tests/Exception/OAuthServerExceptionTest.php b/tests/Exception/OAuthServerExceptionTest.php index 82ecef02..eb2b2ad3 100644 --- a/tests/Exception/OAuthServerExceptionTest.php +++ b/tests/Exception/OAuthServerExceptionTest.php @@ -85,7 +85,9 @@ class OAuthServerExceptionTest extends TestCase $previous = new Exception('This is the previous'); $exceptionWithPrevious = OAuthServerException::accessDenied(null, null, $previous); - $this->assertSame('This is the previous', $exceptionWithPrevious->getPrevious()->getMessage()); + $previousMessage = $exceptionWithPrevious->getPrevious() !== null ? $exceptionWithPrevious->getPrevious()->getMessage() : null; + + $this->assertSame('This is the previous', $previousMessage); } public function testDoesNotHavePrevious() diff --git a/tests/Grant/AbstractGrantTest.php b/tests/Grant/AbstractGrantTest.php index ec8d3f47..a4b94264 100644 --- a/tests/Grant/AbstractGrantTest.php +++ b/tests/Grant/AbstractGrantTest.php @@ -30,8 +30,7 @@ class AbstractGrantTest extends TestCase $grantMock = $this->getMockForAbstractClass(AbstractGrant::class); $abstractGrantReflection = new \ReflectionClass($grantMock); - $serverRequest = new ServerRequest(); - $serverRequest = $serverRequest->withHeader('Authorization', 'Basic ' . base64_encode('Open:Sesame')); + $serverRequest = (new ServerRequest())->withHeader('Authorization', 'Basic ' . base64_encode('Open:Sesame')); $basicAuthMethod = $abstractGrantReflection->getMethod('getBasicAuthCredentials'); $basicAuthMethod->setAccessible(true); @@ -44,8 +43,7 @@ class AbstractGrantTest extends TestCase $grantMock = $this->getMockForAbstractClass(AbstractGrant::class); $abstractGrantReflection = new \ReflectionClass($grantMock); - $serverRequest = new ServerRequest(); - $serverRequest = $serverRequest->withHeader('Authorization', 'Basic ' . base64_encode('Open:')); + $serverRequest = (new ServerRequest())->withHeader('Authorization', 'Basic ' . base64_encode('Open:')); $basicAuthMethod = $abstractGrantReflection->getMethod('getBasicAuthCredentials'); $basicAuthMethod->setAccessible(true); @@ -58,8 +56,7 @@ class AbstractGrantTest extends TestCase $grantMock = $this->getMockForAbstractClass(AbstractGrant::class); $abstractGrantReflection = new \ReflectionClass($grantMock); - $serverRequest = new ServerRequest(); - $serverRequest = $serverRequest->withHeader('Authorization', 'Foo ' . base64_encode('Open:Sesame')); + $serverRequest = (new ServerRequest())->withHeader('Authorization', 'Foo ' . base64_encode('Open:Sesame')); $basicAuthMethod = $abstractGrantReflection->getMethod('getBasicAuthCredentials'); $basicAuthMethod->setAccessible(true); @@ -72,8 +69,7 @@ class AbstractGrantTest extends TestCase $grantMock = $this->getMockForAbstractClass(AbstractGrant::class); $abstractGrantReflection = new \ReflectionClass($grantMock); - $serverRequest = new ServerRequest(); - $serverRequest = $serverRequest->withHeader('Authorization', 'Basic ||'); + $serverRequest = (new ServerRequest())->withHeader('Authorization', 'Basic ||'); $basicAuthMethod = $abstractGrantReflection->getMethod('getBasicAuthCredentials'); $basicAuthMethod->setAccessible(true); @@ -86,8 +82,7 @@ class AbstractGrantTest extends TestCase $grantMock = $this->getMockForAbstractClass(AbstractGrant::class); $abstractGrantReflection = new \ReflectionClass($grantMock); - $serverRequest = new ServerRequest(); - $serverRequest = $serverRequest->withHeader('Authorization', 'Basic ' . base64_encode('OpenSesame')); + $serverRequest = (new ServerRequest())->withHeader('Authorization', 'Basic ' . base64_encode('OpenSesame')); $basicAuthMethod = $abstractGrantReflection->getMethod('getBasicAuthCredentials'); $basicAuthMethod->setAccessible(true); @@ -107,12 +102,10 @@ class AbstractGrantTest extends TestCase $abstractGrantReflection = new \ReflectionClass($grantMock); - $serverRequest = new ServerRequest(); - $serverRequest = $serverRequest->withParsedBody( - [ - 'client_id' => 'foo', - ] - ); + $serverRequest = (new ServerRequest())->withParsedBody([ + 'client_id' => 'foo', + ]); + $validateClientMethod = $abstractGrantReflection->getMethod('validateClient'); $validateClientMethod->setAccessible(true); @@ -133,14 +126,12 @@ class AbstractGrantTest extends TestCase $abstractGrantReflection = new \ReflectionClass($grantMock); - $serverRequest = new ServerRequest(); - $serverRequest = $serverRequest->withParsedBody( - [ - 'client_id' => 'foo', - 'client_secret' => 'bar', - 'redirect_uri' => 'http://foo/bar', - ] - ); + $serverRequest = (new ServerRequest())->withParsedBody([ + 'client_id' => 'foo', + 'client_secret' => 'bar', + 'redirect_uri' => 'http://foo/bar', + ]); + $validateClientMethod = $abstractGrantReflection->getMethod('validateClient'); $validateClientMethod->setAccessible(true); @@ -148,9 +139,6 @@ class AbstractGrantTest extends TestCase $this->assertEquals($client, $result); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - */ public function testValidateClientMissingClientId() { $client = new ClientEntity(); @@ -167,12 +155,11 @@ class AbstractGrantTest extends TestCase $validateClientMethod = $abstractGrantReflection->getMethod('validateClient'); $validateClientMethod->setAccessible(true); + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $validateClientMethod->invoke($grantMock, $serverRequest, true, true); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - */ public function testValidateClientMissingClientSecret() { $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); @@ -184,20 +171,18 @@ class AbstractGrantTest extends TestCase $abstractGrantReflection = new \ReflectionClass($grantMock); - $serverRequest = new ServerRequest(); - $serverRequest = $serverRequest->withParsedBody([ + $serverRequest = (new ServerRequest())->withParsedBody([ 'client_id' => 'foo', ]); $validateClientMethod = $abstractGrantReflection->getMethod('validateClient'); $validateClientMethod->setAccessible(true); + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $validateClientMethod->invoke($grantMock, $serverRequest, true, true); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - */ public function testValidateClientInvalidClientSecret() { $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); @@ -209,8 +194,7 @@ class AbstractGrantTest extends TestCase $abstractGrantReflection = new \ReflectionClass($grantMock); - $serverRequest = new ServerRequest(); - $serverRequest = $serverRequest->withParsedBody([ + $serverRequest = (new ServerRequest())->withParsedBody([ 'client_id' => 'foo', 'client_secret' => 'foo', ]); @@ -218,12 +202,11 @@ class AbstractGrantTest extends TestCase $validateClientMethod = $abstractGrantReflection->getMethod('validateClient'); $validateClientMethod->setAccessible(true); + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $validateClientMethod->invoke($grantMock, $serverRequest, true, true); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - */ public function testValidateClientInvalidRedirectUri() { $client = new ClientEntity(); @@ -237,8 +220,7 @@ class AbstractGrantTest extends TestCase $abstractGrantReflection = new \ReflectionClass($grantMock); - $serverRequest = new ServerRequest(); - $serverRequest = $serverRequest->withParsedBody([ + $serverRequest = (new ServerRequest())->withParsedBody([ 'client_id' => 'foo', 'redirect_uri' => 'http://bar/foo', ]); @@ -246,12 +228,11 @@ class AbstractGrantTest extends TestCase $validateClientMethod = $abstractGrantReflection->getMethod('validateClient'); $validateClientMethod->setAccessible(true); + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $validateClientMethod->invoke($grantMock, $serverRequest, true, true); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - */ public function testValidateClientInvalidRedirectUriArray() { $client = new ClientEntity(); @@ -265,8 +246,7 @@ class AbstractGrantTest extends TestCase $abstractGrantReflection = new \ReflectionClass($grantMock); - $serverRequest = new ServerRequest(); - $serverRequest = $serverRequest->withParsedBody([ + $serverRequest = (new ServerRequest())->withParsedBody([ 'client_id' => 'foo', 'redirect_uri' => 'http://bar/foo', ]); @@ -274,12 +254,11 @@ class AbstractGrantTest extends TestCase $validateClientMethod = $abstractGrantReflection->getMethod('validateClient'); $validateClientMethod->setAccessible(true); + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $validateClientMethod->invoke($grantMock, $serverRequest, true, true); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - */ public function testValidateClientBadClient() { $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); @@ -291,8 +270,7 @@ class AbstractGrantTest extends TestCase $abstractGrantReflection = new \ReflectionClass($grantMock); - $serverRequest = new ServerRequest(); - $serverRequest = $serverRequest->withParsedBody([ + $serverRequest = (new ServerRequest())->withParsedBody([ 'client_id' => 'foo', 'client_secret' => 'bar', ]); @@ -300,6 +278,8 @@ class AbstractGrantTest extends TestCase $validateClientMethod = $abstractGrantReflection->getMethod('validateClient'); $validateClientMethod->setAccessible(true); + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $validateClientMethod->invoke($grantMock, $serverRequest, true); } @@ -308,8 +288,7 @@ class AbstractGrantTest extends TestCase $grantMock = $this->getMockForAbstractClass(AbstractGrant::class); $grantMock->method('getIdentifier')->willReturn('foobar'); - $serverRequest = new ServerRequest(); - $serverRequest = $serverRequest->withParsedBody([ + $serverRequest = (new ServerRequest())->withParsedBody([ 'grant_type' => 'foobar', ]); @@ -421,8 +400,7 @@ class AbstractGrantTest extends TestCase $method = $abstractGrantReflection->getMethod('getCookieParameter'); $method->setAccessible(true); - $serverRequest = new ServerRequest(); - $serverRequest = $serverRequest->withCookieParams([ + $serverRequest = (new ServerRequest())->withCookieParams([ 'foo' => 'bar', ]); @@ -439,8 +417,7 @@ class AbstractGrantTest extends TestCase $method = $abstractGrantReflection->getMethod('getQueryStringParameter'); $method->setAccessible(true); - $serverRequest = new ServerRequest(); - $serverRequest = $serverRequest->withQueryParams([ + $serverRequest = (new ServerRequest())->withQueryParams([ 'foo' => 'bar', ]); @@ -461,9 +438,6 @@ class AbstractGrantTest extends TestCase $this->assertEquals([$scope], $grantMock->validateScopes('basic ')); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - */ public function testValidateScopesBadScope() { $scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock(); @@ -473,6 +447,8 @@ class AbstractGrantTest extends TestCase $grantMock = $this->getMockForAbstractClass(AbstractGrant::class); $grantMock->setScopeRepository($scopeRepositoryMock); + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $grantMock->validateScopes('basic '); } @@ -484,7 +460,7 @@ class AbstractGrantTest extends TestCase $method = $abstractGrantReflection->getMethod('generateUniqueIdentifier'); $method->setAccessible(true); - $this->assertInternalType('string', $method->invoke($grantMock)); + $this->assertIsString($method->invoke($grantMock)); } public function testCanRespondToAuthorizationRequest() @@ -493,21 +469,21 @@ class AbstractGrantTest extends TestCase $this->assertFalse($grantMock->canRespondToAuthorizationRequest(new ServerRequest())); } - /** - * @expectedException \LogicException - */ public function testValidateAuthorizationRequest() { $grantMock = $this->getMockForAbstractClass(AbstractGrant::class); + + $this->expectException(\LogicException::class); + $grantMock->validateAuthorizationRequest(new ServerRequest()); } - /** - * @expectedException \LogicException - */ public function testCompleteAuthorizationRequest() { $grantMock = $this->getMockForAbstractClass(AbstractGrant::class); + + $this->expectException(\LogicException::class); + $grantMock->completeAuthorizationRequest(new AuthorizationRequest()); } } diff --git a/tests/Grant/AuthCodeGrantTest.php b/tests/Grant/AuthCodeGrantTest.php index 07b220c5..b2dc122a 100644 --- a/tests/Grant/AuthCodeGrantTest.php +++ b/tests/Grant/AuthCodeGrantTest.php @@ -40,7 +40,7 @@ class AuthCodeGrantTest extends TestCase const CODE_CHALLENGE = 'E9Melhoa2OwvFrEMTJguCHaoeK1t8URWbuGJSstw-cM'; - public function setUp() + public function setUp(): void { $this->cryptStub = new CryptTraitStub(); } @@ -200,9 +200,6 @@ class AuthCodeGrantTest extends TestCase $this->assertInstanceOf(AuthorizationRequest::class, $grant->validateAuthorizationRequest($request)); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - */ public function testValidateAuthorizationRequestCodeChallengeInvalidLengthTooShort() { $client = new ClientEntity(); @@ -218,28 +215,18 @@ class AuthCodeGrantTest extends TestCase $grant->setClientRepository($clientRepositoryMock); - $request = new ServerRequest( - [], - [], - null, - null, - 'php://input', - [], - [], - [ - 'response_type' => 'code', - 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', - 'code_challenge' => str_repeat('A', 42), - ] - ); + $request = (new ServerRequest())->withQueryParams([ + 'response_type' => 'code', + 'client_id' => 'foo', + 'redirect_uri' => 'http://foo/bar', + 'code_challenge' => str_repeat('A', 42), + ]); + + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); $grant->validateAuthorizationRequest($request); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - */ public function testValidateAuthorizationRequestCodeChallengeInvalidLengthTooLong() { $client = new ClientEntity(); @@ -255,28 +242,18 @@ class AuthCodeGrantTest extends TestCase $grant->setClientRepository($clientRepositoryMock); - $request = new ServerRequest( - [], - [], - null, - null, - 'php://input', - [], - [], - [ - 'response_type' => 'code', - 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', - 'code_challenge' => str_repeat('A', 129), - ] - ); + $request = (new ServerRequest())->withQueryParams([ + 'response_type' => 'code', + 'client_id' => 'foo', + 'redirect_uri' => 'http://foo/bar', + 'code_challenge' => str_repeat('A', 129), + ]); + + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); $grant->validateAuthorizationRequest($request); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - */ public function testValidateAuthorizationRequestCodeChallengeInvalidCharacters() { $client = new ClientEntity(); @@ -292,29 +269,18 @@ class AuthCodeGrantTest extends TestCase $grant->setClientRepository($clientRepositoryMock); - $request = new ServerRequest( - [], - [], - null, - null, - 'php://input', - [], - [], - [ - 'response_type' => 'code', - 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', - 'code_challenge' => str_repeat('A', 42) . '!', - ] - ); + $request = (new ServerRequest())->withQueryParams([ + 'response_type' => 'code', + 'client_id' => 'foo', + 'redirect_uri' => 'http://foo/bar', + 'code_challenge' => str_repeat('A', 42) . '!', + ]); + + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); $grant->validateAuthorizationRequest($request); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - * @expectedExceptionCode 3 - */ public function testValidateAuthorizationRequestMissingClientId() { $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); @@ -326,26 +292,16 @@ class AuthCodeGrantTest extends TestCase ); $grant->setClientRepository($clientRepositoryMock); - $request = new ServerRequest( - [], - [], - null, - null, - 'php://input', - $headers = [], - $cookies = [], - $queryParams = [ - 'response_type' => 'code', - ] - ); + $request = (new ServerRequest())->withQueryParams([ + 'response_type' => 'code', + ]); + + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $this->expectExceptionCode(3); $grant->validateAuthorizationRequest($request); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - * @expectedExceptionCode 4 - */ public function testValidateAuthorizationRequestInvalidClientId() { $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); @@ -358,27 +314,17 @@ class AuthCodeGrantTest extends TestCase ); $grant->setClientRepository($clientRepositoryMock); - $request = new ServerRequest( - [], - [], - null, - null, - 'php://input', - $headers = [], - $cookies = [], - $queryParams = [ - 'response_type' => 'code', - 'client_id' => 'foo', - ] - ); + $request = (new ServerRequest())->withQueryParams([ + 'response_type' => 'code', + 'client_id' => 'foo', + ]); + + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $this->expectExceptionCode(4); $grant->validateAuthorizationRequest($request); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - * @expectedExceptionCode 4 - */ public function testValidateAuthorizationRequestBadRedirectUriString() { $client = new ClientEntity(); @@ -393,28 +339,18 @@ class AuthCodeGrantTest extends TestCase ); $grant->setClientRepository($clientRepositoryMock); - $request = new ServerRequest( - [], - [], - null, - null, - 'php://input', - [], - [], - [ - 'response_type' => 'code', - 'client_id' => 'foo', - 'redirect_uri' => 'http://bar', - ] - ); + $request = (new ServerRequest())->withQueryParams([ + 'response_type' => 'code', + 'client_id' => 'foo', + 'redirect_uri' => 'http://bar', + ]); + + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $this->expectExceptionCode(4); $grant->validateAuthorizationRequest($request); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - * @expectedExceptionCode 4 - */ public function testValidateAuthorizationRequestBadRedirectUriArray() { $client = new ClientEntity(); @@ -429,28 +365,18 @@ class AuthCodeGrantTest extends TestCase ); $grant->setClientRepository($clientRepositoryMock); - $request = new ServerRequest( - [], - [], - null, - null, - 'php://input', - [], - [], - [ - 'response_type' => 'code', - 'client_id' => 'foo', - 'redirect_uri' => 'http://bar', - ] - ); + $request = (new ServerRequest())->withQueryParams([ + 'response_type' => 'code', + 'client_id' => 'foo', + 'redirect_uri' => 'http://bar', + ]); + + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $this->expectExceptionCode(4); $grant->validateAuthorizationRequest($request); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - * @expectedExceptionCode 3 - */ public function testValidateAuthorizationRequestInvalidCodeChallengeMethod() { $client = new ClientEntity(); @@ -472,22 +398,16 @@ class AuthCodeGrantTest extends TestCase $grant->setScopeRepository($scopeRepositoryMock); $grant->setDefaultScope(self::DEFAULT_SCOPE); - $request = new ServerRequest( - [], - [], - null, - null, - 'php://input', - [], - [], - [ - 'response_type' => 'code', - 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', - 'code_challenge' => 'foobar', - 'code_challenge_method' => 'foo', - ] - ); + $request = (new ServerRequest())->withQueryParams([ + 'response_type' => 'code', + 'client_id' => 'foo', + 'redirect_uri' => 'http://foo/bar', + 'code_challenge' => 'foobar', + 'code_challenge_method' => 'foo', + ]); + + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $this->expectExceptionCode(3); $grant->validateAuthorizationRequest($request); } @@ -513,10 +433,6 @@ class AuthCodeGrantTest extends TestCase $this->assertInstanceOf(RedirectResponse::class, $grant->completeAuthorizationRequest($authRequest)); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - * @expectedExceptionCode 9 - */ public function testCompleteAuthorizationRequestDenied() { $authRequest = new AuthorizationRequest(); @@ -535,6 +451,9 @@ class AuthCodeGrantTest extends TestCase ); $grant->setEncryptionKey($this->cryptStub->getKey()); + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $this->expectExceptionCode(9); + $grant->completeAuthorizationRequest($authRequest); } @@ -954,10 +873,6 @@ class AuthCodeGrantTest extends TestCase $this->assertInstanceOf(RefreshTokenEntityInterface::class, $response->getRefreshToken()); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - * @expectedExceptionCode 3 - */ public function testRespondToAccessTokenRequestMissingRedirectUri() { $client = new ClientEntity(); @@ -999,13 +914,12 @@ class AuthCodeGrantTest extends TestCase ] ); + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $this->expectExceptionCode(3); + $grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M')); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - * @expectedExceptionCode 3 - */ public function testRespondToAccessTokenRequestRedirectUriMismatch() { $client = new ClientEntity(); @@ -1048,13 +962,12 @@ class AuthCodeGrantTest extends TestCase ] ); + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $this->expectExceptionCode(3); + $grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M')); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - * @expectedExceptionCode 3 - */ public function testRespondToAccessTokenRequestMissingCode() { $client = new ClientEntity(); @@ -1093,6 +1006,9 @@ class AuthCodeGrantTest extends TestCase ] ); + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $this->expectExceptionCode(3); + /* @var StubResponseType $response */ $grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M')); } @@ -1711,10 +1627,6 @@ class AuthCodeGrantTest extends TestCase $this->assertInstanceOf(RedirectResponse::class, $grant->completeAuthorizationRequest($authRequest)); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - * @expectedExceptionCode 7 - */ public function testAuthCodeRepositoryFailToPersist() { $authRequest = new AuthorizationRequest(); @@ -1734,13 +1646,12 @@ class AuthCodeGrantTest extends TestCase ); $grant->setEncryptionKey($this->cryptStub->getKey()); + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $this->expectExceptionCode(7); + $this->assertInstanceOf(RedirectResponse::class, $grant->completeAuthorizationRequest($authRequest)); } - /** - * @expectedException \League\OAuth2\Server\Exception\UniqueTokenIdentifierConstraintViolationException - * @expectedExceptionCode 100 - */ public function testAuthCodeRepositoryFailToPersistUniqueNoInfiniteLoop() { $authRequest = new AuthorizationRequest(); @@ -1759,6 +1670,9 @@ class AuthCodeGrantTest extends TestCase new DateInterval('PT10M') ); + $this->expectException(\League\OAuth2\Server\Exception\UniqueTokenIdentifierConstraintViolationException::class); + $this->expectExceptionCode(100); + $this->assertInstanceOf(RedirectResponse::class, $grant->completeAuthorizationRequest($authRequest)); } @@ -1831,10 +1745,6 @@ class AuthCodeGrantTest extends TestCase $this->assertInstanceOf(RefreshTokenEntityInterface::class, $response->getRefreshToken()); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - * @expectedExceptionCode 7 - */ public function testRefreshTokenRepositoryFailToPersist() { $client = new ClientEntity(); @@ -1896,6 +1806,9 @@ class AuthCodeGrantTest extends TestCase ] ); + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $this->expectExceptionCode(7); + /** @var StubResponseType $response */ $response = $grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M')); @@ -1903,10 +1816,6 @@ class AuthCodeGrantTest extends TestCase $this->assertInstanceOf(RefreshTokenEntityInterface::class, $response->getRefreshToken()); } - /** - * @expectedException \League\OAuth2\Server\Exception\UniqueTokenIdentifierConstraintViolationException - * @expectedExceptionCode 100 - */ public function testRefreshTokenRepositoryFailToPersistUniqueNoInfiniteLoop() { $client = new ClientEntity(); @@ -1968,6 +1877,9 @@ class AuthCodeGrantTest extends TestCase ] ); + $this->expectException(\League\OAuth2\Server\Exception\UniqueTokenIdentifierConstraintViolationException::class); + $this->expectExceptionCode(100); + /** @var StubResponseType $response */ $response = $grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M')); @@ -1975,9 +1887,6 @@ class AuthCodeGrantTest extends TestCase $this->assertInstanceOf(RefreshTokenEntityInterface::class, $response->getRefreshToken()); } - /** - * @expectedException \LogicException - */ public function testCompleteAuthorizationRequestNoUser() { $grant = new AuthCodeGrant( @@ -1986,6 +1895,8 @@ class AuthCodeGrantTest extends TestCase new DateInterval('PT10M') ); + $this->expectException(\LogicException::class); + $grant->completeAuthorizationRequest(new AuthorizationRequest()); } @@ -2011,20 +1922,11 @@ class AuthCodeGrantTest extends TestCase $grant->setScopeRepository($scopeRepositoryMock); $grant->setDefaultScope(self::DEFAULT_SCOPE); - $request = new ServerRequest( - [], - [], - null, - null, - 'php://input', - [], - [], - [ - 'response_type' => 'code', - 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', - ] - ); + $request = (new ServerRequest())->withQueryParams([ + 'response_type' => 'code', + 'client_id' => 'foo', + 'redirect_uri' => 'http://foo/bar', + ]); $this->expectException(OAuthServerException::class); $this->expectExceptionCode(3); diff --git a/tests/Grant/ClientCredentialsGrantTest.php b/tests/Grant/ClientCredentialsGrantTest.php index b02f1190..54be52fd 100644 --- a/tests/Grant/ClientCredentialsGrantTest.php +++ b/tests/Grant/ClientCredentialsGrantTest.php @@ -48,13 +48,10 @@ class ClientCredentialsGrantTest extends TestCase $grant->setDefaultScope(self::DEFAULT_SCOPE); $grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); - $serverRequest = new ServerRequest(); - $serverRequest = $serverRequest->withParsedBody( - [ - 'client_id' => 'foo', - 'client_secret' => 'bar', - ] - ); + $serverRequest = (new ServerRequest())->withParsedBody([ + 'client_id' => 'foo', + 'client_secret' => 'bar', + ]); $responseType = new StubResponseType(); $grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M')); diff --git a/tests/Grant/ImplicitGrantTest.php b/tests/Grant/ImplicitGrantTest.php index b63c3ffa..e9523669 100644 --- a/tests/Grant/ImplicitGrantTest.php +++ b/tests/Grant/ImplicitGrantTest.php @@ -31,7 +31,7 @@ class ImplicitGrantTest extends TestCase */ protected $cryptStub; - public function setUp() + public function setUp(): void { $this->cryptStub = new CryptTraitStub(); } @@ -51,12 +51,12 @@ class ImplicitGrantTest extends TestCase ); } - /** - * @expectedException \LogicException - */ public function testRespondToAccessTokenRequest() { $grant = new ImplicitGrant(new DateInterval('PT10M')); + + $this->expectException(\LogicException::class); + $grant->respondToAccessTokenRequest( new ServerRequest(), new StubResponseType(), @@ -68,19 +68,10 @@ class ImplicitGrantTest extends TestCase { $grant = new ImplicitGrant(new DateInterval('PT10M')); - $request = new ServerRequest( - [], - [], - null, - null, - 'php://input', - $headers = [], - $cookies = [], - $queryParams = [ - 'response_type' => 'token', - 'client_id' => 'foo', - ] - ); + $request = (new ServerRequest())->withQueryParams([ + 'response_type' => 'token', + 'client_id' => 'foo', + ]); $this->assertTrue($grant->canRespondToAuthorizationRequest($request)); } @@ -101,20 +92,11 @@ class ImplicitGrantTest extends TestCase $grant->setScopeRepository($scopeRepositoryMock); $grant->setDefaultScope(self::DEFAULT_SCOPE); - $request = new ServerRequest( - [], - [], - null, - null, - 'php://input', - $headers = [], - $cookies = [], - $queryParams = [ - 'response_type' => 'code', - 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', - ] - ); + $request = (new ServerRequest())->withQueryParams([ + 'response_type' => 'code', + 'client_id' => 'foo', + 'redirect_uri' => 'http://foo/bar', + ]); $this->assertInstanceOf(AuthorizationRequest::class, $grant->validateAuthorizationRequest($request)); } @@ -135,28 +117,15 @@ class ImplicitGrantTest extends TestCase $grant->setScopeRepository($scopeRepositoryMock); $grant->setDefaultScope(self::DEFAULT_SCOPE); - $request = new ServerRequest( - [], - [], - null, - null, - 'php://input', - $headers = [], - $cookies = [], - $queryParams = [ - 'response_type' => 'code', - 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', - ] - ); + $request = (new ServerRequest())->withQueryParams([ + 'response_type' => 'code', + 'client_id' => 'foo', + 'redirect_uri' => 'http://foo/bar', + ]); $this->assertInstanceOf(AuthorizationRequest::class, $grant->validateAuthorizationRequest($request)); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - * @expectedExceptionCode 3 - */ public function testValidateAuthorizationRequestMissingClientId() { $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); @@ -164,26 +133,14 @@ class ImplicitGrantTest extends TestCase $grant = new ImplicitGrant(new DateInterval('PT10M')); $grant->setClientRepository($clientRepositoryMock); - $request = new ServerRequest( - [], - [], - null, - null, - 'php://input', - $headers = [], - $cookies = [], - $queryParams = [ - 'response_type' => 'code', - ] - ); + $request = (new ServerRequest())->withQueryParams(['response_type' => 'code']); + + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $this->expectExceptionCode(3); $grant->validateAuthorizationRequest($request); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - * @expectedExceptionCode 4 - */ public function testValidateAuthorizationRequestInvalidClientId() { $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); @@ -192,27 +149,17 @@ class ImplicitGrantTest extends TestCase $grant = new ImplicitGrant(new DateInterval('PT10M')); $grant->setClientRepository($clientRepositoryMock); - $request = new ServerRequest( - [], - [], - null, - null, - 'php://input', - $headers = [], - $cookies = [], - $queryParams = [ - 'response_type' => 'code', - 'client_id' => 'foo', - ] - ); + $request = (new ServerRequest())->withQueryParams([ + 'response_type' => 'code', + 'client_id' => 'foo', + ]); + + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $this->expectExceptionCode(4); $grant->validateAuthorizationRequest($request); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - * @expectedExceptionCode 4 - */ public function testValidateAuthorizationRequestBadRedirectUriString() { $client = new ClientEntity(); @@ -223,28 +170,18 @@ class ImplicitGrantTest extends TestCase $grant = new ImplicitGrant(new DateInterval('PT10M')); $grant->setClientRepository($clientRepositoryMock); - $request = new ServerRequest( - [], - [], - null, - null, - 'php://input', - $headers = [], - $cookies = [], - $queryParams = [ - 'response_type' => 'code', - 'client_id' => 'foo', - 'redirect_uri' => 'http://bar', - ] - ); + $request = (new ServerRequest())->withQueryParams([ + 'response_type' => 'code', + 'client_id' => 'foo', + 'redirect_uri' => 'http://bar', + ]); + + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $this->expectExceptionCode(4); $grant->validateAuthorizationRequest($request); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - * @expectedExceptionCode 4 - */ public function testValidateAuthorizationRequestBadRedirectUriArray() { $client = new ClientEntity(); @@ -255,20 +192,14 @@ class ImplicitGrantTest extends TestCase $grant = new ImplicitGrant(new DateInterval('PT10M')); $grant->setClientRepository($clientRepositoryMock); - $request = new ServerRequest( - [], - [], - null, - null, - 'php://input', - $headers = [], - $cookies = [], - $queryParams = [ - 'response_type' => 'code', - 'client_id' => 'foo', - 'redirect_uri' => 'http://bar', - ] - ); + $request = (new ServerRequest())->withQueryParams([ + 'response_type' => 'code', + 'client_id' => 'foo', + 'redirect_uri' => 'http://bar', + ]); + + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $this->expectExceptionCode(4); $grant->validateAuthorizationRequest($request); } @@ -302,10 +233,6 @@ class ImplicitGrantTest extends TestCase $this->assertInstanceOf(RedirectResponse::class, $grant->completeAuthorizationRequest($authRequest)); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - * @expectedExceptionCode 9 - */ public function testCompleteAuthorizationRequestDenied() { $authRequest = new AuthorizationRequest(); @@ -326,6 +253,9 @@ class ImplicitGrantTest extends TestCase $grant->setAccessTokenRepository($accessTokenRepositoryMock); $grant->setScopeRepository($scopeRepositoryMock); + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $this->expectExceptionCode(9); + $grant->completeAuthorizationRequest($authRequest); } @@ -343,7 +273,7 @@ class ImplicitGrantTest extends TestCase $accessToken = new AccessTokenEntity(); $accessToken->setClient($client); - /** @var AccessTokenRepositoryInterface|\PHPUnit_Framework_MockObject_MockObject $accessTokenRepositoryMock */ + /** @var AccessTokenRepositoryInterface|\PHPUnit\Framework\MockObject\MockObject $accessTokenRepositoryMock */ $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock(); $accessTokenRepositoryMock->method('getNewToken')->willReturn($accessToken); $accessTokenRepositoryMock->expects($this->at(0))->method('persistNewAccessToken')->willThrowException(UniqueTokenIdentifierConstraintViolationException::create()); @@ -360,10 +290,6 @@ class ImplicitGrantTest extends TestCase $this->assertInstanceOf(RedirectResponse::class, $grant->completeAuthorizationRequest($authRequest)); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - * @expectedExceptionCode 7 - */ public function testAccessTokenRepositoryFailToPersist() { $authRequest = new AuthorizationRequest(); @@ -372,7 +298,7 @@ class ImplicitGrantTest extends TestCase $authRequest->setGrantTypeId('authorization_code'); $authRequest->setUser(new UserEntity()); - /** @var AccessTokenRepositoryInterface|\PHPUnit_Framework_MockObject_MockObject $accessTokenRepositoryMock */ + /** @var AccessTokenRepositoryInterface|\PHPUnit\Framework\MockObject\MockObject $accessTokenRepositoryMock */ $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock(); $accessTokenRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity()); $accessTokenRepositoryMock->method('persistNewAccessToken')->willThrowException(OAuthServerException::serverError('something bad happened')); @@ -385,13 +311,12 @@ class ImplicitGrantTest extends TestCase $grant->setAccessTokenRepository($accessTokenRepositoryMock); $grant->setScopeRepository($scopeRepositoryMock); + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $this->expectExceptionCode(7); + $grant->completeAuthorizationRequest($authRequest); } - /** - * @expectedException \League\OAuth2\Server\Exception\UniqueTokenIdentifierConstraintViolationException - * @expectedExceptionCode 100 - */ public function testAccessTokenRepositoryFailToPersistUniqueNoInfiniteLoop() { $authRequest = new AuthorizationRequest(); @@ -400,7 +325,7 @@ class ImplicitGrantTest extends TestCase $authRequest->setGrantTypeId('authorization_code'); $authRequest->setUser(new UserEntity()); - /** @var AccessTokenRepositoryInterface|\PHPUnit_Framework_MockObject_MockObject $accessTokenRepositoryMock */ + /** @var AccessTokenRepositoryInterface|\PHPUnit\Framework\MockObject\MockObject $accessTokenRepositoryMock */ $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock(); $accessTokenRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity()); $accessTokenRepositoryMock->method('persistNewAccessToken')->willThrowException(UniqueTokenIdentifierConstraintViolationException::create()); @@ -413,34 +338,38 @@ class ImplicitGrantTest extends TestCase $grant->setAccessTokenRepository($accessTokenRepositoryMock); $grant->setScopeRepository($scopeRepositoryMock); + $this->expectException(\League\OAuth2\Server\Exception\UniqueTokenIdentifierConstraintViolationException::class); + $this->expectExceptionCode(100); + $grant->completeAuthorizationRequest($authRequest); } - /** - * @expectedException \LogicException - */ public function testSetRefreshTokenTTL() { $grant = new ImplicitGrant(new DateInterval('PT10M')); + + $this->expectException(\LogicException::class); + $grant->setRefreshTokenTTL(new DateInterval('PT10M')); } - /** - * @expectedException \LogicException - */ public function testSetRefreshTokenRepository() { $grant = new ImplicitGrant(new DateInterval('PT10M')); + $refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(); + + $this->expectException(\LogicException::class); + $grant->setRefreshTokenRepository($refreshTokenRepositoryMock); } - /** - * @expectedException \LogicException - */ public function testCompleteAuthorizationRequestNoUser() { $grant = new ImplicitGrant(new DateInterval('PT10M')); + + $this->expectException(\LogicException::class); + $grant->completeAuthorizationRequest(new AuthorizationRequest()); } } diff --git a/tests/Grant/PasswordGrantTest.php b/tests/Grant/PasswordGrantTest.php index 7fc99e83..6568d06a 100644 --- a/tests/Grant/PasswordGrantTest.php +++ b/tests/Grant/PasswordGrantTest.php @@ -64,15 +64,12 @@ class PasswordGrantTest extends TestCase $grant->setDefaultScope(self::DEFAULT_SCOPE); $grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); - $serverRequest = new ServerRequest(); - $serverRequest = $serverRequest->withParsedBody( - [ - 'client_id' => 'foo', - 'client_secret' => 'bar', - 'username' => 'foo', - 'password' => 'bar', - ] - ); + $serverRequest = (new ServerRequest())->withParsedBody([ + 'client_id' => 'foo', + 'client_secret' => 'bar', + 'username' => 'foo', + 'password' => 'bar', + ]); $responseType = new StubResponseType(); $grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M')); @@ -110,15 +107,12 @@ class PasswordGrantTest extends TestCase $grant->setDefaultScope(self::DEFAULT_SCOPE); $grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); - $serverRequest = new ServerRequest(); - $serverRequest = $serverRequest->withParsedBody( - [ - 'client_id' => 'foo', - 'client_secret' => 'bar', - 'username' => 'foo', - 'password' => 'bar', - ] - ); + $serverRequest = (new ServerRequest())->withParsedBody([ + 'client_id' => 'foo', + 'client_secret' => 'bar', + 'username' => 'foo', + 'password' => 'bar', + ]); $responseType = new StubResponseType(); $grant->respondToAccessTokenRequest($serverRequest, $responseType, new \DateInterval('PT5M')); @@ -127,9 +121,6 @@ class PasswordGrantTest extends TestCase $this->assertNull($responseType->getRefreshToken()); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - */ public function testRespondToRequestMissingUsername() { $client = new ClientEntity(); @@ -146,21 +137,18 @@ class PasswordGrantTest extends TestCase $grant->setClientRepository($clientRepositoryMock); $grant->setAccessTokenRepository($accessTokenRepositoryMock); - $serverRequest = new ServerRequest(); - $serverRequest = $serverRequest->withParsedBody( - [ - 'client_id' => 'foo', - 'client_secret' => 'bar', - ] - ); + $serverRequest = (new ServerRequest())->withQueryParams([ + 'client_id' => 'foo', + 'client_secret' => 'bar', + ]); $responseType = new StubResponseType(); + + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M')); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - */ public function testRespondToRequestMissingPassword() { $client = new ClientEntity(); @@ -177,23 +165,19 @@ class PasswordGrantTest extends TestCase $grant->setClientRepository($clientRepositoryMock); $grant->setAccessTokenRepository($accessTokenRepositoryMock); - $serverRequest = new ServerRequest(); - $serverRequest = $serverRequest->withParsedBody( - [ - 'client_id' => 'foo', - 'client_secret' => 'bar', - 'username' => 'alex', - ] - ); + $serverRequest = (new ServerRequest())->withParsedBody([ + 'client_id' => 'foo', + 'client_secret' => 'bar', + 'username' => 'alex', + ]); $responseType = new StubResponseType(); + + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M')); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - * @expectedExceptionCode 10 - */ public function testRespondToRequestBadCredentials() { $client = new ClientEntity(); @@ -211,17 +195,18 @@ class PasswordGrantTest extends TestCase $grant->setClientRepository($clientRepositoryMock); $grant->setAccessTokenRepository($accessTokenRepositoryMock); - $serverRequest = new ServerRequest(); - $serverRequest = $serverRequest->withParsedBody( - [ - 'client_id' => 'foo', - 'client_secret' => 'bar', - 'username' => 'alex', - 'password' => 'whisky', - ] - ); + $serverRequest = (new ServerRequest())->withParsedBody([ + 'client_id' => 'foo', + 'client_secret' => 'bar', + 'username' => 'alex', + 'password' => 'whisky', + ]); $responseType = new StubResponseType(); + + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $this->expectExceptionCode(10); + $grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M')); } } diff --git a/tests/Grant/RefreshTokenGrantTest.php b/tests/Grant/RefreshTokenGrantTest.php index e895f16b..21a5eeb8 100644 --- a/tests/Grant/RefreshTokenGrantTest.php +++ b/tests/Grant/RefreshTokenGrantTest.php @@ -27,7 +27,7 @@ class RefreshTokenGrantTest extends TestCase */ protected $cryptStub; - public function setUp() + public function setUp(): void { $this->cryptStub = new CryptTraitStub(); } @@ -80,8 +80,7 @@ class RefreshTokenGrantTest extends TestCase ) ); - $serverRequest = new ServerRequest(); - $serverRequest = $serverRequest->withParsedBody([ + $serverRequest = (new ServerRequest())->withParsedBody([ 'client_id' => 'foo', 'client_secret' => 'bar', 'refresh_token' => $oldRefreshToken, @@ -137,8 +136,7 @@ class RefreshTokenGrantTest extends TestCase ) ); - $serverRequest = new ServerRequest(); - $serverRequest = $serverRequest->withParsedBody([ + $serverRequest = (new ServerRequest())->withParsedBody([ 'client_id' => 'foo', 'client_secret' => 'bar', 'refresh_token' => $oldRefreshToken, @@ -192,15 +190,12 @@ class RefreshTokenGrantTest extends TestCase ) ); - $serverRequest = new ServerRequest(); - $serverRequest = $serverRequest->withParsedBody( - [ - 'client_id' => 'foo', - 'client_secret' => 'bar', - 'refresh_token' => $oldRefreshToken, - 'scope' => 'foo', - ] - ); + $serverRequest = (new ServerRequest())->withParsedBody([ + 'client_id' => 'foo', + 'client_secret' => 'bar', + 'refresh_token' => $oldRefreshToken, + 'scope' => 'foo', + ]); $responseType = new StubResponseType(); $grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M')); @@ -209,10 +204,6 @@ class RefreshTokenGrantTest extends TestCase $this->assertInstanceOf(RefreshTokenEntityInterface::class, $responseType->getRefreshToken()); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - * @expectedExceptionCode 5 - */ public function testRespondToUnexpectedScope() { $client = new ClientEntity(); @@ -251,24 +242,21 @@ class RefreshTokenGrantTest extends TestCase ) ); - $serverRequest = new ServerRequest(); - $serverRequest = $serverRequest->withParsedBody( - [ - 'client_id' => 'foo', - 'client_secret' => 'bar', - 'refresh_token' => $oldRefreshToken, - 'scope' => 'foobar', - ] - ); + $serverRequest = (new ServerRequest())->withParsedBody([ + 'client_id' => 'foo', + 'client_secret' => 'bar', + 'refresh_token' => $oldRefreshToken, + 'scope' => 'foobar', + ]); $responseType = new StubResponseType(); + + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $this->expectExceptionCode(5); + $grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M')); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - * @expectedExceptionCode 3 - */ public function testRespondToRequestMissingOldToken() { $client = new ClientEntity(); @@ -285,22 +273,19 @@ class RefreshTokenGrantTest extends TestCase $grant->setEncryptionKey($this->cryptStub->getKey()); $grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); - $serverRequest = new ServerRequest(); - $serverRequest = $serverRequest->withParsedBody( - [ - 'client_id' => 'foo', - 'client_secret' => 'bar', - ] - ); + $serverRequest = (new ServerRequest())->withParsedBody([ + 'client_id' => 'foo', + 'client_secret' => 'bar', + ]); $responseType = new StubResponseType(); + + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $this->expectExceptionCode(3); + $grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M')); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - * @expectedExceptionCode 8 - */ public function testRespondToRequestInvalidOldToken() { $client = new ClientEntity(); @@ -319,23 +304,20 @@ class RefreshTokenGrantTest extends TestCase $oldRefreshToken = 'foobar'; - $serverRequest = new ServerRequest(); - $serverRequest = $serverRequest->withParsedBody( - [ - 'client_id' => 'foo', - 'client_secret' => 'bar', - 'refresh_token' => $oldRefreshToken, - ] - ); + $serverRequest = (new ServerRequest())->withParsedBody([ + 'client_id' => 'foo', + 'client_secret' => 'bar', + 'refresh_token' => $oldRefreshToken, + ]); $responseType = new StubResponseType(); + + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $this->expectExceptionCode(8); + $grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M')); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - * @expectedExceptionCode 8 - */ public function testRespondToRequestClientMismatch() { $client = new ClientEntity(); @@ -368,23 +350,20 @@ class RefreshTokenGrantTest extends TestCase ) ); - $serverRequest = new ServerRequest(); - $serverRequest = $serverRequest->withParsedBody( - [ - 'client_id' => 'foo', - 'client_secret' => 'bar', - 'refresh_token' => $oldRefreshToken, - ] - ); + $serverRequest = (new ServerRequest())->withParsedBody([ + 'client_id' => 'foo', + 'client_secret' => 'bar', + 'refresh_token' => $oldRefreshToken, + ]); $responseType = new StubResponseType(); + + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $this->expectExceptionCode(8); + $grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M')); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - * @expectedExceptionCode 8 - */ public function testRespondToRequestExpiredToken() { $client = new ClientEntity(); @@ -414,23 +393,20 @@ class RefreshTokenGrantTest extends TestCase ) ); - $serverRequest = new ServerRequest(); - $serverRequest = $serverRequest->withParsedBody( - [ - 'client_id' => 'foo', - 'client_secret' => 'bar', - 'refresh_token' => $oldRefreshToken, - ] - ); + $serverRequest = (new ServerRequest())->withParsedBody([ + 'client_id' => 'foo', + 'client_secret' => 'bar', + 'refresh_token' => $oldRefreshToken, + ]); $responseType = new StubResponseType(); + + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $this->expectExceptionCode(8); + $grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M')); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - * @expectedExceptionCode 8 - */ public function testRespondToRequestRevokedToken() { $client = new ClientEntity(); @@ -461,16 +437,17 @@ class RefreshTokenGrantTest extends TestCase ) ); - $serverRequest = new ServerRequest(); - $serverRequest = $serverRequest->withParsedBody( - [ - 'client_id' => 'foo', - 'client_secret' => 'bar', - 'refresh_token' => $oldRefreshToken, - ] - ); + $serverRequest = (new ServerRequest())->withParsedBody([ + 'client_id' => 'foo', + 'client_secret' => 'bar', + 'refresh_token' => $oldRefreshToken, + ]); $responseType = new StubResponseType(); + + $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); + $this->expectExceptionCode(8); + $grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M')); } } diff --git a/tests/Middleware/ResourceServerMiddlewareTest.php b/tests/Middleware/ResourceServerMiddlewareTest.php index 7210567b..4f2d3079 100644 --- a/tests/Middleware/ResourceServerMiddlewareTest.php +++ b/tests/Middleware/ResourceServerMiddlewareTest.php @@ -35,8 +35,7 @@ class ResourceServerMiddlewareTest extends TestCase $token = (string) $accessToken; - $request = new ServerRequest(); - $request = $request->withHeader('authorization', sprintf('Bearer %s', $token)); + $request = (new ServerRequest())->withHeader('authorization', sprintf('Bearer %s', $token)); $middleware = new ResourceServerMiddleware($server); $response = $middleware->__invoke( @@ -71,8 +70,7 @@ class ResourceServerMiddlewareTest extends TestCase $token = (string) $accessToken; - $request = new ServerRequest(); - $request = $request->withHeader('authorization', sprintf('Bearer %s', $token)); + $request = (new ServerRequest())->withHeader('authorization', sprintf('Bearer %s', $token)); $middleware = new ResourceServerMiddleware($server); $response = $middleware->__invoke( @@ -95,8 +93,7 @@ class ResourceServerMiddlewareTest extends TestCase 'file://' . __DIR__ . '/../Stubs/public.key' ); - $request = new ServerRequest(); - $request = $request->withHeader('authorization', ''); + $request = (new ServerRequest())->withHeader('authorization', ''); $middleware = new ResourceServerMiddleware($server); $response = $middleware->__invoke( diff --git a/tests/ResponseTypes/BearerResponseTypeTest.php b/tests/ResponseTypes/BearerResponseTypeTest.php index 5eddfdef..0c4a46fc 100644 --- a/tests/ResponseTypes/BearerResponseTypeTest.php +++ b/tests/ResponseTypes/BearerResponseTypeTest.php @@ -57,7 +57,7 @@ class BearerResponseTypeTest extends TestCase $response->getBody()->rewind(); $json = json_decode($response->getBody()->getContents()); - $this->assertAttributeEquals('Bearer', 'token_type', $json); + $this->assertEquals('Bearer', $json->token_type); $this->assertObjectHasAttribute('expires_in', $json); $this->assertObjectHasAttribute('access_token', $json); $this->assertObjectHasAttribute('refresh_token', $json); @@ -100,13 +100,13 @@ class BearerResponseTypeTest extends TestCase $response->getBody()->rewind(); $json = json_decode($response->getBody()->getContents()); - $this->assertAttributeEquals('Bearer', 'token_type', $json); + $this->assertEquals('Bearer', $json->token_type); $this->assertObjectHasAttribute('expires_in', $json); $this->assertObjectHasAttribute('access_token', $json); $this->assertObjectHasAttribute('refresh_token', $json); $this->assertObjectHasAttribute('foo', $json); - $this->assertAttributeEquals('bar', 'foo', $json); + $this->assertEquals('bar', $json->foo); } public function testDetermineAccessTokenInHeaderValidToken() @@ -142,8 +142,7 @@ class BearerResponseTypeTest extends TestCase $authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock); $authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key')); - $request = new ServerRequest(); - $request = $request->withHeader('authorization', sprintf('Bearer %s', $json->access_token)); + $request = (new ServerRequest())->withHeader('authorization', sprintf('Bearer %s', $json->access_token)); $request = $authorizationValidator->validateAuthorization($request); @@ -185,8 +184,7 @@ class BearerResponseTypeTest extends TestCase $authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock); $authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key')); - $request = new ServerRequest(); - $request = $request->withHeader('authorization', sprintf('Bearer %s', $json->access_token . 'foo')); + $request = (new ServerRequest())->withHeader('authorization', sprintf('Bearer %s', $json->access_token . 'foo')); try { $authorizationValidator->validateAuthorization($request); @@ -231,8 +229,7 @@ class BearerResponseTypeTest extends TestCase $authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock); $authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key')); - $request = new ServerRequest(); - $request = $request->withHeader('authorization', sprintf('Bearer %s', $json->access_token)); + $request = (new ServerRequest())->withHeader('authorization', sprintf('Bearer %s', $json->access_token)); try { $authorizationValidator->validateAuthorization($request); @@ -255,8 +252,7 @@ class BearerResponseTypeTest extends TestCase $authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock); $authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key')); - $request = new ServerRequest(); - $request = $request->withHeader('authorization', 'Bearer blah'); + $request = (new ServerRequest())->withHeader('authorization', 'Bearer blah'); try { $authorizationValidator->validateAuthorization($request); @@ -279,8 +275,7 @@ class BearerResponseTypeTest extends TestCase $authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock); $authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key')); - $request = new ServerRequest(); - $request = $request->withHeader('authorization', 'Bearer blah.blah.blah'); + $request = (new ServerRequest())->withHeader('authorization', 'Bearer blah.blah.blah'); try { $authorizationValidator->validateAuthorization($request); diff --git a/tests/Utils/CryptKeyTest.php b/tests/Utils/CryptKeyTest.php index 9f3f337c..e9799c08 100644 --- a/tests/Utils/CryptKeyTest.php +++ b/tests/Utils/CryptKeyTest.php @@ -7,11 +7,10 @@ use PHPUnit\Framework\TestCase; class CryptKeyTest extends TestCase { - /** - * @expectedException \LogicException - */ public function testNoFile() { + $this->expectException(\LogicException::class); + new CryptKey('undefined file'); } @@ -27,6 +26,11 @@ class CryptKeyTest extends TestCase public function testKeyFileCreation() { $keyContent = file_get_contents(__DIR__ . '/../Stubs/public.key'); + + if (!is_string($keyContent)) { + $this->fail('The public key stub is not a string'); + } + $key = new CryptKey($keyContent); $this->assertEquals( @@ -35,6 +39,11 @@ class CryptKeyTest extends TestCase ); $keyContent = file_get_contents(__DIR__ . '/../Stubs/private.key.crlf'); + + if (!is_string($keyContent)) { + $this->fail('The private key (crlf) stub is not a string'); + } + $key = new CryptKey($keyContent); $this->assertEquals( diff --git a/tests/Utils/CryptTraitTest.php b/tests/Utils/CryptTraitTest.php index c517cec2..06d0b219 100644 --- a/tests/Utils/CryptTraitTest.php +++ b/tests/Utils/CryptTraitTest.php @@ -10,7 +10,7 @@ class CryptTraitTest extends TestCase { protected $cryptStub; - protected function setUp() + protected function setUp(): void { $this->cryptStub = new CryptTraitStub(); }