Merge pull request #919 from Sephster/fix-909-v2

Fix 909
2025-05-31 14:12:07 +05:30 · 2018-06-24 13:55:33 +01:00
parent ca5fe10934 0c542637fe
commit dc2a048b95
5 changed files with 17 additions and 23 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -9,6 +9,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ### Changed
 - Replace `convertToJWT()` interface with a more generic `__toString()` to improve extensibility (PR #874)
 - The `invalidClient()` function accepts a PSR-7 compliant `$serverRequest` argument to avoid accessing the `$_SERVER` global variable and improve testing (PR #899)
+- `issueAccessToken()` in the Abstract Grant no longer sets access token client, user ID or scopes. These values should already have been set when calling `getNewToken()` (PR #919)

 ## [7.2.0] - released 2018-06-23

--- a/src/Grant/AbstractGrant.php
+++ b/src/Grant/AbstractGrant.php
@@ -374,15 +374,9 @@ abstract class AbstractGrant implements GrantTypeInterface
        $maxGenerationAttempts = self::MAX_RANDOM_TOKEN_GENERATION_ATTEMPTS;

        $accessToken = $this->accessTokenRepository->getNewToken($client, $scopes, $userIdentifier);
-        $accessToken->setClient($client);
-        $accessToken->setUserIdentifier($userIdentifier);
        $accessToken->setExpiryDateTime((new \DateTime())->add($accessTokenTTL));
        $accessToken->setPrivateKey($this->privateKey);

-        foreach ($scopes as $scope) {
-            $accessToken->addScope($scope);
-        }
-
        while ($maxGenerationAttempts-- > 0) {
            $accessToken->setIdentifier($this->generateUniqueIdentifier());
            try {
--- a/tests/Grant/AbstractGrantTest.php
+++ b/tests/Grant/AbstractGrantTest.php
@@ -2,7 +2,6 @@

 namespace LeagueTests\Grant;

-use League\Event\Emitter;
 use League\OAuth2\Server\CryptKey;
 use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
 use League\OAuth2\Server\Entities\AuthCodeEntityInterface;
@@ -24,13 +23,6 @@ use Zend\Diactoros\ServerRequest;

 class AbstractGrantTest extends TestCase
 {
-    public function testGetSet()
-    {
-        /** @var AbstractGrant $grantMock */
-        $grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
-        $grantMock->setEmitter(new Emitter());
-    }
-
    public function testHttpBasicWithPassword()
    {
        /** @var AbstractGrant $grantMock */
--- a/tests/Grant/ImplicitGrantTest.php
+++ b/tests/Grant/ImplicitGrantTest.php
@@ -276,14 +276,20 @@ class ImplicitGrantTest extends TestCase

    public function testCompleteAuthorizationRequest()
    {
+        $client = new ClientEntity();
+        $client->setIdentifier('identifier');
+
        $authRequest = new AuthorizationRequest();
        $authRequest->setAuthorizationApproved(true);
-        $authRequest->setClient(new ClientEntity());
+        $authRequest->setClient($client);
        $authRequest->setGrantTypeId('authorization_code');
        $authRequest->setUser(new UserEntity());

+        $accessToken = new AccessTokenEntity();
+        $accessToken->setClient($client);
+
        $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
-        $accessTokenRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity());
+        $accessTokenRepositoryMock->method('getNewToken')->willReturn($accessToken);
        $accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();

        $grant = new ImplicitGrant(new \DateInterval('PT10M'));
@@ -318,15 +324,21 @@ class ImplicitGrantTest extends TestCase

    public function testAccessTokenRepositoryUniqueConstraintCheck()
    {
+        $client = new ClientEntity();
+        $client->setIdentifier('identifier');
+
        $authRequest = new AuthorizationRequest();
        $authRequest->setAuthorizationApproved(true);
-        $authRequest->setClient(new ClientEntity());
+        $authRequest->setClient($client);
        $authRequest->setGrantTypeId('authorization_code');
        $authRequest->setUser(new UserEntity());

+        $accessToken = new AccessTokenEntity();
+        $accessToken->setClient($client);
+
        /** @var AccessTokenRepositoryInterface|\PHPUnit_Framework_MockObject_MockObject $accessTokenRepositoryMock */
        $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
-        $accessTokenRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity());
+        $accessTokenRepositoryMock->method('getNewToken')->willReturn($accessToken);
        $accessTokenRepositoryMock->expects($this->at(0))->method('persistNewAccessToken')->willThrowException(UniqueTokenIdentifierConstraintViolationException::create());
        $accessTokenRepositoryMock->expects($this->at(1))->method('persistNewAccessToken')->willReturnSelf();

--- a/tests/Stubs/ClientEntity.php
+++ b/tests/Stubs/ClientEntity.php
@@ -14,9 +14,4 @@ class ClientEntity implements ClientEntityInterface
    {
        $this->redirectUri = $uri;
    }
-
-    public function setName($name)
-    {
-        $this->name = $name;
-    }
 }