diff --git a/tests/authentication/AuthServerTest.php b/tests/authentication/AuthServerTest.php index f5f534cd..a6b2b1b3 100644 --- a/tests/authentication/AuthServerTest.php +++ b/tests/authentication/AuthServerTest.php @@ -595,627 +595,6 @@ class Authentication_Server_test extends PHPUnit_Framework_TestCase $this->assertEquals(time()+$a::getExpiresIn(), $v['expires']); } - public function test_issueAccessToken_with_refresh_token() - { - $this->client->shouldReceive('getClient')->andReturn(array( - 'client_id' => 1234, - 'client_secret' => 5678, - 'redirect_uri' => 'http://foo/redirect', - 'name' => 'Example Client' - )); - - $this->session->shouldReceive('validateAuthCode')->andReturn(1); - $this->session->shouldReceive('updateSession')->andReturn(null); - - $a = $this->returnDefault(); - $a->addGrantType(new OAuth2\Grant\AuthCode()); - $a->addGrantType(new OAuth2\Grant\RefreshToken()); - - $_POST['grant_type'] = 'authorization_code'; - $_POST['client_id'] = 1234; - $_POST['client_secret'] = 5678; - $_POST['redirect_uri'] = 'http://foo/redirect'; - $_POST['code'] = 'foobar'; - - $request = new OAuth2\Util\Request(array(), $_POST); - $a->setRequest($request); - - $v = $a->issueAccessToken(); - - $this->assertArrayHasKey('access_token', $v); - $this->assertArrayHasKey('token_type', $v); - $this->assertArrayHasKey('expires', $v); - $this->assertArrayHasKey('expires_in', $v); - $this->assertArrayHasKey('refresh_token', $v); - - $this->assertEquals($a::getExpiresIn(), $v['expires_in']); - $this->assertEquals(time()+$a::getExpiresIn(), $v['expires']); - } - - /** - * @expectedException OAuth2\Exception\ClientException - * @expectedExceptionCode 0 - */ - public function test_issueAccessToken_refreshTokenGrant_missingClientId() - { - $a = $this->returnDefault(); - $a->addGrantType(new OAuth2\Grant\RefreshToken()); - - $request = new OAuth2\Util\Request(array(), $_POST); - $a->setRequest($request); - - $v = $a->issueAccessToken(array( - 'grant_type' => 'refresh_token' - )); - } - - /** - * @expectedException OAuth2\Exception\ClientException - * @expectedExceptionCode 0 - */ - public function test_issueAccessToken_refreshTokenGrant_missingClientSecret() - { - $a = $this->returnDefault(); - $a->addGrantType(new OAuth2\Grant\RefreshToken()); - - $request = new OAuth2\Util\Request(array(), $_POST); - $a->setRequest($request); - - $v = $a->issueAccessToken(array( - 'grant_type' => 'refresh_token', - 'client_id' => 1234 - )); - } - - /** - * @expectedException OAuth2\Exception\ClientException - * @expectedExceptionCode 8 - */ - public function test_issueAccessToken_refreshTokenGrant_badClient() - { - $this->client->shouldReceive('getClient')->andReturn(false); - - $a = $this->returnDefault(); - $a->addGrantType(new OAuth2\Grant\RefreshToken()); - - $request = new OAuth2\Util\Request(array(), $_POST); - $a->setRequest($request); - - $v = $a->issueAccessToken(array( - 'grant_type' => 'refresh_token', - 'client_id' => 1234, - 'client_secret' => 5678 - )); - } - - /** - * @expectedException OAuth2\Exception\ClientException - * @expectedExceptionCode 0 - */ - public function test_issueAccessToken_refreshTokenGrant_missingRefreshToken() - { - $this->client->shouldReceive('getClient')->andReturn(array()); - - $a = $this->returnDefault(); - $a->addGrantType(new OAuth2\Grant\RefreshToken()); - - $request = new OAuth2\Util\Request(array(), $_POST); - $a->setRequest($request); - - $v = $a->issueAccessToken(array( - 'grant_type' => 'refresh_token', - 'client_id' => 1234, - 'client_secret' => 5678, - //'refresh_token' => - )); - } - - /** - * @expectedException OAuth2\Exception\ClientException - * @expectedExceptionCode 0 - */ - public function test_issueAccessToken_refreshTokenGrant_badRefreshToken() - { - $this->client->shouldReceive('getClient')->andReturn(array()); - $this->client->shouldReceive('validateRefreshToken')->andReturn(false); - - $a = $this->returnDefault(); - $a->addGrantType(new OAuth2\Grant\RefreshToken()); - - $request = new OAuth2\Util\Request(array(), $_POST); - $a->setRequest($request); - - $v = $a->issueAccessToken(array( - 'grant_type' => 'refresh_token', - 'client_id' => 1234, - 'client_secret' => 5678, - 'refresh_token' => 'abcdef' - )); - } - - public function test_issueAccessToken_refreshTokenGrant_passedInput() - { - $this->client->shouldReceive('getClient')->andReturn(array( - 'client_id' => 1234, - 'client_secret' => 5678, - 'redirect_uri' => 'http://foo/redirect', - 'name' => 'Example Client' - )); - - $this->client->shouldReceive('validateRefreshToken')->andReturn(1); - - $this->session->shouldReceive('validateAuthCode')->andReturn(1); - $this->session->shouldReceive('updateSession')->andReturn(null); - $this->session->shouldReceive('updateRefreshToken')->andReturn(null); - - $a = $this->returnDefault(); - $a->addGrantType(new OAuth2\Grant\RefreshToken()); - - $_POST['grant_type'] = 'refresh_token'; - $_POST['client_id'] = 1234; - $_POST['client_secret'] = 5678; - $_POST['refresh_token'] = 'abcdef'; - - $request = new OAuth2\Util\Request(array(), $_POST); - $a->setRequest($request); - - $v = $a->issueAccessToken(); - - $this->assertArrayHasKey('access_token', $v); - $this->assertArrayHasKey('token_type', $v); - $this->assertArrayHasKey('expires', $v); - $this->assertArrayHasKey('expires_in', $v); - $this->assertArrayHasKey('refresh_token', $v); - - $this->assertEquals($a::getExpiresIn(), $v['expires_in']); - $this->assertEquals(time()+$a::getExpiresIn(), $v['expires']); - } - - public function test_issueAccessToken_refreshTokenGrant() - { - $this->client->shouldReceive('getClient')->andReturn(array( - 'client_id' => 1234, - 'client_secret' => 5678, - 'redirect_uri' => 'http://foo/redirect', - 'name' => 'Example Client' - )); - - $this->client->shouldReceive('validateRefreshToken')->andReturn(1); - - $this->session->shouldReceive('validateAuthCode')->andReturn(1); - $this->session->shouldReceive('updateSession')->andReturn(null); - $this->session->shouldReceive('updateRefreshToken')->andReturn(null); - - $a = $this->returnDefault(); - $a->addGrantType(new OAuth2\Grant\RefreshToken()); - - $v = $a->issueAccessToken(array( - 'grant_type' => 'refresh_token', - 'client_id' => 1234, - 'client_secret' => 5678, - 'refresh_token' => 'abcdef', - )); - - $this->assertArrayHasKey('access_token', $v); - $this->assertArrayHasKey('token_type', $v); - $this->assertArrayHasKey('expires', $v); - $this->assertArrayHasKey('expires_in', $v); - $this->assertArrayHasKey('refresh_token', $v); - - $this->assertEquals($a::getExpiresIn(), $v['expires_in']); - $this->assertEquals(time()+$a::getExpiresIn(), $v['expires']); - } - - /** - * @expectedException OAuth2\Exception\ClientException - * @expectedExceptionCode 0 - */ - public function test_issueAccessToken_clientCredentialsGrant_missingClientId() - { - $a = $this->returnDefault(); - $a->addGrantType(new OAuth2\Grant\ClientCredentials()); - - $request = new OAuth2\Util\Request(array(), $_POST); - $a->setRequest($request); - - $v = $a->issueAccessToken(array( - 'grant_type' => 'client_credentials' - )); - } - - /** - * @expectedException OAuth2\Exception\ClientException - * @expectedExceptionCode 0 - */ - public function test_issueAccessToken_clientCredentialsGrant_missingClientPassword() - { - $a = $this->returnDefault(); - $a->addGrantType(new OAuth2\Grant\ClientCredentials()); - - $request = new OAuth2\Util\Request(array(), $_POST); - $a->setRequest($request); - - $v = $a->issueAccessToken(array( - 'grant_type' => 'client_credentials', - 'client_id' => 1234 - )); - } - - /** - * @expectedException OAuth2\Exception\ClientException - * @expectedExceptionCode 8 - */ - public function test_issueAccessToken_clientCredentialsGrant_badClient() - { - $this->client->shouldReceive('getClient')->andReturn(false); - - $a = $this->returnDefault(); - $a->addGrantType(new OAuth2\Grant\ClientCredentials()); - - $request = new OAuth2\Util\Request(array(), $_POST); - $a->setRequest($request); - - $v = $a->issueAccessToken(array( - 'grant_type' => 'client_credentials', - 'client_id' => 1234, - 'client_secret' => 5678 - )); - } - - function test_issueAccessToken_clientCredentialsGrant_passedInput() - { - $this->client->shouldReceive('getClient')->andReturn(array( - 'client_id' => 1234, - 'client_secret' => 5678, - 'redirect_uri' => 'http://foo/redirect', - 'name' => 'Example Client' - )); - - $this->client->shouldReceive('validateRefreshToken')->andReturn(1); - - $this->session->shouldReceive('validateAuthCode')->andReturn(1); - $this->session->shouldReceive('createSession')->andReturn(1); - $this->session->shouldReceive('deleteSession')->andReturn(null); - $this->session->shouldReceive('updateRefreshToken')->andReturn(null); - - $a = $this->returnDefault(); - $a->addGrantType(new OAuth2\Grant\ClientCredentials()); - - $v = $a->issueAccessToken(array( - 'grant_type' => 'client_credentials', - 'client_id' => 1234, - 'client_secret' => 5678 - )); - - $this->assertArrayHasKey('access_token', $v); - $this->assertArrayHasKey('token_type', $v); - $this->assertArrayHasKey('expires', $v); - $this->assertArrayHasKey('expires_in', $v); - $this->assertArrayHasKey('refresh_token', $v); - - $this->assertEquals($a::getExpiresIn(), $v['expires_in']); - $this->assertEquals(time()+$a::getExpiresIn(), $v['expires']); - } - - function test_issueAccessToken_clientCredentialsGrant() - { - $this->client->shouldReceive('getClient')->andReturn(array( - 'client_id' => 1234, - 'client_secret' => 5678, - 'redirect_uri' => 'http://foo/redirect', - 'name' => 'Example Client' - )); - - $this->client->shouldReceive('validateRefreshToken')->andReturn(1); - - $this->session->shouldReceive('validateAuthCode')->andReturn(1); - $this->session->shouldReceive('createSession')->andReturn(1); - $this->session->shouldReceive('deleteSession')->andReturn(null); - $this->session->shouldReceive('updateRefreshToken')->andReturn(null); - - $a = $this->returnDefault(); - $a->addGrantType(new OAuth2\Grant\ClientCredentials()); - - $_POST['grant_type'] = 'client_credentials'; - $_POST['client_id'] = 1234; - $_POST['client_secret'] = 5678; - - $request = new OAuth2\Util\Request(array(), $_POST); - $a->setRequest($request); - - $v = $a->issueAccessToken(); - - $this->assertArrayHasKey('access_token', $v); - $this->assertArrayHasKey('token_type', $v); - $this->assertArrayHasKey('expires', $v); - $this->assertArrayHasKey('expires_in', $v); - $this->assertArrayHasKey('refresh_token', $v); - - $this->assertEquals($a::getExpiresIn(), $v['expires_in']); - $this->assertEquals(time()+$a::getExpiresIn(), $v['expires']); - } - - /** - * @expectedException OAuth2\Exception\ClientException - * @expectedExceptionCode 0 - */ - public function test_issueAccessToken_passwordGrant_missingClientId() - { - $a = $this->returnDefault(); - $a->addGrantType(new OAuth2\Grant\Password()); - - $request = new OAuth2\Util\Request(array(), $_POST); - $a->setRequest($request); - - $v = $a->issueAccessToken(array( - 'grant_type' => 'client_credentials' - )); - } - - /** - * @expectedException OAuth2\Exception\ClientException - * @expectedExceptionCode 0 - */ - public function test_issueAccessToken_passwordGrant_missingClientPassword() - { - $a = $this->returnDefault(); - $a->addGrantType(new OAuth2\Grant\Password()); - - $request = new OAuth2\Util\Request(array(), $_POST); - $a->setRequest($request); - - $v = $a->issueAccessToken(array( - 'grant_type' => 'password', - 'client_id' => 1234 - )); - } - - /** - * @expectedException OAuth2\Exception\ClientException - * @expectedExceptionCode 8 - */ - public function test_issueAccessToken_passwordGrant_badClient() - { - $this->client->shouldReceive('getClient')->andReturn(false); - - $a = $this->returnDefault(); - $a->addGrantType(new OAuth2\Grant\Password()); - - $request = new OAuth2\Util\Request(array(), $_POST); - $a->setRequest($request); - - $v = $a->issueAccessToken(array( - 'grant_type' => 'password', - 'client_id' => 1234, - 'client_secret' => 5678 - )); - } - - /** - * @expectedException OAuth2\Exception\InvalidGrantTypeException - */ - function test_issueAccessToken_passwordGrant_invalidCallback() - { - $this->client->shouldReceive('getClient')->andReturn(array( - 'client_id' => 1234, - 'client_secret' => 5678, - 'redirect_uri' => 'http://foo/redirect', - 'name' => 'Example Client' - )); - - $this->client->shouldReceive('validateRefreshToken')->andReturn(1); - - $this->session->shouldReceive('validateAuthCode')->andReturn(1); - $this->session->shouldReceive('createSession')->andReturn(1); - $this->session->shouldReceive('deleteSession')->andReturn(null); - $this->session->shouldReceive('updateRefreshToken')->andReturn(null); - - $testCredentials = null; - - $a = $this->returnDefault(); - $pgrant = new OAuth2\Grant\Password(); - $pgrant->setVerifyCredentialsCallback($testCredentials); - $a->addGrantType($pgrant); - - $v = $a->issueAccessToken(array( - 'grant_type' => 'password', - 'client_id' => 1234, - 'client_secret' => 5678, - 'username' => 'foo', - 'password' => 'bar' - )); - } - - /** - * @expectedException OAuth2\Exception\ClientException - * @expectedExceptionCode 0 - */ - function test_issueAccessToken_passwordGrant_missingUsername() - { - $this->client->shouldReceive('getClient')->andReturn(array( - 'client_id' => 1234, - 'client_secret' => 5678, - 'redirect_uri' => 'http://foo/redirect', - 'name' => 'Example Client' - )); - - $this->client->shouldReceive('validateRefreshToken')->andReturn(1); - - $this->session->shouldReceive('validateAuthCode')->andReturn(1); - $this->session->shouldReceive('createSession')->andReturn(1); - $this->session->shouldReceive('deleteSession')->andReturn(null); - $this->session->shouldReceive('updateRefreshToken')->andReturn(null); - - $testCredentials = function($u, $p) { return false; }; - - $a = $this->returnDefault(); - $pgrant = new OAuth2\Grant\Password(); - $pgrant->setVerifyCredentialsCallback($testCredentials); - $a->addGrantType($pgrant); - - $v = $a->issueAccessToken(array( - 'grant_type' => 'password', - 'client_id' => 1234, - 'client_secret' => 5678 - )); - } - - /** - * @expectedException OAuth2\Exception\ClientException - * @expectedExceptionCode 0 - */ - function test_issueAccessToken_passwordGrant_missingPassword() - { - $this->client->shouldReceive('getClient')->andReturn(array( - 'client_id' => 1234, - 'client_secret' => 5678, - 'redirect_uri' => 'http://foo/redirect', - 'name' => 'Example Client' - )); - - $this->client->shouldReceive('validateRefreshToken')->andReturn(1); - - $this->session->shouldReceive('validateAuthCode')->andReturn(1); - $this->session->shouldReceive('createSession')->andReturn(1); - $this->session->shouldReceive('deleteSession')->andReturn(null); - $this->session->shouldReceive('updateRefreshToken')->andReturn(null); - - $testCredentials = function($u, $p) { return false; }; - - $a = $this->returnDefault(); - $pgrant = new OAuth2\Grant\Password(); - $pgrant->setVerifyCredentialsCallback($testCredentials); - $a->addGrantType($pgrant); - - $v = $a->issueAccessToken(array( - 'grant_type' => 'password', - 'client_id' => 1234, - 'client_secret' => 5678, - 'username' => 'foo' - )); - } - - /** - * @expectedException OAuth2\Exception\ClientException - * @expectedExceptionCode 0 - */ - function test_issueAccessToken_passwordGrant_badCredentials() - { - $this->client->shouldReceive('getClient')->andReturn(array( - 'client_id' => 1234, - 'client_secret' => 5678, - 'redirect_uri' => 'http://foo/redirect', - 'name' => 'Example Client' - )); - - $this->client->shouldReceive('validateRefreshToken')->andReturn(1); - - $this->session->shouldReceive('validateAuthCode')->andReturn(1); - $this->session->shouldReceive('createSession')->andReturn(1); - $this->session->shouldReceive('deleteSession')->andReturn(null); - $this->session->shouldReceive('updateRefreshToken')->andReturn(null); - - $testCredentials = function($u, $p) { return false; }; - - $a = $this->returnDefault(); - $pgrant = new OAuth2\Grant\Password(); - $pgrant->setVerifyCredentialsCallback($testCredentials); - $a->addGrantType($pgrant); - - $v = $a->issueAccessToken(array( - 'grant_type' => 'password', - 'client_id' => 1234, - 'client_secret' => 5678, - 'username' => 'foo', - 'password' => 'bar' - )); - } - - function test_issueAccessToken_passwordGrant_passedInput() - { - $this->client->shouldReceive('getClient')->andReturn(array( - 'client_id' => 1234, - 'client_secret' => 5678, - 'redirect_uri' => 'http://foo/redirect', - 'name' => 'Example Client' - )); - - $this->client->shouldReceive('validateRefreshToken')->andReturn(1); - - $this->session->shouldReceive('validateAuthCode')->andReturn(1); - $this->session->shouldReceive('createSession')->andReturn(1); - $this->session->shouldReceive('deleteSession')->andReturn(null); - $this->session->shouldReceive('updateRefreshToken')->andReturn(null); - - $testCredentials = function($u, $p) { return 1; }; - - $a = $this->returnDefault(); - $pgrant = new OAuth2\Grant\Password(); - $pgrant->setVerifyCredentialsCallback($testCredentials); - $a->addGrantType($pgrant); - - $v = $a->issueAccessToken(array( - 'grant_type' => 'password', - 'client_id' => 1234, - 'client_secret' => 5678, - 'username' => 'foo', - 'password' => 'bar' - )); - - $this->assertArrayHasKey('access_token', $v); - $this->assertArrayHasKey('token_type', $v); - $this->assertArrayHasKey('expires', $v); - $this->assertArrayHasKey('expires_in', $v); - $this->assertArrayHasKey('refresh_token', $v); - - $this->assertEquals($a::getExpiresIn(), $v['expires_in']); - $this->assertEquals(time()+$a::getExpiresIn(), $v['expires']); - } - - function test_issueAccessToken_passwordGrant() - { - $this->client->shouldReceive('getClient')->andReturn(array( - 'client_id' => 1234, - 'client_secret' => 5678, - 'redirect_uri' => 'http://foo/redirect', - 'name' => 'Example Client' - )); - - $this->client->shouldReceive('validateRefreshToken')->andReturn(1); - - $this->session->shouldReceive('validateAuthCode')->andReturn(1); - $this->session->shouldReceive('createSession')->andReturn(1); - $this->session->shouldReceive('deleteSession')->andReturn(null); - $this->session->shouldReceive('updateRefreshToken')->andReturn(null); - - $testCredentials = function($u, $p) { return 1; }; - - $a = $this->returnDefault(); - $pgrant = new OAuth2\Grant\Password(); - $pgrant->setVerifyCredentialsCallback($testCredentials); - $a->addGrantType($pgrant); - - $_POST['grant_type'] = 'password'; - $_POST['client_id'] = 1234; - $_POST['client_secret'] = 5678; - $_POST['username'] = 'foo'; - $_POST['password'] = 'bar'; - - $request = new OAuth2\Util\Request(array(), $_POST); - $a->setRequest($request); - - $v = $a->issueAccessToken(); - - $this->assertArrayHasKey('access_token', $v); - $this->assertArrayHasKey('token_type', $v); - $this->assertArrayHasKey('expires', $v); - $this->assertArrayHasKey('expires_in', $v); - $this->assertArrayHasKey('refresh_token', $v); - - $this->assertEquals($a::getExpiresIn(), $v['expires_in']); - $this->assertEquals(time()+$a::getExpiresIn(), $v['expires']); - } - public function tearDown() { M::close(); } diff --git a/tests/authentication/ClientCredentialsGrantTest.php b/tests/authentication/ClientCredentialsGrantTest.php new file mode 100644 index 00000000..72e68919 --- /dev/null +++ b/tests/authentication/ClientCredentialsGrantTest.php @@ -0,0 +1,189 @@ +client = M::mock('OAuth2\Storage\ClientInterface'); + $this->session = M::mock('OAuth2\Storage\SessionInterface'); + $this->scope = M::mock('OAuth2\Storage\ScopeInterface'); + } + + private function returnDefault() + { + return new OAuth2\AuthServer($this->client, $this->session, $this->scope); + } + + /** + * @expectedException OAuth2\Exception\ClientException + * @expectedExceptionCode 0 + */ + public function test_issueAccessToken_clientCredentialsGrant_missingClientId() + { + $a = $this->returnDefault(); + $a->addGrantType(new OAuth2\Grant\ClientCredentials()); + + $request = new OAuth2\Util\Request(array(), $_POST); + $a->setRequest($request); + + $v = $a->issueAccessToken(array( + 'grant_type' => 'client_credentials' + )); + } + + /** + * @expectedException OAuth2\Exception\ClientException + * @expectedExceptionCode 0 + */ + public function test_issueAccessToken_clientCredentialsGrant_missingClientPassword() + { + $a = $this->returnDefault(); + $a->addGrantType(new OAuth2\Grant\ClientCredentials()); + + $request = new OAuth2\Util\Request(array(), $_POST); + $a->setRequest($request); + + $v = $a->issueAccessToken(array( + 'grant_type' => 'client_credentials', + 'client_id' => 1234 + )); + } + + /** + * @expectedException OAuth2\Exception\ClientException + * @expectedExceptionCode 8 + */ + public function test_issueAccessToken_clientCredentialsGrant_badClient() + { + $this->client->shouldReceive('getClient')->andReturn(false); + + $a = $this->returnDefault(); + $a->addGrantType(new OAuth2\Grant\ClientCredentials()); + + $request = new OAuth2\Util\Request(array(), $_POST); + $a->setRequest($request); + + $v = $a->issueAccessToken(array( + 'grant_type' => 'client_credentials', + 'client_id' => 1234, + 'client_secret' => 5678 + )); + } + + function test_issueAccessToken_clientCredentialsGrant_passedInput() + { + $this->client->shouldReceive('getClient')->andReturn(array( + 'client_id' => 1234, + 'client_secret' => 5678, + 'redirect_uri' => 'http://foo/redirect', + 'name' => 'Example Client' + )); + + $this->client->shouldReceive('validateRefreshToken')->andReturn(1); + + $this->session->shouldReceive('validateAuthCode')->andReturn(1); + $this->session->shouldReceive('createSession')->andReturn(1); + $this->session->shouldReceive('deleteSession')->andReturn(null); + $this->session->shouldReceive('updateRefreshToken')->andReturn(null); + + $a = $this->returnDefault(); + $a->addGrantType(new OAuth2\Grant\ClientCredentials()); + + $v = $a->issueAccessToken(array( + 'grant_type' => 'client_credentials', + 'client_id' => 1234, + 'client_secret' => 5678 + )); + + $this->assertArrayHasKey('access_token', $v); + $this->assertArrayHasKey('token_type', $v); + $this->assertArrayHasKey('expires', $v); + $this->assertArrayHasKey('expires_in', $v); + + $this->assertEquals($a::getExpiresIn(), $v['expires_in']); + $this->assertEquals(time()+$a::getExpiresIn(), $v['expires']); + } + + function test_issueAccessToken_clientCredentialsGrant() + { + $this->client->shouldReceive('getClient')->andReturn(array( + 'client_id' => 1234, + 'client_secret' => 5678, + 'redirect_uri' => 'http://foo/redirect', + 'name' => 'Example Client' + )); + + $this->client->shouldReceive('validateRefreshToken')->andReturn(1); + + $this->session->shouldReceive('validateAuthCode')->andReturn(1); + $this->session->shouldReceive('createSession')->andReturn(1); + $this->session->shouldReceive('deleteSession')->andReturn(null); + $this->session->shouldReceive('updateRefreshToken')->andReturn(null); + + $a = $this->returnDefault(); + $a->addGrantType(new OAuth2\Grant\ClientCredentials()); + + $_POST['grant_type'] = 'client_credentials'; + $_POST['client_id'] = 1234; + $_POST['client_secret'] = 5678; + + $request = new OAuth2\Util\Request(array(), $_POST); + $a->setRequest($request); + + $v = $a->issueAccessToken(); + + $this->assertArrayHasKey('access_token', $v); + $this->assertArrayHasKey('token_type', $v); + $this->assertArrayHasKey('expires', $v); + $this->assertArrayHasKey('expires_in', $v); + + $this->assertEquals($a::getExpiresIn(), $v['expires_in']); + $this->assertEquals(time()+$a::getExpiresIn(), $v['expires']); + } + + function test_issueAccessToken_clientCredentialsGrant_withRefreshToken() + { + $this->client->shouldReceive('getClient')->andReturn(array( + 'client_id' => 1234, + 'client_secret' => 5678, + 'redirect_uri' => 'http://foo/redirect', + 'name' => 'Example Client' + )); + + $this->client->shouldReceive('validateRefreshToken')->andReturn(1); + + $this->session->shouldReceive('validateAuthCode')->andReturn(1); + $this->session->shouldReceive('createSession')->andReturn(1); + $this->session->shouldReceive('deleteSession')->andReturn(null); + $this->session->shouldReceive('updateRefreshToken')->andReturn(null); + + $a = $this->returnDefault(); + $a->addGrantType(new OAuth2\Grant\ClientCredentials()); + $a->addGrantType(new OAuth2\Grant\RefreshToken()); + + $_POST['grant_type'] = 'client_credentials'; + $_POST['client_id'] = 1234; + $_POST['client_secret'] = 5678; + + $request = new OAuth2\Util\Request(array(), $_POST); + $a->setRequest($request); + + $v = $a->issueAccessToken(); + + $this->assertArrayHasKey('access_token', $v); + $this->assertArrayHasKey('token_type', $v); + $this->assertArrayHasKey('expires', $v); + $this->assertArrayHasKey('expires_in', $v); + $this->assertArrayHasKey('refresh_token', $v); + + $this->assertEquals($a::getExpiresIn(), $v['expires_in']); + $this->assertEquals(time()+$a::getExpiresIn(), $v['expires']); + } + +} \ No newline at end of file diff --git a/tests/authentication/PasswordGrantTest.php b/tests/authentication/PasswordGrantTest.php new file mode 100644 index 00000000..ac6a7c83 --- /dev/null +++ b/tests/authentication/PasswordGrantTest.php @@ -0,0 +1,347 @@ +client = M::mock('OAuth2\Storage\ClientInterface'); + $this->session = M::mock('OAuth2\Storage\SessionInterface'); + $this->scope = M::mock('OAuth2\Storage\ScopeInterface'); + } + + private function returnDefault() + { + return new OAuth2\AuthServer($this->client, $this->session, $this->scope); + } + + /** + * @expectedException OAuth2\Exception\ClientException + * @expectedExceptionCode 0 + */ + public function test_issueAccessToken_passwordGrant_missingClientId() + { + $a = $this->returnDefault(); + $a->addGrantType(new OAuth2\Grant\Password()); + + $request = new OAuth2\Util\Request(array(), $_POST); + $a->setRequest($request); + + $v = $a->issueAccessToken(array( + 'grant_type' => 'password' + )); + } + + /** + * @expectedException OAuth2\Exception\ClientException + * @expectedExceptionCode 0 + */ + public function test_issueAccessToken_passwordGrant_missingClientPassword() + { + $a = $this->returnDefault(); + $a->addGrantType(new OAuth2\Grant\Password()); + + $request = new OAuth2\Util\Request(array(), $_POST); + $a->setRequest($request); + + $v = $a->issueAccessToken(array( + 'grant_type' => 'password', + 'client_id' => 1234 + )); + } + + /** + * @expectedException OAuth2\Exception\ClientException + * @expectedExceptionCode 8 + */ + public function test_issueAccessToken_passwordGrant_badClient() + { + $this->client->shouldReceive('getClient')->andReturn(false); + + $a = $this->returnDefault(); + $a->addGrantType(new OAuth2\Grant\Password()); + + $request = new OAuth2\Util\Request(array(), $_POST); + $a->setRequest($request); + + $v = $a->issueAccessToken(array( + 'grant_type' => 'password', + 'client_id' => 1234, + 'client_secret' => 5678 + )); + } + + /** + * @expectedException OAuth2\Exception\InvalidGrantTypeException + */ + function test_issueAccessToken_passwordGrant_invalidCallback() + { + $this->client->shouldReceive('getClient')->andReturn(array( + 'client_id' => 1234, + 'client_secret' => 5678, + 'redirect_uri' => 'http://foo/redirect', + 'name' => 'Example Client' + )); + + $this->client->shouldReceive('validateRefreshToken')->andReturn(1); + + $this->session->shouldReceive('validateAuthCode')->andReturn(1); + $this->session->shouldReceive('createSession')->andReturn(1); + $this->session->shouldReceive('deleteSession')->andReturn(null); + $this->session->shouldReceive('updateRefreshToken')->andReturn(null); + + $testCredentials = null; + + $a = $this->returnDefault(); + $pgrant = new OAuth2\Grant\Password(); + $pgrant->setVerifyCredentialsCallback($testCredentials); + $a->addGrantType($pgrant); + + $v = $a->issueAccessToken(array( + 'grant_type' => 'password', + 'client_id' => 1234, + 'client_secret' => 5678, + 'username' => 'foo', + 'password' => 'bar' + )); + } + + /** + * @expectedException OAuth2\Exception\ClientException + * @expectedExceptionCode 0 + */ + function test_issueAccessToken_passwordGrant_missingUsername() + { + $this->client->shouldReceive('getClient')->andReturn(array( + 'client_id' => 1234, + 'client_secret' => 5678, + 'redirect_uri' => 'http://foo/redirect', + 'name' => 'Example Client' + )); + + $this->client->shouldReceive('validateRefreshToken')->andReturn(1); + + $this->session->shouldReceive('validateAuthCode')->andReturn(1); + $this->session->shouldReceive('createSession')->andReturn(1); + $this->session->shouldReceive('deleteSession')->andReturn(null); + $this->session->shouldReceive('updateRefreshToken')->andReturn(null); + + $testCredentials = function($u, $p) { return false; }; + + $a = $this->returnDefault(); + $pgrant = new OAuth2\Grant\Password(); + $pgrant->setVerifyCredentialsCallback($testCredentials); + $a->addGrantType($pgrant); + + $v = $a->issueAccessToken(array( + 'grant_type' => 'password', + 'client_id' => 1234, + 'client_secret' => 5678 + )); + } + + /** + * @expectedException OAuth2\Exception\ClientException + * @expectedExceptionCode 0 + */ + function test_issueAccessToken_passwordGrant_missingPassword() + { + $this->client->shouldReceive('getClient')->andReturn(array( + 'client_id' => 1234, + 'client_secret' => 5678, + 'redirect_uri' => 'http://foo/redirect', + 'name' => 'Example Client' + )); + + $this->client->shouldReceive('validateRefreshToken')->andReturn(1); + + $this->session->shouldReceive('validateAuthCode')->andReturn(1); + $this->session->shouldReceive('createSession')->andReturn(1); + $this->session->shouldReceive('deleteSession')->andReturn(null); + $this->session->shouldReceive('updateRefreshToken')->andReturn(null); + + $testCredentials = function($u, $p) { return false; }; + + $a = $this->returnDefault(); + $pgrant = new OAuth2\Grant\Password(); + $pgrant->setVerifyCredentialsCallback($testCredentials); + $a->addGrantType($pgrant); + + $v = $a->issueAccessToken(array( + 'grant_type' => 'password', + 'client_id' => 1234, + 'client_secret' => 5678, + 'username' => 'foo' + )); + } + + /** + * @expectedException OAuth2\Exception\ClientException + * @expectedExceptionCode 0 + */ + function test_issueAccessToken_passwordGrant_badCredentials() + { + $this->client->shouldReceive('getClient')->andReturn(array( + 'client_id' => 1234, + 'client_secret' => 5678, + 'redirect_uri' => 'http://foo/redirect', + 'name' => 'Example Client' + )); + + $this->client->shouldReceive('validateRefreshToken')->andReturn(1); + + $this->session->shouldReceive('validateAuthCode')->andReturn(1); + $this->session->shouldReceive('createSession')->andReturn(1); + $this->session->shouldReceive('deleteSession')->andReturn(null); + $this->session->shouldReceive('updateRefreshToken')->andReturn(null); + + $testCredentials = function($u, $p) { return false; }; + + $a = $this->returnDefault(); + $pgrant = new OAuth2\Grant\Password(); + $pgrant->setVerifyCredentialsCallback($testCredentials); + $a->addGrantType($pgrant); + + $v = $a->issueAccessToken(array( + 'grant_type' => 'password', + 'client_id' => 1234, + 'client_secret' => 5678, + 'username' => 'foo', + 'password' => 'bar' + )); + } + + function test_issueAccessToken_passwordGrant_passedInput() + { + $this->client->shouldReceive('getClient')->andReturn(array( + 'client_id' => 1234, + 'client_secret' => 5678, + 'redirect_uri' => 'http://foo/redirect', + 'name' => 'Example Client' + )); + + $this->client->shouldReceive('validateRefreshToken')->andReturn(1); + + $this->session->shouldReceive('validateAuthCode')->andReturn(1); + $this->session->shouldReceive('createSession')->andReturn(1); + $this->session->shouldReceive('deleteSession')->andReturn(null); + $this->session->shouldReceive('updateRefreshToken')->andReturn(null); + + $testCredentials = function($u, $p) { return 1; }; + + $a = $this->returnDefault(); + $pgrant = new OAuth2\Grant\Password(); + $pgrant->setVerifyCredentialsCallback($testCredentials); + $a->addGrantType($pgrant); + + $v = $a->issueAccessToken(array( + 'grant_type' => 'password', + 'client_id' => 1234, + 'client_secret' => 5678, + 'username' => 'foo', + 'password' => 'bar' + )); + + $this->assertArrayHasKey('access_token', $v); + $this->assertArrayHasKey('token_type', $v); + $this->assertArrayHasKey('expires', $v); + $this->assertArrayHasKey('expires_in', $v); + + $this->assertEquals($a::getExpiresIn(), $v['expires_in']); + $this->assertEquals(time()+$a::getExpiresIn(), $v['expires']); + } + + function test_issueAccessToken_passwordGrant() + { + $this->client->shouldReceive('getClient')->andReturn(array( + 'client_id' => 1234, + 'client_secret' => 5678, + 'redirect_uri' => 'http://foo/redirect', + 'name' => 'Example Client' + )); + + $this->client->shouldReceive('validateRefreshToken')->andReturn(1); + + $this->session->shouldReceive('validateAuthCode')->andReturn(1); + $this->session->shouldReceive('createSession')->andReturn(1); + $this->session->shouldReceive('deleteSession')->andReturn(null); + $this->session->shouldReceive('updateRefreshToken')->andReturn(null); + + $testCredentials = function($u, $p) { return 1; }; + + $a = $this->returnDefault(); + $pgrant = new OAuth2\Grant\Password(); + $pgrant->setVerifyCredentialsCallback($testCredentials); + $a->addGrantType($pgrant); + + $_POST['grant_type'] = 'password'; + $_POST['client_id'] = 1234; + $_POST['client_secret'] = 5678; + $_POST['username'] = 'foo'; + $_POST['password'] = 'bar'; + + $request = new OAuth2\Util\Request(array(), $_POST); + $a->setRequest($request); + + $v = $a->issueAccessToken(); + + $this->assertArrayHasKey('access_token', $v); + $this->assertArrayHasKey('token_type', $v); + $this->assertArrayHasKey('expires', $v); + $this->assertArrayHasKey('expires_in', $v); + + $this->assertEquals($a::getExpiresIn(), $v['expires_in']); + $this->assertEquals(time()+$a::getExpiresIn(), $v['expires']); + } + + function test_issueAccessToken_passwordGrant_withRefreshToken() + { + $this->client->shouldReceive('getClient')->andReturn(array( + 'client_id' => 1234, + 'client_secret' => 5678, + 'redirect_uri' => 'http://foo/redirect', + 'name' => 'Example Client' + )); + + $this->client->shouldReceive('validateRefreshToken')->andReturn(1); + + $this->session->shouldReceive('validateAuthCode')->andReturn(1); + $this->session->shouldReceive('createSession')->andReturn(1); + $this->session->shouldReceive('deleteSession')->andReturn(null); + $this->session->shouldReceive('updateRefreshToken')->andReturn(null); + + $testCredentials = function($u, $p) { return 1; }; + + $a = $this->returnDefault(); + $pgrant = new OAuth2\Grant\Password(); + $pgrant->setVerifyCredentialsCallback($testCredentials); + $a->addGrantType($pgrant); + $a->addGrantType(new OAuth2\Grant\RefreshToken()); + + $_POST['grant_type'] = 'password'; + $_POST['client_id'] = 1234; + $_POST['client_secret'] = 5678; + $_POST['username'] = 'foo'; + $_POST['password'] = 'bar'; + + $request = new OAuth2\Util\Request(array(), $_POST); + $a->setRequest($request); + + $v = $a->issueAccessToken(); + + $this->assertArrayHasKey('access_token', $v); + $this->assertArrayHasKey('token_type', $v); + $this->assertArrayHasKey('expires', $v); + $this->assertArrayHasKey('expires_in', $v); + $this->assertArrayHasKey('refresh_token', $v); + + $this->assertEquals($a::getExpiresIn(), $v['expires_in']); + $this->assertEquals(time()+$a::getExpiresIn(), $v['expires']); + } + +} \ No newline at end of file diff --git a/tests/authentication/RefreshTokenTest.php b/tests/authentication/RefreshTokenTest.php new file mode 100644 index 00000000..556477b3 --- /dev/null +++ b/tests/authentication/RefreshTokenTest.php @@ -0,0 +1,233 @@ +client = M::mock('OAuth2\Storage\ClientInterface'); + $this->session = M::mock('OAuth2\Storage\SessionInterface'); + $this->scope = M::mock('OAuth2\Storage\ScopeInterface'); + } + + private function returnDefault() + { + return new OAuth2\AuthServer($this->client, $this->session, $this->scope); + } + + public function test_issueAccessToken_with_refresh_token() + { + $this->client->shouldReceive('getClient')->andReturn(array( + 'client_id' => 1234, + 'client_secret' => 5678, + 'redirect_uri' => 'http://foo/redirect', + 'name' => 'Example Client' + )); + + $this->session->shouldReceive('validateAuthCode')->andReturn(1); + $this->session->shouldReceive('updateSession')->andReturn(null); + + $a = $this->returnDefault(); + $a->addGrantType(new OAuth2\Grant\AuthCode()); + $a->addGrantType(new OAuth2\Grant\RefreshToken()); + + $_POST['grant_type'] = 'authorization_code'; + $_POST['client_id'] = 1234; + $_POST['client_secret'] = 5678; + $_POST['redirect_uri'] = 'http://foo/redirect'; + $_POST['code'] = 'foobar'; + + $request = new OAuth2\Util\Request(array(), $_POST); + $a->setRequest($request); + + $v = $a->issueAccessToken(); + + $this->assertArrayHasKey('access_token', $v); + $this->assertArrayHasKey('token_type', $v); + $this->assertArrayHasKey('expires', $v); + $this->assertArrayHasKey('expires_in', $v); + $this->assertArrayHasKey('refresh_token', $v); + + $this->assertEquals($a::getExpiresIn(), $v['expires_in']); + $this->assertEquals(time()+$a::getExpiresIn(), $v['expires']); + } + + /** + * @expectedException OAuth2\Exception\ClientException + * @expectedExceptionCode 0 + */ + public function test_issueAccessToken_refreshTokenGrant_missingClientId() + { + $a = $this->returnDefault(); + $a->addGrantType(new OAuth2\Grant\RefreshToken()); + + $request = new OAuth2\Util\Request(array(), $_POST); + $a->setRequest($request); + + $v = $a->issueAccessToken(array( + 'grant_type' => 'refresh_token' + )); + } + + /** + * @expectedException OAuth2\Exception\ClientException + * @expectedExceptionCode 0 + */ + public function test_issueAccessToken_refreshTokenGrant_missingClientSecret() + { + $a = $this->returnDefault(); + $a->addGrantType(new OAuth2\Grant\RefreshToken()); + + $request = new OAuth2\Util\Request(array(), $_POST); + $a->setRequest($request); + + $v = $a->issueAccessToken(array( + 'grant_type' => 'refresh_token', + 'client_id' => 1234 + )); + } + + /** + * @expectedException OAuth2\Exception\ClientException + * @expectedExceptionCode 8 + */ + public function test_issueAccessToken_refreshTokenGrant_badClient() + { + $this->client->shouldReceive('getClient')->andReturn(false); + + $a = $this->returnDefault(); + $a->addGrantType(new OAuth2\Grant\RefreshToken()); + + $request = new OAuth2\Util\Request(array(), $_POST); + $a->setRequest($request); + + $v = $a->issueAccessToken(array( + 'grant_type' => 'refresh_token', + 'client_id' => 1234, + 'client_secret' => 5678 + )); + } + + /** + * @expectedException OAuth2\Exception\ClientException + * @expectedExceptionCode 0 + */ + public function test_issueAccessToken_refreshTokenGrant_missingRefreshToken() + { + $this->client->shouldReceive('getClient')->andReturn(array()); + + $a = $this->returnDefault(); + $a->addGrantType(new OAuth2\Grant\RefreshToken()); + + $request = new OAuth2\Util\Request(array(), $_POST); + $a->setRequest($request); + + $v = $a->issueAccessToken(array( + 'grant_type' => 'refresh_token', + 'client_id' => 1234, + 'client_secret' => 5678, + //'refresh_token' => + )); + } + + /** + * @expectedException OAuth2\Exception\ClientException + * @expectedExceptionCode 0 + */ + public function test_issueAccessToken_refreshTokenGrant_badRefreshToken() + { + $this->client->shouldReceive('getClient')->andReturn(array()); + $this->client->shouldReceive('validateRefreshToken')->andReturn(false); + + $a = $this->returnDefault(); + $a->addGrantType(new OAuth2\Grant\RefreshToken()); + + $request = new OAuth2\Util\Request(array(), $_POST); + $a->setRequest($request); + + $v = $a->issueAccessToken(array( + 'grant_type' => 'refresh_token', + 'client_id' => 1234, + 'client_secret' => 5678, + 'refresh_token' => 'abcdef' + )); + } + + public function test_issueAccessToken_refreshTokenGrant_passedInput() + { + $this->client->shouldReceive('getClient')->andReturn(array( + 'client_id' => 1234, + 'client_secret' => 5678, + 'redirect_uri' => 'http://foo/redirect', + 'name' => 'Example Client' + )); + + $this->client->shouldReceive('validateRefreshToken')->andReturn(1); + + $this->session->shouldReceive('validateAuthCode')->andReturn(1); + $this->session->shouldReceive('updateSession')->andReturn(null); + $this->session->shouldReceive('updateRefreshToken')->andReturn(null); + + $a = $this->returnDefault(); + $a->addGrantType(new OAuth2\Grant\RefreshToken()); + + $_POST['grant_type'] = 'refresh_token'; + $_POST['client_id'] = 1234; + $_POST['client_secret'] = 5678; + $_POST['refresh_token'] = 'abcdef'; + + $request = new OAuth2\Util\Request(array(), $_POST); + $a->setRequest($request); + + $v = $a->issueAccessToken(); + + $this->assertArrayHasKey('access_token', $v); + $this->assertArrayHasKey('token_type', $v); + $this->assertArrayHasKey('expires', $v); + $this->assertArrayHasKey('expires_in', $v); + $this->assertArrayHasKey('refresh_token', $v); + + $this->assertEquals($a::getExpiresIn(), $v['expires_in']); + $this->assertEquals(time()+$a::getExpiresIn(), $v['expires']); + } + + public function test_issueAccessToken_refreshTokenGrant() + { + $this->client->shouldReceive('getClient')->andReturn(array( + 'client_id' => 1234, + 'client_secret' => 5678, + 'redirect_uri' => 'http://foo/redirect', + 'name' => 'Example Client' + )); + + $this->client->shouldReceive('validateRefreshToken')->andReturn(1); + + $this->session->shouldReceive('validateAuthCode')->andReturn(1); + $this->session->shouldReceive('updateSession')->andReturn(null); + $this->session->shouldReceive('updateRefreshToken')->andReturn(null); + + $a = $this->returnDefault(); + $a->addGrantType(new OAuth2\Grant\RefreshToken()); + + $v = $a->issueAccessToken(array( + 'grant_type' => 'refresh_token', + 'client_id' => 1234, + 'client_secret' => 5678, + 'refresh_token' => 'abcdef', + )); + + $this->assertArrayHasKey('access_token', $v); + $this->assertArrayHasKey('token_type', $v); + $this->assertArrayHasKey('expires', $v); + $this->assertArrayHasKey('expires_in', $v); + $this->assertArrayHasKey('refresh_token', $v); + + $this->assertEquals($a::getExpiresIn(), $v['expires_in']); + $this->assertEquals(time()+$a::getExpiresIn(), $v['expires']); + } +} \ No newline at end of file