mirror of
https://github.com/elyby/oauth2-server.git
synced 2024-12-22 21:19:46 +05:30
166 lines
6.6 KiB
PHP
166 lines
6.6 KiB
PHP
<?php
|
|
|
|
namespace LeagueTests;
|
|
|
|
use League\OAuth2\Server\Exception\OAuthServerException;
|
|
use League\OAuth2\Server\Grant\AuthCodeGrant;
|
|
use League\OAuth2\Server\Grant\ClientCredentialsGrant;
|
|
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
|
|
use League\OAuth2\Server\Repositories\AuthCodeRepositoryInterface;
|
|
use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
|
|
use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
|
|
use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
|
|
use League\OAuth2\Server\Repositories\UserRepositoryInterface;
|
|
use League\OAuth2\Server\ResponseTypes\BearerTokenResponse;
|
|
use League\OAuth2\Server\Server;
|
|
use LeagueTests\Stubs\AccessTokenEntity;
|
|
use LeagueTests\Stubs\AuthCodeEntity;
|
|
use LeagueTests\Stubs\ClientEntity;
|
|
use LeagueTests\Stubs\StubResponseType;
|
|
use LeagueTests\Stubs\UserEntity;
|
|
use Psr\Http\Message\ResponseInterface;
|
|
use Zend\Diactoros\Response;
|
|
use Zend\Diactoros\ServerRequestFactory;
|
|
|
|
class ServerTest extends \PHPUnit_Framework_TestCase
|
|
{
|
|
public function testRespondToRequestInvalidGrantType()
|
|
{
|
|
$server = new Server(
|
|
$this->getMock(ClientRepositoryInterface::class),
|
|
$this->getMock(AccessTokenRepositoryInterface::class),
|
|
$this->getMock(ScopeRepositoryInterface::class),
|
|
'file://' . __DIR__ . '/Stubs/private.key',
|
|
'file://' . __DIR__ . '/Stubs/public.key',
|
|
new StubResponseType()
|
|
);
|
|
|
|
$server->enableGrantType(new ClientCredentialsGrant(), new \DateInterval('PT1M'));
|
|
|
|
try {
|
|
$server->respondToAccessTokenRequest(ServerRequestFactory::fromGlobals(), new Response);
|
|
} catch (OAuthServerException $e) {
|
|
$this->assertEquals('unsupported_grant_type', $e->getErrorType());
|
|
$this->assertEquals(400, $e->getHttpStatusCode());
|
|
}
|
|
}
|
|
|
|
public function testRespondToRequest()
|
|
{
|
|
$clientRepository = $this->getMock(ClientRepositoryInterface::class);
|
|
$clientRepository->method('getClientEntity')->willReturn(new ClientEntity());
|
|
|
|
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
|
|
$scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);
|
|
|
|
$accessTokenRepositoryMock = $this->getMock(AccessTokenRepositoryInterface::class);
|
|
$accessTokenRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity());
|
|
|
|
$server = new Server(
|
|
$clientRepository,
|
|
$accessTokenRepositoryMock,
|
|
$scopeRepositoryMock,
|
|
'file://' . __DIR__ . '/Stubs/private.key',
|
|
'file://' . __DIR__ . '/Stubs/public.key',
|
|
new StubResponseType()
|
|
);
|
|
|
|
$server->enableGrantType(new ClientCredentialsGrant(), new \DateInterval('PT1M'));
|
|
|
|
$_POST['grant_type'] = 'client_credentials';
|
|
$_POST['client_id'] = 'foo';
|
|
$_POST['client_secret'] = 'bar';
|
|
$response = $server->respondToAccessTokenRequest(ServerRequestFactory::fromGlobals(), new Response);
|
|
$this->assertEquals(200, $response->getStatusCode());
|
|
}
|
|
|
|
public function testRespondToRequestPsrResponse()
|
|
{
|
|
$client = new ClientEntity();
|
|
$client->setIdentifier('foo');
|
|
$client->setIdentifier('http://bar.com');
|
|
|
|
$clientRepository = $this->getMock(ClientRepositoryInterface::class);
|
|
$clientRepository->method('getClientEntity')->willReturn($client);
|
|
|
|
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
|
|
$scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);
|
|
|
|
$server = new Server(
|
|
$clientRepository,
|
|
$this->getMock(AccessTokenRepositoryInterface::class),
|
|
$scopeRepositoryMock,
|
|
'file://' . __DIR__ . '/Stubs/private.key',
|
|
'file://' . __DIR__ . '/Stubs/public.key',
|
|
new StubResponseType()
|
|
);
|
|
|
|
$userRepository = $this->getMock(UserRepositoryInterface::class);
|
|
$userRepository->method('getUserEntityByUserCredentials')->willReturn(new UserEntity());
|
|
|
|
$authCodeRepoMock = $this->getMock(AuthCodeRepositoryInterface::class);
|
|
$authCodeRepoMock->expects($this->once())->method('getNewAuthCode')->willReturn(new AuthCodeEntity());
|
|
|
|
$server->enableGrantType(
|
|
new AuthCodeGrant(
|
|
$authCodeRepoMock,
|
|
$this->getMock(RefreshTokenRepositoryInterface::class),
|
|
$userRepository,
|
|
new \DateInterval('PT1H')
|
|
),
|
|
new \DateInterval('PT1M')
|
|
);
|
|
|
|
$_SERVER['HTTP_HOST'] = 'http://auth.com';
|
|
$_SERVER['REQUEST_URI'] = '/auth';
|
|
$_GET['response_type'] = 'code';
|
|
$_GET['client_id'] = $client->getIdentifier();
|
|
$_GET['redirect_uri'] = $client->getRedirectUri();
|
|
$_POST['action'] = 'approve';
|
|
$_POST['username'] = 'user';
|
|
$_POST['password'] = 'pass';
|
|
$response = $server->respondToAccessTokenRequest(ServerRequestFactory::fromGlobals(), new Response);
|
|
$this->assertTrue($response instanceof ResponseInterface);
|
|
$this->assertEquals(302, $response->getStatusCode());
|
|
$this->assertTrue(strstr($response->getHeaderLine('location'), 'code=') !== false);
|
|
}
|
|
|
|
public function testGetResponseType()
|
|
{
|
|
$clientRepository = $this->getMock(ClientRepositoryInterface::class);
|
|
|
|
$server = new Server(
|
|
$clientRepository,
|
|
$this->getMock(AccessTokenRepositoryInterface::class),
|
|
$this->getMock(ScopeRepositoryInterface::class),
|
|
'file://' . __DIR__ . '/Stubs/private.key',
|
|
'file://' . __DIR__ . '/Stubs/public.key'
|
|
);
|
|
|
|
$abstractGrantReflection = new \ReflectionClass($server);
|
|
$method = $abstractGrantReflection->getMethod('getResponseType');
|
|
$method->setAccessible(true);
|
|
|
|
$this->assertTrue($method->invoke($server) instanceof BearerTokenResponse);
|
|
}
|
|
|
|
public function testValidateRequest()
|
|
{
|
|
$clientRepository = $this->getMock(ClientRepositoryInterface::class);
|
|
|
|
$server = new Server(
|
|
$clientRepository,
|
|
$this->getMock(AccessTokenRepositoryInterface::class),
|
|
$this->getMock(ScopeRepositoryInterface::class),
|
|
'file://' . __DIR__ . '/Stubs/private.key',
|
|
'file://' . __DIR__ . '/Stubs/public.key'
|
|
);
|
|
|
|
try {
|
|
$server->validateAuthenticatedRequest(ServerRequestFactory::fromGlobals());
|
|
} catch (OAuthServerException $e) {
|
|
$this->assertEquals('Missing "Authorization" header', $e->getHint());
|
|
}
|
|
}
|
|
}
|