2016-02-23 03:19:46 +05:30
< ? php
2019-02-21 01:28:52 +05:30
namespace api\tests\functional\oauth ;
2016-02-23 03:19:46 +05:30
2019-02-21 01:28:52 +05:30
use api\tests\_pages\OauthRoute ;
use api\tests\functional\_steps\OauthSteps ;
use api\tests\FunctionalTester ;
2016-02-23 03:19:46 +05:30
2017-06-12 17:04:39 +05:30
class AccessTokenCest {
2016-02-23 03:19:46 +05:30
/**
* @ var OauthRoute
*/
private $route ;
public function _before ( FunctionalTester $I ) {
$this -> route = new OauthRoute ( $I );
}
2017-02-05 18:05:15 +05:30
public function testIssueTokenWithWrongArgs ( OauthSteps $I ) {
2016-02-23 03:19:46 +05:30
$I -> wantTo ( 'check behavior on on request without any credentials' );
$this -> route -> issueToken ();
$I -> canSeeResponseCodeIs ( 400 );
$I -> canSeeResponseContainsJson ([
'error' => 'invalid_request' ,
2017-02-05 18:05:15 +05:30
'message' => 'The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the "grant_type" parameter.' ,
2016-02-23 03:19:46 +05:30
]);
$I -> wantTo ( 'check behavior on passing invalid auth code' );
$this -> route -> issueToken ( $this -> buildParams (
'wrong-auth-code' ,
'ely' ,
'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM' ,
'http://ely.by'
));
$I -> canSeeResponseCodeIs ( 400 );
$I -> canSeeResponseContainsJson ([
'error' => 'invalid_request' ,
2017-02-05 18:05:15 +05:30
'message' => 'The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the "code" parameter.' ,
]);
$authCode = $I -> getAuthCode ();
$I -> wantTo ( 'check behavior on passing invalid redirect_uri' );
$this -> route -> issueToken ( $this -> buildParams (
$authCode ,
'ely' ,
'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM' ,
'http://some-other.domain'
));
$I -> canSeeResponseCodeIs ( 401 );
$I -> canSeeResponseContainsJson ([
'error' => 'invalid_client' ,
'message' => 'Client authentication failed.' ,
2016-02-23 03:19:46 +05:30
]);
}
2016-05-10 17:37:32 +05:30
public function testIssueToken ( OauthSteps $I ) {
2016-02-23 03:19:46 +05:30
$authCode = $I -> getAuthCode ();
$this -> route -> issueToken ( $this -> buildParams (
$authCode ,
'ely' ,
'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM' ,
'http://ely.by'
));
$I -> canSeeResponseCodeIs ( 200 );
$I -> canSeeResponseIsJson ();
$I -> canSeeResponseContainsJson ([
'token_type' => 'Bearer' ,
]);
$I -> canSeeResponseJsonMatchesJsonPath ( '$.access_token' );
2019-02-21 01:28:52 +05:30
$I -> cantSeeResponseJsonMatchesJsonPath ( '$.refresh_token' );
2016-02-23 03:19:46 +05:30
$I -> canSeeResponseJsonMatchesJsonPath ( '$.expires_in' );
}
2016-05-10 17:37:32 +05:30
public function testIssueTokenWithRefreshToken ( OauthSteps $I ) {
2017-09-19 22:36:16 +05:30
$authCode = $I -> getAuthCode ([ 'offline_access' ]);
2016-02-23 03:19:46 +05:30
$this -> route -> issueToken ( $this -> buildParams (
$authCode ,
'ely' ,
'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM' ,
'http://ely.by'
));
$I -> canSeeResponseCodeIs ( 200 );
$I -> canSeeResponseIsJson ();
$I -> canSeeResponseContainsJson ([
'token_type' => 'Bearer' ,
]);
$I -> canSeeResponseJsonMatchesJsonPath ( '$.access_token' );
$I -> canSeeResponseJsonMatchesJsonPath ( '$.refresh_token' );
$I -> canSeeResponseJsonMatchesJsonPath ( '$.expires_in' );
}
private function buildParams ( $code = null , $clientId = null , $clientSecret = null , $redirectUri = null ) {
$params = [ 'grant_type' => 'authorization_code' ];
if ( $code !== null ) {
$params [ 'code' ] = $code ;
}
if ( $clientId !== null ) {
$params [ 'client_id' ] = $clientId ;
}
if ( $clientSecret !== null ) {
$params [ 'client_secret' ] = $clientSecret ;
}
if ( $redirectUri !== null ) {
$params [ 'redirect_uri' ] = $redirectUri ;
}
return $params ;
}
}
