accounts/api/tests/functional/_steps/OauthSteps.php

<?php
declare(strict_types=1);

namespace api\tests\functional\_steps;

use api\tests\FunctionalTester;
use common\components\OAuth2\Repositories\PublicScopeRepository;

class OauthSteps extends FunctionalTester {

    public function obtainAuthCode(array $permissions = []): string {
        $this->amAuthenticated();
        $this->sendPOST('/api/oauth2/v1/complete?' . http_build_query([
            'client_id' => 'ely',
            'redirect_uri' => 'http://ely.by',
            'response_type' => 'code',
            'scope' => implode(' ', $permissions),
        ]), ['accept' => true]);
        $this->canSeeResponseJsonMatchesJsonPath('$.redirectUri');
        [$redirectUri] = $this->grabDataFromResponseByJsonPath('$.redirectUri');
        preg_match('/code=([^&$]+)/', (string)$redirectUri, $matches);

        return $matches[1];
    }

    public function getAccessToken(array $permissions = []): string {
        $authCode = $this->obtainAuthCode($permissions);
        $response = $this->issueToken($authCode);

        return $response['access_token'];
    }

    public function getRefreshToken(array $permissions = []): string {
        $authCode = $this->obtainAuthCode(array_merge([PublicScopeRepository::OFFLINE_ACCESS], $permissions));
        $response = $this->issueToken($authCode);

        return $response['refresh_token'];
    }

    public function issueToken(string $authCode): array {
        $this->sendPOST('/api/oauth2/v1/token', [
            'grant_type' => 'authorization_code',
            'code' => $authCode,
            'client_id' => 'ely',
            'client_secret' => 'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM',
            'redirect_uri' => 'http://ely.by',
        ]);

        return json_decode($this->grabResponse(), true);
    }

    public function getAccessTokenByClientCredentialsGrant(array $permissions = [], bool $useTrusted = true): string {
        $this->sendPOST('/api/oauth2/v1/token', [
            'grant_type' => 'client_credentials',
            'client_id' => $useTrusted ? 'trusted-client' : 'default-client',
            'client_secret' => $useTrusted ? 'tXBbyvMcyaOgHMOAXBpN2EC7uFoJAaL9' : 'AzWRy7ZjS1yRQUk2vRBDic8fprOKDB1W',
            'scope' => implode(' ', $permissions),
        ]);

        $response = json_decode($this->grabResponse(), true);

        return $response['access_token'];
    }

}
Протестирована логика подписи access_token и refresh_token, добавлены базовые скоупы, подчищен проект 2016-02-23 03:19:46 +05:30			`<?php`
Upgrade oauth2-server to 8.0.0 version, rewrite repositories and entities, start rewriting tests. Intermediate commit [skip ci] 2019-08-23 13:58:04 +05:30			`declare(strict_types=1);`

Rework tests structure. Upgrade codeception to 2.5.3. Merge params configuration into app configuration. 2019-02-21 01:28:52 +05:30			`namespace api\tests\functional\_steps;`
Протестирована логика подписи access_token и refresh_token, добавлены базовые скоупы, подчищен проект 2016-02-23 03:19:46 +05:30
Rework tests structure. Upgrade codeception to 2.5.3. Merge params configuration into app configuration. 2019-02-21 01:28:52 +05:30			`use api\tests\FunctionalTester;`
Move OAuth module from API to common and solve PHPStan's errors 2024-12-06 06:04:09 +05:30			`use common\components\OAuth2\Repositories\PublicScopeRepository;`
Протестирована логика подписи access_token и refresh_token, добавлены базовые скоупы, подчищен проект 2016-02-23 03:19:46 +05:30
Добавлен контроллер для блокировки аккаунта Добавлен client_credentials grant для oAuth Рефакторинг структуры OauthScopes чтобы можно было разделить владельца прав на пользовательские и общие (машинные) Исправлена стилистика кода, внедряются фишки PHP 7.1 2016-12-18 04:50:53 +05:30			`class OauthSteps extends FunctionalTester {`
Протестирована логика подписи access_token и refresh_token, добавлены базовые скоупы, подчищен проект 2016-02-23 03:19:46 +05:30
Completely restored authorization_code grant for user side. Reworked oauth_sessions table. Added extension to use MariaDB's JSON columns. Rewritten tests for authorization_code grant for client side. Deprecate some old shit. [skip ci] 2019-09-18 04:44:05 +05:30			`public function obtainAuthCode(array $permissions = []): string {`
Реорганизован процесс авторизации для функциональных тестов 2017-01-24 04:30:08 +05:30			`$this->amAuthenticated();`
Completely restored authorization_code grant for user side. Reworked oauth_sessions table. Added extension to use MariaDB's JSON columns. Rewritten tests for authorization_code grant for client side. Deprecate some old shit. [skip ci] 2019-09-18 04:44:05 +05:30			`$this->sendPOST('/api/oauth2/v1/complete?' . http_build_query([`
Протестирована логика подписи access_token и refresh_token, добавлены базовые скоупы, подчищен проект 2016-02-23 03:19:46 +05:30			`'client_id' => 'ely',`
			`'redirect_uri' => 'http://ely.by',`
			`'response_type' => 'code',`
Completely restored authorization_code grant for user side. Reworked oauth_sessions table. Added extension to use MariaDB's JSON columns. Rewritten tests for authorization_code grant for client side. Deprecate some old shit. [skip ci] 2019-09-18 04:44:05 +05:30			`'scope' => implode(' ', $permissions),`
			`]), ['accept' => true]);`
Протестирована логика подписи access_token и refresh_token, добавлены базовые скоупы, подчищен проект 2016-02-23 03:19:46 +05:30			`$this->canSeeResponseJsonMatchesJsonPath('$.redirectUri');`
Completely restored authorization_code grant for user side. Reworked oauth_sessions table. Added extension to use MariaDB's JSON columns. Rewritten tests for authorization_code grant for client side. Deprecate some old shit. [skip ci] 2019-09-18 04:44:05 +05:30			`[$redirectUri] = $this->grabDataFromResponseByJsonPath('$.redirectUri');`
Upgrade project to PHP 8.3, add PHPStan, upgrade almost every dependency (#36) * start updating to PHP 8.3 * taking off! Co-authored-by: ErickSkrauch <erickskrauch@yandex.ru> Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * dropped this Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * migrate to symfonymailer Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * this is so stupid 😭 Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * ah, free, at last. Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * oh, Gabriel. Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * now dawns thy reckoning. Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * and thy gore shall GLISTEN before the temples of man. Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * creature of steel. Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * my gratitude upon thee for my freedom. Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * but the crimes thy kind has committed against humanity Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * Upgrade PHP-CS-Fixer and do fix the codebase * First review round (maybe I have broken something) * are NOT forgotten. Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * Enable parallel PHP-CS-Fixer runner * PHPStan level 1 * PHPStan level 2 * PHPStan level 3 * PHPStan level 4 * PHPStan level 5 * Levels 6 and 7 takes too much effort. Generate a baseline and fix them eventually * Resolve TODO's related to the php-mock * Drastically reduce baseline size with the Rector * More code modernization with help of the Rector * Update GitLab CI --------- Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> Co-authored-by: ErickSkrauch <erickskrauch@yandex.ru> 2024-12-02 15:40:55 +05:30			`preg_match('/code=([^&$]+)/', (string)$redirectUri, $matches);`
Протестирована логика подписи access_token и refresh_token, добавлены базовые скоупы, подчищен проект 2016-02-23 03:19:46 +05:30
			`return $matches[1];`
			`}`

Upgrade oauth2-server to 8.0.0 version, rewrite repositories and entities, start rewriting tests. Intermediate commit [skip ci] 2019-08-23 13:58:04 +05:30			`public function getAccessToken(array $permissions = []): string {`
Completely restored authorization_code grant for user side. Reworked oauth_sessions table. Added extension to use MariaDB's JSON columns. Rewritten tests for authorization_code grant for client side. Deprecate some old shit. [skip ci] 2019-09-18 04:44:05 +05:30			`$authCode = $this->obtainAuthCode($permissions);`
Реализован функционал получения информации об аккауте после выполнения oAuth авторизации 2016-08-06 19:06:24 +05:30			`$response = $this->issueToken($authCode);`

			`return $response['access_token'];`
			`}`

Upgrade oauth2-server to 8.0.0 version, rewrite repositories and entities, start rewriting tests. Intermediate commit [skip ci] 2019-08-23 13:58:04 +05:30			`public function getRefreshToken(array $permissions = []): string {`
Restore full functionality of OAuth2 server [skip ci] 2019-09-22 02:47:21 +05:30			`$authCode = $this->obtainAuthCode(array_merge([PublicScopeRepository::OFFLINE_ACCESS], $permissions));`
Реализован функционал получения информации об аккауте после выполнения oAuth авторизации 2016-08-06 19:06:24 +05:30			`$response = $this->issueToken($authCode);`

			`return $response['refresh_token'];`
			`}`

Restore full functionality of OAuth2 server [skip ci] 2019-09-22 02:47:21 +05:30			`public function issueToken(string $authCode): array {`
			`$this->sendPOST('/api/oauth2/v1/token', [`
			`'grant_type' => 'authorization_code',`
Протестирована логика подписи access_token и refresh_token, добавлены базовые скоупы, подчищен проект 2016-02-23 03:19:46 +05:30			`'code' => $authCode,`
			`'client_id' => 'ely',`
			`'client_secret' => 'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM',`
			`'redirect_uri' => 'http://ely.by',`
			`]);`

Реализован функционал получения информации об аккауте после выполнения oAuth авторизации 2016-08-06 19:06:24 +05:30			`return json_decode($this->grabResponse(), true);`
Протестирована логика подписи access_token и refresh_token, добавлены базовые скоупы, подчищен проект 2016-02-23 03:19:46 +05:30			`}`

Restore full functionality of OAuth2 server [skip ci] 2019-09-22 02:47:21 +05:30			`public function getAccessTokenByClientCredentialsGrant(array $permissions = [], bool $useTrusted = true): string {`
			`$this->sendPOST('/api/oauth2/v1/token', [`
			`'grant_type' => 'client_credentials',`
Добавлен контроллер для блокировки аккаунта Добавлен client_credentials grant для oAuth Рефакторинг структуры OauthScopes чтобы можно было разделить владельца прав на пользовательские и общие (машинные) Исправлена стилистика кода, внедряются фишки PHP 7.1 2016-12-18 04:50:53 +05:30			`'client_id' => $useTrusted ? 'trusted-client' : 'default-client',`
			`'client_secret' => $useTrusted ? 'tXBbyvMcyaOgHMOAXBpN2EC7uFoJAaL9' : 'AzWRy7ZjS1yRQUk2vRBDic8fprOKDB1W',`
Fix all tests 2019-09-24 04:26:32 +05:30			`'scope' => implode(' ', $permissions),`
Добавлен контроллер для блокировки аккаунта Добавлен client_credentials grant для oAuth Рефакторинг структуры OauthScopes чтобы можно было разделить владельца прав на пользовательские и общие (машинные) Исправлена стилистика кода, внедряются фишки PHP 7.1 2016-12-18 04:50:53 +05:30			`]);`

			`$response = json_decode($this->grabResponse(), true);`

			`return $response['access_token'];`
			`}`

Протестирована логика подписи access_token и refresh_token, добавлены базовые скоупы, подчищен проект 2016-02-23 03:19:46 +05:30			`}`