mirror of
https://github.com/elyby/accounts.git
synced 2025-05-31 14:11:46 +05:30
Completely restored authorization_code grant for user side.
Reworked oauth_sessions table. Added extension to use MariaDB's JSON columns. Rewritten tests for authorization_code grant for client side. Deprecate some old shit. [skip ci]
This commit is contained in:
ErickSkrauch
@@ -1,113 +1,91 @@
|
||||
<?php
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace api\tests\functional\oauth;
|
||||
|
||||
use api\tests\_pages\OauthRoute;
|
||||
use api\tests\functional\_steps\OauthSteps;
|
||||
use api\tests\FunctionalTester;
|
||||
|
||||
class AccessTokenCest {
|
||||
|
||||
/**
|
||||
* @var OauthRoute
|
||||
*/
|
||||
private $route;
|
||||
|
||||
public function _before(FunctionalTester $I) {
|
||||
$this->route = new OauthRoute($I);
|
||||
public function successfullyIssueToken(OauthSteps $I) {
|
||||
$I->wantTo('complete oauth flow and obtain access_token');
|
||||
$authCode = $I->obtainAuthCode();
|
||||
$I->sendPOST('/api/oauth2/v1/token', [
|
||||
'grant_type' => 'authorization_code',
|
||||
'code' => $authCode,
|
||||
'client_id' => 'ely',
|
||||
'client_secret' => 'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM',
|
||||
'redirect_uri' => 'http://ely.by',
|
||||
]);
|
||||
$I->canSeeResponseCodeIs(200);
|
||||
$I->canSeeResponseContainsJson([
|
||||
'token_type' => 'Bearer',
|
||||
]);
|
||||
$I->canSeeResponseJsonMatchesJsonPath('$.access_token');
|
||||
$I->canSeeResponseJsonMatchesJsonPath('$.expires_in');
|
||||
$I->cantSeeResponseJsonMatchesJsonPath('$.refresh_token');
|
||||
}
|
||||
|
||||
public function testIssueTokenWithWrongArgs(OauthSteps $I) {
|
||||
$I->wantTo('check behavior on on request without any credentials');
|
||||
$this->route->issueToken();
|
||||
public function successfullyIssueOfflineToken(OauthSteps $I) {
|
||||
$I->wantTo('complete oauth flow with offline_access scope and obtain access_token and refresh_token');
|
||||
$authCode = $I->obtainAuthCode(['offline_access']);
|
||||
$I->sendPOST('/api/oauth2/v1/token', [
|
||||
'grant_type' => 'authorization_code',
|
||||
'code' => $authCode,
|
||||
'client_id' => 'ely',
|
||||
'client_secret' => 'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM',
|
||||
'redirect_uri' => 'http://ely.by',
|
||||
]);
|
||||
$I->canSeeResponseCodeIs(200);
|
||||
$I->canSeeResponseContainsJson([
|
||||
'token_type' => 'Bearer',
|
||||
]);
|
||||
$I->canSeeResponseJsonMatchesJsonPath('$.access_token');
|
||||
$I->canSeeResponseJsonMatchesJsonPath('$.expires_in');
|
||||
$I->canSeeResponseJsonMatchesJsonPath('$.refresh_token');
|
||||
}
|
||||
|
||||
public function callEndpointWithByEmptyRequest(OauthSteps $I) {
|
||||
$I->wantTo('check behavior on on request without any params');
|
||||
$I->sendPOST('/api/oauth2/v1/token');
|
||||
$I->canSeeResponseCodeIs(400);
|
||||
$I->canSeeResponseContainsJson([
|
||||
'error' => 'invalid_request',
|
||||
'message' => 'The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the "grant_type" parameter.',
|
||||
'error' => 'unsupported_grant_type',
|
||||
'message' => 'The authorization grant type is not supported by the authorization server.',
|
||||
]);
|
||||
}
|
||||
|
||||
public function issueTokenByPassingInvalidAuthCode(OauthSteps $I) {
|
||||
$I->wantTo('check behavior on passing invalid auth code');
|
||||
$this->route->issueToken($this->buildParams(
|
||||
'wrong-auth-code',
|
||||
'ely',
|
||||
'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM',
|
||||
'http://ely.by'
|
||||
));
|
||||
$I->sendPOST('/api/oauth2/v1/token', [
|
||||
'grant_type' => 'authorization_code',
|
||||
'code' => 'wrong-auth-code',
|
||||
'client_id' => 'ely',
|
||||
'client_secret' => 'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM',
|
||||
'redirect_uri' => 'http://ely.by',
|
||||
]);
|
||||
$I->canSeeResponseCodeIs(400);
|
||||
$I->canSeeResponseContainsJson([
|
||||
'error' => 'invalid_request',
|
||||
'message' => 'The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the "code" parameter.',
|
||||
]);
|
||||
}
|
||||
|
||||
$authCode = $I->getAuthCode();
|
||||
public function issueTokenByPassingInvalidRedirectUri(OauthSteps $I) {
|
||||
$I->wantTo('check behavior on passing invalid redirect_uri');
|
||||
$this->route->issueToken($this->buildParams(
|
||||
$authCode,
|
||||
'ely',
|
||||
'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM',
|
||||
'http://some-other.domain'
|
||||
));
|
||||
$I->canSeeResponseCodeIs(401);
|
||||
$authCode = $I->obtainAuthCode();
|
||||
$I->sendPOST('/api/oauth2/v1/token', [
|
||||
'grant_type' => 'authorization_code',
|
||||
'code' => $authCode,
|
||||
'client_id' => 'ely',
|
||||
'client_secret' => 'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM',
|
||||
'redirect_uri' => 'http://some-other.domain',
|
||||
]);
|
||||
$I->canSeeResponseCodeIs(400);
|
||||
$I->canSeeResponseContainsJson([
|
||||
'error' => 'invalid_client',
|
||||
'message' => 'Client authentication failed.',
|
||||
]);
|
||||
}
|
||||
|
||||
public function testIssueToken(OauthSteps $I) {
|
||||
$authCode = $I->getAuthCode();
|
||||
$this->route->issueToken($this->buildParams(
|
||||
$authCode,
|
||||
'ely',
|
||||
'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM',
|
||||
'http://ely.by'
|
||||
));
|
||||
$I->canSeeResponseCodeIs(200);
|
||||
$I->canSeeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'token_type' => 'Bearer',
|
||||
]);
|
||||
$I->canSeeResponseJsonMatchesJsonPath('$.access_token');
|
||||
$I->cantSeeResponseJsonMatchesJsonPath('$.refresh_token');
|
||||
$I->canSeeResponseJsonMatchesJsonPath('$.expires_in');
|
||||
}
|
||||
|
||||
public function testIssueTokenWithRefreshToken(OauthSteps $I) {
|
||||
$authCode = $I->getAuthCode(['offline_access']);
|
||||
$this->route->issueToken($this->buildParams(
|
||||
$authCode,
|
||||
'ely',
|
||||
'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM',
|
||||
'http://ely.by'
|
||||
));
|
||||
$I->canSeeResponseCodeIs(200);
|
||||
$I->canSeeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'token_type' => 'Bearer',
|
||||
]);
|
||||
$I->canSeeResponseJsonMatchesJsonPath('$.access_token');
|
||||
$I->canSeeResponseJsonMatchesJsonPath('$.refresh_token');
|
||||
$I->canSeeResponseJsonMatchesJsonPath('$.expires_in');
|
||||
}
|
||||
|
||||
private function buildParams($code = null, $clientId = null, $clientSecret = null, $redirectUri = null) {
|
||||
$params = ['grant_type' => 'authorization_code'];
|
||||
if ($code !== null) {
|
||||
$params['code'] = $code;
|
||||
}
|
||||
|
||||
if ($clientId !== null) {
|
||||
$params['client_id'] = $clientId;
|
||||
}
|
||||
|
||||
if ($clientSecret !== null) {
|
||||
$params['client_secret'] = $clientSecret;
|
||||
}
|
||||
|
||||
if ($redirectUri !== null) {
|
||||
$params['redirect_uri'] = $redirectUri;
|
||||
}
|
||||
|
||||
return $params;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -72,7 +72,7 @@ class AuthCodeCest {
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => false,
|
||||
'error' => 'accept_required',
|
||||
'parameter' => '',
|
||||
'parameter' => null,
|
||||
'statusCode' => 401,
|
||||
]);
|
||||
}
|
||||
@@ -90,7 +90,7 @@ class AuthCodeCest {
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => false,
|
||||
'error' => 'accept_required',
|
||||
'parameter' => '',
|
||||
'parameter' => null,
|
||||
'statusCode' => 401,
|
||||
]);
|
||||
}
|
||||
@@ -114,7 +114,7 @@ class AuthCodeCest {
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => false,
|
||||
'error' => 'accept_required',
|
||||
'parameter' => '',
|
||||
'parameter' => null,
|
||||
'statusCode' => 401,
|
||||
]);
|
||||
}
|
||||
|
||||
@@ -1,110 +0,0 @@
|
||||
<?php
|
||||
namespace api\tests\functional\oauth;
|
||||
|
||||
use api\tests\_pages\OauthRoute;
|
||||
use api\tests\FunctionalTester;
|
||||
|
||||
class CreateClientCest {
|
||||
|
||||
/**
|
||||
* @var OauthRoute
|
||||
*/
|
||||
private $route;
|
||||
|
||||
public function _before(FunctionalTester $I) {
|
||||
$this->route = new OauthRoute($I);
|
||||
}
|
||||
|
||||
public function testCreateApplicationWithWrongParams(FunctionalTester $I) {
|
||||
$I->amAuthenticated('admin');
|
||||
|
||||
$this->route->createClient('application', []);
|
||||
$I->canSeeResponseCodeIs(200);
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => false,
|
||||
'errors' => [
|
||||
'name' => 'error.name_required',
|
||||
'redirectUri' => 'error.redirectUri_required',
|
||||
],
|
||||
]);
|
||||
|
||||
$this->route->createClient('application', [
|
||||
'name' => 'my test oauth client',
|
||||
'redirectUri' => 'localhost',
|
||||
]);
|
||||
$I->canSeeResponseCodeIs(200);
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => false,
|
||||
'errors' => [
|
||||
'redirectUri' => 'error.redirectUri_invalid',
|
||||
],
|
||||
]);
|
||||
}
|
||||
|
||||
public function testCreateApplication(FunctionalTester $I) {
|
||||
$I->amAuthenticated('admin');
|
||||
$this->route->createClient('application', [
|
||||
'name' => 'My admin application',
|
||||
'description' => 'Application description.',
|
||||
'redirectUri' => 'http://some-site.com/oauth/ely',
|
||||
'websiteUrl' => 'http://some-site.com',
|
||||
]);
|
||||
$I->canSeeResponseCodeIs(200);
|
||||
$I->canSeeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => true,
|
||||
'data' => [
|
||||
'clientId' => 'my-admin-application',
|
||||
'name' => 'My admin application',
|
||||
'description' => 'Application description.',
|
||||
'websiteUrl' => 'http://some-site.com',
|
||||
'countUsers' => 0,
|
||||
'redirectUri' => 'http://some-site.com/oauth/ely',
|
||||
],
|
||||
]);
|
||||
$I->canSeeResponseJsonMatchesJsonPath('$.data.clientSecret');
|
||||
$I->canSeeResponseJsonMatchesJsonPath('$.data.createdAt');
|
||||
}
|
||||
|
||||
public function testCreateMinecraftServer(FunctionalTester $I) {
|
||||
$I->amAuthenticated('admin');
|
||||
$this->route->createClient('minecraft-server', [
|
||||
'name' => 'My amazing server',
|
||||
'websiteUrl' => 'http://some-site.com',
|
||||
'minecraftServerIp' => 'hypixel.com:25565',
|
||||
]);
|
||||
$I->canSeeResponseCodeIs(200);
|
||||
$I->canSeeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => true,
|
||||
'data' => [
|
||||
'clientId' => 'my-amazing-server',
|
||||
'name' => 'My amazing server',
|
||||
'websiteUrl' => 'http://some-site.com',
|
||||
'minecraftServerIp' => 'hypixel.com:25565',
|
||||
],
|
||||
]);
|
||||
$I->canSeeResponseJsonMatchesJsonPath('$.data.clientSecret');
|
||||
$I->canSeeResponseJsonMatchesJsonPath('$.data.createdAt');
|
||||
}
|
||||
|
||||
public function testCreateApplicationWithTheSameNameAsDeletedApp(FunctionalTester $I) {
|
||||
$I->wantTo('create application with the same name as the recently deleted application');
|
||||
$I->amAuthenticated('admin');
|
||||
$this->route->createClient('application', [
|
||||
'name' => 'Deleted OAuth Client',
|
||||
'description' => '',
|
||||
'redirectUri' => 'http://some-site.com/oauth/ely',
|
||||
'websiteUrl' => 'http://some-site.com',
|
||||
]);
|
||||
$I->canSeeResponseCodeIs(200);
|
||||
$I->canSeeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => true,
|
||||
'data' => [
|
||||
'clientId' => 'deleted-oauth-client1',
|
||||
],
|
||||
]);
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,28 +0,0 @@
|
||||
<?php
|
||||
namespace api\tests\functional\oauth;
|
||||
|
||||
use api\tests\_pages\OauthRoute;
|
||||
use api\tests\FunctionalTester;
|
||||
|
||||
class DeleteClientCest {
|
||||
|
||||
/**
|
||||
* @var OauthRoute
|
||||
*/
|
||||
private $route;
|
||||
|
||||
public function _before(FunctionalTester $I) {
|
||||
$this->route = new OauthRoute($I);
|
||||
}
|
||||
|
||||
public function testDelete(FunctionalTester $I) {
|
||||
$I->amAuthenticated('TwoOauthClients');
|
||||
$this->route->deleteClient('first-test-oauth-client');
|
||||
$I->canSeeResponseCodeIs(200);
|
||||
$I->canSeeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => true,
|
||||
]);
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,88 +0,0 @@
|
||||
<?php
|
||||
namespace api\tests\functional\oauth;
|
||||
|
||||
use api\tests\_pages\OauthRoute;
|
||||
use api\tests\FunctionalTester;
|
||||
|
||||
class GetClientsCest {
|
||||
|
||||
/**
|
||||
* @var OauthRoute
|
||||
*/
|
||||
private $route;
|
||||
|
||||
public function _before(FunctionalTester $I) {
|
||||
$this->route = new OauthRoute($I);
|
||||
}
|
||||
|
||||
public function testGet(FunctionalTester $I) {
|
||||
$I->amAuthenticated('admin');
|
||||
$this->route->getClient('admin-oauth-client');
|
||||
$I->canSeeResponseCodeIs(200);
|
||||
$I->canSeeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'clientId' => 'admin-oauth-client',
|
||||
'clientSecret' => 'FKyO71iCIlv4YM2IHlLbhsvYoIJScUzTZt1kEK7DQLXXYISLDvURVXK32Q58sHWS',
|
||||
'type' => 'application',
|
||||
'name' => 'Admin\'s oauth client',
|
||||
'description' => 'Personal oauth client',
|
||||
'redirectUri' => 'http://some-site.com/oauth/ely',
|
||||
'websiteUrl' => '',
|
||||
'createdAt' => 1519254133,
|
||||
]);
|
||||
}
|
||||
|
||||
public function testGetNotOwn(FunctionalTester $I) {
|
||||
$I->amAuthenticated('admin');
|
||||
$this->route->getClient('another-test-oauth-client');
|
||||
$I->canSeeResponseCodeIs(403);
|
||||
$I->canSeeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'name' => 'Forbidden',
|
||||
'status' => 403,
|
||||
'message' => 'You are not allowed to perform this action.',
|
||||
]);
|
||||
}
|
||||
|
||||
public function testGetAllPerAccountList(FunctionalTester $I) {
|
||||
$I->amAuthenticated('TwoOauthClients');
|
||||
$this->route->getPerAccount(14);
|
||||
$I->canSeeResponseCodeIs(200);
|
||||
$I->canSeeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
[
|
||||
'clientId' => 'first-test-oauth-client',
|
||||
'clientSecret' => 'Zt1kEK7DQLXXYISLDvURVXK32Q58sHWSFKyO71iCIlv4YM2IHlLbhsvYoIJScUzT',
|
||||
'type' => 'application',
|
||||
'name' => 'First test oauth client',
|
||||
'description' => 'Some description to the first oauth client',
|
||||
'redirectUri' => 'http://some-site-1.com/oauth/ely',
|
||||
'websiteUrl' => '',
|
||||
'countUsers' => 0,
|
||||
'createdAt' => 1519487434,
|
||||
],
|
||||
[
|
||||
'clientId' => 'another-test-oauth-client',
|
||||
'clientSecret' => 'URVXK32Q58sHWSFKyO71iCIlv4YM2Zt1kEK7DQLXXYISLDvIHlLbhsvYoIJScUzT',
|
||||
'type' => 'minecraft-server',
|
||||
'name' => 'Another test oauth client',
|
||||
'websiteUrl' => '',
|
||||
'minecraftServerIp' => '136.243.88.97:25565',
|
||||
'createdAt' => 1519487472,
|
||||
],
|
||||
]);
|
||||
}
|
||||
|
||||
public function testGetAllPerNotOwnAccount(FunctionalTester $I) {
|
||||
$I->amAuthenticated('TwoOauthClients');
|
||||
$this->route->getPerAccount(1);
|
||||
$I->canSeeResponseCodeIs(403);
|
||||
$I->canSeeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'name' => 'Forbidden',
|
||||
'status' => 403,
|
||||
'message' => 'You are not allowed to perform this action.',
|
||||
]);
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,79 +0,0 @@
|
||||
<?php
|
||||
namespace api\tests\functional\oauth;
|
||||
|
||||
use api\tests\_pages\IdentityInfoRoute;
|
||||
use api\tests\functional\_steps\OauthSteps;
|
||||
use api\tests\FunctionalTester;
|
||||
|
||||
class IdentityInfoCest {
|
||||
|
||||
/**
|
||||
* @var IdentityInfoRoute
|
||||
*/
|
||||
private $route;
|
||||
|
||||
public function _before(FunctionalTester $I) {
|
||||
$this->route = new IdentityInfoRoute($I);
|
||||
}
|
||||
|
||||
public function testGetErrorIfNoAccessToken(OauthSteps $I) {
|
||||
$I->wantToTest('behavior when this endpoint called without Authorization header');
|
||||
$this->route->info();
|
||||
$I->canSeeResponseCodeIs(401);
|
||||
$I->canSeeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'name' => 'Unauthorized',
|
||||
'status' => 401,
|
||||
'message' => 'Your request was made with invalid credentials.',
|
||||
]);
|
||||
}
|
||||
|
||||
public function testGetErrorIfNotEnoughPerms(OauthSteps $I) {
|
||||
$I->wantToTest('behavior when this endpoint called with token, that have not enough scopes');
|
||||
$accessToken = $I->getAccessToken();
|
||||
$I->amBearerAuthenticated($accessToken);
|
||||
$this->route->info();
|
||||
$I->canSeeResponseCodeIs(403);
|
||||
$I->canSeeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'name' => 'Forbidden',
|
||||
'status' => 403,
|
||||
'message' => 'You are not allowed to perform this action.',
|
||||
]);
|
||||
}
|
||||
|
||||
public function testGetInfo(OauthSteps $I) {
|
||||
$accessToken = $I->getAccessToken(['account_info']);
|
||||
$I->amBearerAuthenticated($accessToken);
|
||||
$this->route->info();
|
||||
$I->canSeeResponseCodeIs(200);
|
||||
$I->canSeeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'id' => 1,
|
||||
'uuid' => 'df936908-b2e1-544d-96f8-2977ec213022',
|
||||
'username' => 'Admin',
|
||||
'registeredAt' => 1451775316,
|
||||
'profileLink' => 'http://ely.by/u1',
|
||||
'preferredLanguage' => 'en',
|
||||
]);
|
||||
$I->cantSeeResponseJsonMatchesJsonPath('$.email');
|
||||
}
|
||||
|
||||
public function testGetInfoWithEmail(OauthSteps $I) {
|
||||
$accessToken = $I->getAccessToken(['account_info', 'account_email']);
|
||||
$I->amBearerAuthenticated($accessToken);
|
||||
$this->route->info();
|
||||
$I->canSeeResponseCodeIs(200);
|
||||
$I->canSeeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'id' => 1,
|
||||
'uuid' => 'df936908-b2e1-544d-96f8-2977ec213022',
|
||||
'username' => 'Admin',
|
||||
'registeredAt' => 1451775316,
|
||||
'profileLink' => 'http://ely.by/u1',
|
||||
'preferredLanguage' => 'en',
|
||||
'email' => 'admin@ely.by',
|
||||
]);
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,60 +0,0 @@
|
||||
<?php
|
||||
namespace api\tests\functional\oauth;
|
||||
|
||||
use api\tests\_pages\OauthRoute;
|
||||
use api\tests\FunctionalTester;
|
||||
|
||||
class ResetClientCest {
|
||||
|
||||
/**
|
||||
* @var OauthRoute
|
||||
*/
|
||||
private $route;
|
||||
|
||||
public function _before(FunctionalTester $I) {
|
||||
$this->route = new OauthRoute($I);
|
||||
}
|
||||
|
||||
public function testReset(FunctionalTester $I) {
|
||||
$I->amAuthenticated('TwoOauthClients');
|
||||
$this->route->resetClient('first-test-oauth-client');
|
||||
$I->canSeeResponseCodeIs(200);
|
||||
$I->canSeeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => true,
|
||||
'data' => [
|
||||
'clientId' => 'first-test-oauth-client',
|
||||
'clientSecret' => 'Zt1kEK7DQLXXYISLDvURVXK32Q58sHWSFKyO71iCIlv4YM2IHlLbhsvYoIJScUzT',
|
||||
'name' => 'First test oauth client',
|
||||
'description' => 'Some description to the first oauth client',
|
||||
'redirectUri' => 'http://some-site-1.com/oauth/ely',
|
||||
'websiteUrl' => '',
|
||||
'countUsers' => 0,
|
||||
'createdAt' => 1519487434,
|
||||
],
|
||||
]);
|
||||
}
|
||||
|
||||
public function testResetWithSecretChanging(FunctionalTester $I) {
|
||||
$I->amAuthenticated('TwoOauthClients');
|
||||
$this->route->resetClient('first-test-oauth-client', true);
|
||||
$I->canSeeResponseCodeIs(200);
|
||||
$I->canSeeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => true,
|
||||
'data' => [
|
||||
'clientId' => 'first-test-oauth-client',
|
||||
'name' => 'First test oauth client',
|
||||
'description' => 'Some description to the first oauth client',
|
||||
'redirectUri' => 'http://some-site-1.com/oauth/ely',
|
||||
'websiteUrl' => '',
|
||||
'countUsers' => 0,
|
||||
'createdAt' => 1519487434,
|
||||
],
|
||||
]);
|
||||
$I->canSeeResponseJsonMatchesJsonPath('$.data.clientSecret');
|
||||
$secret = $I->grabDataFromResponseByJsonPath('$.data.clientSecret')[0];
|
||||
$I->assertNotEquals('Zt1kEK7DQLXXYISLDvURVXK32Q58sHWSFKyO71iCIlv4YM2IHlLbhsvYoIJScUzT', $secret);
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,65 +0,0 @@
|
||||
<?php
|
||||
namespace api\tests\functional\oauth;
|
||||
|
||||
use api\tests\_pages\OauthRoute;
|
||||
use api\tests\FunctionalTester;
|
||||
|
||||
class UpdateClientCest {
|
||||
|
||||
/**
|
||||
* @var OauthRoute
|
||||
*/
|
||||
private $route;
|
||||
|
||||
public function _before(FunctionalTester $I) {
|
||||
$this->route = new OauthRoute($I);
|
||||
}
|
||||
|
||||
public function testUpdateApplication(FunctionalTester $I) {
|
||||
$I->amAuthenticated('TwoOauthClients');
|
||||
$this->route->updateClient('first-test-oauth-client', [
|
||||
'name' => 'Updated name',
|
||||
'description' => 'Updated description.',
|
||||
'redirectUri' => 'http://new-site.com/oauth/ely',
|
||||
'websiteUrl' => 'http://new-site.com',
|
||||
]);
|
||||
$I->canSeeResponseCodeIs(200);
|
||||
$I->canSeeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => true,
|
||||
'data' => [
|
||||
'clientId' => 'first-test-oauth-client',
|
||||
'clientSecret' => 'Zt1kEK7DQLXXYISLDvURVXK32Q58sHWSFKyO71iCIlv4YM2IHlLbhsvYoIJScUzT',
|
||||
'name' => 'Updated name',
|
||||
'description' => 'Updated description.',
|
||||
'redirectUri' => 'http://new-site.com/oauth/ely',
|
||||
'websiteUrl' => 'http://new-site.com',
|
||||
'createdAt' => 1519487434,
|
||||
'countUsers' => 0,
|
||||
],
|
||||
]);
|
||||
}
|
||||
|
||||
public function testUpdateMinecraftServer(FunctionalTester $I) {
|
||||
$I->amAuthenticated('TwoOauthClients');
|
||||
$this->route->updateClient('another-test-oauth-client', [
|
||||
'name' => 'Updated server name',
|
||||
'websiteUrl' => 'http://new-site.com',
|
||||
'minecraftServerIp' => 'hypixel.com:25565',
|
||||
]);
|
||||
$I->canSeeResponseCodeIs(200);
|
||||
$I->canSeeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => true,
|
||||
'data' => [
|
||||
'clientId' => 'another-test-oauth-client',
|
||||
'clientSecret' => 'URVXK32Q58sHWSFKyO71iCIlv4YM2Zt1kEK7DQLXXYISLDvIHlLbhsvYoIJScUzT',
|
||||
'name' => 'Updated server name',
|
||||
'websiteUrl' => 'http://new-site.com',
|
||||
'minecraftServerIp' => 'hypixel.com:25565',
|
||||
'createdAt' => 1519487472,
|
||||
],
|
||||
]);
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user