mirror of
https://github.com/elyby/accounts.git
synced 2025-05-31 14:11:46 +05:30
Add tests for the legacy tokens
This commit is contained in:
ErickSkrauch
@@ -14,7 +14,7 @@ use Yii;
|
||||
class RefreshTokenGrant extends BaseRefreshTokenGrant {
|
||||
|
||||
/**
|
||||
* Previously, refresh tokens was stored in Redis.
|
||||
* Previously, refresh tokens were stored in Redis.
|
||||
* If received refresh token is matches the legacy token template,
|
||||
* restore the information from the legacy storage.
|
||||
*
|
||||
|
||||
@@ -32,7 +32,7 @@ class LegacyOAuth2Identity implements IdentityInterface {
|
||||
*/
|
||||
private $session = false;
|
||||
|
||||
private function __construct(string $accessToken, string $sessionId, array $scopes) {
|
||||
private function __construct(string $accessToken, int $sessionId, array $scopes) {
|
||||
$this->accessToken = $accessToken;
|
||||
$this->sessionId = $sessionId;
|
||||
$this->scopes = $scopes;
|
||||
|
||||
@@ -17,4 +17,4 @@ modules:
|
||||
host: redis
|
||||
port: 6379
|
||||
database: 0
|
||||
cleanupBefore: 'test'
|
||||
cleanupBefore: 'suite'
|
||||
|
||||
@@ -4,6 +4,7 @@ declare(strict_types=1);
|
||||
namespace api\tests\functional\oauth;
|
||||
|
||||
use api\tests\functional\_steps\OauthSteps;
|
||||
use api\tests\FunctionalTester;
|
||||
|
||||
class RefreshTokenCest {
|
||||
|
||||
@@ -53,6 +54,18 @@ class RefreshTokenCest {
|
||||
$this->canSeeRefreshTokenSuccess($I);
|
||||
}
|
||||
|
||||
public function refreshTokenUsingLegacyToken(FunctionalTester $I) {
|
||||
$I->wantTo('refresh token using the legacy token');
|
||||
$I->sendPOST('/api/oauth2/v1/token', [
|
||||
'grant_type' => 'refresh_token',
|
||||
'refresh_token' => 'op7kPGAgHlsXRBJtkFg7wKOTpodvtHVW5NxR7Tjr',
|
||||
'client_id' => 'test1',
|
||||
'client_secret' => 'eEvrKHF47sqiaX94HsX-xXzdGiz3mcsq',
|
||||
'scope' => 'minecraft_server_session account_info',
|
||||
]);
|
||||
$this->canSeeRefreshTokenSuccess($I);
|
||||
}
|
||||
|
||||
public function passInvalidRefreshToken(OauthSteps $I) {
|
||||
$I->wantToTest('behaviour of the server when invalid refresh token passed');
|
||||
$I->sendPOST('/api/oauth2/v1/token', [
|
||||
@@ -85,7 +98,7 @@ class RefreshTokenCest {
|
||||
]);
|
||||
}
|
||||
|
||||
private function canSeeRefreshTokenSuccess(OauthSteps $I) {
|
||||
private function canSeeRefreshTokenSuccess(FunctionalTester $I) {
|
||||
$I->canSeeResponseCodeIs(200);
|
||||
$I->canSeeResponseContainsJson([
|
||||
'token_type' => 'Bearer',
|
||||
|
||||
@@ -3,40 +3,30 @@ declare(strict_types=1);
|
||||
|
||||
namespace api\tests\unit\components\User;
|
||||
|
||||
use api\components\OAuth2\Component;
|
||||
use api\components\OAuth2\Entities\AccessTokenEntity;
|
||||
use api\components\User\IdentityFactory;
|
||||
use api\components\User\JwtIdentity;
|
||||
use api\components\User\LegacyOAuth2Identity;
|
||||
use api\tests\unit\TestCase;
|
||||
use Carbon\Carbon;
|
||||
use League\OAuth2\Server\AbstractServer;
|
||||
use League\OAuth2\Server\Storage\AccessTokenInterface;
|
||||
use Yii;
|
||||
use common\tests\fixtures;
|
||||
use yii\web\UnauthorizedHttpException;
|
||||
|
||||
class IdentityFactoryTest extends TestCase {
|
||||
|
||||
public function _fixtures(): array {
|
||||
return [
|
||||
fixtures\LegacyOauthAccessTokenFixture::class,
|
||||
fixtures\LegacyOauthAccessTokenScopeFixture::class,
|
||||
];
|
||||
}
|
||||
|
||||
public function testFindIdentityByAccessToken() {
|
||||
// Find identity by jwt token
|
||||
// Find identity by the JWT
|
||||
$identity = IdentityFactory::findIdentityByAccessToken('eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJlbHktc2NvcGVzIjoiYWNjb3VudHNfd2ViX3VzZXIiLCJpYXQiOjE1NjQ2MTA1NDIsImV4cCI6MTU2NDYxNDE0Miwic3ViIjoiZWx5fDEifQ.4Oidvuo4spvUf9hkpHR72eeqZUh2Zbxh_L8Od3vcgTj--0iOrcOEp6zwmEW6vF7BTHtjz2b3mXce61bqsCjXjQ');
|
||||
$this->assertInstanceOf(JwtIdentity::class, $identity);
|
||||
|
||||
// Find identity by oauth2 token
|
||||
$accessToken = new AccessTokenEntity(mock(AbstractServer::class));
|
||||
$accessToken->setExpireTime(time() + 3600);
|
||||
$accessToken->setId('mock-token');
|
||||
|
||||
/** @var AccessTokenInterface|\Mockery\MockInterface $accessTokensStorage */
|
||||
$accessTokensStorage = mock(AccessTokenInterface::class);
|
||||
$accessTokensStorage->shouldReceive('get')->with('mock-token')->andReturn($accessToken);
|
||||
|
||||
/** @var Component|\Mockery\MockInterface $component */
|
||||
$component = mock(Component::class);
|
||||
$component->shouldReceive('getAccessTokenStorage')->andReturn($accessTokensStorage);
|
||||
Yii::$app->set('oauth', $component);
|
||||
|
||||
$identity = IdentityFactory::findIdentityByAccessToken('mock-token');
|
||||
// Find identity by the legacy OAuth2 token
|
||||
$identity = IdentityFactory::findIdentityByAccessToken('ZZQP8sS9urzriy8N9h6FwFNMOH3PkZ5T5PLqS6SX');
|
||||
$this->assertInstanceOf(LegacyOAuth2Identity::class, $identity);
|
||||
}
|
||||
|
||||
|
||||
@@ -3,52 +3,37 @@ declare(strict_types=1);
|
||||
|
||||
namespace api\tests\unit\components\User;
|
||||
|
||||
use api\components\OAuth2\Component;
|
||||
use api\components\OAuth2\Entities\AccessTokenEntity;
|
||||
use api\components\User\LegacyOAuth2Identity;
|
||||
use api\tests\unit\TestCase;
|
||||
use Yii;
|
||||
use common\tests\fixtures;
|
||||
use yii\web\UnauthorizedHttpException;
|
||||
|
||||
class LegacyOAuth2IdentityTest extends TestCase {
|
||||
|
||||
public function testFindIdentityByAccessToken() {
|
||||
$accessToken = new AccessTokenEntity(mock(AbstractServer::class));
|
||||
$accessToken->setExpireTime(time() + 3600);
|
||||
$accessToken->setId('mock-token');
|
||||
$this->mockFoundedAccessToken($accessToken);
|
||||
public function _fixtures(): array {
|
||||
return [
|
||||
fixtures\LegacyOauthAccessTokenFixture::class,
|
||||
fixtures\LegacyOauthAccessTokenScopeFixture::class,
|
||||
];
|
||||
}
|
||||
|
||||
$identity = LegacyOAuth2Identity::findIdentityByAccessToken('mock-token');
|
||||
$this->assertSame('mock-token', $identity->getId());
|
||||
public function testFindIdentityByAccessToken() {
|
||||
$identity = LegacyOAuth2Identity::findIdentityByAccessToken('ZZQP8sS9urzriy8N9h6FwFNMOH3PkZ5T5PLqS6SX');
|
||||
$this->assertSame('ZZQP8sS9urzriy8N9h6FwFNMOH3PkZ5T5PLqS6SX', $identity->getId());
|
||||
}
|
||||
|
||||
public function testFindIdentityByAccessTokenWithNonExistsToken() {
|
||||
$this->expectException(UnauthorizedHttpException::class);
|
||||
$this->expectExceptionMessage('Incorrect token');
|
||||
|
||||
LegacyOAuth2Identity::findIdentityByAccessToken('not exists token');
|
||||
LegacyOAuth2Identity::findIdentityByAccessToken('xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx');
|
||||
}
|
||||
|
||||
public function testFindIdentityByAccessTokenWithExpiredToken() {
|
||||
$this->expectException(UnauthorizedHttpException::class);
|
||||
$this->expectExceptionMessage('Token expired');
|
||||
|
||||
$accessToken = new AccessTokenEntity(mock(AbstractServer::class));
|
||||
$accessToken->setExpireTime(time() - 3600);
|
||||
$this->mockFoundedAccessToken($accessToken);
|
||||
|
||||
LegacyOAuth2Identity::findIdentityByAccessToken('mock-token');
|
||||
}
|
||||
|
||||
private function mockFoundedAccessToken(AccessTokenEntity $accessToken) {
|
||||
/** @var AccessTokenInterface|\Mockery\MockInterface $accessTokensStorage */
|
||||
$accessTokensStorage = mock(AccessTokenInterface::class);
|
||||
$accessTokensStorage->shouldReceive('get')->with('mock-token')->andReturn($accessToken);
|
||||
|
||||
/** @var Component|\Mockery\MockInterface $component */
|
||||
$component = mock(Component::class);
|
||||
$component->shouldReceive('getAccessTokenStorage')->andReturn($accessTokensStorage);
|
||||
Yii::$app->set('oauth', $component);
|
||||
LegacyOAuth2Identity::findIdentityByAccessToken('rc0sOF1SLdOxuD3bJcCQENmGTeYrGgy12qJScMx4');
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user