ElyBy-Mirror/accounts
1
0
Fork 0
mirror of https://github.com/elyby/accounts.git synced 2025-05-31 14:11:46 +05:30
Code Issues Packages Projects Releases Wiki Activity

Remove refresh_token from OAuth2 result. Return the same access_token as a refresh_token in case when it's requested. Make access_tokens to live forever.

Browse Source
This commit is contained in:
ErickSkrauch
2019-12-09 19:31:54 +03:00
parent efb97a2006
commit ba7fad84a0
23 changed files with 231 additions and 297 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
api/tests/unit/components/OAuth2/Entities/AccessTokenEntityTest.php
View File

@@ -5,7 +5,6 @@ namespace api\tests\unit\components\OAuth2\Entities;
use api\components\OAuth2\Entities\AccessTokenEntity;
use api\tests\unit\TestCase;
use DateInterval;
use DateTimeImmutable;
use League\OAuth2\Server\Entities\ClientEntityInterface;
use League\OAuth2\Server\Entities\ScopeEntityInterface;
@@ -22,35 +21,10 @@ class AccessTokenEntityTest extends TestCase {
$entity->setExpiryDateTime(new DateTimeImmutable());
$entity->addScope($this->createScopeEntity('first'));
$entity->addScope($this->createScopeEntity('second'));
$entity->addScope($this->createScopeEntity('offline_access'));
$token = (string)$entity;
$payloads = json_decode(base64_decode(explode('.', $token)[1]), true);
$this->assertStringNotContainsString('offline_access', $payloads['ely-scopes']);
$scopes = $entity->getScopes();
$this->assertCount(3, $scopes);
$this->assertSame('first', $scopes[0]->getIdentifier());
$this->assertSame('second', $scopes[1]->getIdentifier());
$this->assertSame('offline_access', $scopes[2]->getIdentifier());
}
public function testGetExpiryDateTime() {
$initialExpiry = (new DateTimeImmutable())->add(new DateInterval('P1D'));
$entity = new AccessTokenEntity();
$entity->setExpiryDateTime($initialExpiry);
$this->assertSame($initialExpiry, $entity->getExpiryDateTime());
$entity = new AccessTokenEntity();
$entity->setExpiryDateTime($initialExpiry);
$entity->addScope($this->createScopeEntity('change_skin'));
$this->assertEqualsWithDelta(time() + 60 * 60, $entity->getExpiryDateTime()->getTimestamp(), 5);
$entity = new AccessTokenEntity();
$entity->setExpiryDateTime($initialExpiry);
$entity->addScope($this->createScopeEntity('obtain_account_email'));
$this->assertEqualsWithDelta(time() + 60 * 60, $entity->getExpiryDateTime()->getTimestamp(), 5);
$this->assertSame('first,second', $payloads['ely-scopes']);
}
private function createScopeEntity(string $id): ScopeEntityInterface {

8
api/tests/unit/components/User/JwtIdentityTest.php
View File

@@ -50,10 +50,6 @@ class JwtIdentityTest extends TestCase {
'eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJlbHktc2NvcGVzIjoiYWNjb3VudHNfd2ViX3VzZXIiLCJpYXQiOjE1NjQ2MTA1NDIsImV4cCI6MTU2NDYxNDE0Miwic3ViIjoiZWx5fDEifQ.yth31f2PyhUkYSfBlizzUXWIgOvxxk8gNP-js0z8g1OT5rig40FPTIkgsZRctAwAAlj6QoIWW7-hxLTcSb2vmw',
'Incorrect token',
];
yield 'invalid sub' => [
'eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJlbHktc2NvcGVzIjoiYWNjb3VudHNfd2ViX3VzZXIiLCJpYXQiOjE1NjQ2MTA1NDIsImV4cCI6MTU2NDYxNDE0Miwic3ViIjoxMjM0fQ.yigP5nWFdX0ktbuZC_Unb9bWxpAVd7Nv8Fb1Vsa0t5WkVA88VbhPi2P-CenbDOy8ngwoGV9m3c3upMs2V3gqvw',
'Incorrect token',
];
yield 'empty token' => ['', 'Incorrect token'];
}
@@ -66,6 +62,10 @@ class JwtIdentityTest extends TestCase {
$identity = JwtIdentity::findIdentityByAccessToken('eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJlbHktc2NvcGVzIjoiYWNjb3VudHNfd2ViX3VzZXIiLCJpYXQiOjE1NjQ2MTA1NDIsImV4cCI6MTU2NDYxNDE0Miwic3ViIjoiZWx5fDk5OTk5In0.1pAnhkR-_ZqzjLBR-PNIMJUXRSUK3aYixrFNKZg2ynPNPiDvzh8U-iBTT6XRfMP5nvfXZucRpoPVoiXtx40CUQ');
$this->assertNull($identity->getAccount());
// Sub contains invalid value
$identity = JwtIdentity::findIdentityByAccessToken('eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJlbHktc2NvcGVzIjoiYWNjb3VudHNfd2ViX3VzZXIiLCJpYXQiOjE1NjQ2MTA1NDIsImV4cCI6MTU2NDYxNDE0Miwic3ViIjoxMjM0fQ.yigP5nWFdX0ktbuZC_Unb9bWxpAVd7Nv8Fb1Vsa0t5WkVA88VbhPi2P-CenbDOy8ngwoGV9m3c3upMs2V3gqvw');
$this->assertNull($identity->getAccount());
// Token without sub claim
$identity = JwtIdentity::findIdentityByAccessToken('eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJlbHktc2NvcGVzIjoiYWNjb3VudHNfd2ViX3VzZXIiLCJpYXQiOjE1NjQ2MTA1NDIsImV4cCI6MTU2NDYxNDE0Mn0.QxmYgSflZOQmhzYRr8bowU767yu4yKgTVaho0MPuyCmUfZO_0O0SQASMKVILf-wlT0ODTTG7vD753a2MTAmPmw');
$this->assertNull($identity->getAccount());