ElyBy-Mirror/accounts
1
0
Fork 0
mirror of https://github.com/elyby/accounts.git synced 2025-05-31 14:11:46 +05:30
Code Issues Packages Projects Releases Wiki Activity

Make tokens, created by client credentials grant to live forever

Browse Source
This commit is contained in:
ErickSkrauch
2019-12-06 18:31:04 +03:00
parent 6fb32ec76d
commit f0a73f2b7a
8 changed files with 113 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
api/tests/unit/components/Tokens/ComponentTest.php
View File

@@ -22,7 +22,11 @@ class ComponentTest extends TestCase {
$this->assertSame('ES256', $token->getHeader('alg'));
$this->assertEmpty(array_diff(array_keys($token->getClaims()), ['iat', 'exp']));
$this->assertEqualsWithDelta(time(), $token->getClaim('iat'), 1);
$this->assertEqualsWithDelta(time() + 3600, $token->getClaim('exp'), 2);
// Pass exp claim
$time = time() + 60;
$token = $this->component->create(['exp' => $time]);
$this->assertSame($time, $token->getClaim('exp'));
// Pass custom payloads
$token = $this->component->create(['find' => 'me']);

66
api/tests/unit/components/Tokens/TokensFactoryTest.php
View File

@@ -5,16 +5,22 @@ namespace api\tests\unit\components\Tokens;
use api\components\Tokens\TokensFactory;
use api\tests\unit\TestCase;
use Carbon\Carbon;
use common\models\Account;
use common\models\AccountSession;
use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
use League\OAuth2\Server\Entities\ClientEntityInterface;
use League\OAuth2\Server\Entities\ScopeEntityInterface;
class TokensFactoryTest extends TestCase {
public function testCreateForAccount() {
$factory = new TokensFactory();
$account = new Account();
$account->id = 1;
$factory = new TokensFactory();
// Create for account
$token = $factory->createForWebAccount($account);
$this->assertEqualsWithDelta(time(), $token->getClaim('iat'), 1);
@@ -26,6 +32,8 @@ class TokensFactoryTest extends TestCase {
$session = new AccountSession();
$session->id = 2;
// Create for account with remember me
$token = $factory->createForWebAccount($account, $session);
$this->assertEqualsWithDelta(time(), $token->getClaim('iat'), 1);
$this->assertEqualsWithDelta(time() + 3600, $token->getClaim('exp'), 2);
@@ -34,4 +42,60 @@ class TokensFactoryTest extends TestCase {
$this->assertSame(2, $token->getClaim('jti'));
}
public function testCreateForOauthClient() {
$factory = new TokensFactory();
$client = $this->createMock(ClientEntityInterface::class);
$client->method('getIdentifier')->willReturn('clientId');
$scope1 = $this->createMock(ScopeEntityInterface::class);
$scope1->method('getIdentifier')->willReturn('scope1');
$scope2 = $this->createMock(ScopeEntityInterface::class);
$scope2->method('getIdentifier')->willReturn('scope2');
$expiryDateTime = Carbon::now()->addDay();
// Create for auth code grant
$accessToken = $this->createMock(AccessTokenEntityInterface::class);
$accessToken->method('getClient')->willReturn($client);
$accessToken->method('getScopes')->willReturn([$scope1, $scope2]);
$accessToken->method('getExpiryDateTime')->willReturn($expiryDateTime);
$accessToken->method('getUserIdentifier')->willReturn(1);
$token = $factory->createForOAuthClient($accessToken);
$this->assertEqualsWithDelta(time(), $token->getClaim('iat'), 1);
$this->assertEqualsWithDelta($expiryDateTime->getTimestamp(), $token->getClaim('exp'), 2);
$this->assertSame('ely|1', $token->getClaim('sub'));
$this->assertSame('client|clientId', $token->getClaim('aud'));
$this->assertSame('scope1,scope2', $token->getClaim('ely-scopes'));
// Create for client credentials grant
$accessToken = $this->createMock(AccessTokenEntityInterface::class);
$accessToken->method('getClient')->willReturn($client);
$accessToken->method('getScopes')->willReturn([$scope1, $scope2]);
$accessToken->method('getExpiryDateTime')->willReturn(Carbon::now()->subDay());
$accessToken->method('getUserIdentifier')->willReturn(null);
$token = $factory->createForOAuthClient($accessToken);
$this->assertSame('no value', $token->getClaim('exp', 'no value'));
$this->assertSame('no value', $token->getClaim('sub', 'no value'));
}
public function testCreateForMinecraftAccount() {
$factory = new TokensFactory();
$account = new Account();
$account->id = 1;
$clientToken = 'e44fae79-f80e-4975-952e-47e8a9ed9472';
$token = $factory->createForMinecraftAccount($account, $clientToken);
$this->assertEqualsWithDelta(time(), $token->getClaim('iat'), 5);
$this->assertEqualsWithDelta(time() + 60 * 60 * 24 * 2, $token->getClaim('exp'), 5);
$this->assertSame('minecraft_server_session', $token->getClaim('ely-scopes'));
$this->assertNotSame('e44fae79-f80e-4975-952e-47e8a9ed9472', $token->getClaim('ely-client-token'));
$this->assertSame('ely|1', $token->getClaim('sub'));
}
}

7
api/tests/unit/models/authentication/AuthenticationResultTest.php
View File

@@ -21,19 +21,20 @@ class AuthenticationResultTest extends TestCase {
}
public function testGetAsResponse() {
$token = Yii::$app->tokens->create();
$time = time() + 3600;
$token = Yii::$app->tokens->create(['exp' => $time]);
$jwt = (string)$token;
$model = new AuthenticationResult($token);
$result = $model->formatAsOAuth2Response();
$this->assertSame($jwt, $result['access_token']);
$this->assertEqualsWithDelta(3600, $result['expires_in'], 1);
$this->assertSame(3600, $result['expires_in']);
$this->assertArrayNotHasKey('refresh_token', $result);
$model = new AuthenticationResult($token, 'refresh_token');
$result = $model->formatAsOAuth2Response();
$this->assertSame($jwt, $result['access_token']);
$this->assertEqualsWithDelta(3600, $result['expires_in'], 1);
$this->assertSame(3600, $result['expires_in']);
$this->assertSame('refresh_token', $result['refresh_token']);
}