route = new OauthRoute($I); } public function testIssueTokenWithWrongArgs(FunctionalTester $I) { $I->wantTo('check behavior on on request without any credentials'); $this->route->issueToken($this->buildParams()); $I->canSeeResponseCodeIs(400); $I->canSeeResponseContainsJson([ 'error' => 'invalid_request', ]); $I->wantTo('check behavior on passing invalid client_id'); $this->route->issueToken($this->buildParams( 'invalid-client', 'invalid-secret', ['invalid-scope'] )); $I->canSeeResponseCodeIs(401); $I->canSeeResponseContainsJson([ 'error' => 'invalid_client', ]); $I->wantTo('check behavior on passing invalid client_secret'); $this->route->issueToken($this->buildParams( 'ely', 'invalid-secret', ['invalid-scope'] )); $I->canSeeResponseCodeIs(401); $I->canSeeResponseContainsJson([ 'error' => 'invalid_client', ]); $I->wantTo('check behavior on passing invalid client_secret'); $this->route->issueToken($this->buildParams( 'ely', 'invalid-secret', ['invalid-scope'] )); $I->canSeeResponseCodeIs(401); $I->canSeeResponseContainsJson([ 'error' => 'invalid_client', ]); } public function testIssueTokenWithPublicScopes(OauthSteps $I) { // TODO: we don't have any public scopes yet for this grant, so the test runs with an empty set $this->route->issueToken($this->buildParams( 'ely', 'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM', [] )); $I->canSeeResponseCodeIs(200); $I->canSeeResponseIsJson(); $I->canSeeResponseContainsJson([ 'token_type' => 'Bearer', ]); $I->canSeeResponseJsonMatchesJsonPath('$.access_token'); $I->canSeeResponseJsonMatchesJsonPath('$.expires_in'); } public function testIssueTokenWithInternalScopes(OauthSteps $I) { $this->route->issueToken($this->buildParams( 'ely', 'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM', ['account_block'] )); $I->canSeeResponseCodeIs(400); $I->canSeeResponseIsJson(); $I->canSeeResponseContainsJson([ 'error' => 'invalid_scope', ]); $this->route->issueToken($this->buildParams( 'trusted-client', 'tXBbyvMcyaOgHMOAXBpN2EC7uFoJAaL9', ['account_block'] )); $I->canSeeResponseCodeIs(200); $I->canSeeResponseIsJson(); $I->canSeeResponseContainsJson([ 'token_type' => 'Bearer', ]); $I->canSeeResponseJsonMatchesJsonPath('$.access_token'); $I->canSeeResponseJsonMatchesJsonPath('$.expires_in'); } private function buildParams($clientId = null, $clientSecret = null, array $scopes = null) { $params = ['grant_type' => 'client_credentials']; if ($clientId !== null) { $params['client_id'] = $clientId; } if ($clientSecret !== null) { $params['client_secret'] = $clientSecret; } if ($scopes !== null) { $params['scope'] = implode(',', $scopes); } return $params; } }