2016-02-21 20:02:27 +05:30
|
|
|
<?php
|
|
|
|
|
|
|
|
namespace LeagueTests\Grant;
|
|
|
|
|
2018-11-08 15:11:01 +05:30
|
|
|
use DateInterval;
|
2018-05-23 21:04:39 +05:30
|
|
|
use League\OAuth2\Server\CryptKey;
|
2016-04-09 19:55:45 +05:30
|
|
|
use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
|
|
|
|
use League\OAuth2\Server\Entities\RefreshTokenEntityInterface;
|
2016-02-21 23:43:39 +05:30
|
|
|
use League\OAuth2\Server\Exception\OAuthServerException;
|
2016-06-20 13:48:53 +05:30
|
|
|
use League\OAuth2\Server\Exception\UniqueTokenIdentifierConstraintViolationException;
|
2016-02-21 20:02:27 +05:30
|
|
|
use League\OAuth2\Server\Grant\AuthCodeGrant;
|
2016-02-22 13:30:50 +05:30
|
|
|
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
|
2016-02-21 20:02:27 +05:30
|
|
|
use League\OAuth2\Server\Repositories\AuthCodeRepositoryInterface;
|
|
|
|
use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
|
|
|
|
use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
|
2016-03-15 05:40:47 +05:30
|
|
|
use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
|
2016-04-10 19:45:29 +05:30
|
|
|
use League\OAuth2\Server\RequestTypes\AuthorizationRequest;
|
2016-03-18 04:55:32 +05:30
|
|
|
use League\OAuth2\Server\ResponseTypes\RedirectResponse;
|
2016-04-09 20:16:40 +05:30
|
|
|
use LeagueTests\Stubs\AccessTokenEntity;
|
|
|
|
use LeagueTests\Stubs\AuthCodeEntity;
|
2016-03-15 05:40:47 +05:30
|
|
|
use LeagueTests\Stubs\ClientEntity;
|
2016-03-18 01:48:28 +05:30
|
|
|
use LeagueTests\Stubs\CryptTraitStub;
|
2016-04-09 20:16:40 +05:30
|
|
|
use LeagueTests\Stubs\RefreshTokenEntity;
|
2016-03-15 05:40:47 +05:30
|
|
|
use LeagueTests\Stubs\ScopeEntity;
|
2016-02-21 20:02:27 +05:30
|
|
|
use LeagueTests\Stubs\StubResponseType;
|
|
|
|
use LeagueTests\Stubs\UserEntity;
|
2017-11-08 23:37:07 +05:30
|
|
|
use PHPUnit\Framework\TestCase;
|
2016-02-21 20:02:27 +05:30
|
|
|
use Zend\Diactoros\ServerRequest;
|
|
|
|
|
2017-11-08 23:37:07 +05:30
|
|
|
class AuthCodeGrantTest extends TestCase
|
2016-02-21 20:02:27 +05:30
|
|
|
{
|
2017-11-14 04:04:12 +05:30
|
|
|
const DEFAULT_SCOPE = 'basic';
|
2017-10-19 02:41:02 +05:30
|
|
|
|
2016-03-18 01:48:28 +05:30
|
|
|
/**
|
2016-05-06 19:53:16 +05:30
|
|
|
* @var CryptTraitStub
|
2016-03-18 01:48:28 +05:30
|
|
|
*/
|
|
|
|
protected $cryptStub;
|
|
|
|
|
2018-02-18 19:21:34 +05:30
|
|
|
const CODE_VERIFIER = 'dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk';
|
2017-06-16 22:33:14 +05:30
|
|
|
|
2018-02-18 19:21:34 +05:30
|
|
|
const CODE_CHALLENGE = 'E9Melhoa2OwvFrEMTJguCHaoeK1t8URWbuGJSstw-cM';
|
2017-06-16 22:33:14 +05:30
|
|
|
|
2019-06-27 17:24:22 +05:30
|
|
|
public function setUp(): void
|
2016-03-18 01:48:28 +05:30
|
|
|
{
|
2018-05-23 21:04:39 +05:30
|
|
|
$this->cryptStub = new CryptTraitStub();
|
2016-03-18 01:48:28 +05:30
|
|
|
}
|
|
|
|
|
2016-02-21 20:02:27 +05:30
|
|
|
public function testGetIdentifier()
|
|
|
|
{
|
|
|
|
$grant = new AuthCodeGrant(
|
2016-07-08 18:59:21 +05:30
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-02-21 20:02:27 +05:30
|
|
|
);
|
|
|
|
|
|
|
|
$this->assertEquals('authorization_code', $grant->getIdentifier());
|
|
|
|
}
|
|
|
|
|
2016-04-10 19:45:29 +05:30
|
|
|
public function testCanRespondToAuthorizationRequest()
|
2016-02-21 20:02:27 +05:30
|
|
|
{
|
|
|
|
$grant = new AuthCodeGrant(
|
2016-07-08 18:59:21 +05:30
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-02-21 20:02:27 +05:30
|
|
|
);
|
|
|
|
|
|
|
|
$request = new ServerRequest(
|
|
|
|
[],
|
2016-02-22 13:30:50 +05:30
|
|
|
[],
|
2016-02-21 20:02:27 +05:30
|
|
|
null,
|
|
|
|
null,
|
|
|
|
'php://input',
|
|
|
|
$headers = [],
|
|
|
|
$cookies = [],
|
|
|
|
$queryParams = [
|
|
|
|
'response_type' => 'code',
|
2016-02-21 22:38:57 +05:30
|
|
|
'client_id' => 'foo',
|
2016-02-21 20:02:27 +05:30
|
|
|
]
|
|
|
|
);
|
|
|
|
|
2016-04-10 19:45:29 +05:30
|
|
|
$this->assertTrue($grant->canRespondToAuthorizationRequest($request));
|
2016-02-21 20:02:27 +05:30
|
|
|
}
|
|
|
|
|
2016-04-10 19:45:29 +05:30
|
|
|
public function testValidateAuthorizationRequest()
|
2016-02-21 20:02:27 +05:30
|
|
|
{
|
|
|
|
$client = new ClientEntity();
|
|
|
|
$client->setRedirectUri('http://foo/bar');
|
2018-08-16 02:10:41 +05:30
|
|
|
$client->setConfidential();
|
2017-10-19 02:41:02 +05:30
|
|
|
|
2016-02-21 20:02:27 +05:30
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
2017-10-19 02:41:02 +05:30
|
|
|
$scope = new ScopeEntity();
|
|
|
|
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
|
|
|
|
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scope);
|
|
|
|
|
2016-02-21 20:02:27 +05:30
|
|
|
$grant = new AuthCodeGrant(
|
2016-07-08 18:59:21 +05:30
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-02-21 20:02:27 +05:30
|
|
|
);
|
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
2017-10-19 02:41:02 +05:30
|
|
|
$grant->setScopeRepository($scopeRepositoryMock);
|
|
|
|
$grant->setDefaultScope(self::DEFAULT_SCOPE);
|
2016-02-21 22:38:57 +05:30
|
|
|
|
|
|
|
$request = new ServerRequest(
|
2016-04-10 19:45:29 +05:30
|
|
|
[],
|
2016-02-22 13:30:50 +05:30
|
|
|
[],
|
2016-02-21 22:38:57 +05:30
|
|
|
null,
|
2016-04-10 19:45:29 +05:30
|
|
|
null,
|
2016-02-21 22:38:57 +05:30
|
|
|
'php://input',
|
2016-07-08 19:34:14 +05:30
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[
|
2016-02-21 22:38:57 +05:30
|
|
|
'response_type' => 'code',
|
|
|
|
'client_id' => 'foo',
|
2016-04-10 19:45:29 +05:30
|
|
|
'redirect_uri' => 'http://foo/bar',
|
2016-02-21 22:38:57 +05:30
|
|
|
]
|
|
|
|
);
|
|
|
|
|
2017-12-07 01:54:42 +05:30
|
|
|
$this->assertInstanceOf(AuthorizationRequest::class, $grant->validateAuthorizationRequest($request));
|
2016-02-21 22:38:57 +05:30
|
|
|
}
|
|
|
|
|
2016-04-10 19:45:29 +05:30
|
|
|
public function testValidateAuthorizationRequestRedirectUriArray()
|
2016-02-21 22:38:57 +05:30
|
|
|
{
|
|
|
|
$client = new ClientEntity();
|
2016-04-10 19:45:29 +05:30
|
|
|
$client->setRedirectUri(['http://foo/bar']);
|
2018-08-16 02:10:41 +05:30
|
|
|
$client->setConfidential();
|
2016-02-21 22:38:57 +05:30
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
2017-10-19 02:41:02 +05:30
|
|
|
$scope = new ScopeEntity();
|
|
|
|
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
|
|
|
|
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scope);
|
|
|
|
|
2016-02-21 22:38:57 +05:30
|
|
|
$grant = new AuthCodeGrant(
|
2016-07-08 18:59:21 +05:30
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-02-21 22:38:57 +05:30
|
|
|
);
|
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
2017-10-19 02:41:02 +05:30
|
|
|
$grant->setScopeRepository($scopeRepositoryMock);
|
|
|
|
$grant->setDefaultScope(self::DEFAULT_SCOPE);
|
2016-02-21 22:38:57 +05:30
|
|
|
|
|
|
|
$request = new ServerRequest(
|
2016-04-10 19:45:29 +05:30
|
|
|
[],
|
2016-02-22 13:30:50 +05:30
|
|
|
[],
|
2016-02-21 22:38:57 +05:30
|
|
|
null,
|
2016-04-10 19:45:29 +05:30
|
|
|
null,
|
2016-02-21 22:38:57 +05:30
|
|
|
'php://input',
|
2016-07-08 19:34:14 +05:30
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[
|
2016-02-21 22:38:57 +05:30
|
|
|
'response_type' => 'code',
|
|
|
|
'client_id' => 'foo',
|
2016-04-10 19:45:29 +05:30
|
|
|
'redirect_uri' => 'http://foo/bar',
|
2016-02-21 22:38:57 +05:30
|
|
|
]
|
|
|
|
);
|
|
|
|
|
2017-12-07 01:54:42 +05:30
|
|
|
$this->assertInstanceOf(AuthorizationRequest::class, $grant->validateAuthorizationRequest($request));
|
2016-02-21 22:38:57 +05:30
|
|
|
}
|
|
|
|
|
2016-05-06 19:53:16 +05:30
|
|
|
public function testValidateAuthorizationRequestCodeChallenge()
|
|
|
|
{
|
|
|
|
$client = new ClientEntity();
|
|
|
|
$client->setRedirectUri('http://foo/bar');
|
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
2017-10-19 02:41:02 +05:30
|
|
|
$scope = new ScopeEntity();
|
|
|
|
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
|
|
|
|
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scope);
|
|
|
|
|
2016-05-06 19:53:16 +05:30
|
|
|
$grant = new AuthCodeGrant(
|
2016-07-08 18:59:21 +05:30
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-05-06 19:53:16 +05:30
|
|
|
);
|
2018-07-30 03:04:37 +05:30
|
|
|
|
2016-05-06 19:53:16 +05:30
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
2017-10-19 02:41:02 +05:30
|
|
|
$grant->setScopeRepository($scopeRepositoryMock);
|
|
|
|
$grant->setDefaultScope(self::DEFAULT_SCOPE);
|
2016-05-06 19:53:16 +05:30
|
|
|
|
|
|
|
$request = new ServerRequest(
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
null,
|
|
|
|
null,
|
|
|
|
'php://input',
|
2016-07-08 19:34:14 +05:30
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[
|
2016-05-06 19:53:16 +05:30
|
|
|
'response_type' => 'code',
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
2018-02-18 19:21:34 +05:30
|
|
|
'code_challenge' => self::CODE_CHALLENGE,
|
2016-05-06 19:53:16 +05:30
|
|
|
]
|
|
|
|
);
|
|
|
|
|
2017-12-07 01:54:42 +05:30
|
|
|
$this->assertInstanceOf(AuthorizationRequest::class, $grant->validateAuthorizationRequest($request));
|
2016-05-06 19:53:16 +05:30
|
|
|
}
|
|
|
|
|
2017-06-16 21:22:36 +05:30
|
|
|
public function testValidateAuthorizationRequestCodeChallengeInvalidLengthTooShort()
|
|
|
|
{
|
|
|
|
$client = new ClientEntity();
|
|
|
|
$client->setRedirectUri('http://foo/bar');
|
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
|
|
|
$grant = new AuthCodeGrant(
|
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2017-06-16 21:22:36 +05:30
|
|
|
);
|
2018-07-30 00:26:30 +05:30
|
|
|
|
2017-06-16 21:22:36 +05:30
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
|
|
|
|
2019-06-27 17:24:22 +05:30
|
|
|
$request = (new ServerRequest())->withQueryParams([
|
|
|
|
'response_type' => 'code',
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
'code_challenge' => str_repeat('A', 42),
|
|
|
|
]);
|
|
|
|
|
|
|
|
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
2017-06-16 21:22:36 +05:30
|
|
|
|
|
|
|
$grant->validateAuthorizationRequest($request);
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testValidateAuthorizationRequestCodeChallengeInvalidLengthTooLong()
|
|
|
|
{
|
|
|
|
$client = new ClientEntity();
|
|
|
|
$client->setRedirectUri('http://foo/bar');
|
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
|
|
|
$grant = new AuthCodeGrant(
|
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2017-06-16 21:22:36 +05:30
|
|
|
);
|
2018-07-30 03:04:37 +05:30
|
|
|
|
2017-06-16 21:22:36 +05:30
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
|
|
|
|
2019-06-27 17:24:22 +05:30
|
|
|
$request = (new ServerRequest())->withQueryParams([
|
|
|
|
'response_type' => 'code',
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
'code_challenge' => str_repeat('A', 129),
|
|
|
|
]);
|
|
|
|
|
|
|
|
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
2017-06-16 21:22:36 +05:30
|
|
|
|
|
|
|
$grant->validateAuthorizationRequest($request);
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testValidateAuthorizationRequestCodeChallengeInvalidCharacters()
|
|
|
|
{
|
|
|
|
$client = new ClientEntity();
|
|
|
|
$client->setRedirectUri('http://foo/bar');
|
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
|
|
|
$grant = new AuthCodeGrant(
|
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2017-06-16 21:22:36 +05:30
|
|
|
);
|
2018-07-30 03:04:37 +05:30
|
|
|
|
2017-06-16 21:22:36 +05:30
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
|
|
|
|
2019-06-27 17:24:22 +05:30
|
|
|
$request = (new ServerRequest())->withQueryParams([
|
|
|
|
'response_type' => 'code',
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
'code_challenge' => str_repeat('A', 42) . '!',
|
|
|
|
]);
|
|
|
|
|
|
|
|
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
2017-06-16 21:22:36 +05:30
|
|
|
|
|
|
|
$grant->validateAuthorizationRequest($request);
|
|
|
|
}
|
|
|
|
|
2016-04-10 19:45:29 +05:30
|
|
|
public function testValidateAuthorizationRequestMissingClientId()
|
2016-02-21 22:38:57 +05:30
|
|
|
{
|
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
|
|
|
|
$grant = new AuthCodeGrant(
|
2016-07-08 18:59:21 +05:30
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-02-21 22:38:57 +05:30
|
|
|
);
|
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
|
|
|
|
2019-06-27 17:24:22 +05:30
|
|
|
$request = (new ServerRequest())->withQueryParams([
|
|
|
|
'response_type' => 'code',
|
|
|
|
]);
|
|
|
|
|
|
|
|
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
|
|
|
$this->expectExceptionCode(3);
|
2016-02-21 22:38:57 +05:30
|
|
|
|
2018-04-20 22:52:07 +05:30
|
|
|
$grant->validateAuthorizationRequest($request);
|
2016-02-21 23:43:39 +05:30
|
|
|
}
|
2016-02-21 22:38:57 +05:30
|
|
|
|
2016-04-10 19:45:29 +05:30
|
|
|
public function testValidateAuthorizationRequestInvalidClientId()
|
2016-02-21 23:43:39 +05:30
|
|
|
{
|
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
2016-04-10 19:45:29 +05:30
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn(null);
|
2016-02-21 23:43:39 +05:30
|
|
|
|
|
|
|
$grant = new AuthCodeGrant(
|
2016-07-08 18:59:21 +05:30
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-02-21 23:43:39 +05:30
|
|
|
);
|
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
|
|
|
|
2019-06-27 17:24:22 +05:30
|
|
|
$request = (new ServerRequest())->withQueryParams([
|
|
|
|
'response_type' => 'code',
|
|
|
|
'client_id' => 'foo',
|
|
|
|
]);
|
|
|
|
|
|
|
|
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
|
|
|
$this->expectExceptionCode(4);
|
2016-02-21 23:43:39 +05:30
|
|
|
|
2016-04-10 19:45:29 +05:30
|
|
|
$grant->validateAuthorizationRequest($request);
|
2016-02-21 22:38:57 +05:30
|
|
|
}
|
|
|
|
|
2016-04-10 19:45:29 +05:30
|
|
|
public function testValidateAuthorizationRequestBadRedirectUriString()
|
2016-02-21 22:38:57 +05:30
|
|
|
{
|
|
|
|
$client = new ClientEntity();
|
|
|
|
$client->setRedirectUri('http://foo/bar');
|
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
|
|
|
$grant = new AuthCodeGrant(
|
2016-07-08 18:59:21 +05:30
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-02-21 22:38:57 +05:30
|
|
|
);
|
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
|
|
|
|
2019-06-27 17:24:22 +05:30
|
|
|
$request = (new ServerRequest())->withQueryParams([
|
|
|
|
'response_type' => 'code',
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'redirect_uri' => 'http://bar',
|
|
|
|
]);
|
|
|
|
|
|
|
|
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
|
|
|
$this->expectExceptionCode(4);
|
2016-02-21 22:38:57 +05:30
|
|
|
|
2016-04-10 19:45:29 +05:30
|
|
|
$grant->validateAuthorizationRequest($request);
|
2016-02-21 22:38:57 +05:30
|
|
|
}
|
|
|
|
|
2016-04-10 19:45:29 +05:30
|
|
|
public function testValidateAuthorizationRequestBadRedirectUriArray()
|
2016-02-21 22:38:57 +05:30
|
|
|
{
|
|
|
|
$client = new ClientEntity();
|
2016-04-10 19:45:29 +05:30
|
|
|
$client->setRedirectUri(['http://foo/bar']);
|
2016-02-21 22:38:57 +05:30
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
|
|
|
$grant = new AuthCodeGrant(
|
2016-07-08 18:59:21 +05:30
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-02-21 22:38:57 +05:30
|
|
|
);
|
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
|
|
|
|
2019-06-27 17:24:22 +05:30
|
|
|
$request = (new ServerRequest())->withQueryParams([
|
|
|
|
'response_type' => 'code',
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'redirect_uri' => 'http://bar',
|
|
|
|
]);
|
|
|
|
|
|
|
|
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
|
|
|
$this->expectExceptionCode(4);
|
2016-02-21 22:38:57 +05:30
|
|
|
|
2016-04-10 19:45:29 +05:30
|
|
|
$grant->validateAuthorizationRequest($request);
|
2016-02-21 22:38:57 +05:30
|
|
|
}
|
|
|
|
|
2016-05-06 19:53:16 +05:30
|
|
|
public function testValidateAuthorizationRequestInvalidCodeChallengeMethod()
|
|
|
|
{
|
|
|
|
$client = new ClientEntity();
|
|
|
|
$client->setRedirectUri('http://foo/bar');
|
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
2017-10-19 02:41:02 +05:30
|
|
|
$scope = new ScopeEntity();
|
|
|
|
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
|
|
|
|
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scope);
|
|
|
|
|
2016-05-06 19:53:16 +05:30
|
|
|
$grant = new AuthCodeGrant(
|
2016-07-08 18:59:21 +05:30
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-05-06 19:53:16 +05:30
|
|
|
);
|
2018-07-30 03:04:37 +05:30
|
|
|
|
2016-05-06 19:53:16 +05:30
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
2017-10-19 02:41:02 +05:30
|
|
|
$grant->setScopeRepository($scopeRepositoryMock);
|
|
|
|
$grant->setDefaultScope(self::DEFAULT_SCOPE);
|
2016-05-06 19:53:16 +05:30
|
|
|
|
2019-06-27 17:24:22 +05:30
|
|
|
$request = (new ServerRequest())->withQueryParams([
|
|
|
|
'response_type' => 'code',
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
'code_challenge' => 'foobar',
|
|
|
|
'code_challenge_method' => 'foo',
|
|
|
|
]);
|
|
|
|
|
|
|
|
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
|
|
|
$this->expectExceptionCode(3);
|
2016-05-06 19:53:16 +05:30
|
|
|
|
|
|
|
$grant->validateAuthorizationRequest($request);
|
|
|
|
}
|
|
|
|
|
2016-04-10 19:45:29 +05:30
|
|
|
public function testCompleteAuthorizationRequest()
|
2016-02-21 22:38:57 +05:30
|
|
|
{
|
2016-04-10 19:45:29 +05:30
|
|
|
$authRequest = new AuthorizationRequest();
|
|
|
|
$authRequest->setAuthorizationApproved(true);
|
|
|
|
$authRequest->setClient(new ClientEntity());
|
|
|
|
$authRequest->setGrantTypeId('authorization_code');
|
|
|
|
$authRequest->setUser(new UserEntity());
|
2016-02-21 22:38:57 +05:30
|
|
|
|
2016-04-10 19:45:29 +05:30
|
|
|
$authCodeRepository = $this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock();
|
|
|
|
$authCodeRepository->method('getNewAuthCode')->willReturn(new AuthCodeEntity());
|
2016-03-18 04:55:32 +05:30
|
|
|
|
2016-02-21 22:38:57 +05:30
|
|
|
$grant = new AuthCodeGrant(
|
2016-04-10 19:45:29 +05:30
|
|
|
$authCodeRepository,
|
2016-07-08 18:59:21 +05:30
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-02-21 22:38:57 +05:30
|
|
|
);
|
2017-07-01 22:41:19 +05:30
|
|
|
$grant->setEncryptionKey($this->cryptStub->getKey());
|
2016-03-18 04:55:32 +05:30
|
|
|
|
2017-12-07 01:54:42 +05:30
|
|
|
$this->assertInstanceOf(RedirectResponse::class, $grant->completeAuthorizationRequest($authRequest));
|
2016-02-21 22:38:57 +05:30
|
|
|
}
|
|
|
|
|
2016-04-10 19:45:29 +05:30
|
|
|
public function testCompleteAuthorizationRequestDenied()
|
2016-02-21 22:38:57 +05:30
|
|
|
{
|
2016-04-10 19:45:29 +05:30
|
|
|
$authRequest = new AuthorizationRequest();
|
|
|
|
$authRequest->setAuthorizationApproved(false);
|
|
|
|
$authRequest->setClient(new ClientEntity());
|
|
|
|
$authRequest->setGrantTypeId('authorization_code');
|
|
|
|
$authRequest->setUser(new UserEntity());
|
2016-02-21 22:38:57 +05:30
|
|
|
|
2016-04-10 19:45:29 +05:30
|
|
|
$authCodeRepository = $this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock();
|
|
|
|
$authCodeRepository->method('getNewAuthCode')->willReturn(new AuthCodeEntity());
|
2016-03-18 04:55:32 +05:30
|
|
|
|
2016-02-21 22:38:57 +05:30
|
|
|
$grant = new AuthCodeGrant(
|
2016-04-10 19:45:29 +05:30
|
|
|
$authCodeRepository,
|
2016-07-08 18:59:21 +05:30
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-02-21 22:38:57 +05:30
|
|
|
);
|
2017-07-01 22:41:19 +05:30
|
|
|
$grant->setEncryptionKey($this->cryptStub->getKey());
|
2016-02-21 20:02:27 +05:30
|
|
|
|
2019-06-27 17:24:22 +05:30
|
|
|
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
|
|
|
$this->expectExceptionCode(9);
|
|
|
|
|
2016-04-10 19:45:29 +05:30
|
|
|
$grant->completeAuthorizationRequest($authRequest);
|
2016-02-21 20:02:27 +05:30
|
|
|
}
|
2016-02-21 23:43:39 +05:30
|
|
|
|
|
|
|
public function testRespondToAccessTokenRequest()
|
|
|
|
{
|
|
|
|
$client = new ClientEntity();
|
|
|
|
$client->setIdentifier('foo');
|
|
|
|
$client->setRedirectUri('http://foo/bar');
|
2018-09-01 19:35:12 +05:30
|
|
|
$client->setConfidential();
|
2016-02-21 23:43:39 +05:30
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
2016-03-15 05:40:47 +05:30
|
|
|
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
|
|
|
|
$scopeEntity = new ScopeEntity();
|
|
|
|
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scopeEntity);
|
2016-04-10 21:45:48 +05:30
|
|
|
$scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);
|
2016-03-15 05:40:47 +05:30
|
|
|
|
2016-02-21 23:43:39 +05:30
|
|
|
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
|
2016-03-25 18:39:26 +05:30
|
|
|
$accessTokenRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity());
|
2016-02-21 23:43:39 +05:30
|
|
|
$accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();
|
|
|
|
|
|
|
|
$refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
|
|
|
|
$refreshTokenRepositoryMock->method('persistNewRefreshToken')->willReturnSelf();
|
2016-03-25 18:39:26 +05:30
|
|
|
$refreshTokenRepositoryMock->method('getNewRefreshToken')->willReturn(new RefreshTokenEntity());
|
2016-02-21 23:43:39 +05:30
|
|
|
|
|
|
|
$grant = new AuthCodeGrant(
|
2016-07-08 18:59:21 +05:30
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-02-21 23:43:39 +05:30
|
|
|
);
|
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
2016-03-15 05:40:47 +05:30
|
|
|
$grant->setScopeRepository($scopeRepositoryMock);
|
2016-02-21 23:43:39 +05:30
|
|
|
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
|
|
|
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
|
2017-07-01 22:41:19 +05:30
|
|
|
$grant->setEncryptionKey($this->cryptStub->getKey());
|
2018-05-23 21:04:39 +05:30
|
|
|
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
2016-02-21 23:43:39 +05:30
|
|
|
|
|
|
|
$request = new ServerRequest(
|
|
|
|
[],
|
2016-02-22 13:30:50 +05:30
|
|
|
[],
|
2016-02-21 23:43:39 +05:30
|
|
|
null,
|
|
|
|
'POST',
|
|
|
|
'php://input',
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[
|
|
|
|
'grant_type' => 'authorization_code',
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
2016-03-18 01:48:28 +05:30
|
|
|
'code' => $this->cryptStub->doEncrypt(
|
2016-02-21 23:43:39 +05:30
|
|
|
json_encode(
|
|
|
|
[
|
|
|
|
'auth_code_id' => uniqid(),
|
|
|
|
'expire_time' => time() + 3600,
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'user_id' => 123,
|
|
|
|
'scopes' => ['foo'],
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
]
|
2016-03-18 04:55:32 +05:30
|
|
|
)
|
2016-02-21 23:43:39 +05:30
|
|
|
),
|
|
|
|
]
|
|
|
|
);
|
|
|
|
|
|
|
|
/** @var StubResponseType $response */
|
2018-11-08 15:11:01 +05:30
|
|
|
$response = $grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M'));
|
2016-02-21 23:43:39 +05:30
|
|
|
|
2017-12-07 01:54:42 +05:30
|
|
|
$this->assertInstanceOf(AccessTokenEntityInterface::class, $response->getAccessToken());
|
|
|
|
$this->assertInstanceOf(RefreshTokenEntityInterface::class, $response->getRefreshToken());
|
2016-02-21 23:43:39 +05:30
|
|
|
}
|
|
|
|
|
2018-11-29 13:58:36 +05:30
|
|
|
public function testRespondToAccessTokenRequestUsingHttpBasicAuth()
|
|
|
|
{
|
|
|
|
$client = new ClientEntity();
|
|
|
|
$client->setIdentifier('foo');
|
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
|
|
|
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
|
2018-12-11 04:21:58 +05:30
|
|
|
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn(new ScopeEntity());
|
2018-11-29 13:58:36 +05:30
|
|
|
$scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);
|
|
|
|
|
|
|
|
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
|
|
|
|
$accessTokenRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity());
|
|
|
|
|
|
|
|
$refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
|
|
|
|
$refreshTokenRepositoryMock->method('getNewRefreshToken')->willReturn(new RefreshTokenEntity());
|
|
|
|
|
2018-12-11 04:21:58 +05:30
|
|
|
$authCodeGrant = new AuthCodeGrant(
|
2018-11-29 13:58:36 +05:30
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
2018-12-11 04:21:58 +05:30
|
|
|
$refreshTokenRepositoryMock,
|
2018-11-29 13:58:36 +05:30
|
|
|
new \DateInterval('PT10M')
|
|
|
|
);
|
2018-12-11 04:21:58 +05:30
|
|
|
|
|
|
|
$authCodeGrant->setClientRepository($clientRepositoryMock);
|
|
|
|
$authCodeGrant->setScopeRepository($scopeRepositoryMock);
|
|
|
|
$authCodeGrant->setAccessTokenRepository($accessTokenRepositoryMock);
|
|
|
|
$authCodeGrant->setEncryptionKey($this->cryptStub->getKey());
|
|
|
|
$authCodeGrant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
2018-11-29 13:58:36 +05:30
|
|
|
|
|
|
|
$request = new ServerRequest(
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
null,
|
|
|
|
'POST',
|
|
|
|
'php://input',
|
|
|
|
[
|
2018-12-11 04:31:45 +05:30
|
|
|
'Authorization' => 'Basic Zm9vOmJhcg==',
|
2018-11-29 13:58:36 +05:30
|
|
|
],
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[
|
|
|
|
'grant_type' => 'authorization_code',
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
'code' => $this->cryptStub->doEncrypt(
|
|
|
|
json_encode(
|
|
|
|
[
|
|
|
|
'auth_code_id' => uniqid(),
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'expire_time' => time() + 3600,
|
|
|
|
'user_id' => 123,
|
|
|
|
'scopes' => ['foo'],
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
]
|
|
|
|
)
|
|
|
|
),
|
|
|
|
]
|
|
|
|
);
|
|
|
|
|
|
|
|
/** @var StubResponseType $response */
|
2018-12-11 04:21:58 +05:30
|
|
|
$response = $authCodeGrant->respondToAccessTokenRequest($request, new StubResponseType(), new \DateInterval('PT10M'));
|
2018-11-29 13:58:36 +05:30
|
|
|
|
|
|
|
$this->assertInstanceOf(AccessTokenEntityInterface::class, $response->getAccessToken());
|
|
|
|
$this->assertInstanceOf(RefreshTokenEntityInterface::class, $response->getRefreshToken());
|
|
|
|
}
|
|
|
|
|
2018-08-16 17:29:10 +05:30
|
|
|
public function testRespondToAccessTokenRequestForPublicClient()
|
|
|
|
{
|
|
|
|
$client = new ClientEntity();
|
|
|
|
$client->setIdentifier('foo');
|
|
|
|
$client->setRedirectUri('http://foo/bar');
|
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
|
|
|
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
|
|
|
|
$scopeEntity = new ScopeEntity();
|
|
|
|
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scopeEntity);
|
|
|
|
$scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);
|
|
|
|
|
|
|
|
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
|
|
|
|
$accessTokenRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity());
|
|
|
|
$accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();
|
|
|
|
|
|
|
|
$refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
|
|
|
|
$refreshTokenRepositoryMock->method('persistNewRefreshToken')->willReturnSelf();
|
|
|
|
$refreshTokenRepositoryMock->method('getNewRefreshToken')->willReturn(new RefreshTokenEntity());
|
|
|
|
|
|
|
|
$grant = new AuthCodeGrant(
|
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2018-08-16 17:29:10 +05:30
|
|
|
);
|
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
|
|
|
$grant->setScopeRepository($scopeRepositoryMock);
|
|
|
|
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
|
|
|
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
|
|
|
|
$grant->setEncryptionKey($this->cryptStub->getKey());
|
|
|
|
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
|
|
|
|
|
|
|
$request = new ServerRequest(
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
null,
|
|
|
|
'POST',
|
|
|
|
'php://input',
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[
|
|
|
|
'grant_type' => 'authorization_code',
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
'code' => $this->cryptStub->doEncrypt(
|
|
|
|
json_encode(
|
|
|
|
[
|
|
|
|
'auth_code_id' => uniqid(),
|
|
|
|
'expire_time' => time() + 3600,
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'user_id' => 123,
|
|
|
|
'scopes' => ['foo'],
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
]
|
|
|
|
)
|
|
|
|
),
|
|
|
|
]
|
|
|
|
);
|
|
|
|
|
|
|
|
/** @var StubResponseType $response */
|
2018-11-08 15:11:01 +05:30
|
|
|
$response = $grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M'));
|
2018-08-16 17:29:10 +05:30
|
|
|
|
|
|
|
$this->assertInstanceOf(AccessTokenEntityInterface::class, $response->getAccessToken());
|
|
|
|
$this->assertInstanceOf(RefreshTokenEntityInterface::class, $response->getRefreshToken());
|
|
|
|
}
|
|
|
|
|
2019-03-08 22:49:16 +05:30
|
|
|
public function testRespondToAccessTokenRequestNullRefreshToken()
|
|
|
|
{
|
|
|
|
$client = new ClientEntity();
|
|
|
|
$client->setIdentifier('foo');
|
|
|
|
$client->setRedirectUri('http://foo/bar');
|
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
|
|
|
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
|
|
|
|
$scopeEntity = new ScopeEntity();
|
|
|
|
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scopeEntity);
|
|
|
|
$scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);
|
|
|
|
|
|
|
|
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
|
|
|
|
$accessTokenRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity());
|
|
|
|
$accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();
|
|
|
|
|
|
|
|
$refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
|
|
|
|
$refreshTokenRepositoryMock->method('persistNewRefreshToken')->willReturnSelf();
|
|
|
|
$refreshTokenRepositoryMock->method('getNewRefreshToken')->willReturn(null);
|
|
|
|
|
|
|
|
$grant = new AuthCodeGrant(
|
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$refreshTokenRepositoryMock,
|
|
|
|
new \DateInterval('PT10M')
|
|
|
|
);
|
|
|
|
|
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
|
|
|
$grant->setScopeRepository($scopeRepositoryMock);
|
|
|
|
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
|
|
|
$grant->setEncryptionKey($this->cryptStub->getKey());
|
2019-05-15 01:26:54 +05:30
|
|
|
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
2019-03-08 22:49:16 +05:30
|
|
|
|
|
|
|
$request = new ServerRequest(
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
null,
|
|
|
|
'POST',
|
|
|
|
'php://input',
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[
|
|
|
|
'grant_type' => 'authorization_code',
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
'code' => $this->cryptStub->doEncrypt(
|
|
|
|
json_encode(
|
|
|
|
[
|
|
|
|
'auth_code_id' => uniqid(),
|
|
|
|
'expire_time' => time() + 3600,
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'user_id' => 123,
|
|
|
|
'scopes' => ['foo'],
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
]
|
|
|
|
)
|
|
|
|
),
|
|
|
|
]
|
|
|
|
);
|
|
|
|
|
|
|
|
/** @var StubResponseType $response */
|
|
|
|
$response = $grant->respondToAccessTokenRequest($request, new StubResponseType(), new \DateInterval('PT10M'));
|
|
|
|
|
|
|
|
$this->assertInstanceOf(AccessTokenEntityInterface::class, $response->getAccessToken());
|
|
|
|
$this->assertNull($response->getRefreshToken());
|
|
|
|
}
|
|
|
|
|
2016-05-06 19:53:16 +05:30
|
|
|
public function testRespondToAccessTokenRequestCodeChallengePlain()
|
|
|
|
{
|
|
|
|
$client = new ClientEntity();
|
|
|
|
$client->setIdentifier('foo');
|
|
|
|
$client->setRedirectUri('http://foo/bar');
|
2018-09-01 19:35:12 +05:30
|
|
|
$client->setConfidential();
|
2016-05-06 19:53:16 +05:30
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
|
|
|
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
|
|
|
|
$scopeEntity = new ScopeEntity();
|
|
|
|
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scopeEntity);
|
|
|
|
$scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);
|
|
|
|
|
|
|
|
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
|
|
|
|
$accessTokenRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity());
|
|
|
|
$accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();
|
|
|
|
|
|
|
|
$refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
|
|
|
|
$refreshTokenRepositoryMock->method('persistNewRefreshToken')->willReturnSelf();
|
|
|
|
$refreshTokenRepositoryMock->method('getNewRefreshToken')->willReturn(new RefreshTokenEntity());
|
|
|
|
|
|
|
|
$grant = new AuthCodeGrant(
|
2016-07-08 18:59:21 +05:30
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-05-06 19:53:16 +05:30
|
|
|
);
|
2018-08-13 01:04:58 +05:30
|
|
|
|
2016-05-06 19:53:16 +05:30
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
|
|
|
$grant->setScopeRepository($scopeRepositoryMock);
|
|
|
|
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
|
|
|
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
|
2017-07-01 22:41:19 +05:30
|
|
|
$grant->setEncryptionKey($this->cryptStub->getKey());
|
2018-05-23 21:04:39 +05:30
|
|
|
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
2016-05-06 19:53:16 +05:30
|
|
|
|
|
|
|
$request = new ServerRequest(
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
null,
|
|
|
|
'POST',
|
|
|
|
'php://input',
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[
|
|
|
|
'grant_type' => 'authorization_code',
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
2018-02-18 19:21:34 +05:30
|
|
|
'code_verifier' => self::CODE_VERIFIER,
|
2016-05-06 19:53:16 +05:30
|
|
|
'code' => $this->cryptStub->doEncrypt(
|
|
|
|
json_encode(
|
|
|
|
[
|
|
|
|
'auth_code_id' => uniqid(),
|
|
|
|
'expire_time' => time() + 3600,
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'user_id' => 123,
|
|
|
|
'scopes' => ['foo'],
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
2018-02-18 19:21:34 +05:30
|
|
|
'code_challenge' => self::CODE_VERIFIER,
|
2016-05-06 19:53:16 +05:30
|
|
|
'code_challenge_method' => 'plain',
|
|
|
|
]
|
|
|
|
)
|
|
|
|
),
|
|
|
|
]
|
|
|
|
);
|
|
|
|
|
|
|
|
/** @var StubResponseType $response */
|
2018-11-08 15:11:01 +05:30
|
|
|
$response = $grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M'));
|
2016-05-06 19:53:16 +05:30
|
|
|
|
2017-12-07 01:54:42 +05:30
|
|
|
$this->assertInstanceOf(AccessTokenEntityInterface::class, $response->getAccessToken());
|
|
|
|
$this->assertInstanceOf(RefreshTokenEntityInterface::class, $response->getRefreshToken());
|
2016-05-06 19:53:16 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
public function testRespondToAccessTokenRequestCodeChallengeS256()
|
|
|
|
{
|
|
|
|
$client = new ClientEntity();
|
|
|
|
$client->setIdentifier('foo');
|
|
|
|
$client->setRedirectUri('http://foo/bar');
|
2018-09-01 19:35:12 +05:30
|
|
|
$client->setConfidential();
|
2016-05-06 19:53:16 +05:30
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
|
|
|
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
|
|
|
|
$scopeEntity = new ScopeEntity();
|
|
|
|
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scopeEntity);
|
|
|
|
$scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);
|
|
|
|
|
|
|
|
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
|
|
|
|
$accessTokenRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity());
|
|
|
|
$accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();
|
|
|
|
|
|
|
|
$refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
|
|
|
|
$refreshTokenRepositoryMock->method('persistNewRefreshToken')->willReturnSelf();
|
|
|
|
$refreshTokenRepositoryMock->method('getNewRefreshToken')->willReturn(new RefreshTokenEntity());
|
|
|
|
|
|
|
|
$grant = new AuthCodeGrant(
|
2016-07-08 18:59:21 +05:30
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-05-06 19:53:16 +05:30
|
|
|
);
|
2018-07-30 03:04:37 +05:30
|
|
|
|
2016-05-06 19:53:16 +05:30
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
|
|
|
$grant->setScopeRepository($scopeRepositoryMock);
|
|
|
|
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
|
|
|
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
|
2017-07-01 22:41:19 +05:30
|
|
|
$grant->setEncryptionKey($this->cryptStub->getKey());
|
2018-05-23 21:04:39 +05:30
|
|
|
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
2016-05-06 19:53:16 +05:30
|
|
|
|
|
|
|
$request = new ServerRequest(
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
null,
|
|
|
|
'POST',
|
|
|
|
'php://input',
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[
|
|
|
|
'grant_type' => 'authorization_code',
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
2018-02-18 19:21:34 +05:30
|
|
|
'code_verifier' => self::CODE_VERIFIER,
|
2016-05-06 19:53:16 +05:30
|
|
|
'code' => $this->cryptStub->doEncrypt(
|
|
|
|
json_encode(
|
|
|
|
[
|
|
|
|
'auth_code_id' => uniqid(),
|
|
|
|
'expire_time' => time() + 3600,
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'user_id' => 123,
|
|
|
|
'scopes' => ['foo'],
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
2018-02-18 19:21:34 +05:30
|
|
|
'code_challenge' => self::CODE_CHALLENGE,
|
2016-05-06 19:53:16 +05:30
|
|
|
'code_challenge_method' => 'S256',
|
|
|
|
]
|
|
|
|
)
|
|
|
|
),
|
|
|
|
]
|
|
|
|
);
|
|
|
|
|
|
|
|
/** @var StubResponseType $response */
|
2018-11-08 15:11:01 +05:30
|
|
|
$response = $grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M'));
|
2016-05-06 19:53:16 +05:30
|
|
|
|
2017-12-07 01:54:42 +05:30
|
|
|
$this->assertInstanceOf(AccessTokenEntityInterface::class, $response->getAccessToken());
|
|
|
|
$this->assertInstanceOf(RefreshTokenEntityInterface::class, $response->getRefreshToken());
|
2016-05-06 19:53:16 +05:30
|
|
|
}
|
|
|
|
|
2016-02-21 23:43:39 +05:30
|
|
|
public function testRespondToAccessTokenRequestMissingRedirectUri()
|
|
|
|
{
|
2016-07-08 19:34:14 +05:30
|
|
|
$client = new ClientEntity();
|
|
|
|
$client->setIdentifier('foo');
|
2018-09-01 19:35:12 +05:30
|
|
|
$client->setConfidential();
|
2016-02-21 23:43:39 +05:30
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
2016-07-08 19:34:14 +05:30
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
2016-02-21 23:43:39 +05:30
|
|
|
|
|
|
|
$grant = new AuthCodeGrant(
|
2016-07-08 18:59:21 +05:30
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-02-21 23:43:39 +05:30
|
|
|
);
|
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
2017-07-01 22:41:19 +05:30
|
|
|
$grant->setEncryptionKey($this->cryptStub->getKey());
|
2016-02-21 23:43:39 +05:30
|
|
|
|
|
|
|
$request = new ServerRequest(
|
|
|
|
[],
|
2016-02-22 13:30:50 +05:30
|
|
|
[],
|
2016-02-21 23:43:39 +05:30
|
|
|
null,
|
|
|
|
'POST',
|
|
|
|
'php://input',
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[
|
2016-07-08 19:34:14 +05:30
|
|
|
'client_id' => 'foo',
|
2016-02-21 23:43:39 +05:30
|
|
|
'grant_type' => 'authorization_code',
|
2016-07-08 19:34:14 +05:30
|
|
|
'code' => $this->cryptStub->doEncrypt(
|
|
|
|
json_encode(
|
|
|
|
[
|
|
|
|
'auth_code_id' => uniqid(),
|
|
|
|
'expire_time' => time() + 3600,
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
]
|
|
|
|
)
|
|
|
|
),
|
|
|
|
]
|
|
|
|
);
|
|
|
|
|
2019-06-27 17:24:22 +05:30
|
|
|
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
|
|
|
$this->expectExceptionCode(3);
|
|
|
|
|
2018-11-08 15:11:01 +05:30
|
|
|
$grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M'));
|
2016-07-08 19:34:14 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
public function testRespondToAccessTokenRequestRedirectUriMismatch()
|
|
|
|
{
|
|
|
|
$client = new ClientEntity();
|
|
|
|
$client->setIdentifier('foo');
|
2018-09-01 19:35:12 +05:30
|
|
|
$client->setConfidential();
|
2016-07-08 19:34:14 +05:30
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
|
|
|
$grant = new AuthCodeGrant(
|
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-07-08 19:34:14 +05:30
|
|
|
);
|
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
2017-07-01 22:41:19 +05:30
|
|
|
$grant->setEncryptionKey($this->cryptStub->getKey());
|
2016-07-08 19:34:14 +05:30
|
|
|
|
|
|
|
$request = new ServerRequest(
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
null,
|
|
|
|
'POST',
|
|
|
|
'php://input',
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'grant_type' => 'authorization_code',
|
|
|
|
'redirect_uri' => 'http://bar/foo',
|
|
|
|
'code' => $this->cryptStub->doEncrypt(
|
|
|
|
json_encode(
|
|
|
|
[
|
|
|
|
'auth_code_id' => uniqid(),
|
|
|
|
'expire_time' => time() + 3600,
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
]
|
|
|
|
)
|
|
|
|
),
|
2016-02-21 23:43:39 +05:30
|
|
|
]
|
|
|
|
);
|
|
|
|
|
2019-06-27 17:24:22 +05:30
|
|
|
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
|
|
|
$this->expectExceptionCode(3);
|
|
|
|
|
2018-11-08 15:11:01 +05:30
|
|
|
$grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M'));
|
2016-02-21 23:43:39 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
public function testRespondToAccessTokenRequestMissingCode()
|
|
|
|
{
|
|
|
|
$client = new ClientEntity();
|
|
|
|
$client->setRedirectUri('http://foo/bar');
|
2018-09-01 19:35:12 +05:30
|
|
|
$client->setConfidential();
|
2016-02-21 23:43:39 +05:30
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
|
|
|
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
|
|
|
|
$refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
|
|
|
|
|
|
|
|
$grant = new AuthCodeGrant(
|
2016-07-08 18:59:21 +05:30
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-02-21 23:43:39 +05:30
|
|
|
);
|
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
|
|
|
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
|
|
|
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
|
2017-07-01 22:41:19 +05:30
|
|
|
$grant->setEncryptionKey($this->cryptStub->getKey());
|
2016-02-21 23:43:39 +05:30
|
|
|
|
|
|
|
$request = new ServerRequest(
|
|
|
|
[],
|
2016-02-22 13:30:50 +05:30
|
|
|
[],
|
2016-02-21 23:43:39 +05:30
|
|
|
null,
|
|
|
|
'POST',
|
|
|
|
'php://input',
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[
|
|
|
|
'grant_type' => 'authorization_code',
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'client_secret' => 'bar',
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
]
|
|
|
|
);
|
|
|
|
|
2019-06-27 17:24:22 +05:30
|
|
|
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
|
|
|
$this->expectExceptionCode(3);
|
|
|
|
|
2016-02-22 13:30:50 +05:30
|
|
|
/* @var StubResponseType $response */
|
2018-11-08 15:11:01 +05:30
|
|
|
$grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M'));
|
2016-02-21 23:43:39 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
public function testRespondToAccessTokenRequestExpiredCode()
|
|
|
|
{
|
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
2018-12-11 04:21:58 +05:30
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn(new ClientEntity());
|
2016-02-21 23:43:39 +05:30
|
|
|
|
|
|
|
$grant = new AuthCodeGrant(
|
2016-07-08 18:59:21 +05:30
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-02-21 23:43:39 +05:30
|
|
|
);
|
2018-12-11 04:21:58 +05:30
|
|
|
|
2016-02-21 23:43:39 +05:30
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
2017-07-01 22:41:19 +05:30
|
|
|
$grant->setEncryptionKey($this->cryptStub->getKey());
|
2016-02-21 23:43:39 +05:30
|
|
|
|
|
|
|
$request = new ServerRequest(
|
|
|
|
[],
|
2016-02-22 13:30:50 +05:30
|
|
|
[],
|
2016-02-21 23:43:39 +05:30
|
|
|
null,
|
|
|
|
'POST',
|
|
|
|
'php://input',
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[
|
|
|
|
'grant_type' => 'authorization_code',
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
2016-03-18 01:48:28 +05:30
|
|
|
'code' => $this->cryptStub->doEncrypt(
|
2016-02-21 23:43:39 +05:30
|
|
|
json_encode(
|
|
|
|
[
|
|
|
|
'auth_code_id' => uniqid(),
|
|
|
|
'expire_time' => time() - 3600,
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'user_id' => 123,
|
|
|
|
'scopes' => ['foo'],
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
]
|
2016-03-18 04:55:32 +05:30
|
|
|
)
|
2016-02-21 23:43:39 +05:30
|
|
|
),
|
|
|
|
]
|
|
|
|
);
|
|
|
|
|
|
|
|
try {
|
2016-02-22 13:30:50 +05:30
|
|
|
/* @var StubResponseType $response */
|
2018-11-08 15:11:01 +05:30
|
|
|
$grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M'));
|
2016-02-21 23:43:39 +05:30
|
|
|
} catch (OAuthServerException $e) {
|
|
|
|
$this->assertEquals($e->getHint(), 'Authorization code has expired');
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testRespondToAccessTokenRequestRevokedCode()
|
|
|
|
{
|
|
|
|
$client = new ClientEntity();
|
|
|
|
$client->setIdentifier('foo');
|
|
|
|
$client->setRedirectUri('http://foo/bar');
|
2018-09-01 19:35:12 +05:30
|
|
|
$client->setConfidential();
|
2016-02-21 23:43:39 +05:30
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
|
|
|
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
|
|
|
|
$accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();
|
|
|
|
|
|
|
|
$refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
|
|
|
|
$refreshTokenRepositoryMock->method('persistNewRefreshToken')->willReturnSelf();
|
|
|
|
|
|
|
|
$authCodeRepositoryMock = $this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock();
|
|
|
|
$authCodeRepositoryMock->method('isAuthCodeRevoked')->willReturn(true);
|
|
|
|
|
|
|
|
$grant = new AuthCodeGrant(
|
|
|
|
$authCodeRepositoryMock,
|
2016-07-08 18:59:21 +05:30
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-02-21 23:43:39 +05:30
|
|
|
);
|
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
|
|
|
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
|
|
|
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
|
2017-07-01 22:41:19 +05:30
|
|
|
$grant->setEncryptionKey($this->cryptStub->getKey());
|
2016-02-21 23:43:39 +05:30
|
|
|
|
|
|
|
$request = new ServerRequest(
|
|
|
|
[],
|
2016-02-22 13:30:50 +05:30
|
|
|
[],
|
2016-02-21 23:43:39 +05:30
|
|
|
null,
|
|
|
|
'POST',
|
|
|
|
'php://input',
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[
|
|
|
|
'grant_type' => 'authorization_code',
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
2016-03-18 01:48:28 +05:30
|
|
|
'code' => $this->cryptStub->doEncrypt(
|
2016-02-21 23:43:39 +05:30
|
|
|
json_encode(
|
|
|
|
[
|
|
|
|
'auth_code_id' => uniqid(),
|
|
|
|
'expire_time' => time() + 3600,
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'user_id' => 123,
|
|
|
|
'scopes' => ['foo'],
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
]
|
2016-03-18 04:55:32 +05:30
|
|
|
)
|
2016-02-21 23:43:39 +05:30
|
|
|
),
|
|
|
|
]
|
|
|
|
);
|
|
|
|
|
|
|
|
try {
|
2016-02-22 13:30:50 +05:30
|
|
|
/* @var StubResponseType $response */
|
2018-11-08 15:11:01 +05:30
|
|
|
$grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M'));
|
2016-02-21 23:43:39 +05:30
|
|
|
} catch (OAuthServerException $e) {
|
|
|
|
$this->assertEquals($e->getHint(), 'Authorization code has been revoked');
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testRespondToAccessTokenRequestClientMismatch()
|
|
|
|
{
|
|
|
|
$client = new ClientEntity();
|
|
|
|
$client->setIdentifier('foo');
|
|
|
|
$client->setRedirectUri('http://foo/bar');
|
2018-09-01 19:35:12 +05:30
|
|
|
$client->setConfidential();
|
2016-02-21 23:43:39 +05:30
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
|
|
|
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
|
|
|
|
$accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();
|
|
|
|
|
|
|
|
$refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
|
|
|
|
$refreshTokenRepositoryMock->method('persistNewRefreshToken')->willReturnSelf();
|
|
|
|
|
|
|
|
$grant = new AuthCodeGrant(
|
2016-07-08 18:59:21 +05:30
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-02-21 23:43:39 +05:30
|
|
|
);
|
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
|
|
|
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
|
|
|
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
|
2017-07-01 22:41:19 +05:30
|
|
|
$grant->setEncryptionKey($this->cryptStub->getKey());
|
2016-02-21 23:43:39 +05:30
|
|
|
|
|
|
|
$request = new ServerRequest(
|
|
|
|
[],
|
2016-02-22 13:30:50 +05:30
|
|
|
[],
|
2016-02-21 23:43:39 +05:30
|
|
|
null,
|
|
|
|
'POST',
|
|
|
|
'php://input',
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[
|
|
|
|
'grant_type' => 'authorization_code',
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
2016-03-18 01:48:28 +05:30
|
|
|
'code' => $this->cryptStub->doEncrypt(
|
2016-02-21 23:43:39 +05:30
|
|
|
json_encode(
|
|
|
|
[
|
|
|
|
'auth_code_id' => uniqid(),
|
|
|
|
'expire_time' => time() + 3600,
|
|
|
|
'client_id' => 'bar',
|
|
|
|
'user_id' => 123,
|
|
|
|
'scopes' => ['foo'],
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
]
|
2016-03-18 04:55:32 +05:30
|
|
|
)
|
2016-02-21 23:43:39 +05:30
|
|
|
),
|
|
|
|
]
|
|
|
|
);
|
|
|
|
|
|
|
|
try {
|
2016-02-22 13:30:50 +05:30
|
|
|
/* @var StubResponseType $response */
|
2018-11-08 15:11:01 +05:30
|
|
|
$grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M'));
|
2016-02-21 23:43:39 +05:30
|
|
|
} catch (OAuthServerException $e) {
|
|
|
|
$this->assertEquals($e->getHint(), 'Authorization code was not issued to this client');
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testRespondToAccessTokenRequestBadCodeEncryption()
|
|
|
|
{
|
|
|
|
$client = new ClientEntity();
|
|
|
|
$client->setIdentifier('foo');
|
|
|
|
$client->setRedirectUri('http://foo/bar');
|
2018-09-01 19:35:12 +05:30
|
|
|
$client->setConfidential();
|
2016-02-21 23:43:39 +05:30
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
|
|
|
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
|
|
|
|
$accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();
|
|
|
|
|
|
|
|
$refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
|
|
|
|
$refreshTokenRepositoryMock->method('persistNewRefreshToken')->willReturnSelf();
|
|
|
|
|
|
|
|
$grant = new AuthCodeGrant(
|
2016-07-08 18:59:21 +05:30
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-02-21 23:43:39 +05:30
|
|
|
);
|
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
|
|
|
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
|
|
|
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
|
2017-07-01 22:41:19 +05:30
|
|
|
$grant->setEncryptionKey($this->cryptStub->getKey());
|
2016-02-21 23:43:39 +05:30
|
|
|
|
|
|
|
$request = new ServerRequest(
|
|
|
|
[],
|
2016-02-22 13:30:50 +05:30
|
|
|
[],
|
2016-02-21 23:43:39 +05:30
|
|
|
null,
|
|
|
|
'POST',
|
|
|
|
'php://input',
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[
|
|
|
|
'grant_type' => 'authorization_code',
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
'code' => 'sdfsfsd',
|
|
|
|
]
|
|
|
|
);
|
|
|
|
|
|
|
|
try {
|
2016-02-22 13:30:50 +05:30
|
|
|
/* @var StubResponseType $response */
|
2018-11-08 15:11:01 +05:30
|
|
|
$grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M'));
|
2016-02-21 23:43:39 +05:30
|
|
|
} catch (OAuthServerException $e) {
|
|
|
|
$this->assertEquals($e->getHint(), 'Cannot decrypt the authorization code');
|
|
|
|
}
|
|
|
|
}
|
2016-05-06 19:53:16 +05:30
|
|
|
|
|
|
|
public function testRespondToAccessTokenRequestBadCodeVerifierPlain()
|
|
|
|
{
|
|
|
|
$client = new ClientEntity();
|
|
|
|
$client->setIdentifier('foo');
|
|
|
|
$client->setRedirectUri('http://foo/bar');
|
2018-09-01 19:35:12 +05:30
|
|
|
$client->setConfidential();
|
2016-05-06 19:53:16 +05:30
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
|
|
|
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
|
|
|
|
$scopeEntity = new ScopeEntity();
|
|
|
|
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scopeEntity);
|
|
|
|
$scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);
|
|
|
|
|
|
|
|
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
|
|
|
|
$accessTokenRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity());
|
|
|
|
$accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();
|
|
|
|
|
|
|
|
$refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
|
|
|
|
$refreshTokenRepositoryMock->method('persistNewRefreshToken')->willReturnSelf();
|
|
|
|
$refreshTokenRepositoryMock->method('getNewRefreshToken')->willReturn(new RefreshTokenEntity());
|
|
|
|
|
|
|
|
$grant = new AuthCodeGrant(
|
2016-07-08 18:59:21 +05:30
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-05-06 19:53:16 +05:30
|
|
|
);
|
2018-07-30 03:04:37 +05:30
|
|
|
|
2016-05-06 19:53:16 +05:30
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
|
|
|
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
|
|
|
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
|
|
|
|
$grant->setScopeRepository($scopeRepositoryMock);
|
2017-07-01 22:41:19 +05:30
|
|
|
$grant->setEncryptionKey($this->cryptStub->getKey());
|
2016-05-06 19:53:16 +05:30
|
|
|
|
|
|
|
$request = new ServerRequest(
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
null,
|
|
|
|
'POST',
|
|
|
|
'php://input',
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[
|
|
|
|
'grant_type' => 'authorization_code',
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
2018-02-18 19:21:34 +05:30
|
|
|
'code_verifier' => self::CODE_VERIFIER,
|
2016-05-06 19:53:16 +05:30
|
|
|
'code' => $this->cryptStub->doEncrypt(
|
|
|
|
json_encode(
|
|
|
|
[
|
|
|
|
'auth_code_id' => uniqid(),
|
|
|
|
'expire_time' => time() + 3600,
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'user_id' => 123,
|
|
|
|
'scopes' => ['foo'],
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
'code_challenge' => 'foobar',
|
|
|
|
'code_challenge_method' => 'plain',
|
|
|
|
]
|
|
|
|
)
|
|
|
|
),
|
|
|
|
]
|
|
|
|
);
|
|
|
|
|
|
|
|
try {
|
|
|
|
/* @var StubResponseType $response */
|
2018-11-08 15:11:01 +05:30
|
|
|
$grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M'));
|
2016-05-06 19:53:16 +05:30
|
|
|
} catch (OAuthServerException $e) {
|
|
|
|
$this->assertEquals($e->getHint(), 'Failed to verify `code_verifier`.');
|
|
|
|
}
|
|
|
|
}
|
2016-07-08 18:59:21 +05:30
|
|
|
|
2016-05-06 19:53:16 +05:30
|
|
|
public function testRespondToAccessTokenRequestBadCodeVerifierS256()
|
|
|
|
{
|
|
|
|
$client = new ClientEntity();
|
|
|
|
$client->setIdentifier('foo');
|
|
|
|
$client->setRedirectUri('http://foo/bar');
|
2018-09-01 19:35:12 +05:30
|
|
|
$client->setConfidential();
|
2016-05-06 19:53:16 +05:30
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
|
|
|
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
|
|
|
|
$scopeEntity = new ScopeEntity();
|
|
|
|
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scopeEntity);
|
|
|
|
$scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);
|
|
|
|
|
|
|
|
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
|
|
|
|
$accessTokenRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity());
|
|
|
|
$accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();
|
|
|
|
|
|
|
|
$refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
|
|
|
|
$refreshTokenRepositoryMock->method('persistNewRefreshToken')->willReturnSelf();
|
|
|
|
$refreshTokenRepositoryMock->method('getNewRefreshToken')->willReturn(new RefreshTokenEntity());
|
|
|
|
|
|
|
|
$grant = new AuthCodeGrant(
|
2016-07-08 18:59:21 +05:30
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-05-06 19:53:16 +05:30
|
|
|
);
|
2018-07-30 03:04:37 +05:30
|
|
|
|
2016-05-06 19:53:16 +05:30
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
|
|
|
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
|
|
|
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
|
|
|
|
$grant->setScopeRepository($scopeRepositoryMock);
|
2017-07-01 22:41:19 +05:30
|
|
|
$grant->setEncryptionKey($this->cryptStub->getKey());
|
2016-05-06 19:53:16 +05:30
|
|
|
|
|
|
|
$request = new ServerRequest(
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
null,
|
|
|
|
'POST',
|
|
|
|
'php://input',
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[
|
|
|
|
'grant_type' => 'authorization_code',
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
'code_verifier' => 'nope',
|
|
|
|
'code' => $this->cryptStub->doEncrypt(
|
|
|
|
json_encode(
|
|
|
|
[
|
|
|
|
'auth_code_id' => uniqid(),
|
|
|
|
'expire_time' => time() + 3600,
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'user_id' => 123,
|
|
|
|
'scopes' => ['foo'],
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
'code_challenge' => 'foobar',
|
|
|
|
'code_challenge_method' => 'S256',
|
|
|
|
]
|
|
|
|
)
|
|
|
|
),
|
|
|
|
]
|
|
|
|
);
|
|
|
|
|
|
|
|
try {
|
|
|
|
/* @var StubResponseType $response */
|
2018-11-08 15:11:01 +05:30
|
|
|
$grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M'));
|
2016-05-06 19:53:16 +05:30
|
|
|
} catch (OAuthServerException $e) {
|
2017-06-16 22:33:14 +05:30
|
|
|
$this->assertEquals($e->getHint(), 'Code Verifier must follow the specifications of RFC-7636.');
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testRespondToAccessTokenRequestMalformedCodeVerifierS256WithInvalidChars()
|
|
|
|
{
|
|
|
|
$client = new ClientEntity();
|
|
|
|
$client->setIdentifier('foo');
|
|
|
|
$client->setRedirectUri('http://foo/bar');
|
2018-09-01 19:35:12 +05:30
|
|
|
$client->setConfidential();
|
2017-06-16 22:33:14 +05:30
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
|
|
|
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
|
|
|
|
$scopeEntity = new ScopeEntity();
|
|
|
|
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scopeEntity);
|
|
|
|
$scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);
|
|
|
|
|
|
|
|
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
|
|
|
|
$accessTokenRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity());
|
|
|
|
$accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();
|
|
|
|
|
|
|
|
$refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
|
|
|
|
$refreshTokenRepositoryMock->method('persistNewRefreshToken')->willReturnSelf();
|
|
|
|
$refreshTokenRepositoryMock->method('getNewRefreshToken')->willReturn(new RefreshTokenEntity());
|
|
|
|
|
|
|
|
$grant = new AuthCodeGrant(
|
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2017-06-16 22:33:14 +05:30
|
|
|
);
|
2018-07-30 03:04:37 +05:30
|
|
|
|
2017-06-16 22:33:14 +05:30
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
|
|
|
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
|
|
|
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
|
|
|
|
$grant->setScopeRepository($scopeRepositoryMock);
|
2017-07-07 22:49:11 +05:30
|
|
|
$grant->setEncryptionKey($this->cryptStub->getKey());
|
2017-06-16 22:33:14 +05:30
|
|
|
|
|
|
|
$request = new ServerRequest(
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
null,
|
|
|
|
'POST',
|
|
|
|
'php://input',
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[
|
|
|
|
'grant_type' => 'authorization_code',
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
'code_verifier' => 'dqX7C-RbqjHYtytmhGTigKdZCXfxq-+xbsk9_GxUcaE', // Malformed code. Contains `+`.
|
|
|
|
'code' => $this->cryptStub->doEncrypt(
|
|
|
|
json_encode(
|
|
|
|
[
|
|
|
|
'auth_code_id' => uniqid(),
|
|
|
|
'expire_time' => time() + 3600,
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'user_id' => 123,
|
|
|
|
'scopes' => ['foo'],
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
2018-02-18 19:21:34 +05:30
|
|
|
'code_challenge' => self::CODE_CHALLENGE,
|
2017-06-16 22:33:14 +05:30
|
|
|
'code_challenge_method' => 'S256',
|
|
|
|
]
|
|
|
|
)
|
|
|
|
),
|
|
|
|
]
|
|
|
|
);
|
|
|
|
|
|
|
|
try {
|
|
|
|
/* @var StubResponseType $response */
|
2018-11-08 15:11:01 +05:30
|
|
|
$grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M'));
|
2017-06-16 22:33:14 +05:30
|
|
|
} catch (OAuthServerException $e) {
|
|
|
|
$this->assertEquals($e->getHint(), 'Code Verifier must follow the specifications of RFC-7636.');
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testRespondToAccessTokenRequestMalformedCodeVerifierS256WithInvalidLength()
|
|
|
|
{
|
|
|
|
$client = new ClientEntity();
|
|
|
|
$client->setIdentifier('foo');
|
|
|
|
$client->setRedirectUri('http://foo/bar');
|
2018-09-01 19:35:12 +05:30
|
|
|
$client->setConfidential();
|
2017-06-16 22:33:14 +05:30
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
|
|
|
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
|
|
|
|
$scopeEntity = new ScopeEntity();
|
|
|
|
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scopeEntity);
|
|
|
|
$scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);
|
|
|
|
|
|
|
|
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
|
|
|
|
$accessTokenRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity());
|
|
|
|
$accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();
|
|
|
|
|
|
|
|
$refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
|
|
|
|
$refreshTokenRepositoryMock->method('persistNewRefreshToken')->willReturnSelf();
|
|
|
|
$refreshTokenRepositoryMock->method('getNewRefreshToken')->willReturn(new RefreshTokenEntity());
|
|
|
|
|
|
|
|
$grant = new AuthCodeGrant(
|
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2017-06-16 22:33:14 +05:30
|
|
|
);
|
2018-07-30 03:04:37 +05:30
|
|
|
|
2017-06-16 22:33:14 +05:30
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
|
|
|
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
|
|
|
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
|
|
|
|
$grant->setScopeRepository($scopeRepositoryMock);
|
2017-07-07 22:49:11 +05:30
|
|
|
$grant->setEncryptionKey($this->cryptStub->getKey());
|
2017-06-16 22:33:14 +05:30
|
|
|
|
|
|
|
$request = new ServerRequest(
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
null,
|
|
|
|
'POST',
|
|
|
|
'php://input',
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[
|
|
|
|
'grant_type' => 'authorization_code',
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
'code_verifier' => 'dqX7C-RbqjHY', // Malformed code. Invalid length.
|
|
|
|
'code' => $this->cryptStub->doEncrypt(
|
|
|
|
json_encode(
|
|
|
|
[
|
|
|
|
'auth_code_id' => uniqid(),
|
|
|
|
'expire_time' => time() + 3600,
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'user_id' => 123,
|
|
|
|
'scopes' => ['foo'],
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
'code_challenge' => 'R7T1y1HPNFvs1WDCrx4lfoBS6KD2c71pr8OHvULjvv8',
|
|
|
|
'code_challenge_method' => 'S256',
|
|
|
|
]
|
|
|
|
)
|
|
|
|
),
|
|
|
|
]
|
|
|
|
);
|
|
|
|
|
|
|
|
try {
|
|
|
|
/* @var StubResponseType $response */
|
2018-11-08 15:11:01 +05:30
|
|
|
$grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M'));
|
2017-06-16 22:33:14 +05:30
|
|
|
} catch (OAuthServerException $e) {
|
|
|
|
$this->assertEquals($e->getHint(), 'Code Verifier must follow the specifications of RFC-7636.');
|
2016-05-06 19:53:16 +05:30
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testRespondToAccessTokenRequestMissingCodeVerifier()
|
|
|
|
{
|
|
|
|
$client = new ClientEntity();
|
|
|
|
$client->setIdentifier('foo');
|
|
|
|
$client->setRedirectUri('http://foo/bar');
|
2018-09-01 19:35:12 +05:30
|
|
|
$client->setConfidential();
|
2016-05-06 19:53:16 +05:30
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
|
|
|
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
|
|
|
|
$scopeEntity = new ScopeEntity();
|
|
|
|
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scopeEntity);
|
|
|
|
$scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);
|
|
|
|
|
|
|
|
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
|
|
|
|
$accessTokenRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity());
|
|
|
|
$accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();
|
|
|
|
|
|
|
|
$refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
|
|
|
|
$refreshTokenRepositoryMock->method('persistNewRefreshToken')->willReturnSelf();
|
|
|
|
$refreshTokenRepositoryMock->method('getNewRefreshToken')->willReturn(new RefreshTokenEntity());
|
|
|
|
|
|
|
|
$grant = new AuthCodeGrant(
|
2016-07-08 18:59:21 +05:30
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-05-06 19:53:16 +05:30
|
|
|
);
|
2018-07-30 03:04:37 +05:30
|
|
|
|
2016-05-06 19:53:16 +05:30
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
|
|
|
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
|
|
|
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
|
|
|
|
$grant->setScopeRepository($scopeRepositoryMock);
|
2017-07-01 22:41:19 +05:30
|
|
|
$grant->setEncryptionKey($this->cryptStub->getKey());
|
2016-05-06 19:53:16 +05:30
|
|
|
|
|
|
|
$request = new ServerRequest(
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
null,
|
|
|
|
'POST',
|
|
|
|
'php://input',
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[
|
|
|
|
'grant_type' => 'authorization_code',
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
'code' => $this->cryptStub->doEncrypt(
|
|
|
|
json_encode(
|
|
|
|
[
|
|
|
|
'auth_code_id' => uniqid(),
|
|
|
|
'expire_time' => time() + 3600,
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'user_id' => 123,
|
|
|
|
'scopes' => ['foo'],
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
'code_challenge' => 'foobar',
|
|
|
|
'code_challenge_method' => 'plain',
|
|
|
|
]
|
|
|
|
)
|
|
|
|
),
|
|
|
|
]
|
|
|
|
);
|
|
|
|
|
|
|
|
try {
|
|
|
|
/* @var StubResponseType $response */
|
2018-11-08 15:11:01 +05:30
|
|
|
$grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M'));
|
2016-05-06 19:53:16 +05:30
|
|
|
} catch (OAuthServerException $e) {
|
|
|
|
$this->assertEquals($e->getHint(), 'Check the `code_verifier` parameter');
|
|
|
|
}
|
|
|
|
}
|
2016-06-20 13:48:53 +05:30
|
|
|
|
|
|
|
public function testAuthCodeRepositoryUniqueConstraintCheck()
|
|
|
|
{
|
|
|
|
$authRequest = new AuthorizationRequest();
|
|
|
|
$authRequest->setAuthorizationApproved(true);
|
|
|
|
$authRequest->setClient(new ClientEntity());
|
|
|
|
$authRequest->setGrantTypeId('authorization_code');
|
|
|
|
$authRequest->setUser(new UserEntity());
|
|
|
|
|
|
|
|
$authCodeRepository = $this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock();
|
|
|
|
$authCodeRepository->method('getNewAuthCode')->willReturn(new AuthCodeEntity());
|
|
|
|
|
|
|
|
$authCodeRepository->expects($this->at(0))->method('persistNewAuthCode')->willThrowException(UniqueTokenIdentifierConstraintViolationException::create());
|
|
|
|
$authCodeRepository->expects($this->at(1))->method('persistNewAuthCode');
|
|
|
|
|
|
|
|
$grant = new AuthCodeGrant(
|
|
|
|
$authCodeRepository,
|
2016-07-08 18:59:21 +05:30
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-06-20 13:48:53 +05:30
|
|
|
);
|
2017-07-01 22:41:19 +05:30
|
|
|
$grant->setEncryptionKey($this->cryptStub->getKey());
|
2018-05-23 21:04:39 +05:30
|
|
|
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
2016-06-20 13:48:53 +05:30
|
|
|
|
2017-12-07 01:54:42 +05:30
|
|
|
$this->assertInstanceOf(RedirectResponse::class, $grant->completeAuthorizationRequest($authRequest));
|
2016-06-20 13:48:53 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
public function testAuthCodeRepositoryFailToPersist()
|
|
|
|
{
|
|
|
|
$authRequest = new AuthorizationRequest();
|
|
|
|
$authRequest->setAuthorizationApproved(true);
|
|
|
|
$authRequest->setClient(new ClientEntity());
|
|
|
|
$authRequest->setGrantTypeId('authorization_code');
|
|
|
|
$authRequest->setUser(new UserEntity());
|
|
|
|
|
|
|
|
$authCodeRepository = $this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock();
|
|
|
|
$authCodeRepository->method('getNewAuthCode')->willReturn(new AuthCodeEntity());
|
|
|
|
$authCodeRepository->method('persistNewAuthCode')->willThrowException(OAuthServerException::serverError('something bad happened'));
|
|
|
|
|
|
|
|
$grant = new AuthCodeGrant(
|
|
|
|
$authCodeRepository,
|
2016-07-08 18:59:21 +05:30
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-06-20 13:48:53 +05:30
|
|
|
);
|
2017-07-01 22:41:19 +05:30
|
|
|
$grant->setEncryptionKey($this->cryptStub->getKey());
|
2016-06-20 13:48:53 +05:30
|
|
|
|
2019-06-27 17:24:22 +05:30
|
|
|
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
|
|
|
$this->expectExceptionCode(7);
|
|
|
|
|
2017-12-07 01:54:42 +05:30
|
|
|
$this->assertInstanceOf(RedirectResponse::class, $grant->completeAuthorizationRequest($authRequest));
|
2016-06-20 13:48:53 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
public function testAuthCodeRepositoryFailToPersistUniqueNoInfiniteLoop()
|
|
|
|
{
|
|
|
|
$authRequest = new AuthorizationRequest();
|
|
|
|
$authRequest->setAuthorizationApproved(true);
|
|
|
|
$authRequest->setClient(new ClientEntity());
|
|
|
|
$authRequest->setGrantTypeId('authorization_code');
|
|
|
|
$authRequest->setUser(new UserEntity());
|
|
|
|
|
|
|
|
$authCodeRepository = $this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock();
|
|
|
|
$authCodeRepository->method('getNewAuthCode')->willReturn(new AuthCodeEntity());
|
|
|
|
$authCodeRepository->method('persistNewAuthCode')->willThrowException(UniqueTokenIdentifierConstraintViolationException::create());
|
|
|
|
|
|
|
|
$grant = new AuthCodeGrant(
|
|
|
|
$authCodeRepository,
|
2016-07-08 18:59:21 +05:30
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-06-20 13:48:53 +05:30
|
|
|
);
|
|
|
|
|
2019-06-27 17:24:22 +05:30
|
|
|
$this->expectException(\League\OAuth2\Server\Exception\UniqueTokenIdentifierConstraintViolationException::class);
|
|
|
|
$this->expectExceptionCode(100);
|
|
|
|
|
2017-12-07 01:54:42 +05:30
|
|
|
$this->assertInstanceOf(RedirectResponse::class, $grant->completeAuthorizationRequest($authRequest));
|
2016-06-20 13:48:53 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
public function testRefreshTokenRepositoryUniqueConstraintCheck()
|
|
|
|
{
|
|
|
|
$client = new ClientEntity();
|
|
|
|
$client->setIdentifier('foo');
|
|
|
|
$client->setRedirectUri('http://foo/bar');
|
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
|
|
|
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
|
|
|
|
$scopeEntity = new ScopeEntity();
|
|
|
|
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scopeEntity);
|
|
|
|
$scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);
|
|
|
|
|
|
|
|
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
|
|
|
|
$accessTokenRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity());
|
|
|
|
$accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();
|
|
|
|
|
|
|
|
$refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
|
|
|
|
$refreshTokenRepositoryMock->method('getNewRefreshToken')->willReturn(new RefreshTokenEntity());
|
|
|
|
$refreshTokenRepositoryMock->expects($this->at(0))->method('persistNewRefreshToken')->willThrowException(UniqueTokenIdentifierConstraintViolationException::create());
|
|
|
|
$refreshTokenRepositoryMock->expects($this->at(1))->method('persistNewRefreshToken');
|
|
|
|
|
|
|
|
$grant = new AuthCodeGrant(
|
2016-07-08 18:59:21 +05:30
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-06-20 13:48:53 +05:30
|
|
|
);
|
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
|
|
|
$grant->setScopeRepository($scopeRepositoryMock);
|
|
|
|
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
|
|
|
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
|
2017-07-01 22:41:19 +05:30
|
|
|
$grant->setEncryptionKey($this->cryptStub->getKey());
|
2018-05-23 21:04:39 +05:30
|
|
|
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
2016-06-20 13:48:53 +05:30
|
|
|
|
|
|
|
$request = new ServerRequest(
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
null,
|
|
|
|
'POST',
|
|
|
|
'php://input',
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[
|
|
|
|
'grant_type' => 'authorization_code',
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
'code' => $this->cryptStub->doEncrypt(
|
|
|
|
json_encode(
|
|
|
|
[
|
|
|
|
'auth_code_id' => uniqid(),
|
|
|
|
'expire_time' => time() + 3600,
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'user_id' => 123,
|
|
|
|
'scopes' => ['foo'],
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
]
|
|
|
|
)
|
|
|
|
),
|
|
|
|
]
|
|
|
|
);
|
|
|
|
|
|
|
|
/** @var StubResponseType $response */
|
2018-11-08 15:11:01 +05:30
|
|
|
$response = $grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M'));
|
2016-06-20 13:48:53 +05:30
|
|
|
|
2017-12-07 01:54:42 +05:30
|
|
|
$this->assertInstanceOf(AccessTokenEntityInterface::class, $response->getAccessToken());
|
|
|
|
$this->assertInstanceOf(RefreshTokenEntityInterface::class, $response->getRefreshToken());
|
2016-06-20 13:48:53 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
public function testRefreshTokenRepositoryFailToPersist()
|
|
|
|
{
|
|
|
|
$client = new ClientEntity();
|
|
|
|
$client->setIdentifier('foo');
|
|
|
|
$client->setRedirectUri('http://foo/bar');
|
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
|
|
|
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
|
|
|
|
$scopeEntity = new ScopeEntity();
|
|
|
|
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scopeEntity);
|
|
|
|
$scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);
|
|
|
|
|
|
|
|
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
|
|
|
|
$accessTokenRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity());
|
|
|
|
$accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();
|
|
|
|
|
|
|
|
$refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
|
|
|
|
$refreshTokenRepositoryMock->method('getNewRefreshToken')->willReturn(new RefreshTokenEntity());
|
|
|
|
$refreshTokenRepositoryMock->method('persistNewRefreshToken')->willThrowException(OAuthServerException::serverError('something bad happened'));
|
|
|
|
|
|
|
|
$grant = new AuthCodeGrant(
|
2016-07-08 18:59:21 +05:30
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-06-20 13:48:53 +05:30
|
|
|
);
|
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
|
|
|
$grant->setScopeRepository($scopeRepositoryMock);
|
|
|
|
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
|
|
|
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
|
2017-07-01 22:41:19 +05:30
|
|
|
$grant->setEncryptionKey($this->cryptStub->getKey());
|
2018-05-23 21:04:39 +05:30
|
|
|
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
2016-06-20 13:48:53 +05:30
|
|
|
|
|
|
|
$request = new ServerRequest(
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
null,
|
|
|
|
'POST',
|
|
|
|
'php://input',
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[
|
|
|
|
'grant_type' => 'authorization_code',
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
'code' => $this->cryptStub->doEncrypt(
|
|
|
|
json_encode(
|
|
|
|
[
|
|
|
|
'auth_code_id' => uniqid(),
|
|
|
|
'expire_time' => time() + 3600,
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'user_id' => 123,
|
|
|
|
'scopes' => ['foo'],
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
]
|
|
|
|
)
|
|
|
|
),
|
|
|
|
]
|
|
|
|
);
|
|
|
|
|
2019-06-27 17:24:22 +05:30
|
|
|
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
|
|
|
$this->expectExceptionCode(7);
|
|
|
|
|
2016-06-20 13:48:53 +05:30
|
|
|
/** @var StubResponseType $response */
|
2018-11-08 15:11:01 +05:30
|
|
|
$response = $grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M'));
|
2016-06-20 13:48:53 +05:30
|
|
|
|
2017-12-07 01:54:42 +05:30
|
|
|
$this->assertInstanceOf(AccessTokenEntityInterface::class, $response->getAccessToken());
|
|
|
|
$this->assertInstanceOf(RefreshTokenEntityInterface::class, $response->getRefreshToken());
|
2016-06-20 13:48:53 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
public function testRefreshTokenRepositoryFailToPersistUniqueNoInfiniteLoop()
|
|
|
|
{
|
|
|
|
$client = new ClientEntity();
|
|
|
|
$client->setIdentifier('foo');
|
|
|
|
$client->setRedirectUri('http://foo/bar');
|
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
|
|
|
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
|
|
|
|
$scopeEntity = new ScopeEntity();
|
|
|
|
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scopeEntity);
|
|
|
|
$scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);
|
|
|
|
|
|
|
|
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
|
|
|
|
$accessTokenRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity());
|
|
|
|
$accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();
|
|
|
|
|
|
|
|
$refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
|
|
|
|
$refreshTokenRepositoryMock->method('getNewRefreshToken')->willReturn(new RefreshTokenEntity());
|
|
|
|
$refreshTokenRepositoryMock->method('persistNewRefreshToken')->willThrowException(UniqueTokenIdentifierConstraintViolationException::create());
|
|
|
|
|
|
|
|
$grant = new AuthCodeGrant(
|
2016-07-08 18:59:21 +05:30
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-06-20 13:48:53 +05:30
|
|
|
);
|
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
|
|
|
$grant->setScopeRepository($scopeRepositoryMock);
|
|
|
|
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
|
|
|
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
|
2017-07-01 22:41:19 +05:30
|
|
|
$grant->setEncryptionKey($this->cryptStub->getKey());
|
2018-05-23 21:04:39 +05:30
|
|
|
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
2016-06-20 13:48:53 +05:30
|
|
|
|
|
|
|
$request = new ServerRequest(
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
null,
|
|
|
|
'POST',
|
|
|
|
'php://input',
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[],
|
|
|
|
[
|
|
|
|
'grant_type' => 'authorization_code',
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
'code' => $this->cryptStub->doEncrypt(
|
|
|
|
json_encode(
|
|
|
|
[
|
|
|
|
'auth_code_id' => uniqid(),
|
|
|
|
'expire_time' => time() + 3600,
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'user_id' => 123,
|
|
|
|
'scopes' => ['foo'],
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
]
|
|
|
|
)
|
|
|
|
),
|
|
|
|
]
|
|
|
|
);
|
|
|
|
|
2019-06-27 17:24:22 +05:30
|
|
|
$this->expectException(\League\OAuth2\Server\Exception\UniqueTokenIdentifierConstraintViolationException::class);
|
|
|
|
$this->expectExceptionCode(100);
|
|
|
|
|
2016-06-20 13:48:53 +05:30
|
|
|
/** @var StubResponseType $response */
|
2018-11-08 15:11:01 +05:30
|
|
|
$response = $grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M'));
|
2016-06-20 13:48:53 +05:30
|
|
|
|
2017-12-07 01:54:42 +05:30
|
|
|
$this->assertInstanceOf(AccessTokenEntityInterface::class, $response->getAccessToken());
|
|
|
|
$this->assertInstanceOf(RefreshTokenEntityInterface::class, $response->getRefreshToken());
|
2016-06-20 13:48:53 +05:30
|
|
|
}
|
2016-07-08 19:01:29 +05:30
|
|
|
|
|
|
|
public function testCompleteAuthorizationRequestNoUser()
|
|
|
|
{
|
|
|
|
$grant = new AuthCodeGrant(
|
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2016-07-08 19:01:29 +05:30
|
|
|
);
|
|
|
|
|
2019-06-27 17:24:22 +05:30
|
|
|
$this->expectException(\LogicException::class);
|
|
|
|
|
2016-07-08 19:01:29 +05:30
|
|
|
$grant->completeAuthorizationRequest(new AuthorizationRequest());
|
|
|
|
}
|
2018-08-14 02:17:53 +05:30
|
|
|
|
|
|
|
public function testPublicClientAuthCodeRequestRejectedWhenCodeChallengeRequiredButNotGiven()
|
|
|
|
{
|
|
|
|
$client = new ClientEntity();
|
|
|
|
$client->setRedirectUri('http://foo/bar');
|
|
|
|
|
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
|
|
|
$scope = new ScopeEntity();
|
|
|
|
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
|
|
|
|
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scope);
|
|
|
|
|
|
|
|
$grant = new AuthCodeGrant(
|
|
|
|
$this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
|
|
|
|
$this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
|
2018-11-08 15:11:01 +05:30
|
|
|
new DateInterval('PT10M')
|
2018-08-14 02:17:53 +05:30
|
|
|
);
|
|
|
|
|
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
|
|
|
$grant->setScopeRepository($scopeRepositoryMock);
|
|
|
|
$grant->setDefaultScope(self::DEFAULT_SCOPE);
|
|
|
|
|
2019-06-27 17:24:22 +05:30
|
|
|
$request = (new ServerRequest())->withQueryParams([
|
|
|
|
'response_type' => 'code',
|
|
|
|
'client_id' => 'foo',
|
|
|
|
'redirect_uri' => 'http://foo/bar',
|
|
|
|
]);
|
2018-08-14 02:17:53 +05:30
|
|
|
|
2018-08-14 03:24:12 +05:30
|
|
|
$this->expectException(OAuthServerException::class);
|
|
|
|
$this->expectExceptionCode(3);
|
|
|
|
|
|
|
|
$grant->validateAuthorizationRequest($request);
|
2018-08-14 02:17:53 +05:30
|
|
|
}
|
2016-06-20 13:48:53 +05:30
|
|
|
}
|