2014-01-16 16:51:06 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
namespace LeagueTests;
|
|
|
|
|
2014-02-24 14:43:26 +00:00
|
|
|
use League\OAuth2\Server\ResourceServer;
|
2014-05-02 15:14:12 +01:00
|
|
|
use League\OAuth2\Server\Entity\AccessTokenEntity;
|
|
|
|
use League\OAuth2\Server\Entity\SessionEntity;
|
|
|
|
use League\OAuth2\Server\Entity\ClientEntity;
|
|
|
|
use League\OAuth2\Server\Entity\ScopeEntity;
|
2014-01-16 16:51:06 +00:00
|
|
|
use \Mockery as M;
|
|
|
|
|
2014-05-01 14:33:11 +01:00
|
|
|
class ResourceServerTest extends \PHPUnit_Framework_TestCase
|
2014-01-16 16:51:06 +00:00
|
|
|
{
|
|
|
|
private function returnDefault()
|
|
|
|
{
|
|
|
|
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
|
|
|
|
$sessionStorage->shouldReceive('setServer');
|
|
|
|
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
|
|
|
|
$accessTokenStorage->shouldReceive('setServer');
|
|
|
|
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
|
|
|
|
$clientStorage->shouldReceive('setServer');
|
|
|
|
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
|
|
|
|
$scopeStorage->shouldReceive('setServer');
|
|
|
|
|
2014-02-24 14:43:26 +00:00
|
|
|
$server = new ResourceServer(
|
2014-01-16 16:51:06 +00:00
|
|
|
$sessionStorage,
|
|
|
|
$accessTokenStorage,
|
|
|
|
$clientStorage,
|
|
|
|
$scopeStorage
|
|
|
|
);
|
|
|
|
|
|
|
|
return $server;
|
|
|
|
}
|
|
|
|
|
2014-05-03 10:55:25 +01:00
|
|
|
public function testGetSet()
|
2014-01-16 16:51:06 +00:00
|
|
|
{
|
|
|
|
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
|
|
|
|
$sessionStorage->shouldReceive('setServer');
|
|
|
|
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
|
|
|
|
$accessTokenStorage->shouldReceive('setServer');
|
|
|
|
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
|
|
|
|
$clientStorage->shouldReceive('setServer');
|
|
|
|
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
|
|
|
|
$scopeStorage->shouldReceive('setServer');
|
|
|
|
|
2014-02-24 14:43:26 +00:00
|
|
|
$server = new ResourceServer(
|
2014-01-16 16:51:06 +00:00
|
|
|
$sessionStorage,
|
|
|
|
$accessTokenStorage,
|
|
|
|
$clientStorage,
|
|
|
|
$scopeStorage
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testDetermineAccessTokenMissingToken()
|
|
|
|
{
|
2014-05-01 14:33:11 +01:00
|
|
|
$this->setExpectedException('League\OAuth2\Server\Exception\InvalidRequestException');
|
2014-01-16 16:51:06 +00:00
|
|
|
|
|
|
|
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
|
|
|
|
$sessionStorage->shouldReceive('setServer');
|
|
|
|
|
|
|
|
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
|
|
|
|
$accessTokenStorage->shouldReceive('setServer');
|
|
|
|
$accessTokenStorage->shouldReceive('get')->andReturn(false);
|
|
|
|
|
|
|
|
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
|
|
|
|
$clientStorage->shouldReceive('setServer');
|
|
|
|
|
|
|
|
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
|
|
|
|
$scopeStorage->shouldReceive('setServer');
|
|
|
|
|
2014-02-24 14:43:26 +00:00
|
|
|
$server = new ResourceServer(
|
2014-01-16 16:51:06 +00:00
|
|
|
$sessionStorage,
|
|
|
|
$accessTokenStorage,
|
|
|
|
$clientStorage,
|
|
|
|
$scopeStorage
|
|
|
|
);
|
|
|
|
|
|
|
|
$request = new \Symfony\Component\HttpFoundation\Request();
|
|
|
|
$request->headers = new \Symfony\Component\HttpFoundation\ParameterBag([
|
|
|
|
'HTTP_AUTHORIZATION' => 'Bearer'
|
|
|
|
]);
|
|
|
|
$server->setRequest($request);
|
|
|
|
|
|
|
|
$reflector = new \ReflectionClass($server);
|
|
|
|
$method = $reflector->getMethod('determineAccessToken');
|
|
|
|
$method->setAccessible(true);
|
|
|
|
|
|
|
|
$method->invoke($server);
|
|
|
|
}
|
|
|
|
|
|
|
|
public function testIsValidNotValid()
|
|
|
|
{
|
|
|
|
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
|
|
|
|
$sessionStorage->shouldReceive('setServer');
|
|
|
|
|
|
|
|
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
|
|
|
|
$accessTokenStorage->shouldReceive('setServer');
|
|
|
|
$accessTokenStorage->shouldReceive('get')->andReturn(false);
|
|
|
|
|
|
|
|
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
|
|
|
|
$clientStorage->shouldReceive('setServer');
|
|
|
|
|
|
|
|
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
|
|
|
|
$scopeStorage->shouldReceive('setServer');
|
|
|
|
|
2014-02-24 14:43:26 +00:00
|
|
|
$server = new ResourceServer(
|
2014-01-16 16:51:06 +00:00
|
|
|
$sessionStorage,
|
|
|
|
$accessTokenStorage,
|
|
|
|
$clientStorage,
|
|
|
|
$scopeStorage
|
|
|
|
);
|
|
|
|
|
2014-05-08 10:29:40 +01:00
|
|
|
$this->setExpectedException('League\OAuth2\Server\Exception\AccessDeniedException');
|
|
|
|
$server->isValidRequest(false, 'foobar');
|
2014-01-16 16:51:06 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
public function testIsValid()
|
|
|
|
{
|
|
|
|
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
|
|
|
|
$sessionStorage->shouldReceive('setServer');
|
|
|
|
|
|
|
|
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
|
|
|
|
$accessTokenStorage->shouldReceive('setServer');
|
|
|
|
|
|
|
|
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
|
|
|
|
$clientStorage->shouldReceive('setServer');
|
|
|
|
|
|
|
|
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
|
|
|
|
$scopeStorage->shouldReceive('setServer');
|
|
|
|
|
2014-02-24 14:43:26 +00:00
|
|
|
$server = new ResourceServer(
|
2014-01-16 16:51:06 +00:00
|
|
|
$sessionStorage,
|
|
|
|
$accessTokenStorage,
|
|
|
|
$clientStorage,
|
|
|
|
$scopeStorage
|
|
|
|
);
|
|
|
|
|
2014-07-11 18:19:10 +01:00
|
|
|
$server->setIdKey('at');
|
2014-01-16 16:51:06 +00:00
|
|
|
|
2014-07-22 11:45:19 +01:00
|
|
|
$server->addEventListener('session.owner', function($event) {
|
|
|
|
$this->assertTrue($event->getSession() instanceof \League\OAuth2\Server\Entity\SessionEntity);
|
|
|
|
});
|
|
|
|
|
2014-01-16 16:51:06 +00:00
|
|
|
$accessTokenStorage->shouldReceive('get')->andReturn(
|
2014-11-08 16:44:39 +00:00
|
|
|
(new AccessTokenEntity($server))->setId('abcdef')->setExpireTime(time() + 300)
|
2014-01-16 16:51:06 +00:00
|
|
|
);
|
|
|
|
|
2014-07-12 08:58:18 +01:00
|
|
|
$accessTokenStorage->shouldReceive('getScopes')->andReturn([
|
|
|
|
(new ScopeEntity($server))->hydrate(['id' => 'foo']),
|
|
|
|
(new ScopeEntity($server))->hydrate(['id' => 'bar'])
|
|
|
|
]);
|
2014-01-16 16:51:06 +00:00
|
|
|
|
|
|
|
$sessionStorage->shouldReceive('getByAccessToken')->andReturn(
|
2014-05-02 17:21:53 +01:00
|
|
|
(new SessionEntity($server))->setId('foobar')->setOwner('user', 123)
|
2014-01-16 16:51:06 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
$clientStorage->shouldReceive('getBySession')->andReturn(
|
2014-07-11 18:19:10 +01:00
|
|
|
(new ClientEntity($server))->hydrate(['id' => 'testapp'])
|
2014-01-16 16:51:06 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
$request = new \Symfony\Component\HttpFoundation\Request();
|
|
|
|
$request->headers = new \Symfony\Component\HttpFoundation\ParameterBag([
|
|
|
|
'Authorization' => 'Bearer abcdef'
|
|
|
|
]);
|
|
|
|
$server->setRequest($request);
|
|
|
|
|
2014-05-01 14:33:11 +01:00
|
|
|
$this->assertTrue($server->isValidRequest());
|
2014-01-16 16:51:06 +00:00
|
|
|
$this->assertEquals('abcdef', $server->getAccessToken());
|
|
|
|
}
|
2014-11-08 16:44:39 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* @expectedException League\OAuth2\Server\Exception\AccessDeniedException
|
|
|
|
*/
|
|
|
|
public function testIsValidExpiredToken()
|
|
|
|
{
|
|
|
|
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
|
|
|
|
$sessionStorage->shouldReceive('setServer');
|
|
|
|
|
|
|
|
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
|
|
|
|
$accessTokenStorage->shouldReceive('setServer');
|
|
|
|
|
|
|
|
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
|
|
|
|
$clientStorage->shouldReceive('setServer');
|
|
|
|
|
|
|
|
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
|
|
|
|
$scopeStorage->shouldReceive('setServer');
|
|
|
|
|
|
|
|
$server = new ResourceServer(
|
|
|
|
$sessionStorage,
|
|
|
|
$accessTokenStorage,
|
|
|
|
$clientStorage,
|
|
|
|
$scopeStorage
|
|
|
|
);
|
|
|
|
|
|
|
|
$server->setIdKey('at');
|
|
|
|
|
|
|
|
$server->addEventListener('session.owner', function($event) {
|
|
|
|
$this->assertTrue($event->getSession() instanceof \League\OAuth2\Server\Entity\SessionEntity);
|
|
|
|
});
|
|
|
|
|
|
|
|
$accessTokenStorage->shouldReceive('get')->andReturn(
|
|
|
|
(new AccessTokenEntity($server))->setId('abcdef')->setExpireTime(time() - 300)
|
|
|
|
);
|
|
|
|
|
|
|
|
$accessTokenStorage->shouldReceive('getScopes')->andReturn([
|
|
|
|
(new ScopeEntity($server))->hydrate(['id' => 'foo']),
|
|
|
|
(new ScopeEntity($server))->hydrate(['id' => 'bar'])
|
|
|
|
]);
|
|
|
|
|
|
|
|
$sessionStorage->shouldReceive('getByAccessToken')->andReturn(
|
|
|
|
(new SessionEntity($server))->setId('foobar')->setOwner('user', 123)
|
|
|
|
);
|
|
|
|
|
|
|
|
$clientStorage->shouldReceive('getBySession')->andReturn(
|
|
|
|
(new ClientEntity($server))->hydrate(['id' => 'testapp'])
|
|
|
|
);
|
|
|
|
|
|
|
|
$request = new \Symfony\Component\HttpFoundation\Request();
|
|
|
|
$request->headers = new \Symfony\Component\HttpFoundation\ParameterBag([
|
|
|
|
'Authorization' => 'Bearer abcdef'
|
|
|
|
]);
|
|
|
|
$server->setRequest($request);
|
|
|
|
|
|
|
|
$server->isValidRequest();
|
|
|
|
}
|
2014-01-16 16:51:06 +00:00
|
|
|
}
|