oauth2-server/tests/ServerTest.php

166 lines
6.6 KiB
PHP
Raw Normal View History

2016-02-18 17:37:50 +05:30
<?php
namespace LeagueTests;
2016-04-09 20:14:38 +05:30
use LeagueTests\Stubs\AccessTokenEntity;
use LeagueTests\Stubs\AuthCodeEntity;
2016-03-10 22:04:32 +05:30
use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Grant\AuthCodeGrant;
2016-02-18 17:37:50 +05:30
use League\OAuth2\Server\Grant\ClientCredentialsGrant;
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
2016-03-10 22:04:32 +05:30
use League\OAuth2\Server\Repositories\AuthCodeRepositoryInterface;
2016-02-20 04:39:39 +05:30
use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
2016-03-10 22:04:32 +05:30
use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
2016-02-18 17:37:50 +05:30
use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
2016-03-10 22:04:32 +05:30
use League\OAuth2\Server\Repositories\UserRepositoryInterface;
use League\OAuth2\Server\ResponseTypes\BearerTokenResponse;
2016-02-20 04:39:39 +05:30
use League\OAuth2\Server\Server;
2016-03-15 05:40:47 +05:30
use LeagueTests\Stubs\ClientEntity;
2016-02-20 04:39:39 +05:30
use LeagueTests\Stubs\StubResponseType;
use LeagueTests\Stubs\UserEntity;
2016-02-18 17:37:50 +05:30
use Psr\Http\Message\ResponseInterface;
use Zend\Diactoros\Response;
use Zend\Diactoros\ServerRequestFactory;
2016-02-18 17:37:50 +05:30
class ServerTest extends \PHPUnit_Framework_TestCase
{
public function testRespondToRequestInvalidGrantType()
{
$server = new Server(
$this->getMock(ClientRepositoryInterface::class),
$this->getMock(AccessTokenRepositoryInterface::class),
$this->getMock(ScopeRepositoryInterface::class),
2016-03-28 20:40:41 +05:30
'file://' . __DIR__ . '/Stubs/private.key',
'file://' . __DIR__ . '/Stubs/public.key',
2016-02-18 17:37:50 +05:30
new StubResponseType()
);
$server->enableGrantType(new ClientCredentialsGrant(), new \DateInterval('PT1M'));
2016-03-11 04:53:29 +05:30
try {
$server->respondToRequest(ServerRequestFactory::fromGlobals(), new Response);
2016-03-11 04:53:29 +05:30
} catch (OAuthServerException $e) {
$this->assertEquals('unsupported_grant_type', $e->getErrorType());
$this->assertEquals(400, $e->getHttpStatusCode());
}
2016-02-18 17:37:50 +05:30
}
public function testRespondToRequest()
{
$clientRepository = $this->getMock(ClientRepositoryInterface::class);
$clientRepository->method('getClientEntity')->willReturn(new ClientEntity());
2016-03-24 00:20:14 +05:30
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
$scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);
$accessTokenRepositoryMock = $this->getMock(AccessTokenRepositoryInterface::class);
$accessTokenRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity());
2016-02-18 17:37:50 +05:30
$server = new Server(
$clientRepository,
$accessTokenRepositoryMock,
2016-03-24 00:20:14 +05:30
$scopeRepositoryMock,
2016-03-28 20:40:41 +05:30
'file://' . __DIR__ . '/Stubs/private.key',
'file://' . __DIR__ . '/Stubs/public.key',
2016-02-18 17:37:50 +05:30
new StubResponseType()
);
$server->enableGrantType(new ClientCredentialsGrant(), new \DateInterval('PT1M'));
$_POST['grant_type'] = 'client_credentials';
$_POST['client_id'] = 'foo';
$_POST['client_secret'] = 'bar';
$response = $server->respondToRequest(ServerRequestFactory::fromGlobals(), new Response);
2016-02-18 17:37:50 +05:30
$this->assertEquals(200, $response->getStatusCode());
}
2016-03-10 22:04:32 +05:30
public function testRespondToRequestPsrResponse()
{
$client = new ClientEntity();
$client->setIdentifier('foo');
$client->setIdentifier('http://bar.com');
$clientRepository = $this->getMock(ClientRepositoryInterface::class);
$clientRepository->method('getClientEntity')->willReturn($client);
2016-03-24 00:20:14 +05:30
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
$scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);
2016-03-10 22:04:32 +05:30
$server = new Server(
$clientRepository,
$this->getMock(AccessTokenRepositoryInterface::class),
2016-03-24 00:20:14 +05:30
$scopeRepositoryMock,
'file://' . __DIR__ . '/Stubs/private.key',
'file://' . __DIR__ . '/Stubs/public.key',
2016-03-10 22:04:32 +05:30
new StubResponseType()
);
$userRepository = $this->getMock(UserRepositoryInterface::class);
$userRepository->method('getUserEntityByUserCredentials')->willReturn(new UserEntity());
$authCodeRepoMock = $this->getMock(AuthCodeRepositoryInterface::class);
$authCodeRepoMock->expects($this->once())->method('getNewAuthCode')->willReturn(new AuthCodeEntity());
2016-03-10 22:04:32 +05:30
$server->enableGrantType(
new AuthCodeGrant(
$authCodeRepoMock,
2016-03-10 22:04:32 +05:30
$this->getMock(RefreshTokenRepositoryInterface::class),
$userRepository,
2016-03-10 22:04:32 +05:30
new \DateInterval('PT1H')
),
new \DateInterval('PT1M')
);
$_SERVER['HTTP_HOST'] = 'http://auth.com';
$_SERVER['REQUEST_URI'] = '/auth';
$_GET['response_type'] = 'code';
$_GET['client_id'] = $client->getIdentifier();
$_GET['redirect_uri'] = $client->getRedirectUri();
$_POST['action'] = 'approve';
$_POST['username'] = 'user';
$_POST['password'] = 'pass';
$response = $server->respondToRequest(ServerRequestFactory::fromGlobals(), new Response);
2016-03-10 22:04:32 +05:30
$this->assertTrue($response instanceof ResponseInterface);
$this->assertEquals(302, $response->getStatusCode());
$this->assertTrue(strstr($response->getHeaderLine('location'), 'code=') !== false);
2016-03-10 22:04:32 +05:30
}
public function testGetResponseType()
{
$clientRepository = $this->getMock(ClientRepositoryInterface::class);
$server = new Server(
$clientRepository,
$this->getMock(AccessTokenRepositoryInterface::class),
$this->getMock(ScopeRepositoryInterface::class),
2016-03-28 20:40:41 +05:30
'file://' . __DIR__ . '/Stubs/private.key',
'file://' . __DIR__ . '/Stubs/public.key'
2016-03-10 22:04:32 +05:30
);
$abstractGrantReflection = new \ReflectionClass($server);
$method = $abstractGrantReflection->getMethod('getResponseType');
$method->setAccessible(true);
$this->assertTrue($method->invoke($server) instanceof BearerTokenResponse);
}
public function testValidateRequest()
{
$clientRepository = $this->getMock(ClientRepositoryInterface::class);
$server = new Server(
$clientRepository,
$this->getMock(AccessTokenRepositoryInterface::class),
$this->getMock(ScopeRepositoryInterface::class),
2016-03-28 20:40:41 +05:30
'file://' . __DIR__ . '/Stubs/private.key',
'file://' . __DIR__ . '/Stubs/public.key'
2016-03-10 22:04:32 +05:30
);
try {
$server->validateAuthenticatedRequest(ServerRequestFactory::fromGlobals());
2016-03-10 22:04:32 +05:30
} catch (OAuthServerException $e) {
$this->assertEquals('Missing "Authorization" header', $e->getHint());
}
}
2016-02-18 17:37:50 +05:30
}