2013-02-05 21:50:56 +05:30
|
|
|
<?php
|
|
|
|
|
|
|
|
use \Mockery as m;
|
|
|
|
|
|
|
|
class Resource_Server_test extends PHPUnit_Framework_TestCase
|
|
|
|
{
|
2014-06-01 03:00:32 +05:30
|
|
|
private $session;
|
2013-02-05 21:50:56 +05:30
|
|
|
|
2014-06-01 03:00:32 +05:30
|
|
|
public function setUp()
|
|
|
|
{
|
2013-05-09 00:12:23 +05:30
|
|
|
$this->session = M::mock('League\OAuth2\Server\Storage\SessionInterface');
|
2014-06-01 03:00:32 +05:30
|
|
|
}
|
2013-02-05 21:50:56 +05:30
|
|
|
|
2014-06-01 03:00:32 +05:30
|
|
|
private function returnDefault()
|
|
|
|
{
|
|
|
|
return new League\OAuth2\Server\Resource($this->session);
|
|
|
|
}
|
2013-02-05 21:50:56 +05:30
|
|
|
|
2014-06-01 02:16:10 +05:30
|
|
|
public function test_getExceptionMessage()
|
|
|
|
{
|
|
|
|
$m = League\OAuth2\Server\Resource::getExceptionMessage('invalid_request');
|
|
|
|
|
|
|
|
$reflector = new ReflectionClass($this->returnDefault());
|
|
|
|
$exceptionMessages = $reflector->getProperty('exceptionMessages');
|
|
|
|
$exceptionMessages->setAccessible(true);
|
|
|
|
$v = $exceptionMessages->getValue();
|
|
|
|
|
|
|
|
$this->assertEquals($v['invalid_request'], $m);
|
|
|
|
}
|
|
|
|
|
|
|
|
public function test_getExceptionCode()
|
|
|
|
{
|
|
|
|
$this->assertEquals('invalid_request', League\OAuth2\Server\Resource::getExceptionType(0));
|
|
|
|
$this->assertEquals('invalid_token', League\OAuth2\Server\Resource::getExceptionType(1));
|
|
|
|
$this->assertEquals('insufficient_scope', League\OAuth2\Server\Resource::getExceptionType(2));
|
|
|
|
}
|
|
|
|
|
|
|
|
public function test_getExceptionHttpHeaders()
|
|
|
|
{
|
|
|
|
$this->assertEquals(array('HTTP/1.1 400 Bad Request'), League\OAuth2\Server\Resource::getExceptionHttpHeaders('invalid_request'));
|
2014-07-11 22:29:18 +05:30
|
|
|
$this->assertContains('HTTP/1.1 401 Unauthorized', League\OAuth2\Server\Resource::getExceptionHttpHeaders('invalid_token'));
|
|
|
|
$this->assertEquals(array('HTTP/1.1 403 Forbidden'), League\OAuth2\Server\Resource::getExceptionHttpHeaders('insufficient_scope'));
|
2014-06-01 02:16:10 +05:30
|
|
|
}
|
|
|
|
|
2014-06-01 03:00:32 +05:30
|
|
|
public function test_setRequest()
|
2013-02-05 21:50:56 +05:30
|
|
|
{
|
|
|
|
$s = $this->returnDefault();
|
2013-05-09 00:12:23 +05:30
|
|
|
$request = new League\OAuth2\Server\Util\Request();
|
2013-02-05 21:50:56 +05:30
|
|
|
$s->setRequest($request);
|
|
|
|
|
|
|
|
$reflector = new ReflectionClass($s);
|
|
|
|
$requestProperty = $reflector->getProperty('request');
|
|
|
|
$requestProperty->setAccessible(true);
|
|
|
|
$v = $requestProperty->getValue($s);
|
|
|
|
|
2013-05-09 00:12:23 +05:30
|
|
|
$this->assertTrue($v instanceof League\OAuth2\Server\Util\RequestInterface);
|
2013-02-05 21:50:56 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
public function test_getRequest()
|
|
|
|
{
|
|
|
|
$s = $this->returnDefault();
|
2013-05-09 00:12:23 +05:30
|
|
|
$request = new League\OAuth2\Server\Util\Request();
|
2013-02-05 21:50:56 +05:30
|
|
|
$s->setRequest($request);
|
|
|
|
$v = $s->getRequest();
|
|
|
|
|
2013-05-09 00:12:23 +05:30
|
|
|
$this->assertTrue($v instanceof League\OAuth2\Server\Util\RequestInterface);
|
2013-02-05 21:50:56 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
public function test_getTokenKey()
|
|
|
|
{
|
|
|
|
$s = $this->returnDefault();
|
2013-02-13 22:40:44 +05:30
|
|
|
$this->assertEquals('access_token', $s->getTokenKey());
|
2013-02-05 21:50:56 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
public function test_setTokenKey()
|
|
|
|
{
|
|
|
|
$s = $this->returnDefault();
|
2014-06-01 03:00:32 +05:30
|
|
|
$s->setTokenKey('oauth_token');
|
2013-02-05 21:50:56 +05:30
|
|
|
|
|
|
|
$reflector = new ReflectionClass($s);
|
|
|
|
$requestProperty = $reflector->getProperty('tokenKey');
|
|
|
|
$requestProperty->setAccessible(true);
|
|
|
|
$v = $requestProperty->getValue($s);
|
|
|
|
|
2013-02-13 22:40:44 +05:30
|
|
|
$this->assertEquals('oauth_token', $v);
|
2013-02-05 21:50:56 +05:30
|
|
|
}
|
|
|
|
|
2013-05-06 23:39:36 +05:30
|
|
|
public function test_getScopes()
|
|
|
|
{
|
|
|
|
$s = $this->returnDefault();
|
|
|
|
$this->assertEquals(array(), $s->getScopes());
|
|
|
|
}
|
|
|
|
|
2013-02-05 21:50:56 +05:30
|
|
|
/**
|
2014-06-01 02:04:12 +05:30
|
|
|
* @expectedException League\OAuth2\Server\Exception\MissingAccessTokenException
|
2013-02-05 21:50:56 +05:30
|
|
|
*/
|
|
|
|
public function test_determineAccessToken_missingToken()
|
|
|
|
{
|
2014-06-01 03:00:32 +05:30
|
|
|
$_SERVER['HTTP_AUTHORIZATION'] = 'Bearer';
|
|
|
|
$request = new League\OAuth2\Server\Util\Request(array(), array(), array(), array(), $_SERVER);
|
2013-02-05 21:50:56 +05:30
|
|
|
|
2014-06-01 03:00:32 +05:30
|
|
|
$s = $this->returnDefault();
|
|
|
|
$s->setRequest($request);
|
2013-02-05 21:50:56 +05:30
|
|
|
|
2014-06-01 03:00:32 +05:30
|
|
|
$reflector = new ReflectionClass($s);
|
|
|
|
$method = $reflector->getMethod('determineAccessToken');
|
|
|
|
$method->setAccessible(true);
|
2013-02-05 21:50:56 +05:30
|
|
|
|
2014-06-01 03:00:32 +05:30
|
|
|
$method->invoke($s);
|
2013-02-05 21:50:56 +05:30
|
|
|
}
|
|
|
|
|
2013-05-11 01:27:06 +05:30
|
|
|
/**
|
2014-06-01 02:04:12 +05:30
|
|
|
* @expectedException League\OAuth2\Server\Exception\MissingAccessTokenException
|
2013-05-11 01:27:06 +05:30
|
|
|
*/
|
|
|
|
public function test_determineAccessToken_brokenCurlRequest()
|
|
|
|
{
|
|
|
|
$_SERVER['HTTP_AUTHORIZATION'] = 'Bearer, Bearer abcdef';
|
|
|
|
$request = new League\OAuth2\Server\Util\Request(array(), array(), array(), array(), $_SERVER);
|
|
|
|
|
|
|
|
$s = $this->returnDefault();
|
|
|
|
$s->setRequest($request);
|
|
|
|
|
|
|
|
$reflector = new ReflectionClass($s);
|
|
|
|
$method = $reflector->getMethod('determineAccessToken');
|
|
|
|
$method->setAccessible(true);
|
|
|
|
|
|
|
|
$method->invoke($s);
|
|
|
|
}
|
|
|
|
|
2013-02-05 21:50:56 +05:30
|
|
|
public function test_determineAccessToken_fromHeader()
|
|
|
|
{
|
2013-05-09 00:12:23 +05:30
|
|
|
$request = new League\OAuth2\Server\Util\Request();
|
2013-02-05 21:50:56 +05:30
|
|
|
|
2013-02-08 17:10:33 +05:30
|
|
|
$requestReflector = new ReflectionClass($request);
|
|
|
|
$param = $requestReflector->getProperty('headers');
|
|
|
|
$param->setAccessible(true);
|
|
|
|
$param->setValue($request, array(
|
2013-03-22 16:07:01 +05:30
|
|
|
'Authorization' => 'Bearer abcdef'
|
2013-02-08 17:10:33 +05:30
|
|
|
));
|
|
|
|
$s = $this->returnDefault();
|
|
|
|
$s->setRequest($request);
|
2013-02-05 21:50:56 +05:30
|
|
|
|
2014-06-01 03:00:32 +05:30
|
|
|
$reflector = new ReflectionClass($s);
|
2013-02-08 17:10:33 +05:30
|
|
|
|
2014-06-01 03:00:32 +05:30
|
|
|
$method = $reflector->getMethod('determineAccessToken');
|
|
|
|
$method->setAccessible(true);
|
2013-02-05 21:50:56 +05:30
|
|
|
|
2014-06-01 03:00:32 +05:30
|
|
|
$result = $method->invoke($s);
|
2013-02-05 21:50:56 +05:30
|
|
|
|
2014-06-01 03:00:32 +05:30
|
|
|
$this->assertEquals('abcdef', $result);
|
2013-02-05 21:50:56 +05:30
|
|
|
}
|
|
|
|
|
2013-05-11 01:27:06 +05:30
|
|
|
public function test_determineAccessToken_fromBrokenCurlHeader()
|
|
|
|
{
|
|
|
|
$request = new League\OAuth2\Server\Util\Request();
|
|
|
|
|
|
|
|
$requestReflector = new ReflectionClass($request);
|
|
|
|
$param = $requestReflector->getProperty('headers');
|
|
|
|
$param->setAccessible(true);
|
|
|
|
$param->setValue($request, array(
|
|
|
|
'Authorization' => 'Bearer abcdef, Bearer abcdef'
|
|
|
|
));
|
|
|
|
$s = $this->returnDefault();
|
|
|
|
$s->setRequest($request);
|
|
|
|
|
|
|
|
$reflector = new ReflectionClass($s);
|
|
|
|
|
|
|
|
$method = $reflector->getMethod('determineAccessToken');
|
|
|
|
$method->setAccessible(true);
|
|
|
|
|
|
|
|
$result = $method->invoke($s);
|
|
|
|
|
|
|
|
$this->assertEquals('abcdef', $result);
|
|
|
|
}
|
|
|
|
|
2013-02-05 21:50:56 +05:30
|
|
|
public function test_determineAccessToken_fromMethod()
|
|
|
|
{
|
2014-06-01 03:00:32 +05:30
|
|
|
$s = $this->returnDefault();
|
2013-02-05 21:50:56 +05:30
|
|
|
|
2014-06-01 03:00:32 +05:30
|
|
|
$_GET[$s->getTokenKey()] = 'abcdef';
|
|
|
|
$_SERVER['REQUEST_METHOD'] = 'get';
|
2013-02-05 21:50:56 +05:30
|
|
|
|
2014-06-01 03:00:32 +05:30
|
|
|
$request = new League\OAuth2\Server\Util\Request($_GET, array(), array(), array(), $_SERVER);
|
|
|
|
$s->setRequest($request);
|
2013-02-05 21:50:56 +05:30
|
|
|
|
2014-06-01 03:00:32 +05:30
|
|
|
$reflector = new ReflectionClass($s);
|
|
|
|
$method = $reflector->getMethod('determineAccessToken');
|
|
|
|
$method->setAccessible(true);
|
2013-02-05 21:50:56 +05:30
|
|
|
|
2014-06-01 03:00:32 +05:30
|
|
|
$result = $method->invoke($s);
|
2013-02-05 21:50:56 +05:30
|
|
|
|
2014-06-01 03:00:32 +05:30
|
|
|
$this->assertEquals('abcdef', $result);
|
2013-02-05 21:50:56 +05:30
|
|
|
}
|
|
|
|
|
2014-06-01 02:41:00 +05:30
|
|
|
public function test_hasScope_isRequired()
|
|
|
|
{
|
|
|
|
$s = $this->returnDefault();
|
|
|
|
|
|
|
|
$reflector = new ReflectionClass($s);
|
|
|
|
$param = $reflector->getProperty('sessionScopes');
|
|
|
|
$param->setAccessible(true);
|
|
|
|
$param->setValue($s, array(
|
|
|
|
'a', 'b', 'c'
|
|
|
|
));
|
|
|
|
|
|
|
|
$result = $s->hasScope(array('a', 'b'), true);
|
|
|
|
|
|
|
|
$this->assertEquals(true, $result);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @expectedException League\OAuth2\Server\Exception\InsufficientScopeException
|
|
|
|
*/
|
|
|
|
public function test_hasScope_isRequiredFailure()
|
|
|
|
{
|
|
|
|
$s = $this->returnDefault();
|
|
|
|
|
|
|
|
$reflector = new ReflectionClass($s);
|
|
|
|
$param = $reflector->getProperty('sessionScopes');
|
|
|
|
$param->setAccessible(true);
|
|
|
|
$param->setValue($s, array(
|
|
|
|
'a', 'b', 'c'
|
|
|
|
));
|
|
|
|
|
|
|
|
$s->hasScope('d', true);
|
|
|
|
}
|
|
|
|
|
2013-02-08 17:15:51 +05:30
|
|
|
/**
|
2013-05-09 00:12:23 +05:30
|
|
|
* @expectedException League\OAuth2\Server\Exception\InvalidAccessTokenException
|
2013-02-08 17:15:51 +05:30
|
|
|
*/
|
2013-02-05 21:50:56 +05:30
|
|
|
public function test_isValid_notValid()
|
|
|
|
{
|
2014-06-01 03:00:32 +05:30
|
|
|
$this->session->shouldReceive('validateAccessToken')->andReturn(false);
|
2013-02-05 21:50:56 +05:30
|
|
|
|
2014-06-01 03:00:32 +05:30
|
|
|
$request = new League\OAuth2\Server\Util\Request();
|
2013-02-08 17:10:33 +05:30
|
|
|
$requestReflector = new ReflectionClass($request);
|
|
|
|
$param = $requestReflector->getProperty('headers');
|
|
|
|
$param->setAccessible(true);
|
|
|
|
$param->setValue($request, array(
|
2013-03-22 16:07:01 +05:30
|
|
|
'Authorization' => 'Bearer abcdef'
|
2013-02-08 17:10:33 +05:30
|
|
|
));
|
|
|
|
$s = $this->returnDefault();
|
|
|
|
$s->setRequest($request);
|
2013-02-05 21:50:56 +05:30
|
|
|
|
2013-02-08 17:15:51 +05:30
|
|
|
$s->isValid();
|
2013-02-05 21:50:56 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
public function test_isValid_valid()
|
|
|
|
{
|
2014-06-01 03:00:32 +05:30
|
|
|
$this->session->shouldReceive('validateAccessToken')->andReturn(array(
|
|
|
|
'session_id' => 1,
|
|
|
|
'owner_type' => 'user',
|
|
|
|
'owner_id' => 123,
|
2013-05-06 22:58:49 +05:30
|
|
|
'client_id' => 'testapp'
|
2014-06-01 03:00:32 +05:30
|
|
|
));
|
2013-05-06 22:58:49 +05:30
|
|
|
|
2014-06-01 03:00:32 +05:30
|
|
|
$this->session->shouldReceive('getScopes')->andReturn(array(
|
2013-05-28 00:08:07 +05:30
|
|
|
array('scope' => 'foo'),
|
|
|
|
array('scope' => 'bar')
|
2013-05-06 22:58:49 +05:30
|
|
|
));
|
2013-02-05 21:50:56 +05:30
|
|
|
|
2014-06-01 03:00:32 +05:30
|
|
|
$request = new League\OAuth2\Server\Util\Request();
|
2013-02-08 17:10:33 +05:30
|
|
|
$requestReflector = new ReflectionClass($request);
|
|
|
|
$param = $requestReflector->getProperty('headers');
|
|
|
|
$param->setAccessible(true);
|
|
|
|
$param->setValue($request, array(
|
2013-03-22 16:07:01 +05:30
|
|
|
'Authorization' => 'Bearer abcdef'
|
2013-02-08 17:10:33 +05:30
|
|
|
));
|
2013-05-06 22:58:49 +05:30
|
|
|
|
2013-02-08 17:10:33 +05:30
|
|
|
$s = $this->returnDefault();
|
|
|
|
$s->setRequest($request);
|
2013-02-05 21:50:56 +05:30
|
|
|
|
2014-06-01 03:00:32 +05:30
|
|
|
$this->assertTrue($s->isValid());
|
|
|
|
$this->assertEquals(123, $s->getOwnerId());
|
|
|
|
$this->assertEquals('user', $s->getOwnerType());
|
|
|
|
$this->assertEquals('abcdef', $s->getAccessToken());
|
2013-05-09 06:42:18 +05:30
|
|
|
$this->assertEquals('testapp', $s->getClientId());
|
2014-06-01 03:58:48 +05:30
|
|
|
$this->assertTrue($s->hasScope('foo'));
|
|
|
|
$this->assertTrue($s->hasScope('bar'));
|
|
|
|
$this->assertTrue($s->hasScope(array('foo', 'bar')));
|
|
|
|
$this->assertFalse($s->hasScope(array('foobar')));
|
|
|
|
$this->assertFalse($s->hasScope('foobar'));
|
2013-02-05 21:50:56 +05:30
|
|
|
}
|
2014-06-01 03:00:32 +05:30
|
|
|
}
|