2016-02-18 10:47:52 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
namespace LeagueTests\Grant;
|
|
|
|
|
|
2018-11-08 10:41:01 +01:00
|
|
|
use DateInterval;
|
2018-05-23 16:34:39 +01:00
|
|
|
use League\OAuth2\Server\CryptKey;
|
2016-04-09 15:25:45 +01:00
|
|
|
use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
|
|
|
|
|
use League\OAuth2\Server\Entities\RefreshTokenEntityInterface;
|
2016-02-18 10:47:52 +00:00
|
|
|
use League\OAuth2\Server\Grant\PasswordGrant;
|
|
|
|
|
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
|
|
|
|
|
use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
|
|
|
|
|
use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
|
2016-03-23 18:50:14 +00:00
|
|
|
use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
|
2016-02-18 10:47:52 +00:00
|
|
|
use League\OAuth2\Server\Repositories\UserRepositoryInterface;
|
2016-04-09 10:46:40 -04:00
|
|
|
use LeagueTests\Stubs\AccessTokenEntity;
|
2016-03-15 01:10:47 +01:00
|
|
|
use LeagueTests\Stubs\ClientEntity;
|
2016-04-09 10:46:40 -04:00
|
|
|
use LeagueTests\Stubs\RefreshTokenEntity;
|
2017-11-13 22:20:42 +00:00
|
|
|
use LeagueTests\Stubs\ScopeEntity;
|
2016-02-18 10:47:52 +00:00
|
|
|
use LeagueTests\Stubs\StubResponseType;
|
|
|
|
|
use LeagueTests\Stubs\UserEntity;
|
2017-11-08 16:07:07 -02:00
|
|
|
use PHPUnit\Framework\TestCase;
|
2016-02-18 10:47:52 +00:00
|
|
|
use Zend\Diactoros\ServerRequest;
|
|
|
|
|
|
2017-11-08 16:07:07 -02:00
|
|
|
class PasswordGrantTest extends TestCase
|
2016-02-18 10:47:52 +00:00
|
|
|
{
|
2017-11-13 22:20:42 +00:00
|
|
|
const DEFAULT_SCOPE = 'basic';
|
|
|
|
|
|
2016-02-18 10:47:52 +00:00
|
|
|
public function testGetIdentifier()
|
|
|
|
|
{
|
2016-07-08 15:29:21 +02:00
|
|
|
$userRepositoryMock = $this->getMockBuilder(UserRepositoryInterface::class)->getMock();
|
|
|
|
|
$refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
|
2016-02-18 10:47:52 +00:00
|
|
|
|
|
|
|
|
$grant = new PasswordGrant($userRepositoryMock, $refreshTokenRepositoryMock);
|
|
|
|
|
$this->assertEquals('password', $grant->getIdentifier());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testRespondToRequest()
|
|
|
|
|
{
|
|
|
|
|
$client = new ClientEntity();
|
|
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
|
|
|
|
|
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
|
2016-03-25 14:09:26 +01:00
|
|
|
$accessTokenRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity());
|
2016-02-18 10:47:52 +00:00
|
|
|
$accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();
|
|
|
|
|
|
|
|
|
|
$userRepositoryMock = $this->getMockBuilder(UserRepositoryInterface::class)->getMock();
|
|
|
|
|
$userEntity = new UserEntity();
|
|
|
|
|
$userRepositoryMock->method('getUserEntityByUserCredentials')->willReturn($userEntity);
|
|
|
|
|
|
|
|
|
|
$refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
|
2016-02-18 12:07:50 +00:00
|
|
|
$refreshTokenRepositoryMock->method('persistNewRefreshToken')->willReturnSelf();
|
2016-03-25 14:09:26 +01:00
|
|
|
$refreshTokenRepositoryMock->method('getNewRefreshToken')->willReturn(new RefreshTokenEntity());
|
2016-02-18 10:47:52 +00:00
|
|
|
|
2017-11-13 22:20:42 +00:00
|
|
|
$scope = new ScopeEntity();
|
2016-03-23 18:50:14 +00:00
|
|
|
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
|
2017-11-13 22:20:42 +00:00
|
|
|
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scope);
|
2016-03-23 18:50:14 +00:00
|
|
|
$scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);
|
|
|
|
|
|
2016-02-18 10:47:52 +00:00
|
|
|
$grant = new PasswordGrant($userRepositoryMock, $refreshTokenRepositoryMock);
|
|
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
|
|
|
|
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
2016-03-23 18:50:14 +00:00
|
|
|
$grant->setScopeRepository($scopeRepositoryMock);
|
2017-11-13 22:20:42 +00:00
|
|
|
$grant->setDefaultScope(self::DEFAULT_SCOPE);
|
2018-05-23 16:34:39 +01:00
|
|
|
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
2016-02-18 10:47:52 +00:00
|
|
|
|
2019-06-27 13:15:37 +01:00
|
|
|
$serverRequest = (new ServerRequest())->withParsedBody([
|
|
|
|
|
'client_id' => 'foo',
|
|
|
|
|
'client_secret' => 'bar',
|
|
|
|
|
'username' => 'foo',
|
|
|
|
|
'password' => 'bar',
|
|
|
|
|
]);
|
2016-02-18 10:47:52 +00:00
|
|
|
|
|
|
|
|
$responseType = new StubResponseType();
|
2018-11-08 10:41:01 +01:00
|
|
|
$grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M'));
|
2016-02-18 10:47:52 +00:00
|
|
|
|
2017-12-06 18:24:42 -02:00
|
|
|
$this->assertInstanceOf(AccessTokenEntityInterface::class, $responseType->getAccessToken());
|
|
|
|
|
$this->assertInstanceOf(RefreshTokenEntityInterface::class, $responseType->getRefreshToken());
|
2016-02-18 10:47:52 +00:00
|
|
|
}
|
2016-02-21 16:09:39 +00:00
|
|
|
|
2019-03-11 23:26:35 +01:00
|
|
|
public function testRespondToRequestNullRefreshToken()
|
2019-03-08 18:19:16 +01:00
|
|
|
{
|
|
|
|
|
$client = new ClientEntity();
|
|
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
|
|
|
|
|
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
|
|
|
|
|
$accessTokenRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity());
|
|
|
|
|
$accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();
|
|
|
|
|
|
|
|
|
|
$userRepositoryMock = $this->getMockBuilder(UserRepositoryInterface::class)->getMock();
|
|
|
|
|
$userEntity = new UserEntity();
|
|
|
|
|
$userRepositoryMock->method('getUserEntityByUserCredentials')->willReturn($userEntity);
|
|
|
|
|
|
|
|
|
|
$scope = new ScopeEntity();
|
|
|
|
|
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
|
|
|
|
|
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scope);
|
|
|
|
|
$scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);
|
|
|
|
|
|
|
|
|
|
$refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
|
|
|
|
|
$refreshTokenRepositoryMock->method('getNewRefreshToken')->willReturn(null);
|
|
|
|
|
|
|
|
|
|
$grant = new PasswordGrant($userRepositoryMock, $refreshTokenRepositoryMock);
|
|
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
|
|
|
|
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
|
|
|
|
$grant->setScopeRepository($scopeRepositoryMock);
|
|
|
|
|
$grant->setDefaultScope(self::DEFAULT_SCOPE);
|
2019-05-14 20:56:54 +01:00
|
|
|
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
2019-03-08 18:19:16 +01:00
|
|
|
|
2019-06-27 13:15:37 +01:00
|
|
|
$serverRequest = (new ServerRequest())->withParsedBody([
|
|
|
|
|
'client_id' => 'foo',
|
|
|
|
|
'client_secret' => 'bar',
|
|
|
|
|
'username' => 'foo',
|
|
|
|
|
'password' => 'bar',
|
|
|
|
|
]);
|
2019-03-08 18:19:16 +01:00
|
|
|
|
|
|
|
|
$responseType = new StubResponseType();
|
|
|
|
|
$grant->respondToAccessTokenRequest($serverRequest, $responseType, new \DateInterval('PT5M'));
|
|
|
|
|
|
|
|
|
|
$this->assertInstanceOf(AccessTokenEntityInterface::class, $responseType->getAccessToken());
|
|
|
|
|
$this->assertNull($responseType->getRefreshToken());
|
|
|
|
|
}
|
|
|
|
|
|
2016-02-21 16:09:39 +00:00
|
|
|
public function testRespondToRequestMissingUsername()
|
|
|
|
|
{
|
|
|
|
|
$client = new ClientEntity();
|
|
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
|
|
|
|
|
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
|
|
|
|
|
|
|
|
|
|
$userRepositoryMock = $this->getMockBuilder(UserRepositoryInterface::class)->getMock();
|
|
|
|
|
|
|
|
|
|
$refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
|
|
|
|
|
|
|
|
|
|
$grant = new PasswordGrant($userRepositoryMock, $refreshTokenRepositoryMock);
|
|
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
|
|
|
|
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
|
|
|
|
|
2019-06-27 12:54:22 +01:00
|
|
|
$serverRequest = (new ServerRequest())->withQueryParams([
|
|
|
|
|
'client_id' => 'foo',
|
|
|
|
|
'client_secret' => 'bar',
|
|
|
|
|
]);
|
2016-02-21 16:09:39 +00:00
|
|
|
|
|
|
|
|
$responseType = new StubResponseType();
|
2019-06-27 12:54:22 +01:00
|
|
|
|
|
|
|
|
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
|
|
|
|
|
2018-11-08 10:41:01 +01:00
|
|
|
$grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M'));
|
2016-02-21 16:09:39 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testRespondToRequestMissingPassword()
|
|
|
|
|
{
|
|
|
|
|
$client = new ClientEntity();
|
|
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
|
|
|
|
|
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
|
|
|
|
|
|
|
|
|
|
$userRepositoryMock = $this->getMockBuilder(UserRepositoryInterface::class)->getMock();
|
|
|
|
|
|
|
|
|
|
$refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
|
|
|
|
|
|
|
|
|
|
$grant = new PasswordGrant($userRepositoryMock, $refreshTokenRepositoryMock);
|
|
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
|
|
|
|
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
|
|
|
|
|
2019-06-27 12:54:22 +01:00
|
|
|
$serverRequest = (new ServerRequest())->withParsedBody([
|
|
|
|
|
'client_id' => 'foo',
|
|
|
|
|
'client_secret' => 'bar',
|
|
|
|
|
'username' => 'alex',
|
|
|
|
|
]);
|
2016-02-21 16:09:39 +00:00
|
|
|
|
|
|
|
|
$responseType = new StubResponseType();
|
2019-06-27 12:54:22 +01:00
|
|
|
|
|
|
|
|
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
|
|
|
|
|
2018-11-08 10:41:01 +01:00
|
|
|
$grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M'));
|
2016-02-21 16:09:39 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testRespondToRequestBadCredentials()
|
|
|
|
|
{
|
|
|
|
|
$client = new ClientEntity();
|
|
|
|
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
|
|
|
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
|
|
|
|
|
|
|
|
|
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
|
|
|
|
|
|
|
|
|
|
$userRepositoryMock = $this->getMockBuilder(UserRepositoryInterface::class)->getMock();
|
|
|
|
|
$userRepositoryMock->method('getUserEntityByUserCredentials')->willReturn(null);
|
|
|
|
|
|
|
|
|
|
$refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
|
|
|
|
|
|
|
|
|
|
$grant = new PasswordGrant($userRepositoryMock, $refreshTokenRepositoryMock);
|
|
|
|
|
$grant->setClientRepository($clientRepositoryMock);
|
|
|
|
|
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
|
|
|
|
|
2019-06-27 12:54:22 +01:00
|
|
|
$serverRequest = (new ServerRequest())->withParsedBody([
|
|
|
|
|
'client_id' => 'foo',
|
|
|
|
|
'client_secret' => 'bar',
|
|
|
|
|
'username' => 'alex',
|
|
|
|
|
'password' => 'whisky',
|
|
|
|
|
]);
|
2016-02-21 16:09:39 +00:00
|
|
|
|
|
|
|
|
$responseType = new StubResponseType();
|
2019-06-27 12:54:22 +01:00
|
|
|
|
|
|
|
|
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
|
|
|
|
$this->expectExceptionCode(10);
|
|
|
|
|
|
2018-11-08 10:41:01 +01:00
|
|
|
$grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M'));
|
2016-02-21 16:09:39 +00:00
|
|
|
}
|
2016-02-18 10:47:52 +00:00
|
|
|
}
|
