ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2024-11-26 16:52:04 +05:30
Code Issues Packages Projects Releases Wiki Activity

Fix issues setting attributes on requests

Browse Source
This commit is contained in:
sephster 2019-06-27 13:15:37 +01:00
parent e3b23fa826
commit 51b97f87c1
No known key found for this signature in database
GPG Key ID: 077754CA23023F4F
7 changed files with 55 additions and 95 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
tests/AuthorizationValidators/BearerTokenValidatorTest.php
View File

@ -28,8 +28,7 @@ class BearerTokenValidatorTest extends TestCase
->set('scopes', 'scope1 scope2 scope3 scope4') ->set('scopes', 'scope1 scope2 scope3 scope4')
->getToken(); ->getToken();
$request = new ServerRequest(); $request = (new ServerRequest())->withHeader('authorization', sprintf('Bearer %s', $unsignedJwt));
$request = $request->withHeader('authorization', sprintf('Bearer %s', $unsignedJwt));
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class); $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
$this->expectExceptionCode(9); $this->expectExceptionCode(9);

53
tests/Grant/AbstractGrantTest.php
View File

@ -30,8 +30,7 @@ class AbstractGrantTest extends TestCase
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class); $grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$abstractGrantReflection = new \ReflectionClass($grantMock); $abstractGrantReflection = new \ReflectionClass($grantMock);
$serverRequest = new ServerRequest(); $serverRequest = (new ServerRequest())->withHeader('Authorization', 'Basic ' . base64_encode('Open:Sesame'));
$serverRequest = $serverRequest->withHeader('Authorization', 'Basic ' . base64_encode('Open:Sesame'));
$basicAuthMethod = $abstractGrantReflection->getMethod('getBasicAuthCredentials'); $basicAuthMethod = $abstractGrantReflection->getMethod('getBasicAuthCredentials');
$basicAuthMethod->setAccessible(true); $basicAuthMethod->setAccessible(true);
@ -44,8 +43,7 @@ class AbstractGrantTest extends TestCase
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class); $grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$abstractGrantReflection = new \ReflectionClass($grantMock); $abstractGrantReflection = new \ReflectionClass($grantMock);
$serverRequest = new ServerRequest(); $serverRequest = (new ServerRequest())->withHeader('Authorization', 'Basic ' . base64_encode('Open:'));
$serverRequest = $serverRequest->withHeader('Authorization', 'Basic ' . base64_encode('Open:'));
$basicAuthMethod = $abstractGrantReflection->getMethod('getBasicAuthCredentials'); $basicAuthMethod = $abstractGrantReflection->getMethod('getBasicAuthCredentials');
$basicAuthMethod->setAccessible(true); $basicAuthMethod->setAccessible(true);
@ -58,8 +56,7 @@ class AbstractGrantTest extends TestCase
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class); $grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$abstractGrantReflection = new \ReflectionClass($grantMock); $abstractGrantReflection = new \ReflectionClass($grantMock);
$serverRequest = new ServerRequest(); $serverRequest = (new ServerRequest())->withHeader('Authorization', 'Foo ' . base64_encode('Open:Sesame'));
$serverRequest = $serverRequest->withHeader('Authorization', 'Foo ' . base64_encode('Open:Sesame'));
$basicAuthMethod = $abstractGrantReflection->getMethod('getBasicAuthCredentials'); $basicAuthMethod = $abstractGrantReflection->getMethod('getBasicAuthCredentials');
$basicAuthMethod->setAccessible(true); $basicAuthMethod->setAccessible(true);
@ -72,8 +69,7 @@ class AbstractGrantTest extends TestCase
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class); $grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$abstractGrantReflection = new \ReflectionClass($grantMock); $abstractGrantReflection = new \ReflectionClass($grantMock);
$serverRequest = new ServerRequest(); $serverRequest = (new ServerRequest())->withHeader('Authorization', 'Basic ||');
$serverRequest = $serverRequest->withHeader('Authorization', 'Basic ||');
$basicAuthMethod = $abstractGrantReflection->getMethod('getBasicAuthCredentials'); $basicAuthMethod = $abstractGrantReflection->getMethod('getBasicAuthCredentials');
$basicAuthMethod->setAccessible(true); $basicAuthMethod->setAccessible(true);
@ -86,8 +82,7 @@ class AbstractGrantTest extends TestCase
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class); $grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$abstractGrantReflection = new \ReflectionClass($grantMock); $abstractGrantReflection = new \ReflectionClass($grantMock);
$serverRequest = new ServerRequest(); $serverRequest = (new ServerRequest())->withHeader('Authorization', 'Basic ' . base64_encode('OpenSesame'));
$serverRequest = $serverRequest->withHeader('Authorization', 'Basic ' . base64_encode('OpenSesame'));
$basicAuthMethod = $abstractGrantReflection->getMethod('getBasicAuthCredentials'); $basicAuthMethod = $abstractGrantReflection->getMethod('getBasicAuthCredentials');
$basicAuthMethod->setAccessible(true); $basicAuthMethod->setAccessible(true);
@ -107,12 +102,10 @@ class AbstractGrantTest extends TestCase
$abstractGrantReflection = new \ReflectionClass($grantMock); $abstractGrantReflection = new \ReflectionClass($grantMock);
$serverRequest = new ServerRequest(); $serverRequest = (new ServerRequest())->withParsedBody([
$serverRequest = $serverRequest->withParsedBody(
[
'client_id' => 'foo', 'client_id' => 'foo',
] ]);
);
$validateClientMethod = $abstractGrantReflection->getMethod('validateClient'); $validateClientMethod = $abstractGrantReflection->getMethod('validateClient');
$validateClientMethod->setAccessible(true); $validateClientMethod->setAccessible(true);
@ -133,14 +126,12 @@ class AbstractGrantTest extends TestCase
$abstractGrantReflection = new \ReflectionClass($grantMock); $abstractGrantReflection = new \ReflectionClass($grantMock);
$serverRequest = new ServerRequest(); $serverRequest = (new ServerRequest())->withParsedBody([
$serverRequest = $serverRequest->withParsedBody(
[
'client_id' => 'foo', 'client_id' => 'foo',
'client_secret' => 'bar', 'client_secret' => 'bar',
'redirect_uri' => 'http://foo/bar', 'redirect_uri' => 'http://foo/bar',
] ]);
);
$validateClientMethod = $abstractGrantReflection->getMethod('validateClient'); $validateClientMethod = $abstractGrantReflection->getMethod('validateClient');
$validateClientMethod->setAccessible(true); $validateClientMethod->setAccessible(true);
@ -148,7 +139,6 @@ class AbstractGrantTest extends TestCase
$this->assertEquals($client, $result); $this->assertEquals($client, $result);
} }
public function testValidateClientMissingClientId() public function testValidateClientMissingClientId()
{ {
$client = new ClientEntity(); $client = new ClientEntity();
@ -181,8 +171,7 @@ class AbstractGrantTest extends TestCase
$abstractGrantReflection = new \ReflectionClass($grantMock); $abstractGrantReflection = new \ReflectionClass($grantMock);
$serverRequest = new ServerRequest(); $serverRequest = (new ServerRequest())->withParsedBody([
$serverRequest = $serverRequest->withParsedBody([
'client_id' => 'foo', 'client_id' => 'foo',
]); ]);
@ -205,8 +194,7 @@ class AbstractGrantTest extends TestCase
$abstractGrantReflection = new \ReflectionClass($grantMock); $abstractGrantReflection = new \ReflectionClass($grantMock);
$serverRequest = new ServerRequest(); $serverRequest = (new ServerRequest())->withParsedBody([
$serverRequest = $serverRequest->withParsedBody([
'client_id' => 'foo', 'client_id' => 'foo',
'client_secret' => 'foo', 'client_secret' => 'foo',
]); ]);
@ -232,8 +220,7 @@ class AbstractGrantTest extends TestCase
$abstractGrantReflection = new \ReflectionClass($grantMock); $abstractGrantReflection = new \ReflectionClass($grantMock);
$serverRequest = new ServerRequest(); $serverRequest = (new ServerRequest())->withParsedBody([
$serverRequest = $serverRequest->withParsedBody([
'client_id' => 'foo', 'client_id' => 'foo',
'redirect_uri' => 'http://bar/foo', 'redirect_uri' => 'http://bar/foo',
]); ]);
@ -259,8 +246,7 @@ class AbstractGrantTest extends TestCase
$abstractGrantReflection = new \ReflectionClass($grantMock); $abstractGrantReflection = new \ReflectionClass($grantMock);
$serverRequest = new ServerRequest(); $serverRequest = (new ServerRequest())->withParsedBody([
$serverRequest = $serverRequest->withParsedBody([
'client_id' => 'foo', 'client_id' => 'foo',
'redirect_uri' => 'http://bar/foo', 'redirect_uri' => 'http://bar/foo',
]); ]);
@ -284,8 +270,7 @@ class AbstractGrantTest extends TestCase
$abstractGrantReflection = new \ReflectionClass($grantMock); $abstractGrantReflection = new \ReflectionClass($grantMock);
$serverRequest = new ServerRequest(); $serverRequest = (new ServerRequest())->withParsedBody([
$serverRequest = $serverRequest->withParsedBody([
'client_id' => 'foo', 'client_id' => 'foo',
'client_secret' => 'bar', 'client_secret' => 'bar',
]); ]);
@ -303,8 +288,7 @@ class AbstractGrantTest extends TestCase
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class); $grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$grantMock->method('getIdentifier')->willReturn('foobar'); $grantMock->method('getIdentifier')->willReturn('foobar');
$serverRequest = new ServerRequest(); $serverRequest = (new ServerRequest())->withParsedBody([
$serverRequest = $serverRequest->withParsedBody([
'grant_type' => 'foobar', 'grant_type' => 'foobar',
]); ]);
@ -416,8 +400,7 @@ class AbstractGrantTest extends TestCase
$method = $abstractGrantReflection->getMethod('getCookieParameter'); $method = $abstractGrantReflection->getMethod('getCookieParameter');
$method->setAccessible(true); $method->setAccessible(true);
$serverRequest = new ServerRequest(); $serverRequest = (new ServerRequest())->withCookieParams([
$serverRequest = $serverRequest->withCookieParams([
'foo' => 'bar', 'foo' => 'bar',
]); ]);

7
tests/Grant/ClientCredentialsGrantTest.php
View File

@ -48,13 +48,10 @@ class ClientCredentialsGrantTest extends TestCase
$grant->setDefaultScope(self::DEFAULT_SCOPE); $grant->setDefaultScope(self::DEFAULT_SCOPE);
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); $grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
$serverRequest = new ServerRequest(); $serverRequest = (new ServerRequest())->withParsedBody([
$serverRequest = $serverRequest->withParsedBody(
[
'client_id' => 'foo', 'client_id' => 'foo',
'client_secret' => 'bar', 'client_secret' => 'bar',
] ]);
);
$responseType = new StubResponseType(); $responseType = new StubResponseType();
$grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M')); $grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M'));

14
tests/Grant/PasswordGrantTest.php
View File

@ -64,15 +64,12 @@ class PasswordGrantTest extends TestCase
$grant->setDefaultScope(self::DEFAULT_SCOPE); $grant->setDefaultScope(self::DEFAULT_SCOPE);
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); $grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
$serverRequest = new ServerRequest(); $serverRequest = (new ServerRequest())->withParsedBody([
$serverRequest = $serverRequest->withParsedBody(
[
'client_id' => 'foo', 'client_id' => 'foo',
'client_secret' => 'bar', 'client_secret' => 'bar',
'username' => 'foo', 'username' => 'foo',
'password' => 'bar', 'password' => 'bar',
] ]);
);
$responseType = new StubResponseType(); $responseType = new StubResponseType();
$grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M')); $grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M'));
@ -110,15 +107,12 @@ class PasswordGrantTest extends TestCase
$grant->setDefaultScope(self::DEFAULT_SCOPE); $grant->setDefaultScope(self::DEFAULT_SCOPE);
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); $grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
$serverRequest = new ServerRequest(); $serverRequest = (new ServerRequest())->withParsedBody([
$serverRequest = $serverRequest->withParsedBody(
[
'client_id' => 'foo', 'client_id' => 'foo',
'client_secret' => 'bar', 'client_secret' => 'bar',
'username' => 'foo', 'username' => 'foo',
'password' => 'bar', 'password' => 'bar',
] ]);
);
$responseType = new StubResponseType(); $responseType = new StubResponseType();
$grant->respondToAccessTokenRequest($serverRequest, $responseType, new \DateInterval('PT5M')); $grant->respondToAccessTokenRequest($serverRequest, $responseType, new \DateInterval('PT5M'));

13
tests/Grant/RefreshTokenGrantTest.php
View File

@ -80,8 +80,7 @@ class RefreshTokenGrantTest extends TestCase
) )
); );
$serverRequest = new ServerRequest(); $serverRequest = (new ServerRequest())->withParsedBody([
$serverRequest = $serverRequest->withParsedBody([
'client_id' => 'foo', 'client_id' => 'foo',
'client_secret' => 'bar', 'client_secret' => 'bar',
'refresh_token' => $oldRefreshToken, 'refresh_token' => $oldRefreshToken,
@ -137,8 +136,7 @@ class RefreshTokenGrantTest extends TestCase
) )
); );
$serverRequest = new ServerRequest(); $serverRequest = (new ServerRequest())->withParsedBody([
$serverRequest = $serverRequest->withParsedBody([
'client_id' => 'foo', 'client_id' => 'foo',
'client_secret' => 'bar', 'client_secret' => 'bar',
'refresh_token' => $oldRefreshToken, 'refresh_token' => $oldRefreshToken,
@ -192,15 +190,12 @@ class RefreshTokenGrantTest extends TestCase
) )
); );
$serverRequest = new ServerRequest(); $serverRequest = (new ServerRequest())->withParsedBody([
$serverRequest = $serverRequest->withParsedBody(
[
'client_id' => 'foo', 'client_id' => 'foo',
'client_secret' => 'bar', 'client_secret' => 'bar',
'refresh_token' => $oldRefreshToken, 'refresh_token' => $oldRefreshToken,
'scope' => 'foo', 'scope' => 'foo',
] ]);
);
$responseType = new StubResponseType(); $responseType = new StubResponseType();
$grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M')); $grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M'));

9
tests/Middleware/ResourceServerMiddlewareTest.php
View File

@ -35,8 +35,7 @@ class ResourceServerMiddlewareTest extends TestCase
$token = (string) $accessToken; $token = (string) $accessToken;
$request = new ServerRequest(); $request = (new ServerRequest())->withHeader('authorization', sprintf('Bearer %s', $token));
$request = $request->withHeader('authorization', sprintf('Bearer %s', $token));
$middleware = new ResourceServerMiddleware($server); $middleware = new ResourceServerMiddleware($server);
$response = $middleware->__invoke( $response = $middleware->__invoke(
@ -71,8 +70,7 @@ class ResourceServerMiddlewareTest extends TestCase
$token = (string) $accessToken; $token = (string) $accessToken;
$request = new ServerRequest(); $request = (new ServerRequest())->withHeader('authorization', sprintf('Bearer %s', $token));
$request = $request->withHeader('authorization', sprintf('Bearer %s', $token));
$middleware = new ResourceServerMiddleware($server); $middleware = new ResourceServerMiddleware($server);
$response = $middleware->__invoke( $response = $middleware->__invoke(
@ -95,8 +93,7 @@ class ResourceServerMiddlewareTest extends TestCase
'file://' . __DIR__ . '/../Stubs/public.key' 'file://' . __DIR__ . '/../Stubs/public.key'
); );
$request = new ServerRequest(); $request = (new ServerRequest())->withHeader('authorization', '');
$request = $request->withHeader('authorization', '');
$middleware = new ResourceServerMiddleware($server); $middleware = new ResourceServerMiddleware($server);
$response = $middleware->__invoke( $response = $middleware->__invoke(

15
tests/ResponseTypes/BearerResponseTypeTest.php
View File

@ -142,8 +142,7 @@ class BearerResponseTypeTest extends TestCase
$authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock); $authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock);
$authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key')); $authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
$request = new ServerRequest(); $request = (new ServerRequest())->withHeader('authorization', sprintf('Bearer %s', $json->access_token));
$request = $request->withHeader('authorization', sprintf('Bearer %s', $json->access_token));
$request = $authorizationValidator->validateAuthorization($request); $request = $authorizationValidator->validateAuthorization($request);
@ -185,8 +184,7 @@ class BearerResponseTypeTest extends TestCase
$authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock); $authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock);
$authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key')); $authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
$request = new ServerRequest(); $request = (new ServerRequest())->withHeader('authorization', sprintf('Bearer %s', $json->access_token . 'foo'));
$request = $request->withHeader('authorization', sprintf('Bearer %s', $json->access_token . 'foo'));
try { try {
$authorizationValidator->validateAuthorization($request); $authorizationValidator->validateAuthorization($request);
@ -231,8 +229,7 @@ class BearerResponseTypeTest extends TestCase
$authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock); $authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock);
$authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key')); $authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
$request = new ServerRequest(); $request = (new ServerRequest())->withHeader('authorization', sprintf('Bearer %s', $json->access_token));
$request = $request->withHeader('authorization', sprintf('Bearer %s', $json->access_token));
try { try {
$authorizationValidator->validateAuthorization($request); $authorizationValidator->validateAuthorization($request);
@ -255,8 +252,7 @@ class BearerResponseTypeTest extends TestCase
$authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock); $authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock);
$authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key')); $authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
$request = new ServerRequest(); $request = (new ServerRequest())->withHeader('authorization', 'Bearer blah');
$request = $request->withHeader('authorization', 'Bearer blah');
try { try {
$authorizationValidator->validateAuthorization($request); $authorizationValidator->validateAuthorization($request);
@ -279,8 +275,7 @@ class BearerResponseTypeTest extends TestCase
$authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock); $authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock);
$authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key')); $authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
$request = new ServerRequest(); $request = (new ServerRequest())->withHeader('authorization', 'Bearer blah.blah.blah');
$request = $request->withHeader('authorization', 'Bearer blah.blah.blah');
try { try {
$authorizationValidator->validateAuthorization($request); $authorizationValidator->validateAuthorization($request);