From 64d4c4a38ac8de2dd3d5b8d7c1a64c21907e0abe Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Fri, 12 Feb 2016 15:44:34 +0000 Subject: [PATCH 01/13] Removed old tests --- tests/unit/AbstractServerTest.php | 26 - tests/unit/AuthorizationServerTest.php | 82 --- tests/unit/Entity/AbstractTokenEntityTest.php | 116 --- tests/unit/Entity/AccessTokenEntityTest.php | 59 -- tests/unit/Entity/AuthCodeEntityTest.php | 73 -- tests/unit/Entity/ClientEntityTest.php | 25 - tests/unit/Entity/RefreshTokenEntityTest.php | 94 --- tests/unit/Entity/ScopeEntityTest.php | 23 - tests/unit/Entity/SessionEntityTest.php | 154 ---- tests/unit/Exception/OAuthExceptionTest.php | 34 - tests/unit/Grant/AbstractGrantTest.php | 160 ---- tests/unit/Grant/AuthCodeGrantTest.php | 696 ------------------ .../unit/Grant/ClientCredentialsGrantTest.php | 251 ------- tests/unit/Grant/PasswordGrantTest.php | 479 ------------ tests/unit/Grant/RefreshTokenGrantTest.php | 501 ------------- tests/unit/ResourceServerTest.php | 226 ------ tests/unit/Storage/AbstractStorageTest.php | 23 - tests/unit/Stubs/StubAbstractGrant.php | 18 - tests/unit/Stubs/StubAbstractServer.php | 8 - tests/unit/Stubs/StubAbstractStorage.php | 8 - tests/unit/Stubs/StubAbstractTokenEntity.php | 18 - tests/unit/TokenType/MacTest.php | 165 ----- tests/unit/util/RedirectUriTest.php | 19 - tests/unit/util/SecureKeyTest.php | 35 - 24 files changed, 3293 deletions(-) delete mode 100644 tests/unit/AbstractServerTest.php delete mode 100644 tests/unit/AuthorizationServerTest.php delete mode 100644 tests/unit/Entity/AbstractTokenEntityTest.php delete mode 100644 tests/unit/Entity/AccessTokenEntityTest.php delete mode 100644 tests/unit/Entity/AuthCodeEntityTest.php delete mode 100644 tests/unit/Entity/ClientEntityTest.php delete mode 100644 tests/unit/Entity/RefreshTokenEntityTest.php delete mode 100644 tests/unit/Entity/ScopeEntityTest.php delete mode 100644 tests/unit/Entity/SessionEntityTest.php delete mode 100644 tests/unit/Exception/OAuthExceptionTest.php delete mode 100644 tests/unit/Grant/AbstractGrantTest.php delete mode 100644 tests/unit/Grant/AuthCodeGrantTest.php delete mode 100644 tests/unit/Grant/ClientCredentialsGrantTest.php delete mode 100644 tests/unit/Grant/PasswordGrantTest.php delete mode 100644 tests/unit/Grant/RefreshTokenGrantTest.php delete mode 100644 tests/unit/ResourceServerTest.php delete mode 100644 tests/unit/Storage/AbstractStorageTest.php delete mode 100644 tests/unit/Stubs/StubAbstractGrant.php delete mode 100644 tests/unit/Stubs/StubAbstractServer.php delete mode 100644 tests/unit/Stubs/StubAbstractStorage.php delete mode 100644 tests/unit/Stubs/StubAbstractTokenEntity.php delete mode 100644 tests/unit/TokenType/MacTest.php delete mode 100644 tests/unit/util/RedirectUriTest.php delete mode 100644 tests/unit/util/SecureKeyTest.php diff --git a/tests/unit/AbstractServerTest.php b/tests/unit/AbstractServerTest.php deleted file mode 100644 index 074f363c..00000000 --- a/tests/unit/AbstractServerTest.php +++ /dev/null @@ -1,26 +0,0 @@ -addEventListener('event.name', function () use ($var) { - $var++; - $this->assertSame(1, $var); - }); - $server->getEventEmitter()->emit('event.name'); - $this->assertTrue($server->getRequest() instanceof \Symfony\Component\HttpFoundation\Request); - $this->assertTrue($server->getEventEmitter() instanceof \League\Event\Emitter); - - $server2 = new StubAbstractServer(); - $server2->setRequest((new \Symfony\Component\HttpFoundation\Request())); - $server2->setEventEmitter(1); - $this->assertTrue($server2->getRequest() instanceof \Symfony\Component\HttpFoundation\Request); - } -} diff --git a/tests/unit/AuthorizationServerTest.php b/tests/unit/AuthorizationServerTest.php deleted file mode 100644 index 10a21686..00000000 --- a/tests/unit/AuthorizationServerTest.php +++ /dev/null @@ -1,82 +0,0 @@ -requireScopeParam(true); - $server->requireStateParam(true); - $server->setDefaultScope('foobar'); - $server->setScopeDelimiter(','); - $server->setAccessTokenTTL(1); - - $grant = M::mock('League\OAuth2\Server\Grant\GrantTypeInterface'); - $grant->shouldReceive('getIdentifier')->andReturn('foobar'); - $grant->shouldReceive('getResponseType')->andReturn('foobar'); - $grant->shouldReceive('setAuthorizationServer'); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - - $server->addGrantType($grant); - $server->setScopeStorage($scopeStorage); - - $this->assertTrue($server->hasGrantType('foobar')); - $this->assertTrue($server->getGrantType('foobar') instanceof GrantTypeInterface); - $this->assertSame($server->getResponseTypes(), ['foobar']); - $this->assertTrue($server->scopeParamRequired()); - $this->assertTrue($server->stateParamRequired()); - $this->assertTrue($server->getScopeStorage() instanceof ScopeInterface); - $this->assertEquals('foobar', $server->getDefaultScope()); - $this->assertEquals(',', $server->getScopeDelimiter()); - $this->assertEquals(1, $server->getAccessTokenTTL()); - } - - public function testInvalidGrantType() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidGrantException'); - $server = new AuthorizationServer(); - $server->getGrantType('foobar'); - } - - public function testIssueAccessToken() - { - $grant = M::mock('League\OAuth2\Server\Grant\GrantTypeInterface'); - $grant->shouldReceive('getIdentifier')->andReturn('foobar'); - $grant->shouldReceive('getResponseType')->andReturn('foobar'); - $grant->shouldReceive('setAuthorizationServer'); - $grant->shouldReceive('completeFlow')->andReturn(true); - - $_POST['grant_type'] = 'foobar'; - - $server = new AuthorizationServer(); - $server->addGrantType($grant); - - $this->assertTrue($server->issueAccessToken()); - } - - public function testIssueAccessTokenEmptyGrantType() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidRequestException'); - $server = new AuthorizationServer(); - $this->assertTrue($server->issueAccessToken()); - } - - public function testIssueAccessTokenInvalidGrantType() - { - $this->setExpectedException('League\OAuth2\Server\Exception\UnsupportedGrantTypeException'); - - $_POST['grant_type'] = 'foobar'; - - $server = new AuthorizationServer(); - $this->assertTrue($server->issueAccessToken()); - } -} diff --git a/tests/unit/Entity/AbstractTokenEntityTest.php b/tests/unit/Entity/AbstractTokenEntityTest.php deleted file mode 100644 index 24428085..00000000 --- a/tests/unit/Entity/AbstractTokenEntityTest.php +++ /dev/null @@ -1,116 +0,0 @@ -setId('foobar'); - $entity->setExpireTime($time); - $entity->setSession((new SessionEntity($server))); - $entity->associateScope((new ScopeEntity($server))->hydrate(['id' => 'foo'])); - - $this->assertEquals('foobar', $entity->getId()); - $this->assertEquals($time, $entity->getExpireTime()); - // $this->assertTrue($entity->getSession() instanceof SessionEntity); - // $this->assertTrue($entity->hasScope('foo')); - - // $result = $entity->getScopes(); - // $this->assertTrue(isset($result['foo'])); - } - - /*public function testGetSession() - { - $server = M::mock('League\OAuth2\Server\AuthorizationServer'); - $server->shouldReceive('setSessionStorage'); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('getByAccessToken')->andReturn( - (new SessionEntity($server)) - ); - $sessionStorage->shouldReceive('setServer'); - - $server->shouldReceive('getStorage')->andReturn($sessionStorage); - - $server->setSessionStorage($sessionStorage); - - $entity = new StubAbstractTokenEntity($server); - $this->assertTrue($entity->getSession() instanceof SessionEntity); - }*/ - - /*public function testGetScopes() - { - $server = M::mock('League\OAuth2\Server\AuthorizationServer'); - $server->shouldReceive('setAccessTokenStorage'); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('getScopes')->andReturn( - [] - ); - $accessTokenStorage->shouldReceive('setServer'); - - $server->setAccessTokenStorage($accessTokenStorage); - - $entity = new StubAbstractTokenEntity($server); - $this->assertEquals($entity->getScopes(), []); - }*/ - - /*public function testHasScopes() - { - $server = M::mock('League\OAuth2\Server\AuthorizationServer'); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('getScopes')->andReturn( - [] - ); - $accessTokenStorage''>shouldReceive('setServer'); - - $server->setAccessTokenStorage($accessTokenStorage); - - $entity = new StubAbstractTokenEntity($server); - $this->assertFalse($entity->hasScope('foo')); - }*/ - - public function testFormatScopes() - { - $server = M::mock('League\OAuth2\Server\AbstractServer'); - - $entity = new StubAbstractTokenEntity($server); - $reflectedEntity = new \ReflectionClass('LeagueTests\Stubs\StubAbstractTokenEntity'); - $method = $reflectedEntity->getMethod('formatScopes'); - $method->setAccessible(true); - - $scopes = [ - (new ScopeEntity($server))->hydrate(['id' => 'scope1', 'description' => 'foo']), - (new ScopeEntity($server))->hydrate(['id' => 'scope2', 'description' => 'bar']), - ]; - - $result = $method->invokeArgs($entity, [$scopes]); - - $this->assertTrue(isset($result['scope1'])); - $this->assertTrue(isset($result['scope2'])); - $this->assertTrue($result['scope1'] instanceof ScopeEntity); - $this->assertTrue($result['scope2'] instanceof ScopeEntity); - } - - public function test__toString() - { - $server = M::mock('League\OAuth2\Server\AbstractServer'); - - $entity = new StubAbstractTokenEntity($server); - $this->assertEquals('', (string) $entity); - $entity->setId('foobar'); - $this->assertEquals('foobar', (string) $entity); - } -} diff --git a/tests/unit/Entity/AccessTokenEntityTest.php b/tests/unit/Entity/AccessTokenEntityTest.php deleted file mode 100644 index 6f2a617e..00000000 --- a/tests/unit/Entity/AccessTokenEntityTest.php +++ /dev/null @@ -1,59 +0,0 @@ -shouldReceive('setAccessTokenStorage'); - $server->shouldReceive('setSessionStorage'); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('create'); - $accessTokenStorage->shouldReceive('associateScope'); - $accessTokenStorage->shouldReceive('setServer'); - $accessTokenStorage->shouldReceive('getScopes')->andReturn([ - (new ScopeEntity($server))->hydrate(['id' => 'foo']), - ]); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('getByAccessToken')->andReturn( - (new SessionEntity($server)) - ); - $sessionStorage->shouldReceive('setServer'); - - $server->shouldReceive('getSessionStorage')->andReturn($sessionStorage); - $server->shouldReceive('getAccessTokenStorage')->andReturn($accessTokenStorage); - - $server->setAccessTokenStorage($accessTokenStorage); - $server->setSessionStorage($sessionStorage); - - $entity = new AccessTokenEntity($server); - $this->assertTrue($entity->save() instanceof AccessTokenEntity); - } - - public function testExpire() - { - $server = M::mock('League\OAuth2\Server\AbstractServer'); - - $server->shouldReceive('setAccessTokenStorage'); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('delete'); - $accessTokenStorage->shouldReceive('setServer'); - - $server->shouldReceive('getAccessTokenStorage')->andReturn($accessTokenStorage); - - $server->setAccessTokenStorage($accessTokenStorage); - - $entity = new AccessTokenEntity($server); - $this->assertSame($entity->expire(), null); - } -} diff --git a/tests/unit/Entity/AuthCodeEntityTest.php b/tests/unit/Entity/AuthCodeEntityTest.php deleted file mode 100644 index 5b7fc089..00000000 --- a/tests/unit/Entity/AuthCodeEntityTest.php +++ /dev/null @@ -1,73 +0,0 @@ -setRedirectUri('http://foo/bar'); - $code->setId('foobar'); - $code->setSession($session); - - $this->assertEquals('http://foo/bar', $code->getRedirectUri()); - $this->assertEquals('http://foo/bar?code=foobar', $code->generateRedirectUri()); - $this->assertTrue($code->getSession() instanceof \League\OAuth2\Server\Entity\SessionEntity); - } - - public function testSave() - { - $server = M::mock('League\OAuth2\Server\AbstractServer'); - $server->shouldReceive('setAuthCodeStorage'); - $server->shouldReceive('setSessionStorage'); - - $authCodeStorage = M::mock('League\OAuth2\Server\Storage\AuthCodeInterface'); - $authCodeStorage->shouldReceive('create'); - $authCodeStorage->shouldReceive('associateScope'); - $authCodeStorage->shouldReceive('setServer'); - $authCodeStorage->shouldReceive('getScopes')->andReturn([ - (new ScopeEntity($server))->hydrate(['id' => 'foo']), - ]); - - $server->shouldReceive('getAuthCodeStorage')->andReturn($authCodeStorage); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('getByAuthCode')->andReturn( - (new SessionEntity($server)) - ); - $sessionStorage->shouldReceive('setServer'); - - $server->shouldReceive('getSessionStorage')->andReturn($sessionStorage); - - $server->setAuthCodeStorage($authCodeStorage); - $server->setSessionStorage($sessionStorage); - - $entity = new AuthCodeEntity($server); - $this->assertTrue($entity->save() instanceof AuthCodeEntity); - } - - public function testExpire() - { - $server = new AuthorizationServer(); - - $authCodeStorage = M::mock('League\OAuth2\Server\Storage\AuthCodeInterface'); - $authCodeStorage->shouldReceive('delete'); - $authCodeStorage->shouldReceive('setServer'); - - $server->setAuthCodeStorage($authCodeStorage); - - $entity = new AuthCodeEntity($server); - $this->assertSame($entity->expire(), null); - } -} diff --git a/tests/unit/Entity/ClientEntityTest.php b/tests/unit/Entity/ClientEntityTest.php deleted file mode 100644 index 9bb13c7d..00000000 --- a/tests/unit/Entity/ClientEntityTest.php +++ /dev/null @@ -1,25 +0,0 @@ -hydrate([ - 'id' => 'foobar', - 'secret' => 'barfoo', - 'name' => 'Test Client', - 'redirectUri' => 'http://foo/bar', - ]); - - $this->assertEquals('foobar', $client->getId()); - $this->assertEquals('barfoo', $client->getSecret()); - $this->assertEquals('Test Client', $client->getName()); - $this->assertEquals('http://foo/bar', $client->getRedirectUri()); - } -} diff --git a/tests/unit/Entity/RefreshTokenEntityTest.php b/tests/unit/Entity/RefreshTokenEntityTest.php deleted file mode 100644 index f2b05cf7..00000000 --- a/tests/unit/Entity/RefreshTokenEntityTest.php +++ /dev/null @@ -1,94 +0,0 @@ -setAccessTokenId('foobar'); - - $reflector = new \ReflectionClass($entity); - $accessTokenProperty = $reflector->getProperty('accessTokenId'); - $accessTokenProperty->setAccessible(true); - - $this->assertSame($accessTokenProperty->getValue($entity), 'foobar'); - } - - public function testSetAccessToken() - { - $server = M::mock('League\OAuth2\Server\AbstractServer'); - $entity = new RefreshTokenEntity($server); - $entity->setAccessToken((new AccessTokenEntity($server))); - - $reflector = new \ReflectionClass($entity); - $accessTokenProperty = $reflector->getProperty('accessTokenEntity'); - $accessTokenProperty->setAccessible(true); - - $this->assertTrue($accessTokenProperty->getValue($entity) instanceof AccessTokenEntity); - } - - public function testSave() - { - $server = M::mock('League\OAuth2\Server\AbstractServer'); - $server->shouldReceive('setAccessTokenStorage'); - $server->shouldReceive('setRefreshTokenStorage'); - - $refreshTokenStorage = M::mock('League\OAuth2\Server\Storage\RefreshTokenInterface'); - $refreshTokenStorage->shouldReceive('create'); - $refreshTokenStorage->shouldReceive('setServer'); - $refreshTokenStorage->shouldReceive('associateScope'); - - $server->shouldReceive('getRefreshTokenStorage')->andReturn($refreshTokenStorage); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - $accessTokenStorage->shouldReceive('get')->andReturn( - (new AccessTokenEntity($server))->setId('foobar') - ); - $accessTokenStorage->shouldReceive('getScopes')->andReturn([ - (new ScopeEntity($server))->hydrate(['id' => 'foo']), - ]); - - $server->shouldReceive('getAccessTokenStorage')->andReturn($accessTokenStorage); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('getByAccessToken')->andReturn( - (new SessionEntity($server)) - ); - $sessionStorage->shouldReceive('setServer'); - - $server->shouldReceive('getSessionStorage')->andReturn($sessionStorage); - - $server->setAccessTokenStorage($accessTokenStorage); - $server->setRefreshTokenStorage($refreshTokenStorage); - - $entity = new RefreshTokenEntity($server); - $this->assertSame(null, $entity->save()); - } - - public function testExpire() - { - $server = M::mock('League\OAuth2\Server\AbstractServer'); - $server->shouldReceive('setRefreshTokenStorage'); - - $refreshTokenStorage = M::mock('League\OAuth2\Server\Storage\RefreshTokenInterface'); - $refreshTokenStorage->shouldReceive('delete'); - $refreshTokenStorage->shouldReceive('setServer'); - - $server->shouldReceive('getRefreshTokenStorage')->andReturn($refreshTokenStorage); - - $server->setRefreshTokenStorage($refreshTokenStorage); - - $entity = new RefreshTokenEntity($server); - $this->assertSame($entity->expire(), null); - } -} diff --git a/tests/unit/Entity/ScopeEntityTest.php b/tests/unit/Entity/ScopeEntityTest.php deleted file mode 100644 index 3fec4fe1..00000000 --- a/tests/unit/Entity/ScopeEntityTest.php +++ /dev/null @@ -1,23 +0,0 @@ -hydrate([ - 'id' => 'foobar', - 'description' => 'barfoo', - ]); - - $this->assertEquals('foobar', $scope->getId()); - $this->assertEquals('barfoo', $scope->getDescription()); - - $this->assertTrue(is_array($scope->jsonSerialize())); - } -} diff --git a/tests/unit/Entity/SessionEntityTest.php b/tests/unit/Entity/SessionEntityTest.php deleted file mode 100644 index 5ca26a75..00000000 --- a/tests/unit/Entity/SessionEntityTest.php +++ /dev/null @@ -1,154 +0,0 @@ -shouldReceive('emit'); - $server = M::mock('League\OAuth2\Server\AbstractServer'); - $server->shouldReceive('setEventEmitter'); - $server->shouldReceive('getEventEmitter')->andReturn($emitter); - $server->setEventEmitter($emitter); - - $entity = new SessionEntity($server); - $entity->setId('foobar'); - $entity->setOwner('user', 123); - $entity->associateAccessToken((new AccessTokenEntity($server))); - $entity->associateRefreshToken((new RefreshTokenEntity($server))); - $entity->associateClient((new ClientEntity($server))); - $entity->associateScope( - (new ScopeEntity($server))->hydrate(['id' => 'foo']) - ); - // $entity->associateAuthCode((new AuthCode($server))); - - $this->assertEquals('foobar', $entity->getId()); - $this->assertEquals('user', $entity->getOwnerType()); - $this->assertEquals(123, $entity->getOwnerId()); - $this->assertTrue($entity->getClient() instanceof ClientEntity); - $this->assertTrue($entity->hasScope('foo')); - - $reflector = new \ReflectionClass($entity); - $accessTokenProperty = $reflector->getProperty('accessToken'); - $accessTokenProperty->setAccessible(true); - $refreshTokenProperty = $reflector->getProperty('refreshToken'); - $refreshTokenProperty->setAccessible(true); - - $this->assertTrue($accessTokenProperty->getValue($entity) instanceof AccessTokenEntity); - $this->assertTrue($refreshTokenProperty->getValue($entity) instanceof RefreshTokenEntity); - // $this->assertTrue($reader($entity, 'authCode') instanceof AuthCode); - } - - public function testFormatScopes() - { - $server = M::mock('League\OAuth2\Server\AbstractServer'); - - $entity = new SessionEntity($server); - $reflectedEntity = new \ReflectionClass('League\OAuth2\Server\Entity\SessionEntity'); - $method = $reflectedEntity->getMethod('formatScopes'); - $method->setAccessible(true); - - $scopes = [ - (new ScopeEntity($server))->hydrate(['id' => 'scope1']), - (new ScopeEntity($server))->hydrate(['id' => 'scope2']), - ]; - - $result = $method->invokeArgs($entity, [$scopes]); - - $this->assertTrue(isset($result['scope1'])); - $this->assertTrue(isset($result['scope2'])); - $this->assertTrue($result['scope1'] instanceof ScopeEntity); - $this->assertTrue($result['scope2'] instanceof ScopeEntity); - } - - public function testGetScopes() - { - $server = M::mock('League\OAuth2\Server\AuthorizationServer'); - $server->shouldReceive('setAccessTokenStorage'); - $server->shouldReceive('setSessionStorage'); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - $server->setAccessTokenStorage($accessTokenStorage); - - $server->shouldReceive('getAccessTokenStorage')->andReturn($accessTokenStorage); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('getScopes')->andReturn( - [] - ); - $sessionStorage->shouldReceive('setServer'); - $server->setSessionStorage($sessionStorage); - - $server->shouldReceive('getSessionStorage')->andReturn($sessionStorage); - - $entity = new SessionEntity($server); - $this->assertEquals($entity->getScopes(), []); - } - - public function testHasScopes() - { - $server = M::mock('League\OAuth2\Server\AuthorizationServer'); - $server->shouldReceive('setAccessTokenStorage'); - $server->shouldReceive('setSessionStorage'); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - $server->setAccessTokenStorage($accessTokenStorage); - - $server->shouldReceive('getAccessTokenStorage')->andReturn($accessTokenStorage); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('getScopes')->andReturn( - [] - ); - $sessionStorage->shouldReceive('setServer'); - $server->setSessionStorage($sessionStorage); - - $server->shouldReceive('getSessionStorage')->andReturn($sessionStorage); - - $entity = new SessionEntity($server); - $this->assertFalse($entity->hasScope('foo')); - } - - public function testSave() - { - $server = M::mock('League\OAuth2\Server\AuthorizationServer'); - $server->shouldReceive('setSessionStorage'); - $server->shouldReceive('setClientStorage'); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('create'); - $sessionStorage->shouldReceive('associateScope'); - $sessionStorage->shouldReceive('setServer'); - $sessionStorage->shouldReceive('getScopes')->andReturn([ - (new ScopeEntity($server))->hydrate(['id' => 'foo']), - ]); - - $server->shouldReceive('getSessionStorage')->andReturn($sessionStorage); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('getBySession')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'foo']) - ); - $clientStorage->shouldReceive('setServer'); - - $server->shouldReceive('getClientStorage')->andReturn($clientStorage); - - $server->setSessionStorage($sessionStorage); - $server->setClientStorage($clientStorage); - - $entity = new SessionEntity($server); - $this->assertEquals(null, $entity->save()); - } -} diff --git a/tests/unit/Exception/OAuthExceptionTest.php b/tests/unit/Exception/OAuthExceptionTest.php deleted file mode 100644 index 273ed374..00000000 --- a/tests/unit/Exception/OAuthExceptionTest.php +++ /dev/null @@ -1,34 +0,0 @@ -httpStatusCode = 400; - $this->assertSame($exception->getHttpHeaders(), ['HTTP/1.1 400 Bad Request']); - - $exception->httpStatusCode = 401; - $this->assertSame($exception->getHttpHeaders(), ['HTTP/1.1 401 Unauthorized']); - - $exception->httpStatusCode = 500; - $this->assertSame($exception->getHttpHeaders(), ['HTTP/1.1 500 Internal Server Error']); - - $exception->httpStatusCode = 501; - $this->assertSame($exception->getHttpHeaders(), ['HTTP/1.1 501 Not Implemented']); - } - - public function testShouldRedirect() - { - $exception = new OAuthException(); - $exception->redirectUri = 'http://example.com/'; - $exception->errorType = 'Error'; - $this->assertTrue($exception->shouldRedirect()); - $this->assertEquals('http://example.com/?error=Error&message=An+error+occured', $exception->getRedirectUri()); - } -} diff --git a/tests/unit/Grant/AbstractGrantTest.php b/tests/unit/Grant/AbstractGrantTest.php deleted file mode 100644 index 8a57b61b..00000000 --- a/tests/unit/Grant/AbstractGrantTest.php +++ /dev/null @@ -1,160 +0,0 @@ -setIdentifier('foobar'); - $grant->setAccessTokenTTL(300); - $grant->setAuthorizationServer($server); - - $this->assertEquals('foobar', $grant->getIdentifier()); - $this->assertEquals('foobar', $grant->getResponseType()); - $this->assertEquals(300, $grant->getAccessTokenTTL()); - $this->assertTrue($grant->getAuthorizationServer() instanceof AuthorizationServer); - } - - public function testFormatScopes() - { - $server = M::mock('League\OAuth2\Server\AbstractServer'); - - $grant = new StubAbstractGrant(); - $reflectedGrant = new \ReflectionClass('LeagueTests\Stubs\StubAbstractGrant'); - $method = $reflectedGrant->getMethod('formatScopes'); - $method->setAccessible(true); - - $scopes = [ - (new ScopeEntity($server))->hydrate(['id' => 'scope1', 'description' => 'foo']), - (new ScopeEntity($server))->hydrate(['id' => 'scope2', 'description' => 'bar']), - ]; - - $result = $method->invokeArgs($grant, [$scopes]); - - $this->assertTrue(isset($result['scope1'])); - $this->assertTrue(isset($result['scope2'])); - $this->assertTrue($result['scope1'] instanceof ScopeEntity); - $this->assertTrue($result['scope2'] instanceof ScopeEntity); - } - - public function testValidateScopes() - { - $server = new AuthorizationServer(); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - $scopeStorage->shouldReceive('get')->andReturn( - (new ScopeEntity($server))->hydrate(['id' => 'foo']) - ); - - $server->setScopeStorage($scopeStorage); - - $grant = new StubAbstractGrant(); - $grant->setAuthorizationServer($server); - - $client = (new ClientEntity($server))->hydrate(['id' => 'testapp']); - - $this->assertEquals( - [ - 'foo' => (new ScopeEntity($server))->hydrate(['id' => 'foo']), - ], - $grant->validateScopes('foo', $client) - ); - } - - public function testValidateScopesMissingScope() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidRequestException'); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - - $server = new AuthorizationServer(); - $server->requireScopeParam(true); - $server->setScopeStorage($scopeStorage); - - $grant = new StubAbstractGrant(); - $grant->setAuthorizationServer($server); - - $client = (new ClientEntity($server))->hydrate(['id' => 'testapp']); - - $grant->validateScopes(null, $client); - } - - public function testValidateScopesInvalidScope() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidScopeException'); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - $scopeStorage->shouldReceive('get')->andReturn(null); - - $server = new AuthorizationServer(); - $server->setScopeStorage($scopeStorage); - - $grant = new StubAbstractGrant(); - $grant->setAuthorizationServer($server); - - $client = (new ClientEntity($server))->hydrate(['id' => 'testapp']); - - $grant->validateScopes('blah', $client); - } - - public function testValidateScopesDefaultScope() - { - $server = new AuthorizationServer(); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - $scopeStorage->shouldReceive('get')->andReturn( - (new ScopeEntity($server))->hydrate(['id' => 'foo']) - ); - $server->setScopeStorage($scopeStorage); - - $server->requireScopeParam(true); - $server->setScopeStorage($scopeStorage); - $server->setDefaultScope('foo'); - - $grant = new StubAbstractGrant(); - $grant->setAuthorizationServer($server); - - $client = (new ClientEntity($server))->hydrate(['id' => 'testapp']); - - $grant->validateScopes(null, $client); - } - - public function testValidateScopesDefaultScopeArray() - { - $server = new AuthorizationServer(); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - $scopeStorage->shouldReceive('get')->andReturn( - (new ScopeEntity($server))->hydrate(['id' => 'foo']) - ); - $server->setScopeStorage($scopeStorage); - - $server->requireScopeParam(true); - $server->setScopeStorage($scopeStorage); - $server->setDefaultScope(['foo', 'bar']); - - $grant = new StubAbstractGrant(); - $grant->setAuthorizationServer($server); - - $client = (new ClientEntity($server))->hydrate(['id' => 'testapp']); - - $grant->validateScopes(null, $client); - } -} diff --git a/tests/unit/Grant/AuthCodeGrantTest.php b/tests/unit/Grant/AuthCodeGrantTest.php deleted file mode 100644 index 72a564d4..00000000 --- a/tests/unit/Grant/AuthCodeGrantTest.php +++ /dev/null @@ -1,696 +0,0 @@ -setAuthTokenTTL(100); - - $class = new \ReflectionClass($grant); - $property = $class->getProperty('authTokenTTL'); - $property->setAccessible(true); - $this->assertEquals(100, $property->getValue($grant)); - } - - public function testCheckAuthoriseParamsMissingClientId() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidRequestException'); - - $_GET = []; - $server = new AuthorizationServer(); - - $grant = new AuthCodeGrant(); - - $server->addGrantType($grant); - $grant->checkAuthorizeParams(); - } - - public function testCheckAuthoriseParamsMissingRedirectUri() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidRequestException'); - - $server = new AuthorizationServer(); - $_GET = [ - 'client_id' => 'testapp', - ]; - - $grant = new AuthCodeGrant(); - - $server->addGrantType($grant); - $grant->checkAuthorizeParams(); - } - - public function testCheckAuthoriseParamsInvalidClient() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidClientException'); - - $_GET = [ - 'client_id' => 'testapp', - 'redirect_uri' => 'http://foo/bar', - 'response_type' => 'code', - ]; - $server = new AuthorizationServer(); - - $grant = new AuthCodeGrant(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn(null); - - $server->setClientStorage($clientStorage); - - $server->addGrantType($grant); - $grant->checkAuthorizeParams(); - } - - public function testCheckAuthoriseParamsMissingStateParam() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidRequestException'); - - $_GET = [ - 'client_id' => 'testapp', - 'redirect_uri' => 'http://foo/bar', - ]; - $server = new AuthorizationServer(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - $server->setClientStorage($clientStorage); - - $grant = new AuthCodeGrant(); - $server->requireStateParam(true); - - $server->addGrantType($grant); - $grant->checkAuthorizeParams(); - } - - public function testCheckAuthoriseParamsMissingResponseType() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidRequestException'); - - $_GET = [ - 'client_id' => 'testapp', - 'redirect_uri' => 'http://foo/bar', - ]; - $server = new AuthorizationServer(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - $server->setClientStorage($clientStorage); - - $grant = new AuthCodeGrant(); - - $server->addGrantType($grant); - $grant->checkAuthorizeParams(); - } - - public function testCheckAuthoriseParamsInvalidResponseType() - { - $this->setExpectedException('League\OAuth2\Server\Exception\UnsupportedResponseTypeException'); - - $_GET = [ - 'client_id' => 'testapp', - 'redirect_uri' => 'http://foo/bar', - 'response_type' => 'foobar', - ]; - $server = new AuthorizationServer(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - $server->setClientStorage($clientStorage); - - $grant = new AuthCodeGrant(); - - $server->addGrantType($grant); - $grant->checkAuthorizeParams(); - } - - public function testCheckAuthoriseParamsInvalidScope() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidScopeException'); - - $_GET = [ - 'response_type' => 'code', - 'client_id' => 'testapp', - 'redirect_uri' => 'http://foo/bar', - 'scope' => 'foo', - ]; - - $server = new AuthorizationServer(); - $grant = new AuthCodeGrant(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - $sessionStorage->shouldReceive('create'); - $sessionStorage->shouldReceive('getScopes')->andReturn([]); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - $accessTokenStorage->shouldReceive('create'); - $accessTokenStorage->shouldReceive('getScopes')->andReturn([]); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - $scopeStorage->shouldReceive('get')->andReturn(null); - - $server->setClientStorage($clientStorage); - $server->setScopeStorage($scopeStorage); - $server->setSessionStorage($sessionStorage); - $server->setAccessTokenStorage($accessTokenStorage); - - $server->addGrantType($grant); - $grant->checkAuthorizeParams(); - } - - public function testCheckAuthoriseParams() - { - $_GET = [ - 'response_type' => 'code', - 'client_id' => 'testapp', - 'redirect_uri' => 'http://foo/bar', - 'scope' => 'foo', - ]; - - $server = new AuthorizationServer(); - $grant = new AuthCodeGrant(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - $sessionStorage->shouldReceive('create')->andreturn(123); - $sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([ - (new ScopeEntity($server))->hydrate(['id' => 'foo']), - ]); - $sessionStorage->shouldReceive('associateScope'); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - $accessTokenStorage->shouldReceive('create'); - $accessTokenStorage->shouldReceive('getScopes')->andReturn([ - (new ScopeEntity($server))->hydrate(['id' => 'foo']), - ]); - $accessTokenStorage->shouldReceive('associateScope'); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - $scopeStorage->shouldReceive('get')->andReturn( - (new ScopeEntity($server))->hydrate(['id' => 'foo']) - ); - - $server->setClientStorage($clientStorage); - $server->setScopeStorage($scopeStorage); - $server->setSessionStorage($sessionStorage); - $server->setAccessTokenStorage($accessTokenStorage); - - $server->addGrantType($grant); - - $result = $grant->checkAuthorizeParams(); - - $this->assertTrue($result['client'] instanceof ClientEntity); - $this->assertTrue($result['redirect_uri'] === $_GET['redirect_uri']); - $this->assertTrue($result['state'] === null); - $this->assertTrue($result['response_type'] === 'code'); - $this->assertTrue($result['scopes']['foo'] instanceof ScopeEntity); - } - - public function testNewAuthoriseRequest() - { - $server = new AuthorizationServer(); - $client = (new ClientEntity($server))->hydrate(['id' => 'testapp']); - $scope = (new ScopeEntity($server))->hydrate(['id' => 'foo']); - - $grant = new AuthCodeGrant(); - $server->addGrantType($grant); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - $sessionStorage->shouldReceive('create')->andreturn(123); - $sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([$scope]); - $sessionStorage->shouldReceive('associateScope'); - $server->setSessionStorage($sessionStorage); - - $authCodeStorage = M::mock('League\OAuth2\Server\Storage\AuthCodeInterface'); - $authCodeStorage->shouldReceive('setServer'); - $authCodeStorage->shouldReceive('get'); - $authCodeStorage->shouldReceive('create'); - $authCodeStorage->shouldReceive('associateScope'); - $server->setAuthCodeStorage($authCodeStorage); - - $grant->newAuthorizeRequest('user', 123, [ - 'client' => $client, - 'redirect_uri' => 'http://foo/bar', - 'scopes' => [$scope], - 'state' => 'foobar' - ]); - } - - public function testCompleteFlowMissingClientId() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidRequestException'); - - $_POST['grant_type'] = 'authorization_code'; - - $server = new AuthorizationServer(); - $grant = new AuthCodeGrant(); - - $server->addGrantType($grant); - $server->issueAccessToken(); - } - - public function testCompleteFlowMissingClientSecret() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidRequestException'); - - $_POST = [ - 'grant_type' => 'authorization_code', - 'client_id' => 'testapp', - ]; - - $server = new AuthorizationServer(); - $grant = new AuthCodeGrant(); - - $server->addGrantType($grant); - $server->issueAccessToken(); - } - - public function testCompleteFlowMissingRedirectUri() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidRequestException'); - - $_POST = [ - 'grant_type' => 'authorization_code', - 'client_id' => 'testapp', - 'client_secret' => 'foobar', - ]; - - $server = new AuthorizationServer(); - $grant = new AuthCodeGrant(); - - $server->addGrantType($grant); - $server->issueAccessToken(); - } - - public function testCompleteFlowInvalidClient() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidClientException'); - - $_POST = [ - 'grant_type' => 'authorization_code', - 'client_id' => 'testapp', - 'client_secret' => 'foobar', - 'redirect_uri' => 'http://foo/bar', - ]; - - $server = new AuthorizationServer(); - $grant = new AuthCodeGrant(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn(null); - - $server->setClientStorage($clientStorage); - - $server->addGrantType($grant); - $server->issueAccessToken(); - } - - public function testCompleteFlowMissingCode() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidRequestException'); - - $_POST = [ - 'grant_type' => 'authorization_code', - 'client_id' => 'testapp', - 'client_secret' => 'foobar', - 'redirect_uri' => 'http://foo/bar', - ]; - - $server = new AuthorizationServer(); - $grant = new AuthCodeGrant(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - $sessionStorage->shouldReceive('create'); - $sessionStorage->shouldReceive('getScopes')->andReturn([]); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - $accessTokenStorage->shouldReceive('create'); - $accessTokenStorage->shouldReceive('getScopes')->andReturn([]); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - $scopeStorage->shouldReceive('get')->andReturn(null); - - $authCodeStorage = M::mock('League\OAuth2\Server\Storage\AuthCodeInterface'); - $authCodeStorage->shouldReceive('setServer'); - $authCodeStorage->shouldReceive('get'); - - $server->setClientStorage($clientStorage); - $server->setScopeStorage($scopeStorage); - $server->setSessionStorage($sessionStorage); - $server->setAccessTokenStorage($accessTokenStorage); - $server->setAuthCodeStorage($authCodeStorage); - - $server->addGrantType($grant); - $server->issueAccessToken(); - } - - public function testCompleteFlowInvalidCode() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidRequestException'); - - $_POST = [ - 'grant_type' => 'authorization_code', - 'client_id' => 'testapp', - 'client_secret' => 'foobar', - 'redirect_uri' => 'http://foo/bar', - 'code' => 'foobar', - ]; - - $server = new AuthorizationServer(); - $grant = new AuthCodeGrant(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - $sessionStorage->shouldReceive('create'); - $sessionStorage->shouldReceive('getScopes')->andReturn([]); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - $accessTokenStorage->shouldReceive('create'); - $accessTokenStorage->shouldReceive('getScopes')->andReturn([]); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - $scopeStorage->shouldReceive('get')->andReturn(null); - - $authCodeStorage = M::mock('League\OAuth2\Server\Storage\AuthCodeInterface'); - $authCodeStorage->shouldReceive('setServer'); - $authCodeStorage->shouldReceive('get'); - - $server->setClientStorage($clientStorage); - $server->setScopeStorage($scopeStorage); - $server->setSessionStorage($sessionStorage); - $server->setAccessTokenStorage($accessTokenStorage); - $server->setAuthCodeStorage($authCodeStorage); - - $server->addGrantType($grant); - $server->issueAccessToken(); - } - - public function testCompleteFlowExpiredCode() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidRequestException'); - - $_POST = [ - 'grant_type' => 'authorization_code', - 'client_id' => 'testapp', - 'client_secret' => 'foobar', - 'redirect_uri' => 'http://foo/bar', - 'code' => 'foobar', - ]; - - $server = new AuthorizationServer(); - $grant = new AuthCodeGrant(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - $sessionStorage->shouldReceive('create'); - $sessionStorage->shouldReceive('getScopes')->andReturn([]); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - $accessTokenStorage->shouldReceive('create'); - $accessTokenStorage->shouldReceive('getScopes')->andReturn([]); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - $scopeStorage->shouldReceive('get')->andReturn(null); - - $authCodeStorage = M::mock('League\OAuth2\Server\Storage\AuthCodeInterface'); - $authCodeStorage->shouldReceive('setServer'); - $authCodeStorage->shouldReceive('get')->andReturn( - (new AuthCodeEntity($server))->setId('foobar')->setExpireTime(time() - 300)->setRedirectUri('http://foo/bar') - ); - - $server->setClientStorage($clientStorage); - $server->setScopeStorage($scopeStorage); - $server->setSessionStorage($sessionStorage); - $server->setAccessTokenStorage($accessTokenStorage); - $server->setAuthCodeStorage($authCodeStorage); - - $server->addGrantType($grant); - $server->issueAccessToken(); - } - - public function testCompleteFlowRedirectUriMismatch() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidRequestException'); - - $_POST = [ - 'grant_type' => 'authorization_code', - 'client_id' => 'testapp', - 'client_secret' => 'foobar', - 'redirect_uri' => 'http://foo/bar', - 'code' => 'foobar', - ]; - - $server = new AuthorizationServer(); - $grant = new AuthCodeGrant(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - $sessionStorage->shouldReceive('create'); - $sessionStorage->shouldReceive('getScopes')->andReturn([]); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - $accessTokenStorage->shouldReceive('create'); - $accessTokenStorage->shouldReceive('getScopes')->andReturn([]); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - $scopeStorage->shouldReceive('get')->andReturn(null); - - $authCodeStorage = M::mock('League\OAuth2\Server\Storage\AuthCodeInterface'); - $authCodeStorage->shouldReceive('setServer'); - $authCodeStorage->shouldReceive('get')->andReturn( - (new AuthCodeEntity($server))->setId('foobar')->setExpireTime(time() + 300)->setRedirectUri('http://fail/face') - ); - - $server->setClientStorage($clientStorage); - $server->setScopeStorage($scopeStorage); - $server->setSessionStorage($sessionStorage); - $server->setAccessTokenStorage($accessTokenStorage); - $server->setAuthCodeStorage($authCodeStorage); - - $server->addGrantType($grant); - $server->issueAccessToken(); - } - - public function testCompleteFlow() - { - $_POST = [ - 'grant_type' => 'authorization_code', - 'client_id' => 'testapp', - 'client_secret' => 'foobar', - 'redirect_uri' => 'http://foo/bar', - 'code' => 'foo', - ]; - - $server = new AuthorizationServer(); - $grant = new AuthCodeGrant(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('getBySession')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - $clientStorage->shouldReceive('get')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - $sessionStorage->shouldReceive('create')->andreturn(123); - $sessionStorage->shouldReceive('associateScope'); - $sessionStorage->shouldReceive('getByAuthCode')->andReturn( - (new SessionEntity($server))->setId('foobar') - ); - $sessionStorage->shouldReceive('getByAccessToken')->andReturn( - (new SessionEntity($server))->setId('foobar') - ); - $sessionStorage->shouldReceive('getScopes')->andReturn([ - (new ScopeEntity($server))->hydrate(['id' => 'foo']), - ]); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - $accessTokenStorage->shouldReceive('create'); - $accessTokenStorage->shouldReceive('associateScope'); - $accessTokenStorage->shouldReceive('getScopes')->andReturn([ - (new ScopeEntity($server))->hydrate(['id' => 'foo']), - ]); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - $scopeStorage->shouldReceive('get')->andReturn( - (new ScopeEntity($server))->hydrate(['id' => 'foo']) - ); - - $authCodeStorage = M::mock('League\OAuth2\Server\Storage\AuthCodeInterface'); - $authCodeStorage->shouldReceive('setServer'); - $authCodeStorage->shouldReceive('delete'); - $authCodeStorage->shouldReceive('get')->andReturn( - (new AuthCodeEntity($server))->setId('foobar')->setRedirectUri('http://foo/bar')->setExpireTime(time() + 300) - ); - $authCodeStorage->shouldReceive('getScopes')->andReturn([ - (new ScopeEntity($server))->hydrate(['id' => 'foo']), - ]); - - $server->setClientStorage($clientStorage); - $server->setScopeStorage($scopeStorage); - $server->setSessionStorage($sessionStorage); - $server->setAccessTokenStorage($accessTokenStorage); - $server->setAuthCodeStorage($authCodeStorage); - - $server->addGrantType($grant); - $server->issueAccessToken(); - } - - public function testCompleteFlowWithRefreshToken() - { - $_POST = [ - 'grant_type' => 'authorization_code', - 'client_id' => 'testapp', - 'client_secret' => 'foobar', - 'redirect_uri' => 'http://foo/bar', - 'code' => 'foo', - ]; - - $server = new AuthorizationServer(); - $grant = new AuthCodeGrant(); - $rtgrant = new RefreshTokenGrant(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('getBySession')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - $clientStorage->shouldReceive('get')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - $sessionStorage->shouldReceive('create')->andreturn(123); - $sessionStorage->shouldReceive('associateScope'); - $sessionStorage->shouldReceive('getByAuthCode')->andReturn( - (new SessionEntity($server))->setId('foobar') - ); - $sessionStorage->shouldReceive('getByAccessToken')->andReturn( - (new SessionEntity($server))->setId('foobar') - ); - $sessionStorage->shouldReceive('getScopes')->andReturn([ - (new ScopeEntity($server))->hydrate(['id' => 'foo']), - ]); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - $accessTokenStorage->shouldReceive('create'); - $accessTokenStorage->shouldReceive('associateScope'); - $accessTokenStorage->shouldReceive('getScopes')->andReturn([ - (new ScopeEntity($server))->hydrate(['id' => 'foo']), - ]); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - $scopeStorage->shouldReceive('get')->andReturn( - (new ScopeEntity($server))->hydrate(['id' => 'foo']) - ); - - $authCodeStorage = M::mock('League\OAuth2\Server\Storage\AuthCodeInterface'); - $authCodeStorage->shouldReceive('setServer'); - $authCodeStorage->shouldReceive('delete'); - $authCodeStorage->shouldReceive('get')->andReturn( - (new AuthCodeEntity($server))->setId('foobar')->setRedirectUri('http://foo/bar')->setExpireTime(time() + 300) - ); - $authCodeStorage->shouldReceive('getScopes')->andReturn([ - (new ScopeEntity($server))->hydrate(['id' => 'foo']), - ]); - - $refreshTokenStorage = M::mock('League\OAuth2\Server\Storage\RefreshTokenInterface'); - $refreshTokenStorage->shouldReceive('setServer'); - $refreshTokenStorage->shouldReceive('create'); - $refreshTokenStorage->shouldReceive('associateScope'); - - $server->setClientStorage($clientStorage); - $server->setScopeStorage($scopeStorage); - $server->setSessionStorage($sessionStorage); - $server->setAccessTokenStorage($accessTokenStorage); - $server->setAuthCodeStorage($authCodeStorage); - $server->setRefreshTokenStorage($refreshTokenStorage); - - $server->addGrantType($grant); - $server->addGrantType($rtgrant); - $server->issueAccessToken(); - } -} diff --git a/tests/unit/Grant/ClientCredentialsGrantTest.php b/tests/unit/Grant/ClientCredentialsGrantTest.php deleted file mode 100644 index 8e5643f5..00000000 --- a/tests/unit/Grant/ClientCredentialsGrantTest.php +++ /dev/null @@ -1,251 +0,0 @@ -setExpectedException('League\OAuth2\Server\Exception\InvalidRequestException'); - - $_POST['grant_type'] = 'client_credentials'; - - $server = new AuthorizationServer(); - $grant = new ClientCredentialsGrant(); - - $server->addGrantType($grant); - $server->issueAccessToken(); - } - - public function testCompleteFlowMissingClientSecret() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidRequestException'); - - $_POST = [ - 'grant_type' => 'client_credentials', - 'client_id' => 'testapp', - ]; - - $server = new AuthorizationServer(); - $grant = new ClientCredentialsGrant(); - - $server->addGrantType($grant); - $server->issueAccessToken(); - } - - public function testCompleteFlowInvalidClient() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidClientException'); - - $_POST = [ - 'grant_type' => 'client_credentials', - 'client_id' => 'testapp', - 'client_secret' => 'foobar', - ]; - - $server = new AuthorizationServer(); - $grant = new ClientCredentialsGrant(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn(null); - - $server->setClientStorage($clientStorage); - - $server->addGrantType($grant); - $server->issueAccessToken(); - } - - public function testCompleteFlowInvalidScope() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidScopeException'); - - $_POST = [ - 'grant_type' => 'client_credentials', - 'client_id' => 'testapp', - 'client_secret' => 'foobar', - 'scope' => 'foo', - ]; - - $server = new AuthorizationServer(); - $grant = new ClientCredentialsGrant(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - $sessionStorage->shouldReceive('create'); - $sessionStorage->shouldReceive('getScopes')->andReturn([]); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - $accessTokenStorage->shouldReceive('create'); - $accessTokenStorage->shouldReceive('getScopes')->andReturn([]); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - $scopeStorage->shouldReceive('get')->andReturn(null); - - $server->setClientStorage($clientStorage); - $server->setScopeStorage($scopeStorage); - $server->setSessionStorage($sessionStorage); - $server->setAccessTokenStorage($accessTokenStorage); - - $server->addGrantType($grant); - $server->issueAccessToken(); - } - - public function testCompleteFlowNoScopes() - { - $_POST = [ - 'grant_type' => 'client_credentials', - 'client_id' => 'testapp', - 'client_secret' => 'foobar', - ]; - - $server = new AuthorizationServer(); - $grant = new ClientCredentialsGrant(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - $sessionStorage->shouldReceive('create')->andreturn(123); - $sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([]); - $sessionStorage->shouldReceive('getByAccessToken')->andReturn( - (new SessionEntity($server))->setId('foobar') - ); - $sessionStorage->shouldReceive('associateScope'); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - $accessTokenStorage->shouldReceive('create'); - $accessTokenStorage->shouldReceive('getScopes')->andReturn([]); - $accessTokenStorage->shouldReceive('associateScope'); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - // $scopeStorage->shouldReceive('get')->andReturn( - // // (new ScopeEntity($server))->hydrate(['id' => 'foo']) - // ); - - $server->setClientStorage($clientStorage); - $server->setScopeStorage($scopeStorage); - $server->setSessionStorage($sessionStorage); - $server->setAccessTokenStorage($accessTokenStorage); - - $server->addGrantType($grant); - $server->issueAccessToken(); - } - - public function testCompleteFlow() - { - $_POST = [ - 'grant_type' => 'client_credentials', - 'client_id' => 'testapp', - 'client_secret' => 'foobar', - 'scope' => 'foo', - ]; - - $server = new AuthorizationServer(); - $grant = new ClientCredentialsGrant(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - $sessionStorage->shouldReceive('create')->andreturn(123); - $sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([ - (new ScopeEntity($server))->hydrate(['id' => 'foo']), - ]); - $sessionStorage->shouldReceive('getByAccessToken')->andReturn( - (new SessionEntity($server))->setId('foobar') - ); - $sessionStorage->shouldReceive('associateScope'); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - $accessTokenStorage->shouldReceive('create'); - $accessTokenStorage->shouldReceive('getScopes')->andReturn([ - (new ScopeEntity($server))->hydrate(['id' => 'foo']), - ]); - $accessTokenStorage->shouldReceive('associateScope'); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - $scopeStorage->shouldReceive('get')->andReturn( - (new ScopeEntity($server))->hydrate(['id' => 'foo']) - ); - - $server->setClientStorage($clientStorage); - $server->setScopeStorage($scopeStorage); - $server->setSessionStorage($sessionStorage); - $server->setAccessTokenStorage($accessTokenStorage); - - $server->addGrantType($grant); - $server->issueAccessToken(); - } - - public function testClientNotAuthorizedToUseGrant() - { - $this->setExpectedException('\League\OAuth2\Server\Exception\UnauthorizedClientException'); - - $_POST = [ - 'grant_type' => 'client_credentials', - 'client_id' => 'testapp', - 'client_secret' => 'foobar', - 'scope' => 'foo', - ]; - - $server = new AuthorizationServer(); - $grant = new ClientCredentialsGrant(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andThrow( - new \League\OAuth2\Server\Exception\UnauthorizedClientException() - ); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - $sessionStorage->shouldReceive('getByAccessToken')->andReturn( - (new SessionEntity($server))->setId('foobar') - ); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - $scopeStorage->shouldReceive('get')->andReturn( - (new ScopeEntity($server))->hydrate(['id' => 'foo']) - ); - - $server->setClientStorage($clientStorage); - $server->setScopeStorage($scopeStorage); - $server->setSessionStorage($sessionStorage); - $server->setAccessTokenStorage($accessTokenStorage); - - $server->addGrantType($grant); - $server->issueAccessToken(); - } -} diff --git a/tests/unit/Grant/PasswordGrantTest.php b/tests/unit/Grant/PasswordGrantTest.php deleted file mode 100644 index e54ca479..00000000 --- a/tests/unit/Grant/PasswordGrantTest.php +++ /dev/null @@ -1,479 +0,0 @@ -setExpectedException('League\OAuth2\Server\Exception\InvalidRequestException'); - - $_POST['grant_type'] = 'password'; - - $server = new AuthorizationServer(); - $grant = new PasswordGrant(); - - $server->addGrantType($grant); - $server->issueAccessToken(); - } - - public function testCompleteFlowMissingClientSecret() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidRequestException'); - - $_POST = [ - 'grant_type' => 'password', - 'client_id' => 'testapp', - ]; - - $server = new AuthorizationServer(); - $grant = new PasswordGrant(); - - $server->addGrantType($grant); - $server->issueAccessToken(); - } - - public function testCompleteFlowInvalidClient() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidClientException'); - - $_POST = [ - 'grant_type' => 'password', - 'client_id' => 'testapp', - 'client_secret' => 'foobar', - ]; - - $server = new AuthorizationServer(); - $grant = new PasswordGrant(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn(null); - - $server->setClientStorage($clientStorage); - - $server->addGrantType($grant); - $server->issueAccessToken(); - } - - public function testNoUsername() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidRequestException'); - - $_POST = [ - 'grant_type' => 'password', - 'client_id' => 'testapp', - 'client_secret' => 'foobar', - ]; - - $server = new AuthorizationServer(); - $grant = new PasswordGrant(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - $sessionStorage->shouldReceive('create'); - $sessionStorage->shouldReceive('getScopes')->andReturn([]); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - $accessTokenStorage->shouldReceive('create'); - $accessTokenStorage->shouldReceive('getScopes')->andReturn([]); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - $scopeStorage->shouldReceive('get')->andReturn(null); - - $server->setClientStorage($clientStorage); - $server->setScopeStorage($scopeStorage); - $server->setSessionStorage($sessionStorage); - $server->setAccessTokenStorage($accessTokenStorage); - - $server->addGrantType($grant); - $server->issueAccessToken(); - } - - public function testNoPassword() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidRequestException'); - - $_POST = [ - 'grant_type' => 'password', - 'client_id' => 'testapp', - 'client_secret' => 'foobar', - 'username' => 'foo', - ]; - - $server = new AuthorizationServer(); - $grant = new PasswordGrant(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - $sessionStorage->shouldReceive('create'); - $sessionStorage->shouldReceive('getScopes')->andReturn([]); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - $accessTokenStorage->shouldReceive('create'); - $accessTokenStorage->shouldReceive('getScopes')->andReturn([]); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - $scopeStorage->shouldReceive('get')->andReturn(null); - - $server->setClientStorage($clientStorage); - $server->setScopeStorage($scopeStorage); - $server->setSessionStorage($sessionStorage); - $server->setAccessTokenStorage($accessTokenStorage); - - $server->addGrantType($grant); - $server->issueAccessToken(); - } - - public function testNoCallable() - { - $this->setExpectedException('League\OAuth2\Server\Exception\ServerErrorException'); - - $_POST = [ - 'grant_type' => 'password', - 'client_id' => 'testapp', - 'client_secret' => 'foobar', - 'username' => 'foo', - 'password' => 'foobar', - ]; - - $server = new AuthorizationServer(); - $grant = new PasswordGrant(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - $sessionStorage->shouldReceive('create'); - $sessionStorage->shouldReceive('getScopes')->andReturn([]); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - $accessTokenStorage->shouldReceive('create'); - $accessTokenStorage->shouldReceive('getScopes')->andReturn([]); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - $scopeStorage->shouldReceive('get')->andReturn(null); - - $server->setClientStorage($clientStorage); - $server->setScopeStorage($scopeStorage); - $server->setSessionStorage($sessionStorage); - $server->setAccessTokenStorage($accessTokenStorage); - - $server->addGrantType($grant); - $server->issueAccessToken(); - } - - public function testCompleteFlowInvalidScope() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidScopeException'); - - $_POST = [ - 'grant_type' => 'password', - 'client_id' => 'testapp', - 'client_secret' => 'foobar', - 'username' => 'foo', - 'password' => 'foobar', - 'scope' => 'foo', - ]; - - $server = new AuthorizationServer(); - $grant = new PasswordGrant(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - $sessionStorage->shouldReceive('create'); - $sessionStorage->shouldReceive('getScopes')->andReturn([]); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - $accessTokenStorage->shouldReceive('create'); - $accessTokenStorage->shouldReceive('getScopes')->andReturn([]); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - $scopeStorage->shouldReceive('get')->andReturn(null); - - $server->setClientStorage($clientStorage); - $server->setScopeStorage($scopeStorage); - $server->setSessionStorage($sessionStorage); - $server->setAccessTokenStorage($accessTokenStorage); - $grant->setVerifyCredentialsCallback(function () { - return 123; - }); - - $server->addGrantType($grant); - $server->issueAccessToken(); - } - - public function testCompleteFlowNoScopes() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidRequestException'); - - $_POST = [ - 'grant_type' => 'password', - 'client_id' => 'testapp', - 'client_secret' => 'foobar', - 'username' => 'username', - 'password' => 'password', - ]; - - $server = new AuthorizationServer(); - $grant = new PasswordGrant(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - $sessionStorage->shouldReceive('create')->andreturn(123); - $sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([]); - $sessionStorage->shouldReceive('associateScope'); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - $accessTokenStorage->shouldReceive('create'); - $accessTokenStorage->shouldReceive('getScopes')->andReturn([]); - $accessTokenStorage->shouldReceive('associateScope'); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - - $server->setClientStorage($clientStorage); - $server->setScopeStorage($scopeStorage); - $server->setSessionStorage($sessionStorage); - $server->setAccessTokenStorage($accessTokenStorage); - $server->requireScopeParam(true); - $grant->setVerifyCredentialsCallback(function () { - return 123; - }); - - $server->addGrantType($grant); - $server->issueAccessToken(); - } - - public function testCompleteFlowInvalidCredentials() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidCredentialsException'); - - $_POST = [ - 'grant_type' => 'password', - 'client_id' => 'testapp', - 'client_secret' => 'foobar', - 'scope' => 'foo', - 'username' => 'username', - 'password' => 'password', - ]; - - $server = new AuthorizationServer(); - $grant = new PasswordGrant(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - $sessionStorage->shouldReceive('create')->andreturn(123); - $sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([ - (new ScopeEntity($server))->hydrate(['id' => 'foo']), - ]); - $sessionStorage->shouldReceive('associateScope'); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - $accessTokenStorage->shouldReceive('create'); - $accessTokenStorage->shouldReceive('getScopes')->andReturn([ - (new ScopeEntity($server))->hydrate(['id' => 'foo']), - ]); - $accessTokenStorage->shouldReceive('associateScope'); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - $scopeStorage->shouldReceive('get')->andReturn( - (new ScopeEntity($server))->hydrate(['id' => 'foo']) - ); - - $server->setClientStorage($clientStorage); - $server->setScopeStorage($scopeStorage); - $server->setSessionStorage($sessionStorage); - $server->setAccessTokenStorage($accessTokenStorage); - $grant->setVerifyCredentialsCallback(function () { - return false; - }); - - $server->addGrantType($grant); - $server->issueAccessToken(); - } - - public function testCompleteFlow() - { - $_POST = [ - 'grant_type' => 'password', - 'client_id' => 'testapp', - 'client_secret' => 'foobar', - 'scope' => 'foo', - 'username' => 'username', - 'password' => 'password', - ]; - - $server = new AuthorizationServer(); - $grant = new PasswordGrant(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - $sessionStorage->shouldReceive('create')->andreturn(123); - $sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([ - (new ScopeEntity($server))->hydrate(['id' => 'foo']), - ]); - $sessionStorage->shouldReceive('getByAccessToken')->andReturn( - (new SessionEntity($server))->setId('foobar') - ); - $sessionStorage->shouldReceive('associateScope'); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - $accessTokenStorage->shouldReceive('create'); - $accessTokenStorage->shouldReceive('getScopes')->andReturn([ - (new ScopeEntity($server))->hydrate(['id' => 'foo']), - ]); - $accessTokenStorage->shouldReceive('associateScope'); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - $scopeStorage->shouldReceive('get')->andReturn( - (new ScopeEntity($server))->hydrate(['id' => 'foo']) - ); - - $server->setClientStorage($clientStorage); - $server->setScopeStorage($scopeStorage); - $server->setSessionStorage($sessionStorage); - $server->setAccessTokenStorage($accessTokenStorage); - $grant->setVerifyCredentialsCallback(function () { - return 123; - }); - - $server->addGrantType($grant); - $response = $server->issueAccessToken(); - - $this->assertTrue(array_key_exists('access_token', $response)); - $this->assertTrue(array_key_exists('token_type', $response)); - $this->assertTrue(array_key_exists('expires_in', $response)); - } - - public function testCompleteFlowRefreshToken() - { - $_POST = [ - 'grant_type' => 'password', - 'client_id' => 'testapp', - 'client_secret' => 'foobar', - 'scope' => 'foo', - 'username' => 'username', - 'password' => 'password', - ]; - - $server = new AuthorizationServer(); - $grant = new PasswordGrant(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - $sessionStorage->shouldReceive('create')->andreturn(123); - $sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([ - (new ScopeEntity($server))->hydrate(['id' => 'foo']), - ]); - $sessionStorage->shouldReceive('getByAccessToken')->andReturn( - (new SessionEntity($server))->setId('foobar') - ); - $sessionStorage->shouldReceive('associateScope'); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - $accessTokenStorage->shouldReceive('create'); - $accessTokenStorage->shouldReceive('getScopes')->andReturn([ - (new ScopeEntity($server))->hydrate(['id' => 'foo']), - ]); - $accessTokenStorage->shouldReceive('associateScope'); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - $scopeStorage->shouldReceive('get')->andReturn( - (new ScopeEntity($server))->hydrate(['id' => 'foo']) - ); - - $refreshTokenStorage = M::mock('League\OAuth2\Server\Storage\RefreshTokenInterface'); - $refreshTokenStorage->shouldReceive('setServer'); - $refreshTokenStorage->shouldReceive('create'); - $refreshTokenStorage->shouldReceive('associateScope'); - - $server->setClientStorage($clientStorage); - $server->setScopeStorage($scopeStorage); - $server->setSessionStorage($sessionStorage); - $server->setAccessTokenStorage($accessTokenStorage); - $server->setRefreshTokenStorage($refreshTokenStorage); - - $grant->setVerifyCredentialsCallback(function () { - return 123; - }); - - $server->addGrantType($grant); - $server->addGrantType(new RefreshTokenGrant()); - $response = $server->issueAccessToken(); - - $this->assertTrue(array_key_exists('access_token', $response)); - // $this->assertTrue(array_key_exists('refresh_token', $response)); - $this->assertTrue(array_key_exists('token_type', $response)); - $this->assertTrue(array_key_exists('expires_in', $response)); - } -} diff --git a/tests/unit/Grant/RefreshTokenGrantTest.php b/tests/unit/Grant/RefreshTokenGrantTest.php deleted file mode 100644 index bd5ae5ab..00000000 --- a/tests/unit/Grant/RefreshTokenGrantTest.php +++ /dev/null @@ -1,501 +0,0 @@ -setRefreshTokenTTL(86400); - - $property = new \ReflectionProperty($grant, 'refreshTokenTTL'); - $property->setAccessible(true); - - $this->assertEquals(86400, $property->getValue($grant)); - } - - public function testCompleteFlowMissingClientId() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidRequestException'); - - $_POST['grant_type'] = 'refresh_token'; - - $server = new AuthorizationServer(); - $grant = new RefreshTokenGrant(); - - $server->addGrantType($grant); - $server->issueAccessToken(); - } - - public function testCompleteFlowMissingClientSecret() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidRequestException'); - - $_POST = [ - 'grant_type' => 'refresh_token', - 'client_id' => 'testapp', - ]; - - $server = new AuthorizationServer(); - $grant = new RefreshTokenGrant(); - - $server->addGrantType($grant); - $server->issueAccessToken(); - } - - public function testCompleteFlowInvalidClient() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidClientException'); - - $_POST = [ - 'grant_type' => 'refresh_token', - 'client_id' => 'testapp', - 'client_secret' => 'foobar', - ]; - - $server = new AuthorizationServer(); - $grant = new RefreshTokenGrant(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn(null); - - $server->setClientStorage($clientStorage); - - $server->addGrantType($grant); - $server->issueAccessToken(); - } - - public function testCompleteFlowMissingRefreshToken() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidRequestException'); - - $_POST = [ - 'grant_type' => 'refresh_token', - 'client_id' => 'testapp', - 'client_secret' => 'foobar', - ]; - - $server = new AuthorizationServer(); - $grant = new RefreshTokenGrant(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - - $server->setClientStorage($clientStorage); - $server->setScopeStorage($scopeStorage); - $server->setSessionStorage($sessionStorage); - $server->requireScopeParam(true); - - $server->addGrantType($grant); - $server->issueAccessToken(); - } - - public function testCompleteFlowInvalidRefreshToken() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidRefreshException'); - - $_POST = [ - 'grant_type' => 'refresh_token', - 'client_id' => 'testapp', - 'client_secret' => 'foobar', - 'refresh_token' => 'meh', - ]; - - $server = new AuthorizationServer(); - $grant = new RefreshTokenGrant(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - - $refreshTokenStorage = M::mock('League\OAuth2\Server\Storage\RefreshTokenInterface'); - $refreshTokenStorage->shouldReceive('get'); - $refreshTokenStorage->shouldReceive('setServer'); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - - $server->setClientStorage($clientStorage); - $server->setScopeStorage($scopeStorage); - $server->setRefreshTokenStorage($refreshTokenStorage); - $server->requireScopeParam(true); - - $server->addGrantType($grant); - $server->issueAccessToken(); - } - - public function testCompleteFlowExistingScopes() - { - $_POST = [ - 'grant_type' => 'refresh_token', - 'client_id' => 'testapp', - 'client_secret' => 'foobar', - 'refresh_token' => 'refresh_token', - ]; - - $server = new AuthorizationServer(); - $grant = new RefreshTokenGrant(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - $sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([]); - $sessionStorage->shouldReceive('associateScope'); - $sessionStorage->shouldReceive('getByAccessToken')->andReturn( - (new SessionEntity($server)) - ); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - $accessTokenStorage->shouldReceive('get')->andReturn( - (new AccessTokenEntity($server)) - ); - $accessTokenStorage->shouldReceive('delete'); - $accessTokenStorage->shouldReceive('create'); - $accessTokenStorage->shouldReceive('getScopes')->andReturn([ - (new ScopeEntity($server))->hydrate(['id' => 'foo']), - ]); - $accessTokenStorage->shouldReceive('associateScope'); - - $refreshTokenStorage = M::mock('League\OAuth2\Server\Storage\RefreshTokenInterface'); - $refreshTokenStorage->shouldReceive('setServer'); - $refreshTokenStorage->shouldReceive('associateScope'); - $refreshTokenStorage->shouldReceive('delete'); - $refreshTokenStorage->shouldReceive('create'); - $refreshTokenStorage->shouldReceive('get')->andReturn( - (new RefreshTokenEntity($server))->setExpireTime(time() + 86400) - ); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - $scopeStorage->shouldReceive('get')->andReturn( - (new ScopeEntity($server))->hydrate(['id' => 'foo']) - ); - - $server->setClientStorage($clientStorage); - $server->setScopeStorage($scopeStorage); - $server->setSessionStorage($sessionStorage); - $server->setAccessTokenStorage($accessTokenStorage); - $server->setRefreshTokenStorage($refreshTokenStorage); - - $server->addGrantType($grant); - $response = $server->issueAccessToken(); - - $this->assertTrue(array_key_exists('access_token', $response)); - $this->assertTrue(array_key_exists('refresh_token', $response)); - $this->assertTrue(array_key_exists('token_type', $response)); - $this->assertTrue(array_key_exists('expires_in', $response)); - } - - public function testCompleteFlowRequestScopes() - { - $_POST = [ - 'grant_type' => 'refresh_token', - 'client_id' => 'testapp', - 'client_secret' => 'foobar', - 'refresh_token' => 'refresh_token', - 'scope' => 'foo', - ]; - - $server = new AuthorizationServer(); - $grant = new RefreshTokenGrant(); - - $oldSession = (new SessionEntity($server))->associateScope((new ScopeEntity($server))->hydrate(['id' => 'foo'])); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - $sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([]); - $sessionStorage->shouldReceive('associateScope'); - $sessionStorage->shouldReceive('getByAccessToken')->andReturn( - $oldSession - ); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - $accessTokenStorage->shouldReceive('get')->andReturn( - (new AccessTokenEntity($server)) - ); - $accessTokenStorage->shouldReceive('delete'); - $accessTokenStorage->shouldReceive('create'); - $accessTokenStorage->shouldReceive('getScopes')->andReturn([ - (new ScopeEntity($server))->hydrate(['id' => 'foo']), - ]); - $accessTokenStorage->shouldReceive('associateScope'); - - $refreshTokenStorage = M::mock('League\OAuth2\Server\Storage\RefreshTokenInterface'); - $refreshTokenStorage->shouldReceive('setServer'); - $refreshTokenStorage->shouldReceive('associateScope'); - $refreshTokenStorage->shouldReceive('delete'); - $refreshTokenStorage->shouldReceive('create'); - $refreshTokenStorage->shouldReceive('get')->andReturn( - (new RefreshTokenEntity($server))->setExpireTime(time() + 86400) - ); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - $scopeStorage->shouldReceive('get')->andReturn( - (new ScopeEntity($server))->hydrate(['id' => 'foo']) - ); - - $server->setClientStorage($clientStorage); - $server->setScopeStorage($scopeStorage); - $server->setSessionStorage($sessionStorage); - $server->setAccessTokenStorage($accessTokenStorage); - $server->setRefreshTokenStorage($refreshTokenStorage); - - $server->addGrantType($grant); - $response = $server->issueAccessToken(); - - $this->assertTrue(isset($response['access_token'])); - $this->assertTrue(isset($response['refresh_token'])); - $this->assertTrue(isset($response['token_type'])); - $this->assertTrue(isset($response['expires_in'])); - } - - public function testCompleteFlowExpiredRefreshToken() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidRefreshException'); - - $_POST = [ - 'grant_type' => 'refresh_token', - 'client_id' => 'testapp', - 'client_secret' => 'foobar', - 'refresh_token' => 'refresh_token', - 'scope' => 'foo', - ]; - - $server = new AuthorizationServer(); - $grant = new RefreshTokenGrant(); - - $oldSession = (new SessionEntity($server))->associateScope((new ScopeEntity($server))->hydrate(['id' => 'foo'])); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - $sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([]); - $sessionStorage->shouldReceive('associateScope'); - $sessionStorage->shouldReceive('getByAccessToken')->andReturn( - $oldSession - ); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - $accessTokenStorage->shouldReceive('get')->andReturn( - (new AccessTokenEntity($server)) - ); - $accessTokenStorage->shouldReceive('delete'); - $accessTokenStorage->shouldReceive('create'); - $accessTokenStorage->shouldReceive('getScopes')->andReturn([ - (new ScopeEntity($server))->hydrate(['id' => 'foo']), - ]); - $accessTokenStorage->shouldReceive('associateScope'); - - $refreshTokenStorage = M::mock('League\OAuth2\Server\Storage\RefreshTokenInterface'); - $refreshTokenStorage->shouldReceive('setServer'); - $refreshTokenStorage->shouldReceive('associateScope'); - $refreshTokenStorage->shouldReceive('delete'); - $refreshTokenStorage->shouldReceive('create'); - $refreshTokenStorage->shouldReceive('get')->andReturn( - (new RefreshTokenEntity($server)) - ); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - $scopeStorage->shouldReceive('get')->andReturn( - (new ScopeEntity($server))->hydrate(['id' => 'foo']) - ); - - $server->setClientStorage($clientStorage); - $server->setScopeStorage($scopeStorage); - $server->setSessionStorage($sessionStorage); - $server->setAccessTokenStorage($accessTokenStorage); - $server->setRefreshTokenStorage($refreshTokenStorage); - - $server->addGrantType($grant); - $server->issueAccessToken(); - } - - public function testCompleteFlowRequestScopesInvalid() - { - $_POST = [ - 'grant_type' => 'refresh_token', - 'client_id' => 'testapp', - 'client_secret' => 'foobar', - 'refresh_token' => 'refresh_token', - 'scope' => 'blah', - ]; - - $server = new AuthorizationServer(); - $grant = new RefreshTokenGrant(); - - $oldSession = (new SessionEntity($server))->associateScope((new ScopeEntity($server))->hydrate(['id' => 'foo'])); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - $sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([]); - $sessionStorage->shouldReceive('associateScope'); - $sessionStorage->shouldReceive('getByAccessToken')->andReturn( - $oldSession - ); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - $accessTokenStorage->shouldReceive('get')->andReturn( - (new AccessTokenEntity($server)) - ); - $accessTokenStorage->shouldReceive('delete'); - $accessTokenStorage->shouldReceive('create'); - $accessTokenStorage->shouldReceive('getScopes')->andReturn([ - (new ScopeEntity($server))->hydrate(['id' => 'foo']), - ]); - $accessTokenStorage->shouldReceive('associateScope'); - - $refreshTokenStorage = M::mock('League\OAuth2\Server\Storage\RefreshTokenInterface'); - $refreshTokenStorage->shouldReceive('setServer'); - $refreshTokenStorage->shouldReceive('associateScope'); - $refreshTokenStorage->shouldReceive('delete'); - $refreshTokenStorage->shouldReceive('create'); - $refreshTokenStorage->shouldReceive('get')->andReturn( - (new RefreshTokenEntity($server))->setExpireTime(time() + 86400) - ); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - $scopeStorage->shouldReceive('get')->andReturn( - (new ScopeEntity($server))->hydrate(['id' => 'blah']) - ); - - $server->setClientStorage($clientStorage); - $server->setScopeStorage($scopeStorage); - $server->setSessionStorage($sessionStorage); - $server->setAccessTokenStorage($accessTokenStorage); - $server->setRefreshTokenStorage($refreshTokenStorage); - - $server->addGrantType($grant); - - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidScopeException'); - - $server->issueAccessToken(); - } - - public function testCompleteFlowRotateRefreshToken() - { - $_POST = [ - 'grant_type' => 'refresh_token', - 'client_id' => 'testapp', - 'client_secret' => 'foobar', - 'refresh_token' => 'refresh_token', - ]; - - $server = new AuthorizationServer(); - $grant = new RefreshTokenGrant(); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $clientStorage->shouldReceive('get')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - $sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([]); - $sessionStorage->shouldReceive('associateScope'); - $sessionStorage->shouldReceive('getByAccessToken')->andReturn( - (new SessionEntity($server)) - ); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - $accessTokenStorage->shouldReceive('get')->andReturn( - (new AccessTokenEntity($server)) - ); - $accessTokenStorage->shouldReceive('delete'); - $accessTokenStorage->shouldReceive('create'); - $accessTokenStorage->shouldReceive('getScopes')->andReturn([ - (new ScopeEntity($server))->hydrate(['id' => 'foo']), - ]); - $accessTokenStorage->shouldReceive('associateScope'); - - $refreshTokenStorage = M::mock('League\OAuth2\Server\Storage\RefreshTokenInterface'); - $refreshTokenStorage->shouldReceive('setServer'); - $refreshTokenStorage->shouldReceive('associateScope'); - $refreshTokenStorage->shouldReceive('delete'); - $refreshTokenStorage->shouldReceive('create'); - $refreshTokenStorage->shouldReceive('get')->andReturn( - (new RefreshTokenEntity($server))->setId('refresh_token')->setExpireTime(time() + 86400) - ); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - $scopeStorage->shouldReceive('get')->andReturn( - (new ScopeEntity($server))->hydrate(['id' => 'foo']) - ); - - $server->setClientStorage($clientStorage); - $server->setScopeStorage($scopeStorage); - $server->setSessionStorage($sessionStorage); - $server->setAccessTokenStorage($accessTokenStorage); - $server->setRefreshTokenStorage($refreshTokenStorage); - - $server->addGrantType($grant); - - $response = $server->issueAccessToken(); - $this->assertTrue(array_key_exists('access_token', $response)); - $this->assertTrue(array_key_exists('refresh_token', $response)); - $this->assertTrue(array_key_exists('token_type', $response)); - $this->assertTrue(array_key_exists('expires_in', $response)); - $this->assertNotEquals($response['refresh_token'], $_POST['refresh_token']); - - $grant->setRefreshTokenRotation(false); - $response = $server->issueAccessToken(); - $this->assertTrue(array_key_exists('access_token', $response)); - $this->assertTrue(array_key_exists('refresh_token', $response)); - $this->assertTrue(array_key_exists('token_type', $response)); - $this->assertTrue(array_key_exists('expires_in', $response)); - $this->assertEquals($response['refresh_token'], $_POST['refresh_token']); - } -} diff --git a/tests/unit/ResourceServerTest.php b/tests/unit/ResourceServerTest.php deleted file mode 100644 index 8855abad..00000000 --- a/tests/unit/ResourceServerTest.php +++ /dev/null @@ -1,226 +0,0 @@ -shouldReceive('setServer'); - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - - $server = new ResourceServer( - $sessionStorage, - $accessTokenStorage, - $clientStorage, - $scopeStorage - ); - - return $server; - } - - public function testGetSet() - { - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - - $server = new ResourceServer( - $sessionStorage, - $accessTokenStorage, - $clientStorage, - $scopeStorage - ); - } - - public function testDetermineAccessTokenMissingToken() - { - $this->setExpectedException('League\OAuth2\Server\Exception\InvalidRequestException'); - - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - $accessTokenStorage->shouldReceive('get')->andReturn(false); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - - $server = new ResourceServer( - $sessionStorage, - $accessTokenStorage, - $clientStorage, - $scopeStorage - ); - - $request = new \Symfony\Component\HttpFoundation\Request(); - $request->headers = new \Symfony\Component\HttpFoundation\ParameterBag([ - 'HTTP_AUTHORIZATION' => 'Bearer', - ]); - $server->setRequest($request); - - $reflector = new \ReflectionClass($server); - $method = $reflector->getMethod('determineAccessToken'); - $method->setAccessible(true); - - $method->invoke($server); - } - - public function testIsValidNotValid() - { - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - $accessTokenStorage->shouldReceive('get')->andReturn(false); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - - $server = new ResourceServer( - $sessionStorage, - $accessTokenStorage, - $clientStorage, - $scopeStorage - ); - - $this->setExpectedException('League\OAuth2\Server\Exception\AccessDeniedException'); - $server->isValidRequest(false, 'foobar'); - } - - public function testIsValid() - { - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - - $server = new ResourceServer( - $sessionStorage, - $accessTokenStorage, - $clientStorage, - $scopeStorage - ); - - $server->setIdKey('at'); - - $server->addEventListener('session.owner', function ($event) { - $this->assertTrue($event->getSession() instanceof \League\OAuth2\Server\Entity\SessionEntity); - }); - - $accessTokenStorage->shouldReceive('get')->andReturn( - (new AccessTokenEntity($server))->setId('abcdef')->setExpireTime(time() + 300) - ); - - $accessTokenStorage->shouldReceive('getScopes')->andReturn([ - (new ScopeEntity($server))->hydrate(['id' => 'foo']), - (new ScopeEntity($server))->hydrate(['id' => 'bar']), - ]); - - $sessionStorage->shouldReceive('getByAccessToken')->andReturn( - (new SessionEntity($server))->setId('foobar')->setOwner('user', 123) - ); - - $clientStorage->shouldReceive('getBySession')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - - $request = new \Symfony\Component\HttpFoundation\Request(); - $request->headers = new \Symfony\Component\HttpFoundation\ParameterBag([ - 'Authorization' => 'Bearer abcdef', - ]); - $server->setRequest($request); - - $this->assertTrue($server->isValidRequest()); - $this->assertEquals('abcdef', $server->getAccessToken()); - } - - /** - * @expectedException League\OAuth2\Server\Exception\AccessDeniedException - */ - public function testIsValidExpiredToken() - { - $sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface'); - $sessionStorage->shouldReceive('setServer'); - - $accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface'); - $accessTokenStorage->shouldReceive('setServer'); - - $clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface'); - $clientStorage->shouldReceive('setServer'); - - $scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface'); - $scopeStorage->shouldReceive('setServer'); - - $server = new ResourceServer( - $sessionStorage, - $accessTokenStorage, - $clientStorage, - $scopeStorage - ); - - $server->setIdKey('at'); - - $server->addEventListener('session.owner', function ($event) { - $this->assertTrue($event->getSession() instanceof \League\OAuth2\Server\Entity\SessionEntity); - }); - - $accessTokenStorage->shouldReceive('get')->andReturn( - (new AccessTokenEntity($server))->setId('abcdef')->setExpireTime(time() - 300) - ); - - $accessTokenStorage->shouldReceive('getScopes')->andReturn([ - (new ScopeEntity($server))->hydrate(['id' => 'foo']), - (new ScopeEntity($server))->hydrate(['id' => 'bar']), - ]); - - $sessionStorage->shouldReceive('getByAccessToken')->andReturn( - (new SessionEntity($server))->setId('foobar')->setOwner('user', 123) - ); - - $clientStorage->shouldReceive('getBySession')->andReturn( - (new ClientEntity($server))->hydrate(['id' => 'testapp']) - ); - - $request = new \Symfony\Component\HttpFoundation\Request(); - $request->headers = new \Symfony\Component\HttpFoundation\ParameterBag([ - 'Authorization' => 'Bearer abcdef', - ]); - $server->setRequest($request); - - $server->isValidRequest(); - } -} diff --git a/tests/unit/Storage/AbstractStorageTest.php b/tests/unit/Storage/AbstractStorageTest.php deleted file mode 100644 index 30312cb7..00000000 --- a/tests/unit/Storage/AbstractStorageTest.php +++ /dev/null @@ -1,23 +0,0 @@ -getMethod('setServer'); - $setMethod->setAccessible(true); - $setMethod->invokeArgs($storage, [new StubAbstractServer()]); - $getMethod = $reflector->getMethod('getServer'); - $getMethod->setAccessible(true); - - $this->assertTrue($getMethod->invoke($storage) instanceof StubAbstractServer); - } -} diff --git a/tests/unit/Stubs/StubAbstractGrant.php b/tests/unit/Stubs/StubAbstractGrant.php deleted file mode 100644 index d58fb56e..00000000 --- a/tests/unit/Stubs/StubAbstractGrant.php +++ /dev/null @@ -1,18 +0,0 @@ -server; - } -} diff --git a/tests/unit/Stubs/StubAbstractServer.php b/tests/unit/Stubs/StubAbstractServer.php deleted file mode 100644 index 9254d80d..00000000 --- a/tests/unit/Stubs/StubAbstractServer.php +++ /dev/null @@ -1,8 +0,0 @@ -shouldReceive('create'); - - $server = new AuthorizationServer(); - $server->setMacStorage($macStorage); - - $tokenType = new MAC(); - $tokenType->setServer($server); - - $accessToken = new AccessTokenEntity($server); - $accessToken->setId(uniqid()); - $accessToken->setExpireTime(time()); - - $tokenType->setParam('access_token', $accessToken->getId()); - $tokenType->setParam('expires_in', 3600); - - $response = $tokenType->generateResponse(); - - $this->assertEquals($accessToken->getId(), $response['access_token']); - $this->assertEquals('mac', $response['token_type']); - $this->assertEquals(3600, $response['expires_in']); - $this->assertEquals('hmac-sha-256', $response['mac_algorithm']); - $this->assertArrayHasKey('mac_key', $response); - } - - public function testDetermineAccessTokenInHeaderValid() - { - $macStorage = M::mock('\League\OAuth2\Server\Storage\MacTokenInterface'); - $macStorage->shouldReceive('getByAccessToken')->andReturn('abcdef'); - - $server = new AuthorizationServer(); - $server->setMacStorage($macStorage); - - $ts = time(); - - $request = Request::createFromGlobals(); - $calculatedSignatureParts = [ - $ts, - 'foo', - strtoupper($request->getMethod()), - $request->getUri(), - $request->getHost(), - $request->getPort(), - 'ext' - ]; - $calculatedSignature = base64_encode(hash_hmac('sha256', implode("\n", $calculatedSignatureParts), 'abcdef')); - - $request->headers->set('Authorization', sprintf('MAC id="foo", nonce="foo", ts="%s", mac="%s", ext="ext"', $ts, $calculatedSignature)); - - $tokenType = new MAC(); - $tokenType->setServer($server); - - $response = $tokenType->determineAccessTokenInHeader($request); - $this->assertEquals('foo', $response); - } - - public function testDetermineAccessTokenInHeaderMissingHeader() - { - $macStorage = M::mock('\League\OAuth2\Server\Storage\MacTokenInterface'); - $macStorage->shouldReceive('getByAccessToken')->andReturn('abcdef'); - - $server = new AuthorizationServer(); - $server->setMacStorage($macStorage); - - $request = Request::createFromGlobals(); - $tokenType = new MAC(); - $tokenType->setServer($server); - - $response = $tokenType->determineAccessTokenInHeader($request); - - $this->assertEquals(null, $response); - } - - public function testDetermineAccessTokenInHeaderMissingAuthMac() - { - $macStorage = M::mock('\League\OAuth2\Server\Storage\MacTokenInterface'); - $macStorage->shouldReceive('getByAccessToken')->andReturn('abcdef'); - - $server = new AuthorizationServer(); - $server->setMacStorage($macStorage); - - $request = Request::createFromGlobals(); - $request->headers->set('Authorization', ''); - - $tokenType = new MAC(); - $tokenType->setServer($server); - - $response = $tokenType->determineAccessTokenInHeader($request); - - $this->assertEquals(null, $response); - } - - public function testDetermineAccessTokenInHeaderInvalidParam() - { - $macStorage = M::mock('\League\OAuth2\Server\Storage\MacTokenInterface'); - $macStorage->shouldReceive('getByAccessToken')->andReturn('abcdef'); - - $server = new AuthorizationServer(); - $server->setMacStorage($macStorage); - - $request = Request::createFromGlobals(); - $request->headers->set('Authorization', 'MAC '); - - $tokenType = new MAC(); - $tokenType->setServer($server); - - $response = $tokenType->determineAccessTokenInHeader($request); - - $this->assertEquals(null, $response); - } - - public function testDetermineAccessTokenInHeaderMismatchTimestamp() - { - $macStorage = M::mock('\League\OAuth2\Server\Storage\MacTokenInterface'); - $macStorage->shouldReceive('getByAccessToken')->andReturn('abcdef'); - - $server = new AuthorizationServer(); - $server->setMacStorage($macStorage); - - $ts = time() - 100; - - $request = Request::createFromGlobals(); - $request->headers->set('Authorization', sprintf('MAC id="foo", nonce="foo", ts="%s", mac="%s", ext="ext"', $ts, 'foo')); - - $tokenType = new MAC(); - $tokenType->setServer($server); - - $response = $tokenType->determineAccessTokenInHeader($request); - $this->assertEquals(null, $response); - } - - public function testDetermineAccessTokenInHeaderMissingMacKey() - { - $macStorage = M::mock('\League\OAuth2\Server\Storage\MacTokenInterface'); - $macStorage->shouldReceive('getByAccessToken')->andReturn(null); - - $server = new AuthorizationServer(); - $server->setMacStorage($macStorage); - - $ts = time(); - - $request = Request::createFromGlobals(); - $request->headers->set('Authorization', sprintf('MAC id="foo", nonce="foo", ts="%s", mac="%s", ext="ext"', $ts, 'foo')); - - $tokenType = new MAC(); - $tokenType->setServer($server); - - $response = $tokenType->determineAccessTokenInHeader($request); - $this->assertEquals(null, $response); - } -} diff --git a/tests/unit/util/RedirectUriTest.php b/tests/unit/util/RedirectUriTest.php deleted file mode 100644 index 6b677404..00000000 --- a/tests/unit/util/RedirectUriTest.php +++ /dev/null @@ -1,19 +0,0 @@ - 'bar']); - $v2 = RedirectUri::make('https://foobar/', ['foo' => 'bar'], '#'); - $v3 = RedirectUri::make('https://foobar/', ['foo' => 'bar', 'bar' => 'foo']); - - $this->assertEquals('https://foobar/?foo=bar', $v1); - $this->assertEquals('https://foobar/#foo=bar', $v2); - $this->assertEquals('https://foobar/?foo=bar&bar=foo', $v3); - } -} diff --git a/tests/unit/util/SecureKeyTest.php b/tests/unit/util/SecureKeyTest.php deleted file mode 100644 index 394226f5..00000000 --- a/tests/unit/util/SecureKeyTest.php +++ /dev/null @@ -1,35 +0,0 @@ -assertEquals(40, strlen($v1)); - $this->assertTrue($v1 !== $v2); - $this->assertEquals(50, strlen($v3)); - } - - public function testGenerateWithDifferentAlgorithm() - { - $algorithm = $this->getMock('League\OAuth2\Server\Util\KeyAlgorithm\KeyAlgorithmInterface'); - - $result = 'dasdsdsaads'; - $algorithm - ->expects($this->once()) - ->method('generate') - ->with(11) - ->will($this->returnValue($result)); - - SecureKey::setAlgorithm($algorithm); - $this->assertSame($algorithm, SecureKey::getAlgorithm()); - $this->assertEquals($result, SecureKey::generate(11)); - } -} From 9a8b7ec898c91bf0f3d84ccaf98cd99579230f58 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Fri, 12 Feb 2016 17:46:30 +0000 Subject: [PATCH 02/13] Removed old codecept tests --- codeception.yml | 10 --- .../AuthorizationCodeRequestEntity.php | 79 ------------------- tests/_output/.gitignore | 0 tests/_support/ApiHelper.php | 10 --- tests/api/ClientCredentialsCept.php | 17 ---- .../ClientCredentialsInvalidClientIdCept.php | 17 ---- ...ientCredentialsInvalidClientSecretCept.php | 17 ---- .../ClientCredentialsMissingClientIdCept.php | 15 ---- ...ientCredentialsMissingClientSecretCept.php | 16 ---- tests/api/_bootstrap.php | 2 - 10 files changed, 183 deletions(-) delete mode 100644 codeception.yml delete mode 100644 src/Entities/AuthorizationCodeRequestEntity.php delete mode 100644 tests/_output/.gitignore delete mode 100644 tests/_support/ApiHelper.php delete mode 100644 tests/api/ClientCredentialsCept.php delete mode 100644 tests/api/ClientCredentialsInvalidClientIdCept.php delete mode 100644 tests/api/ClientCredentialsInvalidClientSecretCept.php delete mode 100644 tests/api/ClientCredentialsMissingClientIdCept.php delete mode 100644 tests/api/ClientCredentialsMissingClientSecretCept.php delete mode 100644 tests/api/_bootstrap.php diff --git a/codeception.yml b/codeception.yml deleted file mode 100644 index 35fa7fde..00000000 --- a/codeception.yml +++ /dev/null @@ -1,10 +0,0 @@ -actor: Tester -paths: - tests: tests - log: tests/_output - data: tests/_data - helpers: tests/_support -settings: - bootstrap: _bootstrap.php - colors: true - memory_limit: 1024M \ No newline at end of file diff --git a/src/Entities/AuthorizationCodeRequestEntity.php b/src/Entities/AuthorizationCodeRequestEntity.php deleted file mode 100644 index bd401b24..00000000 --- a/src/Entities/AuthorizationCodeRequestEntity.php +++ /dev/null @@ -1,79 +0,0 @@ -clientId; - } - - /** - * @return null|string - */ - public function getRedirectUri() - { - return $this->redirectUri; - } - - /** - * @return null|string - */ - public function getScope() - { - return $this->scope; - } - - /** - * @return null|string - */ - public function getState() - { - return $this->state; - } - - /** - * AuthorizationCodeRequestEntity constructor. - * - * @param string $clientId - * @param string|null $redirectUri - * @param string|null $scope - * @param string|null $state - */ - public function __construct($clientId, $redirectUri = null, $scope = null, $state = null) - { - $this->clientId = $clientId; - $this->redirectUri = $redirectUri; - $this->scope = $scope; - $this->state = $state; - } - - public function __sleep() - { - return ['clientId', 'redirectUri', 'scope', 'state']; - } -} diff --git a/tests/_output/.gitignore b/tests/_output/.gitignore deleted file mode 100644 index e69de29b..00000000 diff --git a/tests/_support/ApiHelper.php b/tests/_support/ApiHelper.php deleted file mode 100644 index 5fcdbe2c..00000000 --- a/tests/_support/ApiHelper.php +++ /dev/null @@ -1,10 +0,0 @@ -wantTo('get an access token using the client credentials grant'); -$I->sendPOST( - 'client_credentials.php/access_token', - [ - 'grant_type' => 'client_credentials', - 'client_id' => 'myawesomeapp', - 'client_secret' => 'abc123', - 'scope' => 'basic' - ] -); -$I->canSeeResponseCodeIs(200); -$I->canSeeResponseIsJson(); -$I->seeResponseJsonMatchesJsonPath('$.token_type'); -$I->seeResponseJsonMatchesJsonPath('$.expires_in'); -$I->seeResponseJsonMatchesJsonPath('$.access_token'); \ No newline at end of file diff --git a/tests/api/ClientCredentialsInvalidClientIdCept.php b/tests/api/ClientCredentialsInvalidClientIdCept.php deleted file mode 100644 index 97f9fce4..00000000 --- a/tests/api/ClientCredentialsInvalidClientIdCept.php +++ /dev/null @@ -1,17 +0,0 @@ -wantTo('get an access token using the client credentials grant, invalid client id'); -$I->sendPOST( - 'client_credentials.php/access_token', - [ - 'grant_type' => 'client_credentials', - 'client_id' => 'myawesomeapp-wrong', - 'client_secret' => 'foobar' - ] -); -$I->canSeeResponseCodeIs(401); -$I->canSeeResponseIsJson(); -$I->seeResponseContainsJson([ - 'error' => 'invalid_client', - 'message' => 'Client authentication failed.' -]); diff --git a/tests/api/ClientCredentialsInvalidClientSecretCept.php b/tests/api/ClientCredentialsInvalidClientSecretCept.php deleted file mode 100644 index fe4f88fc..00000000 --- a/tests/api/ClientCredentialsInvalidClientSecretCept.php +++ /dev/null @@ -1,17 +0,0 @@ -wantTo('get an access token using the client credentials grant, invalid client secret'); -$I->sendPOST( - 'client_credentials.php/access_token', - [ - 'grant_type' => 'client_credentials', - 'client_id' => 'myawesomeapp', - 'client_secret' => 'foobar' - ] -); -$I->canSeeResponseCodeIs(401); -$I->canSeeResponseIsJson(); -$I->seeResponseContainsJson([ - 'error' => 'invalid_client', - 'message' => 'Client authentication failed.' -]); diff --git a/tests/api/ClientCredentialsMissingClientIdCept.php b/tests/api/ClientCredentialsMissingClientIdCept.php deleted file mode 100644 index 68135cdb..00000000 --- a/tests/api/ClientCredentialsMissingClientIdCept.php +++ /dev/null @@ -1,15 +0,0 @@ -wantTo('get an access token using the client credentials grant, missing client id'); -$I->sendPOST( - 'client_credentials.php/access_token', - [ - 'grant_type' => 'client_credentials' - ] -); -$I->canSeeResponseCodeIs(400); -$I->canSeeResponseIsJson(); -$I->seeResponseContainsJson([ - 'error' => 'invalid_request', - 'message' => 'The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the "client_id" parameter.' -]); diff --git a/tests/api/ClientCredentialsMissingClientSecretCept.php b/tests/api/ClientCredentialsMissingClientSecretCept.php deleted file mode 100644 index 369e22d6..00000000 --- a/tests/api/ClientCredentialsMissingClientSecretCept.php +++ /dev/null @@ -1,16 +0,0 @@ -wantTo('get an access token using the client credentials grant, missing client secret'); -$I->sendPOST( - 'client_credentials.php/access_token', - [ - 'grant_type' => 'client_credentials', - 'client_id' => 'myawesomeapp' - ] -); -$I->canSeeResponseCodeIs(400); -$I->canSeeResponseIsJson(); -$I->seeResponseContainsJson([ - 'error' => 'invalid_request', - 'message' => 'The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the "client_secret" parameter.' -]); diff --git a/tests/api/_bootstrap.php b/tests/api/_bootstrap.php deleted file mode 100644 index 8a885558..00000000 --- a/tests/api/_bootstrap.php +++ /dev/null @@ -1,2 +0,0 @@ - Date: Fri, 12 Feb 2016 17:46:42 +0000 Subject: [PATCH 03/13] Ignore build folder --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 3b5992e5..6b74c032 100644 --- a/.gitignore +++ b/.gitignore @@ -6,3 +6,4 @@ phpunit.xml /tests/_output examples/public.key examples/private.key +build From 21e2ccd0fbd03670abc8e16b62d635dbfbcdca51 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Fri, 12 Feb 2016 17:51:10 +0000 Subject: [PATCH 04/13] Removed codeception --- composer.json | 7 ++----- tests/_bootstrap.php | 2 -- tests/api.suite.yml | 8 -------- tests/unit/Bootstrap.php | 5 ----- 4 files changed, 2 insertions(+), 20 deletions(-) delete mode 100644 tests/_bootstrap.php delete mode 100644 tests/api.suite.yml delete mode 100644 tests/unit/Bootstrap.php diff --git a/composer.json b/composer.json index 55357050..a1bfda41 100644 --- a/composer.json +++ b/composer.json @@ -11,10 +11,7 @@ "paragonie/random_compat": "^1.1" }, "require-dev": { - "phpunit/phpunit": "4.8.*", - "mockery/mockery": "0.9.*", - "codeception/codeception": "~2.0", - "flow/jsonpath": "0.2.*" + "phpunit/phpunit": "4.8.*" }, "repositories": [ { @@ -57,7 +54,7 @@ }, "autoload-dev": { "psr-4": { - "LeagueTests\\": "tests/unit/" + "LeagueTests\\": "tests/" } }, "extra": { diff --git a/tests/_bootstrap.php b/tests/_bootstrap.php deleted file mode 100644 index 243f9c85..00000000 --- a/tests/_bootstrap.php +++ /dev/null @@ -1,2 +0,0 @@ - wget http://getcomposer.org/composer.phar\n> php composer.phar install\n"); -} From fa3fb36ed8e8f2720c78cd083c62dbc771626143 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Fri, 12 Feb 2016 17:51:16 +0000 Subject: [PATCH 05/13] Updated .travis.yml --- .travis.yml | 31 ++----------------------------- 1 file changed, 2 insertions(+), 29 deletions(-) diff --git a/.travis.yml b/.travis.yml index 9ab34bb5..3ebf76cd 100644 --- a/.travis.yml +++ b/.travis.yml @@ -15,37 +15,10 @@ php: install: - travis_retry composer install --no-interaction --prefer-source -before_script: - - cd examples/ - - composer install - - cd public/ - - php -S localhost:7777 & - - cd ../.. - script: - - vendor/bin/codecept build && vendor/bin/codecept run - -after_script: - - wget https://scrutinizer-ci.com/ocular.phar - - php ocular.phar code-coverage:upload --format=php-clover coverage.clover - - git config --global user.email "travis@travis-ci.org" - - git config --global user.name "TravisCI" - - cp -R coverage ${HOME}/coverage - - cd ${HOME} - - git clone --quiet --branch=gh-pages https://${GITHUBTOKEN}@github.com/thephpleague/oauth2-server.git gh-pages > /dev/null - - cd gh-pages - - mkdir ${TRAVIS_BRANCH} - - cd ${TRAVIS_BRANCH} - - cp -Rf $HOME/coverage/* . - - git add -f . - - git commit -m "Travis pushed coverage of ${TRAVIS_COMMIT}@${TRAVIS_BRANCH} to gh-pages" - - git push -fq origin gh-pages > /dev/null + - vendor/bin/phpunit branches: only: - master - - v5 - -env: - global: - secure: "C4wD/BQefKSu9W594iyLp+IBCjlM8kKlmp+nXKXnZGi0L8IkV3m4mmNOb8PExxGMhZ3mlev5DnU4Uoh4oJaUxnkR1FpX4dSEpyzU3VknUzSE2yZOlL+bdCw3o85TGoCcp/+ReJCOw5sncxTskJKHlW1YMa33FznaXwLNoImpjTg=" \ No newline at end of file + - V5-WIP \ No newline at end of file From 174ae490fcb28c30b57c5c76972090e7bddb56d9 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Fri, 12 Feb 2016 17:51:28 +0000 Subject: [PATCH 06/13] Updated .gitignore / .gitattributes files --- .gitattributes | 3 +-- .gitignore | 1 - 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/.gitattributes b/.gitattributes index 58a5e5e6..d85a794e 100644 --- a/.gitattributes +++ b/.gitattributes @@ -7,8 +7,7 @@ /.travis.yml export-ignore .travis.yml export-ignore .scrutinizer.yml export-ignore -/codeception.yml export-ignore /phpunit.xml.dist export-ignore /CHANGELOG.md export-ignore /CONTRIBUTING.md export-ignore -/README.md export-ignore +/README.md export-ignore \ No newline at end of file diff --git a/.gitignore b/.gitignore index 6b74c032..897c80b1 100644 --- a/.gitignore +++ b/.gitignore @@ -3,7 +3,6 @@ phpunit.xml .idea /examples/vendor -/tests/_output examples/public.key examples/private.key build From 29068dd84c3e035cd95d2ebf2ab4b9faf082c564 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Fri, 12 Feb 2016 17:51:59 +0000 Subject: [PATCH 07/13] Removed responseWith method --- src/Grant/AbstractGrant.php | 15 --------------- 1 file changed, 15 deletions(-) diff --git a/src/Grant/AbstractGrant.php b/src/Grant/AbstractGrant.php index 39fbf543..5722357f 100644 --- a/src/Grant/AbstractGrant.php +++ b/src/Grant/AbstractGrant.php @@ -35,13 +35,6 @@ abstract class AbstractGrant implements GrantTypeInterface const SCOPE_DELIMITER_STRING = ' '; - /** - * Grant responds with - * - * @var string - */ - protected $respondsWith = 'token'; - /** * @var ServerRequestInterface */ @@ -133,14 +126,6 @@ abstract class AbstractGrant implements GrantTypeInterface $this->refreshTokenTTL = $refreshTokenTTL; } - /** - * {@inheritdoc} - */ - public function respondsWith() - { - return $this->respondsWith; - } - /** * Validate the client * From 7f2fd69d0a6df721d30ac2e6fcf554ff14d2a79c Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Fri, 12 Feb 2016 17:52:37 +0000 Subject: [PATCH 08/13] Removed respondsWith from interface --- src/Grant/GrantTypeInterface.php | 7 ------- 1 file changed, 7 deletions(-) diff --git a/src/Grant/GrantTypeInterface.php b/src/Grant/GrantTypeInterface.php index 698639d9..1341c1fa 100644 --- a/src/Grant/GrantTypeInterface.php +++ b/src/Grant/GrantTypeInterface.php @@ -37,13 +37,6 @@ interface GrantTypeInterface extends EmitterAwareInterface */ public function getIdentifier(); - /** - * Details what the grant responds with - * - * @return string - */ - public function respondsWith(); - /** * Respond to an incoming request * From 08ad67e4011cac7b22288e73911fbd95ebdf6bbe Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Fri, 12 Feb 2016 17:53:07 +0000 Subject: [PATCH 09/13] Updated phpunit tests --- phpunit.xml.dist | 6 +- tests/Bootstrap.php | 5 + tests/Grant/AbstractGrantTest.php | 289 ++++++++++++++++++++++++++++++ 3 files changed, 297 insertions(+), 3 deletions(-) create mode 100644 tests/Bootstrap.php create mode 100644 tests/Grant/AbstractGrantTest.php diff --git a/phpunit.xml.dist b/phpunit.xml.dist index f78850c1..43c0a02c 100644 --- a/phpunit.xml.dist +++ b/phpunit.xml.dist @@ -1,8 +1,8 @@ - + - ./tests/unit/ + ./tests/ @@ -11,7 +11,7 @@ - + diff --git a/tests/Bootstrap.php b/tests/Bootstrap.php new file mode 100644 index 00000000..7f8cf458 --- /dev/null +++ b/tests/Bootstrap.php @@ -0,0 +1,5 @@ + wget http://getcomposer.org/composer.phar\n> php composer.phar install\n"); +} diff --git a/tests/Grant/AbstractGrantTest.php b/tests/Grant/AbstractGrantTest.php new file mode 100644 index 00000000..30e0079c --- /dev/null +++ b/tests/Grant/AbstractGrantTest.php @@ -0,0 +1,289 @@ +getMock(ClientRepositoryInterface::class); + $accessTokenRepositoryMock = $this->getMock(AccessTokenRepositoryInterface::class); + $scopeRepositoryMock = $this->getMock(ScopeRepositoryInterface::class); + + /** @var AbstractGrant $grantMock */ + $grantMock = $this->getMockForAbstractClass(AbstractGrant::class); + $grantMock->setClientRepository($clientRepositoryMock); + $grantMock->setAccessTokenRepository($accessTokenRepositoryMock); + $grantMock->setScopeRepository($scopeRepositoryMock); + $grantMock->setPathToPrivateKey('./private.key'); + $grantMock->setPathToPublicKey('./public.key'); + $grantMock->setEmitter(new Emitter()); + $grantMock->setRefreshTokenTTL(new \DateInterval('PT1H')); + } + + public function testValidateClient() + { + $client = new ClientEntity(); + $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); + $clientRepositoryMock->method('getClientEntity')->willReturn($client); + + /** @var AbstractGrant $grantMock */ + $grantMock = $this->getMockForAbstractClass(AbstractGrant::class); + $grantMock->setClientRepository($clientRepositoryMock); + + $abstractGrantReflection = new \ReflectionClass($grantMock); + + $serverRequest = new ServerRequest(); + $serverRequest = $serverRequest->withParsedBody( + [ + 'client_id' => 'foo', + 'client_secret' => 'bar', + 'redirect_uri' => 'http://foo/bar', + ] + ); + $validateClientMethod = $abstractGrantReflection->getMethod('validateClient'); + $validateClientMethod->setAccessible(true); + + $result = $validateClientMethod->invoke($grantMock, $serverRequest, true, true); + $this->assertEquals($client, $result); + } + + /** + * @expectedException \League\OAuth2\Server\Exception\OAuthServerException + */ + public function testValidateClientMissingClientId() + { + $client = new ClientEntity(); + $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); + $clientRepositoryMock->method('getClientEntity')->willReturn($client); + + /** @var AbstractGrant $grantMock */ + $grantMock = $this->getMockForAbstractClass(AbstractGrant::class); + $grantMock->setClientRepository($clientRepositoryMock); + + $abstractGrantReflection = new \ReflectionClass($grantMock); + + $serverRequest = new ServerRequest(); + $validateClientMethod = $abstractGrantReflection->getMethod('validateClient'); + $validateClientMethod->setAccessible(true); + + $validateClientMethod->invoke($grantMock, $serverRequest, true, true); + } + + /** + * @expectedException \League\OAuth2\Server\Exception\OAuthServerException + */ + public function testValidateClientMissingClientSecret() + { + $client = new ClientEntity(); + $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); + $clientRepositoryMock->method('getClientEntity')->willReturn($client); + + /** @var AbstractGrant $grantMock */ + $grantMock = $this->getMockForAbstractClass(AbstractGrant::class); + $grantMock->setClientRepository($clientRepositoryMock); + + $abstractGrantReflection = new \ReflectionClass($grantMock); + + $serverRequest = new ServerRequest(); + $serverRequest = $serverRequest->withParsedBody([ + 'client_id' => 'foo', + ]); + + $validateClientMethod = $abstractGrantReflection->getMethod('validateClient'); + $validateClientMethod->setAccessible(true); + + $validateClientMethod->invoke($grantMock, $serverRequest, true, true); + } + + /** + * @expectedException \League\OAuth2\Server\Exception\OAuthServerException + */ + public function testValidateClientMissingRedirectUri() + { + $client = new ClientEntity(); + $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); + $clientRepositoryMock->method('getClientEntity')->willReturn($client); + + /** @var AbstractGrant $grantMock */ + $grantMock = $this->getMockForAbstractClass(AbstractGrant::class); + $grantMock->setClientRepository($clientRepositoryMock); + + $abstractGrantReflection = new \ReflectionClass($grantMock); + + $serverRequest = new ServerRequest(); + $serverRequest = $serverRequest->withParsedBody([ + 'client_id' => 'foo', + 'client_secret' => 'bar', + ]); + + $validateClientMethod = $abstractGrantReflection->getMethod('validateClient'); + $validateClientMethod->setAccessible(true); + + $validateClientMethod->invoke($grantMock, $serverRequest, true, true); + } + + public function testCanRespondToRequest() + { + $grantMock = $this->getMockForAbstractClass(AbstractGrant::class); + $grantMock->method('getIdentifier')->willReturn('foobar'); + + $serverRequest = new ServerRequest(); + $serverRequest = $serverRequest->withParsedBody([ + 'grant_type' => 'foobar', + ]); + + $this->assertTrue($grantMock->canRespondToRequest($serverRequest)); + } + + public function testIssueRefreshToken() + { + /** @var AbstractGrant $grantMock */ + $grantMock = $this->getMockForAbstractClass(AbstractGrant::class); + $grantMock->setRefreshTokenTTL(new \DateInterval('PT1M')); + + $abstractGrantReflection = new \ReflectionClass($grantMock); + $issueRefreshTokenMethod = $abstractGrantReflection->getMethod('issueRefreshToken'); + $issueRefreshTokenMethod->setAccessible(true); + + $accessToken = new AccessTokenEntity(); + /** @var RefreshTokenEntityInterface $refreshToken */ + $refreshToken = $issueRefreshTokenMethod->invoke($grantMock, $accessToken); + $this->assertTrue($refreshToken instanceof RefreshTokenEntityInterface); + $this->assertFalse($refreshToken->isExpired()); + $this->assertEquals($accessToken, $refreshToken->getAccessToken()); + } + + public function testIssueAccessToken() + { + /** @var AbstractGrant $grantMock */ + $grantMock = $this->getMockForAbstractClass(AbstractGrant::class); + + $abstractGrantReflection = new \ReflectionClass($grantMock); + $issueAccessTokenMethod = $abstractGrantReflection->getMethod('issueAccessToken'); + $issueAccessTokenMethod->setAccessible(true); + + /** @var AccessTokenEntityInterface $accessToken */ + $accessToken = $issueAccessTokenMethod->invoke( + $grantMock, + new \DateInterval('PT1H'), + new ClientEntity(), + 123, + [new ScopeEntity()] + ); + $this->assertTrue($accessToken instanceof AccessTokenEntityInterface); + $this->assertFalse($accessToken->isExpired()); + } + + public function testIssueAuthCode() + { + /** @var AbstractGrant $grantMock */ + $grantMock = $this->getMockForAbstractClass(AbstractGrant::class); + + $abstractGrantReflection = new \ReflectionClass($grantMock); + $issueAuthCodeMethod = $abstractGrantReflection->getMethod('issueAuthCode'); + $issueAuthCodeMethod->setAccessible(true); + + $this->assertTrue( + $issueAuthCodeMethod->invoke( + $grantMock, + new \DateInterval('PT1H'), + new ClientEntity(), + 123, + 'http://foo/bar', + [new ScopeEntity()] + ) instanceof AuthCodeEntityInterface + ); + } + + public function testGetCookieParameter() + { + $grantMock = $this->getMockForAbstractClass(AbstractGrant::class); + $grantMock->method('getIdentifier')->willReturn('foobar'); + + $abstractGrantReflection = new \ReflectionClass($grantMock); + $method = $abstractGrantReflection->getMethod('getCookieParameter'); + $method->setAccessible(true); + + $serverRequest = new ServerRequest(); + $serverRequest = $serverRequest->withCookieParams([ + 'foo' => 'bar', + ]); + + $this->assertEquals('bar', $method->invoke($grantMock, 'foo', $serverRequest)); + $this->assertEquals('foo', $method->invoke($grantMock, 'bar', $serverRequest, 'foo')); + } + + public function testGetQueryStringParameter() + { + $grantMock = $this->getMockForAbstractClass(AbstractGrant::class); + $grantMock->method('getIdentifier')->willReturn('foobar'); + + $abstractGrantReflection = new \ReflectionClass($grantMock); + $method = $abstractGrantReflection->getMethod('getQueryStringParameter'); + $method->setAccessible(true); + + $serverRequest = new ServerRequest(); + $serverRequest = $serverRequest->withQueryParams([ + 'foo' => 'bar', + ]); + + $this->assertEquals('bar', $method->invoke($grantMock, 'foo', $serverRequest)); + $this->assertEquals('foo', $method->invoke($grantMock, 'bar', $serverRequest, 'foo')); + } + + public function testValidateScopes() + { + $scope = new ScopeEntity(); + $scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock(); + $scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scope); + + /** @var AbstractGrant $grantMock */ + $grantMock = $this->getMockForAbstractClass(AbstractGrant::class); + $grantMock->setScopeRepository($scopeRepositoryMock); + + $serverRequest = new ServerRequest(); + $serverRequest = $serverRequest->withParsedBody( + [ + 'scope' => 'basic ', + ] + ); + + $this->assertEquals([$scope], $grantMock->validateScopes($serverRequest, new ClientEntity())); + } + + /** + * @expectedException \League\OAuth2\Server\Exception\OAuthServerException + */ + public function testValidateScopesBadScope() + { + $scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock(); + $scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn(null); + + /** @var AbstractGrant $grantMock */ + $grantMock = $this->getMockForAbstractClass(AbstractGrant::class); + $grantMock->setScopeRepository($scopeRepositoryMock); + + $serverRequest = new ServerRequest(); + $serverRequest = $serverRequest->withParsedBody( + [ + 'scope' => 'basic ', + ] + ); + + $grantMock->validateScopes($serverRequest, new ClientEntity()); + } +} From e20c529f3963ab55d2106c26e8fe112c2d7527a1 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Fri, 12 Feb 2016 17:53:42 +0000 Subject: [PATCH 10/13] Added isExpired method to refresh token --- src/Entities/Interfaces/RefreshTokenEntityInterface.php | 6 ++++++ src/Entities/Traits/RefreshTokenTrait.php | 9 +++++++++ 2 files changed, 15 insertions(+) diff --git a/src/Entities/Interfaces/RefreshTokenEntityInterface.php b/src/Entities/Interfaces/RefreshTokenEntityInterface.php index a095d4a1..5b382754 100644 --- a/src/Entities/Interfaces/RefreshTokenEntityInterface.php +++ b/src/Entities/Interfaces/RefreshTokenEntityInterface.php @@ -39,4 +39,10 @@ interface RefreshTokenEntityInterface * @return \League\OAuth2\Server\Entities\Interfaces\AccessTokenEntityInterface */ public function getAccessToken(); + + /** + * Has the token expired? + * @return bool + */ + public function isExpired(); } diff --git a/src/Entities/Traits/RefreshTokenTrait.php b/src/Entities/Traits/RefreshTokenTrait.php index 0e0a3500..b0e2a247 100644 --- a/src/Entities/Traits/RefreshTokenTrait.php +++ b/src/Entities/Traits/RefreshTokenTrait.php @@ -50,4 +50,13 @@ trait RefreshTokenTrait { $this->expiryDateTime = $dateTime; } + + /** + * Has the token expired? + * @return bool + */ + public function isExpired() + { + return (new DateTime()) > $this->getExpiryDateTime(); + } } From de13e14cdd50dc0a92d3d5c74fd51e89300a12d6 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Fri, 12 Feb 2016 18:08:13 +0000 Subject: [PATCH 11/13] Added test/Utils --- tests/Utils/KeyCryptTest.php | 34 ++++++++++++++++++++++++++++++++++ tests/Utils/SecureKeyTest.php | 13 +++++++++++++ tests/Utils/private.key | 15 +++++++++++++++ tests/Utils/public.key | 6 ++++++ 4 files changed, 68 insertions(+) create mode 100644 tests/Utils/KeyCryptTest.php create mode 100644 tests/Utils/SecureKeyTest.php create mode 100644 tests/Utils/private.key create mode 100644 tests/Utils/public.key diff --git a/tests/Utils/KeyCryptTest.php b/tests/Utils/KeyCryptTest.php new file mode 100644 index 00000000..9720dbd3 --- /dev/null +++ b/tests/Utils/KeyCryptTest.php @@ -0,0 +1,34 @@ +assertNotEquals($payload, $encrypted); + $this->assertEquals($payload, $plainText); + } + + /** + * @expectedException \LogicException + */ + public function testBadPrivateKey() + { + KeyCrypt::encrypt('', 'file://'.__DIR__.'/public.key'); + } + + /** + * @expectedException \LogicException + */ + public function testBadPublicKey() + { + KeyCrypt::decrypt('', 'file://'.__DIR__.'/private.key'); + } +} diff --git a/tests/Utils/SecureKeyTest.php b/tests/Utils/SecureKeyTest.php new file mode 100644 index 00000000..aebdb755 --- /dev/null +++ b/tests/Utils/SecureKeyTest.php @@ -0,0 +1,13 @@ +assertTrue(is_string(SecureKey::generate())); + } +} diff --git a/tests/Utils/private.key b/tests/Utils/private.key new file mode 100644 index 00000000..1d6a3bf6 --- /dev/null +++ b/tests/Utils/private.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXgIBAAKBgQDOBcFjGUlo3BJ9zjwQLgAHn6Oy5Si0uB7MublTiPob8rWTiCE4 +weAFqzPoAB07vB0t0f8c1R8rmwHMD5ljWPBgJ8FewtwAUzprOBcau6DWukd/TKxX +WeVLAl/NZxijI+jR5QDBYLNBtj1G4LBVHMmINd3ryCycbf9ac3rcC8zhrQIDAQAB +AoGADfOJ0wIlXHp6rhZHLvlOezWuSjEGfqZxP3/cMvH1rerTrPfs+AD5AKlFTJKl +aCQm/bFYy0ULZVKL3pu30Wh2bo1nh/wLuLSI9Nz3O8jqAP3z0i07SoRoQmb8fRnn +dwoDFqnk3uGqcOenheSqheIgl9vdW/3avhD6nkMKZGxPYwECQQDoSj/xHogEzMqB +1Z2E5H/exeE9GQ7+dGITRR2MSgo9WvcKdRhGaQ44dsnTmqiZWAfqAPJjTQIIA/Cn +YRRTeBbNAkEA4w0iEvCIygGQOAnWuvVzlh+pxIB+BTeGkbiBG7nkYYc9b6B/Tw1B +GWGRddBr/FIfPvy1X2ip/TBpH+9bHnE2YQJBAIbZw/EYhmIy+UUSW9WwSUNsoOu1 +Rm0V53HEZ/jvaq5fxpa9j5AgoO7KlzROzp3m6wE/93cKV6mLkAO7ae9jAekCQQCf +B6DZIS6+RrAMACAt3SOzf8P6BYG/B7Ayusd7cw2ang4S9JiW9xKkw2kN2wj3t1F5 +XalwBTAjTdgj7ROmU+ehAkEAkOyXKONGBoVfaixRHgBP6jIBSSPbB2Aosi0QAURX +6GOY7wOS1pCSntTOBQxV7wVjqFwYAR10MSxFSNfpJ7RkzA== +-----END RSA PRIVATE KEY----- diff --git a/tests/Utils/public.key b/tests/Utils/public.key new file mode 100644 index 00000000..25010108 --- /dev/null +++ b/tests/Utils/public.key @@ -0,0 +1,6 @@ +-----BEGIN PUBLIC KEY----- +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDOBcFjGUlo3BJ9zjwQLgAHn6Oy +5Si0uB7MublTiPob8rWTiCE4weAFqzPoAB07vB0t0f8c1R8rmwHMD5ljWPBgJ8Fe +wtwAUzprOBcau6DWukd/TKxXWeVLAl/NZxijI+jR5QDBYLNBtj1G4LBVHMmINd3r +yCycbf9ac3rcC8zhrQIDAQAB +-----END PUBLIC KEY----- From 335630f150f87b43e562484daf36c3510041038a Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Fri, 12 Feb 2016 18:08:27 +0000 Subject: [PATCH 12/13] Added code coverage ignore docblocks --- src/Utils/KeyCrypt.php | 4 ++++ src/Utils/SecureKey.php | 2 ++ 2 files changed, 6 insertions(+) diff --git a/src/Utils/KeyCrypt.php b/src/Utils/KeyCrypt.php index 634cd80b..8b62c10a 100644 --- a/src/Utils/KeyCrypt.php +++ b/src/Utils/KeyCrypt.php @@ -36,7 +36,9 @@ class KeyCrypt $chunk = substr($unencryptedData, 0, $chunkSize); $unencryptedData = substr($unencryptedData, $chunkSize); if (openssl_private_encrypt($chunk, $encrypted, $privateKey) === false) { + // @codeCoverageIgnoreStart throw new \LogicException('Failed to encrypt data'); + // @codeCoverageIgnoreEnd } $output .= $encrypted; } @@ -72,7 +74,9 @@ class KeyCrypt $chunk = substr($encryptedData, 0, $chunkSize); $encryptedData = substr($encryptedData, $chunkSize); if (openssl_public_decrypt($chunk, $decrypted, $publicKey) === false) { + // @codeCoverageIgnoreStart throw new \LogicException('Failed to decrypt data'); + // @codeCoverageIgnoreEnd } $output .= $decrypted; } diff --git a/src/Utils/SecureKey.php b/src/Utils/SecureKey.php index f5078bbf..ee5a85ea 100644 --- a/src/Utils/SecureKey.php +++ b/src/Utils/SecureKey.php @@ -31,6 +31,7 @@ class SecureKey { try { $string = random_bytes($len); + // @codeCoverageIgnoreStart } catch (\TypeError $e) { // Well, it's an integer, so this IS unexpected. throw OAuthServerException::serverError("An unexpected error has occurred"); @@ -41,6 +42,7 @@ class SecureKey // If you get this message, the CSPRNG failed hard. throw OAuthServerException::serverError("Could not generate a random string. Is our OS secure?"); } + // @codeCoverageIgnoreEnd return bin2hex($string); } From 186853390a3f3b43e9000701e8da2a0ce85737e3 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Fri, 12 Feb 2016 18:08:35 +0000 Subject: [PATCH 13/13] Updated phpunit.xml.dist --- phpunit.xml.dist | 36 +++++++++++++++++++++--------------- 1 file changed, 21 insertions(+), 15 deletions(-) diff --git a/phpunit.xml.dist b/phpunit.xml.dist index 43c0a02c..943b7857 100644 --- a/phpunit.xml.dist +++ b/phpunit.xml.dist @@ -1,17 +1,23 @@ - - - - ./tests/ - - - - - src - - - - - - + + + + ./tests/ + + + + + src + + src/ResponseTypes/DefaultTemplates + + + + + + +