diff --git a/src/AuthorizationValidators/BearerTokenValidator.php b/src/AuthorizationValidators/BearerTokenValidator.php index 88034750..78f2b47c 100644 --- a/src/AuthorizationValidators/BearerTokenValidator.php +++ b/src/AuthorizationValidators/BearerTokenValidator.php @@ -77,6 +77,9 @@ class BearerTokenValidator implements AuthorizationValidatorInterface } catch (\InvalidArgumentException $exception) { // JWT couldn't be parsed so return the request as is throw OAuthServerException::accessDenied($exception->getMessage()); + } catch(\RuntimeException $exception){ + //JWR couldn't be parsed so return the request as is + throw OAuthServerException::accessDenied('Error while decoding to JSON'); } } } diff --git a/tests/ResponseTypes/BearerResponseTypeTest.php b/tests/ResponseTypes/BearerResponseTypeTest.php index 6c84e148..59955397 100644 --- a/tests/ResponseTypes/BearerResponseTypeTest.php +++ b/tests/ResponseTypes/BearerResponseTypeTest.php @@ -226,4 +226,31 @@ class BearerResponseTypeTest extends \PHPUnit_Framework_TestCase ); } } + + public function testDetermineMissingBearerInHeader() + { + $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock(); + + $responseType = new BearerTokenResponse($accessTokenRepositoryMock); + $responseType->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); + $responseType->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key')); + + $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock(); + + $authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock); + $authorizationValidator->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); + $authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key')); + + $request = new ServerRequest(); + $request = $request->withHeader('authorization', 'Bearer blah.blah.blah'); + + try { + $authorizationValidator->validateAuthorization($request); + } catch (OAuthServerException $e) { + $this->assertEquals( + 'Error while decoding to JSON', + $e->getHint() + ); + } + } }