mirror of
https://github.com/elyby/oauth2-server.git
synced 2024-12-16 02:08:56 +05:30
Merge branch 'develop'
This commit is contained in:
commit
6d81c1e57e
3
.gitignore
vendored
3
.gitignore
vendored
@ -2,4 +2,5 @@
|
||||
/composer.lock
|
||||
/tests/coverage
|
||||
/docs
|
||||
/testing
|
||||
/testing
|
||||
build/coverage
|
27
phpunit.xml
27
phpunit.xml
@ -1,27 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<phpunit colors="true" convertNoticesToExceptions="true" convertWarningsToExceptions="true" stopOnError="false" stopOnFailure="false" stopOnIncomplete="false" stopOnSkipped="false" bootstrap="tests/Bootstrap.php">
|
||||
<testsuites>
|
||||
<testsuite name="Authorization Server">
|
||||
<directory suffix="Test.php">tests/authorization</directory>
|
||||
</testsuite>
|
||||
<testsuite name="Resource Server">
|
||||
<directory suffix="Test.php">tests/resource</directory>
|
||||
</testsuite>
|
||||
<testsuite name="Utility Methods">
|
||||
<directory suffix="Test.php">tests/util</directory>
|
||||
</testsuite>
|
||||
</testsuites>
|
||||
<filter>
|
||||
<blacklist>
|
||||
<directory suffix=".php">PEAR_INSTALL_DIR</directory>
|
||||
<directory suffix=".php">PHP_LIBDIR</directory>
|
||||
<directory suffix=".php">vendor</directory>
|
||||
<directory suffix=".php">tests</directory>
|
||||
<directory suffix=".php">testing</directory>
|
||||
</blacklist>
|
||||
</filter>
|
||||
<logging>
|
||||
<log type="coverage-text" target="php://stdout" title="lncd/OAuth" charset="UTF-8" yui="true" highlight="true" lowUpperBound="60" highLowerBound="99"/>
|
||||
<log type="coverage-html" target="tests/coverage" title="lncd/OAuth" charset="UTF-8" yui="true" highlight="true" lowUpperBound="60" highLowerBound="99"/>
|
||||
</logging>
|
||||
</phpunit>
|
@ -5,7 +5,7 @@ CREATE TABLE `oauth_clients` (
|
||||
`auto_approve` TINYINT(1) NOT NULL DEFAULT '0',
|
||||
PRIMARY KEY (`id`),
|
||||
UNIQUE KEY `u_oacl_clse_clid` (`secret`,`id`)
|
||||
) ENGINE=INNODB DEFAULT CHARSET=utf8;
|
||||
) ENGINE=INNODB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci;
|
||||
|
||||
CREATE TABLE `oauth_client_endpoints` (
|
||||
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
|
||||
@ -14,7 +14,7 @@ CREATE TABLE `oauth_client_endpoints` (
|
||||
PRIMARY KEY (`id`),
|
||||
KEY `i_oaclen_clid` (`client_id`),
|
||||
CONSTRAINT `f_oaclen_clid` FOREIGN KEY (`client_id`) REFERENCES `oauth_clients` (`id`) ON DELETE CASCADE ON UPDATE CASCADE
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci;
|
||||
|
||||
CREATE TABLE `oauth_sessions` (
|
||||
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
|
||||
@ -24,7 +24,7 @@ CREATE TABLE `oauth_sessions` (
|
||||
PRIMARY KEY (`id`),
|
||||
KEY `i_uase_clid_owty_owid` (`client_id`,`owner_type`,`owner_id`),
|
||||
CONSTRAINT `f_oase_clid` FOREIGN KEY (`client_id`) REFERENCES `oauth_clients` (`id`) ON DELETE CASCADE ON UPDATE CASCADE
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci;
|
||||
|
||||
CREATE TABLE `oauth_session_access_tokens` (
|
||||
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
|
||||
@ -35,7 +35,7 @@ CREATE TABLE `oauth_session_access_tokens` (
|
||||
UNIQUE KEY `u_oaseacto_acto_seid` (`access_token`,`session_id`),
|
||||
KEY `f_oaseto_seid` (`session_id`),
|
||||
CONSTRAINT `f_oaseto_seid` FOREIGN KEY (`session_id`) REFERENCES `oauth_sessions` (`id`) ON DELETE CASCADE ON UPDATE NO ACTION
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci;
|
||||
|
||||
CREATE TABLE `oauth_session_authcodes` (
|
||||
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
|
||||
@ -45,14 +45,14 @@ CREATE TABLE `oauth_session_authcodes` (
|
||||
PRIMARY KEY (`id`),
|
||||
KEY `session_id` (`session_id`),
|
||||
CONSTRAINT `oauth_session_authcodes_ibfk_1` FOREIGN KEY (`session_id`) REFERENCES `oauth_sessions` (`id`) ON DELETE CASCADE
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci;
|
||||
|
||||
CREATE TABLE `oauth_session_redirects` (
|
||||
`session_id` int(10) unsigned NOT NULL,
|
||||
`redirect_uri` varchar(255) NOT NULL,
|
||||
PRIMARY KEY (`session_id`),
|
||||
CONSTRAINT `f_oasere_seid` FOREIGN KEY (`session_id`) REFERENCES `oauth_sessions` (`id`) ON DELETE CASCADE ON UPDATE NO ACTION
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci;
|
||||
|
||||
CREATE TABLE `oauth_session_refresh_tokens` (
|
||||
`session_access_token_id` int(10) unsigned NOT NULL,
|
||||
@ -63,7 +63,7 @@ CREATE TABLE `oauth_session_refresh_tokens` (
|
||||
KEY `client_id` (`client_id`),
|
||||
CONSTRAINT `oauth_session_refresh_tokens_ibfk_1` FOREIGN KEY (`client_id`) REFERENCES `oauth_clients` (`id`) ON DELETE CASCADE,
|
||||
CONSTRAINT `f_oasetore_setoid` FOREIGN KEY (`session_access_token_id`) REFERENCES `oauth_session_access_tokens` (`id`) ON DELETE CASCADE ON UPDATE NO ACTION
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci;
|
||||
|
||||
CREATE TABLE `oauth_scopes` (
|
||||
`id` smallint(5) unsigned NOT NULL AUTO_INCREMENT,
|
||||
@ -72,7 +72,7 @@ CREATE TABLE `oauth_scopes` (
|
||||
`description` varchar(255) DEFAULT NULL,
|
||||
PRIMARY KEY (`id`),
|
||||
UNIQUE KEY `u_oasc_sc` (`scope`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci;
|
||||
|
||||
CREATE TABLE `oauth_session_token_scopes` (
|
||||
`id` bigint(20) unsigned NOT NULL AUTO_INCREMENT,
|
||||
@ -83,7 +83,7 @@ CREATE TABLE `oauth_session_token_scopes` (
|
||||
KEY `f_oasetosc_scid` (`scope_id`),
|
||||
CONSTRAINT `f_oasetosc_scid` FOREIGN KEY (`scope_id`) REFERENCES `oauth_scopes` (`id`) ON DELETE CASCADE ON UPDATE NO ACTION,
|
||||
CONSTRAINT `f_oasetosc_setoid` FOREIGN KEY (`session_access_token_id`) REFERENCES `oauth_session_access_tokens` (`id`) ON DELETE CASCADE ON UPDATE NO ACTION
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci;
|
||||
|
||||
CREATE TABLE `oauth_session_authcode_scopes` (
|
||||
`oauth_session_authcode_id` int(10) unsigned NOT NULL,
|
||||
@ -92,4 +92,4 @@ CREATE TABLE `oauth_session_authcode_scopes` (
|
||||
KEY `scope_id` (`scope_id`),
|
||||
CONSTRAINT `oauth_session_authcode_scopes_ibfk_2` FOREIGN KEY (`scope_id`) REFERENCES `oauth_scopes` (`id`) ON DELETE CASCADE,
|
||||
CONSTRAINT `oauth_session_authcode_scopes_ibfk_1` FOREIGN KEY (`oauth_session_authcode_id`) REFERENCES `oauth_session_authcodes` (`id`) ON DELETE CASCADE
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_unicode_ci;
|
||||
|
@ -0,0 +1,20 @@
|
||||
<?php
|
||||
/**
|
||||
* OAuth 2.0 Insufficient Scope Exception
|
||||
*
|
||||
* @package php-loep/oauth2-server
|
||||
* @author Woody Gilk <woody@shadowhand.me>
|
||||
* @copyright Copyright (c) 2014 PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
|
||||
namespace League\OAuth2\Server\Exception;
|
||||
|
||||
/**
|
||||
* InsufficientScope Exception
|
||||
*/
|
||||
class InsufficientScopeException extends OAuth2Exception
|
||||
{
|
||||
|
||||
}
|
@ -0,0 +1,20 @@
|
||||
<?php
|
||||
/**
|
||||
* OAuth 2.0 Missing Access Token Exception
|
||||
*
|
||||
* @package php-loep/oauth2-server
|
||||
* @author Woody Gilk <woody@shadowhand.me>
|
||||
* @copyright Copyright (c) 2014 PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
|
||||
namespace League\OAuth2\Server\Exception;
|
||||
|
||||
/**
|
||||
* MissingAccessToken Exception
|
||||
*/
|
||||
class MissingAccessTokenException extends OAuth2Exception
|
||||
{
|
||||
|
||||
}
|
@ -192,7 +192,7 @@ class RefreshToken implements GrantTypeInterface {
|
||||
|
||||
$response = array(
|
||||
'access_token' => $accessToken,
|
||||
'token_type' => 'bearer',
|
||||
'token_type' => 'Bearer',
|
||||
'expires' => $accessTokenExpires,
|
||||
'expires_in' => $accessTokenExpiresIn
|
||||
);
|
||||
|
@ -4,7 +4,8 @@
|
||||
*
|
||||
* @package php-loep/oauth2-server
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
|
||||
* @author Woody Gilk <woody@shadowhand.me>
|
||||
* @copyright Copyright (c) 2013-2014 PHP League of Extraordinary Packages
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/php-loep/oauth2-server
|
||||
*/
|
||||
@ -75,6 +76,117 @@ class Resource
|
||||
*/
|
||||
protected $clientId = null;
|
||||
|
||||
/**
|
||||
* Exception error codes
|
||||
* @var array
|
||||
*/
|
||||
protected static $exceptionCodes = array(
|
||||
0 => 'invalid_request',
|
||||
1 => 'invalid_token',
|
||||
2 => 'insufficient_scope',
|
||||
);
|
||||
|
||||
/**
|
||||
* Exception error messages
|
||||
* @var array
|
||||
*/
|
||||
protected static $exceptionMessages = array(
|
||||
'invalid_request' => 'The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the "%s" parameter.',
|
||||
'invalid_token' => 'The access token provided is expired, revoked, malformed, or invalid for other reasons.',
|
||||
'insufficient_scope' => 'The request requires higher privileges than provided by the access token. Required scopes are: %s.',
|
||||
);
|
||||
|
||||
/**
|
||||
* Exception error HTTP status codes
|
||||
* @var array
|
||||
*
|
||||
* RFC 6750, section 3.1:
|
||||
* When a request fails, the resource server responds using the
|
||||
* appropriate HTTP status code (typically, 400, 401, 403, or 405) and
|
||||
* includes one of the following error codes in the response:
|
||||
*/
|
||||
protected static $exceptionHttpStatusCodes = array(
|
||||
'invalid_request' => 400,
|
||||
'invalid_token' => 401,
|
||||
'insufficient_scope' => 403,
|
||||
);
|
||||
|
||||
/**
|
||||
* Get an exception message
|
||||
*
|
||||
* @param string $error The error message key
|
||||
* @return string The error message
|
||||
*/
|
||||
public static function getExceptionMessage($error = '')
|
||||
{
|
||||
return self::$exceptionMessages[$error];
|
||||
}
|
||||
|
||||
/**
|
||||
* Get an exception code
|
||||
*
|
||||
* @param integer $code The exception code
|
||||
* @return string The exception code type
|
||||
*/
|
||||
public static function getExceptionType($code = 0)
|
||||
{
|
||||
return self::$exceptionCodes[$code];
|
||||
}
|
||||
|
||||
/**
|
||||
* Get all headers that have to be send with the error response
|
||||
*
|
||||
* @param string $error The error message key
|
||||
* @return array Array with header values
|
||||
*/
|
||||
public static function getExceptionHttpHeaders($error)
|
||||
{
|
||||
$headers = array();
|
||||
switch (self::$exceptionHttpStatusCodes[$error]) {
|
||||
case 401:
|
||||
$headers[] = 'HTTP/1.1 401 Unauthorized';
|
||||
break;
|
||||
case 403:
|
||||
$headers[] = 'HTTP/1.1 403 Forbidden';
|
||||
break;
|
||||
case 400:
|
||||
default:
|
||||
$headers[] = 'HTTP/1.1 400 Bad Request';
|
||||
}
|
||||
|
||||
// Add "WWW-Authenticate" header
|
||||
//
|
||||
// RFC 6749, section 5.2.:
|
||||
// "If the client attempted to authenticate via the 'Authorization'
|
||||
// request header field, the authorization server MUST
|
||||
// respond with an HTTP 401 (Unauthorized) status code and
|
||||
// include the "WWW-Authenticate" response header field
|
||||
// matching the authentication scheme used by the client.
|
||||
// @codeCoverageIgnoreStart
|
||||
if ($error === 'insufficient_scope') {
|
||||
$authScheme = null;
|
||||
$request = new Request();
|
||||
if ($request->server('PHP_AUTH_USER') !== null) {
|
||||
$authScheme = 'Basic';
|
||||
} else {
|
||||
$authHeader = $request->header('Authorization');
|
||||
if ($authHeader !== null) {
|
||||
if (strpos($authHeader, 'Bearer') === 0) {
|
||||
$authScheme = 'Bearer';
|
||||
} elseif (strpos($authHeader, 'Basic') === 0) {
|
||||
$authScheme = 'Basic';
|
||||
}
|
||||
}
|
||||
}
|
||||
if ($authScheme !== null) {
|
||||
$headers[] = 'WWW-Authenticate: '.$authScheme.' realm=""';
|
||||
}
|
||||
}
|
||||
// @codeCoverageIgnoreEnd
|
||||
|
||||
return $headers;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets up the Resource
|
||||
*
|
||||
@ -186,7 +298,7 @@ class Resource
|
||||
$result = $this->storages['session']->validateAccessToken($accessToken);
|
||||
|
||||
if (! $result) {
|
||||
throw new Exception\InvalidAccessTokenException('Access token is not valid');
|
||||
throw new Exception\InvalidAccessTokenException(self::$exceptionMessages['invalid_token'], 1);
|
||||
}
|
||||
|
||||
$this->accessToken = $accessToken;
|
||||
@ -216,25 +328,26 @@ class Resource
|
||||
* Checks if the presented access token has the given scope(s).
|
||||
*
|
||||
* @param array|string An array of scopes or a single scope as a string
|
||||
* @param bool If scopes are required, missing scope will trigger an exception
|
||||
* @throws Exception\InsufficientScopeException Thrown if the any of the given scopes are not in the session
|
||||
* @return bool Returns bool if all scopes are found, false if any fail
|
||||
*/
|
||||
public function hasScope($scopes)
|
||||
public function hasScope($scopes, $required = false)
|
||||
{
|
||||
if (is_string($scopes)) {
|
||||
if (in_array($scopes, $this->sessionScopes)) {
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
} elseif (is_array($scopes)) {
|
||||
foreach ($scopes as $scope) {
|
||||
if (! in_array($scope, $this->sessionScopes)) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
return true;
|
||||
if (!is_array($scopes)) {
|
||||
$scopes = array($scopes);
|
||||
}
|
||||
|
||||
return false;
|
||||
$missing = array_diff($scopes, $this->sessionScopes);
|
||||
|
||||
if ($missing) {
|
||||
if ($required) {
|
||||
$missing = implode(', ', $missing);
|
||||
throw new Exception\InsufficientScopeException(sprintf(self::$exceptionMessages['insufficient_scope'], $missing), 3);
|
||||
}
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -274,7 +387,7 @@ class Resource
|
||||
}
|
||||
|
||||
if (empty($accessToken)) {
|
||||
throw new Exception\InvalidAccessTokenException('Access token is missing');
|
||||
throw new Exception\MissingAccessTokenException(self::$exceptionMessages['invalid_request'], 0);
|
||||
}
|
||||
|
||||
return $accessToken;
|
||||
|
@ -4,19 +4,45 @@ use \Mockery as m;
|
||||
|
||||
class Resource_Server_test extends PHPUnit_Framework_TestCase
|
||||
{
|
||||
private $session;
|
||||
private $session;
|
||||
|
||||
public function setUp()
|
||||
{
|
||||
public function setUp()
|
||||
{
|
||||
$this->session = M::mock('League\OAuth2\Server\Storage\SessionInterface');
|
||||
}
|
||||
}
|
||||
|
||||
private function returnDefault()
|
||||
{
|
||||
return new League\OAuth2\Server\Resource($this->session);
|
||||
}
|
||||
private function returnDefault()
|
||||
{
|
||||
return new League\OAuth2\Server\Resource($this->session);
|
||||
}
|
||||
|
||||
public function test_setRequest()
|
||||
public function test_getExceptionMessage()
|
||||
{
|
||||
$m = League\OAuth2\Server\Resource::getExceptionMessage('invalid_request');
|
||||
|
||||
$reflector = new ReflectionClass($this->returnDefault());
|
||||
$exceptionMessages = $reflector->getProperty('exceptionMessages');
|
||||
$exceptionMessages->setAccessible(true);
|
||||
$v = $exceptionMessages->getValue();
|
||||
|
||||
$this->assertEquals($v['invalid_request'], $m);
|
||||
}
|
||||
|
||||
public function test_getExceptionCode()
|
||||
{
|
||||
$this->assertEquals('invalid_request', League\OAuth2\Server\Resource::getExceptionType(0));
|
||||
$this->assertEquals('invalid_token', League\OAuth2\Server\Resource::getExceptionType(1));
|
||||
$this->assertEquals('insufficient_scope', League\OAuth2\Server\Resource::getExceptionType(2));
|
||||
}
|
||||
|
||||
public function test_getExceptionHttpHeaders()
|
||||
{
|
||||
$this->assertEquals(array('HTTP/1.1 400 Bad Request'), League\OAuth2\Server\Resource::getExceptionHttpHeaders('invalid_request'));
|
||||
$this->assertEquals(array('HTTP/1.1 401 Unauthorized'), League\OAuth2\Server\Resource::getExceptionHttpHeaders('invalid_token'));
|
||||
$this->assertContains('HTTP/1.1 403 Forbidden', League\OAuth2\Server\Resource::getExceptionHttpHeaders('insufficient_scope'));
|
||||
}
|
||||
|
||||
public function test_setRequest()
|
||||
{
|
||||
$s = $this->returnDefault();
|
||||
$request = new League\OAuth2\Server\Util\Request();
|
||||
@ -49,7 +75,7 @@ class Resource_Server_test extends PHPUnit_Framework_TestCase
|
||||
public function test_setTokenKey()
|
||||
{
|
||||
$s = $this->returnDefault();
|
||||
$s->setTokenKey('oauth_token');
|
||||
$s->setTokenKey('oauth_token');
|
||||
|
||||
$reflector = new ReflectionClass($s);
|
||||
$requestProperty = $reflector->getProperty('tokenKey');
|
||||
@ -66,25 +92,25 @@ class Resource_Server_test extends PHPUnit_Framework_TestCase
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException League\OAuth2\Server\Exception\InvalidAccessTokenException
|
||||
* @expectedException League\OAuth2\Server\Exception\MissingAccessTokenException
|
||||
*/
|
||||
public function test_determineAccessToken_missingToken()
|
||||
{
|
||||
$_SERVER['HTTP_AUTHORIZATION'] = 'Bearer';
|
||||
$request = new League\OAuth2\Server\Util\Request(array(), array(), array(), array(), $_SERVER);
|
||||
$_SERVER['HTTP_AUTHORIZATION'] = 'Bearer';
|
||||
$request = new League\OAuth2\Server\Util\Request(array(), array(), array(), array(), $_SERVER);
|
||||
|
||||
$s = $this->returnDefault();
|
||||
$s->setRequest($request);
|
||||
$s = $this->returnDefault();
|
||||
$s->setRequest($request);
|
||||
|
||||
$reflector = new ReflectionClass($s);
|
||||
$method = $reflector->getMethod('determineAccessToken');
|
||||
$method->setAccessible(true);
|
||||
$reflector = new ReflectionClass($s);
|
||||
$method = $reflector->getMethod('determineAccessToken');
|
||||
$method->setAccessible(true);
|
||||
|
||||
$method->invoke($s);
|
||||
$method->invoke($s);
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException League\OAuth2\Server\Exception\InvalidAccessTokenException
|
||||
* @expectedException League\OAuth2\Server\Exception\MissingAccessTokenException
|
||||
*/
|
||||
public function test_determineAccessToken_brokenCurlRequest()
|
||||
{
|
||||
@ -114,14 +140,14 @@ class Resource_Server_test extends PHPUnit_Framework_TestCase
|
||||
$s = $this->returnDefault();
|
||||
$s->setRequest($request);
|
||||
|
||||
$reflector = new ReflectionClass($s);
|
||||
$reflector = new ReflectionClass($s);
|
||||
|
||||
$method = $reflector->getMethod('determineAccessToken');
|
||||
$method->setAccessible(true);
|
||||
$method = $reflector->getMethod('determineAccessToken');
|
||||
$method->setAccessible(true);
|
||||
|
||||
$result = $method->invoke($s);
|
||||
$result = $method->invoke($s);
|
||||
|
||||
$this->assertEquals('abcdef', $result);
|
||||
$this->assertEquals('abcdef', $result);
|
||||
}
|
||||
|
||||
public function test_determineAccessToken_fromBrokenCurlHeader()
|
||||
@ -149,21 +175,54 @@ class Resource_Server_test extends PHPUnit_Framework_TestCase
|
||||
|
||||
public function test_determineAccessToken_fromMethod()
|
||||
{
|
||||
$s = $this->returnDefault();
|
||||
$s = $this->returnDefault();
|
||||
|
||||
$_GET[$s->getTokenKey()] = 'abcdef';
|
||||
$_SERVER['REQUEST_METHOD'] = 'get';
|
||||
$_GET[$s->getTokenKey()] = 'abcdef';
|
||||
$_SERVER['REQUEST_METHOD'] = 'get';
|
||||
|
||||
$request = new League\OAuth2\Server\Util\Request($_GET, array(), array(), array(), $_SERVER);
|
||||
$s->setRequest($request);
|
||||
$request = new League\OAuth2\Server\Util\Request($_GET, array(), array(), array(), $_SERVER);
|
||||
$s->setRequest($request);
|
||||
|
||||
$reflector = new ReflectionClass($s);
|
||||
$method = $reflector->getMethod('determineAccessToken');
|
||||
$method->setAccessible(true);
|
||||
$reflector = new ReflectionClass($s);
|
||||
$method = $reflector->getMethod('determineAccessToken');
|
||||
$method->setAccessible(true);
|
||||
|
||||
$result = $method->invoke($s);
|
||||
$result = $method->invoke($s);
|
||||
|
||||
$this->assertEquals('abcdef', $result);
|
||||
$this->assertEquals('abcdef', $result);
|
||||
}
|
||||
|
||||
public function test_hasScope_isRequired()
|
||||
{
|
||||
$s = $this->returnDefault();
|
||||
|
||||
$reflector = new ReflectionClass($s);
|
||||
$param = $reflector->getProperty('sessionScopes');
|
||||
$param->setAccessible(true);
|
||||
$param->setValue($s, array(
|
||||
'a', 'b', 'c'
|
||||
));
|
||||
|
||||
$result = $s->hasScope(array('a', 'b'), true);
|
||||
|
||||
$this->assertEquals(true, $result);
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException League\OAuth2\Server\Exception\InsufficientScopeException
|
||||
*/
|
||||
public function test_hasScope_isRequiredFailure()
|
||||
{
|
||||
$s = $this->returnDefault();
|
||||
|
||||
$reflector = new ReflectionClass($s);
|
||||
$param = $reflector->getProperty('sessionScopes');
|
||||
$param->setAccessible(true);
|
||||
$param->setValue($s, array(
|
||||
'a', 'b', 'c'
|
||||
));
|
||||
|
||||
$s->hasScope('d', true);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -171,9 +230,9 @@ class Resource_Server_test extends PHPUnit_Framework_TestCase
|
||||
*/
|
||||
public function test_isValid_notValid()
|
||||
{
|
||||
$this->session->shouldReceive('validateAccessToken')->andReturn(false);
|
||||
$this->session->shouldReceive('validateAccessToken')->andReturn(false);
|
||||
|
||||
$request = new League\OAuth2\Server\Util\Request();
|
||||
$request = new League\OAuth2\Server\Util\Request();
|
||||
$requestReflector = new ReflectionClass($request);
|
||||
$param = $requestReflector->getProperty('headers');
|
||||
$param->setAccessible(true);
|
||||
@ -188,19 +247,19 @@ class Resource_Server_test extends PHPUnit_Framework_TestCase
|
||||
|
||||
public function test_isValid_valid()
|
||||
{
|
||||
$this->session->shouldReceive('validateAccessToken')->andReturn(array(
|
||||
'session_id' => 1,
|
||||
'owner_type' => 'user',
|
||||
'owner_id' => 123,
|
||||
$this->session->shouldReceive('validateAccessToken')->andReturn(array(
|
||||
'session_id' => 1,
|
||||
'owner_type' => 'user',
|
||||
'owner_id' => 123,
|
||||
'client_id' => 'testapp'
|
||||
));
|
||||
));
|
||||
|
||||
$this->session->shouldReceive('getScopes')->andReturn(array(
|
||||
$this->session->shouldReceive('getScopes')->andReturn(array(
|
||||
array('scope' => 'foo'),
|
||||
array('scope' => 'bar')
|
||||
));
|
||||
|
||||
$request = new League\OAuth2\Server\Util\Request();
|
||||
$request = new League\OAuth2\Server\Util\Request();
|
||||
$requestReflector = new ReflectionClass($request);
|
||||
$param = $requestReflector->getProperty('headers');
|
||||
$param->setAccessible(true);
|
||||
@ -211,16 +270,15 @@ class Resource_Server_test extends PHPUnit_Framework_TestCase
|
||||
$s = $this->returnDefault();
|
||||
$s->setRequest($request);
|
||||
|
||||
$this->assertTrue($s->isValid());
|
||||
$this->assertEquals(123, $s->getOwnerId());
|
||||
$this->assertEquals('user', $s->getOwnerType());
|
||||
$this->assertEquals('abcdef', $s->getAccessToken());
|
||||
$this->assertTrue($s->isValid());
|
||||
$this->assertEquals(123, $s->getOwnerId());
|
||||
$this->assertEquals('user', $s->getOwnerType());
|
||||
$this->assertEquals('abcdef', $s->getAccessToken());
|
||||
$this->assertEquals('testapp', $s->getClientId());
|
||||
$this->assertTrue($s->hasScope('foo'));
|
||||
$this->assertTrue($s->hasScope('bar'));
|
||||
$this->assertTrue($s->hasScope(array('foo', 'bar')));
|
||||
$this->assertFalse($s->hasScope(array('foobar')));
|
||||
$this->assertFalse($s->hasScope('foobar'));
|
||||
$this->assertFalse($s->hasScope(new StdClass));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -2,14 +2,14 @@
|
||||
|
||||
class RedirectUri_test extends PHPUnit_Framework_TestCase
|
||||
{
|
||||
function test_make()
|
||||
{
|
||||
$v1 = League\OAuth2\Server\Util\RedirectUri::make('https://foobar/', array('foo'=>'bar'));
|
||||
$v2 = League\OAuth2\Server\Util\RedirectUri::make('https://foobar/', array('foo'=>'bar'), '#');
|
||||
$v3 = League\OAuth2\Server\Util\RedirectUri::make('https://foobar/', array('foo'=>'bar', 'bar' => 'foo'));
|
||||
function test_make()
|
||||
{
|
||||
$v1 = League\OAuth2\Server\Util\RedirectUri::make('https://foobar/', array('foo'=>'bar'));
|
||||
$v2 = League\OAuth2\Server\Util\RedirectUri::make('https://foobar/', array('foo'=>'bar'), '#');
|
||||
$v3 = League\OAuth2\Server\Util\RedirectUri::make('https://foobar/', array('foo'=>'bar', 'bar' => 'foo'));
|
||||
|
||||
$this->assertEquals('https://foobar/?foo=bar', $v1);
|
||||
$this->assertEquals('https://foobar/#foo=bar', $v2);
|
||||
$this->assertEquals('https://foobar/?foo=bar&bar=foo', $v3);
|
||||
}
|
||||
}
|
||||
$this->assertEquals('https://foobar/?foo=bar', $v1);
|
||||
$this->assertEquals('https://foobar/#foo=bar', $v2);
|
||||
$this->assertEquals('https://foobar/?foo=bar&bar=foo', $v3);
|
||||
}
|
||||
}
|
||||
|
@ -2,86 +2,86 @@
|
||||
|
||||
class Request_test extends PHPUnit_Framework_TestCase
|
||||
{
|
||||
private $request;
|
||||
private $request;
|
||||
|
||||
function setUp()
|
||||
{
|
||||
$this->request = new League\OAuth2\Server\Util\Request(
|
||||
array('foo' => 'bar'),
|
||||
array('foo' => 'bar'),
|
||||
array('foo' => 'bar'),
|
||||
array('foo' => 'bar'),
|
||||
array('HTTP_HOST' => 'foobar.com')
|
||||
);
|
||||
}
|
||||
function setUp()
|
||||
{
|
||||
$this->request = new League\OAuth2\Server\Util\Request(
|
||||
array('foo' => 'bar'),
|
||||
array('foo' => 'bar'),
|
||||
array('foo' => 'bar'),
|
||||
array('foo' => 'bar'),
|
||||
array('HTTP_HOST' => 'foobar.com')
|
||||
);
|
||||
}
|
||||
|
||||
function test_buildFromIndex()
|
||||
{
|
||||
$r = new League\OAuth2\Server\Util\Request();
|
||||
$r->buildFromGlobals();
|
||||
function test_buildFromIndex()
|
||||
{
|
||||
$r = new League\OAuth2\Server\Util\Request();
|
||||
$r->buildFromGlobals();
|
||||
|
||||
$this->assertTrue($r instanceof League\OAuth2\Server\Util\Request);
|
||||
}
|
||||
$this->assertTrue($r instanceof League\OAuth2\Server\Util\Request);
|
||||
}
|
||||
|
||||
function test_get()
|
||||
{
|
||||
$this->assertEquals('bar', $this->request->get('foo'));
|
||||
$this->assertEquals(array('foo' => 'bar'), $this->request->get());
|
||||
}
|
||||
function test_get()
|
||||
{
|
||||
$this->assertEquals('bar', $this->request->get('foo'));
|
||||
$this->assertEquals(array('foo' => 'bar'), $this->request->get());
|
||||
}
|
||||
|
||||
function test_post()
|
||||
{
|
||||
$this->assertEquals('bar', $this->request->post('foo'));
|
||||
$this->assertEquals(array('foo' => 'bar'), $this->request->post());
|
||||
}
|
||||
function test_post()
|
||||
{
|
||||
$this->assertEquals('bar', $this->request->post('foo'));
|
||||
$this->assertEquals(array('foo' => 'bar'), $this->request->post());
|
||||
}
|
||||
|
||||
function test_file()
|
||||
{
|
||||
$this->assertEquals('bar', $this->request->file('foo'));
|
||||
$this->assertEquals(array('foo' => 'bar'), $this->request->file());
|
||||
}
|
||||
function test_file()
|
||||
{
|
||||
$this->assertEquals('bar', $this->request->file('foo'));
|
||||
$this->assertEquals(array('foo' => 'bar'), $this->request->file());
|
||||
}
|
||||
|
||||
function test_cookie()
|
||||
{
|
||||
$this->assertEquals('bar', $this->request->cookie('foo'));
|
||||
$this->assertEquals(array('foo' => 'bar'), $this->request->cookie());
|
||||
}
|
||||
function test_cookie()
|
||||
{
|
||||
$this->assertEquals('bar', $this->request->cookie('foo'));
|
||||
$this->assertEquals(array('foo' => 'bar'), $this->request->cookie());
|
||||
}
|
||||
|
||||
function test_server()
|
||||
{
|
||||
$this->assertEquals('foobar.com', $this->request->server('HTTP_HOST'));
|
||||
$this->assertEquals(array('HTTP_HOST' => 'foobar.com'), $this->request->server());
|
||||
}
|
||||
function test_server()
|
||||
{
|
||||
$this->assertEquals('foobar.com', $this->request->server('HTTP_HOST'));
|
||||
$this->assertEquals(array('HTTP_HOST' => 'foobar.com'), $this->request->server());
|
||||
}
|
||||
|
||||
function test_header()
|
||||
{
|
||||
$this->assertEquals('foobar.com', $this->request->header('Host'));
|
||||
$this->assertEquals(array('Host' => 'foobar.com'), $this->request->header());
|
||||
}
|
||||
function test_header()
|
||||
{
|
||||
$this->assertEquals('foobar.com', $this->request->header('Host'));
|
||||
$this->assertEquals(array('Host' => 'foobar.com'), $this->request->header());
|
||||
}
|
||||
|
||||
function test_canonical_header()
|
||||
{
|
||||
$request = new League\OAuth2\Server\Util\Request(
|
||||
array('foo' => 'bar'),
|
||||
array('foo' => 'bar'),
|
||||
array('foo' => 'bar'),
|
||||
array('foo' => 'bar'),
|
||||
array('HTTP_HOST' => 'foobar.com'),
|
||||
array('authorization' => 'Bearer ajdfkljadslfjasdlkj')
|
||||
);
|
||||
function test_canonical_header()
|
||||
{
|
||||
$request = new League\OAuth2\Server\Util\Request(
|
||||
array('foo' => 'bar'),
|
||||
array('foo' => 'bar'),
|
||||
array('foo' => 'bar'),
|
||||
array('foo' => 'bar'),
|
||||
array('HTTP_HOST' => 'foobar.com'),
|
||||
array('authorization' => 'Bearer ajdfkljadslfjasdlkj')
|
||||
);
|
||||
|
||||
$this->assertEquals('Bearer ajdfkljadslfjasdlkj', $request->header('Authorization'));
|
||||
}
|
||||
$this->assertEquals('Bearer ajdfkljadslfjasdlkj', $request->header('Authorization'));
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException InvalidArgumentException
|
||||
*/
|
||||
function test_unknownProperty()
|
||||
{
|
||||
$reflector = new ReflectionClass($this->request);
|
||||
$method = $reflector->getMethod('getPropertyValue');
|
||||
$method->setAccessible(true);
|
||||
/**
|
||||
* @expectedException InvalidArgumentException
|
||||
*/
|
||||
function test_unknownProperty()
|
||||
{
|
||||
$reflector = new ReflectionClass($this->request);
|
||||
$method = $reflector->getMethod('getPropertyValue');
|
||||
$method->setAccessible(true);
|
||||
|
||||
$method->invoke($this->request, 'blah');
|
||||
}
|
||||
}
|
||||
$method->invoke($this->request, 'blah');
|
||||
}
|
||||
}
|
||||
|
@ -2,16 +2,16 @@
|
||||
|
||||
class Secure_Key_test extends PHPUnit_Framework_TestCase
|
||||
{
|
||||
function test_make()
|
||||
{
|
||||
$v1 = League\OAuth2\Server\Util\SecureKey::make();
|
||||
$v2 = League\OAuth2\Server\Util\SecureKey::make();
|
||||
$v3 = League\OAuth2\Server\Util\SecureKey::make(50);
|
||||
function test_make()
|
||||
{
|
||||
$v1 = League\OAuth2\Server\Util\SecureKey::make();
|
||||
$v2 = League\OAuth2\Server\Util\SecureKey::make();
|
||||
$v3 = League\OAuth2\Server\Util\SecureKey::make(50);
|
||||
|
||||
$this->assertEquals(40, strlen($v1));
|
||||
$this->assertTrue($v1 !== $v2);
|
||||
$this->assertEquals(50, strlen($v3));
|
||||
}
|
||||
$this->assertEquals(40, strlen($v1));
|
||||
$this->assertTrue($v1 !== $v2);
|
||||
$this->assertEquals(50, strlen($v3));
|
||||
}
|
||||
|
||||
public function test_make_with_different_algorithm()
|
||||
{
|
||||
@ -29,4 +29,4 @@ class Secure_Key_test extends PHPUnit_Framework_TestCase
|
||||
$this->assertSame($algorithm, League\OAuth2\Server\Util\SecureKey::getAlgorithm());
|
||||
$this->assertEquals($result, League\OAuth2\Server\Util\SecureKey::make(11));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user