Fixes and tests

2024-11-26 16:52:04 +05:30 · 2014-12-27 22:26:31 +00:00 · 2014-12-27 22:26:31 +00:00 · 707c85b0d6
commit 707c85b0d6
parent c56562b0b8
3 changed files with 171 additions and 4 deletions
--- a/src/Storage/MacTokenInterface.php
+++ b/src/Storage/MacTokenInterface.php
@ -20,11 +20,11 @@ interface MacTokenInterface extends StorageInterface
 {
    /**
     * Create a MAC key linked to an access token
-     * @param  string                                         $macKey
-     * @param  \League\OAuth2\Server\Entity\AccessTokenEntity $accessTokenEntity
+     * @param  string $macKey
+     * @param  string $accessToken
     * @return void
     */
-    public function create($macKey, AccessTokenEntity $accessTokenEntity);
+    public function create($macKey, $accessToken);

    /**
     * Get a MAC key by access token
--- a/src/TokenType/MAC.php
+++ b/src/TokenType/MAC.php
@ -63,9 +63,11 @@ class MAC extends AbstractTokenType implements TokenTypeInterface

            preg_match_all('/([a-zA-Z]*)="([\w=]*)"/', $param, $matches);

+            // @codeCoverageIgnoreStart
            if (count($matches) !== 3) {
                return;
            }
+            // @codeCoverageIgnoreEnd

            $key = reset($matches[1]);
            $value = trim(reset($matches[2]));
@ -74,7 +76,7 @@ class MAC extends AbstractTokenType implements TokenTypeInterface
                return;
            }

-            $params->add($key, $value);
+            $params->set($key, $value);
        }, $paramsRaw);

        // Validate parameters
--- a/tests/unit/TokenType/MacTest.php
+++ b/tests/unit/TokenType/MacTest.php
@ -0,0 +1,165 @@
+<?php
+
+namespace LeagueTests\TokenType;
+
+use League\OAuth2\Server\AuthorizationServer;
+use League\OAuth2\Server\Entity\AccessTokenEntity;
+use League\OAuth2\Server\TokenType\MAC;
+use Mockery as M;
+use Symfony\Component\HttpFoundation\Request;
+
+class MacTest extends \PHPUnit_Framework_TestCase
+{
+    public function testGenerateResponse()
+    {
+        $macStorage = M::mock('\League\OAuth2\Server\Storage\MacTokenInterface');
+        $macStorage->shouldReceive('create');
+
+        $server = new AuthorizationServer();
+        $server->setMacStorage($macStorage);
+
+        $tokenType = new MAC();
+        $tokenType->setServer($server);
+
+        $accessToken = new AccessTokenEntity($server);
+        $accessToken->setId(uniqid());
+        $accessToken->setExpireTime(time());
+
+        $tokenType->setParam('access_token', $accessToken->getId());
+        $tokenType->setParam('expires_in', 3600);
+
+        $response = $tokenType->generateResponse();
+
+        $this->assertEquals($accessToken->getId(), $response['access_token']);
+        $this->assertEquals('mac', $response['token_type']);
+        $this->assertEquals(3600, $response['expires_in']);
+        $this->assertEquals('hmac-sha-256', $response['mac_algorithm']);
+        $this->assertArrayHasKey('mac_key', $response);
+    }
+
+    public function testDetermineAccessTokenInHeaderValid()
+    {
+        $macStorage = M::mock('\League\OAuth2\Server\Storage\MacTokenInterface');
+        $macStorage->shouldReceive('getByAccessToken')->andReturn('abcdef');
+
+        $server = new AuthorizationServer();
+        $server->setMacStorage($macStorage);
+
+        $ts = time();
+
+        $request = Request::createFromGlobals();
+        $calculatedSignatureParts = [
+            $ts,
+            'foo',
+            strtoupper($request->getMethod()),
+            $request->getUri(),
+            $request->getHost(),
+            $request->getPort(),
+            'ext'
+        ];
+        $calculatedSignature = base64_encode(hash_hmac('sha256', implode("\n", $calculatedSignatureParts), 'abcdef'));
+
+        $request->headers->set('Authorization',  sprintf('MAC id="foo", nonce="foo", ts="%s", mac="%s", ext="ext"', $ts, $calculatedSignature));
+
+        $tokenType = new MAC();
+        $tokenType->setServer($server);
+
+        $response = $tokenType->determineAccessTokenInHeader($request);
+        $this->assertEquals('foo', $response);
+    }
+
+    public function testDetermineAccessTokenInHeaderMissingHeader()
+    {
+        $macStorage = M::mock('\League\OAuth2\Server\Storage\MacTokenInterface');
+        $macStorage->shouldReceive('getByAccessToken')->andReturn('abcdef');
+
+        $server = new AuthorizationServer();
+        $server->setMacStorage($macStorage);
+
+        $request = Request::createFromGlobals();
+        $tokenType = new MAC();
+        $tokenType->setServer($server);
+
+        $response = $tokenType->determineAccessTokenInHeader($request);
+
+        $this->assertEquals(null, $response);
+    }
+
+    public function testDetermineAccessTokenInHeaderMissingAuthMac()
+    {
+        $macStorage = M::mock('\League\OAuth2\Server\Storage\MacTokenInterface');
+        $macStorage->shouldReceive('getByAccessToken')->andReturn('abcdef');
+
+        $server = new AuthorizationServer();
+        $server->setMacStorage($macStorage);
+
+        $request = Request::createFromGlobals();
+        $request->headers->set('Authorization', '');
+
+        $tokenType = new MAC();
+        $tokenType->setServer($server);
+
+        $response = $tokenType->determineAccessTokenInHeader($request);
+
+        $this->assertEquals(null, $response);
+    }
+
+    public function testDetermineAccessTokenInHeaderInvalidParam()
+    {
+        $macStorage = M::mock('\League\OAuth2\Server\Storage\MacTokenInterface');
+        $macStorage->shouldReceive('getByAccessToken')->andReturn('abcdef');
+
+        $server = new AuthorizationServer();
+        $server->setMacStorage($macStorage);
+
+        $request = Request::createFromGlobals();
+        $request->headers->set('Authorization', 'MAC ');
+
+        $tokenType = new MAC();
+        $tokenType->setServer($server);
+
+        $response = $tokenType->determineAccessTokenInHeader($request);
+
+        $this->assertEquals(null, $response);
+    }
+
+    public function testDetermineAccessTokenInHeaderMismatchTimestamp()
+    {
+        $macStorage = M::mock('\League\OAuth2\Server\Storage\MacTokenInterface');
+        $macStorage->shouldReceive('getByAccessToken')->andReturn('abcdef');
+
+        $server = new AuthorizationServer();
+        $server->setMacStorage($macStorage);
+
+        $ts = time() - 100;
+
+        $request = Request::createFromGlobals();
+        $request->headers->set('Authorization',  sprintf('MAC id="foo", nonce="foo", ts="%s", mac="%s", ext="ext"', $ts, 'foo'));
+
+        $tokenType = new MAC();
+        $tokenType->setServer($server);
+
+        $response = $tokenType->determineAccessTokenInHeader($request);
+        $this->assertEquals(null, $response);
+    }
+
+    public function testDetermineAccessTokenInHeaderMissingMacKey()
+    {
+        $macStorage = M::mock('\League\OAuth2\Server\Storage\MacTokenInterface');
+        $macStorage->shouldReceive('getByAccessToken')->andReturn(null);
+
+        $server = new AuthorizationServer();
+        $server->setMacStorage($macStorage);
+
+        $ts = time();
+
+        $request = Request::createFromGlobals();
+        $request->headers->set('Authorization',  sprintf('MAC id="foo", nonce="foo", ts="%s", mac="%s", ext="ext"', $ts, 'foo'));
+
+        $tokenType = new MAC();
+        $tokenType->setServer($server);
+
+        $response = $tokenType->determineAccessTokenInHeader($request);
+        $this->assertEquals(null, $response);
+    }
+}