mirror of
https://github.com/elyby/oauth2-server.git
synced 2024-11-22 21:23:02 +05:30
Merge pull request #1024 from Sephster/update-dependencies
Update Dependencies
This commit is contained in:
commit
ccf36588ee
@ -6,18 +6,17 @@
|
||||
"require": {
|
||||
"php": ">=7.1.0",
|
||||
"ext-openssl": "*",
|
||||
"league/event": "^2.1",
|
||||
"lcobucci/jwt": "^3.2.2",
|
||||
"league/event": "^2.2",
|
||||
"lcobucci/jwt": "^3.3.1",
|
||||
"psr/http-message": "^1.0.1",
|
||||
"defuse/php-encryption": "^2.1",
|
||||
"defuse/php-encryption": "^2.2.1",
|
||||
"ext-json": "*"
|
||||
},
|
||||
"require-dev": {
|
||||
"phpunit/phpunit": "^6.3 || ^7.0",
|
||||
"zendframework/zend-diactoros": "^1.3.2",
|
||||
"phpstan/phpstan": "^0.9.2",
|
||||
"phpstan/phpstan-phpunit": "^0.9.4",
|
||||
"phpstan/phpstan-strict-rules": "^0.9.0",
|
||||
"phpunit/phpunit": "^7.5.13 || ^8.2.3",
|
||||
"zendframework/zend-diactoros": "^2.1.2",
|
||||
"phpstan/phpstan": "^0.11.8",
|
||||
"phpstan/phpstan-phpunit": "^0.11.2",
|
||||
"roave/security-advisories": "dev-master"
|
||||
},
|
||||
"repositories": [
|
||||
|
@ -1,8 +1,6 @@
|
||||
includes:
|
||||
- vendor/phpstan/phpstan-phpunit/extension.neon
|
||||
- vendor/phpstan/phpstan-phpunit/rules.neon
|
||||
- vendor/phpstan/phpstan-phpunit/strictRules.neon
|
||||
- vendor/phpstan/phpstan-strict-rules/rules.neon
|
||||
services:
|
||||
-
|
||||
class: LeagueTests\PHPStan\AbstractGrantExtension
|
||||
|
@ -63,7 +63,7 @@ class BearerTokenValidator implements AuthorizationValidatorInterface
|
||||
}
|
||||
|
||||
$header = $request->getHeader('authorization');
|
||||
$jwt = trim(preg_replace('/^(?:\s+)?Bearer\s/', '', $header[0]));
|
||||
$jwt = trim((string) preg_replace('/^(?:\s+)?Bearer\s/', '', $header[0]));
|
||||
|
||||
try {
|
||||
// Attempt to parse and validate the JWT
|
||||
|
@ -19,7 +19,7 @@ use LogicException;
|
||||
trait CryptTrait
|
||||
{
|
||||
/**
|
||||
* @var string|Key
|
||||
* @var string|Key|null
|
||||
*/
|
||||
protected $encryptionKey;
|
||||
|
||||
@ -39,9 +39,13 @@ trait CryptTrait
|
||||
return Crypto::encrypt($unencryptedData, $this->encryptionKey);
|
||||
}
|
||||
|
||||
return Crypto::encryptWithPassword($unencryptedData, $this->encryptionKey);
|
||||
if (is_string($this->encryptionKey)) {
|
||||
return Crypto::encryptWithPassword($unencryptedData, $this->encryptionKey);
|
||||
}
|
||||
|
||||
throw new LogicException('Encryption key not set when attempting to encrypt');
|
||||
} catch (Exception $e) {
|
||||
throw new LogicException($e->getMessage(), null, $e);
|
||||
throw new LogicException($e->getMessage(), 0, $e);
|
||||
}
|
||||
}
|
||||
|
||||
@ -61,9 +65,13 @@ trait CryptTrait
|
||||
return Crypto::decrypt($encryptedData, $this->encryptionKey);
|
||||
}
|
||||
|
||||
return Crypto::decryptWithPassword($encryptedData, $this->encryptionKey);
|
||||
if (is_string($this->encryptionKey)) {
|
||||
return Crypto::decryptWithPassword($encryptedData, $this->encryptionKey);
|
||||
}
|
||||
|
||||
throw new LogicException('Encryption key not set when attempting to decrypt');
|
||||
} catch (Exception $e) {
|
||||
throw new LogicException($e->getMessage(), null, $e);
|
||||
throw new LogicException($e->getMessage(), 0, $e);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -48,7 +48,7 @@ trait AccessTokenTrait
|
||||
->setIssuedAt(time())
|
||||
->setNotBefore(time())
|
||||
->setExpiration($this->getExpiryDateTime()->getTimestamp())
|
||||
->setSubject($this->getUserIdentifier())
|
||||
->setSubject((string) $this->getUserIdentifier())
|
||||
->set('scopes', $this->getScopes())
|
||||
->sign(new Sha256(), new Key($privateKey->getKeyPath(), $privateKey->getPassPhrase()))
|
||||
->getToken();
|
||||
|
@ -308,7 +308,9 @@ class OAuthServerException extends Exception
|
||||
$response = $response->withHeader($header, $content);
|
||||
}
|
||||
|
||||
$response->getBody()->write(json_encode($payload, $jsonOptions));
|
||||
$responseBody = json_encode($payload, $jsonOptions) ?: 'JSON encoding of payload failed';
|
||||
|
||||
$response->getBody()->write($responseBody);
|
||||
|
||||
return $response->withStatus($this->getHttpStatusCode());
|
||||
}
|
||||
|
@ -185,7 +185,7 @@ abstract class AbstractGrant implements GrantTypeInterface
|
||||
throw OAuthServerException::invalidClient($request);
|
||||
}
|
||||
|
||||
$client = $this->clientRepository->getClientEntity($clientId);
|
||||
$client = $this->getClientEntityOrFail($clientId, $request);
|
||||
|
||||
// If a redirect URI is provided ensure it matches what is pre-registered
|
||||
$redirectUri = $this->getRequestParameter('redirect_uri', $request, null);
|
||||
|
@ -142,19 +142,21 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
|
||||
);
|
||||
}
|
||||
|
||||
if (isset($this->codeChallengeVerifiers[$authCodePayload->code_challenge_method])) {
|
||||
$codeChallengeVerifier = $this->codeChallengeVerifiers[$authCodePayload->code_challenge_method];
|
||||
if (property_exists($authCodePayload, 'code_challenge_method')) {
|
||||
if (isset($this->codeChallengeVerifiers[$authCodePayload->code_challenge_method])) {
|
||||
$codeChallengeVerifier = $this->codeChallengeVerifiers[$authCodePayload->code_challenge_method];
|
||||
|
||||
if ($codeChallengeVerifier->verifyCodeChallenge($codeVerifier, $authCodePayload->code_challenge) === false) {
|
||||
throw OAuthServerException::invalidGrant('Failed to verify `code_verifier`.');
|
||||
if ($codeChallengeVerifier->verifyCodeChallenge($codeVerifier, $authCodePayload->code_challenge) === false) {
|
||||
throw OAuthServerException::invalidGrant('Failed to verify `code_verifier`.');
|
||||
}
|
||||
} else {
|
||||
throw OAuthServerException::serverError(
|
||||
sprintf(
|
||||
'Unsupported code challenge method `%s`',
|
||||
$authCodePayload->code_challenge_method
|
||||
)
|
||||
);
|
||||
}
|
||||
} else {
|
||||
throw OAuthServerException::serverError(
|
||||
sprintf(
|
||||
'Unsupported code challenge method `%s`',
|
||||
$authCodePayload->code_challenge_method
|
||||
)
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
@ -351,12 +353,18 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
|
||||
'code_challenge_method' => $authorizationRequest->getCodeChallengeMethod(),
|
||||
];
|
||||
|
||||
$jsonPayload = json_encode($payload);
|
||||
|
||||
if ($jsonPayload === false) {
|
||||
throw new LogicException('An error was encountered when JSON encoding the authorization request response');
|
||||
}
|
||||
|
||||
$response = new RedirectResponse();
|
||||
$response->setRedirectUri(
|
||||
$this->makeRedirectUri(
|
||||
$finalRedirectUri,
|
||||
[
|
||||
'code' => $this->encrypt(json_encode($payload)),
|
||||
'code' => $this->encrypt($jsonPayload),
|
||||
'state' => $authorizationRequest->getState(),
|
||||
]
|
||||
)
|
||||
|
@ -21,7 +21,7 @@ interface ClientRepositoryInterface extends RepositoryInterface
|
||||
*
|
||||
* @param string $clientIdentifier The client's identifier
|
||||
*
|
||||
* @return ClientEntityInterface
|
||||
* @return ClientEntityInterface|null
|
||||
*/
|
||||
public function getClientEntity($clientIdentifier);
|
||||
|
||||
|
@ -22,7 +22,7 @@ interface ScopeRepositoryInterface extends RepositoryInterface
|
||||
*
|
||||
* @param string $identifier The scope identifier
|
||||
*
|
||||
* @return ScopeEntityInterface
|
||||
* @return ScopeEntityInterface|null
|
||||
*/
|
||||
public function getScopeEntityByIdentifier($identifier);
|
||||
|
||||
|
@ -22,7 +22,7 @@ interface UserRepositoryInterface extends RepositoryInterface
|
||||
* @param string $grantType The grant type used
|
||||
* @param ClientEntityInterface $clientEntity
|
||||
*
|
||||
* @return UserEntityInterface
|
||||
* @return UserEntityInterface|null
|
||||
*/
|
||||
public function getUserEntityByUserCredentials(
|
||||
$username,
|
||||
|
@ -111,7 +111,7 @@ class AuthorizationRequest
|
||||
}
|
||||
|
||||
/**
|
||||
* @return UserEntityInterface
|
||||
* @return UserEntityInterface|null
|
||||
*/
|
||||
public function getUser()
|
||||
{
|
||||
|
@ -13,6 +13,7 @@ namespace League\OAuth2\Server\ResponseTypes;
|
||||
|
||||
use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
|
||||
use League\OAuth2\Server\Entities\RefreshTokenEntityInterface;
|
||||
use LogicException;
|
||||
use Psr\Http\Message\ResponseInterface;
|
||||
|
||||
class BearerTokenResponse extends AbstractResponseType
|
||||
@ -31,23 +32,27 @@ class BearerTokenResponse extends AbstractResponseType
|
||||
];
|
||||
|
||||
if ($this->refreshToken instanceof RefreshTokenEntityInterface) {
|
||||
$refreshToken = $this->encrypt(
|
||||
json_encode(
|
||||
[
|
||||
'client_id' => $this->accessToken->getClient()->getIdentifier(),
|
||||
'refresh_token_id' => $this->refreshToken->getIdentifier(),
|
||||
'access_token_id' => $this->accessToken->getIdentifier(),
|
||||
'scopes' => $this->accessToken->getScopes(),
|
||||
'user_id' => $this->accessToken->getUserIdentifier(),
|
||||
'expire_time' => $this->refreshToken->getExpiryDateTime()->getTimestamp(),
|
||||
]
|
||||
)
|
||||
);
|
||||
$refreshTokenPayload = json_encode([
|
||||
'client_id' => $this->accessToken->getClient()->getIdentifier(),
|
||||
'refresh_token_id' => $this->refreshToken->getIdentifier(),
|
||||
'access_token_id' => $this->accessToken->getIdentifier(),
|
||||
'scopes' => $this->accessToken->getScopes(),
|
||||
'user_id' => $this->accessToken->getUserIdentifier(),
|
||||
'expire_time' => $this->refreshToken->getExpiryDateTime()->getTimestamp(),
|
||||
]);
|
||||
|
||||
$responseParams['refresh_token'] = $refreshToken;
|
||||
if ($refreshTokenPayload === false) {
|
||||
throw new LogicException('Error encountered JSON encoding the refresh token payload');
|
||||
}
|
||||
|
||||
$responseParams['refresh_token'] = $this->encrypt($refreshTokenPayload);
|
||||
}
|
||||
|
||||
$responseParams = array_merge($this->getExtraParams($this->accessToken), $responseParams);
|
||||
$responseParams = json_encode(array_merge($this->getExtraParams($this->accessToken), $responseParams));
|
||||
|
||||
if ($responseParams === false) {
|
||||
throw new LogicException('Error encountered JSON encoding response parameters');
|
||||
}
|
||||
|
||||
$response = $response
|
||||
->withStatus(200)
|
||||
@ -55,7 +60,7 @@ class BearerTokenResponse extends AbstractResponseType
|
||||
->withHeader('cache-control', 'no-store')
|
||||
->withHeader('content-type', 'application/json; charset=UTF-8');
|
||||
|
||||
$response->getBody()->write(json_encode($responseParams));
|
||||
$response->getBody()->write($responseParams);
|
||||
|
||||
return $response;
|
||||
}
|
||||
|
@ -31,7 +31,7 @@ class AuthorizationServerTest extends TestCase
|
||||
{
|
||||
const DEFAULT_SCOPE = 'basic';
|
||||
|
||||
public function setUp()
|
||||
public function setUp(): void
|
||||
{
|
||||
// Make sure the keys have the correct permissions.
|
||||
chmod(__DIR__ . '/Stubs/private.key', 0600);
|
||||
@ -117,35 +117,31 @@ class AuthorizationServerTest extends TestCase
|
||||
$privateKey = 'file://' . __DIR__ . '/Stubs/private.key';
|
||||
$encryptionKey = 'file://' . __DIR__ . '/Stubs/public.key';
|
||||
|
||||
$server = new class($clientRepository, $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock(), $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock(), $privateKey, $encryptionKey) extends AuthorizationServer {
|
||||
protected function getResponseType()
|
||||
{
|
||||
$this->responseType = new class extends BearerTokenResponse {
|
||||
/* @return null|CryptKey */
|
||||
public function getPrivateKey()
|
||||
{
|
||||
return $this->privateKey;
|
||||
}
|
||||
|
||||
public function getEncryptionKey()
|
||||
{
|
||||
return $this->encryptionKey;
|
||||
}
|
||||
};
|
||||
|
||||
return parent::getResponseType();
|
||||
}
|
||||
};
|
||||
$server = new AuthorizationServer(
|
||||
$clientRepository,
|
||||
$this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock(),
|
||||
$this->getMockBuilder(ScopeRepositoryInterface::class)->getMock(),
|
||||
'file://' . __DIR__ . '/Stubs/private.key',
|
||||
'file://' . __DIR__ . '/Stubs/public.key'
|
||||
);
|
||||
|
||||
$abstractGrantReflection = new \ReflectionClass($server);
|
||||
$method = $abstractGrantReflection->getMethod('getResponseType');
|
||||
$method->setAccessible(true);
|
||||
|
||||
$responseType = $method->invoke($server);
|
||||
|
||||
$this->assertInstanceOf(BearerTokenResponse::class, $responseType);
|
||||
$responseTypeReflection = new \ReflectionClass($responseType);
|
||||
|
||||
$privateKeyProperty = $responseTypeReflection->getProperty('privateKey');
|
||||
$privateKeyProperty->setAccessible(true);
|
||||
|
||||
$encryptionKeyProperty = $responseTypeReflection->getProperty('encryptionKey');
|
||||
$encryptionKeyProperty->setAccessible(true);
|
||||
|
||||
// generated instances should have keys setup
|
||||
$this->assertSame($privateKey, $responseType->getPrivateKey()->getKeyPath());
|
||||
$this->assertSame($encryptionKey, $responseType->getEncryptionKey());
|
||||
$this->assertSame($privateKey, $privateKeyProperty->getValue($responseType)->getKeyPath());
|
||||
$this->assertSame($encryptionKey, $encryptionKeyProperty->getValue($responseType));
|
||||
}
|
||||
|
||||
public function testMultipleRequestsGetDifferentResponseTypeInstances()
|
||||
@ -326,10 +322,6 @@ class AuthorizationServerTest extends TestCase
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
* @expectedExceptionCode 2
|
||||
*/
|
||||
public function testValidateAuthorizationRequestUnregistered()
|
||||
{
|
||||
$server = new AuthorizationServer(
|
||||
@ -340,19 +332,13 @@ class AuthorizationServerTest extends TestCase
|
||||
'file://' . __DIR__ . '/Stubs/public.key'
|
||||
);
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
[],
|
||||
null,
|
||||
null,
|
||||
'php://input',
|
||||
$headers = [],
|
||||
$cookies = [],
|
||||
$queryParams = [
|
||||
'response_type' => 'code',
|
||||
'client_id' => 'foo',
|
||||
]
|
||||
);
|
||||
$request = (new ServerRequest())->withQueryParams([
|
||||
'response_type' => 'code',
|
||||
'client_id' => 'foo',
|
||||
]);
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
$this->expectExceptionCode(2);
|
||||
|
||||
$server->validateAuthorizationRequest($request);
|
||||
}
|
||||
|
@ -11,10 +11,6 @@ use Zend\Diactoros\ServerRequest;
|
||||
|
||||
class BearerTokenValidatorTest extends TestCase
|
||||
{
|
||||
/**
|
||||
* @expectedException League\OAuth2\Server\Exception\OAuthServerException
|
||||
* @expectedExceptionCode 9
|
||||
*/
|
||||
public function testThrowExceptionWhenAccessTokenIsNotSigned()
|
||||
{
|
||||
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
|
||||
@ -32,8 +28,10 @@ class BearerTokenValidatorTest extends TestCase
|
||||
->set('scopes', 'scope1 scope2 scope3 scope4')
|
||||
->getToken();
|
||||
|
||||
$request = new ServerRequest();
|
||||
$request = $request->withHeader('authorization', sprintf('Bearer %s', $unsignedJwt));
|
||||
$request = (new ServerRequest())->withHeader('authorization', sprintf('Bearer %s', $unsignedJwt));
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
$this->expectExceptionCode(9);
|
||||
|
||||
$bearerTokenValidator->validateAuthorization($request);
|
||||
}
|
||||
|
@ -85,7 +85,9 @@ class OAuthServerExceptionTest extends TestCase
|
||||
$previous = new Exception('This is the previous');
|
||||
$exceptionWithPrevious = OAuthServerException::accessDenied(null, null, $previous);
|
||||
|
||||
$this->assertSame('This is the previous', $exceptionWithPrevious->getPrevious()->getMessage());
|
||||
$previousMessage = $exceptionWithPrevious->getPrevious() !== null ? $exceptionWithPrevious->getPrevious()->getMessage() : null;
|
||||
|
||||
$this->assertSame('This is the previous', $previousMessage);
|
||||
}
|
||||
|
||||
public function testDoesNotHavePrevious()
|
||||
|
@ -30,8 +30,7 @@ class AbstractGrantTest extends TestCase
|
||||
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
|
||||
$abstractGrantReflection = new \ReflectionClass($grantMock);
|
||||
|
||||
$serverRequest = new ServerRequest();
|
||||
$serverRequest = $serverRequest->withHeader('Authorization', 'Basic ' . base64_encode('Open:Sesame'));
|
||||
$serverRequest = (new ServerRequest())->withHeader('Authorization', 'Basic ' . base64_encode('Open:Sesame'));
|
||||
$basicAuthMethod = $abstractGrantReflection->getMethod('getBasicAuthCredentials');
|
||||
$basicAuthMethod->setAccessible(true);
|
||||
|
||||
@ -44,8 +43,7 @@ class AbstractGrantTest extends TestCase
|
||||
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
|
||||
$abstractGrantReflection = new \ReflectionClass($grantMock);
|
||||
|
||||
$serverRequest = new ServerRequest();
|
||||
$serverRequest = $serverRequest->withHeader('Authorization', 'Basic ' . base64_encode('Open:'));
|
||||
$serverRequest = (new ServerRequest())->withHeader('Authorization', 'Basic ' . base64_encode('Open:'));
|
||||
$basicAuthMethod = $abstractGrantReflection->getMethod('getBasicAuthCredentials');
|
||||
$basicAuthMethod->setAccessible(true);
|
||||
|
||||
@ -58,8 +56,7 @@ class AbstractGrantTest extends TestCase
|
||||
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
|
||||
$abstractGrantReflection = new \ReflectionClass($grantMock);
|
||||
|
||||
$serverRequest = new ServerRequest();
|
||||
$serverRequest = $serverRequest->withHeader('Authorization', 'Foo ' . base64_encode('Open:Sesame'));
|
||||
$serverRequest = (new ServerRequest())->withHeader('Authorization', 'Foo ' . base64_encode('Open:Sesame'));
|
||||
$basicAuthMethod = $abstractGrantReflection->getMethod('getBasicAuthCredentials');
|
||||
$basicAuthMethod->setAccessible(true);
|
||||
|
||||
@ -72,8 +69,7 @@ class AbstractGrantTest extends TestCase
|
||||
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
|
||||
$abstractGrantReflection = new \ReflectionClass($grantMock);
|
||||
|
||||
$serverRequest = new ServerRequest();
|
||||
$serverRequest = $serverRequest->withHeader('Authorization', 'Basic ||');
|
||||
$serverRequest = (new ServerRequest())->withHeader('Authorization', 'Basic ||');
|
||||
$basicAuthMethod = $abstractGrantReflection->getMethod('getBasicAuthCredentials');
|
||||
$basicAuthMethod->setAccessible(true);
|
||||
|
||||
@ -86,8 +82,7 @@ class AbstractGrantTest extends TestCase
|
||||
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
|
||||
$abstractGrantReflection = new \ReflectionClass($grantMock);
|
||||
|
||||
$serverRequest = new ServerRequest();
|
||||
$serverRequest = $serverRequest->withHeader('Authorization', 'Basic ' . base64_encode('OpenSesame'));
|
||||
$serverRequest = (new ServerRequest())->withHeader('Authorization', 'Basic ' . base64_encode('OpenSesame'));
|
||||
$basicAuthMethod = $abstractGrantReflection->getMethod('getBasicAuthCredentials');
|
||||
$basicAuthMethod->setAccessible(true);
|
||||
|
||||
@ -107,12 +102,10 @@ class AbstractGrantTest extends TestCase
|
||||
|
||||
$abstractGrantReflection = new \ReflectionClass($grantMock);
|
||||
|
||||
$serverRequest = new ServerRequest();
|
||||
$serverRequest = $serverRequest->withParsedBody(
|
||||
[
|
||||
'client_id' => 'foo',
|
||||
]
|
||||
);
|
||||
$serverRequest = (new ServerRequest())->withParsedBody([
|
||||
'client_id' => 'foo',
|
||||
]);
|
||||
|
||||
$validateClientMethod = $abstractGrantReflection->getMethod('validateClient');
|
||||
$validateClientMethod->setAccessible(true);
|
||||
|
||||
@ -133,14 +126,12 @@ class AbstractGrantTest extends TestCase
|
||||
|
||||
$abstractGrantReflection = new \ReflectionClass($grantMock);
|
||||
|
||||
$serverRequest = new ServerRequest();
|
||||
$serverRequest = $serverRequest->withParsedBody(
|
||||
[
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'bar',
|
||||
'redirect_uri' => 'http://foo/bar',
|
||||
]
|
||||
);
|
||||
$serverRequest = (new ServerRequest())->withParsedBody([
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'bar',
|
||||
'redirect_uri' => 'http://foo/bar',
|
||||
]);
|
||||
|
||||
$validateClientMethod = $abstractGrantReflection->getMethod('validateClient');
|
||||
$validateClientMethod->setAccessible(true);
|
||||
|
||||
@ -148,9 +139,6 @@ class AbstractGrantTest extends TestCase
|
||||
$this->assertEquals($client, $result);
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
*/
|
||||
public function testValidateClientMissingClientId()
|
||||
{
|
||||
$client = new ClientEntity();
|
||||
@ -167,12 +155,11 @@ class AbstractGrantTest extends TestCase
|
||||
$validateClientMethod = $abstractGrantReflection->getMethod('validateClient');
|
||||
$validateClientMethod->setAccessible(true);
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
|
||||
$validateClientMethod->invoke($grantMock, $serverRequest, true, true);
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
*/
|
||||
public function testValidateClientMissingClientSecret()
|
||||
{
|
||||
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
||||
@ -184,20 +171,18 @@ class AbstractGrantTest extends TestCase
|
||||
|
||||
$abstractGrantReflection = new \ReflectionClass($grantMock);
|
||||
|
||||
$serverRequest = new ServerRequest();
|
||||
$serverRequest = $serverRequest->withParsedBody([
|
||||
$serverRequest = (new ServerRequest())->withParsedBody([
|
||||
'client_id' => 'foo',
|
||||
]);
|
||||
|
||||
$validateClientMethod = $abstractGrantReflection->getMethod('validateClient');
|
||||
$validateClientMethod->setAccessible(true);
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
|
||||
$validateClientMethod->invoke($grantMock, $serverRequest, true, true);
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
*/
|
||||
public function testValidateClientInvalidClientSecret()
|
||||
{
|
||||
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
||||
@ -209,8 +194,7 @@ class AbstractGrantTest extends TestCase
|
||||
|
||||
$abstractGrantReflection = new \ReflectionClass($grantMock);
|
||||
|
||||
$serverRequest = new ServerRequest();
|
||||
$serverRequest = $serverRequest->withParsedBody([
|
||||
$serverRequest = (new ServerRequest())->withParsedBody([
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'foo',
|
||||
]);
|
||||
@ -218,12 +202,11 @@ class AbstractGrantTest extends TestCase
|
||||
$validateClientMethod = $abstractGrantReflection->getMethod('validateClient');
|
||||
$validateClientMethod->setAccessible(true);
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
|
||||
$validateClientMethod->invoke($grantMock, $serverRequest, true, true);
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
*/
|
||||
public function testValidateClientInvalidRedirectUri()
|
||||
{
|
||||
$client = new ClientEntity();
|
||||
@ -237,8 +220,7 @@ class AbstractGrantTest extends TestCase
|
||||
|
||||
$abstractGrantReflection = new \ReflectionClass($grantMock);
|
||||
|
||||
$serverRequest = new ServerRequest();
|
||||
$serverRequest = $serverRequest->withParsedBody([
|
||||
$serverRequest = (new ServerRequest())->withParsedBody([
|
||||
'client_id' => 'foo',
|
||||
'redirect_uri' => 'http://bar/foo',
|
||||
]);
|
||||
@ -246,12 +228,11 @@ class AbstractGrantTest extends TestCase
|
||||
$validateClientMethod = $abstractGrantReflection->getMethod('validateClient');
|
||||
$validateClientMethod->setAccessible(true);
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
|
||||
$validateClientMethod->invoke($grantMock, $serverRequest, true, true);
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
*/
|
||||
public function testValidateClientInvalidRedirectUriArray()
|
||||
{
|
||||
$client = new ClientEntity();
|
||||
@ -265,8 +246,7 @@ class AbstractGrantTest extends TestCase
|
||||
|
||||
$abstractGrantReflection = new \ReflectionClass($grantMock);
|
||||
|
||||
$serverRequest = new ServerRequest();
|
||||
$serverRequest = $serverRequest->withParsedBody([
|
||||
$serverRequest = (new ServerRequest())->withParsedBody([
|
||||
'client_id' => 'foo',
|
||||
'redirect_uri' => 'http://bar/foo',
|
||||
]);
|
||||
@ -274,12 +254,11 @@ class AbstractGrantTest extends TestCase
|
||||
$validateClientMethod = $abstractGrantReflection->getMethod('validateClient');
|
||||
$validateClientMethod->setAccessible(true);
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
|
||||
$validateClientMethod->invoke($grantMock, $serverRequest, true, true);
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
*/
|
||||
public function testValidateClientBadClient()
|
||||
{
|
||||
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
||||
@ -291,8 +270,7 @@ class AbstractGrantTest extends TestCase
|
||||
|
||||
$abstractGrantReflection = new \ReflectionClass($grantMock);
|
||||
|
||||
$serverRequest = new ServerRequest();
|
||||
$serverRequest = $serverRequest->withParsedBody([
|
||||
$serverRequest = (new ServerRequest())->withParsedBody([
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'bar',
|
||||
]);
|
||||
@ -300,6 +278,8 @@ class AbstractGrantTest extends TestCase
|
||||
$validateClientMethod = $abstractGrantReflection->getMethod('validateClient');
|
||||
$validateClientMethod->setAccessible(true);
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
|
||||
$validateClientMethod->invoke($grantMock, $serverRequest, true);
|
||||
}
|
||||
|
||||
@ -308,8 +288,7 @@ class AbstractGrantTest extends TestCase
|
||||
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
|
||||
$grantMock->method('getIdentifier')->willReturn('foobar');
|
||||
|
||||
$serverRequest = new ServerRequest();
|
||||
$serverRequest = $serverRequest->withParsedBody([
|
||||
$serverRequest = (new ServerRequest())->withParsedBody([
|
||||
'grant_type' => 'foobar',
|
||||
]);
|
||||
|
||||
@ -421,8 +400,7 @@ class AbstractGrantTest extends TestCase
|
||||
$method = $abstractGrantReflection->getMethod('getCookieParameter');
|
||||
$method->setAccessible(true);
|
||||
|
||||
$serverRequest = new ServerRequest();
|
||||
$serverRequest = $serverRequest->withCookieParams([
|
||||
$serverRequest = (new ServerRequest())->withCookieParams([
|
||||
'foo' => 'bar',
|
||||
]);
|
||||
|
||||
@ -439,8 +417,7 @@ class AbstractGrantTest extends TestCase
|
||||
$method = $abstractGrantReflection->getMethod('getQueryStringParameter');
|
||||
$method->setAccessible(true);
|
||||
|
||||
$serverRequest = new ServerRequest();
|
||||
$serverRequest = $serverRequest->withQueryParams([
|
||||
$serverRequest = (new ServerRequest())->withQueryParams([
|
||||
'foo' => 'bar',
|
||||
]);
|
||||
|
||||
@ -461,9 +438,6 @@ class AbstractGrantTest extends TestCase
|
||||
$this->assertEquals([$scope], $grantMock->validateScopes('basic '));
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
*/
|
||||
public function testValidateScopesBadScope()
|
||||
{
|
||||
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
|
||||
@ -473,6 +447,8 @@ class AbstractGrantTest extends TestCase
|
||||
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
|
||||
$grantMock->setScopeRepository($scopeRepositoryMock);
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
|
||||
$grantMock->validateScopes('basic ');
|
||||
}
|
||||
|
||||
@ -484,7 +460,7 @@ class AbstractGrantTest extends TestCase
|
||||
$method = $abstractGrantReflection->getMethod('generateUniqueIdentifier');
|
||||
$method->setAccessible(true);
|
||||
|
||||
$this->assertInternalType('string', $method->invoke($grantMock));
|
||||
$this->assertIsString($method->invoke($grantMock));
|
||||
}
|
||||
|
||||
public function testCanRespondToAuthorizationRequest()
|
||||
@ -493,21 +469,21 @@ class AbstractGrantTest extends TestCase
|
||||
$this->assertFalse($grantMock->canRespondToAuthorizationRequest(new ServerRequest()));
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \LogicException
|
||||
*/
|
||||
public function testValidateAuthorizationRequest()
|
||||
{
|
||||
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
|
||||
|
||||
$this->expectException(\LogicException::class);
|
||||
|
||||
$grantMock->validateAuthorizationRequest(new ServerRequest());
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \LogicException
|
||||
*/
|
||||
public function testCompleteAuthorizationRequest()
|
||||
{
|
||||
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
|
||||
|
||||
$this->expectException(\LogicException::class);
|
||||
|
||||
$grantMock->completeAuthorizationRequest(new AuthorizationRequest());
|
||||
}
|
||||
}
|
||||
|
@ -40,7 +40,7 @@ class AuthCodeGrantTest extends TestCase
|
||||
|
||||
const CODE_CHALLENGE = 'E9Melhoa2OwvFrEMTJguCHaoeK1t8URWbuGJSstw-cM';
|
||||
|
||||
public function setUp()
|
||||
public function setUp(): void
|
||||
{
|
||||
$this->cryptStub = new CryptTraitStub();
|
||||
}
|
||||
@ -200,9 +200,6 @@ class AuthCodeGrantTest extends TestCase
|
||||
$this->assertInstanceOf(AuthorizationRequest::class, $grant->validateAuthorizationRequest($request));
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
*/
|
||||
public function testValidateAuthorizationRequestCodeChallengeInvalidLengthTooShort()
|
||||
{
|
||||
$client = new ClientEntity();
|
||||
@ -218,28 +215,18 @@ class AuthCodeGrantTest extends TestCase
|
||||
|
||||
$grant->setClientRepository($clientRepositoryMock);
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
[],
|
||||
null,
|
||||
null,
|
||||
'php://input',
|
||||
[],
|
||||
[],
|
||||
[
|
||||
'response_type' => 'code',
|
||||
'client_id' => 'foo',
|
||||
'redirect_uri' => 'http://foo/bar',
|
||||
'code_challenge' => str_repeat('A', 42),
|
||||
]
|
||||
);
|
||||
$request = (new ServerRequest())->withQueryParams([
|
||||
'response_type' => 'code',
|
||||
'client_id' => 'foo',
|
||||
'redirect_uri' => 'http://foo/bar',
|
||||
'code_challenge' => str_repeat('A', 42),
|
||||
]);
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
|
||||
$grant->validateAuthorizationRequest($request);
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
*/
|
||||
public function testValidateAuthorizationRequestCodeChallengeInvalidLengthTooLong()
|
||||
{
|
||||
$client = new ClientEntity();
|
||||
@ -255,28 +242,18 @@ class AuthCodeGrantTest extends TestCase
|
||||
|
||||
$grant->setClientRepository($clientRepositoryMock);
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
[],
|
||||
null,
|
||||
null,
|
||||
'php://input',
|
||||
[],
|
||||
[],
|
||||
[
|
||||
'response_type' => 'code',
|
||||
'client_id' => 'foo',
|
||||
'redirect_uri' => 'http://foo/bar',
|
||||
'code_challenge' => str_repeat('A', 129),
|
||||
]
|
||||
);
|
||||
$request = (new ServerRequest())->withQueryParams([
|
||||
'response_type' => 'code',
|
||||
'client_id' => 'foo',
|
||||
'redirect_uri' => 'http://foo/bar',
|
||||
'code_challenge' => str_repeat('A', 129),
|
||||
]);
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
|
||||
$grant->validateAuthorizationRequest($request);
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
*/
|
||||
public function testValidateAuthorizationRequestCodeChallengeInvalidCharacters()
|
||||
{
|
||||
$client = new ClientEntity();
|
||||
@ -292,29 +269,18 @@ class AuthCodeGrantTest extends TestCase
|
||||
|
||||
$grant->setClientRepository($clientRepositoryMock);
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
[],
|
||||
null,
|
||||
null,
|
||||
'php://input',
|
||||
[],
|
||||
[],
|
||||
[
|
||||
'response_type' => 'code',
|
||||
'client_id' => 'foo',
|
||||
'redirect_uri' => 'http://foo/bar',
|
||||
'code_challenge' => str_repeat('A', 42) . '!',
|
||||
]
|
||||
);
|
||||
$request = (new ServerRequest())->withQueryParams([
|
||||
'response_type' => 'code',
|
||||
'client_id' => 'foo',
|
||||
'redirect_uri' => 'http://foo/bar',
|
||||
'code_challenge' => str_repeat('A', 42) . '!',
|
||||
]);
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
|
||||
$grant->validateAuthorizationRequest($request);
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
* @expectedExceptionCode 3
|
||||
*/
|
||||
public function testValidateAuthorizationRequestMissingClientId()
|
||||
{
|
||||
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
||||
@ -326,26 +292,16 @@ class AuthCodeGrantTest extends TestCase
|
||||
);
|
||||
$grant->setClientRepository($clientRepositoryMock);
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
[],
|
||||
null,
|
||||
null,
|
||||
'php://input',
|
||||
$headers = [],
|
||||
$cookies = [],
|
||||
$queryParams = [
|
||||
'response_type' => 'code',
|
||||
]
|
||||
);
|
||||
$request = (new ServerRequest())->withQueryParams([
|
||||
'response_type' => 'code',
|
||||
]);
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
$this->expectExceptionCode(3);
|
||||
|
||||
$grant->validateAuthorizationRequest($request);
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
* @expectedExceptionCode 4
|
||||
*/
|
||||
public function testValidateAuthorizationRequestInvalidClientId()
|
||||
{
|
||||
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
||||
@ -358,27 +314,17 @@ class AuthCodeGrantTest extends TestCase
|
||||
);
|
||||
$grant->setClientRepository($clientRepositoryMock);
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
[],
|
||||
null,
|
||||
null,
|
||||
'php://input',
|
||||
$headers = [],
|
||||
$cookies = [],
|
||||
$queryParams = [
|
||||
'response_type' => 'code',
|
||||
'client_id' => 'foo',
|
||||
]
|
||||
);
|
||||
$request = (new ServerRequest())->withQueryParams([
|
||||
'response_type' => 'code',
|
||||
'client_id' => 'foo',
|
||||
]);
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
$this->expectExceptionCode(4);
|
||||
|
||||
$grant->validateAuthorizationRequest($request);
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
* @expectedExceptionCode 4
|
||||
*/
|
||||
public function testValidateAuthorizationRequestBadRedirectUriString()
|
||||
{
|
||||
$client = new ClientEntity();
|
||||
@ -393,28 +339,18 @@ class AuthCodeGrantTest extends TestCase
|
||||
);
|
||||
$grant->setClientRepository($clientRepositoryMock);
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
[],
|
||||
null,
|
||||
null,
|
||||
'php://input',
|
||||
[],
|
||||
[],
|
||||
[
|
||||
'response_type' => 'code',
|
||||
'client_id' => 'foo',
|
||||
'redirect_uri' => 'http://bar',
|
||||
]
|
||||
);
|
||||
$request = (new ServerRequest())->withQueryParams([
|
||||
'response_type' => 'code',
|
||||
'client_id' => 'foo',
|
||||
'redirect_uri' => 'http://bar',
|
||||
]);
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
$this->expectExceptionCode(4);
|
||||
|
||||
$grant->validateAuthorizationRequest($request);
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
* @expectedExceptionCode 4
|
||||
*/
|
||||
public function testValidateAuthorizationRequestBadRedirectUriArray()
|
||||
{
|
||||
$client = new ClientEntity();
|
||||
@ -429,28 +365,18 @@ class AuthCodeGrantTest extends TestCase
|
||||
);
|
||||
$grant->setClientRepository($clientRepositoryMock);
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
[],
|
||||
null,
|
||||
null,
|
||||
'php://input',
|
||||
[],
|
||||
[],
|
||||
[
|
||||
'response_type' => 'code',
|
||||
'client_id' => 'foo',
|
||||
'redirect_uri' => 'http://bar',
|
||||
]
|
||||
);
|
||||
$request = (new ServerRequest())->withQueryParams([
|
||||
'response_type' => 'code',
|
||||
'client_id' => 'foo',
|
||||
'redirect_uri' => 'http://bar',
|
||||
]);
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
$this->expectExceptionCode(4);
|
||||
|
||||
$grant->validateAuthorizationRequest($request);
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
* @expectedExceptionCode 3
|
||||
*/
|
||||
public function testValidateAuthorizationRequestInvalidCodeChallengeMethod()
|
||||
{
|
||||
$client = new ClientEntity();
|
||||
@ -472,22 +398,16 @@ class AuthCodeGrantTest extends TestCase
|
||||
$grant->setScopeRepository($scopeRepositoryMock);
|
||||
$grant->setDefaultScope(self::DEFAULT_SCOPE);
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
[],
|
||||
null,
|
||||
null,
|
||||
'php://input',
|
||||
[],
|
||||
[],
|
||||
[
|
||||
'response_type' => 'code',
|
||||
'client_id' => 'foo',
|
||||
'redirect_uri' => 'http://foo/bar',
|
||||
'code_challenge' => 'foobar',
|
||||
'code_challenge_method' => 'foo',
|
||||
]
|
||||
);
|
||||
$request = (new ServerRequest())->withQueryParams([
|
||||
'response_type' => 'code',
|
||||
'client_id' => 'foo',
|
||||
'redirect_uri' => 'http://foo/bar',
|
||||
'code_challenge' => 'foobar',
|
||||
'code_challenge_method' => 'foo',
|
||||
]);
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
$this->expectExceptionCode(3);
|
||||
|
||||
$grant->validateAuthorizationRequest($request);
|
||||
}
|
||||
@ -513,10 +433,6 @@ class AuthCodeGrantTest extends TestCase
|
||||
$this->assertInstanceOf(RedirectResponse::class, $grant->completeAuthorizationRequest($authRequest));
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
* @expectedExceptionCode 9
|
||||
*/
|
||||
public function testCompleteAuthorizationRequestDenied()
|
||||
{
|
||||
$authRequest = new AuthorizationRequest();
|
||||
@ -535,6 +451,9 @@ class AuthCodeGrantTest extends TestCase
|
||||
);
|
||||
$grant->setEncryptionKey($this->cryptStub->getKey());
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
$this->expectExceptionCode(9);
|
||||
|
||||
$grant->completeAuthorizationRequest($authRequest);
|
||||
}
|
||||
|
||||
@ -954,10 +873,6 @@ class AuthCodeGrantTest extends TestCase
|
||||
$this->assertInstanceOf(RefreshTokenEntityInterface::class, $response->getRefreshToken());
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
* @expectedExceptionCode 3
|
||||
*/
|
||||
public function testRespondToAccessTokenRequestMissingRedirectUri()
|
||||
{
|
||||
$client = new ClientEntity();
|
||||
@ -999,13 +914,12 @@ class AuthCodeGrantTest extends TestCase
|
||||
]
|
||||
);
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
$this->expectExceptionCode(3);
|
||||
|
||||
$grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M'));
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
* @expectedExceptionCode 3
|
||||
*/
|
||||
public function testRespondToAccessTokenRequestRedirectUriMismatch()
|
||||
{
|
||||
$client = new ClientEntity();
|
||||
@ -1048,13 +962,12 @@ class AuthCodeGrantTest extends TestCase
|
||||
]
|
||||
);
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
$this->expectExceptionCode(3);
|
||||
|
||||
$grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M'));
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
* @expectedExceptionCode 3
|
||||
*/
|
||||
public function testRespondToAccessTokenRequestMissingCode()
|
||||
{
|
||||
$client = new ClientEntity();
|
||||
@ -1093,6 +1006,9 @@ class AuthCodeGrantTest extends TestCase
|
||||
]
|
||||
);
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
$this->expectExceptionCode(3);
|
||||
|
||||
/* @var StubResponseType $response */
|
||||
$grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M'));
|
||||
}
|
||||
@ -1711,10 +1627,6 @@ class AuthCodeGrantTest extends TestCase
|
||||
$this->assertInstanceOf(RedirectResponse::class, $grant->completeAuthorizationRequest($authRequest));
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
* @expectedExceptionCode 7
|
||||
*/
|
||||
public function testAuthCodeRepositoryFailToPersist()
|
||||
{
|
||||
$authRequest = new AuthorizationRequest();
|
||||
@ -1734,13 +1646,12 @@ class AuthCodeGrantTest extends TestCase
|
||||
);
|
||||
$grant->setEncryptionKey($this->cryptStub->getKey());
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
$this->expectExceptionCode(7);
|
||||
|
||||
$this->assertInstanceOf(RedirectResponse::class, $grant->completeAuthorizationRequest($authRequest));
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\UniqueTokenIdentifierConstraintViolationException
|
||||
* @expectedExceptionCode 100
|
||||
*/
|
||||
public function testAuthCodeRepositoryFailToPersistUniqueNoInfiniteLoop()
|
||||
{
|
||||
$authRequest = new AuthorizationRequest();
|
||||
@ -1759,6 +1670,9 @@ class AuthCodeGrantTest extends TestCase
|
||||
new DateInterval('PT10M')
|
||||
);
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\UniqueTokenIdentifierConstraintViolationException::class);
|
||||
$this->expectExceptionCode(100);
|
||||
|
||||
$this->assertInstanceOf(RedirectResponse::class, $grant->completeAuthorizationRequest($authRequest));
|
||||
}
|
||||
|
||||
@ -1831,10 +1745,6 @@ class AuthCodeGrantTest extends TestCase
|
||||
$this->assertInstanceOf(RefreshTokenEntityInterface::class, $response->getRefreshToken());
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
* @expectedExceptionCode 7
|
||||
*/
|
||||
public function testRefreshTokenRepositoryFailToPersist()
|
||||
{
|
||||
$client = new ClientEntity();
|
||||
@ -1896,6 +1806,9 @@ class AuthCodeGrantTest extends TestCase
|
||||
]
|
||||
);
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
$this->expectExceptionCode(7);
|
||||
|
||||
/** @var StubResponseType $response */
|
||||
$response = $grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M'));
|
||||
|
||||
@ -1903,10 +1816,6 @@ class AuthCodeGrantTest extends TestCase
|
||||
$this->assertInstanceOf(RefreshTokenEntityInterface::class, $response->getRefreshToken());
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\UniqueTokenIdentifierConstraintViolationException
|
||||
* @expectedExceptionCode 100
|
||||
*/
|
||||
public function testRefreshTokenRepositoryFailToPersistUniqueNoInfiniteLoop()
|
||||
{
|
||||
$client = new ClientEntity();
|
||||
@ -1968,6 +1877,9 @@ class AuthCodeGrantTest extends TestCase
|
||||
]
|
||||
);
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\UniqueTokenIdentifierConstraintViolationException::class);
|
||||
$this->expectExceptionCode(100);
|
||||
|
||||
/** @var StubResponseType $response */
|
||||
$response = $grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M'));
|
||||
|
||||
@ -1975,9 +1887,6 @@ class AuthCodeGrantTest extends TestCase
|
||||
$this->assertInstanceOf(RefreshTokenEntityInterface::class, $response->getRefreshToken());
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \LogicException
|
||||
*/
|
||||
public function testCompleteAuthorizationRequestNoUser()
|
||||
{
|
||||
$grant = new AuthCodeGrant(
|
||||
@ -1986,6 +1895,8 @@ class AuthCodeGrantTest extends TestCase
|
||||
new DateInterval('PT10M')
|
||||
);
|
||||
|
||||
$this->expectException(\LogicException::class);
|
||||
|
||||
$grant->completeAuthorizationRequest(new AuthorizationRequest());
|
||||
}
|
||||
|
||||
@ -2011,20 +1922,11 @@ class AuthCodeGrantTest extends TestCase
|
||||
$grant->setScopeRepository($scopeRepositoryMock);
|
||||
$grant->setDefaultScope(self::DEFAULT_SCOPE);
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
[],
|
||||
null,
|
||||
null,
|
||||
'php://input',
|
||||
[],
|
||||
[],
|
||||
[
|
||||
'response_type' => 'code',
|
||||
'client_id' => 'foo',
|
||||
'redirect_uri' => 'http://foo/bar',
|
||||
]
|
||||
);
|
||||
$request = (new ServerRequest())->withQueryParams([
|
||||
'response_type' => 'code',
|
||||
'client_id' => 'foo',
|
||||
'redirect_uri' => 'http://foo/bar',
|
||||
]);
|
||||
|
||||
$this->expectException(OAuthServerException::class);
|
||||
$this->expectExceptionCode(3);
|
||||
|
@ -48,13 +48,10 @@ class ClientCredentialsGrantTest extends TestCase
|
||||
$grant->setDefaultScope(self::DEFAULT_SCOPE);
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
|
||||
$serverRequest = new ServerRequest();
|
||||
$serverRequest = $serverRequest->withParsedBody(
|
||||
[
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'bar',
|
||||
]
|
||||
);
|
||||
$serverRequest = (new ServerRequest())->withParsedBody([
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'bar',
|
||||
]);
|
||||
|
||||
$responseType = new StubResponseType();
|
||||
$grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M'));
|
||||
|
@ -31,7 +31,7 @@ class ImplicitGrantTest extends TestCase
|
||||
*/
|
||||
protected $cryptStub;
|
||||
|
||||
public function setUp()
|
||||
public function setUp(): void
|
||||
{
|
||||
$this->cryptStub = new CryptTraitStub();
|
||||
}
|
||||
@ -51,12 +51,12 @@ class ImplicitGrantTest extends TestCase
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \LogicException
|
||||
*/
|
||||
public function testRespondToAccessTokenRequest()
|
||||
{
|
||||
$grant = new ImplicitGrant(new DateInterval('PT10M'));
|
||||
|
||||
$this->expectException(\LogicException::class);
|
||||
|
||||
$grant->respondToAccessTokenRequest(
|
||||
new ServerRequest(),
|
||||
new StubResponseType(),
|
||||
@ -68,19 +68,10 @@ class ImplicitGrantTest extends TestCase
|
||||
{
|
||||
$grant = new ImplicitGrant(new DateInterval('PT10M'));
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
[],
|
||||
null,
|
||||
null,
|
||||
'php://input',
|
||||
$headers = [],
|
||||
$cookies = [],
|
||||
$queryParams = [
|
||||
'response_type' => 'token',
|
||||
'client_id' => 'foo',
|
||||
]
|
||||
);
|
||||
$request = (new ServerRequest())->withQueryParams([
|
||||
'response_type' => 'token',
|
||||
'client_id' => 'foo',
|
||||
]);
|
||||
|
||||
$this->assertTrue($grant->canRespondToAuthorizationRequest($request));
|
||||
}
|
||||
@ -101,20 +92,11 @@ class ImplicitGrantTest extends TestCase
|
||||
$grant->setScopeRepository($scopeRepositoryMock);
|
||||
$grant->setDefaultScope(self::DEFAULT_SCOPE);
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
[],
|
||||
null,
|
||||
null,
|
||||
'php://input',
|
||||
$headers = [],
|
||||
$cookies = [],
|
||||
$queryParams = [
|
||||
'response_type' => 'code',
|
||||
'client_id' => 'foo',
|
||||
'redirect_uri' => 'http://foo/bar',
|
||||
]
|
||||
);
|
||||
$request = (new ServerRequest())->withQueryParams([
|
||||
'response_type' => 'code',
|
||||
'client_id' => 'foo',
|
||||
'redirect_uri' => 'http://foo/bar',
|
||||
]);
|
||||
|
||||
$this->assertInstanceOf(AuthorizationRequest::class, $grant->validateAuthorizationRequest($request));
|
||||
}
|
||||
@ -135,28 +117,15 @@ class ImplicitGrantTest extends TestCase
|
||||
$grant->setScopeRepository($scopeRepositoryMock);
|
||||
$grant->setDefaultScope(self::DEFAULT_SCOPE);
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
[],
|
||||
null,
|
||||
null,
|
||||
'php://input',
|
||||
$headers = [],
|
||||
$cookies = [],
|
||||
$queryParams = [
|
||||
'response_type' => 'code',
|
||||
'client_id' => 'foo',
|
||||
'redirect_uri' => 'http://foo/bar',
|
||||
]
|
||||
);
|
||||
$request = (new ServerRequest())->withQueryParams([
|
||||
'response_type' => 'code',
|
||||
'client_id' => 'foo',
|
||||
'redirect_uri' => 'http://foo/bar',
|
||||
]);
|
||||
|
||||
$this->assertInstanceOf(AuthorizationRequest::class, $grant->validateAuthorizationRequest($request));
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
* @expectedExceptionCode 3
|
||||
*/
|
||||
public function testValidateAuthorizationRequestMissingClientId()
|
||||
{
|
||||
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
||||
@ -164,26 +133,14 @@ class ImplicitGrantTest extends TestCase
|
||||
$grant = new ImplicitGrant(new DateInterval('PT10M'));
|
||||
$grant->setClientRepository($clientRepositoryMock);
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
[],
|
||||
null,
|
||||
null,
|
||||
'php://input',
|
||||
$headers = [],
|
||||
$cookies = [],
|
||||
$queryParams = [
|
||||
'response_type' => 'code',
|
||||
]
|
||||
);
|
||||
$request = (new ServerRequest())->withQueryParams(['response_type' => 'code']);
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
$this->expectExceptionCode(3);
|
||||
|
||||
$grant->validateAuthorizationRequest($request);
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
* @expectedExceptionCode 4
|
||||
*/
|
||||
public function testValidateAuthorizationRequestInvalidClientId()
|
||||
{
|
||||
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
||||
@ -192,27 +149,17 @@ class ImplicitGrantTest extends TestCase
|
||||
$grant = new ImplicitGrant(new DateInterval('PT10M'));
|
||||
$grant->setClientRepository($clientRepositoryMock);
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
[],
|
||||
null,
|
||||
null,
|
||||
'php://input',
|
||||
$headers = [],
|
||||
$cookies = [],
|
||||
$queryParams = [
|
||||
'response_type' => 'code',
|
||||
'client_id' => 'foo',
|
||||
]
|
||||
);
|
||||
$request = (new ServerRequest())->withQueryParams([
|
||||
'response_type' => 'code',
|
||||
'client_id' => 'foo',
|
||||
]);
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
$this->expectExceptionCode(4);
|
||||
|
||||
$grant->validateAuthorizationRequest($request);
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
* @expectedExceptionCode 4
|
||||
*/
|
||||
public function testValidateAuthorizationRequestBadRedirectUriString()
|
||||
{
|
||||
$client = new ClientEntity();
|
||||
@ -223,28 +170,18 @@ class ImplicitGrantTest extends TestCase
|
||||
$grant = new ImplicitGrant(new DateInterval('PT10M'));
|
||||
$grant->setClientRepository($clientRepositoryMock);
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
[],
|
||||
null,
|
||||
null,
|
||||
'php://input',
|
||||
$headers = [],
|
||||
$cookies = [],
|
||||
$queryParams = [
|
||||
'response_type' => 'code',
|
||||
'client_id' => 'foo',
|
||||
'redirect_uri' => 'http://bar',
|
||||
]
|
||||
);
|
||||
$request = (new ServerRequest())->withQueryParams([
|
||||
'response_type' => 'code',
|
||||
'client_id' => 'foo',
|
||||
'redirect_uri' => 'http://bar',
|
||||
]);
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
$this->expectExceptionCode(4);
|
||||
|
||||
$grant->validateAuthorizationRequest($request);
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
* @expectedExceptionCode 4
|
||||
*/
|
||||
public function testValidateAuthorizationRequestBadRedirectUriArray()
|
||||
{
|
||||
$client = new ClientEntity();
|
||||
@ -255,20 +192,14 @@ class ImplicitGrantTest extends TestCase
|
||||
$grant = new ImplicitGrant(new DateInterval('PT10M'));
|
||||
$grant->setClientRepository($clientRepositoryMock);
|
||||
|
||||
$request = new ServerRequest(
|
||||
[],
|
||||
[],
|
||||
null,
|
||||
null,
|
||||
'php://input',
|
||||
$headers = [],
|
||||
$cookies = [],
|
||||
$queryParams = [
|
||||
'response_type' => 'code',
|
||||
'client_id' => 'foo',
|
||||
'redirect_uri' => 'http://bar',
|
||||
]
|
||||
);
|
||||
$request = (new ServerRequest())->withQueryParams([
|
||||
'response_type' => 'code',
|
||||
'client_id' => 'foo',
|
||||
'redirect_uri' => 'http://bar',
|
||||
]);
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
$this->expectExceptionCode(4);
|
||||
|
||||
$grant->validateAuthorizationRequest($request);
|
||||
}
|
||||
@ -302,10 +233,6 @@ class ImplicitGrantTest extends TestCase
|
||||
$this->assertInstanceOf(RedirectResponse::class, $grant->completeAuthorizationRequest($authRequest));
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
* @expectedExceptionCode 9
|
||||
*/
|
||||
public function testCompleteAuthorizationRequestDenied()
|
||||
{
|
||||
$authRequest = new AuthorizationRequest();
|
||||
@ -326,6 +253,9 @@ class ImplicitGrantTest extends TestCase
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
$grant->setScopeRepository($scopeRepositoryMock);
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
$this->expectExceptionCode(9);
|
||||
|
||||
$grant->completeAuthorizationRequest($authRequest);
|
||||
}
|
||||
|
||||
@ -343,7 +273,7 @@ class ImplicitGrantTest extends TestCase
|
||||
$accessToken = new AccessTokenEntity();
|
||||
$accessToken->setClient($client);
|
||||
|
||||
/** @var AccessTokenRepositoryInterface|\PHPUnit_Framework_MockObject_MockObject $accessTokenRepositoryMock */
|
||||
/** @var AccessTokenRepositoryInterface|\PHPUnit\Framework\MockObject\MockObject $accessTokenRepositoryMock */
|
||||
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
|
||||
$accessTokenRepositoryMock->method('getNewToken')->willReturn($accessToken);
|
||||
$accessTokenRepositoryMock->expects($this->at(0))->method('persistNewAccessToken')->willThrowException(UniqueTokenIdentifierConstraintViolationException::create());
|
||||
@ -360,10 +290,6 @@ class ImplicitGrantTest extends TestCase
|
||||
$this->assertInstanceOf(RedirectResponse::class, $grant->completeAuthorizationRequest($authRequest));
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
* @expectedExceptionCode 7
|
||||
*/
|
||||
public function testAccessTokenRepositoryFailToPersist()
|
||||
{
|
||||
$authRequest = new AuthorizationRequest();
|
||||
@ -372,7 +298,7 @@ class ImplicitGrantTest extends TestCase
|
||||
$authRequest->setGrantTypeId('authorization_code');
|
||||
$authRequest->setUser(new UserEntity());
|
||||
|
||||
/** @var AccessTokenRepositoryInterface|\PHPUnit_Framework_MockObject_MockObject $accessTokenRepositoryMock */
|
||||
/** @var AccessTokenRepositoryInterface|\PHPUnit\Framework\MockObject\MockObject $accessTokenRepositoryMock */
|
||||
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
|
||||
$accessTokenRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity());
|
||||
$accessTokenRepositoryMock->method('persistNewAccessToken')->willThrowException(OAuthServerException::serverError('something bad happened'));
|
||||
@ -385,13 +311,12 @@ class ImplicitGrantTest extends TestCase
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
$grant->setScopeRepository($scopeRepositoryMock);
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
$this->expectExceptionCode(7);
|
||||
|
||||
$grant->completeAuthorizationRequest($authRequest);
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\UniqueTokenIdentifierConstraintViolationException
|
||||
* @expectedExceptionCode 100
|
||||
*/
|
||||
public function testAccessTokenRepositoryFailToPersistUniqueNoInfiniteLoop()
|
||||
{
|
||||
$authRequest = new AuthorizationRequest();
|
||||
@ -400,7 +325,7 @@ class ImplicitGrantTest extends TestCase
|
||||
$authRequest->setGrantTypeId('authorization_code');
|
||||
$authRequest->setUser(new UserEntity());
|
||||
|
||||
/** @var AccessTokenRepositoryInterface|\PHPUnit_Framework_MockObject_MockObject $accessTokenRepositoryMock */
|
||||
/** @var AccessTokenRepositoryInterface|\PHPUnit\Framework\MockObject\MockObject $accessTokenRepositoryMock */
|
||||
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
|
||||
$accessTokenRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity());
|
||||
$accessTokenRepositoryMock->method('persistNewAccessToken')->willThrowException(UniqueTokenIdentifierConstraintViolationException::create());
|
||||
@ -413,34 +338,38 @@ class ImplicitGrantTest extends TestCase
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
$grant->setScopeRepository($scopeRepositoryMock);
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\UniqueTokenIdentifierConstraintViolationException::class);
|
||||
$this->expectExceptionCode(100);
|
||||
|
||||
$grant->completeAuthorizationRequest($authRequest);
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \LogicException
|
||||
*/
|
||||
public function testSetRefreshTokenTTL()
|
||||
{
|
||||
$grant = new ImplicitGrant(new DateInterval('PT10M'));
|
||||
|
||||
$this->expectException(\LogicException::class);
|
||||
|
||||
$grant->setRefreshTokenTTL(new DateInterval('PT10M'));
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \LogicException
|
||||
*/
|
||||
public function testSetRefreshTokenRepository()
|
||||
{
|
||||
$grant = new ImplicitGrant(new DateInterval('PT10M'));
|
||||
|
||||
$refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
|
||||
|
||||
$this->expectException(\LogicException::class);
|
||||
|
||||
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \LogicException
|
||||
*/
|
||||
public function testCompleteAuthorizationRequestNoUser()
|
||||
{
|
||||
$grant = new ImplicitGrant(new DateInterval('PT10M'));
|
||||
|
||||
$this->expectException(\LogicException::class);
|
||||
|
||||
$grant->completeAuthorizationRequest(new AuthorizationRequest());
|
||||
}
|
||||
}
|
||||
|
@ -64,15 +64,12 @@ class PasswordGrantTest extends TestCase
|
||||
$grant->setDefaultScope(self::DEFAULT_SCOPE);
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
|
||||
$serverRequest = new ServerRequest();
|
||||
$serverRequest = $serverRequest->withParsedBody(
|
||||
[
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'bar',
|
||||
'username' => 'foo',
|
||||
'password' => 'bar',
|
||||
]
|
||||
);
|
||||
$serverRequest = (new ServerRequest())->withParsedBody([
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'bar',
|
||||
'username' => 'foo',
|
||||
'password' => 'bar',
|
||||
]);
|
||||
|
||||
$responseType = new StubResponseType();
|
||||
$grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M'));
|
||||
@ -110,15 +107,12 @@ class PasswordGrantTest extends TestCase
|
||||
$grant->setDefaultScope(self::DEFAULT_SCOPE);
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
|
||||
$serverRequest = new ServerRequest();
|
||||
$serverRequest = $serverRequest->withParsedBody(
|
||||
[
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'bar',
|
||||
'username' => 'foo',
|
||||
'password' => 'bar',
|
||||
]
|
||||
);
|
||||
$serverRequest = (new ServerRequest())->withParsedBody([
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'bar',
|
||||
'username' => 'foo',
|
||||
'password' => 'bar',
|
||||
]);
|
||||
|
||||
$responseType = new StubResponseType();
|
||||
$grant->respondToAccessTokenRequest($serverRequest, $responseType, new \DateInterval('PT5M'));
|
||||
@ -127,9 +121,6 @@ class PasswordGrantTest extends TestCase
|
||||
$this->assertNull($responseType->getRefreshToken());
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
*/
|
||||
public function testRespondToRequestMissingUsername()
|
||||
{
|
||||
$client = new ClientEntity();
|
||||
@ -146,21 +137,18 @@ class PasswordGrantTest extends TestCase
|
||||
$grant->setClientRepository($clientRepositoryMock);
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
|
||||
$serverRequest = new ServerRequest();
|
||||
$serverRequest = $serverRequest->withParsedBody(
|
||||
[
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'bar',
|
||||
]
|
||||
);
|
||||
$serverRequest = (new ServerRequest())->withQueryParams([
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'bar',
|
||||
]);
|
||||
|
||||
$responseType = new StubResponseType();
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
|
||||
$grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M'));
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
*/
|
||||
public function testRespondToRequestMissingPassword()
|
||||
{
|
||||
$client = new ClientEntity();
|
||||
@ -177,23 +165,19 @@ class PasswordGrantTest extends TestCase
|
||||
$grant->setClientRepository($clientRepositoryMock);
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
|
||||
$serverRequest = new ServerRequest();
|
||||
$serverRequest = $serverRequest->withParsedBody(
|
||||
[
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'bar',
|
||||
'username' => 'alex',
|
||||
]
|
||||
);
|
||||
$serverRequest = (new ServerRequest())->withParsedBody([
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'bar',
|
||||
'username' => 'alex',
|
||||
]);
|
||||
|
||||
$responseType = new StubResponseType();
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
|
||||
$grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M'));
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
* @expectedExceptionCode 10
|
||||
*/
|
||||
public function testRespondToRequestBadCredentials()
|
||||
{
|
||||
$client = new ClientEntity();
|
||||
@ -211,17 +195,18 @@ class PasswordGrantTest extends TestCase
|
||||
$grant->setClientRepository($clientRepositoryMock);
|
||||
$grant->setAccessTokenRepository($accessTokenRepositoryMock);
|
||||
|
||||
$serverRequest = new ServerRequest();
|
||||
$serverRequest = $serverRequest->withParsedBody(
|
||||
[
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'bar',
|
||||
'username' => 'alex',
|
||||
'password' => 'whisky',
|
||||
]
|
||||
);
|
||||
$serverRequest = (new ServerRequest())->withParsedBody([
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'bar',
|
||||
'username' => 'alex',
|
||||
'password' => 'whisky',
|
||||
]);
|
||||
|
||||
$responseType = new StubResponseType();
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
$this->expectExceptionCode(10);
|
||||
|
||||
$grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M'));
|
||||
}
|
||||
}
|
||||
|
@ -27,7 +27,7 @@ class RefreshTokenGrantTest extends TestCase
|
||||
*/
|
||||
protected $cryptStub;
|
||||
|
||||
public function setUp()
|
||||
public function setUp(): void
|
||||
{
|
||||
$this->cryptStub = new CryptTraitStub();
|
||||
}
|
||||
@ -80,8 +80,7 @@ class RefreshTokenGrantTest extends TestCase
|
||||
)
|
||||
);
|
||||
|
||||
$serverRequest = new ServerRequest();
|
||||
$serverRequest = $serverRequest->withParsedBody([
|
||||
$serverRequest = (new ServerRequest())->withParsedBody([
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'bar',
|
||||
'refresh_token' => $oldRefreshToken,
|
||||
@ -137,8 +136,7 @@ class RefreshTokenGrantTest extends TestCase
|
||||
)
|
||||
);
|
||||
|
||||
$serverRequest = new ServerRequest();
|
||||
$serverRequest = $serverRequest->withParsedBody([
|
||||
$serverRequest = (new ServerRequest())->withParsedBody([
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'bar',
|
||||
'refresh_token' => $oldRefreshToken,
|
||||
@ -192,15 +190,12 @@ class RefreshTokenGrantTest extends TestCase
|
||||
)
|
||||
);
|
||||
|
||||
$serverRequest = new ServerRequest();
|
||||
$serverRequest = $serverRequest->withParsedBody(
|
||||
[
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'bar',
|
||||
'refresh_token' => $oldRefreshToken,
|
||||
'scope' => 'foo',
|
||||
]
|
||||
);
|
||||
$serverRequest = (new ServerRequest())->withParsedBody([
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'bar',
|
||||
'refresh_token' => $oldRefreshToken,
|
||||
'scope' => 'foo',
|
||||
]);
|
||||
|
||||
$responseType = new StubResponseType();
|
||||
$grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M'));
|
||||
@ -209,10 +204,6 @@ class RefreshTokenGrantTest extends TestCase
|
||||
$this->assertInstanceOf(RefreshTokenEntityInterface::class, $responseType->getRefreshToken());
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
* @expectedExceptionCode 5
|
||||
*/
|
||||
public function testRespondToUnexpectedScope()
|
||||
{
|
||||
$client = new ClientEntity();
|
||||
@ -251,24 +242,21 @@ class RefreshTokenGrantTest extends TestCase
|
||||
)
|
||||
);
|
||||
|
||||
$serverRequest = new ServerRequest();
|
||||
$serverRequest = $serverRequest->withParsedBody(
|
||||
[
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'bar',
|
||||
'refresh_token' => $oldRefreshToken,
|
||||
'scope' => 'foobar',
|
||||
]
|
||||
);
|
||||
$serverRequest = (new ServerRequest())->withParsedBody([
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'bar',
|
||||
'refresh_token' => $oldRefreshToken,
|
||||
'scope' => 'foobar',
|
||||
]);
|
||||
|
||||
$responseType = new StubResponseType();
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
$this->expectExceptionCode(5);
|
||||
|
||||
$grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M'));
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
* @expectedExceptionCode 3
|
||||
*/
|
||||
public function testRespondToRequestMissingOldToken()
|
||||
{
|
||||
$client = new ClientEntity();
|
||||
@ -285,22 +273,19 @@ class RefreshTokenGrantTest extends TestCase
|
||||
$grant->setEncryptionKey($this->cryptStub->getKey());
|
||||
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
|
||||
|
||||
$serverRequest = new ServerRequest();
|
||||
$serverRequest = $serverRequest->withParsedBody(
|
||||
[
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'bar',
|
||||
]
|
||||
);
|
||||
$serverRequest = (new ServerRequest())->withParsedBody([
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'bar',
|
||||
]);
|
||||
|
||||
$responseType = new StubResponseType();
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
$this->expectExceptionCode(3);
|
||||
|
||||
$grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M'));
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
* @expectedExceptionCode 8
|
||||
*/
|
||||
public function testRespondToRequestInvalidOldToken()
|
||||
{
|
||||
$client = new ClientEntity();
|
||||
@ -319,23 +304,20 @@ class RefreshTokenGrantTest extends TestCase
|
||||
|
||||
$oldRefreshToken = 'foobar';
|
||||
|
||||
$serverRequest = new ServerRequest();
|
||||
$serverRequest = $serverRequest->withParsedBody(
|
||||
[
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'bar',
|
||||
'refresh_token' => $oldRefreshToken,
|
||||
]
|
||||
);
|
||||
$serverRequest = (new ServerRequest())->withParsedBody([
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'bar',
|
||||
'refresh_token' => $oldRefreshToken,
|
||||
]);
|
||||
|
||||
$responseType = new StubResponseType();
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
$this->expectExceptionCode(8);
|
||||
|
||||
$grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M'));
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
* @expectedExceptionCode 8
|
||||
*/
|
||||
public function testRespondToRequestClientMismatch()
|
||||
{
|
||||
$client = new ClientEntity();
|
||||
@ -368,23 +350,20 @@ class RefreshTokenGrantTest extends TestCase
|
||||
)
|
||||
);
|
||||
|
||||
$serverRequest = new ServerRequest();
|
||||
$serverRequest = $serverRequest->withParsedBody(
|
||||
[
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'bar',
|
||||
'refresh_token' => $oldRefreshToken,
|
||||
]
|
||||
);
|
||||
$serverRequest = (new ServerRequest())->withParsedBody([
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'bar',
|
||||
'refresh_token' => $oldRefreshToken,
|
||||
]);
|
||||
|
||||
$responseType = new StubResponseType();
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
$this->expectExceptionCode(8);
|
||||
|
||||
$grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M'));
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
* @expectedExceptionCode 8
|
||||
*/
|
||||
public function testRespondToRequestExpiredToken()
|
||||
{
|
||||
$client = new ClientEntity();
|
||||
@ -414,23 +393,20 @@ class RefreshTokenGrantTest extends TestCase
|
||||
)
|
||||
);
|
||||
|
||||
$serverRequest = new ServerRequest();
|
||||
$serverRequest = $serverRequest->withParsedBody(
|
||||
[
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'bar',
|
||||
'refresh_token' => $oldRefreshToken,
|
||||
]
|
||||
);
|
||||
$serverRequest = (new ServerRequest())->withParsedBody([
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'bar',
|
||||
'refresh_token' => $oldRefreshToken,
|
||||
]);
|
||||
|
||||
$responseType = new StubResponseType();
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
$this->expectExceptionCode(8);
|
||||
|
||||
$grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M'));
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||
* @expectedExceptionCode 8
|
||||
*/
|
||||
public function testRespondToRequestRevokedToken()
|
||||
{
|
||||
$client = new ClientEntity();
|
||||
@ -461,16 +437,17 @@ class RefreshTokenGrantTest extends TestCase
|
||||
)
|
||||
);
|
||||
|
||||
$serverRequest = new ServerRequest();
|
||||
$serverRequest = $serverRequest->withParsedBody(
|
||||
[
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'bar',
|
||||
'refresh_token' => $oldRefreshToken,
|
||||
]
|
||||
);
|
||||
$serverRequest = (new ServerRequest())->withParsedBody([
|
||||
'client_id' => 'foo',
|
||||
'client_secret' => 'bar',
|
||||
'refresh_token' => $oldRefreshToken,
|
||||
]);
|
||||
|
||||
$responseType = new StubResponseType();
|
||||
|
||||
$this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
|
||||
$this->expectExceptionCode(8);
|
||||
|
||||
$grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M'));
|
||||
}
|
||||
}
|
||||
|
@ -35,8 +35,7 @@ class ResourceServerMiddlewareTest extends TestCase
|
||||
|
||||
$token = (string) $accessToken;
|
||||
|
||||
$request = new ServerRequest();
|
||||
$request = $request->withHeader('authorization', sprintf('Bearer %s', $token));
|
||||
$request = (new ServerRequest())->withHeader('authorization', sprintf('Bearer %s', $token));
|
||||
|
||||
$middleware = new ResourceServerMiddleware($server);
|
||||
$response = $middleware->__invoke(
|
||||
@ -71,8 +70,7 @@ class ResourceServerMiddlewareTest extends TestCase
|
||||
|
||||
$token = (string) $accessToken;
|
||||
|
||||
$request = new ServerRequest();
|
||||
$request = $request->withHeader('authorization', sprintf('Bearer %s', $token));
|
||||
$request = (new ServerRequest())->withHeader('authorization', sprintf('Bearer %s', $token));
|
||||
|
||||
$middleware = new ResourceServerMiddleware($server);
|
||||
$response = $middleware->__invoke(
|
||||
@ -95,8 +93,7 @@ class ResourceServerMiddlewareTest extends TestCase
|
||||
'file://' . __DIR__ . '/../Stubs/public.key'
|
||||
);
|
||||
|
||||
$request = new ServerRequest();
|
||||
$request = $request->withHeader('authorization', '');
|
||||
$request = (new ServerRequest())->withHeader('authorization', '');
|
||||
|
||||
$middleware = new ResourceServerMiddleware($server);
|
||||
$response = $middleware->__invoke(
|
||||
|
@ -57,7 +57,7 @@ class BearerResponseTypeTest extends TestCase
|
||||
|
||||
$response->getBody()->rewind();
|
||||
$json = json_decode($response->getBody()->getContents());
|
||||
$this->assertAttributeEquals('Bearer', 'token_type', $json);
|
||||
$this->assertEquals('Bearer', $json->token_type);
|
||||
$this->assertObjectHasAttribute('expires_in', $json);
|
||||
$this->assertObjectHasAttribute('access_token', $json);
|
||||
$this->assertObjectHasAttribute('refresh_token', $json);
|
||||
@ -100,13 +100,13 @@ class BearerResponseTypeTest extends TestCase
|
||||
|
||||
$response->getBody()->rewind();
|
||||
$json = json_decode($response->getBody()->getContents());
|
||||
$this->assertAttributeEquals('Bearer', 'token_type', $json);
|
||||
$this->assertEquals('Bearer', $json->token_type);
|
||||
$this->assertObjectHasAttribute('expires_in', $json);
|
||||
$this->assertObjectHasAttribute('access_token', $json);
|
||||
$this->assertObjectHasAttribute('refresh_token', $json);
|
||||
|
||||
$this->assertObjectHasAttribute('foo', $json);
|
||||
$this->assertAttributeEquals('bar', 'foo', $json);
|
||||
$this->assertEquals('bar', $json->foo);
|
||||
}
|
||||
|
||||
public function testDetermineAccessTokenInHeaderValidToken()
|
||||
@ -142,8 +142,7 @@ class BearerResponseTypeTest extends TestCase
|
||||
$authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock);
|
||||
$authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
|
||||
$request = new ServerRequest();
|
||||
$request = $request->withHeader('authorization', sprintf('Bearer %s', $json->access_token));
|
||||
$request = (new ServerRequest())->withHeader('authorization', sprintf('Bearer %s', $json->access_token));
|
||||
|
||||
$request = $authorizationValidator->validateAuthorization($request);
|
||||
|
||||
@ -185,8 +184,7 @@ class BearerResponseTypeTest extends TestCase
|
||||
$authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock);
|
||||
$authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
|
||||
$request = new ServerRequest();
|
||||
$request = $request->withHeader('authorization', sprintf('Bearer %s', $json->access_token . 'foo'));
|
||||
$request = (new ServerRequest())->withHeader('authorization', sprintf('Bearer %s', $json->access_token . 'foo'));
|
||||
|
||||
try {
|
||||
$authorizationValidator->validateAuthorization($request);
|
||||
@ -231,8 +229,7 @@ class BearerResponseTypeTest extends TestCase
|
||||
$authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock);
|
||||
$authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
|
||||
$request = new ServerRequest();
|
||||
$request = $request->withHeader('authorization', sprintf('Bearer %s', $json->access_token));
|
||||
$request = (new ServerRequest())->withHeader('authorization', sprintf('Bearer %s', $json->access_token));
|
||||
|
||||
try {
|
||||
$authorizationValidator->validateAuthorization($request);
|
||||
@ -255,8 +252,7 @@ class BearerResponseTypeTest extends TestCase
|
||||
$authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock);
|
||||
$authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
|
||||
$request = new ServerRequest();
|
||||
$request = $request->withHeader('authorization', 'Bearer blah');
|
||||
$request = (new ServerRequest())->withHeader('authorization', 'Bearer blah');
|
||||
|
||||
try {
|
||||
$authorizationValidator->validateAuthorization($request);
|
||||
@ -279,8 +275,7 @@ class BearerResponseTypeTest extends TestCase
|
||||
$authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock);
|
||||
$authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
|
||||
|
||||
$request = new ServerRequest();
|
||||
$request = $request->withHeader('authorization', 'Bearer blah.blah.blah');
|
||||
$request = (new ServerRequest())->withHeader('authorization', 'Bearer blah.blah.blah');
|
||||
|
||||
try {
|
||||
$authorizationValidator->validateAuthorization($request);
|
||||
|
@ -7,11 +7,10 @@ use PHPUnit\Framework\TestCase;
|
||||
|
||||
class CryptKeyTest extends TestCase
|
||||
{
|
||||
/**
|
||||
* @expectedException \LogicException
|
||||
*/
|
||||
public function testNoFile()
|
||||
{
|
||||
$this->expectException(\LogicException::class);
|
||||
|
||||
new CryptKey('undefined file');
|
||||
}
|
||||
|
||||
@ -27,6 +26,11 @@ class CryptKeyTest extends TestCase
|
||||
public function testKeyFileCreation()
|
||||
{
|
||||
$keyContent = file_get_contents(__DIR__ . '/../Stubs/public.key');
|
||||
|
||||
if (!is_string($keyContent)) {
|
||||
$this->fail('The public key stub is not a string');
|
||||
}
|
||||
|
||||
$key = new CryptKey($keyContent);
|
||||
|
||||
$this->assertEquals(
|
||||
@ -35,6 +39,11 @@ class CryptKeyTest extends TestCase
|
||||
);
|
||||
|
||||
$keyContent = file_get_contents(__DIR__ . '/../Stubs/private.key.crlf');
|
||||
|
||||
if (!is_string($keyContent)) {
|
||||
$this->fail('The private key (crlf) stub is not a string');
|
||||
}
|
||||
|
||||
$key = new CryptKey($keyContent);
|
||||
|
||||
$this->assertEquals(
|
||||
|
@ -10,7 +10,7 @@ class CryptTraitTest extends TestCase
|
||||
{
|
||||
protected $cryptStub;
|
||||
|
||||
protected function setUp()
|
||||
protected function setUp(): void
|
||||
{
|
||||
$this->cryptStub = new CryptTraitStub();
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user