Merge pull request #1024 from Sephster/update-dependencies

Update Dependencies

composer.json

@@ -6,18 +6,17 @@
     "require": {
         "php": ">=7.1.0",
         "ext-openssl": "*",
-        "league/event": "^2.1",
+        "league/event": "^2.2",
-        "lcobucci/jwt": "^3.2.2",
+        "lcobucci/jwt": "^3.3.1",
         "psr/http-message": "^1.0.1",
-        "defuse/php-encryption": "^2.1",
+        "defuse/php-encryption": "^2.2.1",
         "ext-json": "*"
     },
     "require-dev": {
-        "phpunit/phpunit": "^6.3 || ^7.0",
+        "phpunit/phpunit": "^7.5.13 || ^8.2.3",
-        "zendframework/zend-diactoros": "^1.3.2",
+        "zendframework/zend-diactoros": "^2.1.2",
-        "phpstan/phpstan": "^0.9.2",
+        "phpstan/phpstan": "^0.11.8",
-        "phpstan/phpstan-phpunit": "^0.9.4",
+        "phpstan/phpstan-phpunit": "^0.11.2",
-        "phpstan/phpstan-strict-rules": "^0.9.0",
         "roave/security-advisories": "dev-master"
     },
     "repositories": [

phpstan.neon

@@ -1,8 +1,6 @@
 includes:
 	- vendor/phpstan/phpstan-phpunit/extension.neon
 	- vendor/phpstan/phpstan-phpunit/rules.neon
-	- vendor/phpstan/phpstan-phpunit/strictRules.neon
-	- vendor/phpstan/phpstan-strict-rules/rules.neon
 services:
 	-
 		class: LeagueTests\PHPStan\AbstractGrantExtension

src/AuthorizationValidators/BearerTokenValidator.php

@@ -63,7 +63,7 @@ class BearerTokenValidator implements AuthorizationValidatorInterface
         }
 
         $header = $request->getHeader('authorization');
-        $jwt = trim(preg_replace('/^(?:\s+)?Bearer\s/', '', $header[0]));
+        $jwt = trim((string) preg_replace('/^(?:\s+)?Bearer\s/', '', $header[0]));
 
         try {
             // Attempt to parse and validate the JWT

src/CryptTrait.php

@@ -19,7 +19,7 @@ use LogicException;
 trait CryptTrait
 {
     /**
-     * @var string|Key
+     * @var string|Key|null
      */
     protected $encryptionKey;
 
@@ -39,9 +39,13 @@ trait CryptTrait
                 return Crypto::encrypt($unencryptedData, $this->encryptionKey);
             }
 
-            return Crypto::encryptWithPassword($unencryptedData, $this->encryptionKey);
+            if (is_string($this->encryptionKey)) {
+                return Crypto::encryptWithPassword($unencryptedData, $this->encryptionKey);
+            }
+
+            throw new LogicException('Encryption key not set when attempting to encrypt');
         } catch (Exception $e) {
-            throw new LogicException($e->getMessage(), null, $e);
+            throw new LogicException($e->getMessage(), 0, $e);
         }
     }
 
@@ -61,9 +65,13 @@ trait CryptTrait
                 return Crypto::decrypt($encryptedData, $this->encryptionKey);
             }
 
-            return Crypto::decryptWithPassword($encryptedData, $this->encryptionKey);
+            if (is_string($this->encryptionKey)) {
+                return Crypto::decryptWithPassword($encryptedData, $this->encryptionKey);
+            }
+
+            throw new LogicException('Encryption key not set when attempting to decrypt');
         } catch (Exception $e) {
-            throw new LogicException($e->getMessage(), null, $e);
+            throw new LogicException($e->getMessage(), 0, $e);
         }
     }
 

src/Entities/Traits/AccessTokenTrait.php

@@ -48,7 +48,7 @@ trait AccessTokenTrait
             ->setIssuedAt(time())
             ->setNotBefore(time())
             ->setExpiration($this->getExpiryDateTime()->getTimestamp())
-            ->setSubject($this->getUserIdentifier())
+            ->setSubject((string) $this->getUserIdentifier())
             ->set('scopes', $this->getScopes())
             ->sign(new Sha256(), new Key($privateKey->getKeyPath(), $privateKey->getPassPhrase()))
             ->getToken();

src/Exception/OAuthServerException.php

@@ -308,7 +308,9 @@ class OAuthServerException extends Exception
             $response = $response->withHeader($header, $content);
         }
 
-        $response->getBody()->write(json_encode($payload, $jsonOptions));
+        $responseBody = json_encode($payload, $jsonOptions) ?: 'JSON encoding of payload failed';
+
+        $response->getBody()->write($responseBody);
 
         return $response->withStatus($this->getHttpStatusCode());
     }

src/Grant/AbstractGrant.php

@@ -185,7 +185,7 @@ abstract class AbstractGrant implements GrantTypeInterface
             throw OAuthServerException::invalidClient($request);
         }
 
-        $client = $this->clientRepository->getClientEntity($clientId);
+        $client = $this->getClientEntityOrFail($clientId, $request);
 
         // If a redirect URI is provided ensure it matches what is pre-registered
         $redirectUri = $this->getRequestParameter('redirect_uri', $request, null);

src/Grant/AuthCodeGrant.php

@@ -142,19 +142,21 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
                 );
             }
 
-            if (isset($this->codeChallengeVerifiers[$authCodePayload->code_challenge_method])) {
+            if (property_exists($authCodePayload, 'code_challenge_method')) {
-                $codeChallengeVerifier = $this->codeChallengeVerifiers[$authCodePayload->code_challenge_method];
+                if (isset($this->codeChallengeVerifiers[$authCodePayload->code_challenge_method])) {
+                    $codeChallengeVerifier = $this->codeChallengeVerifiers[$authCodePayload->code_challenge_method];
 
-                if ($codeChallengeVerifier->verifyCodeChallenge($codeVerifier, $authCodePayload->code_challenge) === false) {
+                    if ($codeChallengeVerifier->verifyCodeChallenge($codeVerifier, $authCodePayload->code_challenge) === false) {
-                    throw OAuthServerException::invalidGrant('Failed to verify `code_verifier`.');
+                        throw OAuthServerException::invalidGrant('Failed to verify `code_verifier`.');
+                    }
+                } else {
+                    throw OAuthServerException::serverError(
+                        sprintf(
+                            'Unsupported code challenge method `%s`',
+                            $authCodePayload->code_challenge_method
+                        )
+                    );
                 }
-            } else {
-                throw OAuthServerException::serverError(
-                    sprintf(
-                        'Unsupported code challenge method `%s`',
-                        $authCodePayload->code_challenge_method
-                    )
-                );
             }
         }
 
@@ -351,12 +353,18 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
                 'code_challenge_method' => $authorizationRequest->getCodeChallengeMethod(),
             ];
 
+            $jsonPayload = json_encode($payload);
+
+            if ($jsonPayload === false) {
+                throw new LogicException('An error was encountered when JSON encoding the authorization request response');
+            }
+
             $response = new RedirectResponse();
             $response->setRedirectUri(
                 $this->makeRedirectUri(
                     $finalRedirectUri,
                     [
-                        'code'  => $this->encrypt(json_encode($payload)),
+                        'code'  => $this->encrypt($jsonPayload),
                         'state' => $authorizationRequest->getState(),
                     ]
                 )

src/Repositories/ClientRepositoryInterface.php

@@ -21,7 +21,7 @@ interface ClientRepositoryInterface extends RepositoryInterface
      *
      * @param string $clientIdentifier The client's identifier
      *
-     * @return ClientEntityInterface
+     * @return ClientEntityInterface|null
      */
     public function getClientEntity($clientIdentifier);
 

src/Repositories/ScopeRepositoryInterface.php

@@ -22,7 +22,7 @@ interface ScopeRepositoryInterface extends RepositoryInterface
      *
      * @param string $identifier The scope identifier
      *
-     * @return ScopeEntityInterface
+     * @return ScopeEntityInterface|null
      */
     public function getScopeEntityByIdentifier($identifier);
 

src/Repositories/UserRepositoryInterface.php

@@ -22,7 +22,7 @@ interface UserRepositoryInterface extends RepositoryInterface
      * @param string                $grantType    The grant type used
      * @param ClientEntityInterface $clientEntity
      *
-     * @return UserEntityInterface
+     * @return UserEntityInterface|null
      */
     public function getUserEntityByUserCredentials(
         $username,

src/RequestTypes/AuthorizationRequest.php

@@ -111,7 +111,7 @@ class AuthorizationRequest
     }
 
     /**
-     * @return UserEntityInterface
+     * @return UserEntityInterface|null
      */
     public function getUser()
     {

src/ResponseTypes/BearerTokenResponse.php

@@ -13,6 +13,7 @@ namespace League\OAuth2\Server\ResponseTypes;
 
 use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
 use League\OAuth2\Server\Entities\RefreshTokenEntityInterface;
+use LogicException;
 use Psr\Http\Message\ResponseInterface;
 
 class BearerTokenResponse extends AbstractResponseType
@@ -31,23 +32,27 @@ class BearerTokenResponse extends AbstractResponseType
         ];
 
         if ($this->refreshToken instanceof RefreshTokenEntityInterface) {
-            $refreshToken = $this->encrypt(
+            $refreshTokenPayload = json_encode([
-                json_encode(
+                'client_id'        => $this->accessToken->getClient()->getIdentifier(),
-                    [
+                'refresh_token_id' => $this->refreshToken->getIdentifier(),
-                        'client_id'        => $this->accessToken->getClient()->getIdentifier(),
+                'access_token_id'  => $this->accessToken->getIdentifier(),
-                        'refresh_token_id' => $this->refreshToken->getIdentifier(),
+                'scopes'           => $this->accessToken->getScopes(),
-                        'access_token_id'  => $this->accessToken->getIdentifier(),
+                'user_id'          => $this->accessToken->getUserIdentifier(),
-                        'scopes'           => $this->accessToken->getScopes(),
+                'expire_time'      => $this->refreshToken->getExpiryDateTime()->getTimestamp(),
-                        'user_id'          => $this->accessToken->getUserIdentifier(),
+            ]);
-                        'expire_time'      => $this->refreshToken->getExpiryDateTime()->getTimestamp(),
-                    ]
-                )
-            );
 
-            $responseParams['refresh_token'] = $refreshToken;
+            if ($refreshTokenPayload === false) {
+                throw new LogicException('Error encountered JSON encoding the refresh token payload');
+            }
+
+            $responseParams['refresh_token'] = $this->encrypt($refreshTokenPayload);
         }
 
-        $responseParams = array_merge($this->getExtraParams($this->accessToken), $responseParams);
+        $responseParams = json_encode(array_merge($this->getExtraParams($this->accessToken), $responseParams));
+
+        if ($responseParams === false) {
+            throw new LogicException('Error encountered JSON encoding response parameters');
+        }
 
         $response = $response
             ->withStatus(200)
@@ -55,7 +60,7 @@ class BearerTokenResponse extends AbstractResponseType
             ->withHeader('cache-control', 'no-store')
             ->withHeader('content-type', 'application/json; charset=UTF-8');
 
-        $response->getBody()->write(json_encode($responseParams));
+        $response->getBody()->write($responseParams);
 
         return $response;
     }

tests/AuthorizationServerTest.php

@@ -31,7 +31,7 @@ class AuthorizationServerTest extends TestCase
 {
     const DEFAULT_SCOPE = 'basic';
 
-    public function setUp()
+    public function setUp(): void
     {
         // Make sure the keys have the correct permissions.
         chmod(__DIR__ . '/Stubs/private.key', 0600);
@@ -117,35 +117,31 @@ class AuthorizationServerTest extends TestCase
         $privateKey = 'file://' . __DIR__ . '/Stubs/private.key';
         $encryptionKey = 'file://' . __DIR__ . '/Stubs/public.key';
 
-        $server = new class($clientRepository, $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock(), $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock(), $privateKey, $encryptionKey) extends AuthorizationServer {
+        $server = new AuthorizationServer(
-            protected function getResponseType()
+            $clientRepository,
-            {
+            $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock(),
-                $this->responseType = new class extends BearerTokenResponse {
+            $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock(),
-                    /* @return null|CryptKey */
+            'file://' . __DIR__ . '/Stubs/private.key',
-                    public function getPrivateKey()
+            'file://' . __DIR__ . '/Stubs/public.key'
-                    {
+        );
-                        return $this->privateKey;
-                    }
-
-                    public function getEncryptionKey()
-                    {
-                        return $this->encryptionKey;
-                    }
-                };
-
-                return parent::getResponseType();
-            }
-        };
 
         $abstractGrantReflection = new \ReflectionClass($server);
         $method = $abstractGrantReflection->getMethod('getResponseType');
         $method->setAccessible(true);
+
         $responseType = $method->invoke($server);
 
-        $this->assertInstanceOf(BearerTokenResponse::class, $responseType);
+        $responseTypeReflection = new \ReflectionClass($responseType);
+
+        $privateKeyProperty = $responseTypeReflection->getProperty('privateKey');
+        $privateKeyProperty->setAccessible(true);
+
+        $encryptionKeyProperty = $responseTypeReflection->getProperty('encryptionKey');
+        $encryptionKeyProperty->setAccessible(true);
+
         // generated instances should have keys setup
-        $this->assertSame($privateKey, $responseType->getPrivateKey()->getKeyPath());
+        $this->assertSame($privateKey, $privateKeyProperty->getValue($responseType)->getKeyPath());
-        $this->assertSame($encryptionKey, $responseType->getEncryptionKey());
+        $this->assertSame($encryptionKey, $encryptionKeyProperty->getValue($responseType));
     }
 
     public function testMultipleRequestsGetDifferentResponseTypeInstances()
@@ -326,10 +322,6 @@ class AuthorizationServerTest extends TestCase
         }
     }
 
-    /**
-     * @expectedException  \League\OAuth2\Server\Exception\OAuthServerException
-     * @expectedExceptionCode 2
-     */
     public function testValidateAuthorizationRequestUnregistered()
     {
         $server = new AuthorizationServer(
@@ -340,19 +332,13 @@ class AuthorizationServerTest extends TestCase
             'file://' . __DIR__ . '/Stubs/public.key'
         );
 
-        $request = new ServerRequest(
+        $request = (new ServerRequest())->withQueryParams([
-            [],
+            'response_type' => 'code',
-            [],
+            'client_id' => 'foo',
-            null,
+        ]);
-            null,
+
-            'php://input',
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
-            $headers = [],
+        $this->expectExceptionCode(2);
-            $cookies = [],
-            $queryParams = [
-                'response_type' => 'code',
-                'client_id'     => 'foo',
-            ]
-        );
 
         $server->validateAuthorizationRequest($request);
     }

tests/AuthorizationValidators/BearerTokenValidatorTest.php

@@ -11,10 +11,6 @@ use Zend\Diactoros\ServerRequest;
 
 class BearerTokenValidatorTest extends TestCase
 {
-    /**
-     * @expectedException League\OAuth2\Server\Exception\OAuthServerException
-     * @expectedExceptionCode 9
-     */
     public function testThrowExceptionWhenAccessTokenIsNotSigned()
     {
         $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
@@ -32,8 +28,10 @@ class BearerTokenValidatorTest extends TestCase
             ->set('scopes', 'scope1 scope2 scope3 scope4')
             ->getToken();
 
-        $request = new ServerRequest();
+        $request = (new ServerRequest())->withHeader('authorization', sprintf('Bearer %s', $unsignedJwt));
-        $request = $request->withHeader('authorization', sprintf('Bearer %s', $unsignedJwt));
+
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
+        $this->expectExceptionCode(9);
 
         $bearerTokenValidator->validateAuthorization($request);
     }

tests/Exception/OAuthServerExceptionTest.php

@@ -85,7 +85,9 @@ class OAuthServerExceptionTest extends TestCase
         $previous = new Exception('This is the previous');
         $exceptionWithPrevious = OAuthServerException::accessDenied(null, null, $previous);
 
-        $this->assertSame('This is the previous', $exceptionWithPrevious->getPrevious()->getMessage());
+        $previousMessage = $exceptionWithPrevious->getPrevious() !== null ? $exceptionWithPrevious->getPrevious()->getMessage() : null;
+
+        $this->assertSame('This is the previous', $previousMessage);
     }
 
     public function testDoesNotHavePrevious()

tests/Grant/AbstractGrantTest.php

@@ -30,8 +30,7 @@ class AbstractGrantTest extends TestCase
         $grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
         $abstractGrantReflection = new \ReflectionClass($grantMock);
 
-        $serverRequest = new ServerRequest();
+        $serverRequest = (new ServerRequest())->withHeader('Authorization', 'Basic ' . base64_encode('Open:Sesame'));
-        $serverRequest = $serverRequest->withHeader('Authorization', 'Basic ' . base64_encode('Open:Sesame'));
         $basicAuthMethod = $abstractGrantReflection->getMethod('getBasicAuthCredentials');
         $basicAuthMethod->setAccessible(true);
 
@@ -44,8 +43,7 @@ class AbstractGrantTest extends TestCase
         $grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
         $abstractGrantReflection = new \ReflectionClass($grantMock);
 
-        $serverRequest = new ServerRequest();
+        $serverRequest = (new ServerRequest())->withHeader('Authorization', 'Basic ' . base64_encode('Open:'));
-        $serverRequest = $serverRequest->withHeader('Authorization', 'Basic ' . base64_encode('Open:'));
         $basicAuthMethod = $abstractGrantReflection->getMethod('getBasicAuthCredentials');
         $basicAuthMethod->setAccessible(true);
 
@@ -58,8 +56,7 @@ class AbstractGrantTest extends TestCase
         $grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
         $abstractGrantReflection = new \ReflectionClass($grantMock);
 
-        $serverRequest = new ServerRequest();
+        $serverRequest = (new ServerRequest())->withHeader('Authorization', 'Foo ' . base64_encode('Open:Sesame'));
-        $serverRequest = $serverRequest->withHeader('Authorization', 'Foo ' . base64_encode('Open:Sesame'));
         $basicAuthMethod = $abstractGrantReflection->getMethod('getBasicAuthCredentials');
         $basicAuthMethod->setAccessible(true);
 
@@ -72,8 +69,7 @@ class AbstractGrantTest extends TestCase
         $grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
         $abstractGrantReflection = new \ReflectionClass($grantMock);
 
-        $serverRequest = new ServerRequest();
+        $serverRequest = (new ServerRequest())->withHeader('Authorization', 'Basic ||');
-        $serverRequest = $serverRequest->withHeader('Authorization', 'Basic ||');
         $basicAuthMethod = $abstractGrantReflection->getMethod('getBasicAuthCredentials');
         $basicAuthMethod->setAccessible(true);
 
@@ -86,8 +82,7 @@ class AbstractGrantTest extends TestCase
         $grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
         $abstractGrantReflection = new \ReflectionClass($grantMock);
 
-        $serverRequest = new ServerRequest();
+        $serverRequest = (new ServerRequest())->withHeader('Authorization', 'Basic ' . base64_encode('OpenSesame'));
-        $serverRequest = $serverRequest->withHeader('Authorization', 'Basic ' . base64_encode('OpenSesame'));
         $basicAuthMethod = $abstractGrantReflection->getMethod('getBasicAuthCredentials');
         $basicAuthMethod->setAccessible(true);
 
@@ -107,12 +102,10 @@ class AbstractGrantTest extends TestCase
 
         $abstractGrantReflection = new \ReflectionClass($grantMock);
 
-        $serverRequest = new ServerRequest();
+        $serverRequest = (new ServerRequest())->withParsedBody([
-        $serverRequest = $serverRequest->withParsedBody(
+            'client_id' => 'foo',
-            [
+        ]);
-                'client_id' => 'foo',
+
-            ]
-        );
         $validateClientMethod = $abstractGrantReflection->getMethod('validateClient');
         $validateClientMethod->setAccessible(true);
 
@@ -133,14 +126,12 @@ class AbstractGrantTest extends TestCase
 
         $abstractGrantReflection = new \ReflectionClass($grantMock);
 
-        $serverRequest = new ServerRequest();
+        $serverRequest = (new ServerRequest())->withParsedBody([
-        $serverRequest = $serverRequest->withParsedBody(
+            'client_id'     => 'foo',
-            [
+            'client_secret' => 'bar',
-                'client_id'     => 'foo',
+            'redirect_uri'  => 'http://foo/bar',
-                'client_secret' => 'bar',
+        ]);
-                'redirect_uri'  => 'http://foo/bar',
+
-            ]
-        );
         $validateClientMethod = $abstractGrantReflection->getMethod('validateClient');
         $validateClientMethod->setAccessible(true);
 
@@ -148,9 +139,6 @@ class AbstractGrantTest extends TestCase
         $this->assertEquals($client, $result);
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     */
     public function testValidateClientMissingClientId()
     {
         $client = new ClientEntity();
@@ -167,12 +155,11 @@ class AbstractGrantTest extends TestCase
         $validateClientMethod = $abstractGrantReflection->getMethod('validateClient');
         $validateClientMethod->setAccessible(true);
 
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
+
         $validateClientMethod->invoke($grantMock, $serverRequest, true, true);
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     */
     public function testValidateClientMissingClientSecret()
     {
         $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
@@ -184,20 +171,18 @@ class AbstractGrantTest extends TestCase
 
         $abstractGrantReflection = new \ReflectionClass($grantMock);
 
-        $serverRequest = new ServerRequest();
+        $serverRequest = (new ServerRequest())->withParsedBody([
-        $serverRequest = $serverRequest->withParsedBody([
             'client_id' => 'foo',
         ]);
 
         $validateClientMethod = $abstractGrantReflection->getMethod('validateClient');
         $validateClientMethod->setAccessible(true);
 
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
+
         $validateClientMethod->invoke($grantMock, $serverRequest, true, true);
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     */
     public function testValidateClientInvalidClientSecret()
     {
         $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
@@ -209,8 +194,7 @@ class AbstractGrantTest extends TestCase
 
         $abstractGrantReflection = new \ReflectionClass($grantMock);
 
-        $serverRequest = new ServerRequest();
+        $serverRequest = (new ServerRequest())->withParsedBody([
-        $serverRequest = $serverRequest->withParsedBody([
             'client_id'     => 'foo',
             'client_secret' => 'foo',
         ]);
@@ -218,12 +202,11 @@ class AbstractGrantTest extends TestCase
         $validateClientMethod = $abstractGrantReflection->getMethod('validateClient');
         $validateClientMethod->setAccessible(true);
 
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
+
         $validateClientMethod->invoke($grantMock, $serverRequest, true, true);
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     */
     public function testValidateClientInvalidRedirectUri()
     {
         $client = new ClientEntity();
@@ -237,8 +220,7 @@ class AbstractGrantTest extends TestCase
 
         $abstractGrantReflection = new \ReflectionClass($grantMock);
 
-        $serverRequest = new ServerRequest();
+        $serverRequest = (new ServerRequest())->withParsedBody([
-        $serverRequest = $serverRequest->withParsedBody([
             'client_id'    => 'foo',
             'redirect_uri' => 'http://bar/foo',
         ]);
@@ -246,12 +228,11 @@ class AbstractGrantTest extends TestCase
         $validateClientMethod = $abstractGrantReflection->getMethod('validateClient');
         $validateClientMethod->setAccessible(true);
 
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
+
         $validateClientMethod->invoke($grantMock, $serverRequest, true, true);
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     */
     public function testValidateClientInvalidRedirectUriArray()
     {
         $client = new ClientEntity();
@@ -265,8 +246,7 @@ class AbstractGrantTest extends TestCase
 
         $abstractGrantReflection = new \ReflectionClass($grantMock);
 
-        $serverRequest = new ServerRequest();
+        $serverRequest = (new ServerRequest())->withParsedBody([
-        $serverRequest = $serverRequest->withParsedBody([
             'client_id'    => 'foo',
             'redirect_uri' => 'http://bar/foo',
         ]);
@@ -274,12 +254,11 @@ class AbstractGrantTest extends TestCase
         $validateClientMethod = $abstractGrantReflection->getMethod('validateClient');
         $validateClientMethod->setAccessible(true);
 
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
+
         $validateClientMethod->invoke($grantMock, $serverRequest, true, true);
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     */
     public function testValidateClientBadClient()
     {
         $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
@@ -291,8 +270,7 @@ class AbstractGrantTest extends TestCase
 
         $abstractGrantReflection = new \ReflectionClass($grantMock);
 
-        $serverRequest = new ServerRequest();
+        $serverRequest = (new ServerRequest())->withParsedBody([
-        $serverRequest = $serverRequest->withParsedBody([
             'client_id'     => 'foo',
             'client_secret' => 'bar',
         ]);
@@ -300,6 +278,8 @@ class AbstractGrantTest extends TestCase
         $validateClientMethod = $abstractGrantReflection->getMethod('validateClient');
         $validateClientMethod->setAccessible(true);
 
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
+
         $validateClientMethod->invoke($grantMock, $serverRequest, true);
     }
 
@@ -308,8 +288,7 @@ class AbstractGrantTest extends TestCase
         $grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
         $grantMock->method('getIdentifier')->willReturn('foobar');
 
-        $serverRequest = new ServerRequest();
+        $serverRequest = (new ServerRequest())->withParsedBody([
-        $serverRequest = $serverRequest->withParsedBody([
             'grant_type' => 'foobar',
         ]);
 
@@ -421,8 +400,7 @@ class AbstractGrantTest extends TestCase
         $method = $abstractGrantReflection->getMethod('getCookieParameter');
         $method->setAccessible(true);
 
-        $serverRequest = new ServerRequest();
+        $serverRequest = (new ServerRequest())->withCookieParams([
-        $serverRequest = $serverRequest->withCookieParams([
             'foo' => 'bar',
         ]);
 
@@ -439,8 +417,7 @@ class AbstractGrantTest extends TestCase
         $method = $abstractGrantReflection->getMethod('getQueryStringParameter');
         $method->setAccessible(true);
 
-        $serverRequest = new ServerRequest();
+        $serverRequest = (new ServerRequest())->withQueryParams([
-        $serverRequest = $serverRequest->withQueryParams([
             'foo' => 'bar',
         ]);
 
@@ -461,9 +438,6 @@ class AbstractGrantTest extends TestCase
         $this->assertEquals([$scope], $grantMock->validateScopes('basic   '));
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     */
     public function testValidateScopesBadScope()
     {
         $scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
@@ -473,6 +447,8 @@ class AbstractGrantTest extends TestCase
         $grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
         $grantMock->setScopeRepository($scopeRepositoryMock);
 
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
+
         $grantMock->validateScopes('basic   ');
     }
 
@@ -484,7 +460,7 @@ class AbstractGrantTest extends TestCase
         $method = $abstractGrantReflection->getMethod('generateUniqueIdentifier');
         $method->setAccessible(true);
 
-        $this->assertInternalType('string', $method->invoke($grantMock));
+        $this->assertIsString($method->invoke($grantMock));
     }
 
     public function testCanRespondToAuthorizationRequest()
@@ -493,21 +469,21 @@ class AbstractGrantTest extends TestCase
         $this->assertFalse($grantMock->canRespondToAuthorizationRequest(new ServerRequest()));
     }
 
-    /**
-     * @expectedException \LogicException
-     */
     public function testValidateAuthorizationRequest()
     {
         $grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
+
+        $this->expectException(\LogicException::class);
+
         $grantMock->validateAuthorizationRequest(new ServerRequest());
     }
 
-    /**
-     * @expectedException \LogicException
-     */
     public function testCompleteAuthorizationRequest()
     {
         $grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
+
+        $this->expectException(\LogicException::class);
+
         $grantMock->completeAuthorizationRequest(new AuthorizationRequest());
     }
 }

tests/Grant/AuthCodeGrantTest.php

@@ -40,7 +40,7 @@ class AuthCodeGrantTest extends TestCase
 
     const CODE_CHALLENGE = 'E9Melhoa2OwvFrEMTJguCHaoeK1t8URWbuGJSstw-cM';
 
-    public function setUp()
+    public function setUp(): void
     {
         $this->cryptStub = new CryptTraitStub();
     }
@@ -200,9 +200,6 @@ class AuthCodeGrantTest extends TestCase
         $this->assertInstanceOf(AuthorizationRequest::class, $grant->validateAuthorizationRequest($request));
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     */
     public function testValidateAuthorizationRequestCodeChallengeInvalidLengthTooShort()
     {
         $client = new ClientEntity();
@@ -218,28 +215,18 @@ class AuthCodeGrantTest extends TestCase
 
         $grant->setClientRepository($clientRepositoryMock);
 
-        $request = new ServerRequest(
+        $request = (new ServerRequest())->withQueryParams([
-            [],
+            'response_type'  => 'code',
-            [],
+            'client_id'      => 'foo',
-            null,
+            'redirect_uri'   => 'http://foo/bar',
-            null,
+            'code_challenge' => str_repeat('A', 42),
-            'php://input',
+        ]);
-            [],
+
-            [],
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
-            [
-                'response_type'  => 'code',
-                'client_id'      => 'foo',
-                'redirect_uri'   => 'http://foo/bar',
-                'code_challenge' => str_repeat('A', 42),
-            ]
-        );
 
         $grant->validateAuthorizationRequest($request);
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     */
     public function testValidateAuthorizationRequestCodeChallengeInvalidLengthTooLong()
     {
         $client = new ClientEntity();
@@ -255,28 +242,18 @@ class AuthCodeGrantTest extends TestCase
 
         $grant->setClientRepository($clientRepositoryMock);
 
-        $request = new ServerRequest(
+        $request = (new ServerRequest())->withQueryParams([
-            [],
+            'response_type'  => 'code',
-            [],
+            'client_id'      => 'foo',
-            null,
+            'redirect_uri'   => 'http://foo/bar',
-            null,
+            'code_challenge' => str_repeat('A', 129),
-            'php://input',
+        ]);
-            [],
+
-            [],
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
-            [
-                'response_type'  => 'code',
-                'client_id'      => 'foo',
-                'redirect_uri'   => 'http://foo/bar',
-                'code_challenge' => str_repeat('A', 129),
-            ]
-        );
 
         $grant->validateAuthorizationRequest($request);
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     */
     public function testValidateAuthorizationRequestCodeChallengeInvalidCharacters()
     {
         $client = new ClientEntity();
@@ -292,29 +269,18 @@ class AuthCodeGrantTest extends TestCase
 
         $grant->setClientRepository($clientRepositoryMock);
 
-        $request = new ServerRequest(
+        $request = (new ServerRequest())->withQueryParams([
-            [],
+            'response_type' => 'code',
-            [],
+            'client_id' => 'foo',
-            null,
+            'redirect_uri' => 'http://foo/bar',
-            null,
+            'code_challenge' => str_repeat('A', 42) . '!',
-            'php://input',
+        ]);
-            [],
+
-            [],
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
-            [
-                'response_type'  => 'code',
-                'client_id'      => 'foo',
-                'redirect_uri'   => 'http://foo/bar',
-                'code_challenge' => str_repeat('A', 42) . '!',
-            ]
-        );
 
         $grant->validateAuthorizationRequest($request);
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     * @expectedExceptionCode 3
-     */
     public function testValidateAuthorizationRequestMissingClientId()
     {
         $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
@@ -326,26 +292,16 @@ class AuthCodeGrantTest extends TestCase
         );
         $grant->setClientRepository($clientRepositoryMock);
 
-        $request = new ServerRequest(
+        $request = (new ServerRequest())->withQueryParams([
-            [],
+            'response_type' => 'code',
-            [],
+        ]);
-            null,
+
-            null,
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
-            'php://input',
+        $this->expectExceptionCode(3);
-            $headers = [],
-            $cookies = [],
-            $queryParams = [
-                'response_type' => 'code',
-            ]
-        );
 
         $grant->validateAuthorizationRequest($request);
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     * @expectedExceptionCode 4
-     */
     public function testValidateAuthorizationRequestInvalidClientId()
     {
         $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
@@ -358,27 +314,17 @@ class AuthCodeGrantTest extends TestCase
         );
         $grant->setClientRepository($clientRepositoryMock);
 
-        $request = new ServerRequest(
+        $request = (new ServerRequest())->withQueryParams([
-            [],
+            'response_type' => 'code',
-            [],
+            'client_id'     => 'foo',
-            null,
+        ]);
-            null,
+
-            'php://input',
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
-            $headers = [],
+        $this->expectExceptionCode(4);
-            $cookies = [],
-            $queryParams = [
-                'response_type' => 'code',
-                'client_id'     => 'foo',
-            ]
-        );
 
         $grant->validateAuthorizationRequest($request);
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     * @expectedExceptionCode 4
-     */
     public function testValidateAuthorizationRequestBadRedirectUriString()
     {
         $client = new ClientEntity();
@@ -393,28 +339,18 @@ class AuthCodeGrantTest extends TestCase
         );
         $grant->setClientRepository($clientRepositoryMock);
 
-        $request = new ServerRequest(
+        $request = (new ServerRequest())->withQueryParams([
-            [],
+            'response_type' => 'code',
-            [],
+            'client_id'     => 'foo',
-            null,
+            'redirect_uri'  => 'http://bar',
-            null,
+        ]);
-            'php://input',
+
-            [],
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
-            [],
+        $this->expectExceptionCode(4);
-            [
-                'response_type' => 'code',
-                'client_id'     => 'foo',
-                'redirect_uri'  => 'http://bar',
-            ]
-        );
 
         $grant->validateAuthorizationRequest($request);
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     * @expectedExceptionCode 4
-     */
     public function testValidateAuthorizationRequestBadRedirectUriArray()
     {
         $client = new ClientEntity();
@@ -429,28 +365,18 @@ class AuthCodeGrantTest extends TestCase
         );
         $grant->setClientRepository($clientRepositoryMock);
 
-        $request = new ServerRequest(
+        $request = (new ServerRequest())->withQueryParams([
-            [],
+            'response_type' => 'code',
-            [],
+            'client_id'     => 'foo',
-            null,
+            'redirect_uri'  => 'http://bar',
-            null,
+        ]);
-            'php://input',
+
-            [],
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
-            [],
+        $this->expectExceptionCode(4);
-            [
-                'response_type' => 'code',
-                'client_id'     => 'foo',
-                'redirect_uri'  => 'http://bar',
-            ]
-        );
 
         $grant->validateAuthorizationRequest($request);
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     * @expectedExceptionCode 3
-     */
     public function testValidateAuthorizationRequestInvalidCodeChallengeMethod()
     {
         $client = new ClientEntity();
@@ -472,22 +398,16 @@ class AuthCodeGrantTest extends TestCase
         $grant->setScopeRepository($scopeRepositoryMock);
         $grant->setDefaultScope(self::DEFAULT_SCOPE);
 
-        $request = new ServerRequest(
+        $request = (new ServerRequest())->withQueryParams([
-            [],
+            'response_type' => 'code',
-            [],
+            'client_id' => 'foo',
-            null,
+            'redirect_uri' => 'http://foo/bar',
-            null,
+            'code_challenge' => 'foobar',
-            'php://input',
+            'code_challenge_method' => 'foo',
-            [],
+        ]);
-            [],
+
-            [
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
-                'response_type'         => 'code',
+        $this->expectExceptionCode(3);
-                'client_id'             => 'foo',
-                'redirect_uri'          => 'http://foo/bar',
-                'code_challenge'        => 'foobar',
-                'code_challenge_method' => 'foo',
-            ]
-        );
 
         $grant->validateAuthorizationRequest($request);
     }
@@ -513,10 +433,6 @@ class AuthCodeGrantTest extends TestCase
         $this->assertInstanceOf(RedirectResponse::class, $grant->completeAuthorizationRequest($authRequest));
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     * @expectedExceptionCode 9
-     */
     public function testCompleteAuthorizationRequestDenied()
     {
         $authRequest = new AuthorizationRequest();
@@ -535,6 +451,9 @@ class AuthCodeGrantTest extends TestCase
         );
         $grant->setEncryptionKey($this->cryptStub->getKey());
 
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
+        $this->expectExceptionCode(9);
+
         $grant->completeAuthorizationRequest($authRequest);
     }
 
@@ -954,10 +873,6 @@ class AuthCodeGrantTest extends TestCase
         $this->assertInstanceOf(RefreshTokenEntityInterface::class, $response->getRefreshToken());
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     * @expectedExceptionCode 3
-     */
     public function testRespondToAccessTokenRequestMissingRedirectUri()
     {
         $client = new ClientEntity();
@@ -999,13 +914,12 @@ class AuthCodeGrantTest extends TestCase
             ]
         );
 
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
+        $this->expectExceptionCode(3);
+
         $grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M'));
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     * @expectedExceptionCode 3
-     */
     public function testRespondToAccessTokenRequestRedirectUriMismatch()
     {
         $client = new ClientEntity();
@@ -1048,13 +962,12 @@ class AuthCodeGrantTest extends TestCase
             ]
         );
 
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
+        $this->expectExceptionCode(3);
+
         $grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M'));
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     * @expectedExceptionCode 3
-     */
     public function testRespondToAccessTokenRequestMissingCode()
     {
         $client = new ClientEntity();
@@ -1093,6 +1006,9 @@ class AuthCodeGrantTest extends TestCase
             ]
         );
 
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
+        $this->expectExceptionCode(3);
+
         /* @var StubResponseType $response */
         $grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M'));
     }
@@ -1711,10 +1627,6 @@ class AuthCodeGrantTest extends TestCase
         $this->assertInstanceOf(RedirectResponse::class, $grant->completeAuthorizationRequest($authRequest));
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     * @expectedExceptionCode 7
-     */
     public function testAuthCodeRepositoryFailToPersist()
     {
         $authRequest = new AuthorizationRequest();
@@ -1734,13 +1646,12 @@ class AuthCodeGrantTest extends TestCase
         );
         $grant->setEncryptionKey($this->cryptStub->getKey());
 
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
+        $this->expectExceptionCode(7);
+
         $this->assertInstanceOf(RedirectResponse::class, $grant->completeAuthorizationRequest($authRequest));
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\UniqueTokenIdentifierConstraintViolationException
-     * @expectedExceptionCode 100
-     */
     public function testAuthCodeRepositoryFailToPersistUniqueNoInfiniteLoop()
     {
         $authRequest = new AuthorizationRequest();
@@ -1759,6 +1670,9 @@ class AuthCodeGrantTest extends TestCase
             new DateInterval('PT10M')
         );
 
+        $this->expectException(\League\OAuth2\Server\Exception\UniqueTokenIdentifierConstraintViolationException::class);
+        $this->expectExceptionCode(100);
+
         $this->assertInstanceOf(RedirectResponse::class, $grant->completeAuthorizationRequest($authRequest));
     }
 
@@ -1831,10 +1745,6 @@ class AuthCodeGrantTest extends TestCase
         $this->assertInstanceOf(RefreshTokenEntityInterface::class, $response->getRefreshToken());
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     * @expectedExceptionCode 7
-     */
     public function testRefreshTokenRepositoryFailToPersist()
     {
         $client = new ClientEntity();
@@ -1896,6 +1806,9 @@ class AuthCodeGrantTest extends TestCase
             ]
         );
 
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
+        $this->expectExceptionCode(7);
+
         /** @var StubResponseType $response */
         $response = $grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M'));
 
@@ -1903,10 +1816,6 @@ class AuthCodeGrantTest extends TestCase
         $this->assertInstanceOf(RefreshTokenEntityInterface::class, $response->getRefreshToken());
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\UniqueTokenIdentifierConstraintViolationException
-     * @expectedExceptionCode 100
-     */
     public function testRefreshTokenRepositoryFailToPersistUniqueNoInfiniteLoop()
     {
         $client = new ClientEntity();
@@ -1968,6 +1877,9 @@ class AuthCodeGrantTest extends TestCase
             ]
         );
 
+        $this->expectException(\League\OAuth2\Server\Exception\UniqueTokenIdentifierConstraintViolationException::class);
+        $this->expectExceptionCode(100);
+
         /** @var StubResponseType $response */
         $response = $grant->respondToAccessTokenRequest($request, new StubResponseType(), new DateInterval('PT10M'));
 
@@ -1975,9 +1887,6 @@ class AuthCodeGrantTest extends TestCase
         $this->assertInstanceOf(RefreshTokenEntityInterface::class, $response->getRefreshToken());
     }
 
-    /**
-     * @expectedException \LogicException
-     */
     public function testCompleteAuthorizationRequestNoUser()
     {
         $grant = new AuthCodeGrant(
@@ -1986,6 +1895,8 @@ class AuthCodeGrantTest extends TestCase
             new DateInterval('PT10M')
         );
 
+        $this->expectException(\LogicException::class);
+
         $grant->completeAuthorizationRequest(new AuthorizationRequest());
     }
 
@@ -2011,20 +1922,11 @@ class AuthCodeGrantTest extends TestCase
         $grant->setScopeRepository($scopeRepositoryMock);
         $grant->setDefaultScope(self::DEFAULT_SCOPE);
 
-        $request = new ServerRequest(
+        $request = (new ServerRequest())->withQueryParams([
-            [],
+            'response_type' => 'code',
-            [],
+            'client_id'     => 'foo',
-            null,
+            'redirect_uri'  => 'http://foo/bar',
-            null,
+        ]);
-            'php://input',
-            [],
-            [],
-            [
-                'response_type' => 'code',
-                'client_id'     => 'foo',
-                'redirect_uri'  => 'http://foo/bar',
-            ]
-        );
 
         $this->expectException(OAuthServerException::class);
         $this->expectExceptionCode(3);

tests/Grant/ClientCredentialsGrantTest.php

@@ -48,13 +48,10 @@ class ClientCredentialsGrantTest extends TestCase
         $grant->setDefaultScope(self::DEFAULT_SCOPE);
         $grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
 
-        $serverRequest = new ServerRequest();
+        $serverRequest = (new ServerRequest())->withParsedBody([
-        $serverRequest = $serverRequest->withParsedBody(
+            'client_id'     => 'foo',
-            [
+            'client_secret' => 'bar',
-                'client_id'     => 'foo',
+        ]);
-                'client_secret' => 'bar',
-            ]
-        );
 
         $responseType = new StubResponseType();
         $grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M'));

tests/Grant/ImplicitGrantTest.php

@@ -31,7 +31,7 @@ class ImplicitGrantTest extends TestCase
      */
     protected $cryptStub;
 
-    public function setUp()
+    public function setUp(): void
     {
         $this->cryptStub = new CryptTraitStub();
     }
@@ -51,12 +51,12 @@ class ImplicitGrantTest extends TestCase
         );
     }
 
-    /**
-     * @expectedException \LogicException
-     */
     public function testRespondToAccessTokenRequest()
     {
         $grant = new ImplicitGrant(new DateInterval('PT10M'));
+
+        $this->expectException(\LogicException::class);
+
         $grant->respondToAccessTokenRequest(
             new ServerRequest(),
             new StubResponseType(),
@@ -68,19 +68,10 @@ class ImplicitGrantTest extends TestCase
     {
         $grant = new ImplicitGrant(new DateInterval('PT10M'));
 
-        $request = new ServerRequest(
+        $request = (new ServerRequest())->withQueryParams([
-            [],
+            'response_type' => 'token',
-            [],
+            'client_id'     => 'foo',
-            null,
+        ]);
-            null,
-            'php://input',
-            $headers = [],
-            $cookies = [],
-            $queryParams = [
-                'response_type' => 'token',
-                'client_id'     => 'foo',
-            ]
-        );
 
         $this->assertTrue($grant->canRespondToAuthorizationRequest($request));
     }
@@ -101,20 +92,11 @@ class ImplicitGrantTest extends TestCase
         $grant->setScopeRepository($scopeRepositoryMock);
         $grant->setDefaultScope(self::DEFAULT_SCOPE);
 
-        $request = new ServerRequest(
+        $request = (new ServerRequest())->withQueryParams([
-            [],
+            'response_type' => 'code',
-            [],
+            'client_id'     => 'foo',
-            null,
+            'redirect_uri'  => 'http://foo/bar',
-            null,
+        ]);
-            'php://input',
-            $headers = [],
-            $cookies = [],
-            $queryParams = [
-                'response_type' => 'code',
-                'client_id'     => 'foo',
-                'redirect_uri'  => 'http://foo/bar',
-            ]
-        );
 
         $this->assertInstanceOf(AuthorizationRequest::class, $grant->validateAuthorizationRequest($request));
     }
@@ -135,28 +117,15 @@ class ImplicitGrantTest extends TestCase
         $grant->setScopeRepository($scopeRepositoryMock);
         $grant->setDefaultScope(self::DEFAULT_SCOPE);
 
-        $request = new ServerRequest(
+        $request = (new ServerRequest())->withQueryParams([
-            [],
+            'response_type' => 'code',
-            [],
+            'client_id' => 'foo',
-            null,
+            'redirect_uri' => 'http://foo/bar',
-            null,
+        ]);
-            'php://input',
-            $headers = [],
-            $cookies = [],
-            $queryParams = [
-                'response_type' => 'code',
-                'client_id'     => 'foo',
-                'redirect_uri'  => 'http://foo/bar',
-            ]
-        );
 
         $this->assertInstanceOf(AuthorizationRequest::class, $grant->validateAuthorizationRequest($request));
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     * @expectedExceptionCode 3
-     */
     public function testValidateAuthorizationRequestMissingClientId()
     {
         $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
@@ -164,26 +133,14 @@ class ImplicitGrantTest extends TestCase
         $grant = new ImplicitGrant(new DateInterval('PT10M'));
         $grant->setClientRepository($clientRepositoryMock);
 
-        $request = new ServerRequest(
+        $request = (new ServerRequest())->withQueryParams(['response_type' => 'code']);
-            [],
+
-            [],
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
-            null,
+        $this->expectExceptionCode(3);
-            null,
-            'php://input',
-            $headers = [],
-            $cookies = [],
-            $queryParams = [
-                'response_type' => 'code',
-            ]
-        );
 
         $grant->validateAuthorizationRequest($request);
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     * @expectedExceptionCode 4
-     */
     public function testValidateAuthorizationRequestInvalidClientId()
     {
         $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
@@ -192,27 +149,17 @@ class ImplicitGrantTest extends TestCase
         $grant = new ImplicitGrant(new DateInterval('PT10M'));
         $grant->setClientRepository($clientRepositoryMock);
 
-        $request = new ServerRequest(
+        $request = (new ServerRequest())->withQueryParams([
-            [],
+            'response_type' => 'code',
-            [],
+            'client_id'     => 'foo',
-            null,
+        ]);
-            null,
+
-            'php://input',
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
-            $headers = [],
+        $this->expectExceptionCode(4);
-            $cookies = [],
-            $queryParams = [
-                'response_type' => 'code',
-                'client_id'     => 'foo',
-            ]
-        );
 
         $grant->validateAuthorizationRequest($request);
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     * @expectedExceptionCode 4
-     */
     public function testValidateAuthorizationRequestBadRedirectUriString()
     {
         $client = new ClientEntity();
@@ -223,28 +170,18 @@ class ImplicitGrantTest extends TestCase
         $grant = new ImplicitGrant(new DateInterval('PT10M'));
         $grant->setClientRepository($clientRepositoryMock);
 
-        $request = new ServerRequest(
+        $request = (new ServerRequest())->withQueryParams([
-            [],
+            'response_type' => 'code',
-            [],
+            'client_id' => 'foo',
-            null,
+            'redirect_uri' => 'http://bar',
-            null,
+        ]);
-            'php://input',
+
-            $headers = [],
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
-            $cookies = [],
+        $this->expectExceptionCode(4);
-            $queryParams = [
-                'response_type' => 'code',
-                'client_id'     => 'foo',
-                'redirect_uri'  => 'http://bar',
-            ]
-        );
 
         $grant->validateAuthorizationRequest($request);
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     * @expectedExceptionCode 4
-     */
     public function testValidateAuthorizationRequestBadRedirectUriArray()
     {
         $client = new ClientEntity();
@@ -255,20 +192,14 @@ class ImplicitGrantTest extends TestCase
         $grant = new ImplicitGrant(new DateInterval('PT10M'));
         $grant->setClientRepository($clientRepositoryMock);
 
-        $request = new ServerRequest(
+        $request = (new ServerRequest())->withQueryParams([
-            [],
+            'response_type' => 'code',
-            [],
+            'client_id'     => 'foo',
-            null,
+            'redirect_uri'  => 'http://bar',
-            null,
+        ]);
-            'php://input',
+
-            $headers = [],
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
-            $cookies = [],
+        $this->expectExceptionCode(4);
-            $queryParams = [
-                'response_type' => 'code',
-                'client_id'     => 'foo',
-                'redirect_uri'  => 'http://bar',
-            ]
-        );
 
         $grant->validateAuthorizationRequest($request);
     }
@@ -302,10 +233,6 @@ class ImplicitGrantTest extends TestCase
         $this->assertInstanceOf(RedirectResponse::class, $grant->completeAuthorizationRequest($authRequest));
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     * @expectedExceptionCode 9
-     */
     public function testCompleteAuthorizationRequestDenied()
     {
         $authRequest = new AuthorizationRequest();
@@ -326,6 +253,9 @@ class ImplicitGrantTest extends TestCase
         $grant->setAccessTokenRepository($accessTokenRepositoryMock);
         $grant->setScopeRepository($scopeRepositoryMock);
 
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
+        $this->expectExceptionCode(9);
+
         $grant->completeAuthorizationRequest($authRequest);
     }
 
@@ -343,7 +273,7 @@ class ImplicitGrantTest extends TestCase
         $accessToken = new AccessTokenEntity();
         $accessToken->setClient($client);
 
-        /** @var AccessTokenRepositoryInterface|\PHPUnit_Framework_MockObject_MockObject $accessTokenRepositoryMock */
+        /** @var AccessTokenRepositoryInterface|\PHPUnit\Framework\MockObject\MockObject $accessTokenRepositoryMock */
         $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
         $accessTokenRepositoryMock->method('getNewToken')->willReturn($accessToken);
         $accessTokenRepositoryMock->expects($this->at(0))->method('persistNewAccessToken')->willThrowException(UniqueTokenIdentifierConstraintViolationException::create());
@@ -360,10 +290,6 @@ class ImplicitGrantTest extends TestCase
         $this->assertInstanceOf(RedirectResponse::class, $grant->completeAuthorizationRequest($authRequest));
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     * @expectedExceptionCode 7
-     */
     public function testAccessTokenRepositoryFailToPersist()
     {
         $authRequest = new AuthorizationRequest();
@@ -372,7 +298,7 @@ class ImplicitGrantTest extends TestCase
         $authRequest->setGrantTypeId('authorization_code');
         $authRequest->setUser(new UserEntity());
 
-        /** @var AccessTokenRepositoryInterface|\PHPUnit_Framework_MockObject_MockObject $accessTokenRepositoryMock */
+        /** @var AccessTokenRepositoryInterface|\PHPUnit\Framework\MockObject\MockObject $accessTokenRepositoryMock */
         $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
         $accessTokenRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity());
         $accessTokenRepositoryMock->method('persistNewAccessToken')->willThrowException(OAuthServerException::serverError('something bad happened'));
@@ -385,13 +311,12 @@ class ImplicitGrantTest extends TestCase
         $grant->setAccessTokenRepository($accessTokenRepositoryMock);
         $grant->setScopeRepository($scopeRepositoryMock);
 
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
+        $this->expectExceptionCode(7);
+
         $grant->completeAuthorizationRequest($authRequest);
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\UniqueTokenIdentifierConstraintViolationException
-     * @expectedExceptionCode 100
-     */
     public function testAccessTokenRepositoryFailToPersistUniqueNoInfiniteLoop()
     {
         $authRequest = new AuthorizationRequest();
@@ -400,7 +325,7 @@ class ImplicitGrantTest extends TestCase
         $authRequest->setGrantTypeId('authorization_code');
         $authRequest->setUser(new UserEntity());
 
-        /** @var AccessTokenRepositoryInterface|\PHPUnit_Framework_MockObject_MockObject $accessTokenRepositoryMock */
+        /** @var AccessTokenRepositoryInterface|\PHPUnit\Framework\MockObject\MockObject $accessTokenRepositoryMock */
         $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
         $accessTokenRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity());
         $accessTokenRepositoryMock->method('persistNewAccessToken')->willThrowException(UniqueTokenIdentifierConstraintViolationException::create());
@@ -413,34 +338,38 @@ class ImplicitGrantTest extends TestCase
         $grant->setAccessTokenRepository($accessTokenRepositoryMock);
         $grant->setScopeRepository($scopeRepositoryMock);
 
+        $this->expectException(\League\OAuth2\Server\Exception\UniqueTokenIdentifierConstraintViolationException::class);
+        $this->expectExceptionCode(100);
+
         $grant->completeAuthorizationRequest($authRequest);
     }
 
-    /**
-     * @expectedException \LogicException
-     */
     public function testSetRefreshTokenTTL()
     {
         $grant = new ImplicitGrant(new DateInterval('PT10M'));
+
+        $this->expectException(\LogicException::class);
+
         $grant->setRefreshTokenTTL(new DateInterval('PT10M'));
     }
 
-    /**
-     * @expectedException \LogicException
-     */
     public function testSetRefreshTokenRepository()
     {
         $grant = new ImplicitGrant(new DateInterval('PT10M'));
+
         $refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock();
+
+        $this->expectException(\LogicException::class);
+
         $grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
     }
 
-    /**
-     * @expectedException \LogicException
-     */
     public function testCompleteAuthorizationRequestNoUser()
     {
         $grant = new ImplicitGrant(new DateInterval('PT10M'));
+
+        $this->expectException(\LogicException::class);
+
         $grant->completeAuthorizationRequest(new AuthorizationRequest());
     }
 }

tests/Grant/PasswordGrantTest.php

@@ -64,15 +64,12 @@ class PasswordGrantTest extends TestCase
         $grant->setDefaultScope(self::DEFAULT_SCOPE);
         $grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
 
-        $serverRequest = new ServerRequest();
+        $serverRequest = (new ServerRequest())->withParsedBody([
-        $serverRequest = $serverRequest->withParsedBody(
+            'client_id'     => 'foo',
-            [
+            'client_secret' => 'bar',
-                'client_id'     => 'foo',
+            'username'      => 'foo',
-                'client_secret' => 'bar',
+            'password'      => 'bar',
-                'username'      => 'foo',
+        ]);
-                'password'      => 'bar',
-            ]
-        );
 
         $responseType = new StubResponseType();
         $grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M'));
@@ -110,15 +107,12 @@ class PasswordGrantTest extends TestCase
         $grant->setDefaultScope(self::DEFAULT_SCOPE);
         $grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
 
-        $serverRequest = new ServerRequest();
+        $serverRequest = (new ServerRequest())->withParsedBody([
-        $serverRequest = $serverRequest->withParsedBody(
+            'client_id'     => 'foo',
-            [
+            'client_secret' => 'bar',
-                'client_id'     => 'foo',
+            'username'      => 'foo',
-                'client_secret' => 'bar',
+            'password'      => 'bar',
-                'username'      => 'foo',
+        ]);
-                'password'      => 'bar',
-            ]
-        );
 
         $responseType = new StubResponseType();
         $grant->respondToAccessTokenRequest($serverRequest, $responseType, new \DateInterval('PT5M'));
@@ -127,9 +121,6 @@ class PasswordGrantTest extends TestCase
         $this->assertNull($responseType->getRefreshToken());
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     */
     public function testRespondToRequestMissingUsername()
     {
         $client = new ClientEntity();
@@ -146,21 +137,18 @@ class PasswordGrantTest extends TestCase
         $grant->setClientRepository($clientRepositoryMock);
         $grant->setAccessTokenRepository($accessTokenRepositoryMock);
 
-        $serverRequest = new ServerRequest();
+        $serverRequest = (new ServerRequest())->withQueryParams([
-        $serverRequest = $serverRequest->withParsedBody(
+            'client_id'     => 'foo',
-            [
+            'client_secret' => 'bar',
-                'client_id'     => 'foo',
+        ]);
-                'client_secret' => 'bar',
-            ]
-        );
 
         $responseType = new StubResponseType();
+
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
+
         $grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M'));
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     */
     public function testRespondToRequestMissingPassword()
     {
         $client = new ClientEntity();
@@ -177,23 +165,19 @@ class PasswordGrantTest extends TestCase
         $grant->setClientRepository($clientRepositoryMock);
         $grant->setAccessTokenRepository($accessTokenRepositoryMock);
 
-        $serverRequest = new ServerRequest();
+        $serverRequest = (new ServerRequest())->withParsedBody([
-        $serverRequest = $serverRequest->withParsedBody(
+            'client_id'     => 'foo',
-            [
+            'client_secret' => 'bar',
-                'client_id'     => 'foo',
+            'username'      => 'alex',
-                'client_secret' => 'bar',
+        ]);
-                'username'      => 'alex',
-            ]
-        );
 
         $responseType = new StubResponseType();
+
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
+
         $grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M'));
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     * @expectedExceptionCode 10
-     */
     public function testRespondToRequestBadCredentials()
     {
         $client = new ClientEntity();
@@ -211,17 +195,18 @@ class PasswordGrantTest extends TestCase
         $grant->setClientRepository($clientRepositoryMock);
         $grant->setAccessTokenRepository($accessTokenRepositoryMock);
 
-        $serverRequest = new ServerRequest();
+        $serverRequest = (new ServerRequest())->withParsedBody([
-        $serverRequest = $serverRequest->withParsedBody(
+            'client_id' => 'foo',
-            [
+            'client_secret' => 'bar',
-                'client_id'     => 'foo',
+            'username' => 'alex',
-                'client_secret' => 'bar',
+            'password' => 'whisky',
-                'username'      => 'alex',
+        ]);
-                'password'      => 'whisky',
-            ]
-        );
 
         $responseType = new StubResponseType();
+
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
+        $this->expectExceptionCode(10);
+
         $grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M'));
     }
 }

tests/Grant/RefreshTokenGrantTest.php

@@ -27,7 +27,7 @@ class RefreshTokenGrantTest extends TestCase
      */
     protected $cryptStub;
 
-    public function setUp()
+    public function setUp(): void
     {
         $this->cryptStub = new CryptTraitStub();
     }
@@ -80,8 +80,7 @@ class RefreshTokenGrantTest extends TestCase
             )
         );
 
-        $serverRequest = new ServerRequest();
+        $serverRequest = (new ServerRequest())->withParsedBody([
-        $serverRequest = $serverRequest->withParsedBody([
             'client_id'     => 'foo',
             'client_secret' => 'bar',
             'refresh_token' => $oldRefreshToken,
@@ -137,8 +136,7 @@ class RefreshTokenGrantTest extends TestCase
             )
         );
 
-        $serverRequest = new ServerRequest();
+        $serverRequest = (new ServerRequest())->withParsedBody([
-        $serverRequest = $serverRequest->withParsedBody([
             'client_id'     => 'foo',
             'client_secret' => 'bar',
             'refresh_token' => $oldRefreshToken,
@@ -192,15 +190,12 @@ class RefreshTokenGrantTest extends TestCase
             )
         );
 
-        $serverRequest = new ServerRequest();
+        $serverRequest = (new ServerRequest())->withParsedBody([
-        $serverRequest = $serverRequest->withParsedBody(
+            'client_id'     => 'foo',
-            [
+            'client_secret' => 'bar',
-                'client_id'     => 'foo',
+            'refresh_token' => $oldRefreshToken,
-                'client_secret' => 'bar',
+            'scope'         => 'foo',
-                'refresh_token' => $oldRefreshToken,
+        ]);
-                'scope'         => 'foo',
-            ]
-        );
 
         $responseType = new StubResponseType();
         $grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M'));
@@ -209,10 +204,6 @@ class RefreshTokenGrantTest extends TestCase
         $this->assertInstanceOf(RefreshTokenEntityInterface::class, $responseType->getRefreshToken());
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     * @expectedExceptionCode 5
-     */
     public function testRespondToUnexpectedScope()
     {
         $client = new ClientEntity();
@@ -251,24 +242,21 @@ class RefreshTokenGrantTest extends TestCase
             )
         );
 
-        $serverRequest = new ServerRequest();
+        $serverRequest = (new ServerRequest())->withParsedBody([
-        $serverRequest = $serverRequest->withParsedBody(
+            'client_id'     => 'foo',
-            [
+            'client_secret' => 'bar',
-                'client_id'     => 'foo',
+            'refresh_token' => $oldRefreshToken,
-                'client_secret' => 'bar',
+            'scope'         => 'foobar',
-                'refresh_token' => $oldRefreshToken,
+        ]);
-                'scope'         => 'foobar',
-            ]
-        );
 
         $responseType = new StubResponseType();
+
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
+        $this->expectExceptionCode(5);
+
         $grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M'));
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     * @expectedExceptionCode 3
-     */
     public function testRespondToRequestMissingOldToken()
     {
         $client = new ClientEntity();
@@ -285,22 +273,19 @@ class RefreshTokenGrantTest extends TestCase
         $grant->setEncryptionKey($this->cryptStub->getKey());
         $grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
 
-        $serverRequest = new ServerRequest();
+        $serverRequest = (new ServerRequest())->withParsedBody([
-        $serverRequest = $serverRequest->withParsedBody(
+            'client_id'     => 'foo',
-            [
+            'client_secret' => 'bar',
-                'client_id'     => 'foo',
+        ]);
-                'client_secret' => 'bar',
-            ]
-        );
 
         $responseType = new StubResponseType();
+
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
+        $this->expectExceptionCode(3);
+
         $grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M'));
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     * @expectedExceptionCode 8
-     */
     public function testRespondToRequestInvalidOldToken()
     {
         $client = new ClientEntity();
@@ -319,23 +304,20 @@ class RefreshTokenGrantTest extends TestCase
 
         $oldRefreshToken = 'foobar';
 
-        $serverRequest = new ServerRequest();
+        $serverRequest = (new ServerRequest())->withParsedBody([
-        $serverRequest = $serverRequest->withParsedBody(
+            'client_id'     => 'foo',
-            [
+            'client_secret' => 'bar',
-                'client_id'     => 'foo',
+            'refresh_token' => $oldRefreshToken,
-                'client_secret' => 'bar',
+        ]);
-                'refresh_token' => $oldRefreshToken,
-            ]
-        );
 
         $responseType = new StubResponseType();
+
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
+        $this->expectExceptionCode(8);
+
         $grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M'));
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     * @expectedExceptionCode 8
-     */
     public function testRespondToRequestClientMismatch()
     {
         $client = new ClientEntity();
@@ -368,23 +350,20 @@ class RefreshTokenGrantTest extends TestCase
             )
         );
 
-        $serverRequest = new ServerRequest();
+        $serverRequest = (new ServerRequest())->withParsedBody([
-        $serverRequest = $serverRequest->withParsedBody(
+            'client_id'     => 'foo',
-            [
+            'client_secret' => 'bar',
-                'client_id'     => 'foo',
+            'refresh_token' => $oldRefreshToken,
-                'client_secret' => 'bar',
+        ]);
-                'refresh_token' => $oldRefreshToken,
-            ]
-        );
 
         $responseType = new StubResponseType();
+
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
+        $this->expectExceptionCode(8);
+
         $grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M'));
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     * @expectedExceptionCode 8
-     */
     public function testRespondToRequestExpiredToken()
     {
         $client = new ClientEntity();
@@ -414,23 +393,20 @@ class RefreshTokenGrantTest extends TestCase
             )
         );
 
-        $serverRequest = new ServerRequest();
+        $serverRequest = (new ServerRequest())->withParsedBody([
-        $serverRequest = $serverRequest->withParsedBody(
+            'client_id'     => 'foo',
-            [
+            'client_secret' => 'bar',
-                'client_id'     => 'foo',
+            'refresh_token' => $oldRefreshToken,
-                'client_secret' => 'bar',
+        ]);
-                'refresh_token' => $oldRefreshToken,
-            ]
-        );
 
         $responseType = new StubResponseType();
+
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
+        $this->expectExceptionCode(8);
+
         $grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M'));
     }
 
-    /**
-     * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
-     * @expectedExceptionCode 8
-     */
     public function testRespondToRequestRevokedToken()
     {
         $client = new ClientEntity();
@@ -461,16 +437,17 @@ class RefreshTokenGrantTest extends TestCase
             )
         );
 
-        $serverRequest = new ServerRequest();
+        $serverRequest = (new ServerRequest())->withParsedBody([
-        $serverRequest = $serverRequest->withParsedBody(
+            'client_id'     => 'foo',
-            [
+            'client_secret' => 'bar',
-                'client_id'     => 'foo',
+            'refresh_token' => $oldRefreshToken,
-                'client_secret' => 'bar',
+        ]);
-                'refresh_token' => $oldRefreshToken,
-            ]
-        );
 
         $responseType = new StubResponseType();
+
+        $this->expectException(\League\OAuth2\Server\Exception\OAuthServerException::class);
+        $this->expectExceptionCode(8);
+
         $grant->respondToAccessTokenRequest($serverRequest, $responseType, new DateInterval('PT5M'));
     }
 }

tests/Middleware/ResourceServerMiddlewareTest.php

@@ -35,8 +35,7 @@ class ResourceServerMiddlewareTest extends TestCase
 
         $token = (string) $accessToken;
 
-        $request = new ServerRequest();
+        $request = (new ServerRequest())->withHeader('authorization', sprintf('Bearer %s', $token));
-        $request = $request->withHeader('authorization', sprintf('Bearer %s', $token));
 
         $middleware = new ResourceServerMiddleware($server);
         $response = $middleware->__invoke(
@@ -71,8 +70,7 @@ class ResourceServerMiddlewareTest extends TestCase
 
         $token = (string) $accessToken;
 
-        $request = new ServerRequest();
+        $request = (new ServerRequest())->withHeader('authorization', sprintf('Bearer %s', $token));
-        $request = $request->withHeader('authorization', sprintf('Bearer %s', $token));
 
         $middleware = new ResourceServerMiddleware($server);
         $response = $middleware->__invoke(
@@ -95,8 +93,7 @@ class ResourceServerMiddlewareTest extends TestCase
             'file://' . __DIR__ . '/../Stubs/public.key'
         );
 
-        $request = new ServerRequest();
+        $request = (new ServerRequest())->withHeader('authorization', '');
-        $request = $request->withHeader('authorization', '');
 
         $middleware = new ResourceServerMiddleware($server);
         $response = $middleware->__invoke(

tests/ResponseTypes/BearerResponseTypeTest.php

@@ -57,7 +57,7 @@ class BearerResponseTypeTest extends TestCase
 
         $response->getBody()->rewind();
         $json = json_decode($response->getBody()->getContents());
-        $this->assertAttributeEquals('Bearer', 'token_type', $json);
+        $this->assertEquals('Bearer', $json->token_type);
         $this->assertObjectHasAttribute('expires_in', $json);
         $this->assertObjectHasAttribute('access_token', $json);
         $this->assertObjectHasAttribute('refresh_token', $json);
@@ -100,13 +100,13 @@ class BearerResponseTypeTest extends TestCase
 
         $response->getBody()->rewind();
         $json = json_decode($response->getBody()->getContents());
-        $this->assertAttributeEquals('Bearer', 'token_type', $json);
+        $this->assertEquals('Bearer', $json->token_type);
         $this->assertObjectHasAttribute('expires_in', $json);
         $this->assertObjectHasAttribute('access_token', $json);
         $this->assertObjectHasAttribute('refresh_token', $json);
 
         $this->assertObjectHasAttribute('foo', $json);
-        $this->assertAttributeEquals('bar', 'foo', $json);
+        $this->assertEquals('bar', $json->foo);
     }
 
     public function testDetermineAccessTokenInHeaderValidToken()
@@ -142,8 +142,7 @@ class BearerResponseTypeTest extends TestCase
         $authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock);
         $authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
 
-        $request = new ServerRequest();
+        $request = (new ServerRequest())->withHeader('authorization', sprintf('Bearer %s', $json->access_token));
-        $request = $request->withHeader('authorization', sprintf('Bearer %s', $json->access_token));
 
         $request = $authorizationValidator->validateAuthorization($request);
 
@@ -185,8 +184,7 @@ class BearerResponseTypeTest extends TestCase
         $authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock);
         $authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
 
-        $request = new ServerRequest();
+        $request = (new ServerRequest())->withHeader('authorization', sprintf('Bearer %s', $json->access_token . 'foo'));
-        $request = $request->withHeader('authorization', sprintf('Bearer %s', $json->access_token . 'foo'));
 
         try {
             $authorizationValidator->validateAuthorization($request);
@@ -231,8 +229,7 @@ class BearerResponseTypeTest extends TestCase
         $authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock);
         $authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
 
-        $request = new ServerRequest();
+        $request = (new ServerRequest())->withHeader('authorization', sprintf('Bearer %s', $json->access_token));
-        $request = $request->withHeader('authorization', sprintf('Bearer %s', $json->access_token));
 
         try {
             $authorizationValidator->validateAuthorization($request);
@@ -255,8 +252,7 @@ class BearerResponseTypeTest extends TestCase
         $authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock);
         $authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
 
-        $request = new ServerRequest();
+        $request = (new ServerRequest())->withHeader('authorization', 'Bearer blah');
-        $request = $request->withHeader('authorization', 'Bearer blah');
 
         try {
             $authorizationValidator->validateAuthorization($request);
@@ -279,8 +275,7 @@ class BearerResponseTypeTest extends TestCase
         $authorizationValidator = new BearerTokenValidator($accessTokenRepositoryMock);
         $authorizationValidator->setPublicKey(new CryptKey('file://' . __DIR__ . '/../Stubs/public.key'));
 
-        $request = new ServerRequest();
+        $request = (new ServerRequest())->withHeader('authorization', 'Bearer blah.blah.blah');
-        $request = $request->withHeader('authorization', 'Bearer blah.blah.blah');
 
         try {
             $authorizationValidator->validateAuthorization($request);

tests/Utils/CryptKeyTest.php

@@ -7,11 +7,10 @@ use PHPUnit\Framework\TestCase;
 
 class CryptKeyTest extends TestCase
 {
-    /**
-     * @expectedException \LogicException
-     */
     public function testNoFile()
     {
+        $this->expectException(\LogicException::class);
+
         new CryptKey('undefined file');
     }
 
@@ -27,6 +26,11 @@ class CryptKeyTest extends TestCase
     public function testKeyFileCreation()
     {
         $keyContent = file_get_contents(__DIR__ . '/../Stubs/public.key');
+
+        if (!is_string($keyContent)) {
+            $this->fail('The public key stub is not a string');
+        }
+
         $key = new CryptKey($keyContent);
 
         $this->assertEquals(
@@ -35,6 +39,11 @@ class CryptKeyTest extends TestCase
         );
 
         $keyContent = file_get_contents(__DIR__ . '/../Stubs/private.key.crlf');
+
+        if (!is_string($keyContent)) {
+            $this->fail('The private key (crlf) stub is not a string');
+        }
+
         $key = new CryptKey($keyContent);
 
         $this->assertEquals(

tests/Utils/CryptTraitTest.php

@@ -10,7 +10,7 @@ class CryptTraitTest extends TestCase
 {
     protected $cryptStub;
 
-    protected function setUp()
+    protected function setUp(): void
     {
         $this->cryptStub = new CryptTraitStub();
     }