Spaces:
Sleeping
Sleeping
processmaker-community / processmaker-files /vendor /bshaffer /oauth2-server-php /test /OAuth2 /Controller /TokenControllerTest.php
| namespace OAuth2\Controller; | |
| use OAuth2\Storage\Bootstrap; | |
| use OAuth2\Server; | |
| use OAuth2\GrantType\AuthorizationCode; | |
| use OAuth2\GrantType\ClientCredentials; | |
| use OAuth2\Scope; | |
| use OAuth2\Request\TestRequest; | |
| use OAuth2\Response; | |
| class Controller_TokenControllerTest extends \PHPUnit_Framework_TestCase | |
| { | |
| public function testNoGrantType() | |
| { | |
| // add the test parameters in memory | |
| $server = $this->getTestServer(); | |
| $server->handleTokenRequest(TestRequest::createPost(), $response = new Response()); | |
| $this->assertEquals($response->getStatusCode(), 400); | |
| $this->assertEquals($response->getParameter('error'), 'invalid_request'); | |
| $this->assertEquals($response->getParameter('error_description'), 'The grant type was not specified in the request'); | |
| } | |
| public function testInvalidGrantType() | |
| { | |
| // add the test parameters in memory | |
| $server = $this->getTestServer(); | |
| $request = TestRequest::createPost(array( | |
| 'grant_type' => 'invalid_grant_type', // invalid grant type | |
| )); | |
| $server->handleTokenRequest($request, $response = new Response()); | |
| $this->assertEquals($response->getStatusCode(), 400); | |
| $this->assertEquals($response->getParameter('error'), 'unsupported_grant_type'); | |
| $this->assertEquals($response->getParameter('error_description'), 'Grant type "invalid_grant_type" not supported'); | |
| } | |
| public function testNoClientId() | |
| { | |
| // add the test parameters in memory | |
| $server = $this->getTestServer(); | |
| $request = TestRequest::createPost(array( | |
| 'grant_type' => 'authorization_code', // valid grant type | |
| 'code' => 'testcode', | |
| )); | |
| $server->handleTokenRequest($request, $response = new Response()); | |
| $this->assertEquals($response->getStatusCode(), 400); | |
| $this->assertEquals($response->getParameter('error'), 'invalid_client'); | |
| $this->assertEquals($response->getParameter('error_description'), 'Client credentials were not found in the headers or body'); | |
| } | |
| public function testNoClientSecret() | |
| { | |
| // add the test parameters in memory | |
| $server = $this->getTestServer(); | |
| $request = TestRequest::createPost(array( | |
| 'grant_type' => 'authorization_code', // valid grant type | |
| 'code' => 'testcode', | |
| 'client_id' => 'Test Client ID', // valid client id | |
| )); | |
| $server->handleTokenRequest($request, $response = new Response()); | |
| $this->assertEquals($response->getStatusCode(), 400); | |
| $this->assertEquals($response->getParameter('error'), 'invalid_client'); | |
| $this->assertEquals($response->getParameter('error_description'), 'The client credentials are invalid'); | |
| } | |
| public function testNoClientSecretWithEmptySecret() | |
| { | |
| // add the test parameters in memory | |
| $server = $this->getTestServer(); | |
| $request = TestRequest::createPost(array( | |
| 'grant_type' => 'authorization_code', // valid grant type | |
| 'code' => 'testcode-empty-secret', | |
| 'client_id' => 'Test Client ID Empty Secret', // valid client id | |
| )); | |
| $server->handleTokenRequest($request, $response = new Response()); | |
| $this->assertEquals($response->getStatusCode(), 200); | |
| } | |
| public function testInvalidClientId() | |
| { | |
| // add the test parameters in memory | |
| $server = $this->getTestServer(); | |
| $request = TestRequest::createPost(array( | |
| 'grant_type' => 'authorization_code', // valid grant type | |
| 'code' => 'testcode', | |
| 'client_id' => 'Fake Client ID', // invalid client id | |
| 'client_secret' => 'TestSecret', // valid client secret | |
| )); | |
| $server->handleTokenRequest($request, $response = new Response()); | |
| $this->assertEquals($response->getStatusCode(), 400); | |
| $this->assertEquals($response->getParameter('error'), 'invalid_client'); | |
| $this->assertEquals($response->getParameter('error_description'), 'The client credentials are invalid'); | |
| } | |
| public function testInvalidClientSecret() | |
| { | |
| // add the test parameters in memory | |
| $server = $this->getTestServer(); | |
| $request = TestRequest::createPost(array( | |
| 'grant_type' => 'authorization_code', // valid grant type | |
| 'code' => 'testcode', | |
| 'client_id' => 'Test Client ID', // valid client id | |
| 'client_secret' => 'Fake Client Secret', // invalid client secret | |
| )); | |
| $server->handleTokenRequest($request, $response = new Response()); | |
| $this->assertEquals($response->getStatusCode(), 400); | |
| $this->assertEquals($response->getParameter('error'), 'invalid_client'); | |
| $this->assertEquals($response->getParameter('error_description'), 'The client credentials are invalid'); | |
| } | |
| public function testValidTokenResponse() | |
| { | |
| // add the test parameters in memory | |
| $server = $this->getTestServer(); | |
| $request = TestRequest::createPost(array( | |
| 'grant_type' => 'authorization_code', // valid grant type | |
| 'client_id' => 'Test Client ID', // valid client id | |
| 'client_secret' => 'TestSecret', // valid client secret | |
| 'code' => 'testcode', // valid authorization code | |
| )); | |
| $server->handleTokenRequest($request, $response = new Response()); | |
| $this->assertTrue($response instanceof Response); | |
| $this->assertEquals($response->getStatusCode(), 200); | |
| $this->assertNull($response->getParameter('error')); | |
| $this->assertNull($response->getParameter('error_description')); | |
| $this->assertNotNUll($response->getParameter('access_token')); | |
| $this->assertNotNUll($response->getParameter('expires_in')); | |
| $this->assertNotNUll($response->getParameter('token_type')); | |
| } | |
| public function testValidClientIdScope() | |
| { | |
| // add the test parameters in memory | |
| $server = $this->getTestServer(); | |
| $request = TestRequest::createPost(array( | |
| 'grant_type' => 'authorization_code', // valid grant type | |
| 'code' => 'testcode', | |
| 'client_id' => 'Test Client ID', // valid client id | |
| 'client_secret' => 'TestSecret', // valid client secret | |
| 'scope' => 'clientscope1 clientscope2 scope1 scope2 scope3' | |
| )); | |
| $server->handleTokenRequest($request, $response = new Response()); | |
| $this->assertEquals($response->getStatusCode(), 200); | |
| $this->assertNull($response->getParameter('error')); | |
| $this->assertNull($response->getParameter('error_description')); | |
| $this->assertEquals('clientscope1 clientscope2 scope1 scope2 scope3', $response->getParameter('scope')); | |
| } | |
| public function testInvalidClientIdScope() | |
| { | |
| // add the test parameters in memory | |
| $server = $this->getTestServer(); | |
| $request = TestRequest::createPost(array( | |
| 'grant_type' => 'authorization_code', // valid grant type | |
| 'code' => 'testcode', | |
| 'client_id' => 'Test Client ID', // valid client id | |
| 'client_secret' => 'TestSecret', // valid client secret | |
| 'scope' => 'clientscope3 scope1' | |
| )); | |
| $server->handleTokenRequest($request, $response = new Response()); | |
| $this->assertEquals($response->getStatusCode(), 400); | |
| $this->assertEquals($response->getParameter('error'), 'invalid_scope'); | |
| $this->assertEquals($response->getParameter('error_description'), 'An unsupported scope was requested'); | |
| } | |
| public function testEnforceScope() | |
| { | |
| $storage = Bootstrap::getInstance()->getMemoryStorage(); | |
| $server = new Server($storage); | |
| $server->addGrantType(new ClientCredentials($storage)); | |
| $scope = new Scope(array( | |
| 'default_scope' => false, | |
| 'supported_scopes' => array('testscope') | |
| )); | |
| $server->setScopeUtil($scope); | |
| $request = TestRequest::createPost(array( | |
| 'grant_type' => 'client_credentials', // valid grant type | |
| 'client_id' => 'Test Client ID', // valid client id | |
| 'client_secret' => 'TestSecret', // valid client secret | |
| )); | |
| $response = $server->handleTokenRequest($request); | |
| $this->assertEquals($response->getStatusCode(), 400); | |
| $this->assertEquals($response->getParameter('error'), 'invalid_scope'); | |
| $this->assertEquals($response->getParameter('error_description'), 'This application requires you specify a scope parameter'); | |
| } | |
| public function testCreateController() | |
| { | |
| $storage = Bootstrap::getInstance()->getMemoryStorage(); | |
| $accessToken = new \OAuth2\ResponseType\AccessToken($storage); | |
| $controller = new TokenController($accessToken); | |
| } | |
| private function getTestServer() | |
| { | |
| $storage = Bootstrap::getInstance()->getMemoryStorage(); | |
| $server = new Server($storage); | |
| $server->addGrantType(new AuthorizationCode($storage)); | |
| return $server; | |
| } | |
| } | |