public function test_with_unexisting_owner_type() { ResourceServer::shouldReceive('getOwnerType')->once()->andReturn('foo'); $response = $this->getFilter()->filter('', '', 'bar'); $this->assertTrue($response instanceof Illuminate\Http\JsonResponse); $this->assertTrue($response->isForbidden()); }
public function run() { DB::table('oauth2_resource_server')->delete(); $current_realm = Config::get('app.url'); $res = @parse_url($current_realm); ResourceServer::create(array('friendly_name' => 'openstack id server', 'host' => $res['host'], 'ip' => '127.0.0.1')); }
public function test_valid_filter_with_unexisting_scope() { ResourceServer::shouldReceive('isValid')->once()->andReturn(true); ResourceServer::shouldReceive('hasScope')->once()->andReturn(false); $response = $this->getFilter()->filter('', '', 'scope1', 'scope2'); $this->assertTrue($response instanceof Illuminate\Http\JsonResponse); $this->assertTrue($response->isForbidden()); }
public function testDeleteExistingOne() { $resource_server = ResourceServer::where('host', '=', $this->current_host)->first(); $new_id = $resource_server->id; $response = $this->action("DELETE", "ApiResourceServerController@delete", $parameters = array('id' => $new_id), array(), array(), array()); $this->assertResponseStatus(204); $response = $this->action("GET", "ApiResourceServerController@get", $parameters = array('id' => $new_id), array(), array(), array()); $this->assertResponseStatus(404); }
/** * Logout the driver. * * @return \Illuminate\Http\JsonResponse */ public function logout() { try { $ownerId = \ResourceServer::getOwnerId(); DB::table('oauth_sessions')->where('oauth_sessions.owner_id', '=', $ownerId)->delete(); return $this->respond([])->setStatusCode(204); } catch (\Exception $e) { return $this->errorInternalError($e->getMessage()); } }
public function run() { DB::table('oauth2_api_endpoint_api_scope')->delete(); DB::table('oauth2_client_api_scope')->delete(); DB::table('oauth2_api_scope')->delete(); DB::table('oauth2_api')->delete(); $resource_server = ResourceServer::first(); // users Api::create(array('name' => 'users', 'logo' => null, 'active' => true, 'Description' => 'User Info', 'resource_server_id' => $resource_server->id, 'logo' => asset('img/apis/server.png'))); }
/** * Bootstrap the application events. * * @return void */ public function boot() { /** @var \Illuminate\Routing\Router $router */ $router = $this->app['router']; $router->filter('check-store-owner', function ($route) { $ownerId = \ResourceServer::getOwnerId(); $driver = $route->getParameter('driver'); if (!$driver or $driver->id != $ownerId) { return \Response::json(array('status' => 403, 'error' => 'forbidden', 'error_message' => 'You are trying to access other user\'s data.'), 403); } }); }
/** * Run the migrations. * * @return void */ public function up() { $resource_server = ResourceServer::first(); if (!$resource_server) { return; } // public clouds Api::create(array('name' => 'public-clouds', 'logo' => null, 'active' => true, 'Description' => 'Marketplace Public Clouds', 'resource_server_id' => $resource_server->id, 'logo' => asset('img/apis/server.png'))); // private clouds Api::create(array('name' => 'private-clouds', 'logo' => null, 'active' => true, 'Description' => 'Marketplace Private Clouds', 'resource_server_id' => $resource_server->id, 'logo' => asset('img/apis/server.png'))); // consultants Api::create(array('name' => 'consultants', 'logo' => null, 'active' => true, 'Description' => 'Marketplace Consultants', 'resource_server_id' => $resource_server->id, 'logo' => asset('img/apis/server.png'))); $this->seedPublicCloudScopes(); $this->seedPrivateCloudScopes(); $this->seedConsultantScopes(); $this->seedPublicCloudsEndpoints(); $this->seedPrivateCloudsEndpoints(); $this->seedConsultantsEndpoints(); }
public function testScopeResponse() { $plugin = new \Guzzle\Plugin\Mock\MockPlugin(); $plugin->addResponse(new \Guzzle\Http\Message\Response(200, null, '{"active": true, "scope": "foo:rw bar:r"}')); $client = new \Guzzle\Http\Client("https://auth.example.org/introspect"); $client->addSubscriber($plugin); $rs = new ResourceServer($client); $rs->setAuthorizationHeader("Bearer 001"); $v = $rs->verifyToken(); $this->assertInstanceOf("fkooman\\OAuth\\ResourceServer\\TokenIntrospection", $v); }
public function testUpdateStatus() { $resource_server = ResourceServer::where('host', '=', $this->current_host)->first(); $data = array('name' => 'test-api', 'description' => 'test api', 'active' => true, 'resource_server_id' => $resource_server->id); $response = $this->action("POST", "ApiController@create", $data); $this->assertResponseStatus(201); $content = $response->getContent(); $json_response = json_decode($content); $this->assertTrue(isset($json_response->api_id) && !empty($json_response->api_id)); $new_id = $json_response->api_id; //update status $response = $this->action("PUT", "ApiController@activate", array('id' => $new_id)); $this->assertResponseStatus(200); $content = $response->getContent(); $json_response = json_decode($content); $this->assertTrue($json_response === 'ok'); $response = $this->action("GET", "ApiController@get", $parameters = array('id' => $new_id)); $this->assertResponseStatus(200); $content = $response->getContent(); $updated_values = json_decode($content); $this->assertTrue($updated_values->active == true); }
/** * Checks if current_ip has access rights on the given $access_token * @param AccessToken $access_token * @param $current_ip * @return bool */ public function checkAccessTokenAudience(AccessToken $access_token, $current_ip) { $current_audience = $access_token->getAudience(); $current_audience = explode(' ', $current_audience); if (!is_array($current_audience)) { $current_audience = array($current_audience); } return \ResourceServer::where('active', '=', true)->where('ip', '=', $current_ip)->whereIn('host', $current_audience)->count() > 0; }
private function seedApis() { $resource_server = ResourceServer::first(); Api::create(array('name' => 'resource-server', 'logo' => null, 'active' => true, 'Description' => 'Resource Server CRUD operations', 'resource_server_id' => $resource_server->id, 'logo' => asset('img/apis/server.png'))); Api::create(array('name' => 'api', 'logo' => null, 'active' => true, 'Description' => 'Api CRUD operations', 'resource_server_id' => $resource_server->id, 'logo' => asset('img/apis/server.png'))); Api::create(array('name' => 'api-endpoint', 'logo' => null, 'active' => true, 'Description' => 'Api Endpoints CRUD operations', 'resource_server_id' => $resource_server->id, 'logo' => asset('img/apis/server.png'))); Api::create(array('name' => 'api-scope', 'logo' => null, 'active' => true, 'Description' => 'Api Scopes CRUD operations', 'resource_server_id' => $resource_server->id, 'logo' => asset('img/apis/server.png'))); Api::create(array('name' => 'users', 'logo' => null, 'active' => true, 'Description' => 'User Info', 'resource_server_id' => $resource_server->id, 'logo' => asset('img/apis/server.png'))); Api::create(array('name' => 'public-clouds', 'logo' => null, 'active' => true, 'Description' => 'Marketplace Public Clouds', 'resource_server_id' => $resource_server->id, 'logo' => asset('img/apis/server.png'))); Api::create(array('name' => 'private-clouds', 'logo' => null, 'active' => true, 'Description' => 'Marketplace Private Clouds', 'resource_server_id' => $resource_server->id, 'logo' => asset('img/apis/server.png'))); Api::create(array('name' => 'consultants', 'logo' => null, 'active' => true, 'Description' => 'Marketplace Consultants', 'resource_server_id' => $resource_server->id, 'logo' => asset('img/apis/server.png'))); }
public function getUser() { $owner = Owner::find(ResourceServer::getOwnerId()); $ownerData = json_decode($owner->data); return Response::json($ownerData); }