/**
* @test
*/
public function decryptCallbackAccessTokenUsesRsaWalletServiceAndClientKeyPair()
{
$ssoClient = new \Flowpack\SingleSignOn\Client\Domain\Model\SsoClient();
$ssoClient->setPublicKeyFingerprint('key-pair-uuid');
$mockRsaWalletService = m::mock('TYPO3\\Flow\\Security\\Cryptography\\RsaWalletServiceInterface');
$this->inject($ssoClient, 'rsaWalletService', $mockRsaWalletService);
$mockRsaWalletService->shouldReceive('decrypt')->with('access-token-cipher', 'key-pair-uuid')->andReturn('access-token');
$result = $ssoClient->decryptCallbackAccessToken('access-token-cipher');
$this->assertEquals('access-token', $result);
}
/**
* Build a SSO client instance from settings
*
* Note: Every SSO entry point and authentication provider uses the same SSO client.
*
* @return \Flowpack\SingleSignOn\Client\Domain\Model\SsoClient
*/
public function create()
{
$ssoClient = new \Flowpack\SingleSignOn\Client\Domain\Model\SsoClient();
if ((string) $this->clientServiceBaseUri === '') {
throw new Exception('Missing Flowpack.SingleSignOn.Client.client.serviceBaseUri setting', 1351075078);
}
$ssoClient->setServiceBaseUri($this->clientServiceBaseUri);
if ((string) $this->clientPublicKeyFingerprint === '') {
throw new Exception('Missing Flowpack.SingleSignOn.Client.client.publicKeyFingerprint setting', 1351075159);
}
$ssoClient->setPublicKeyFingerprint($this->clientPublicKeyFingerprint);
return $ssoClient;
}
