/**
* Tests OAuth2->grantAccessToken() with successful Auth code grant, but without redreict_uri in the input
*/
public function testGrantAccessTokenWithGrantAuthCodeSuccessWithoutRedirect()
{
$inputData = array('grant_type' => OAuth2::GRANT_TYPE_AUTH_CODE, 'client_id' => 'my_little_app', 'client_secret' => 'b', 'code' => 'foo');
$storedToken = array('redirect_uri' => 'http://www.example.com', 'client_id' => 'my_little_app', 'expires' => time() + 60);
$mockStorage = $this->createBaseMock('IOAuth2GrantCode');
$mockStorage->expects($this->any())->method('getAuthCode')->will($this->returnValue($storedToken));
// Successful token grant will return a JSON encoded token:
$this->expectOutputRegex('/{"access_token":".*","expires_in":\\d+,"token_type":"bearer"/');
$this->fixture = new OAuth2($mockStorage);
$this->fixture->setVariable(OAuth2::CONFIG_ENFORCE_INPUT_REDIRECT, false);
$this->fixture->grantAccessToken($inputData, array());
}
public function post($request)
{
$res = new Response($request);
try {
$oauth = new OAuth2(new Oauth2StorageUserCredential());
$oauth->grantAccessToken($_POST);
} catch (OAuth2ServerException $oauthError) {
$oauthError->sendHttpResponse();
}
return $res;
}
public function grantAccessToken($scope = NULL)
{
$this->scope = $scope;
parent::grantAccessToken();
}
// @todo Not too sure what this is doing but we need to look at it.
if ($userId != '') {
$oauth->finishClientAuthorization(TRUE, $userId, $_GET);
// AUTO AUTHORIZE
}
try {
$auth_params = $oauth->getAuthorizeParams();
} catch (OAuth2ServerException $oauthError) {
$oauthError->sendHttpResponse();
}
break;
case 'request_token':
header('X-Frame-Options: DENY');
error_reporting(0);
try {
$oauth->grantAccessToken();
} catch (OAuth2ServerException $oauthError) {
$oauthError->sendHttpResponse();
}
break;
case 'request_access':
error_reporting(0);
try {
$token = $oauth->getBearerToken();
$data = $oauth->verifyAccessToken($token);
// GET THE USER ID FROM THE TOKEN AND NOT THE REQUESTING PARTY
$user_id = $data['user_id'];
global $wpdb;
$info = $wpdb->get_row("SELECT * FROM {$wpdb->prefix}users WHERE ID = " . $user_id . "");
// don't send sensitive info accross the wire.
unset($info->user_pass);
/**
* Tests OAuth2->grantAccessToken() with extension
*
*/
public function testGrantAccessTokenWithGrantExtension()
{
$this->markTestIncomplete("grantAccessToken test not implemented");
$this->fixture->grantAccessToken();
}
/**
* This starts output buffering so the returned data is actual data instead
* of raw JSON-encoded stuff.
* @see OAuth2::grantAccessToken()
*/
public function grantAccessToken(array $inputData = NULL, array $authHeaders = NULL)
{
// grantAccessToken directly echo's (BAD), but it's a 3rd party library, so what are you going to do?
$authData = parent::grantAccessToken($inputData, $authHeaders);
$token = $this->storage->refreshToken;
$downloadToken = $token->download_token;
$authData['refresh_expires_in'] = $token->expire_ts - time();
$authData['download_token'] = $token->download_token;
if (!empty($_SESSION['oauth2']['client_id']) && !empty($token->id)) {
$_SESSION['oauth2']['refresh_token'] = $token->id;
// PHP parser barfs on $this->storage::TOKEN_CHECK_TIME
$storage = $this->storage;
$_SESSION['oauth2']['token_check_time'] = time() + $storage::TOKEN_CHECK_TIME;
}
return $authData;
}
