/**
* @param Request $request
* @param RequestToken $requestToken
* @return bool
*/
public function hasValidRequestToken(Request $request, RequestToken $requestToken)
{
$token = $requestToken->getToken();
$actualToken = $request->query->get(self::OAUTH_TOKEN);
$actualVerifier = $this->getOAuthVerifier($request);
$hasRequestToken = $actualToken === $token && (bool) $actualVerifier;
return $hasRequestToken;
}
/**
* Get the URL of the authorization page to redirect the user to.
*
* @param TokenCredentials $temporaryCredentials
* Temporary credentials fetched with getRequestToken.
* @param AuthorizeOptions $options
* Miscellaneous options accepted in the URL.
* @return string
* The URL of the authorization page.
*/
public function getAuthorizeUrl(TokenCredentials $temporaryCredentials, AuthorizeOptions $options = NULL)
{
// @todo check if token is not empty
if ($options) {
$query = AuthorizeOptionsQueryString::fromAuthorizeOptions($options);
} else {
$query = new AuthorizeOptionsQueryString();
}
$query->set('oauth_token', $temporaryCredentials->getToken());
$url = $this->getUrlForPath('auth/authorize');
$url->setQuery($query);
return (string) $url;
}
/**
* @param string $baseUrl
* @param ConsumerCredentials $consumerCredentials
* @param TokenCredentials $tokenCredentials
*
* @return Client
*/
public function createClient($baseUrl, ConsumerCredentials $consumerCredentials, TokenCredentials $tokenCredentials = null)
{
$oAuthConfig = array('consumer_key' => $consumerCredentials->getKey(), 'consumer_secret' => $consumerCredentials->getSecret());
if ($tokenCredentials instanceof TokenCredentials) {
$oAuthConfig += array('token' => $tokenCredentials->getToken(), 'token_secret' => $tokenCredentials->getSecret());
}
$oAuth = new OAuth($oAuthConfig);
$requestFactory = new JavaHttpRequestFactory();
$client = new Client();
$client->setBaseUrl($baseUrl)->addSubscriber($oAuth)->setRequestFactory($requestFactory);
foreach ($this->subscribers as $subscriber) {
$client->addSubscriber($subscriber);
}
return $client;
}
/**
* @test
*/
public function it_redirects_to_a_destination_after_authorisation()
{
$oauthVerifier = 'verification';
// The authorisation method should get the stored request token.
$this->authService->expects($this->any())->method('getStoredRequestToken')->willReturn($this->requestToken);
// Based on the stored request token and the oauth verifier it should
// get the user from the authentication service.
$userId = 1;
$tokenCredentials = new TokenCredentials('token2', 'secret2');
$user = new User($userId, $tokenCredentials);
$this->authService->expects($this->any())->method('getAccessToken')->with($this->requestToken, $oauthVerifier)->willReturn($user);
// Afterwards it should remove the stored request token.
$this->authService->expects($this->any())->method('removeStoredRequestToken');
// Perform a fake request to the route with the query parameters.
$query = ['oauth_token' => $this->requestToken->getToken(), 'oauth_verifier' => $oauthVerifier, 'destination' => $this->destination];
$request = new Request($query);
$response = $this->controller->authorize($request);
// Make sure the response is a redirect to the destination that
// was set in the query parameters.
$this->assertEquals(new RedirectResponse($this->destination), $response);
// Make sure that the minimal user info has been stored in the session.
$this->assertEquals($this->userSessionService->getMinimalUserInfo(), $user);
// Perform the fake request again, but this time without destination
// parameter in the query.
$this->urlGenerator->expects($this->once())->method('generate')->with($this->defaultDestination)->willReturn($this->defaultDestinationUrl);
$query = ['oauth_token' => $this->requestToken->getToken(), 'oauth_verifier' => $oauthVerifier];
$request = new Request($query);
$response = $this->controller->authorize($request);
// Make sure that the response now redirects to the default
// destination.
$this->assertEquals(new RedirectResponse($this->defaultDestinationUrl), $response);
}