/**
* @dataProvider dataProviderForPrepareErrorResponseTest
*/
public function testPrepareErrorResponse($exception, $response, $expected)
{
/* @var $response \Zend_Controller_Response_Http */
$errorResponse = $this->_oauthHelper->prepareErrorResponse($exception, $response);
$this->assertEquals(['oauth_problem' => $expected[0]], $errorResponse);
$this->assertEquals($expected[1], $response->getHttpResponseCode());
}
/**
* @param int|null $integrationId
* @param array $oauthRequest
* @return void
*/
public function setupUserId($integrationId, $oauthRequest)
{
$integration = $this->getMockBuilder('Magento\\Integration\\Model\\Integration')->disableOriginalConstructor()->setMethods(['getId', '__wakeup'])->getMock();
$this->integrationService->expects($this->any())->method('findActiveIntegrationByConsumerId')->will($this->returnValue($integration));
$this->oauthRequestHelper->expects($this->once())->method('prepareRequest')->will($this->returnValue($oauthRequest));
$this->oauthService->expects($this->any())->method('validateAccessTokenRequest')->will($this->returnValue(1));
$integration->expects($this->any())->method('getId')->will($this->returnValue($integrationId));
}
/**
* @param string $url
* @param string $host
* @return void
* @dataProvider hostsDataProvider
*/
public function testGetRequestUrl($url, $host)
{
$httpRequestMock = $this->getMock('Magento\\Framework\\App\\Request\\Http', ['getHttpHost', 'getScheme', 'getRequestUri'], [], '', false);
$httpRequestMock->expects($this->any())->method('getHttpHost')->will($this->returnValue($host));
$httpRequestMock->expects($this->any())->method('getScheme')->will($this->returnValue('http'));
$httpRequestMock->expects($this->any())->method('getRequestUri')->will($this->returnValue('/'));
$this->assertEquals($url, $this->oauthRequestHelper->getRequestUrl($httpRequestMock));
}
/**
* Test the basic Request action.
*/
public function testRequestAction()
{
$this->request->expects($this->any())->method('getMethod')->willReturn('GET');
$this->helperMock->expects($this->once())->method('getRequestUrl');
$this->helperMock->expects($this->once())->method('prepareRequest');
$this->frameworkOauthSvcMock->expects($this->once())->method('getRequestToken')->willReturn(['response']);
$this->response->expects($this->once())->method('setBody');
$this->requestAction->execute();
}
/**
* Initiate RequestToken request operation
*
* @return void
*/
public function execute()
{
try {
$requestUrl = $this->_helper->getRequestUrl($this->getRequest());
$request = $this->_helper->prepareRequest($this->getRequest(), $requestUrl);
// Request request token
$response = $this->_oauthService->getRequestToken($request, $requestUrl, $this->getRequest()->getMethod());
} catch (\Exception $exception) {
$response = $this->_helper->prepareErrorResponse($exception, $this->getResponse());
}
$this->getResponse()->setBody(http_build_query($response));
}
/**
* {@inheritdoc}
*/
public function getUserId()
{
if ($this->integrationId) {
return $this->integrationId;
}
$oauthRequest = $this->oauthHelper->prepareRequest($this->request);
//If its not a valid Oauth request no further processing is needed
if (empty($oauthRequest)) {
return null;
}
$consumerId = $this->oauthService->validateAccessTokenRequest($oauthRequest, $this->oauthHelper->getRequestUrl($this->request), $this->request->getMethod());
$integration = $this->integrationService->findActiveIntegrationByConsumerId($consumerId);
return $this->integrationId = $integration->getId() ? (int) $integration->getId() : null;
}
/**
* Initiate AccessToken request operation
*
* @return void
*/
public function execute()
{
try {
$requestUrl = $this->_helper->getRequestUrl($this->getRequest());
$request = $this->_helper->prepareRequest($this->getRequest(), $requestUrl);
// Request access token in exchange of a pre-authorized token
$response = $this->_oauthService->getAccessToken($request, $requestUrl, $this->getRequest()->getMethod());
//After sending the access token, update the integration status to active;
$consumer = $this->_intOauthService->loadConsumerByKey($request['oauth_consumer_key']);
$this->_integrationService->findByConsumerId($consumer->getId())->setStatus(IntegrationModel::STATUS_ACTIVE)->save();
} catch (\Exception $exception) {
$response = $this->_helper->prepareErrorResponse($exception, $this->getResponse());
}
$this->getResponse()->setBody(http_build_query($response));
}
/**
* Perform authentication and authorization.
*
* Authentication can be based on active customer/guest session or it can be based on OAuth headers.
*
* @throws \Magento\Framework\Exception\AuthorizationException
* @return void
*/
protected function _checkPermissions()
{
/**
* All mobile clients are expected to pass session cookie along with the request which will allow
* to start session automatically. User ID and user type are initialized when session is created
* during login call.
*/
$userId = $this->session->getUserId();
$userType = $this->session->getUserType();
$userIdentifier = null;
$consumerId = null;
if ($userType) {
/** @var \Magento\Authz\Model\UserIdentifier $userIdentifier */
$userIdentifier = $this->_objectManager->create('Magento\\Authz\\Model\\UserIdentifier', ['userType' => $userType, 'userId' => $userId]);
} else {
$oauthRequest = $this->_oauthHelper->prepareRequest($this->_request);
$consumerId = $this->_oauthService->validateAccessTokenRequest($oauthRequest, $this->_oauthHelper->getRequestUrl($this->_request), $this->_request->getMethod());
$this->_request->setConsumerId($consumerId);
}
$route = $this->_getCurrentRoute();
if (!$this->_authorizationService->isAllowed($route->getAclResources(), $userIdentifier)) {
$params = ['resources' => implode(', ', $route->getAclResources())];
throw new AuthorizationException(AuthorizationException::NOT_AUTHORIZED, $params);
}
}
/**
* Test the basic Access action.
*/
public function testAccessAction()
{
$this->request->expects($this->any())->method('getMethod')->willReturn('GET');
$this->helperMock->expects($this->once())->method('getRequestUrl');
$this->helperMock->expects($this->once())->method('prepareRequest');
$this->frameworkOauthSvcMock->expects($this->once())->method('getAccessToken')->willReturn(['response']);
/** @var \Magento\Integration\Model\Oauth\Consumer|\PHPUnit_Framework_MockObject_MockObject */
$consumerMock = $this->getMock('Magento\\Integration\\Model\\Oauth\\Consumer', [], [], '', false);
$consumerMock->expects($this->once())->method('getId');
$this->intOauthServiceMock->expects($this->once())->method('loadConsumerByKey')->willReturn($consumerMock);
/** @var \Magento\Integration\Model\Integration|\PHPUnit_Framework_MockObject_MockObject */
$integrationMock = $this->getMock('Magento\\Integration\\Model\\Integration', [], [], '', false);
$integrationMock->expects($this->once())->method('save')->willReturnSelf();
$this->integrationServiceMock->expects($this->once())->method('findByConsumerId')->willReturn($integrationMock);
$this->response->expects($this->once())->method('setBody');
$this->accessAction->executeInternal();
}
