/** * Test setting "always_issue_new_refresh_token" on a server level * * @see test/OAuth2/GrantType/RefreshTokenTest::testValidRefreshTokenWithNewRefreshTokenInResponse **/ public function testValidRefreshTokenWithNewRefreshTokenInResponse() { $storage = Bootstrap::getInstance()->getMemoryStorage(); $server = new Server($storage, array('always_issue_new_refresh_token' => true)); $request = TestRequest::createPost(array('grant_type' => 'refresh_token', 'client_id' => 'Test Client ID', 'client_secret' => 'TestSecret', 'refresh_token' => 'test-refreshtoken')); $token = $server->grantAccessToken($request, new Response()); $this->assertTrue(isset($token['refresh_token']), 'refresh token should always refresh'); $refresh_token = $storage->getRefreshToken($token['refresh_token']); $this->assertNotNull($refresh_token); $this->assertEquals($refresh_token['refresh_token'], $token['refresh_token']); $this->assertEquals($refresh_token['client_id'], $request->request('client_id')); $this->assertTrue($token['refresh_token'] != 'test-refreshtoken', 'the refresh token returned is not the one used'); $used_token = $storage->getRefreshToken('test-refreshtoken'); $this->assertFalse($used_token, 'the refresh token used is no longer valid'); }