/**
* @dataProvider rotateRefreshToken
*/
public function testCanCreateTokenResponse($rotateRefreshToken)
{
$request = $this->getMock(ServerRequestInterface::class);
$request->expects($this->once())->method('getParsedBody')->willReturn(['refresh_token' => '123', 'scope' => 'read']);
$owner = $this->getMock(TokenOwnerInterface::class);
$owner->expects($this->once())->method('getTokenOwnerId')->will($this->returnValue(1));
$refreshToken = $this->getValidRefreshToken();
$refreshToken->setScopes(['read']);
$refreshToken->setOwner($owner);
$this->refreshTokenService->expects($this->once())->method('getToken')->with('123')->will($this->returnValue($refreshToken));
if ($rotateRefreshToken) {
$this->refreshTokenService->expects($this->once())->method('deleteToken')->with($refreshToken);
$refreshToken = $this->getValidRefreshToken();
$this->refreshTokenService->expects($this->once())->method('createToken')->will($this->returnValue($refreshToken));
}
$accessToken = $this->getValidAccessToken();
$accessToken->setOwner($owner);
$this->accessTokenService->expects($this->once())->method('createToken')->will($this->returnValue($accessToken));
$this->grant->setRotateRefreshTokens($rotateRefreshToken);
$response = $this->grant->createTokenResponse($request, new Client());
$body = json_decode($response->getBody(), true);
$this->assertEquals('azerty_access', $body['access_token']);
$this->assertEquals('Bearer', $body['token_type']);
$this->assertEquals(3600, $body['expires_in']);
$this->assertEquals('read', $body['scope']);
$this->assertEquals(1, $body['owner_id']);
$this->assertEquals('azerty_refresh', $body['refresh_token']);
}
/**
* @dataProvider hasRefreshGrant
*/
public function testCanCreateTokenResponse($hasRefreshGrant)
{
$request = $this->getMock(ServerRequestInterface::class);
$request->expects($this->once())->method('getParsedBody')->willReturn(['username' => 'michael', 'password' => 'azerty', 'scope' => 'read']);
$owner = $this->getMock(TokenOwnerInterface::class);
$owner->expects($this->once())->method('getTokenOwnerId')->will($this->returnValue(1));
$callable = function ($username, $password) use($owner) {
return $owner;
};
$accessToken = $this->getValidAccessToken();
$accessToken->setOwner($owner);
$this->accessTokenService->expects($this->once())->method('createToken')->will($this->returnValue($accessToken));
if ($hasRefreshGrant) {
$refreshToken = $this->getValidRefreshToken();
$this->refreshTokenService->expects($this->once())->method('createToken')->will($this->returnValue($refreshToken));
}
$authorizationServer = $this->getMock(AuthorizationServer::class, [], [], '', false);
$authorizationServer->expects($this->once())->method('hasGrant')->with(RefreshTokenGrant::GRANT_TYPE)->will($this->returnValue($hasRefreshGrant));
$this->grant = new PasswordGrant($this->accessTokenService, $this->refreshTokenService, $callable);
$this->grant->setAuthorizationServer($authorizationServer);
$response = $this->grant->createTokenResponse($request, new Client());
$body = json_decode($response->getBody(), true);
$this->assertEquals('azerty_access', $body['access_token']);
$this->assertEquals('Bearer', $body['token_type']);
$this->assertEquals(3600, $body['expires_in']);
$this->assertEquals('read', $body['scope']);
$this->assertEquals(1, $body['owner_id']);
if ($hasRefreshGrant) {
$this->assertEquals('azerty_refresh', $body['refresh_token']);
}
}
public function testCanCreateTokenResponse()
{
$request = $this->getMock(ServerRequestInterface::class);
$client = new Client();
$owner = $this->getMock(TokenOwnerInterface::class);
$owner->expects($this->once())->method('getTokenOwnerId')->will($this->returnValue(1));
$token = new AccessToken();
$token->setToken('azerty');
$token->setOwner($owner);
$token->setExpiresAt((new DateTime())->add(new DateInterval('PT1H')));
$this->tokenService->expects($this->once())->method('createToken')->will($this->returnValue($token));
$response = $this->grant->createTokenResponse($request, $client, $owner);
$body = json_decode($response->getBody(), true);
$this->assertEquals('azerty', $body['access_token']);
$this->assertEquals('Bearer', $body['token_type']);
$this->assertEquals(3600, $body['expires_in']);
$this->assertEquals(1, $body['owner_id']);
}
/**
* @dataProvider requestProvider
*/
public function testCanValidateAccessToResource($expiredToken, $tokenScope, $desiredScope, $match)
{
$request = $this->getMock(ServerRequestInterface::class);
$request->expects($this->once())->method('hasHeader')->with('Authorization')->will($this->returnValue(true));
$request->expects($this->once())->method('getHeaderLine')->will($this->returnValue('Bearer token'));
$accessToken = new AccessToken();
$date = new DateTime();
if ($expiredToken) {
$date->sub(new DateInterval('P1D'));
} else {
$date->add(new DateInterval('P1D'));
}
$accessToken->setExpiresAt($date);
$accessToken->setScopes($tokenScope);
$this->tokenService->expects($this->once())->method('getToken')->with('token')->will($this->returnValue($accessToken));
if (!$match || $expiredToken) {
$this->setExpectedException(InvalidAccessTokenException::class);
}
$tokenResult = $this->resourceServer->getAccessToken($request, $desiredScope);
$this->assertInstanceOf(AccessToken::class, $tokenResult);
}
/**
* @dataProvider hasRefreshGrant
*/
public function testCanCreateTokenResponse($hasRefreshGrant)
{
$request = $this->getMock(ServerRequestInterface::class);
$request->expects($this->once())->method('getParsedBody')->willReturn(['code' => '123', 'client_id' => 'client_123']);
$token = $this->getValidAuthorizationCode();
$client = new Client();
// We use reflection because there is no setter on client
$reflProperty = new \ReflectionProperty($client, 'id');
$reflProperty->setAccessible(true);
$reflProperty->setValue($client, 'client_123');
$token->setClient($client);
$this->authorizationCodeService->expects($this->once())->method('getToken')->with('123')->will($this->returnValue($token));
$owner = $this->getMock(TokenOwnerInterface::class);
$owner->expects($this->once())->method('getTokenOwnerId')->will($this->returnValue(1));
$accessToken = $this->getValidAccessToken();
$accessToken->setOwner($owner);
$this->accessTokenService->expects($this->once())->method('createToken')->will($this->returnValue($accessToken));
if ($hasRefreshGrant) {
$refreshToken = $this->getValidRefreshToken();
$this->refreshTokenService->expects($this->once())->method('createToken')->will($this->returnValue($refreshToken));
}
$authorizationServer = $this->getMock(AuthorizationServer::class, [], [], '', false);
$authorizationServer->expects($this->once())->method('hasGrant')->with(RefreshTokenGrant::GRANT_TYPE)->will($this->returnValue($hasRefreshGrant));
$this->grant = new AuthorizationGrant($this->authorizationCodeService, $this->accessTokenService, $this->refreshTokenService);
$this->grant->setAuthorizationServer($authorizationServer);
$response = $this->grant->createTokenResponse($request, new Client(), $owner);
$body = json_decode($response->getBody(), true);
$this->assertEquals('azerty_access', $body['access_token']);
$this->assertEquals('Bearer', $body['token_type']);
$this->assertEquals(3600, $body['expires_in']);
$this->assertEquals('read', $body['scope']);
$this->assertEquals(1, $body['owner_id']);
if ($hasRefreshGrant) {
$this->assertEquals('azerty_refresh', $body['refresh_token']);
}
}