/** * @dataProvider rotateRefreshToken */ public function testCanCreateTokenResponse($rotateRefreshToken) { $request = $this->getMock(ServerRequestInterface::class); $request->expects($this->once())->method('getParsedBody')->willReturn(['refresh_token' => '123', 'scope' => 'read']); $owner = $this->getMock(TokenOwnerInterface::class); $owner->expects($this->once())->method('getTokenOwnerId')->will($this->returnValue(1)); $refreshToken = $this->getValidRefreshToken(); $refreshToken->setScopes(['read']); $refreshToken->setOwner($owner); $this->refreshTokenService->expects($this->once())->method('getToken')->with('123')->will($this->returnValue($refreshToken)); if ($rotateRefreshToken) { $this->refreshTokenService->expects($this->once())->method('deleteToken')->with($refreshToken); $refreshToken = $this->getValidRefreshToken(); $this->refreshTokenService->expects($this->once())->method('createToken')->will($this->returnValue($refreshToken)); } $accessToken = $this->getValidAccessToken(); $accessToken->setOwner($owner); $this->accessTokenService->expects($this->once())->method('createToken')->will($this->returnValue($accessToken)); $this->grant->setRotateRefreshTokens($rotateRefreshToken); $response = $this->grant->createTokenResponse($request, new Client()); $body = json_decode($response->getBody(), true); $this->assertEquals('azerty_access', $body['access_token']); $this->assertEquals('Bearer', $body['token_type']); $this->assertEquals(3600, $body['expires_in']); $this->assertEquals('read', $body['scope']); $this->assertEquals(1, $body['owner_id']); $this->assertEquals('azerty_refresh', $body['refresh_token']); }
/** * @dataProvider hasRefreshGrant */ public function testCanCreateTokenResponse($hasRefreshGrant) { $request = $this->getMock(ServerRequestInterface::class); $request->expects($this->once())->method('getParsedBody')->willReturn(['username' => 'michael', 'password' => 'azerty', 'scope' => 'read']); $owner = $this->getMock(TokenOwnerInterface::class); $owner->expects($this->once())->method('getTokenOwnerId')->will($this->returnValue(1)); $callable = function ($username, $password) use($owner) { return $owner; }; $accessToken = $this->getValidAccessToken(); $accessToken->setOwner($owner); $this->accessTokenService->expects($this->once())->method('createToken')->will($this->returnValue($accessToken)); if ($hasRefreshGrant) { $refreshToken = $this->getValidRefreshToken(); $this->refreshTokenService->expects($this->once())->method('createToken')->will($this->returnValue($refreshToken)); } $authorizationServer = $this->getMock(AuthorizationServer::class, [], [], '', false); $authorizationServer->expects($this->once())->method('hasGrant')->with(RefreshTokenGrant::GRANT_TYPE)->will($this->returnValue($hasRefreshGrant)); $this->grant = new PasswordGrant($this->accessTokenService, $this->refreshTokenService, $callable); $this->grant->setAuthorizationServer($authorizationServer); $response = $this->grant->createTokenResponse($request, new Client()); $body = json_decode($response->getBody(), true); $this->assertEquals('azerty_access', $body['access_token']); $this->assertEquals('Bearer', $body['token_type']); $this->assertEquals(3600, $body['expires_in']); $this->assertEquals('read', $body['scope']); $this->assertEquals(1, $body['owner_id']); if ($hasRefreshGrant) { $this->assertEquals('azerty_refresh', $body['refresh_token']); } }
public function testCanCreateTokenResponse() { $request = $this->getMock(ServerRequestInterface::class); $client = new Client(); $owner = $this->getMock(TokenOwnerInterface::class); $owner->expects($this->once())->method('getTokenOwnerId')->will($this->returnValue(1)); $token = new AccessToken(); $token->setToken('azerty'); $token->setOwner($owner); $token->setExpiresAt((new DateTime())->add(new DateInterval('PT1H'))); $this->tokenService->expects($this->once())->method('createToken')->will($this->returnValue($token)); $response = $this->grant->createTokenResponse($request, $client, $owner); $body = json_decode($response->getBody(), true); $this->assertEquals('azerty', $body['access_token']); $this->assertEquals('Bearer', $body['token_type']); $this->assertEquals(3600, $body['expires_in']); $this->assertEquals(1, $body['owner_id']); }
/** * @dataProvider requestProvider */ public function testCanValidateAccessToResource($expiredToken, $tokenScope, $desiredScope, $match) { $request = $this->getMock(ServerRequestInterface::class); $request->expects($this->once())->method('hasHeader')->with('Authorization')->will($this->returnValue(true)); $request->expects($this->once())->method('getHeaderLine')->will($this->returnValue('Bearer token')); $accessToken = new AccessToken(); $date = new DateTime(); if ($expiredToken) { $date->sub(new DateInterval('P1D')); } else { $date->add(new DateInterval('P1D')); } $accessToken->setExpiresAt($date); $accessToken->setScopes($tokenScope); $this->tokenService->expects($this->once())->method('getToken')->with('token')->will($this->returnValue($accessToken)); if (!$match || $expiredToken) { $this->setExpectedException(InvalidAccessTokenException::class); } $tokenResult = $this->resourceServer->getAccessToken($request, $desiredScope); $this->assertInstanceOf(AccessToken::class, $tokenResult); }
/** * @dataProvider hasRefreshGrant */ public function testCanCreateTokenResponse($hasRefreshGrant) { $request = $this->getMock(ServerRequestInterface::class); $request->expects($this->once())->method('getParsedBody')->willReturn(['code' => '123', 'client_id' => 'client_123']); $token = $this->getValidAuthorizationCode(); $client = new Client(); // We use reflection because there is no setter on client $reflProperty = new \ReflectionProperty($client, 'id'); $reflProperty->setAccessible(true); $reflProperty->setValue($client, 'client_123'); $token->setClient($client); $this->authorizationCodeService->expects($this->once())->method('getToken')->with('123')->will($this->returnValue($token)); $owner = $this->getMock(TokenOwnerInterface::class); $owner->expects($this->once())->method('getTokenOwnerId')->will($this->returnValue(1)); $accessToken = $this->getValidAccessToken(); $accessToken->setOwner($owner); $this->accessTokenService->expects($this->once())->method('createToken')->will($this->returnValue($accessToken)); if ($hasRefreshGrant) { $refreshToken = $this->getValidRefreshToken(); $this->refreshTokenService->expects($this->once())->method('createToken')->will($this->returnValue($refreshToken)); } $authorizationServer = $this->getMock(AuthorizationServer::class, [], [], '', false); $authorizationServer->expects($this->once())->method('hasGrant')->with(RefreshTokenGrant::GRANT_TYPE)->will($this->returnValue($hasRefreshGrant)); $this->grant = new AuthorizationGrant($this->authorizationCodeService, $this->accessTokenService, $this->refreshTokenService); $this->grant->setAuthorizationServer($authorizationServer); $response = $this->grant->createTokenResponse($request, new Client(), $owner); $body = json_decode($response->getBody(), true); $this->assertEquals('azerty_access', $body['access_token']); $this->assertEquals('Bearer', $body['token_type']); $this->assertEquals(3600, $body['expires_in']); $this->assertEquals('read', $body['scope']); $this->assertEquals(1, $body['owner_id']); if ($hasRefreshGrant) { $this->assertEquals('azerty_refresh', $body['refresh_token']); } }