public function testRegisterClient()
 {
     $client = new Client();
     $this->clientRepository->expects($this->once())->method('save')->with($client)->willReturn($client);
     list($client, $secret) = $this->clientService->registerClient($client);
     $this->assertEquals(60, strlen($client->getSecret()));
     $this->assertEquals(40, strlen($secret));
     $this->assertFalse($this->clientService->authenticate($client, 'azerty'));
     $this->assertTrue($this->clientService->authenticate($client, $secret));
     $this->assertFalse($this->clientService->authenticate($client, $client->getSecret()));
 }
 /**
  * Get the client (after authenticating it)
  *
  * According to the spec (http://tools.ietf.org/html/rfc6749#section-2.3), for public clients we do
  * not need to authenticate them
  *
  * @param  ServerRequestInterface $request
  * @param  bool                   $allowPublicClients
  * @return Client|null
  * @throws Exception\OAuth2Exception
  */
 private function getClient(ServerRequestInterface $request, $allowPublicClients)
 {
     list($id, $secret) = $this->extractClientCredentials($request);
     // If the grant type we are issuing does not allow public clients, and that the secret is
     // missing, then we have an error...
     if (!$allowPublicClients && !$secret) {
         throw OAuth2Exception::invalidClient('Client secret is missing');
     }
     // If we allow public clients and no client id was set, we can return null
     if ($allowPublicClients && !$id) {
         return null;
     }
     $client = $this->clientService->getClient($id);
     // We delegate all the checks to the client service
     if (null === $client || !$allowPublicClients && !$this->clientService->authenticate($client, $secret)) {
         throw OAuth2Exception::invalidClient('Client authentication failed');
     }
     return $client;
 }