public function setUp()
{
parent::setUp();
$this->account = API_OAuth2_Account::load_with_user(self::$DI['app'], self::$DI['oauth2-app-user'], self::$DI['user']);
$expires = time() + 100;
$this->code = random::generatePassword(8);
$this->object = API_OAuth2_AuthCode::create(self::$DI['app'], $this->account, $this->code, $expires);
}
public function setUp()
{
parent::setUp();
$this->account = API_OAuth2_Account::load_with_user(self::$DI['app'], self::$DI['oauth2-app-user'], self::$DI['user']);
$expires = time() + 100;
$this->token = random::generatePassword(8);
$this->scope = 'scopidou';
$this->object = API_OAuth2_RefreshToken::create(self::$DI['app'], $this->account, $expires, $this->token, $this->scope);
}
public function setUp()
{
parent::setUp();
$account = API_OAuth2_Account::load_with_user(self::$DI['app'], self::$DI['oauth2-app-user'], self::$DI['user']);
try {
new API_OAuth2_Token(self::$DI['app']['phraseanet.appbox'], $account);
$this->fail();
} catch (Exception $e) {
}
$this->object = API_OAuth2_Token::create(self::$DI['app']['phraseanet.appbox'], $account);
}
public function setUp()
{
parent::setUp();
self::$DI['app'] = self::$DI->share(function ($DI) {
return $this->loadApp('lib/Alchemy/Phrasea/Application/Api.php');
});
if (!self::$apiInitialized) {
self::$account = \API_OAuth2_Account::load_with_user(self::$DI['app'], self::$DI['oauth2-app-user_notAdmin'], self::$DI['user_notAdmin']);
self::$account->set_revoked(false);
self::$token = self::$account->get_token()->get_value();
self::$adminAccount = \API_OAuth2_Account::load_with_user(self::$DI['app'], self::$DI['oauth2-app-user'], self::$DI['user']);
self::$adminAccount->set_revoked(false);
self::$adminToken = self::$adminAccount->get_token()->get_value();
self::$apiInitialized = true;
}
}
public function testLoad_with_user()
{
$loaded = API_OAuth2_Account::load_with_user(self::$DI['app'], self::$DI['oauth2-app-user'], self::$DI['user']);
$this->assertInstanceOf('API_OAuth2_Account', $loaded);
$this->assertEquals($this->object, $loaded);
}
/**
*
* @param User $user
* @return API_OAuth2_Account
*/
public function updateAccount(User $user)
{
if ($this->client === null) {
throw new logicalException("Client property must be set before update an account");
}
try {
$account = API_OAuth2_Account::load_with_user($this->app, $this->client, $user);
} catch (\Exception $e) {
$account = $this->createAccount($user->getId());
}
return $account;
}
/**
* Display authorized applications that can access user informations
*
* @param Application $app A Silex application where the controller is mounted on
* @param Request $request The current request
* @param Integer $application_id The application id
*
* @return JsonResponse
*/
public function grantAccess(Application $app, Request $request, $application_id)
{
if (!$request->isXmlHttpRequest() || !array_key_exists($request->getMimeType('json'), array_flip($request->getAcceptableContentTypes()))) {
$app->abort(400, $app->trans('Bad request format, only JSON is allowed'));
}
$error = false;
try {
$account = \API_OAuth2_Account::load_with_user($app, new \API_OAuth2_Application($app, $application_id), $app['authentication']->getUser());
$account->set_revoked((bool) $request->query->get('revoke'), false);
} catch (NotFoundHttpException $e) {
$error = true;
}
return $app->json(['success' => !$error]);
}
/**
* @dataProvider revokeProvider
*/
public function testAUthorizedAppGrantAccessSuccessfull($revoke, $expected)
{
self::$DI['client']->request('GET', '/account/security/application/' . self::$DI['oauth2-app-user']->get_id() . '/grant/', ['revoke' => $revoke], [], ['HTTP_ACCEPT' => 'application/json', 'HTTP_X-Requested-With' => 'XMLHttpRequest']);
$response = self::$DI['client']->getResponse();
$this->assertTrue($response->isOk());
$json = json_decode($response->getContent());
$this->assertInstanceOf('StdClass', $json);
$this->assertObjectHasAttribute('success', $json);
$this->assertTrue($json->success);
$account = \API_OAuth2_Account::load_with_user(self::$DI['app'], self::$DI['oauth2-app-user'], self::$DI['user']);
$this->assertEquals($expected, $account->is_revoked());
}
