public function testFailAuthenticationOnExpiredToken()
{
$token = new AccessToken();
$owner = $this->getMock(TokenOwnerInterface::class);
$token->setOwner($owner);
$this->resourceServer->expects($this->atLeastOnce())->method('getAccessToken')->with($this->isInstanceOf(PsrServerRequestInterface::class))->will($this->throwException(new OAuth2Exception('Expired token', 123)));
$this->setExpectedException(OAuth2Exception::class, 'Expired token', 123);
$this->authenticationService->getIdentity();
}
public function testReadOwnerFromAccessToken()
{
$token = new AccessToken();
$owner = $this->getMock(TokenOwnerInterface::class);
$token->setOwner($owner);
$this->resourceServer->expects($this->atLeastOnce())->method('getAccessToken')->with($this->isInstanceOf(ServerRequestInterface::class))->will($this->returnValue($token));
$this->assertFalse($this->storage->isEmpty());
$this->assertSame($owner, $this->storage->read());
}
/**
* Prepare the actual HttpResponse for the token
*
* @param AccessToken $accessToken
* @param RefreshToken|null $refreshToken
* @param bool $useRefreshTokenScopes
* @return ResponseInterface
*/
protected function prepareTokenResponse(AccessToken $accessToken, RefreshToken $refreshToken = null, $useRefreshTokenScopes = false)
{
$owner = $accessToken->getOwner();
$scopes = $useRefreshTokenScopes ? $refreshToken->getScopes() : $accessToken->getScopes();
$responseBody = ['access_token' => $accessToken->getToken(), 'token_type' => 'Bearer', 'expires_in' => $accessToken->getExpiresIn(), 'scope' => implode(' ', $scopes), 'owner_id' => $owner ? $owner->getTokenOwnerId() : null];
if (null !== $refreshToken) {
$responseBody['refresh_token'] = $refreshToken->getToken();
}
return new Response\JsonResponse(array_filter($responseBody));
}
public function generateAccessToken(TokenOwnerInterface $user)
{
$token = new AccessToken();
$token->setOwner($user);
$token->setToken(substr(md5(rand()), 0, 7));
$expiresAt = new DateTime();
$token->setExpiresAt($expiresAt->modify('+1 hour'));
$this->entityManager->persist($token);
$this->entityManager->flush();
return $token->getToken();
}
/**
* @dataProvider scopeProvider
*/
public function testCanSaveToken($registeredScopes, $tokenScope, $throwException)
{
if ($throwException) {
$this->setExpectedException(OAuth2Exception::class, null, 'invalid_scope');
}
$token = new AccessToken();
if (empty($tokenScope)) {
$scope = new Scope();
$scope->setName('read');
$this->scopeService->expects($this->once())->method('getDefaultScopes')->will($this->returnValue([$scope]));
} else {
$token->setScopes($tokenScope);
}
if (!$throwException) {
$this->tokenRepository->expects($this->once())->method('save')->with($this->isInstanceOf(AbstractToken::class));
}
$scopes = [];
foreach ($registeredScopes as $registeredScope) {
$scope = new Scope();
$scope->setName($registeredScope);
$scopes[] = $scope;
}
$this->scopeService->expects($this->any())->method('getAll')->will($this->returnValue($scopes));
$this->tokenService->createToken($token);
$this->assertEquals(40, strlen($token->getToken()));
if (empty($tokenScope)) {
$this->assertCount(1, $token->getScopes());
} else {
$this->assertEquals(explode(' ', $tokenScope), $token->getScopes());
}
}
public function testCanCreateTokenResponse()
{
$request = $this->getMock(ServerRequestInterface::class);
$client = new Client();
$owner = $this->getMock(TokenOwnerInterface::class);
$owner->expects($this->once())->method('getTokenOwnerId')->will($this->returnValue(1));
$token = new AccessToken();
$token->setToken('azerty');
$token->setOwner($owner);
$token->setExpiresAt((new DateTime())->add(new DateInterval('PT1H')));
$this->tokenService->expects($this->once())->method('createToken')->will($this->returnValue($token));
$response = $this->grant->createTokenResponse($request, $client, $owner);
$body = json_decode($response->getBody(), true);
$this->assertEquals('azerty', $body['access_token']);
$this->assertEquals('Bearer', $body['token_type']);
$this->assertEquals(3600, $body['expires_in']);
$this->assertEquals(1, $body['owner_id']);
}
/**
* @return AccessToken
*/
private function getValidAccessToken()
{
$accessToken = new AccessToken();
$accessToken->setToken('azerty_access');
$accessToken->setScopes('read');
$validDate = new DateTime();
$validDate->add(new DateInterval('PT1H'));
$accessToken->setExpiresAt($validDate);
return $accessToken;
}
/**
* @dataProvider requestProvider
*/
public function testCanValidateAccessToResource($expiredToken, $tokenScope, $desiredScope, $match)
{
$request = $this->getMock(ServerRequestInterface::class);
$request->expects($this->once())->method('hasHeader')->with('Authorization')->will($this->returnValue(true));
$request->expects($this->once())->method('getHeaderLine')->will($this->returnValue('Bearer token'));
$accessToken = new AccessToken();
$date = new DateTime();
if ($expiredToken) {
$date->sub(new DateInterval('P1D'));
} else {
$date->add(new DateInterval('P1D'));
}
$accessToken->setExpiresAt($date);
$accessToken->setScopes($tokenScope);
$this->tokenService->expects($this->once())->method('getToken')->with('token')->will($this->returnValue($accessToken));
if (!$match || $expiredToken) {
$this->setExpectedException(InvalidAccessTokenException::class);
}
$tokenResult = $this->resourceServer->getAccessToken($request, $desiredScope);
$this->assertInstanceOf(AccessToken::class, $tokenResult);
}
public function testSupportLongLiveToken()
{
$accessToken = new AccessToken();
$this->assertFalse($accessToken->isExpired());
}