public function testValidCredentialsInQuerystring() { $server = $this->getTestServer(); $request = OAuth2_Request_TestRequest::createPost(array('grant_type' => 'client_credentials', 'client_id' => 'Test Client ID', 'client_secret' => 'TestSecret')); $token = $server->grantAccessToken($request); $this->assertNotNull($token); $this->assertArrayHasKey('access_token', $token); $this->assertNotNull($token['access_token']); }
public function testValidCredentialsInvalidScope() { $server = $this->getTestServer(); $request = OAuth2_Request_TestRequest::createPost(array('grant_type' => 'password', 'client_id' => 'Test Client ID', 'client_secret' => 'TestSecret', 'username' => 'test-username', 'password' => 'testpass', 'scope' => 'invalid-scope')); $token = $server->grantAccessToken($request, $response = new OAuth2_Response()); $this->assertEquals($response->getStatusCode(), 400); $this->assertEquals($response->getParameter('error'), 'invalid_scope'); $this->assertEquals($response->getParameter('error_description'), 'An unsupported scope was requested'); }
public function testInvalidPassword() { $server = $this->getTestServer(); $request = OAuth2_Request_TestRequest::createPost(array('grant_type' => 'password', 'client_id' => 'Test Client ID', 'client_secret' => 'TestSecret', 'username' => 'test-username', 'password' => 'fakepass')); $ret = $server->grantAccessToken($request); $response = $server->getResponse(); $this->assertEquals($response->getStatusCode(), 400); $this->assertEquals($response->getParameter('error'), 'invalid_grant'); $this->assertEquals($response->getParameter('error_description'), 'Invalid username and password combination'); }
public function testValidRefreshTokenWithNoRefreshTokenInResponse() { $server = $this->getTestServer(); $server->addGrantType(new OAuth2_GrantType_RefreshToken($this->storage, array('always_issue_new_refresh_token' => false))); $request = OAuth2_Request_TestRequest::createPost(array('grant_type' => 'refresh_token', 'client_id' => 'Test Client ID', 'client_secret' => 'TestSecret', 'refresh_token' => 'test-refreshtoken')); $token = $server->grantAccessToken($request); $this->assertFalse(isset($token['refresh_token']), 'refresh token should not be returned'); $used_token = $this->storage->getRefreshToken('test-refreshtoken'); $this->assertNotNull($used_token, 'the refresh token used is still valid'); }
public function testInvalidContentType() { $bearer = new OAuth2_TokenType_Bearer(); $request = OAuth2_Request_TestRequest::createPost(array('access_token' => 'ThisIsMyAccessToken')); $request->server['CONTENT_TYPE'] = 'application/json; charset=UTF-8'; $param = $bearer->getAccessTokenParameter($request, $response = new OAuth2_Response()); $this->assertNull($param); $this->assertEquals($response->getStatusCode(), 400); $this->assertEquals($response->getParameter('error'), 'invalid_request'); $this->assertEquals($response->getParameter('error_description'), 'The content type for POST requests must be "application/x-www-form-urlencoded"'); }
public function testCodeCannotBeUsedTwice() { $server = $this->getTestServer(); $request = OAuth2_Request_TestRequest::createPost(array('grant_type' => 'authorization_code', 'client_id' => 'Test Client ID', 'client_secret' => 'TestSecret', 'code' => 'testcode')); $response = $server->handleTokenRequest($request); $this->assertEquals($response->getStatusCode(), 200); $this->assertNotNull($response->getParameter('access_token')); // try to use the same code again $response = $server->handleTokenRequest($request); $this->assertEquals($response->getStatusCode(), 400); $this->assertEquals($response->getParameter('error'), 'invalid_grant'); $this->assertEquals($response->getParameter('error_description'), 'Authorization code doesn\'t exist or is invalid for the client'); }
public function testValidTokenResponse() { // add the test parameters in memory $server = $this->getTestServer(); $request = OAuth2_Request_TestRequest::createPost(array('grant_type' => 'authorization_code', 'client_id' => 'Test Client ID', 'client_secret' => 'TestSecret', 'code' => 'testcode')); $response = $server->handleTokenRequest($request); $this->assertTrue($response instanceof OAuth2_Response); $this->assertEquals($response->getStatusCode(), 200); $this->assertNull($response->getParameter('error')); $this->assertNull($response->getParameter('error_description')); $this->assertNotNUll($response->getParameter('access_token')); $this->assertNotNUll($response->getParameter('expires_in')); $this->assertNotNUll($response->getParameter('token_type')); }
public function testCustomClientAssertionType() { $request = OAuth2_Request_TestRequest::createPost(array('grant_type' => 'authorization_code', 'client_id' => 'Test Client ID', 'code' => 'testcode')); // verify the mock clientAssertionType was called as expected $clientAssertionType = $this->getMock('OAuth2_ClientAssertionTypeInterface', array('validateRequest', 'getClientId')); $clientAssertionType->expects($this->once())->method('validateRequest')->will($this->returnValue(true)); $clientAssertionType->expects($this->once())->method('getClientId')->will($this->returnValue('Test Client ID')); // create mock storage $storage = OAuth2_Storage_Bootstrap::getInstance()->getMemoryStorage(); $server = new OAuth2_Server(array($storage), array(), array(), array(), null, null, $clientAssertionType); $server->handleTokenRequest($request, $response = new OAuth2_Response()); }
public function testValidClientDifferentCode() { $server = $this->getTestServer(); $request = OAuth2_Request_TestRequest::createPost(array('grant_type' => 'authorization_code', 'client_id' => 'Test Some Other Client', 'client_secret' => 'TestSecret3', 'code' => 'testcode')); $token = $server->grantAccessToken($request, $response = new OAuth2_Response()); $this->assertEquals($response->getStatusCode(), 400); $this->assertEquals($response->getParameter('error'), 'invalid_grant'); $this->assertEquals($response->getParameter('error_description'), 'authorization_code doesn\'t exist or is invalid for the client'); }
public function testMissingKey() { $server = $this->getTestServer(); $request = OAuth2_Request_TestRequest::createPost(array('grant_type' => 'urn:ietf:params:oauth:grant-type:jwt-bearer', 'assertion' => $this->getJWT(null, null, null, 'Missing Key Cli,nt'))); $server->grantAccessToken($request); $response = $server->getResponse(); $this->assertEquals($response->getStatusCode(), 400); $this->assertEquals($response->getParameter('error'), 'invalid_grant'); $this->assertEquals($response->getParameter('error_description'), 'Invalid issuer (iss) or subject (sub) provided'); }
public function testInvalidClientIdScope() { // add the test parameters in memory $server = $this->getTestServer(); $request = OAuth2_Request_TestRequest::createPost(array('grant_type' => 'authorization_code', 'code' => 'testcode', 'client_id' => 'Test Client ID', 'client_secret' => 'TestSecret', 'scope' => 'clientscope3 scope1')); $server->handleTokenRequest($request, $response = new OAuth2_Response()); $this->assertEquals($response->getStatusCode(), 400); $this->assertEquals($response->getParameter('error'), 'invalid_scope'); $this->assertEquals($response->getParameter('error_description'), 'An unsupported scope was requested'); }
public function testValidJwtInvalidScope() { $server = $this->getTestServer(); $request = OAuth2_Request_TestRequest::createPost(array('grant_type' => 'urn:ietf:params:oauth:grant-type:jwt-bearer', 'assertion' => $this->getJWT(null, null, null, 'Test Client ID', 'invalid-scope'))); $token = $server->grantAccessToken($request, $response = new OAuth2_Response()); $this->assertEquals($response->getStatusCode(), 400); $this->assertEquals($response->getParameter('error'), 'invalid_scope'); $this->assertEquals($response->getParameter('error_description'), 'An unsupported scope was requested'); }