コード例 #1
0
 public function testValidCredentialsInQuerystring()
 {
     $server = $this->getTestServer();
     $request = OAuth2_Request_TestRequest::createPost(array('grant_type' => 'client_credentials', 'client_id' => 'Test Client ID', 'client_secret' => 'TestSecret'));
     $token = $server->grantAccessToken($request);
     $this->assertNotNull($token);
     $this->assertArrayHasKey('access_token', $token);
     $this->assertNotNull($token['access_token']);
 }
コード例 #2
0
 public function testValidCredentialsInvalidScope()
 {
     $server = $this->getTestServer();
     $request = OAuth2_Request_TestRequest::createPost(array('grant_type' => 'password', 'client_id' => 'Test Client ID', 'client_secret' => 'TestSecret', 'username' => 'test-username', 'password' => 'testpass', 'scope' => 'invalid-scope'));
     $token = $server->grantAccessToken($request, $response = new OAuth2_Response());
     $this->assertEquals($response->getStatusCode(), 400);
     $this->assertEquals($response->getParameter('error'), 'invalid_scope');
     $this->assertEquals($response->getParameter('error_description'), 'An unsupported scope was requested');
 }
コード例 #3
0
 public function testInvalidPassword()
 {
     $server = $this->getTestServer();
     $request = OAuth2_Request_TestRequest::createPost(array('grant_type' => 'password', 'client_id' => 'Test Client ID', 'client_secret' => 'TestSecret', 'username' => 'test-username', 'password' => 'fakepass'));
     $ret = $server->grantAccessToken($request);
     $response = $server->getResponse();
     $this->assertEquals($response->getStatusCode(), 400);
     $this->assertEquals($response->getParameter('error'), 'invalid_grant');
     $this->assertEquals($response->getParameter('error_description'), 'Invalid username and password combination');
 }
コード例 #4
0
 public function testValidRefreshTokenWithNoRefreshTokenInResponse()
 {
     $server = $this->getTestServer();
     $server->addGrantType(new OAuth2_GrantType_RefreshToken($this->storage, array('always_issue_new_refresh_token' => false)));
     $request = OAuth2_Request_TestRequest::createPost(array('grant_type' => 'refresh_token', 'client_id' => 'Test Client ID', 'client_secret' => 'TestSecret', 'refresh_token' => 'test-refreshtoken'));
     $token = $server->grantAccessToken($request);
     $this->assertFalse(isset($token['refresh_token']), 'refresh token should not be returned');
     $used_token = $this->storage->getRefreshToken('test-refreshtoken');
     $this->assertNotNull($used_token, 'the refresh token used is still valid');
 }
コード例 #5
0
 public function testInvalidContentType()
 {
     $bearer = new OAuth2_TokenType_Bearer();
     $request = OAuth2_Request_TestRequest::createPost(array('access_token' => 'ThisIsMyAccessToken'));
     $request->server['CONTENT_TYPE'] = 'application/json; charset=UTF-8';
     $param = $bearer->getAccessTokenParameter($request, $response = new OAuth2_Response());
     $this->assertNull($param);
     $this->assertEquals($response->getStatusCode(), 400);
     $this->assertEquals($response->getParameter('error'), 'invalid_request');
     $this->assertEquals($response->getParameter('error_description'), 'The content type for POST requests must be "application/x-www-form-urlencoded"');
 }
コード例 #6
0
 public function testCodeCannotBeUsedTwice()
 {
     $server = $this->getTestServer();
     $request = OAuth2_Request_TestRequest::createPost(array('grant_type' => 'authorization_code', 'client_id' => 'Test Client ID', 'client_secret' => 'TestSecret', 'code' => 'testcode'));
     $response = $server->handleTokenRequest($request);
     $this->assertEquals($response->getStatusCode(), 200);
     $this->assertNotNull($response->getParameter('access_token'));
     // try to use the same code again
     $response = $server->handleTokenRequest($request);
     $this->assertEquals($response->getStatusCode(), 400);
     $this->assertEquals($response->getParameter('error'), 'invalid_grant');
     $this->assertEquals($response->getParameter('error_description'), 'Authorization code doesn\'t exist or is invalid for the client');
 }
コード例 #7
0
 public function testValidTokenResponse()
 {
     // add the test parameters in memory
     $server = $this->getTestServer();
     $request = OAuth2_Request_TestRequest::createPost(array('grant_type' => 'authorization_code', 'client_id' => 'Test Client ID', 'client_secret' => 'TestSecret', 'code' => 'testcode'));
     $response = $server->handleTokenRequest($request);
     $this->assertTrue($response instanceof OAuth2_Response);
     $this->assertEquals($response->getStatusCode(), 200);
     $this->assertNull($response->getParameter('error'));
     $this->assertNull($response->getParameter('error_description'));
     $this->assertNotNUll($response->getParameter('access_token'));
     $this->assertNotNUll($response->getParameter('expires_in'));
     $this->assertNotNUll($response->getParameter('token_type'));
 }
コード例 #8
0
 public function testCustomClientAssertionType()
 {
     $request = OAuth2_Request_TestRequest::createPost(array('grant_type' => 'authorization_code', 'client_id' => 'Test Client ID', 'code' => 'testcode'));
     // verify the mock clientAssertionType was called as expected
     $clientAssertionType = $this->getMock('OAuth2_ClientAssertionTypeInterface', array('validateRequest', 'getClientId'));
     $clientAssertionType->expects($this->once())->method('validateRequest')->will($this->returnValue(true));
     $clientAssertionType->expects($this->once())->method('getClientId')->will($this->returnValue('Test Client ID'));
     // create mock storage
     $storage = OAuth2_Storage_Bootstrap::getInstance()->getMemoryStorage();
     $server = new OAuth2_Server(array($storage), array(), array(), array(), null, null, $clientAssertionType);
     $server->handleTokenRequest($request, $response = new OAuth2_Response());
 }
コード例 #9
0
 public function testValidClientDifferentCode()
 {
     $server = $this->getTestServer();
     $request = OAuth2_Request_TestRequest::createPost(array('grant_type' => 'authorization_code', 'client_id' => 'Test Some Other Client', 'client_secret' => 'TestSecret3', 'code' => 'testcode'));
     $token = $server->grantAccessToken($request, $response = new OAuth2_Response());
     $this->assertEquals($response->getStatusCode(), 400);
     $this->assertEquals($response->getParameter('error'), 'invalid_grant');
     $this->assertEquals($response->getParameter('error_description'), 'authorization_code doesn\'t exist or is invalid for the client');
 }
コード例 #10
0
 public function testMissingKey()
 {
     $server = $this->getTestServer();
     $request = OAuth2_Request_TestRequest::createPost(array('grant_type' => 'urn:ietf:params:oauth:grant-type:jwt-bearer', 'assertion' => $this->getJWT(null, null, null, 'Missing Key Cli,nt')));
     $server->grantAccessToken($request);
     $response = $server->getResponse();
     $this->assertEquals($response->getStatusCode(), 400);
     $this->assertEquals($response->getParameter('error'), 'invalid_grant');
     $this->assertEquals($response->getParameter('error_description'), 'Invalid issuer (iss) or subject (sub) provided');
 }
コード例 #11
0
 public function testInvalidClientIdScope()
 {
     // add the test parameters in memory
     $server = $this->getTestServer();
     $request = OAuth2_Request_TestRequest::createPost(array('grant_type' => 'authorization_code', 'code' => 'testcode', 'client_id' => 'Test Client ID', 'client_secret' => 'TestSecret', 'scope' => 'clientscope3 scope1'));
     $server->handleTokenRequest($request, $response = new OAuth2_Response());
     $this->assertEquals($response->getStatusCode(), 400);
     $this->assertEquals($response->getParameter('error'), 'invalid_scope');
     $this->assertEquals($response->getParameter('error_description'), 'An unsupported scope was requested');
 }
コード例 #12
0
 public function testValidJwtInvalidScope()
 {
     $server = $this->getTestServer();
     $request = OAuth2_Request_TestRequest::createPost(array('grant_type' => 'urn:ietf:params:oauth:grant-type:jwt-bearer', 'assertion' => $this->getJWT(null, null, null, 'Test Client ID', 'invalid-scope')));
     $token = $server->grantAccessToken($request, $response = new OAuth2_Response());
     $this->assertEquals($response->getStatusCode(), 400);
     $this->assertEquals($response->getParameter('error'), 'invalid_scope');
     $this->assertEquals($response->getParameter('error_description'), 'An unsupported scope was requested');
 }