public function testValidCredentialsInvalidScope() { $server = $this->getTestServer(); $request = OAuth2_Request_TestRequest::createPost(array('grant_type' => 'password', 'client_id' => 'Test Client ID', 'client_secret' => 'TestSecret', 'username' => 'test-username', 'password' => 'testpass', 'scope' => 'invalid-scope')); $token = $server->grantAccessToken($request, $response = new OAuth2_Response()); $this->assertEquals($response->getStatusCode(), 400); $this->assertEquals($response->getParameter('error'), 'invalid_scope'); $this->assertEquals($response->getParameter('error_description'), 'An unsupported scope was requested'); }
public function testInvalidContentType() { $bearer = new OAuth2_TokenType_Bearer(); $request = OAuth2_Request_TestRequest::createPost(array('access_token' => 'ThisIsMyAccessToken')); $request->server['CONTENT_TYPE'] = 'application/json; charset=UTF-8'; $param = $bearer->getAccessTokenParameter($request, $response = new OAuth2_Response()); $this->assertNull($param); $this->assertEquals($response->getStatusCode(), 400); $this->assertEquals($response->getParameter('error'), 'invalid_request'); $this->assertEquals($response->getParameter('error_description'), 'The content type for POST requests must be "application/x-www-form-urlencoded"'); }
public function __construct($url, $statusCode = 302, $error = null, $errorDescription = null, $state = null) { if (empty($url)) { throw new InvalidArgumentException('Cannot redirect to an empty URL.'); } $query = array(); if (!is_null($error)) { $query['error'] = $error; } if (!is_null($errorDescription)) { $query['error_description'] = $errorDescription; } if (!is_null($state)) { $query['state'] = $state; } if (count($query) > 0) { $parts = parse_url($url); $sep = isset($parts['query']) && count($parts['query']) > 0 ? '&' : '?'; $url = $url . $sep . http_build_query($query); } $httpHeaders = array('Location' => $url); parent::__construct(array(), $statusCode, $httpHeaders); if (!$this->isRedirection()) { throw new InvalidArgumentException(sprintf('The HTTP status code is not a redirect ("%s" given).', $statusCode)); } }
public function testSuccessfulRequestStripsExtraParameters() { $server = $this->getTestServer(array('allow_implicit' => true)); $request = new OAuth2_Request(array('client_id' => 'Test Client ID', 'redirect_uri' => 'http://adobe.com?fake=something', 'response_type' => 'token', 'state' => 'test', 'fake' => 'something')); $server->handleAuthorizeRequest($request, $response = new OAuth2_Response(), true); $this->assertEquals($response->getStatusCode(), 302); $this->assertNull($response->getParameter('error')); $this->assertNull($response->getParameter('error_description')); $location = $response->getHttpHeader('Location'); $parts = parse_url($location); $this->assertFalse(isset($parts['fake'])); $this->assertArrayHasKey('fragment', $parts); parse_str($parts['fragment'], $params); $this->assertFalse(isset($parmas['fake'])); $this->assertArrayHasKey('state', $params); $this->assertEquals($params['state'], 'test'); }
public function __construct($statusCode, $error, $errorDescription) { $responseParameters = array('error' => $error, 'error_description' => $errorDescription); $httpHeaders = array('Cache-Control' => 'no-store'); parent::__construct($responseParameters, $statusCode, $httpHeaders); if (!$this->isClientError() && !$this->isServerError()) { throw new InvalidArgumentException(sprintf('The HTTP status code is not an error ("%s" given).', $statusCode)); } }
public function testRequestOverride() { $request = new OAuth2_Request_TestRequest(); $server = $this->getTestServer(); // Smoke test for override request class // $server->handleTokenRequest($request, $response = new OAuth2_Response()); // $this->assertInstanceOf('OAuth2_Response', $response); // $server->handleAuthorizeRequest($request, $response = new OAuth2_Response(), true); // $this->assertInstanceOf('OAuth2_Response', $response); // $response = $server->verifyResourceRequest($request, $response = new OAuth2_Response()); // $this->assertTrue(is_bool($response)); /*** make some valid requests ***/ // Valid Token Request $request->setPost(array('grant_type' => 'authorization_code', 'client_id' => 'Test Client ID', 'client_secret' => 'TestSecret', 'code' => 'testcode')); $server->handleTokenRequest($request, $response = new OAuth2_Response()); $this->assertEquals($response->getStatusCode(), 200); $this->assertNull($response->getParameter('error')); $this->assertNotNUll($response->getParameter('access_token')); }
public function __construct($statusCode, $error, $errorDescription, $errorUri = null) { $parameters = array('error' => $error, 'error_description' => $errorDescription); if (!is_null($errorUri)) { if (strlen($errorUri) > 0 && $errorUri[0] == '#') { // we are referencing an oauth bookmark (for brevity) $errorUri = 'http://tools.ietf.org/html/draft-ietf-oauth-v2-31' . $errorUri; } $parameters['error_uri'] = $errorUri; } $httpHeaders = array('Cache-Control' => 'no-store'); parent::__construct($parameters, $statusCode, $httpHeaders); if (!$this->isClientError() && !$this->isServerError()) { throw new InvalidArgumentException(sprintf('The HTTP status code is not an error ("%s" given).', $statusCode)); } }
public function testAddingResponseType() { $storage = $this->getMock('OAuth2_Storage_Memory'); $storage->expects($this->any())->method('getClientDetails')->will($this->returnValue(array('client_id' => 'some_client'))); $storage->expects($this->any())->method('checkRestrictedGrantType')->will($this->returnValue(true)); // add with the "code" key explicitly set $codeType = new OAuth2_ResponseType_AuthorizationCode($storage); $server = new OAuth2_Server(); $server->addStorage($storage); $server->addResponseType($codeType); $request = new OAuth2_Request(array('response_type' => 'code', 'client_id' => 'some_client', 'redirect_uri' => 'http://example.com', 'state' => 'xyx')); $server->handleAuthorizeRequest($request, $response = new OAuth2_Response(), true); // the response is successful $this->assertEquals($response->getStatusCode(), 302); $parts = parse_url($response->getHttpHeader('Location')); parse_str($parts['query'], $query); $this->assertTrue(isset($query['code'])); $this->assertFalse(isset($query['error'])); // add with the "code" key not set $codeType = new OAuth2_ResponseType_AuthorizationCode($storage); $server = new OAuth2_Server(array($storage), array(), array(), array($codeType)); $request = new OAuth2_Request(array('response_type' => 'code', 'client_id' => 'some_client', 'redirect_uri' => 'http://example.com', 'state' => 'xyx')); $server->handleAuthorizeRequest($request, $response = new OAuth2_Response(), true); // the response is successful $this->assertEquals($response->getStatusCode(), 302); $parts = parse_url($response->getHttpHeader('Location')); parse_str($parts['query'], $query); $this->assertTrue(isset($query['code'])); $this->assertFalse(isset($query['error'])); }
public function testValidClientDifferentCode() { $server = $this->getTestServer(); $request = OAuth2_Request_TestRequest::createPost(array('grant_type' => 'authorization_code', 'client_id' => 'Test Some Other Client', 'client_secret' => 'TestSecret3', 'code' => 'testcode')); $token = $server->grantAccessToken($request, $response = new OAuth2_Response()); $this->assertEquals($response->getStatusCode(), 400); $this->assertEquals($response->getParameter('error'), 'invalid_grant'); $this->assertEquals($response->getParameter('error_description'), 'authorization_code doesn\'t exist or is invalid for the client'); }
public function testMalformedToken() { $server = $this->getTestServer(); $request = OAuth2_Request::createFromGlobals(); $request->headers['AUTHORIZATION'] = 'Bearer accesstoken-malformed'; $allow = $server->verifyResourceRequest($request, $response = new OAuth2_Response()); $this->assertFalse($allow); $this->assertEquals($response->getStatusCode(), 401); $this->assertEquals($response->getParameter('error'), 'invalid_grant'); $this->assertEquals($response->getParameter('error_description'), 'Malformed token (missing "expires" or "client_id")'); }
public function testRenderAsXml() { $response = new OAuth2_Response(array('foo' => 'bar', 'halland' => 'oates')); $string = $response->getResponseBody('xml'); $this->assertContains('<response><bar>foo</bar><oates>halland</oates></response>', $string); }
public function testInvalidClientIdScope() { // add the test parameters in memory $server = $this->getTestServer(); $request = OAuth2_Request_TestRequest::createPost(array('grant_type' => 'authorization_code', 'code' => 'testcode', 'client_id' => 'Test Client ID', 'client_secret' => 'TestSecret', 'scope' => 'clientscope3 scope1')); $server->handleTokenRequest($request, $response = new OAuth2_Response()); $this->assertEquals($response->getStatusCode(), 400); $this->assertEquals($response->getParameter('error'), 'invalid_scope'); $this->assertEquals($response->getParameter('error_description'), 'An unsupported scope was requested'); }
public function testValidJwtInvalidScope() { $server = $this->getTestServer(); $request = OAuth2_Request_TestRequest::createPost(array('grant_type' => 'urn:ietf:params:oauth:grant-type:jwt-bearer', 'assertion' => $this->getJWT(null, null, null, 'Test Client ID', 'invalid-scope'))); $token = $server->grantAccessToken($request, $response = new OAuth2_Response()); $this->assertEquals($response->getStatusCode(), 400); $this->assertEquals($response->getParameter('error'), 'invalid_scope'); $this->assertEquals($response->getParameter('error_description'), 'An unsupported scope was requested'); }