コード例 #1
0
 public function testValidCredentialsInvalidScope()
 {
     $server = $this->getTestServer();
     $request = OAuth2_Request_TestRequest::createPost(array('grant_type' => 'password', 'client_id' => 'Test Client ID', 'client_secret' => 'TestSecret', 'username' => 'test-username', 'password' => 'testpass', 'scope' => 'invalid-scope'));
     $token = $server->grantAccessToken($request, $response = new OAuth2_Response());
     $this->assertEquals($response->getStatusCode(), 400);
     $this->assertEquals($response->getParameter('error'), 'invalid_scope');
     $this->assertEquals($response->getParameter('error_description'), 'An unsupported scope was requested');
 }
コード例 #2
0
 public function testInvalidContentType()
 {
     $bearer = new OAuth2_TokenType_Bearer();
     $request = OAuth2_Request_TestRequest::createPost(array('access_token' => 'ThisIsMyAccessToken'));
     $request->server['CONTENT_TYPE'] = 'application/json; charset=UTF-8';
     $param = $bearer->getAccessTokenParameter($request, $response = new OAuth2_Response());
     $this->assertNull($param);
     $this->assertEquals($response->getStatusCode(), 400);
     $this->assertEquals($response->getParameter('error'), 'invalid_request');
     $this->assertEquals($response->getParameter('error_description'), 'The content type for POST requests must be "application/x-www-form-urlencoded"');
 }
コード例 #3
0
 public function testSuccessfulRequestStripsExtraParameters()
 {
     $server = $this->getTestServer(array('allow_implicit' => true));
     $request = new OAuth2_Request(array('client_id' => 'Test Client ID', 'redirect_uri' => 'http://adobe.com?fake=something', 'response_type' => 'token', 'state' => 'test', 'fake' => 'something'));
     $server->handleAuthorizeRequest($request, $response = new OAuth2_Response(), true);
     $this->assertEquals($response->getStatusCode(), 302);
     $this->assertNull($response->getParameter('error'));
     $this->assertNull($response->getParameter('error_description'));
     $location = $response->getHttpHeader('Location');
     $parts = parse_url($location);
     $this->assertFalse(isset($parts['fake']));
     $this->assertArrayHasKey('fragment', $parts);
     parse_str($parts['fragment'], $params);
     $this->assertFalse(isset($parmas['fake']));
     $this->assertArrayHasKey('state', $params);
     $this->assertEquals($params['state'], 'test');
 }
コード例 #4
0
 public function testRequestOverride()
 {
     $request = new OAuth2_Request_TestRequest();
     $server = $this->getTestServer();
     // Smoke test for override request class
     // $server->handleTokenRequest($request, $response = new OAuth2_Response());
     // $this->assertInstanceOf('OAuth2_Response', $response);
     // $server->handleAuthorizeRequest($request, $response = new OAuth2_Response(), true);
     // $this->assertInstanceOf('OAuth2_Response', $response);
     // $response = $server->verifyResourceRequest($request, $response = new OAuth2_Response());
     // $this->assertTrue(is_bool($response));
     /*** make some valid requests ***/
     // Valid Token Request
     $request->setPost(array('grant_type' => 'authorization_code', 'client_id' => 'Test Client ID', 'client_secret' => 'TestSecret', 'code' => 'testcode'));
     $server->handleTokenRequest($request, $response = new OAuth2_Response());
     $this->assertEquals($response->getStatusCode(), 200);
     $this->assertNull($response->getParameter('error'));
     $this->assertNotNUll($response->getParameter('access_token'));
 }
コード例 #5
0
 public function testAddingResponseType()
 {
     $storage = $this->getMock('OAuth2_Storage_Memory');
     $storage->expects($this->any())->method('getClientDetails')->will($this->returnValue(array('client_id' => 'some_client')));
     $storage->expects($this->any())->method('checkRestrictedGrantType')->will($this->returnValue(true));
     // add with the "code" key explicitly set
     $codeType = new OAuth2_ResponseType_AuthorizationCode($storage);
     $server = new OAuth2_Server();
     $server->addStorage($storage);
     $server->addResponseType($codeType);
     $request = new OAuth2_Request(array('response_type' => 'code', 'client_id' => 'some_client', 'redirect_uri' => 'http://example.com', 'state' => 'xyx'));
     $server->handleAuthorizeRequest($request, $response = new OAuth2_Response(), true);
     // the response is successful
     $this->assertEquals($response->getStatusCode(), 302);
     $parts = parse_url($response->getHttpHeader('Location'));
     parse_str($parts['query'], $query);
     $this->assertTrue(isset($query['code']));
     $this->assertFalse(isset($query['error']));
     // add with the "code" key not set
     $codeType = new OAuth2_ResponseType_AuthorizationCode($storage);
     $server = new OAuth2_Server(array($storage), array(), array(), array($codeType));
     $request = new OAuth2_Request(array('response_type' => 'code', 'client_id' => 'some_client', 'redirect_uri' => 'http://example.com', 'state' => 'xyx'));
     $server->handleAuthorizeRequest($request, $response = new OAuth2_Response(), true);
     // the response is successful
     $this->assertEquals($response->getStatusCode(), 302);
     $parts = parse_url($response->getHttpHeader('Location'));
     parse_str($parts['query'], $query);
     $this->assertTrue(isset($query['code']));
     $this->assertFalse(isset($query['error']));
 }
コード例 #6
0
 public function testValidClientDifferentCode()
 {
     $server = $this->getTestServer();
     $request = OAuth2_Request_TestRequest::createPost(array('grant_type' => 'authorization_code', 'client_id' => 'Test Some Other Client', 'client_secret' => 'TestSecret3', 'code' => 'testcode'));
     $token = $server->grantAccessToken($request, $response = new OAuth2_Response());
     $this->assertEquals($response->getStatusCode(), 400);
     $this->assertEquals($response->getParameter('error'), 'invalid_grant');
     $this->assertEquals($response->getParameter('error_description'), 'authorization_code doesn\'t exist or is invalid for the client');
 }
コード例 #7
0
 public function testMalformedToken()
 {
     $server = $this->getTestServer();
     $request = OAuth2_Request::createFromGlobals();
     $request->headers['AUTHORIZATION'] = 'Bearer accesstoken-malformed';
     $allow = $server->verifyResourceRequest($request, $response = new OAuth2_Response());
     $this->assertFalse($allow);
     $this->assertEquals($response->getStatusCode(), 401);
     $this->assertEquals($response->getParameter('error'), 'invalid_grant');
     $this->assertEquals($response->getParameter('error_description'), 'Malformed token (missing "expires" or "client_id")');
 }
コード例 #8
0
 public function testInvalidClientIdScope()
 {
     // add the test parameters in memory
     $server = $this->getTestServer();
     $request = OAuth2_Request_TestRequest::createPost(array('grant_type' => 'authorization_code', 'code' => 'testcode', 'client_id' => 'Test Client ID', 'client_secret' => 'TestSecret', 'scope' => 'clientscope3 scope1'));
     $server->handleTokenRequest($request, $response = new OAuth2_Response());
     $this->assertEquals($response->getStatusCode(), 400);
     $this->assertEquals($response->getParameter('error'), 'invalid_scope');
     $this->assertEquals($response->getParameter('error_description'), 'An unsupported scope was requested');
 }
コード例 #9
0
 public function testValidJwtInvalidScope()
 {
     $server = $this->getTestServer();
     $request = OAuth2_Request_TestRequest::createPost(array('grant_type' => 'urn:ietf:params:oauth:grant-type:jwt-bearer', 'assertion' => $this->getJWT(null, null, null, 'Test Client ID', 'invalid-scope')));
     $token = $server->grantAccessToken($request, $response = new OAuth2_Response());
     $this->assertEquals($response->getStatusCode(), 400);
     $this->assertEquals($response->getParameter('error'), 'invalid_scope');
     $this->assertEquals($response->getParameter('error_description'), 'An unsupported scope was requested');
 }