/** * Test that the ID token is properly refreshed. */ public function testRefreshTokenSetsValues() { $client = new Postman_Google_Client(); $response_data = json_encode(array('access_token' => "ACCESS_TOKEN", 'id_token' => "ID_TOKEN", 'expires_in' => "12345")); $response = $this->getMock("Postman_Google_Http_Request", array(), array('')); $response->expects($this->any())->method('getResponseHttpCode')->will($this->returnValue(200)); $response->expects($this->any())->method('getResponseBody')->will($this->returnValue($response_data)); $io = $this->getMock("Postman_Google_IO_Stream", array(), array($client)); $io->expects($this->any())->method('makeRequest')->will($this->returnCallback(function ($request) use(&$token, $response) { $elements = $request->getPostBody(); PHPUnit_Framework_TestCase::assertEquals($elements['grant_type'], "refresh_token"); PHPUnit_Framework_TestCase::assertEquals($elements['refresh_token'], "REFRESH_TOKEN"); return $response; })); $client->setIo($io); $oauth = new Postman_Google_Auth_OAuth2($client); $oauth->refreshToken("REFRESH_TOKEN"); $token = json_decode($oauth->getAccessToken(), true); $this->assertEquals($token['id_token'], "ID_TOKEN"); }
private function checkIdTokenFailure($id_token, $msg) { $certs = $this->getSignonCerts(); $oauth2 = new Postman_Google_Auth_OAuth2($this->getClient()); try { $oauth2->verifySignedJwtWithCerts($id_token, $certs, "client_id"); $this->fail("Should have thrown for {$id_token}"); } catch (Postman_Google_Auth_Exception $e) { $this->assertContains($msg, $e->getMessage()); } }
/** * Verify a JWT that was signed with your own certificates. * * @param $id_token string The JWT token * @param $cert_location array of certificates * @param $audience string the expected consumer of the token * @param $issuer string the expected issuer, defaults to Google * @param [$max_expiry] the max lifetime of a token, defaults to MAX_TOKEN_LIFETIME_SECS * @return mixed token information if valid, false if not */ public function verifySignedJwt($id_token, $cert_location, $audience, $issuer, $max_expiry = null) { $auth = new Postman_Google_Auth_OAuth2($this); $certs = $auth->retrieveCertsFromLocation($cert_location); return $auth->verifySignedJwtWithCerts($id_token, $certs, $audience, $issuer, $max_expiry); }