/** * Handle a token revocation request * * @return \Zend\Http\Response|null */ public function revokeAction() { // Can't do anything if not HTTP request... if (!$this->request instanceof HttpRequest) { return null; } // Currently, ZF2 Http Request object is not PSR-7 compliant, therefore we need to create a new one from // globals, and then convert the response back to ZF2 format $request = ServerRequestFactory::fromGlobals(); $response = $this->authorizationServer->handleRevocationRequest($request); return $this->convertToZfResponse($response); }
/** * @dataProvider revocationProvider */ public function testReturn503IfCannotRevoke($tokenType) { $request = $this->getMock(ServerRequestInterface::class); $request->expects($this->once())->method('getParsedBody')->willReturn(['token' => 'abc', 'token_type_hint' => $tokenType]); $clientService = $this->getMock(ClientService::class, [], [], '', false); $grant = $this->getMock(GrantInterface::class); $accessTokenService = $this->getMock(TokenService::class, [], [], '', false); $refreshTokenService = $this->getMock(TokenService::class, [], [], '', false); $authorizationServer = new AuthorizationServer($clientService, [$grant], $accessTokenService, $refreshTokenService); if ($tokenType === 'access_token') { $token = new AccessToken(); $accessTokenService->expects($this->once())->method('getToken')->with('abc')->will($this->returnValue($token)); $accessTokenService->expects($this->once())->method('deleteToken')->with($token)->will($this->throwException(new \RuntimeException())); } elseif ($tokenType === 'refresh_token') { $token = new RefreshToken(); $refreshTokenService->expects($this->once())->method('getToken')->with('abc')->will($this->returnValue($token)); $refreshTokenService->expects($this->once())->method('deleteToken')->with($token)->will($this->throwException(new \RuntimeException())); } $response = $authorizationServer->handleRevocationRequest($request); $this->assertInstanceOf(ResponseInterface::class, $response); $this->assertEquals(503, $response->getStatusCode()); }