public function testErrorResponseContainsExtraHeaders()
{
$config = array(OAuth2::CONFIG_RESPONSE_EXTRA_HEADERS => array("Access-Control-Allow-Origin" => "http://www.foo.com", "X-Extra-Header-1" => "Foo-Bar"));
$stub = new OAuth2GrantUserStub();
$stub->addClient(new OAuth2Client('cid', 'cpass'));
$stub->addUser('foo', 'bar');
$stub->setAllowedGrantTypes(array('authorization_code', 'password'));
$oauth2 = new OAuth2($stub, $config);
$response = $oauth2->grantAccessToken(new Request(array('grant_type' => 'password', 'client_id' => 'cid', 'client_secret' => 'cpass', 'username' => 'foo', 'password' => 'bar')));
$this->assertSame("http://www.foo.com", $response->headers->get("Access-Control-Allow-Origin"));
$this->assertSame("Foo-Bar", $response->headers->get("X-Extra-Header-1"));
}
public function testGrantAccessTokenWithGrantUserWithNewScopeThrowsError()
{
$stub = new OAuth2GrantUserStub();
$stub->addClient(new OAuth2Client('cid', 'cpass'));
$stub->addUser('foo', 'bar', 'scope1 scope2');
$stub->setAllowedGrantTypes(array('authorization_code', 'password'));
$oauth2 = new OAuth2($stub);
try {
$response = $oauth2->grantAccessToken(new Request(array('grant_type' => 'password', 'client_id' => 'cid', 'client_secret' => 'cpass', 'username' => 'foo', 'password' => 'bar', 'scope' => 'scope3')));
$this->fail('The expected exception OAuth2ServerException was not thrown');
} catch (OAuth2ServerException $e) {
$this->assertSame('invalid_scope', $e->getMessage());
$this->assertSame('An unsupported scope was requested.', $e->getDescription());
}
}