public function testRegisterClient() { $this->clientRepository->expects($this->once())->method('idExists')->willReturn(false); $this->clientRepository->expects($this->once())->method('save')->will($this->returnArgument(0)); list($client, $secret) = $this->clientService->registerClient('name', ['http://www.example.com']); $this->assertEquals(60, strlen($client->getSecret())); $this->assertEquals(40, strlen($secret)); }
public function testRegisterClient() { $client = new Client(); $this->clientRepository->expects($this->once())->method('save')->with($client)->willReturn($client); list($client, $secret) = $this->clientService->registerClient($client); $this->assertEquals(60, strlen($client->getSecret())); $this->assertEquals(40, strlen($secret)); $this->assertFalse($this->clientService->authenticate($client, 'azerty')); $this->assertTrue($this->clientService->authenticate($client, $secret)); $this->assertFalse($this->clientService->authenticate($client, $client->getSecret())); }
/** * Get the client (after authenticating it) * * According to the spec (http://tools.ietf.org/html/rfc6749#section-2.3), for public clients we do * not need to authenticate them * * @return Client|null * @throws OAuth2Exception (invalid_client) When a client secret is missing or client authentication failed */ private function getClient(ServerRequestInterface $request, bool $allowPublicClients) { list($id, $secret) = $this->extractClientCredentials($request); // If the grant type we are issuing does not allow public clients, and that the secret is // missing, then we have an error... if (!$allowPublicClients && !$secret) { throw OAuth2Exception::invalidClient('Client secret is missing'); } // If we allow public clients and no client id was set, we can return null if ($allowPublicClients && !$id) { return null; } $client = $this->clientService->getClient($id); // We delegate all the checks to the client service if (null === $client || !$allowPublicClients && !$client->authenticate($secret)) { throw OAuth2Exception::invalidClient('Client authentication failed'); } return $client; }