Exemplo n.º 1
0
 /**
  * Prepare the actual HttpResponse for the token
  */
 protected function prepareTokenResponse(AccessToken $accessToken, RefreshToken $refreshToken = null, bool $useRefreshTokenScopes = false) : ResponseInterface
 {
     $owner = $accessToken->getOwner();
     $scopes = $useRefreshTokenScopes ? $refreshToken->getScopes() : $accessToken->getScopes();
     $responseBody = ['access_token' => $accessToken->getToken(), 'token_type' => 'Bearer', 'expires_in' => $accessToken->getExpiresIn(), 'scope' => implode(' ', $scopes), 'owner_id' => $owner ? $owner->getTokenOwnerId() : null];
     if (null !== $refreshToken) {
         $responseBody['refresh_token'] = $refreshToken->getToken();
     }
     return new Response\JsonResponse(array_filter($responseBody));
 }
 /**
  * @return RefreshToken
  */
 private function getValidRefreshToken(TokenOwnerInterface $owner = null, array $scopes = null)
 {
     $validDate = (new \DateTimeImmutable())->add(new DateInterval('P1D'));
     $token = RefreshToken::reconstitute(['token' => 'azerty_refresh', 'owner' => $owner, 'client' => null, 'scopes' => $scopes ?? ['read'], 'expiresAt' => $validDate]);
     return $token;
 }
 /**
  * @dataProvider revocationProvider
  */
 public function testReturn503IfCannotRevoke($tokenType)
 {
     $request = $this->createMock(ServerRequestInterface::class);
     $request->expects($this->once())->method('getParsedBody')->willReturn(['token' => 'abc', 'token_type_hint' => $tokenType]);
     $clientService = $this->createMock(ClientService::class);
     $grant = $this->createMock(GrantInterface::class);
     $accessTokenService = $this->createMock(AccessTokenService::class);
     $refreshTokenService = $this->createMock(RefreshTokenService::class);
     $authorizationServer = new AuthorizationServer($clientService, [$grant], $accessTokenService, $refreshTokenService);
     if ($tokenType === 'access_token') {
         $token = AccessToken::reconstitute(['token' => 'abc', 'owner' => null, 'client' => null, 'scopes' => [], 'expiresAt' => new \DateTimeImmutable()]);
         $accessTokenService->expects($this->once())->method('getToken')->with('abc')->will($this->returnValue($token));
         $accessTokenService->expects($this->once())->method('deleteToken')->with($token)->will($this->throwException(new \RuntimeException()));
     } elseif ($tokenType === 'refresh_token') {
         $token = RefreshToken::reconstitute(['token' => 'abc', 'owner' => null, 'client' => null, 'scopes' => [], 'expiresAt' => new \DateTimeImmutable()]);
         $refreshTokenService->expects($this->once())->method('getToken')->with('abc')->will($this->returnValue($token));
         $refreshTokenService->expects($this->once())->method('deleteToken')->with($token)->will($this->throwException(new \RuntimeException()));
     }
     $response = $authorizationServer->handleRevocationRequest($request);
     $this->assertInstanceOf(ResponseInterface::class, $response);
     $this->assertEquals(503, $response->getStatusCode());
 }
Exemplo n.º 4
0
 public function testIsValid()
 {
     $accessToken = RefreshToken::createNewRefreshToken(60, null, null, 'read write');
     $this->assertTrue($accessToken->isValid('read'));
     $accessToken = RefreshToken::createNewRefreshToken(-60, null, null, 'read write');
     $this->assertFalse($accessToken->isValid('read'));
     $accessToken = RefreshToken::createNewRefreshToken(60, null, null, 'read write');
     $this->assertFalse($accessToken->isValid('delete'));
 }