/** @test */
public function it_redirects_home_if_user_is_authenticated()
{
$this->setupStormpathApplication();
$this->createAccount(['login' => '*****@*****.**', 'password' => 'superP4ss!']);
$passwordGrant = new \Stormpath\Oauth\PasswordGrantRequest('*****@*****.**', 'superP4ss!');
$auth = new \Stormpath\Oauth\PasswordGrantAuthenticator(app('stormpath.application'));
$result = $auth->authenticate($passwordGrant);
$this->call('GET', 'testRedirectIfAuthenticatedMiddleware', [], $this->cookiesToSend($result));
$this->assertRedirectedTo('/');
$this->followRedirects();
$this->see('Home');
}
/**
* @test
*/
public function it_responds_to_password_grant_types()
{
$passwordGrant = new \Stormpath\Oauth\PasswordGrantRequest(self::$account->username, 'superP4ss');
$auth = new \Stormpath\Oauth\PasswordGrantAuthenticator(self::$application);
self::$token = $auth->authenticate($passwordGrant);
$this->assertInstanceOf('Stormpath\\Oauth\\OauthGrantAuthenticationResult', self::$token);
$this->assertInstanceOf('Stormpath\\Resource\\AccessToken', self::$token->getAccessToken());
$this->assertCount(3, explode('.', self::$token->getAccessTokenString()));
$this->assertNull(self::$token->getRefreshToken());
$this->assertCount(3, explode('.', self::$token->getRefreshTokenString()));
$this->assertcontains('/accessTokens/', self::$token->getAccessTokenHref());
$this->assertEquals('Bearer', self::$token->getTokenType());
$this->assertTrue(is_integer(self::$token->getExpiresIn()));
}
private function doPasswordGrantType($request)
{
if (!config('stormpath.web.oauth2.password.enabled')) {
return $this->respondUnsupportedGrantType();
}
try {
$passwordGrant = new \Stormpath\Oauth\PasswordGrantRequest($request->input('username'), $request->input('password'));
$auth = new \Stormpath\Oauth\PasswordGrantAuthenticator(app('stormpath.application'));
$result = $auth->authenticate($passwordGrant);
return $this->respondWithAccessTokens($result);
} catch (\Exception $e) {
return $this->respondWithInvalidLogin($e);
}
}
/** @test */
public function it_will_redirect_to_login_if_old_token_and_can_not_refresh()
{
$this->setupStormpathApplication();
$this->createAccount(['login' => '*****@*****.**', 'password' => 'superP4ss!']);
$passwordGrant = new \Stormpath\Oauth\PasswordGrantRequest('*****@*****.**', 'superP4ss!');
$auth = new \Stormpath\Oauth\PasswordGrantAuthenticator(app('stormpath.application'));
$result = $auth->authenticate($passwordGrant);
$this->call('GET', 'testAuthenticateMiddleware', [], [config('stormpath.web.accessTokenCookie.name') => cookie(config('stormpath.web.accessTokenCookie.name'), 'eyJraWQiOiIxUE4zRlhJMFU3OUUyTUhDRjZYVVlHVTRaIiwiYWxnIjoiSFMyNTYifQ.eyJqdGkiOiJ5VnZ4ZTV4T1NqOHl6WHNWa0w4VmIiLCJpYXQiOjE0NDk3ODU5ODgsImlzcyI6Imh0dHBzOi8vYXBpLnN0b3JtcGF0aC5jb20vdjEvYXBwbGljYXRpb25zL3hSQ1FsNmRIRFl2UWtPMzZDY2EwSSIsInN1YiI6Imh0dHBzOi8vYXBpLnN0b3JtcGF0aC5jb20vdjEvYWNjb3VudHMveGloYzVpYXlwb1BvaVFsakFEU2tXIiwiZXhwIjoxNDQ5Nzg5NTg4LCJydGkiOiJ5VnZ4YWxzVHNRQU1BUzFKVVRydFgifQ.gDO2pfxTfItjW8YMM_ZKf8BvqU3kenR0g8my7mneAd8', time() - 86400, config('stormpath.web.accessTokenCookie.path'), config('stormpath.web.accessTokenCookie.domain'), config('stormpath.web.accessTokenCookie.secure'), config('stormpath.web.accessTokenCookie.httpOnly')), config('stormpath.web.refreshTokenCookie.name') => cookie(config('stormpath.web.refreshTokenCookie.name'), $result->getAccessTokenString(), time() - 86400, config('stormpath.web.refreshTokenCookie.path'), config('stormpath.web.refreshTokenCookie.domain'), config('stormpath.web.refreshTokenCookie.secure'), config('stormpath.web.refreshTokenCookie.httpOnly'))]);
$this->assertRedirectedToRoute('stormpath.login');
$headers = $this->response->headers;
$cookies = $headers->getCookies();
foreach ($cookies as $cookie) {
if ($cookie->getName() == config('stormpath.web.accessTokenCookie.name') || $cookie->getName() == config('stormpath.web.refreshTokenCookie.name')) {
$this->assertLessThan(time(), $cookie->getExpiresTime());
}
}
}
public function authenticate($user, $password)
{
$passwordGrant = new \Stormpath\Oauth\PasswordGrantRequest($user, $password);
$auth = new \Stormpath\Oauth\PasswordGrantAuthenticator(app('stormpath.application'));
return $auth->authenticate($passwordGrant);
}