public function testAuthenticationCheckImmediateAuthenticationPrivateSession()
{
//set login info
Session::set("openid.authorization.response", IAuthService::AuthorizationResponse_AllowOnce);
//add trusted site
$site = new OpenIdTrustedSite();
$site->realm = 'https://www.test.com/';
$site->policy = IAuthService::AuthorizationResponse_AllowForever;
$site->user_id = $this->user->getId();
$site->data = json_encode(array());
$site->Save();
$params = array(OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_NS) => OpenIdProtocol::OpenID2MessageType, OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Mode) => OpenIdProtocol::ImmediateMode, OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Realm) => "https://www.test.com/", OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ReturnTo) => "https://www.test.com/oauth2", OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Identity) => "http://specs.openid.net/auth/2.0/identifier_select", OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ClaimedId) => "http://specs.openid.net/auth/2.0/identifier_select");
$response = $this->action("POST", "OpenIdProviderController@endpoint", $params);
$this->assertResponseStatus(302);
$openid_response = $this->parseOpenIdResponse($response->getTargetUrl());
$this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Mode)]));
$this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Mode)]));
$this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_NS)]));
$this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_NS)]));
$this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ReturnTo)]));
$this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ReturnTo)]));
$this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Sig)]));
$this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Sig)]));
$this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Signed)]));
$this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Signed)]));
$this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Realm)]));
$this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Realm)]));
$this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_OpEndpoint)]));
$this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_OpEndpoint)]));
$this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Identity)]));
$this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_Identity)]));
$this->assertTrue(isset($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ClaimedId)]));
$this->assertTrue(!empty($openid_response[OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_ClaimedId)]));
}
private function seedTestUsersAndClients()
{
$resource_server = ResourceServer::first();
// create users and clients ...
User::create(array('identifier' => 'sebastian.marcet', 'external_identifier' => 13867, 'last_login_date' => gmdate("Y-m-d H:i:s", time())));
$user = User::where('identifier', '=', 'sebastian.marcet')->first();
OpenIdTrustedSite::create(array('user_id' => $user->id, 'realm' => 'https://www.test.com/', 'policy' => IAuthService::AuthorizationResponse_AllowForever));
Client::create(array('app_name' => 'oauth2_test_app', 'app_description' => 'oauth2_test_app', 'app_logo' => null, 'client_id' => 'Jiz87D8/Vcvr6fvQbH4HyNgwTlfSyQ3x.openstack.client', 'client_secret' => 'ITc/6Y5N7kOtGKhg', 'client_type' => IClient::ClientType_Confidential, 'application_type' => IClient::ApplicationType_Web_App, 'user_id' => $user->id, 'rotate_refresh_token' => true, 'use_refresh_token' => true));
Client::create(array('app_name' => 'oauth2.service', 'app_description' => 'oauth2.service', 'app_logo' => null, 'client_id' => '11z87D8/Vcvr6fvQbH4HyNgwTlfSyQ3x.openstack.client', 'client_secret' => '11c/6Y5N7kOtGKhg', 'client_type' => IClient::ClientType_Confidential, 'application_type' => IClient::ApplicationType_Service, 'user_id' => $user->id, 'rotate_refresh_token' => true, 'use_refresh_token' => true));
Client::create(array('app_name' => 'oauth2_test_app_public', 'app_description' => 'oauth2_test_app_public', 'app_logo' => null, 'client_id' => 'Jiz87D8/Vcvr6fvQbH4HyNgwKlfSyQ3x.openstack.client', 'client_secret' => null, 'client_type' => IClient::ClientType_Public, 'application_type' => IClient::ApplicationType_JS_Client, 'user_id' => $user->id, 'rotate_refresh_token' => false, 'use_refresh_token' => false));
Client::create(array('app_name' => 'oauth2_test_app_public_2', 'app_description' => 'oauth2_test_app_public_2', 'app_logo' => null, 'client_id' => 'Jiz87D8/Vcvr6fvQbH4HyNgwKlfSyQ2x.openstack.client', 'client_secret' => null, 'client_type' => IClient::ClientType_Public, 'application_type' => IClient::ApplicationType_JS_Client, 'user_id' => $user->id, 'rotate_refresh_token' => false, 'use_refresh_token' => false));
Client::create(array('app_name' => 'resource_server_client', 'app_description' => 'resource_server_client', 'app_logo' => null, 'client_id' => 'resource.server.1.openstack.client', 'client_secret' => '123456789', 'client_type' => IClient::ClientType_Confidential, 'application_type' => IClient::ApplicationType_Service, 'resource_server_id' => $resource_server->id, 'rotate_refresh_token' => false, 'use_refresh_token' => false));
$client_confidential = Client::where('app_name', '=', 'oauth2_test_app')->first();
$client_public = Client::where('app_name', '=', 'oauth2_test_app_public')->first();
$client_service = Client::where('app_name', '=', 'oauth2.service')->first();
//attach scopes
$scopes = ApiScope::get();
foreach ($scopes as $scope) {
$client_confidential->scopes()->attach($scope->id);
$client_public->scopes()->attach($scope->id);
$client_service->scopes()->attach($scope->id);
}
//add uris
ClientAuthorizedUri::create(array('uri' => 'https://www.test.com/oauth2', 'client_id' => $client_confidential->id));
//add uris
ClientAllowedOrigin::create(array('allowed_origin' => 'https://www.test.com/oauth2', 'client_id' => $client_confidential->id));
ClientAuthorizedUri::create(array('uri' => 'https://www.test.com/oauth2', 'client_id' => $client_public->id));
}
