/**
* Prepare the actual HttpResponse for the token
*/
protected function prepareTokenResponse(AccessToken $accessToken, RefreshToken $refreshToken = null, bool $useRefreshTokenScopes = false) : ResponseInterface
{
$owner = $accessToken->getOwner();
$scopes = $useRefreshTokenScopes ? $refreshToken->getScopes() : $accessToken->getScopes();
$responseBody = ['access_token' => $accessToken->getToken(), 'token_type' => 'Bearer', 'expires_in' => $accessToken->getExpiresIn(), 'scope' => implode(' ', $scopes), 'owner_id' => $owner ? $owner->getTokenOwnerId() : null];
if (null !== $refreshToken) {
$responseBody['refresh_token'] = $refreshToken->getToken();
}
return new Response\JsonResponse(array_filter($responseBody));
}
/**
* @return RefreshToken
*/
private function getValidRefreshToken(TokenOwnerInterface $owner = null, array $scopes = null)
{
$validDate = (new \DateTimeImmutable())->add(new DateInterval('P1D'));
$token = RefreshToken::reconstitute(['token' => 'azerty_refresh', 'owner' => $owner, 'client' => null, 'scopes' => $scopes ?? ['read'], 'expiresAt' => $validDate]);
return $token;
}
/**
* @dataProvider revocationProvider
*/
public function testReturn503IfCannotRevoke($tokenType)
{
$request = $this->createMock(ServerRequestInterface::class);
$request->expects($this->once())->method('getParsedBody')->willReturn(['token' => 'abc', 'token_type_hint' => $tokenType]);
$clientService = $this->createMock(ClientService::class);
$grant = $this->createMock(GrantInterface::class);
$accessTokenService = $this->createMock(AccessTokenService::class);
$refreshTokenService = $this->createMock(RefreshTokenService::class);
$authorizationServer = new AuthorizationServer($clientService, [$grant], $accessTokenService, $refreshTokenService);
if ($tokenType === 'access_token') {
$token = AccessToken::reconstitute(['token' => 'abc', 'owner' => null, 'client' => null, 'scopes' => [], 'expiresAt' => new \DateTimeImmutable()]);
$accessTokenService->expects($this->once())->method('getToken')->with('abc')->will($this->returnValue($token));
$accessTokenService->expects($this->once())->method('deleteToken')->with($token)->will($this->throwException(new \RuntimeException()));
} elseif ($tokenType === 'refresh_token') {
$token = RefreshToken::reconstitute(['token' => 'abc', 'owner' => null, 'client' => null, 'scopes' => [], 'expiresAt' => new \DateTimeImmutable()]);
$refreshTokenService->expects($this->once())->method('getToken')->with('abc')->will($this->returnValue($token));
$refreshTokenService->expects($this->once())->method('deleteToken')->with($token)->will($this->throwException(new \RuntimeException()));
}
$response = $authorizationServer->handleRevocationRequest($request);
$this->assertInstanceOf(ResponseInterface::class, $response);
$this->assertEquals(503, $response->getStatusCode());
}
public function testIsValid()
{
$accessToken = RefreshToken::createNewRefreshToken(60, null, null, 'read write');
$this->assertTrue($accessToken->isValid('read'));
$accessToken = RefreshToken::createNewRefreshToken(-60, null, null, 'read write');
$this->assertFalse($accessToken->isValid('read'));
$accessToken = RefreshToken::createNewRefreshToken(60, null, null, 'read write');
$this->assertFalse($accessToken->isValid('delete'));
}