mmk2410
/
rangitaki
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
This repository has been archived on 2022-02-10. You can view files and clone it, but cannot push or open issues or pull requests.
rangitaki/vendor/bshaffer/oauth2-server-php/test/OAuth2/GrantType/ImplicitTest.php

144 lines
5.9 KiB
PHP
Raw Blame History

<?php
namespace OAuth2\GrantType;
use OAuth2\Storage\Bootstrap;
use OAuth2\Server;
use OAuth2\Request;
use OAuth2\Response;
class ImplicitTest extends \PHPUnit_Framework_TestCase
{
public function testImplicitNotAllowedResponse()
{
$server = $this->getTestServer();
$request = new Request(array(
'client_id' => 'Test Client ID', // valid client id
'redirect_uri' => 'http://adobe.com', // valid redirect URI
'response_type' => 'token', // invalid response type
));
$server->handleAuthorizeRequest($request, $response = new Response(), false);
$this->assertEquals($response->getStatusCode(), 302);
$location = $response->getHttpHeader('Location');
$parts = parse_url($location);
parse_str($parts['query'], $query);
$this->assertEquals($query['error'], 'unsupported_response_type');
$this->assertEquals($query['error_description'], 'implicit grant type not supported');
}
public function testUserDeniesAccessResponse()
{
$server = $this->getTestServer(array('allow_implicit' => true));
$request = new Request(array(
'client_id' => 'Test Client ID', // valid client id
'redirect_uri' => 'http://adobe.com', // valid redirect URI
'response_type' => 'token', // valid response type
'state' => 'xyz',
));
$server->handleAuthorizeRequest($request, $response = new Response(), false);
$this->assertEquals($response->getStatusCode(), 302);
$location = $response->getHttpHeader('Location');
$parts = parse_url($location);
parse_str($parts['query'], $query);
$this->assertEquals($query['error'], 'access_denied');
$this->assertEquals($query['error_description'], 'The user denied access to your application');
}
public function testSuccessfulRequestFragmentParameter()
{
$server = $this->getTestServer(array('allow_implicit' => true));
$request = new Request(array(
'client_id' => 'Test Client ID', // valid client id
'redirect_uri' => 'http://adobe.com', // valid redirect URI
'response_type' => 'token', // valid response type
'state' => 'xyz',
));
$server->handleAuthorizeRequest($request, $response = new Response(), true);
$this->assertEquals($response->getStatusCode(), 302);
$this->assertNull($response->getParameter('error'));
$this->assertNull($response->getParameter('error_description'));
$location = $response->getHttpHeader('Location');
$parts = parse_url($location);
$this->assertEquals('http', $parts['scheme']); // same as passed in to redirect_uri
$this->assertEquals('adobe.com', $parts['host']); // same as passed in to redirect_uri
$this->assertArrayHasKey('fragment', $parts);
$this->assertFalse(isset($parts['query']));
// assert fragment is in "application/x-www-form-urlencoded" format
parse_str($parts['fragment'], $params);
$this->assertNotNull($params);
$this->assertArrayHasKey('access_token', $params);
$this->assertArrayHasKey('expires_in', $params);
$this->assertArrayHasKey('token_type', $params);
}
public function testSuccessfulRequestReturnsStateParameter()
{
$server = $this->getTestServer(array('allow_implicit' => true));
$request = new Request(array(
'client_id' => 'Test Client ID', // valid client id
'redirect_uri' => 'http://adobe.com', // valid redirect URI
'response_type' => 'token', // valid response type
'state' => 'test', // valid state string (just needs to be passed back to us)
));
$server->handleAuthorizeRequest($request, $response = new Response(), true);
$this->assertEquals($response->getStatusCode(), 302);
$this->assertNull($response->getParameter('error'));
$this->assertNull($response->getParameter('error_description'));
$location = $response->getHttpHeader('Location');
$parts = parse_url($location);
$this->assertArrayHasKey('fragment', $parts);
parse_str($parts['fragment'], $params);
$this->assertArrayHasKey('state', $params);
$this->assertEquals($params['state'], 'test');
}
public function testSuccessfulRequestStripsExtraParameters()
{
$server = $this->getTestServer(array('allow_implicit' => true));
$request = new Request(array(
'client_id' => 'Test Client ID', // valid client id
'redirect_uri' => 'http://adobe.com?fake=something', // valid redirect URI
'response_type' => 'token', // valid response type
'state' => 'test', // valid state string (just needs to be passed back to us)
'fake' => 'something', // add extra param to querystring
));
$server->handleAuthorizeRequest($request, $response = new Response(), true);
$this->assertEquals($response->getStatusCode(), 302);
$this->assertNull($response->getParameter('error'));
$this->assertNull($response->getParameter('error_description'));
$location = $response->getHttpHeader('Location');
$parts = parse_url($location);
$this->assertFalse(isset($parts['fake']));
$this->assertArrayHasKey('fragment', $parts);
parse_str($parts['fragment'], $params);
$this->assertFalse(isset($parmas['fake']));
$this->assertArrayHasKey('state', $params);
$this->assertEquals($params['state'], 'test');
}
private function getTestServer($config = array())
{
$storage = Bootstrap::getInstance()->getMemoryStorage();
$server = new Server($storage, $config);
// Add the two types supported for authorization grant
$server->addGrantType(new AuthorizationCode($storage));
return $server;
}
}
Reference in New Issue View Git Blame Copy Permalink