mmk2410
/
rangitaki
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
This repository has been archived on 2022-02-10. You can view files and clone it, but cannot push or open issues or pull requests.
rangitaki/vendor/bshaffer/oauth2-server-php/test/OAuth2/OpenID/Controller/AuthorizeControllerTest.php

183 lines
7.0 KiB
PHP
Raw Blame History

<?php
namespace OAuth2\OpenID\Controller;
use OAuth2\Storage\Bootstrap;
use OAuth2\Server;
use OAuth2\Request;
use OAuth2\Response;
class AuthorizeControllerTest extends \PHPUnit_Framework_TestCase
{
public function testValidateAuthorizeRequest()
{
$server = $this->getTestServer();
$response = new Response();
$request = new Request(array(
'client_id' => 'Test Client ID', // valid client id
'redirect_uri' => 'http://adobe.com', // valid redirect URI
'response_type' => 'id_token',
'state' => 'af0ifjsldkj',
'nonce' => 'n-0S6_WzA2Mj',
));
// Test valid id_token request
$server->handleAuthorizeRequest($request, $response, true);
$parts = parse_url($response->getHttpHeader('Location'));
parse_str($parts['fragment'], $query);
$this->assertEquals('n-0S6_WzA2Mj', $server->getAuthorizeController()->getNonce());
$this->assertEquals($query['state'], 'af0ifjsldkj');
$this->assertArrayHasKey('id_token', $query);
$this->assertArrayHasKey('state', $query);
$this->assertArrayNotHasKey('access_token', $query);
$this->assertArrayNotHasKey('expires_in', $query);
$this->assertArrayNotHasKey('token_type', $query);
// Test valid token id_token request
$request->query['response_type'] = 'id_token token';
$server->handleAuthorizeRequest($request, $response, true);
$parts = parse_url($response->getHttpHeader('Location'));
parse_str($parts['fragment'], $query);
$this->assertEquals('n-0S6_WzA2Mj', $server->getAuthorizeController()->getNonce());
$this->assertEquals($query['state'], 'af0ifjsldkj');
$this->assertArrayHasKey('access_token', $query);
$this->assertArrayHasKey('expires_in', $query);
$this->assertArrayHasKey('token_type', $query);
$this->assertArrayHasKey('state', $query);
$this->assertArrayHasKey('id_token', $query);
// assert that with multiple-valued response types, order does not matter
$request->query['response_type'] = 'token id_token';
$server->handleAuthorizeRequest($request, $response, true);
$parts = parse_url($response->getHttpHeader('Location'));
parse_str($parts['fragment'], $query);
$this->assertEquals('n-0S6_WzA2Mj', $server->getAuthorizeController()->getNonce());
$this->assertEquals($query['state'], 'af0ifjsldkj');
$this->assertArrayHasKey('access_token', $query);
$this->assertArrayHasKey('expires_in', $query);
$this->assertArrayHasKey('token_type', $query);
$this->assertArrayHasKey('state', $query);
$this->assertArrayHasKey('id_token', $query);
// assert that with multiple-valued response types with extra spaces do not matter
$request->query['response_type'] = ' token id_token ';
$server->handleAuthorizeRequest($request, $response, true);
$parts = parse_url($response->getHttpHeader('Location'));
parse_str($parts['fragment'], $query);
$this->assertEquals('n-0S6_WzA2Mj', $server->getAuthorizeController()->getNonce());
$this->assertEquals($query['state'], 'af0ifjsldkj');
$this->assertArrayHasKey('access_token', $query);
$this->assertArrayHasKey('expires_in', $query);
$this->assertArrayHasKey('token_type', $query);
$this->assertArrayHasKey('state', $query);
$this->assertArrayHasKey('id_token', $query);
}
public function testMissingNonce()
{
$server = $this->getTestServer();
$authorize = $server->getAuthorizeController();
$response = new Response();
$request = new Request(array(
'client_id' => 'Test Client ID', // valid client id
'redirect_uri' => 'http://adobe.com', // valid redirect URI
'response_type' => 'id_token',
'state' => 'xyz',
));
// Test missing nonce for 'id_token' response type
$server->handleAuthorizeRequest($request, $response, true);
$params = $response->getParameters();
$this->assertEquals($params['error'], 'invalid_nonce');
$this->assertEquals($params['error_description'], 'This application requires you specify a nonce parameter');
// Test missing nonce for 'id_token token' response type
$request->query['response_type'] = 'id_token token';
$server->handleAuthorizeRequest($request, $response, true);
$params = $response->getParameters();
$this->assertEquals($params['error'], 'invalid_nonce');
$this->assertEquals($params['error_description'], 'This application requires you specify a nonce parameter');
}
public function testNotGrantedApplication()
{
$server = $this->getTestServer();
$response = new Response();
$request = new Request(array(
'client_id' => 'Test Client ID', // valid client id
'redirect_uri' => 'http://adobe.com', // valid redirect URI
'response_type' => 'id_token',
'state' => 'af0ifjsldkj',
'nonce' => 'n-0S6_WzA2Mj',
));
// Test not approved application
$server->handleAuthorizeRequest($request, $response, false);
$params = $response->getParameters();
$this->assertEquals($params['error'], 'consent_required');
$this->assertEquals($params['error_description'], 'The user denied access to your application');
// Test not approved application with prompt parameter
$request->query['prompt'] = 'none';
$server->handleAuthorizeRequest($request, $response, false);
$params = $response->getParameters();
$this->assertEquals($params['error'], 'login_required');
$this->assertEquals($params['error_description'], 'The user must log in');
// Test not approved application with user_id set
$request->query['prompt'] = 'none';
$server->handleAuthorizeRequest($request, $response, false, 'some-user-id');
$params = $response->getParameters();
$this->assertEquals($params['error'], 'interaction_required');
$this->assertEquals($params['error_description'], 'The user must grant access to your application');
}
public function testNeedsIdToken()
{
$server = $this->getTestServer();
$authorize = $server->getAuthorizeController();
$this->assertTrue($authorize->needsIdToken('openid'));
$this->assertTrue($authorize->needsIdToken('openid profile'));
$this->assertFalse($authorize->needsIdToken(''));
$this->assertFalse($authorize->needsIdToken('some-scope'));
}
private function getTestServer($config = array())
{
$config += array(
'use_openid_connect' => true,
'issuer' => 'phpunit',
'allow_implicit' => true
);
$storage = Bootstrap::getInstance()->getMemoryStorage();
$server = new Server($storage, $config);
return $server;
}
}
Reference in New Issue View Git Blame Copy Permalink