Blame - mailcow/src/mailcow-dockerized/data/web/inc/lib/vendor/bshaffer/oauth2-server-php/test/OAuth2/GrantType/AuthorizationCodeTest.php - kubeia

blob: b2314ffc66755c25ef03ff12c40c5213c7f8207b [file] [log] [blame]

Matthias Andreas Benkard	b382b10	2021-01-02 15:32:21 +0100	[diff] [blame^]	1	<?php
				2
				3	namespace OAuth2\GrantType;
				4
				5	use OAuth2\Storage\Bootstrap;
				6	use OAuth2\Server;
				7	use OAuth2\Request\TestRequest;
				8	use OAuth2\Response;
				9	use PHPUnit\Framework\TestCase;
				10
				11	class AuthorizationCodeTest extends TestCase
				12	{
				13	public function testNoCode()
				14	{
				15	$server = $this->getTestServer();
				16	$request = TestRequest::createPost(array(
				17	'grant_type' => 'authorization_code', // valid grant type
				18	'client_id' => 'Test Client ID', // valid client id
				19	'client_secret' => 'TestSecret', // valid client secret
				20	));
				21	$server->handleTokenRequest($request, $response = new Response());
				22
				23	$this->assertEquals($response->getStatusCode(), 400);
				24	$this->assertEquals($response->getParameter('error'), 'invalid_request');
				25	$this->assertEquals($response->getParameter('error_description'), 'Missing parameter: "code" is required');
				26	}
				27
				28	public function testInvalidCode()
				29	{
				30	$server = $this->getTestServer();
				31	$request = TestRequest::createPost(array(
				32	'grant_type' => 'authorization_code', // valid grant type
				33	'client_id' => 'Test Client ID', // valid client id
				34	'client_secret' => 'TestSecret', // valid client secret
				35	'code' => 'InvalidCode', // invalid authorization code
				36	));
				37	$server->handleTokenRequest($request, $response = new Response());
				38
				39	$this->assertEquals($response->getStatusCode(), 400);
				40	$this->assertEquals($response->getParameter('error'), 'invalid_grant');
				41	$this->assertEquals($response->getParameter('error_description'), 'Authorization code doesn\'t exist or is invalid for the client');
				42	}
				43
				44	public function testCodeCannotBeUsedTwice()
				45	{
				46	$server = $this->getTestServer();
				47	$request = TestRequest::createPost(array(
				48	'grant_type' => 'authorization_code', // valid grant type
				49	'client_id' => 'Test Client ID', // valid client id
				50	'client_secret' => 'TestSecret', // valid client secret
				51	'code' => 'testcode', // valid code
				52	));
				53	$server->handleTokenRequest($request, $response = new Response());
				54
				55	$this->assertEquals($response->getStatusCode(), 200);
				56	$this->assertNotNull($response->getParameter('access_token'));
				57
				58	// try to use the same code again
				59	$server->handleTokenRequest($request, $response = new Response());
				60
				61	$this->assertEquals($response->getStatusCode(), 400);
				62	$this->assertEquals($response->getParameter('error'), 'invalid_grant');
				63	$this->assertEquals($response->getParameter('error_description'), 'Authorization code doesn\'t exist or is invalid for the client');
				64	}
				65
				66	public function testExpiredCode()
				67	{
				68	$server = $this->getTestServer();
				69	$request = TestRequest::createPost(array(
				70	'grant_type' => 'authorization_code', // valid grant type
				71	'client_id' => 'Test Client ID', // valid client id
				72	'client_secret' => 'TestSecret', // valid client secret
				73	'code' => 'testcode-expired', // expired authorization code
				74	));
				75	$server->handleTokenRequest($request, $response = new Response());
				76
				77	$this->assertEquals($response->getStatusCode(), 400);
				78	$this->assertEquals($response->getParameter('error'), 'invalid_grant');
				79	$this->assertEquals($response->getParameter('error_description'), 'The authorization code has expired');
				80	}
				81
				82	public function testValidCode()
				83	{
				84	$server = $this->getTestServer();
				85	$request = TestRequest::createPost(array(
				86	'grant_type' => 'authorization_code', // valid grant type
				87	'client_id' => 'Test Client ID', // valid client id
				88	'client_secret' => 'TestSecret', // valid client secret
				89	'code' => 'testcode', // valid code
				90	));
				91	$token = $server->grantAccessToken($request, new Response());
				92
				93	$this->assertNotNull($token);
				94	$this->assertArrayHasKey('access_token', $token);
				95	}
				96
				97	public function testValidRedirectUri()
				98	{
				99	$server = $this->getTestServer();
				100	$request = TestRequest::createPost(array(
				101	'grant_type' => 'authorization_code', // valid grant type
				102	'client_id' => 'Test Client ID', // valid client id
				103	'redirect_uri' => 'http://brentertainment.com/voil%C3%A0', // valid client id
				104	'client_secret' => 'TestSecret', // valid client secret
				105	'code' => 'testcode-redirect-uri', // valid code
				106	));
				107	$token = $server->grantAccessToken($request, new Response());
				108
				109	$this->assertNotNull($token);
				110	$this->assertArrayHasKey('access_token', $token);
				111	}
				112
				113	public function testValidCodeNoScope()
				114	{
				115	$server = $this->getTestServer();
				116	$request = TestRequest::createPost(array(
				117	'grant_type' => 'authorization_code', // valid grant type
				118	'client_id' => 'Test Client ID', // valid client id
				119	'client_secret' => 'TestSecret', // valid client secret
				120	'code' => 'testcode-with-scope', // valid code
				121	));
				122	$token = $server->grantAccessToken($request, new Response());
				123
				124	$this->assertNotNull($token);
				125	$this->assertArrayHasKey('access_token', $token);
				126	$this->assertArrayHasKey('scope', $token);
				127	$this->assertEquals($token['scope'], 'scope1 scope2');
				128	}
				129
				130	public function testValidCodeSameScope()
				131	{
				132	$server = $this->getTestServer();
				133	$request = TestRequest::createPost(array(
				134	'grant_type' => 'authorization_code', // valid grant type
				135	'client_id' => 'Test Client ID', // valid client id
				136	'client_secret' => 'TestSecret', // valid client secret
				137	'code' => 'testcode-with-scope', // valid code
				138	'scope' => 'scope2 scope1',
				139	));
				140	$token = $server->grantAccessToken($request, new Response());
				141
				142	$this->assertNotNull($token);
				143	$this->assertArrayHasKey('access_token', $token);
				144	$this->assertArrayHasKey('scope', $token);
				145	$this->assertEquals($token['scope'], 'scope2 scope1');
				146	}
				147
				148	public function testValidCodeLessScope()
				149	{
				150	$server = $this->getTestServer();
				151	$request = TestRequest::createPost(array(
				152	'grant_type' => 'authorization_code', // valid grant type
				153	'client_id' => 'Test Client ID', // valid client id
				154	'client_secret' => 'TestSecret', // valid client secret
				155	'code' => 'testcode-with-scope', // valid code
				156	'scope' => 'scope1',
				157	));
				158	$token = $server->grantAccessToken($request, new Response());
				159
				160	$this->assertNotNull($token);
				161	$this->assertArrayHasKey('access_token', $token);
				162	$this->assertArrayHasKey('scope', $token);
				163	$this->assertEquals($token['scope'], 'scope1');
				164	}
				165
				166	public function testValidCodeDifferentScope()
				167	{
				168	$server = $this->getTestServer();
				169	$request = TestRequest::createPost(array(
				170	'grant_type' => 'authorization_code', // valid grant type
				171	'client_id' => 'Test Client ID', // valid client id
				172	'client_secret' => 'TestSecret', // valid client secret
				173	'code' => 'testcode-with-scope', // valid code
				174	'scope' => 'scope3',
				175	));
				176	$token = $server->grantAccessToken($request, $response = new Response());
				177
				178	$this->assertEquals($response->getStatusCode(), 400);
				179	$this->assertEquals($response->getParameter('error'), 'invalid_scope');
				180	$this->assertEquals($response->getParameter('error_description'), 'The scope requested is invalid for this request');
				181	}
				182
				183	public function testValidCodeInvalidScope()
				184	{
				185	$server = $this->getTestServer();
				186	$request = TestRequest::createPost(array(
				187	'grant_type' => 'authorization_code', // valid grant type
				188	'client_id' => 'Test Client ID', // valid client id
				189	'client_secret' => 'TestSecret', // valid client secret
				190	'code' => 'testcode-with-scope', // valid code
				191	'scope' => 'invalid-scope',
				192	));
				193	$token = $server->grantAccessToken($request, $response = new Response());
				194
				195	$this->assertEquals($response->getStatusCode(), 400);
				196	$this->assertEquals($response->getParameter('error'), 'invalid_scope');
				197	$this->assertEquals($response->getParameter('error_description'), 'The scope requested is invalid for this request');
				198	}
				199
				200	public function testValidClientDifferentCode()
				201	{
				202	$server = $this->getTestServer();
				203	$request = TestRequest::createPost(array(
				204	'grant_type' => 'authorization_code', // valid grant type
				205	'client_id' => 'Test Some Other Client', // valid client id
				206	'client_secret' => 'TestSecret3', // valid client secret
				207	'code' => 'testcode', // valid code
				208	));
				209	$token = $server->grantAccessToken($request, $response = new Response());
				210
				211	$this->assertEquals($response->getStatusCode(), 400);
				212	$this->assertEquals($response->getParameter('error'), 'invalid_grant');
				213	$this->assertEquals($response->getParameter('error_description'), 'authorization_code doesn\'t exist or is invalid for the client');
				214	}
				215
				216	private function getTestServer()
				217	{
				218	$storage = Bootstrap::getInstance()->getMemoryStorage();
				219	$server = new Server($storage);
				220	$server->addGrantType(new AuthorizationCode($storage));
				221
				222	return $server;
				223	}
				224	}