<?php
namespace OAuth2\GrantType;
use OAuth2\Storage\Bootstrap;
use OAuth2\Server;
use OAuth2\Request\TestRequest;
use OAuth2\Request;
use OAuth2\Response;
use PHPUnit\Framework\TestCase;
class ClientCredentialsTest extends TestCase
{
public function testInvalidCredentials()
{
$server = $this->getTestServer();
$request = TestRequest::createPost(array(
'grant_type' => 'client_credentials', // valid grant type
'client_id' => 'Test Client ID', // valid client id
'client_secret' => 'FakeSecret', // valid client secret
));
$server->handleTokenRequest($request, $response = new Response());
$this->assertEquals($response->getStatusCode(), 400);
$this->assertEquals($response->getParameter('error'), 'invalid_client');
$this->assertEquals($response->getParameter('error_description'), 'The client credentials are invalid');
}
public function testValidCredentials()
{
$server = $this->getTestServer();
$request = TestRequest::createPost(array(
'grant_type' => 'client_credentials', // valid grant type
'client_id' => 'Test Client ID', // valid client id
'client_secret' => 'TestSecret', // valid client secret
));
$token = $server->grantAccessToken($request, new Response());
$this->assertNotNull($token);
$this->assertArrayHasKey('scope', $token);
$this->assertNull($token['scope']);
}
public function testValidCredentialsWithScope()
{
$server = $this->getTestServer();
$request = TestRequest::createPost(array(
'grant_type' => 'client_credentials', // valid grant type
'client_id' => 'Test Client ID', // valid client id
'client_secret' => 'TestSecret', // valid client secret
'scope' => 'scope1',
));
$token = $server->grantAccessToken($request, new Response());
$this->assertNotNull($token);
$this->assertArrayHasKey('access_token', $token);
$this->assertArrayHasKey('scope', $token);
$this->assertEquals($token['scope'], 'scope1');
}
public function testValidCredentialsInvalidScope()
{
$server = $this->getTestServer();
$request = TestRequest::createPost(array(
'grant_type' => 'client_credentials', // valid grant type
'client_id' => 'Test Client ID', // valid client id
'client_secret' => 'TestSecret', // valid client secret
'scope' => 'invalid-scope',
));
$token = $server->grantAccessToken($request, $response = new Response());
$this->assertEquals($response->getStatusCode(), 400);
$this->assertEquals($response->getParameter('error'), 'invalid_scope');
$this->assertEquals($response->getParameter('error_description'), 'An unsupported scope was requested');
}
public function testValidCredentialsInHeader()
{
// create with HTTP_AUTHORIZATION in header
$server = $this->getTestServer();
$headers = array('HTTP_AUTHORIZATION' => 'Basic '.base64_encode('Test Client ID:TestSecret'), 'REQUEST_METHOD' => 'POST');
$params = array('grant_type' => 'client_credentials');
$request = new Request(array(), $params, array(), array(), array(), $headers);
$token = $server->grantAccessToken($request, new Response());
$this->assertNotNull($token);
$this->assertArrayHasKey('access_token', $token);
$this->assertNotNull($token['access_token']);
// create using PHP Authorization Globals
$headers = array('PHP_AUTH_USER' => 'Test Client ID', 'PHP_AUTH_PW' => 'TestSecret', 'REQUEST_METHOD' => 'POST');
$params = array('grant_type' => 'client_credentials');
$request = new Request(array(), $params, array(), array(), array(), $headers);
$token = $server->grantAccessToken($request, new Response());
$this->assertNotNull($token);
$this->assertArrayHasKey('access_token', $token);
$this->assertNotNull($token['access_token']);
}
public function testValidCredentialsInRequest()
{
$server = $this->getTestServer();
$request = TestRequest::createPost(array(
'grant_type' => 'client_credentials', // valid grant type
'client_id' => 'Test Client ID', // valid client id
'client_secret' => 'TestSecret', // valid client secret
));
$token = $server->grantAccessToken($request, new Response());
$this->assertNotNull($token);
$this->assertArrayHasKey('access_token', $token);
$this->assertNotNull($token['access_token']);
}
public function testValidCredentialsInQuerystring()
{
$server = $this->getTestServer();
$request = TestRequest::createPost(array(
'grant_type' => 'client_credentials', // valid grant type
'client_id' => 'Test Client ID', // valid client id
'client_secret' => 'TestSecret', // valid client secret
));
$token = $server->grantAccessToken($request, new Response());
$this->assertNotNull($token);
$this->assertArrayHasKey('access_token', $token);
$this->assertNotNull($token['access_token']);
}
public function testClientUserIdIsSetInAccessToken()
{
$server = $this->getTestServer();
$request = TestRequest::createPost(array(
'grant_type' => 'client_credentials', // valid grant type
'client_id' => 'Client ID With User ID', // valid client id
'client_secret' => 'TestSecret', // valid client secret
));
$token = $server->grantAccessToken($request, new Response());
$this->assertNotNull($token);
$this->assertArrayHasKey('access_token', $token);
// verify the user_id was associated with the token
$storage = $server->getStorage('client');
$token = $storage->getAccessToken($token['access_token']);
$this->assertNotNull($token);
$this->assertArrayHasKey('user_id', $token);
$this->assertEquals($token['user_id'], 'brent@brentertainment.com');
}
private function getTestServer()
{
$storage = Bootstrap::getInstance()->getMemoryStorage();
$server = new Server($storage);
$server->addGrantType(new ClientCredentials($storage));
return $server;
}
}
