aboutsummaryrefslogblamecommitdiffstats
path: root/vendor/bshaffer/oauth2-server-php/test/OAuth2/ServerTest.php
blob: fab526a6ff1c11bc31805354033f7d537b582412 (plain) (tree)
1
2
3
4
5
6
7
8
9






                                          
                               
                                                        
 
                                 
 

                           

                                                                                  
                                                                        




                                          

                                                                                       
                                                                             

                                                    
                                                                                 






                                                                                           

                                                                                                







                                                                                                 

                                                                                                      



                                                                


                                                                                                     
                                                        
                               

                                                                                      







                                                                                      

                                                                                      







                                                                                            

                                                                                            



                                                                

                                                                               
                                                     



                                      

                                                                                         
                                                                                   
                               
                                                                                          


                                      

                                                                                   
                                                                             
                               
                                                                                            





                                                                                      

                                                                                            





                                                                                                      


                                                                                            


                                      

                                                                                      
                                                                             






                                                                     
                                                                                      


                                         

                                                       
                                                                             



                                             

                                                     
                                                      
                               
                                                                                                             

     

                                                                       
                                                                                   
                               
                                                                                                            




                                                                  
                                                                                        














                                                                                    
                                                             









                                                                        
                                                             














                                                                        
                                                             

















                                                                                  
                                                             










                                                                                
                                                       
 
                                                             












                                                                        
                                                              























































                                                                                    
                                                                                                            































































































                                                                                                                                          

                                                                  
                                                                                        
                               
                                                                                                 

     

                                                                                    
                                                                           
                                                                              


                                                                                            





                                                                                    
                                                                         





                                                                                                        

                                                                                              

                                                                         



                                                                                     

                                                                                          

                                                                         





                                                                                          

                                                                         





                                                                                                                        

                                                                            

                                                                      




                                                                           

                                                                           


                                                                                     




                                                                                               

                                                                        



                                                                                     






                                                                                                        


                                                                                     










                                                                                                                     

                                                                                               



                                                                                     










                                                                                        


                                                                                     














                                                                                                                                



                                                                                     













                                                                                                                                



                                                                                     





                                                                         
                                                                               







                                                                                                                                

                                                                                       




                                                                                     
 
                                                                                      











                                                                                                                          




                                                                                          












                                                                                                                          
                                                                                              









                                                                                       
                                                                                                                                       







                                                                    
                                                                                                                                             







                                                      
                                                                                                                                           




                                                                    
<?php

namespace OAuth2;

use OAuth2\Request\TestRequest;
use OAuth2\ResponseType\AuthorizationCode;
use OAuth2\Storage\Bootstrap;
use PHPUnit\Framework\TestCase;
use Yoast\PHPUnitPolyfills\Polyfills\ExpectPHPException;

class ServerTest extends TestCase
{
    use ExpectPHPException;

    public function testGetAuthorizeControllerWithNoClientStorageThrowsException()
    {
        $this->expectExceptionMessage('OAuth2\Storage\ClientInterface');
        // must set Client Storage
        $server = new Server();
        $server->getAuthorizeController();
    }

    public function testGetAuthorizeControllerWithNoAccessTokenStorageThrowsException()
    {
        $this->expectExceptionMessage('OAuth2\Storage\AccessTokenInterface');
        // must set AccessToken or AuthorizationCode
        $server = new Server();
        $server->addStorage($this->createMock('OAuth2\Storage\ClientInterface'));
        $server->getAuthorizeController();
    }

    public function testGetAuthorizeControllerWithClientStorageAndAccessTokenResponseType()
    {
        // must set AccessToken or AuthorizationCode
        $server = new Server();
        $server->addStorage($this->createMock('OAuth2\Storage\ClientInterface'));
        $server->addResponseType($this->createMock('OAuth2\ResponseType\AccessTokenInterface'));

        $this->assertNotNull($server->getAuthorizeController());
    }

    public function testGetAuthorizeControllerWithClientStorageAndAuthorizationCodeResponseType()
    {
        // must set AccessToken or AuthorizationCode
        $server = new Server();
        $server->addStorage($this->createMock('OAuth2\Storage\ClientInterface'));
        $server->addResponseType($this->createMock('OAuth2\ResponseType\AuthorizationCodeInterface'));

        $this->assertNotNull($server->getAuthorizeController());
    }

    public function testGetAuthorizeControllerWithClientStorageAndAccessTokenStorageThrowsException()
    {
        // must set AuthorizationCode or AccessToken / implicit
        $this->expectExceptionMessage('allow_implicit');
        $server = new Server();
        $server->addStorage($this->createMock('OAuth2\Storage\ClientInterface'));
        $server->addStorage($this->createMock('OAuth2\Storage\AccessTokenInterface'));

        $this->assertNotNull($server->getAuthorizeController());
    }

    public function testGetAuthorizeControllerWithClientStorageAndAccessTokenStorage()
    {
        // must set AuthorizationCode or AccessToken / implicit
        $server = new Server(array(), array('allow_implicit' => true));
        $server->addStorage($this->createMock('OAuth2\Storage\ClientInterface'));
        $server->addStorage($this->createMock('OAuth2\Storage\AccessTokenInterface'));

        $this->assertNotNull($server->getAuthorizeController());
    }

    public function testGetAuthorizeControllerWithClientStorageAndAuthorizationCodeStorage()
    {
        // must set AccessToken or AuthorizationCode
        $server = new Server();
        $server->addStorage($this->createMock('OAuth2\Storage\ClientInterface'));
        $server->addStorage($this->createMock('OAuth2\Storage\AuthorizationCodeInterface'));

        $this->assertNotNull($server->getAuthorizeController());
    }

    public function testGetTokenControllerWithGrantTypeStorageThrowsException()
    {
        $this->expectExceptionMessage('grant_types');
        $server = new Server();
        $server->getTokenController();
    }

    public function testGetTokenControllerWithNoClientCredentialsStorageThrowsException()
    {
        $this->expectExceptionMessage('OAuth2\Storage\ClientCredentialsInterface');
        $server = new Server();
        $server->addStorage($this->createMock('OAuth2\Storage\UserCredentialsInterface'));
        $server->getTokenController();
    }

    public function testGetTokenControllerWithNoAccessTokenStorageThrowsException()
    {
        $this->expectExceptionMessage('OAuth2\Storage\AccessTokenInterface');
        $server = new Server();
        $server->addStorage($this->createMock('OAuth2\Storage\ClientCredentialsInterface'));
        $server->getTokenController();
    }

    public function testGetTokenControllerWithAccessTokenAndClientCredentialsStorage()
    {
        $server = new Server();
        $server->addStorage($this->createMock('OAuth2\Storage\AccessTokenInterface'));
        $server->addStorage($this->createMock('OAuth2\Storage\ClientCredentialsInterface'));
        $server->getTokenController();
    }

    public function testGetTokenControllerAccessTokenStorageAndClientCredentialsStorageAndGrantTypes()
    {
        $server = new Server();
        $server->addStorage($this->createMock('OAuth2\Storage\AccessTokenInterface'));
        $server->addStorage($this->createMock('OAuth2\Storage\ClientCredentialsInterface'));
        $server->addGrantType($this->createMock('OAuth2\GrantType\AuthorizationCode'));
        $server->getTokenController();
    }

    public function testGetResourceControllerWithNoAccessTokenStorageThrowsException()
    {
        $this->expectExceptionMessage('OAuth2\Storage\AccessTokenInterface');
        $server = new Server();
        $server->getResourceController();
    }

    public function testGetResourceControllerWithAccessTokenStorage()
    {
        $server = new Server();
        $server->addStorage($this->createMock('OAuth2\Storage\AccessTokenInterface'));
        $server->getResourceController();
    }

    public function testAddingStorageWithInvalidClass()
    {
        $this->expectExceptionMessage('OAuth2\Storage\AccessTokenInterface');
        $server = new Server();
        $server->addStorage(new \StdClass());
    }

    public function testAddingStorageWithInvalidKey()
    {
        $this->expectExceptionMessage('access_token');
        $server = new Server();
        $server->addStorage($this->createMock('OAuth2\Storage\AccessTokenInterface'), 'nonexistant_storage');
    }

    public function testAddingStorageWithInvalidKeyStorageCombination()
    {
        $this->expectExceptionMessage('OAuth2\Storage\AuthorizationCodeInterface');
        $server = new Server();
        $server->addStorage($this->createMock('OAuth2\Storage\AccessTokenInterface'), 'authorization_code');
    }

    public function testAddingStorageWithValidKeyOnlySetsThatKey()
    {
        $server = new Server();
        $server->addStorage($this->createMock('OAuth2\Storage\Memory'), 'access_token');

        $reflection = new \ReflectionClass($server);
        $prop = $reflection->getProperty('storages');
        $prop->setAccessible(true);

        $storages = $prop->getValue($server); // get the private "storages" property

        $this->assertEquals(1, count($storages));
        $this->assertTrue(isset($storages['access_token']));
        $this->assertFalse(isset($storages['authorization_code']));
    }

    public function testAddingClientStorageSetsClientCredentialsStorageByDefault()
    {
        $server = new Server();
        $memory = $this->createMock('OAuth2\Storage\Memory');
        $server->addStorage($memory, 'client');

        $client_credentials = $server->getStorage('client_credentials');

        $this->assertNotNull($client_credentials);
        $this->assertEquals($client_credentials, $memory);
    }

    public function testAddStorageWithNullValue()
    {
        $memory = $this->createMock('OAuth2\Storage\Memory');
        $server = new Server($memory);
        $server->addStorage(null, 'refresh_token');

        $client_credentials = $server->getStorage('client_credentials');

        $this->assertNotNull($client_credentials);
        $this->assertEquals($client_credentials, $memory);

        $refresh_token = $server->getStorage('refresh_token');

        $this->assertNull($refresh_token);
    }

    public function testNewServerWithNullStorageValue()
    {
        $memory = $this->createMock('OAuth2\Storage\Memory');
        $server = new Server(array(
            'client_credentials' => $memory,
            'refresh_token'      => null,
        ));

        $client_credentials = $server->getStorage('client_credentials');

        $this->assertNotNull($client_credentials);
        $this->assertEquals($client_credentials, $memory);

        $refresh_token = $server->getStorage('refresh_token');

        $this->assertNull($refresh_token);
    }

    public function testAddingClientCredentialsStorageSetsClientStorageByDefault()
    {
        $server = new Server();
        $memory = $this->createMock('OAuth2\Storage\Memory');
        $server->addStorage($memory, 'client_credentials');

        $client = $server->getStorage('client');

        $this->assertNotNull($client);
        $this->assertEquals($client, $memory);
    }

    public function testSettingClientStorageByDefaultDoesNotOverrideSetStorage()
    {
        $server = new Server();
        $pdo = $this->createMock('OAuth2\Storage\Pdo');

        $memory = $this->createMock('OAuth2\Storage\Memory');

        $server->addStorage($pdo, 'client');
        $server->addStorage($memory, 'client_credentials');

        $client = $server->getStorage('client');
        $client_credentials = $server->getStorage('client_credentials');

        $this->assertEquals($client, $pdo);
        $this->assertEquals($client_credentials, $memory);
    }

    public function testAddingResponseType()
    {
        $storage = $this->createMock('OAuth2\Storage\Memory');
        $storage
          ->expects($this->any())
          ->method('getClientDetails')
          ->will($this->returnValue(array('client_id' => 'some_client')));
        $storage
          ->expects($this->any())
          ->method('checkRestrictedGrantType')
          ->will($this->returnValue(true));

        // add with the "code" key explicitly set
        $codeType = new AuthorizationCode($storage);
        $server = new Server();
        $server->addStorage($storage);
        $server->addResponseType($codeType);
        $request = new Request(array(
            'response_type' => 'code',
            'client_id' => 'some_client',
            'redirect_uri' => 'http://example.com',
            'state' => 'xyx',
        ));
        $server->handleAuthorizeRequest($request, $response = new Response(), true);

        // the response is successful
        $this->assertEquals($response->getStatusCode(), 302);
        $parts = parse_url($response->getHttpHeader('Location'));
        parse_str($parts['query'], $query);
        $this->assertTrue(isset($query['code']));
        $this->assertFalse(isset($query['error']));

        // add with the "code" key not set
        $codeType = new AuthorizationCode($storage);
        $server = new Server(array($storage), array(), array(), array($codeType));
        $request = new Request(array(
            'response_type' => 'code',
            'client_id' => 'some_client',
            'redirect_uri' => 'http://example.com',
            'state' => 'xyx',
        ));
        $server->handleAuthorizeRequest($request, $response = new Response(), true);

        // the response is successful
        $this->assertEquals($response->getStatusCode(), 302);
        $parts = parse_url($response->getHttpHeader('Location'));
        parse_str($parts['query'], $query);
        $this->assertTrue(isset($query['code']));
        $this->assertFalse(isset($query['error']));
    }

    public function testCustomClientAssertionType()
    {
        $request = TestRequest::createPost(array(
            'grant_type' => 'authorization_code',
            'client_id' =>'Test Client ID',
            'code' => 'testcode',
        ));
        // verify the mock clientAssertionType was called as expected
        $clientAssertionType = $this->createMock('OAuth2\ClientAssertionType\ClientAssertionTypeInterface');
        $clientAssertionType
            ->expects($this->once())
            ->method('validateRequest')
            ->will($this->returnValue(true));
        $clientAssertionType
            ->expects($this->once())
            ->method('getClientId')
            ->will($this->returnValue('Test Client ID'));

        // create mock storage
        $storage = Bootstrap::getInstance()->getMemoryStorage();
        $server = new Server(array($storage), array(), array(), array(), null, null, $clientAssertionType);
        $server->handleTokenRequest($request, $response = new Response());
    }

    public function testHttpBasicConfig()
    {
        // create mock storage
        $storage = Bootstrap::getInstance()->getMemoryStorage();
        $server = new Server(array($storage), array(
            'allow_credentials_in_request_body' => false,
            'allow_public_clients' => false
        ));
        $server->getTokenController();
        $httpBasic = $server->getClientAssertionType();

        $reflection = new \ReflectionClass($httpBasic);
        $prop = $reflection->getProperty('config');
        $prop->setAccessible(true);

        $config = $prop->getValue($httpBasic); // get the private "config" property

        $this->assertEquals($config['allow_credentials_in_request_body'], false);
        $this->assertEquals($config['allow_public_clients'], false);
    }

    public function testRefreshTokenConfig()
    {
        // create mock storage
        $storage = Bootstrap::getInstance()->getMemoryStorage();
        $server1 = new Server(array($storage));
        $server2 = new Server(array($storage), array('always_issue_new_refresh_token' => true, 'unset_refresh_token_after_use' => false));

        $server1->getTokenController();
        $refreshToken1 = $server1->getGrantType('refresh_token');

        $server2->getTokenController();
        $refreshToken2 = $server2->getGrantType('refresh_token');

        $reflection1 = new \ReflectionClass($refreshToken1);
        $prop1 = $reflection1->getProperty('config');
        $prop1->setAccessible(true);

        $reflection2 = new \ReflectionClass($refreshToken2);
        $prop2 = $reflection2->getProperty('config');
        $prop2->setAccessible(true);

        // get the private "config" property
        $config1 = $prop1->getValue($refreshToken1);
        $config2 = $prop2->getValue($refreshToken2);

        $this->assertEquals($config1['always_issue_new_refresh_token'], false);
        $this->assertEquals($config2['always_issue_new_refresh_token'], true);

        $this->assertEquals($config1['unset_refresh_token_after_use'], true);
        $this->assertEquals($config2['unset_refresh_token_after_use'], false);
    }

    /**
     * Test setting "always_issue_new_refresh_token" on a server level
     *
     * @see test/OAuth2/GrantType/RefreshTokenTest::testValidRefreshTokenWithNewRefreshTokenInResponse
     **/
    public function testValidRefreshTokenWithNewRefreshTokenInResponse()
    {
        $storage = Bootstrap::getInstance()->getMemoryStorage();
        $server = new Server($storage, array('always_issue_new_refresh_token' => true));

        $request = TestRequest::createPost(array(
            'grant_type' => 'refresh_token', // valid grant type
            'client_id' => 'Test Client ID', // valid client id
            'client_secret' => 'TestSecret', // valid client secret
            'refresh_token' => 'test-refreshtoken', // valid refresh token
        ));
        $token = $server->grantAccessToken($request, new Response());
        $this->assertTrue(isset($token['refresh_token']), 'refresh token should always refresh');

        $refresh_token = $storage->getRefreshToken($token['refresh_token']);
        $this->assertNotNull($refresh_token);
        $this->assertEquals($refresh_token['refresh_token'], $token['refresh_token']);
        $this->assertEquals($refresh_token['client_id'], $request->request('client_id'));
        $this->assertTrue($token['refresh_token'] != 'test-refreshtoken', 'the refresh token returned is not the one used');
        $used_token = $storage->getRefreshToken('test-refreshtoken');
        $this->assertFalse($used_token, 'the refresh token used is no longer valid');
    }

    public function testAddingUnknownResponseTypeThrowsException()
    {
        $this->expectExceptionMessage('OAuth2\ResponseType\AuthorizationCodeInterface');
        $server = new Server();
        $server->addResponseType($this->createMock('OAuth2\ResponseType\ResponseTypeInterface'));
    }

    public function testUsingJwtAccessTokensWithoutPublicKeyStorageThrowsException()
    {
        $this->expectExceptionMessage('OAuth2\Storage\PublicKeyInterface');
        $server = new Server(array(), array('use_jwt_access_tokens' => true));
        $server->addGrantType($this->createMock('OAuth2\GrantType\GrantTypeInterface'));
        $server->addStorage($this->createMock('OAuth2\Storage\ClientCredentialsInterface'));
        $server->addStorage($this->createMock('OAuth2\Storage\ClientCredentialsInterface'));

        $server->getTokenController();
    }

    public function testUsingJustJwtAccessTokenStorageWithResourceControllerIsOkay()
    {
        $pubkey = $this->createMock('OAuth2\Storage\PublicKeyInterface');
        $server = new Server(array($pubkey), array('use_jwt_access_tokens' => true));

        $this->assertNotNull($server->getResourceController());
        $this->assertInstanceOf('OAuth2\Storage\PublicKeyInterface', $server->getStorage('public_key'));
    }

    public function testUsingJustJwtAccessTokenStorageWithAuthorizeControllerThrowsException()
    {
        $this->expectExceptionMessage('OAuth2\Storage\ClientInterface');
        $pubkey = $this->createMock('OAuth2\Storage\PublicKeyInterface');
        $server = new Server(array($pubkey), array('use_jwt_access_tokens' => true));
        $this->assertNotNull($server->getAuthorizeController());
    }

    public function testUsingJustJwtAccessTokenStorageWithTokenControllerThrowsException()
    {
        $this->expectExceptionMessage('grant_types');
        $pubkey = $this->createMock('OAuth2\Storage\PublicKeyInterface');
        $server = new Server(array($pubkey), array('use_jwt_access_tokens' => true));
        $server->getTokenController();
    }

    public function testUsingJwtAccessTokenAndClientStorageWithAuthorizeControllerIsOkay()
    {
        $pubkey = $this->createMock('OAuth2\Storage\PublicKeyInterface');
        $client = $this->createMock('OAuth2\Storage\ClientInterface');
        $server = new Server(array($pubkey, $client), array('use_jwt_access_tokens' => true, 'allow_implicit' => true));
        $this->assertNotNull($server->getAuthorizeController());

        $this->assertInstanceOf('OAuth2\ResponseType\JwtAccessToken', $server->getResponseType('token'));
    }

    public function testUsingOpenIDConnectWithoutUserClaimsThrowsException()
    {
        $this->expectExceptionMessage('UserClaims');
        $client = $this->createMock('OAuth2\Storage\ClientInterface');
        $server = new Server($client, array('use_openid_connect' => true));

        $server->getAuthorizeController();
    }

    public function testUsingOpenIDConnectWithoutPublicKeyThrowsException()
    {
        $this->expectExceptionMessage('PublicKeyInterface');
        $client = $this->createMock('OAuth2\Storage\ClientInterface');
        $userclaims = $this->createMock('OAuth2\OPenID\Storage\UserClaimsInterface');
        $server = new Server(array($client, $userclaims), array('use_openid_connect' => true));

        $server->getAuthorizeController();
    }

    public function testUsingOpenIDConnectWithoutIssuerThrowsException()
    {
        $this->expectExceptionMessage('issuer');
        $client = $this->createMock('OAuth2\Storage\ClientInterface');
        $userclaims = $this->createMock('OAuth2\OpenID\Storage\UserClaimsInterface');
        $pubkey = $this->createMock('OAuth2\Storage\PublicKeyInterface');
        $server = new Server(array($client, $userclaims, $pubkey), array('use_openid_connect' => true));

        $server->getAuthorizeController();
    }

    public function testUsingOpenIDConnectWithIssuerPublicKeyAndUserClaimsIsOkay()
    {
        $client = $this->createMock('OAuth2\Storage\ClientInterface');
        $userclaims = $this->createMock('OAuth2\OpenID\Storage\UserClaimsInterface');
        $pubkey = $this->createMock('OAuth2\Storage\PublicKeyInterface');
        $server = new Server(array($client, $userclaims, $pubkey), array(
            'use_openid_connect' => true,
            'issuer' => 'someguy',
        ));

        $server->getAuthorizeController();

        $this->assertInstanceOf('OAuth2\OpenID\ResponseType\IdTokenInterface', $server->getResponseType('id_token'));
        $this->assertNull($server->getResponseType('id_token token'));
    }

    public function testUsingOpenIDConnectWithAllowImplicitWithoutTokenStorageThrowsException()
    {
        $this->expectErrorMessage('OAuth2\ResponseType\AccessTokenInterface');
        $client = $this->createMock('OAuth2\Storage\ClientInterface');
        $userclaims = $this->createMock('OAuth2\OpenID\Storage\UserClaimsInterface');
        $pubkey = $this->createMock('OAuth2\Storage\PublicKeyInterface');
        $server = new Server(array($client, $userclaims, $pubkey), array(
            'use_openid_connect' => true,
            'issuer' => 'someguy',
            'allow_implicit' => true,
        ));

        $server->getAuthorizeController();
    }

    public function testUsingOpenIDConnectWithAllowImplicitAndUseJwtAccessTokensIsOkay()
    {
        $client = $this->createMock('OAuth2\Storage\ClientInterface');
        $userclaims = $this->createMock('OAuth2\OpenID\Storage\UserClaimsInterface');
        $pubkey = $this->createMock('OAuth2\Storage\PublicKeyInterface');
        $server = new Server(array($client, $userclaims, $pubkey), array(
            'use_openid_connect' => true,
            'issuer' => 'someguy',
            'allow_implicit' => true,
            'use_jwt_access_tokens' => true,
        ));

        $server->getAuthorizeController();

        $this->assertInstanceOf('OAuth2\OpenID\ResponseType\IdTokenInterface', $server->getResponseType('id_token'));
        $this->assertInstanceOf('OAuth2\OpenID\ResponseType\IdTokenTokenInterface', $server->getResponseType('id_token token'));
    }

    public function testUsingOpenIDConnectWithAllowImplicitAndAccessTokenStorageIsOkay()
    {
        $client = $this->createMock('OAuth2\Storage\ClientInterface');
        $userclaims = $this->createMock('OAuth2\OpenID\Storage\UserClaimsInterface');
        $pubkey = $this->createMock('OAuth2\Storage\PublicKeyInterface');
        $token = $this->createMock('OAuth2\Storage\AccessTokenInterface');
        $server = new Server(array($client, $userclaims, $pubkey, $token), array(
            'use_openid_connect' => true,
            'issuer' => 'someguy',
            'allow_implicit' => true,
        ));

        $server->getAuthorizeController();

        $this->assertInstanceOf('OAuth2\OpenID\ResponseType\IdTokenInterface', $server->getResponseType('id_token'));
        $this->assertInstanceOf('OAuth2\OpenID\ResponseType\IdTokenTokenInterface', $server->getResponseType('id_token token'));
    }

    public function testUsingOpenIDConnectWithAllowImplicitAndAccessTokenResponseTypeIsOkay()
    {
        $client = $this->createMock('OAuth2\Storage\ClientInterface');
        $userclaims = $this->createMock('OAuth2\OpenID\Storage\UserClaimsInterface');
        $pubkey = $this->createMock('OAuth2\Storage\PublicKeyInterface');
        // $token = $this->createMock('OAuth2\Storage\AccessTokenInterface');
        $server = new Server(array($client, $userclaims, $pubkey), array(
            'use_openid_connect' => true,
            'issuer' => 'someguy',
            'allow_implicit' => true,
        ));

        $token = $this->createMock('OAuth2\ResponseType\AccessTokenInterface');
        $server->addResponseType($token, 'token');

        $server->getAuthorizeController();

        $this->assertInstanceOf('OAuth2\OpenID\ResponseType\IdTokenInterface', $server->getResponseType('id_token'));
        $this->assertInstanceOf('OAuth2\OpenID\ResponseType\IdTokenTokenInterface', $server->getResponseType('id_token token'));
    }

    public function testUsingOpenIDConnectWithAuthorizationCodeStorageThrowsException()
    {
        $client = $this->createMock('OAuth2\Storage\ClientCredentialsInterface');
        $userclaims = $this->createMock('OAuth2\OpenID\Storage\UserClaimsInterface');
        $pubkey = $this->createMock('OAuth2\Storage\PublicKeyInterface');
        $token = $this->createMock('OAuth2\Storage\AccessTokenInterface');
        $authcode = $this->createMock('OAuth2\Storage\AuthorizationCodeInterface');

        $this->expectErrorMessage('OAuth2\OpenID\Storage\AuthorizationCodeInterface');
        $server = new Server(array($client, $userclaims, $pubkey, $token, $authcode), array(
            'use_openid_connect' => true,
            'issuer' => 'someguy'
        ));

        $server->getTokenController();

        $this->assertInstanceOf('OAuth2\OpenID\GrantType\AuthorizationCode', $server->getGrantType('authorization_code'));
    }

    public function testUsingOpenIDConnectWithOpenIDAuthorizationCodeStorageCreatesOpenIDAuthorizationCodeGrantType()
    {
        $client = $this->createMock('OAuth2\Storage\ClientCredentialsInterface');
        $userclaims = $this->createMock('OAuth2\OpenID\Storage\UserClaimsInterface');
        $pubkey = $this->createMock('OAuth2\Storage\PublicKeyInterface');
        $token = $this->createMock('OAuth2\Storage\AccessTokenInterface');
        $authcode = $this->createMock('OAuth2\OpenID\Storage\AuthorizationCodeInterface');

        $server = new Server(array($client, $userclaims, $pubkey, $token, $authcode), array(
            'use_openid_connect' => true,
            'issuer' => 'someguy'
        ));

        $server->getTokenController();

        $this->assertInstanceOf('OAuth2\OpenID\GrantType\AuthorizationCode', $server->getGrantType('authorization_code'));
    }

    public function testMultipleValuedResponseTypeOrderDoesntMatter()
    {
        $responseType = $this->createMock('OAuth2\OpenID\ResponseType\IdTokenTokenInterface');
        $server = new Server(array(), array(), array(), array(
            'token id_token' => $responseType,
        ));

        $this->assertEquals($responseType, $server->getResponseType('id_token token'));
    }

    public function testAddGrantTypeWithoutKey()
    {
        $server = new Server();
        $server->addGrantType(new \OAuth2\GrantType\AuthorizationCode($this->createMock('OAuth2\Storage\AuthorizationCodeInterface')));

        $grantTypes = $server->getGrantTypes();
        $this->assertEquals('authorization_code', key($grantTypes));
    }

    public function testAddGrantTypeWithKey()
    {
        $server = new Server();
        $server->addGrantType(new \OAuth2\GrantType\AuthorizationCode($this->createMock('OAuth2\Storage\AuthorizationCodeInterface')), 'ac');

        $grantTypes = $server->getGrantTypes();
        $this->assertEquals('ac', key($grantTypes));
    }

    public function testAddGrantTypeWithKeyNotString()
    {
        $server = new Server();
        $server->addGrantType(new \OAuth2\GrantType\AuthorizationCode($this->createMock('OAuth2\Storage\AuthorizationCodeInterface')), 42);

        $grantTypes = $server->getGrantTypes();
        $this->assertEquals('authorization_code', key($grantTypes));
    }
}