aboutsummaryrefslogtreecommitdiffstats
path: root/library/oauth2/test/OAuth2/ServerTest.php
diff options
context:
space:
mode:
authorzotlabs <mike@macgirvin.com>2016-10-07 14:11:24 -0700
committerzotlabs <mike@macgirvin.com>2016-10-07 14:11:24 -0700
commit10863a5949cc59771424cb809af5c9f279f78a58 (patch)
tree7a86223b830c1ae784bd4557bbefee9f60169542 /library/oauth2/test/OAuth2/ServerTest.php
parentbf02e0428347350126abdd1726aa3e58c9ed63bb (diff)
downloadvolse-hubzilla-10863a5949cc59771424cb809af5c9f279f78a58.tar.gz
volse-hubzilla-10863a5949cc59771424cb809af5c9f279f78a58.tar.bz2
volse-hubzilla-10863a5949cc59771424cb809af5c9f279f78a58.zip
add oauth2/oidc lib
Diffstat (limited to 'library/oauth2/test/OAuth2/ServerTest.php')
-rw-r--r--library/oauth2/test/OAuth2/ServerTest.php684
1 files changed, 684 insertions, 0 deletions
diff --git a/library/oauth2/test/OAuth2/ServerTest.php b/library/oauth2/test/OAuth2/ServerTest.php
new file mode 100644
index 000000000..747e120f5
--- /dev/null
+++ b/library/oauth2/test/OAuth2/ServerTest.php
@@ -0,0 +1,684 @@
+<?php
+
+namespace OAuth2;
+
+use OAuth2\Request\TestRequest;
+use OAuth2\ResponseType\AuthorizationCode;
+use OAuth2\Storage\Bootstrap;
+
+class ServerTest extends \PHPUnit_Framework_TestCase
+{
+ /**
+ * @expectedException LogicException OAuth2\Storage\ClientInterface
+ **/
+ public function testGetAuthorizeControllerWithNoClientStorageThrowsException()
+ {
+ // must set Client Storage
+ $server = new Server();
+ $server->getAuthorizeController();
+ }
+
+ /**
+ * @expectedException LogicException OAuth2\Storage\AccessTokenInterface
+ **/
+ public function testGetAuthorizeControllerWithNoAccessTokenStorageThrowsException()
+ {
+ // must set AccessToken or AuthorizationCode
+ $server = new Server();
+ $server->addStorage($this->getMock('OAuth2\Storage\ClientInterface'));
+ $server->getAuthorizeController();
+ }
+
+ public function testGetAuthorizeControllerWithClientStorageAndAccessTokenResponseType()
+ {
+ // must set AccessToken or AuthorizationCode
+ $server = new Server();
+ $server->addStorage($this->getMock('OAuth2\Storage\ClientInterface'));
+ $server->addResponseType($this->getMock('OAuth2\ResponseType\AccessTokenInterface'));
+
+ $this->assertNotNull($server->getAuthorizeController());
+ }
+
+ public function testGetAuthorizeControllerWithClientStorageAndAuthorizationCodeResponseType()
+ {
+ // must set AccessToken or AuthorizationCode
+ $server = new Server();
+ $server->addStorage($this->getMock('OAuth2\Storage\ClientInterface'));
+ $server->addResponseType($this->getMock('OAuth2\ResponseType\AuthorizationCodeInterface'));
+
+ $this->assertNotNull($server->getAuthorizeController());
+ }
+
+ /**
+ * @expectedException LogicException allow_implicit
+ **/
+ public function testGetAuthorizeControllerWithClientStorageAndAccessTokenStorageThrowsException()
+ {
+ // must set AuthorizationCode or AccessToken / implicit
+ $server = new Server();
+ $server->addStorage($this->getMock('OAuth2\Storage\ClientInterface'));
+ $server->addStorage($this->getMock('OAuth2\Storage\AccessTokenInterface'));
+
+ $this->assertNotNull($server->getAuthorizeController());
+ }
+
+ public function testGetAuthorizeControllerWithClientStorageAndAccessTokenStorage()
+ {
+ // must set AuthorizationCode or AccessToken / implicit
+ $server = new Server(array(), array('allow_implicit' => true));
+ $server->addStorage($this->getMock('OAuth2\Storage\ClientInterface'));
+ $server->addStorage($this->getMock('OAuth2\Storage\AccessTokenInterface'));
+
+ $this->assertNotNull($server->getAuthorizeController());
+ }
+
+ public function testGetAuthorizeControllerWithClientStorageAndAuthorizationCodeStorage()
+ {
+ // must set AccessToken or AuthorizationCode
+ $server = new Server();
+ $server->addStorage($this->getMock('OAuth2\Storage\ClientInterface'));
+ $server->addStorage($this->getMock('OAuth2\Storage\AuthorizationCodeInterface'));
+
+ $this->assertNotNull($server->getAuthorizeController());
+ }
+
+ /**
+ * @expectedException LogicException grant_types
+ **/
+ public function testGetTokenControllerWithGrantTypeStorageThrowsException()
+ {
+ $server = new Server();
+ $server->getTokenController();
+ }
+
+ /**
+ * @expectedException LogicException OAuth2\Storage\ClientCredentialsInterface
+ **/
+ public function testGetTokenControllerWithNoClientCredentialsStorageThrowsException()
+ {
+ $server = new Server();
+ $server->addStorage($this->getMock('OAuth2\Storage\UserCredentialsInterface'));
+ $server->getTokenController();
+ }
+
+ /**
+ * @expectedException LogicException OAuth2\Storage\AccessTokenInterface
+ **/
+ public function testGetTokenControllerWithNoAccessTokenStorageThrowsException()
+ {
+ $server = new Server();
+ $server->addStorage($this->getMock('OAuth2\Storage\ClientCredentialsInterface'));
+ $server->getTokenController();
+ }
+
+ public function testGetTokenControllerWithAccessTokenAndClientCredentialsStorage()
+ {
+ $server = new Server();
+ $server->addStorage($this->getMock('OAuth2\Storage\AccessTokenInterface'));
+ $server->addStorage($this->getMock('OAuth2\Storage\ClientCredentialsInterface'));
+ $server->getTokenController();
+ }
+
+ public function testGetTokenControllerAccessTokenStorageAndClientCredentialsStorageAndGrantTypes()
+ {
+ $server = new Server();
+ $server->addStorage($this->getMock('OAuth2\Storage\AccessTokenInterface'));
+ $server->addStorage($this->getMock('OAuth2\Storage\ClientCredentialsInterface'));
+ $server->addGrantType($this->getMockBuilder('OAuth2\GrantType\AuthorizationCode')->disableOriginalConstructor()->getMock());
+ $server->getTokenController();
+ }
+
+ /**
+ * @expectedException LogicException OAuth2\Storage\AccessTokenInterface
+ **/
+ public function testGetResourceControllerWithNoAccessTokenStorageThrowsException()
+ {
+ $server = new Server();
+ $server->getResourceController();
+ }
+
+ public function testGetResourceControllerWithAccessTokenStorage()
+ {
+ $server = new Server();
+ $server->addStorage($this->getMock('OAuth2\Storage\AccessTokenInterface'));
+ $server->getResourceController();
+ }
+
+ /**
+ * @expectedException InvalidArgumentException OAuth2\Storage\AccessTokenInterface
+ **/
+ public function testAddingStorageWithInvalidClass()
+ {
+ $server = new Server();
+ $server->addStorage(new \StdClass());
+ }
+
+ /**
+ * @expectedException InvalidArgumentException access_token
+ **/
+ public function testAddingStorageWithInvalidKey()
+ {
+ $server = new Server();
+ $server->addStorage($this->getMock('OAuth2\Storage\AccessTokenInterface'), 'nonexistant_storage');
+ }
+
+ /**
+ * @expectedException InvalidArgumentException OAuth2\Storage\AuthorizationCodeInterface
+ **/
+ public function testAddingStorageWithInvalidKeyStorageCombination()
+ {
+ $server = new Server();
+ $server->addStorage($this->getMock('OAuth2\Storage\AccessTokenInterface'), 'authorization_code');
+ }
+
+ public function testAddingStorageWithValidKeyOnlySetsThatKey()
+ {
+ $server = new Server();
+ $server->addStorage($this->getMock('OAuth2\Storage\Memory'), 'access_token');
+
+ $reflection = new \ReflectionClass($server);
+ $prop = $reflection->getProperty('storages');
+ $prop->setAccessible(true);
+
+ $storages = $prop->getValue($server); // get the private "storages" property
+
+ $this->assertEquals(1, count($storages));
+ $this->assertTrue(isset($storages['access_token']));
+ $this->assertFalse(isset($storages['authorization_code']));
+ }
+
+ public function testAddingClientStorageSetsClientCredentialsStorageByDefault()
+ {
+ $server = new Server();
+ $memory = $this->getMock('OAuth2\Storage\Memory');
+ $server->addStorage($memory, 'client');
+
+ $client_credentials = $server->getStorage('client_credentials');
+
+ $this->assertNotNull($client_credentials);
+ $this->assertEquals($client_credentials, $memory);
+ }
+
+ public function testAddStorageWithNullValue()
+ {
+ $memory = $this->getMock('OAuth2\Storage\Memory');
+ $server = new Server($memory);
+ $server->addStorage(null, 'refresh_token');
+
+ $client_credentials = $server->getStorage('client_credentials');
+
+ $this->assertNotNull($client_credentials);
+ $this->assertEquals($client_credentials, $memory);
+
+ $refresh_token = $server->getStorage('refresh_token');
+
+ $this->assertNull($refresh_token);
+ }
+
+ public function testNewServerWithNullStorageValue()
+ {
+ $memory = $this->getMock('OAuth2\Storage\Memory');
+ $server = new Server(array(
+ 'client_credentials' => $memory,
+ 'refresh_token' => null,
+ ));
+
+ $client_credentials = $server->getStorage('client_credentials');
+
+ $this->assertNotNull($client_credentials);
+ $this->assertEquals($client_credentials, $memory);
+
+ $refresh_token = $server->getStorage('refresh_token');
+
+ $this->assertNull($refresh_token);
+ }
+
+ public function testAddingClientCredentialsStorageSetsClientStorageByDefault()
+ {
+ $server = new Server();
+ $memory = $this->getMock('OAuth2\Storage\Memory');
+ $server->addStorage($memory, 'client_credentials');
+
+ $client = $server->getStorage('client');
+
+ $this->assertNotNull($client);
+ $this->assertEquals($client, $memory);
+ }
+
+ public function testSettingClientStorageByDefaultDoesNotOverrideSetStorage()
+ {
+ $server = new Server();
+ $pdo = $this->getMockBuilder('OAuth2\Storage\Pdo')
+ ->disableOriginalConstructor()->getMock();
+
+ $memory = $this->getMock('OAuth2\Storage\Memory');
+
+ $server->addStorage($pdo, 'client');
+ $server->addStorage($memory, 'client_credentials');
+
+ $client = $server->getStorage('client');
+ $client_credentials = $server->getStorage('client_credentials');
+
+ $this->assertEquals($client, $pdo);
+ $this->assertEquals($client_credentials, $memory);
+ }
+
+ public function testAddingResponseType()
+ {
+ $storage = $this->getMock('OAuth2\Storage\Memory');
+ $storage
+ ->expects($this->any())
+ ->method('getClientDetails')
+ ->will($this->returnValue(array('client_id' => 'some_client')));
+ $storage
+ ->expects($this->any())
+ ->method('checkRestrictedGrantType')
+ ->will($this->returnValue(true));
+
+ // add with the "code" key explicitly set
+ $codeType = new AuthorizationCode($storage);
+ $server = new Server();
+ $server->addStorage($storage);
+ $server->addResponseType($codeType);
+ $request = new Request(array(
+ 'response_type' => 'code',
+ 'client_id' => 'some_client',
+ 'redirect_uri' => 'http://example.com',
+ 'state' => 'xyx',
+ ));
+ $server->handleAuthorizeRequest($request, $response = new Response(), true);
+
+ // the response is successful
+ $this->assertEquals($response->getStatusCode(), 302);
+ $parts = parse_url($response->getHttpHeader('Location'));
+ parse_str($parts['query'], $query);
+ $this->assertTrue(isset($query['code']));
+ $this->assertFalse(isset($query['error']));
+
+ // add with the "code" key not set
+ $codeType = new AuthorizationCode($storage);
+ $server = new Server(array($storage), array(), array(), array($codeType));
+ $request = new Request(array(
+ 'response_type' => 'code',
+ 'client_id' => 'some_client',
+ 'redirect_uri' => 'http://example.com',
+ 'state' => 'xyx',
+ ));
+ $server->handleAuthorizeRequest($request, $response = new Response(), true);
+
+ // the response is successful
+ $this->assertEquals($response->getStatusCode(), 302);
+ $parts = parse_url($response->getHttpHeader('Location'));
+ parse_str($parts['query'], $query);
+ $this->assertTrue(isset($query['code']));
+ $this->assertFalse(isset($query['error']));
+ }
+
+ public function testCustomClientAssertionType()
+ {
+ $request = TestRequest::createPost(array(
+ 'grant_type' => 'authorization_code',
+ 'client_id' =>'Test Client ID',
+ 'code' => 'testcode',
+ ));
+ // verify the mock clientAssertionType was called as expected
+ $clientAssertionType = $this->getMock('OAuth2\ClientAssertionType\ClientAssertionTypeInterface', array('validateRequest', 'getClientId'));
+ $clientAssertionType
+ ->expects($this->once())
+ ->method('validateRequest')
+ ->will($this->returnValue(true));
+ $clientAssertionType
+ ->expects($this->once())
+ ->method('getClientId')
+ ->will($this->returnValue('Test Client ID'));
+
+ // create mock storage
+ $storage = Bootstrap::getInstance()->getMemoryStorage();
+ $server = new Server(array($storage), array(), array(), array(), null, null, $clientAssertionType);
+ $server->handleTokenRequest($request, $response = new Response());
+ }
+
+ public function testHttpBasicConfig()
+ {
+ // create mock storage
+ $storage = Bootstrap::getInstance()->getMemoryStorage();
+ $server = new Server(array($storage), array(
+ 'allow_credentials_in_request_body' => false,
+ 'allow_public_clients' => false
+ ));
+ $server->getTokenController();
+ $httpBasic = $server->getClientAssertionType();
+
+ $reflection = new \ReflectionClass($httpBasic);
+ $prop = $reflection->getProperty('config');
+ $prop->setAccessible(true);
+
+ $config = $prop->getValue($httpBasic); // get the private "config" property
+
+ $this->assertEquals($config['allow_credentials_in_request_body'], false);
+ $this->assertEquals($config['allow_public_clients'], false);
+ }
+
+ public function testRefreshTokenConfig()
+ {
+ // create mock storage
+ $storage = Bootstrap::getInstance()->getMemoryStorage();
+ $server1 = new Server(array($storage));
+ $server2 = new Server(array($storage), array('always_issue_new_refresh_token' => true, 'unset_refresh_token_after_use' => false));
+
+ $server1->getTokenController();
+ $refreshToken1 = $server1->getGrantType('refresh_token');
+
+ $server2->getTokenController();
+ $refreshToken2 = $server2->getGrantType('refresh_token');
+
+ $reflection1 = new \ReflectionClass($refreshToken1);
+ $prop1 = $reflection1->getProperty('config');
+ $prop1->setAccessible(true);
+
+ $reflection2 = new \ReflectionClass($refreshToken2);
+ $prop2 = $reflection2->getProperty('config');
+ $prop2->setAccessible(true);
+
+ // get the private "config" property
+ $config1 = $prop1->getValue($refreshToken1);
+ $config2 = $prop2->getValue($refreshToken2);
+
+ $this->assertEquals($config1['always_issue_new_refresh_token'], false);
+ $this->assertEquals($config2['always_issue_new_refresh_token'], true);
+
+ $this->assertEquals($config1['unset_refresh_token_after_use'], true);
+ $this->assertEquals($config2['unset_refresh_token_after_use'], false);
+ }
+
+ /**
+ * Test setting "always_issue_new_refresh_token" on a server level
+ *
+ * @see test/OAuth2/GrantType/RefreshTokenTest::testValidRefreshTokenWithNewRefreshTokenInResponse
+ **/
+ public function testValidRefreshTokenWithNewRefreshTokenInResponse()
+ {
+ $storage = Bootstrap::getInstance()->getMemoryStorage();
+ $server = new Server($storage, array('always_issue_new_refresh_token' => true));
+
+ $request = TestRequest::createPost(array(
+ 'grant_type' => 'refresh_token', // valid grant type
+ 'client_id' => 'Test Client ID', // valid client id
+ 'client_secret' => 'TestSecret', // valid client secret
+ 'refresh_token' => 'test-refreshtoken', // valid refresh token
+ ));
+ $token = $server->grantAccessToken($request, new Response());
+ $this->assertTrue(isset($token['refresh_token']), 'refresh token should always refresh');
+
+ $refresh_token = $storage->getRefreshToken($token['refresh_token']);
+ $this->assertNotNull($refresh_token);
+ $this->assertEquals($refresh_token['refresh_token'], $token['refresh_token']);
+ $this->assertEquals($refresh_token['client_id'], $request->request('client_id'));
+ $this->assertTrue($token['refresh_token'] != 'test-refreshtoken', 'the refresh token returned is not the one used');
+ $used_token = $storage->getRefreshToken('test-refreshtoken');
+ $this->assertFalse($used_token, 'the refresh token used is no longer valid');
+ }
+
+ /**
+ * @expectedException InvalidArgumentException OAuth2\ResponseType\AuthorizationCodeInterface
+ **/
+ public function testAddingUnknownResponseTypeThrowsException()
+ {
+ $server = new Server();
+ $server->addResponseType($this->getMock('OAuth2\ResponseType\ResponseTypeInterface'));
+ }
+
+ /**
+ * @expectedException LogicException OAuth2\Storage\PublicKeyInterface
+ **/
+ public function testUsingJwtAccessTokensWithoutPublicKeyStorageThrowsException()
+ {
+ $server = new Server(array(), array('use_jwt_access_tokens' => true));
+ $server->addGrantType($this->getMock('OAuth2\GrantType\GrantTypeInterface'));
+ $server->addStorage($this->getMock('OAuth2\Storage\ClientCredentialsInterface'));
+ $server->addStorage($this->getMock('OAuth2\Storage\ClientCredentialsInterface'));
+
+ $server->getTokenController();
+ }
+
+ public function testUsingJustJwtAccessTokenStorageWithResourceControllerIsOkay()
+ {
+ $pubkey = $this->getMock('OAuth2\Storage\PublicKeyInterface');
+ $server = new Server(array($pubkey), array('use_jwt_access_tokens' => true));
+
+ $this->assertNotNull($server->getResourceController());
+ $this->assertInstanceOf('OAuth2\Storage\PublicKeyInterface', $server->getStorage('public_key'));
+ }
+
+ /**
+ * @expectedException LogicException OAuth2\Storage\ClientInterface
+ **/
+ public function testUsingJustJwtAccessTokenStorageWithAuthorizeControllerThrowsException()
+ {
+ $pubkey = $this->getMock('OAuth2\Storage\PublicKeyInterface');
+ $server = new Server(array($pubkey), array('use_jwt_access_tokens' => true));
+ $this->assertNotNull($server->getAuthorizeController());
+ }
+
+ /**
+ * @expectedException LogicException grant_types
+ **/
+ public function testUsingJustJwtAccessTokenStorageWithTokenControllerThrowsException()
+ {
+ $pubkey = $this->getMock('OAuth2\Storage\PublicKeyInterface');
+ $server = new Server(array($pubkey), array('use_jwt_access_tokens' => true));
+ $server->getTokenController();
+ }
+
+ public function testUsingJwtAccessTokenAndClientStorageWithAuthorizeControllerIsOkay()
+ {
+ $pubkey = $this->getMock('OAuth2\Storage\PublicKeyInterface');
+ $client = $this->getMock('OAuth2\Storage\ClientInterface');
+ $server = new Server(array($pubkey, $client), array('use_jwt_access_tokens' => true, 'allow_implicit' => true));
+ $this->assertNotNull($server->getAuthorizeController());
+
+ $this->assertInstanceOf('OAuth2\ResponseType\JwtAccessToken', $server->getResponseType('token'));
+ }
+
+ /**
+ * @expectedException LogicException UserClaims
+ **/
+ public function testUsingOpenIDConnectWithoutUserClaimsThrowsException()
+ {
+ $client = $this->getMock('OAuth2\Storage\ClientInterface');
+ $server = new Server($client, array('use_openid_connect' => true));
+
+ $server->getAuthorizeController();
+ }
+
+ /**
+ * @expectedException LogicException PublicKeyInterface
+ **/
+ public function testUsingOpenIDConnectWithoutPublicKeyThrowsException()
+ {
+ $client = $this->getMock('OAuth2\Storage\ClientInterface');
+ $userclaims = $this->getMock('OAuth2\OPenID\Storage\UserClaimsInterface');
+ $server = new Server(array($client, $userclaims), array('use_openid_connect' => true));
+
+ $server->getAuthorizeController();
+ }
+
+ /**
+ * @expectedException LogicException issuer
+ **/
+ public function testUsingOpenIDConnectWithoutIssuerThrowsException()
+ {
+ $client = $this->getMock('OAuth2\Storage\ClientInterface');
+ $userclaims = $this->getMock('OAuth2\OpenID\Storage\UserClaimsInterface');
+ $pubkey = $this->getMock('OAuth2\Storage\PublicKeyInterface');
+ $server = new Server(array($client, $userclaims, $pubkey), array('use_openid_connect' => true));
+
+ $server->getAuthorizeController();
+ }
+
+ public function testUsingOpenIDConnectWithIssuerPublicKeyAndUserClaimsIsOkay()
+ {
+ $client = $this->getMock('OAuth2\Storage\ClientInterface');
+ $userclaims = $this->getMock('OAuth2\OpenID\Storage\UserClaimsInterface');
+ $pubkey = $this->getMock('OAuth2\Storage\PublicKeyInterface');
+ $server = new Server(array($client, $userclaims, $pubkey), array(
+ 'use_openid_connect' => true,
+ 'issuer' => 'someguy',
+ ));
+
+ $server->getAuthorizeController();
+
+ $this->assertInstanceOf('OAuth2\OpenID\ResponseType\IdTokenInterface', $server->getResponseType('id_token'));
+ $this->assertNull($server->getResponseType('id_token token'));
+ }
+
+ /**
+ * @expectedException LogicException OAuth2\ResponseType\AccessTokenInterface
+ **/
+ public function testUsingOpenIDConnectWithAllowImplicitWithoutTokenStorageThrowsException()
+ {
+ $client = $this->getMock('OAuth2\Storage\ClientInterface');
+ $userclaims = $this->getMock('OAuth2\OpenID\Storage\UserClaimsInterface');
+ $pubkey = $this->getMock('OAuth2\Storage\PublicKeyInterface');
+ $server = new Server(array($client, $userclaims, $pubkey), array(
+ 'use_openid_connect' => true,
+ 'issuer' => 'someguy',
+ 'allow_implicit' => true,
+ ));
+
+ $server->getAuthorizeController();
+ }
+
+ public function testUsingOpenIDConnectWithAllowImplicitAndUseJwtAccessTokensIsOkay()
+ {
+ $client = $this->getMock('OAuth2\Storage\ClientInterface');
+ $userclaims = $this->getMock('OAuth2\OpenID\Storage\UserClaimsInterface');
+ $pubkey = $this->getMock('OAuth2\Storage\PublicKeyInterface');
+ $server = new Server(array($client, $userclaims, $pubkey), array(
+ 'use_openid_connect' => true,
+ 'issuer' => 'someguy',
+ 'allow_implicit' => true,
+ 'use_jwt_access_tokens' => true,
+ ));
+
+ $server->getAuthorizeController();
+
+ $this->assertInstanceOf('OAuth2\OpenID\ResponseType\IdTokenInterface', $server->getResponseType('id_token'));
+ $this->assertInstanceOf('OAuth2\OpenID\ResponseType\IdTokenTokenInterface', $server->getResponseType('id_token token'));
+ }
+
+ public function testUsingOpenIDConnectWithAllowImplicitAndAccessTokenStorageIsOkay()
+ {
+ $client = $this->getMock('OAuth2\Storage\ClientInterface');
+ $userclaims = $this->getMock('OAuth2\OpenID\Storage\UserClaimsInterface');
+ $pubkey = $this->getMock('OAuth2\Storage\PublicKeyInterface');
+ $token = $this->getMock('OAuth2\Storage\AccessTokenInterface');
+ $server = new Server(array($client, $userclaims, $pubkey, $token), array(
+ 'use_openid_connect' => true,
+ 'issuer' => 'someguy',
+ 'allow_implicit' => true,
+ ));
+
+ $server->getAuthorizeController();
+
+ $this->assertInstanceOf('OAuth2\OpenID\ResponseType\IdTokenInterface', $server->getResponseType('id_token'));
+ $this->assertInstanceOf('OAuth2\OpenID\ResponseType\IdTokenTokenInterface', $server->getResponseType('id_token token'));
+ }
+
+ public function testUsingOpenIDConnectWithAllowImplicitAndAccessTokenResponseTypeIsOkay()
+ {
+ $client = $this->getMock('OAuth2\Storage\ClientInterface');
+ $userclaims = $this->getMock('OAuth2\OpenID\Storage\UserClaimsInterface');
+ $pubkey = $this->getMock('OAuth2\Storage\PublicKeyInterface');
+ // $token = $this->getMock('OAuth2\Storage\AccessTokenInterface');
+ $server = new Server(array($client, $userclaims, $pubkey), array(
+ 'use_openid_connect' => true,
+ 'issuer' => 'someguy',
+ 'allow_implicit' => true,
+ ));
+
+ $token = $this->getMock('OAuth2\ResponseType\AccessTokenInterface');
+ $server->addResponseType($token, 'token');
+
+ $server->getAuthorizeController();
+
+ $this->assertInstanceOf('OAuth2\OpenID\ResponseType\IdTokenInterface', $server->getResponseType('id_token'));
+ $this->assertInstanceOf('OAuth2\OpenID\ResponseType\IdTokenTokenInterface', $server->getResponseType('id_token token'));
+ }
+
+ /**
+ * @expectedException LogicException OAuth2\OpenID\Storage\AuthorizationCodeInterface
+ **/
+ public function testUsingOpenIDConnectWithAuthorizationCodeStorageThrowsException()
+ {
+ $client = $this->getMock('OAuth2\Storage\ClientCredentialsInterface');
+ $userclaims = $this->getMock('OAuth2\OpenID\Storage\UserClaimsInterface');
+ $pubkey = $this->getMock('OAuth2\Storage\PublicKeyInterface');
+ $token = $this->getMock('OAuth2\Storage\AccessTokenInterface');
+ $authcode = $this->getMock('OAuth2\Storage\AuthorizationCodeInterface');
+
+ $server = new Server(array($client, $userclaims, $pubkey, $token, $authcode), array(
+ 'use_openid_connect' => true,
+ 'issuer' => 'someguy'
+ ));
+
+ $server->getTokenController();
+
+ $this->assertInstanceOf('OAuth2\OpenID\GrantType\AuthorizationCode', $server->getGrantType('authorization_code'));
+ }
+
+ public function testUsingOpenIDConnectWithOpenIDAuthorizationCodeStorageCreatesOpenIDAuthorizationCodeGrantType()
+ {
+ $client = $this->getMock('OAuth2\Storage\ClientCredentialsInterface');
+ $userclaims = $this->getMock('OAuth2\OpenID\Storage\UserClaimsInterface');
+ $pubkey = $this->getMock('OAuth2\Storage\PublicKeyInterface');
+ $token = $this->getMock('OAuth2\Storage\AccessTokenInterface');
+ $authcode = $this->getMock('OAuth2\OpenID\Storage\AuthorizationCodeInterface');
+
+ $server = new Server(array($client, $userclaims, $pubkey, $token, $authcode), array(
+ 'use_openid_connect' => true,
+ 'issuer' => 'someguy'
+ ));
+
+ $server->getTokenController();
+
+ $this->assertInstanceOf('OAuth2\OpenID\GrantType\AuthorizationCode', $server->getGrantType('authorization_code'));
+ }
+
+ public function testMultipleValuedResponseTypeOrderDoesntMatter()
+ {
+ $responseType = $this->getMock('OAuth2\OpenID\ResponseType\IdTokenTokenInterface');
+ $server = new Server(array(), array(), array(), array(
+ 'token id_token' => $responseType,
+ ));
+
+ $this->assertEquals($responseType, $server->getResponseType('id_token token'));
+ }
+
+ public function testAddGrantTypeWithoutKey()
+ {
+ $server = new Server();
+ $server->addGrantType(new \OAuth2\GrantType\AuthorizationCode($this->getMock('OAuth2\Storage\AuthorizationCodeInterface')));
+
+ $grantTypes = $server->getGrantTypes();
+ $this->assertEquals('authorization_code', key($grantTypes));
+ }
+
+ public function testAddGrantTypeWithKey()
+ {
+ $server = new Server();
+ $server->addGrantType(new \OAuth2\GrantType\AuthorizationCode($this->getMock('OAuth2\Storage\AuthorizationCodeInterface')), 'ac');
+
+ $grantTypes = $server->getGrantTypes();
+ $this->assertEquals('ac', key($grantTypes));
+ }
+
+ public function testAddGrantTypeWithKeyNotString()
+ {
+ $server = new Server();
+ $server->addGrantType(new \OAuth2\GrantType\AuthorizationCode($this->getMock('OAuth2\Storage\AuthorizationCodeInterface')), 42);
+
+ $grantTypes = $server->getGrantTypes();
+ $this->assertEquals('authorization_code', key($grantTypes));
+ }
+}