aboutsummaryrefslogtreecommitdiffstats
path: root/library/oauth2/test/OAuth2/OpenID/Controller/AuthorizeControllerTest.php
diff options
context:
space:
mode:
Diffstat (limited to 'library/oauth2/test/OAuth2/OpenID/Controller/AuthorizeControllerTest.php')
-rw-r--r--library/oauth2/test/OAuth2/OpenID/Controller/AuthorizeControllerTest.php182
1 files changed, 0 insertions, 182 deletions
diff --git a/library/oauth2/test/OAuth2/OpenID/Controller/AuthorizeControllerTest.php b/library/oauth2/test/OAuth2/OpenID/Controller/AuthorizeControllerTest.php
deleted file mode 100644
index 46de936d8..000000000
--- a/library/oauth2/test/OAuth2/OpenID/Controller/AuthorizeControllerTest.php
+++ /dev/null
@@ -1,182 +0,0 @@
-<?php
-
-namespace OAuth2\OpenID\Controller;
-
-use OAuth2\Storage\Bootstrap;
-use OAuth2\Server;
-use OAuth2\Request;
-use OAuth2\Response;
-
-class AuthorizeControllerTest extends \PHPUnit_Framework_TestCase
-{
- public function testValidateAuthorizeRequest()
- {
- $server = $this->getTestServer();
-
- $response = new Response();
- $request = new Request(array(
- 'client_id' => 'Test Client ID', // valid client id
- 'redirect_uri' => 'http://adobe.com', // valid redirect URI
- 'response_type' => 'id_token',
- 'state' => 'af0ifjsldkj',
- 'nonce' => 'n-0S6_WzA2Mj',
- ));
-
- // Test valid id_token request
- $server->handleAuthorizeRequest($request, $response, true);
-
- $parts = parse_url($response->getHttpHeader('Location'));
- parse_str($parts['fragment'], $query);
-
- $this->assertEquals('n-0S6_WzA2Mj', $server->getAuthorizeController()->getNonce());
- $this->assertEquals($query['state'], 'af0ifjsldkj');
-
- $this->assertArrayHasKey('id_token', $query);
- $this->assertArrayHasKey('state', $query);
- $this->assertArrayNotHasKey('access_token', $query);
- $this->assertArrayNotHasKey('expires_in', $query);
- $this->assertArrayNotHasKey('token_type', $query);
-
- // Test valid token id_token request
- $request->query['response_type'] = 'id_token token';
- $server->handleAuthorizeRequest($request, $response, true);
-
- $parts = parse_url($response->getHttpHeader('Location'));
- parse_str($parts['fragment'], $query);
-
- $this->assertEquals('n-0S6_WzA2Mj', $server->getAuthorizeController()->getNonce());
- $this->assertEquals($query['state'], 'af0ifjsldkj');
-
- $this->assertArrayHasKey('access_token', $query);
- $this->assertArrayHasKey('expires_in', $query);
- $this->assertArrayHasKey('token_type', $query);
- $this->assertArrayHasKey('state', $query);
- $this->assertArrayHasKey('id_token', $query);
-
- // assert that with multiple-valued response types, order does not matter
- $request->query['response_type'] = 'token id_token';
- $server->handleAuthorizeRequest($request, $response, true);
-
- $parts = parse_url($response->getHttpHeader('Location'));
- parse_str($parts['fragment'], $query);
-
- $this->assertEquals('n-0S6_WzA2Mj', $server->getAuthorizeController()->getNonce());
- $this->assertEquals($query['state'], 'af0ifjsldkj');
-
- $this->assertArrayHasKey('access_token', $query);
- $this->assertArrayHasKey('expires_in', $query);
- $this->assertArrayHasKey('token_type', $query);
- $this->assertArrayHasKey('state', $query);
- $this->assertArrayHasKey('id_token', $query);
-
- // assert that with multiple-valued response types with extra spaces do not matter
- $request->query['response_type'] = ' token id_token ';
- $server->handleAuthorizeRequest($request, $response, true);
-
- $parts = parse_url($response->getHttpHeader('Location'));
- parse_str($parts['fragment'], $query);
-
- $this->assertEquals('n-0S6_WzA2Mj', $server->getAuthorizeController()->getNonce());
- $this->assertEquals($query['state'], 'af0ifjsldkj');
-
- $this->assertArrayHasKey('access_token', $query);
- $this->assertArrayHasKey('expires_in', $query);
- $this->assertArrayHasKey('token_type', $query);
- $this->assertArrayHasKey('state', $query);
- $this->assertArrayHasKey('id_token', $query);
- }
-
- public function testMissingNonce()
- {
- $server = $this->getTestServer();
- $authorize = $server->getAuthorizeController();
-
- $response = new Response();
- $request = new Request(array(
- 'client_id' => 'Test Client ID', // valid client id
- 'redirect_uri' => 'http://adobe.com', // valid redirect URI
- 'response_type' => 'id_token',
- 'state' => 'xyz',
- ));
-
- // Test missing nonce for 'id_token' response type
- $server->handleAuthorizeRequest($request, $response, true);
- $params = $response->getParameters();
-
- $this->assertEquals($params['error'], 'invalid_nonce');
- $this->assertEquals($params['error_description'], 'This application requires you specify a nonce parameter');
-
- // Test missing nonce for 'id_token token' response type
- $request->query['response_type'] = 'id_token token';
- $server->handleAuthorizeRequest($request, $response, true);
- $params = $response->getParameters();
-
- $this->assertEquals($params['error'], 'invalid_nonce');
- $this->assertEquals($params['error_description'], 'This application requires you specify a nonce parameter');
- }
-
- public function testNotGrantedApplication()
- {
- $server = $this->getTestServer();
-
- $response = new Response();
- $request = new Request(array(
- 'client_id' => 'Test Client ID', // valid client id
- 'redirect_uri' => 'http://adobe.com', // valid redirect URI
- 'response_type' => 'id_token',
- 'state' => 'af0ifjsldkj',
- 'nonce' => 'n-0S6_WzA2Mj',
- ));
-
- // Test not approved application
- $server->handleAuthorizeRequest($request, $response, false);
-
- $params = $response->getParameters();
-
- $this->assertEquals($params['error'], 'consent_required');
- $this->assertEquals($params['error_description'], 'The user denied access to your application');
-
- // Test not approved application with prompt parameter
- $request->query['prompt'] = 'none';
- $server->handleAuthorizeRequest($request, $response, false);
-
- $params = $response->getParameters();
-
- $this->assertEquals($params['error'], 'login_required');
- $this->assertEquals($params['error_description'], 'The user must log in');
-
- // Test not approved application with user_id set
- $request->query['prompt'] = 'none';
- $server->handleAuthorizeRequest($request, $response, false, 'some-user-id');
-
- $params = $response->getParameters();
-
- $this->assertEquals($params['error'], 'interaction_required');
- $this->assertEquals($params['error_description'], 'The user must grant access to your application');
- }
-
- public function testNeedsIdToken()
- {
- $server = $this->getTestServer();
- $authorize = $server->getAuthorizeController();
-
- $this->assertTrue($authorize->needsIdToken('openid'));
- $this->assertTrue($authorize->needsIdToken('openid profile'));
- $this->assertFalse($authorize->needsIdToken(''));
- $this->assertFalse($authorize->needsIdToken('some-scope'));
- }
-
- private function getTestServer($config = array())
- {
- $config += array(
- 'use_openid_connect' => true,
- 'issuer' => 'phpunit',
- 'allow_implicit' => true
- );
-
- $storage = Bootstrap::getInstance()->getMemoryStorage();
- $server = new Server($storage, $config);
-
- return $server;
- }
-}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-09 04:35:22 +0000