aboutsummaryrefslogtreecommitdiffstats
path: root/vendor/bshaffer/oauth2-server-php/test/OAuth2/Controller/TokenControllerTest.php
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/bshaffer/oauth2-server-php/test/OAuth2/Controller/TokenControllerTest.php')
-rw-r--r--vendor/bshaffer/oauth2-server-php/test/OAuth2/Controller/TokenControllerTest.php45
1 files changed, 44 insertions, 1 deletions
diff --git a/vendor/bshaffer/oauth2-server-php/test/OAuth2/Controller/TokenControllerTest.php b/vendor/bshaffer/oauth2-server-php/test/OAuth2/Controller/TokenControllerTest.php
index 4a217bd55..d18eaa6d7 100644
--- a/vendor/bshaffer/oauth2-server-php/test/OAuth2/Controller/TokenControllerTest.php
+++ b/vendor/bshaffer/oauth2-server-php/test/OAuth2/Controller/TokenControllerTest.php
@@ -10,8 +10,9 @@ use OAuth2\GrantType\UserCredentials;
use OAuth2\Scope;
use OAuth2\Request\TestRequest;
use OAuth2\Response;
+use PHPUnit\Framework\TestCase;
-class TokenControllerTest extends \PHPUnit_Framework_TestCase
+class TokenControllerTest extends TestCase
{
public function testNoGrantType()
{
@@ -271,6 +272,48 @@ class TokenControllerTest extends \PHPUnit_Framework_TestCase
$this->assertEquals($response->getParameter('error_description'), 'The request method must be POST when revoking an access token');
}
+ public function testCanUseCrossOriginRequestForRevoke()
+ {
+ $server = $this->getTestServer();
+
+ $request = new TestRequest();
+ $request->setMethod('OPTIONS');
+
+ $server->handleRevokeRequest($request, $response = new Response());
+ $this->assertTrue($response instanceof Response);
+ $this->assertEquals(200, $response->getStatusCode(), var_export($response, 1));
+ $this->assertEquals($response->getHttpHeader('Allow'), 'POST, OPTIONS');
+ }
+
+ public function testInvalidRequestMethodForAccessToken()
+ {
+ $server = $this->getTestServer();
+
+ $request = new TestRequest();
+ $request->setQuery(array(
+ 'token_type_hint' => 'access_token'
+ ));
+
+ $server->handleTokenRequest($request, $response = new Response());
+ $this->assertTrue($response instanceof Response);
+ $this->assertEquals(405, $response->getStatusCode(), var_export($response, 1));
+ $this->assertEquals($response->getParameter('error'), 'invalid_request');
+ $this->assertEquals($response->getParameter('error_description'), 'The request method must be POST when requesting an access token');
+ }
+
+ public function testCanUseCrossOriginRequestForAccessToken()
+ {
+ $server = $this->getTestServer();
+
+ $request = new TestRequest();
+ $request->setMethod('OPTIONS');
+
+ $server->handleTokenRequest($request, $response = new Response());
+ $this->assertTrue($response instanceof Response);
+ $this->assertEquals(200, $response->getStatusCode(), var_export($response, 1));
+ $this->assertEquals($response->getHttpHeader('Allow'), 'POST, OPTIONS');
+ }
+
public function testCreateController()
{
$storage = Bootstrap::getInstance()->getMemoryStorage();