From 6c641b1834539c65edb35dd43a6afa7620e73e1c Mon Sep 17 00:00:00 2001 From: zotlabs Date: Tue, 14 Mar 2017 09:09:05 +1100 Subject: move oauth2 to vendor --- .../test/OAuth2/GrantType/RefreshTokenTest.php | 204 --------------------- 1 file changed, 204 deletions(-) delete mode 100644 library/oauth2/test/OAuth2/GrantType/RefreshTokenTest.php (limited to 'library/oauth2/test/OAuth2/GrantType/RefreshTokenTest.php') diff --git a/library/oauth2/test/OAuth2/GrantType/RefreshTokenTest.php b/library/oauth2/test/OAuth2/GrantType/RefreshTokenTest.php deleted file mode 100644 index a458aad8a..000000000 --- a/library/oauth2/test/OAuth2/GrantType/RefreshTokenTest.php +++ /dev/null @@ -1,204 +0,0 @@ -getTestServer(); - $server->addGrantType(new RefreshToken($this->storage)); - - $request = TestRequest::createPost(array( - 'grant_type' => 'refresh_token', // valid grant type - 'client_id' => 'Test Client ID', // valid client id - 'client_secret' => 'TestSecret', // valid client secret - )); - $server->grantAccessToken($request, $response = new Response()); - - $this->assertEquals($response->getStatusCode(), 400); - $this->assertEquals($response->getParameter('error'), 'invalid_request'); - $this->assertEquals($response->getParameter('error_description'), 'Missing parameter: "refresh_token" is required'); - } - - public function testInvalidRefreshToken() - { - $server = $this->getTestServer(); - $server->addGrantType(new RefreshToken($this->storage)); - - $request = TestRequest::createPost(array( - 'grant_type' => 'refresh_token', // valid grant type - 'client_id' => 'Test Client ID', // valid client id - 'client_secret' => 'TestSecret', // valid client secret - 'refresh_token' => 'fake-token', // invalid refresh token - )); - $server->grantAccessToken($request, $response = new Response()); - - $this->assertEquals($response->getStatusCode(), 400); - $this->assertEquals($response->getParameter('error'), 'invalid_grant'); - $this->assertEquals($response->getParameter('error_description'), 'Invalid refresh token'); - } - - public function testValidRefreshTokenWithNewRefreshTokenInResponse() - { - $server = $this->getTestServer(); - $server->addGrantType(new RefreshToken($this->storage, array('always_issue_new_refresh_token' => true))); - - $request = TestRequest::createPost(array( - 'grant_type' => 'refresh_token', // valid grant type - 'client_id' => 'Test Client ID', // valid client id - 'client_secret' => 'TestSecret', // valid client secret - 'refresh_token' => 'test-refreshtoken', // valid refresh token - )); - $token = $server->grantAccessToken($request, new Response()); - $this->assertTrue(isset($token['refresh_token']), 'refresh token should always refresh'); - - $refresh_token = $this->storage->getRefreshToken($token['refresh_token']); - $this->assertNotNull($refresh_token); - $this->assertEquals($refresh_token['refresh_token'], $token['refresh_token']); - $this->assertEquals($refresh_token['client_id'], $request->request('client_id')); - $this->assertTrue($token['refresh_token'] != 'test-refreshtoken', 'the refresh token returned is not the one used'); - $used_token = $this->storage->getRefreshToken('test-refreshtoken'); - $this->assertFalse($used_token, 'the refresh token used is no longer valid'); - } - - public function testValidRefreshTokenDoesNotUnsetToken() - { - $server = $this->getTestServer(); - $server->addGrantType(new RefreshToken($this->storage, array( - 'always_issue_new_refresh_token' => true, - 'unset_refresh_token_after_use' => false, - ))); - - $request = TestRequest::createPost(array( - 'grant_type' => 'refresh_token', // valid grant type - 'client_id' => 'Test Client ID', // valid client id - 'client_secret' => 'TestSecret', // valid client secret - 'refresh_token' => 'test-refreshtoken', // valid refresh token - )); - $token = $server->grantAccessToken($request, new Response()); - $this->assertTrue(isset($token['refresh_token']), 'refresh token should always refresh'); - - $used_token = $this->storage->getRefreshToken('test-refreshtoken'); - $this->assertNotNull($used_token, 'the refresh token used is still valid'); - } - - public function testValidRefreshTokenWithNoRefreshTokenInResponse() - { - $server = $this->getTestServer(); - $server->addGrantType(new RefreshToken($this->storage, array('always_issue_new_refresh_token' => false))); - - $request = TestRequest::createPost(array( - 'grant_type' => 'refresh_token', // valid grant type - 'client_id' => 'Test Client ID', // valid client id - 'client_secret' => 'TestSecret', // valid client secret - 'refresh_token' => 'test-refreshtoken', // valid refresh token - )); - $token = $server->grantAccessToken($request, new Response()); - $this->assertFalse(isset($token['refresh_token']), 'refresh token should not be returned'); - - $used_token = $this->storage->getRefreshToken('test-refreshtoken'); - $this->assertNotNull($used_token, 'the refresh token used is still valid'); - } - - public function testValidRefreshTokenSameScope() - { - $server = $this->getTestServer(); - $request = TestRequest::createPost(array( - 'grant_type' => 'refresh_token', // valid grant type - 'client_id' => 'Test Client ID', // valid client id - 'client_secret' => 'TestSecret', // valid client secret - 'refresh_token' => 'test-refreshtoken-with-scope', // valid refresh token (with scope) - 'scope' => 'scope2 scope1', - )); - $token = $server->grantAccessToken($request, new Response()); - - $this->assertNotNull($token); - $this->assertArrayHasKey('access_token', $token); - $this->assertArrayHasKey('scope', $token); - $this->assertEquals($token['scope'], 'scope2 scope1'); - } - - public function testValidRefreshTokenLessScope() - { - $server = $this->getTestServer(); - $request = TestRequest::createPost(array( - 'grant_type' => 'refresh_token', // valid grant type - 'client_id' => 'Test Client ID', // valid client id - 'client_secret' => 'TestSecret', // valid client secret - 'refresh_token' => 'test-refreshtoken-with-scope', // valid refresh token (with scope) - 'scope' => 'scope1', - )); - $token = $server->grantAccessToken($request, new Response()); - - $this->assertNotNull($token); - $this->assertArrayHasKey('access_token', $token); - $this->assertArrayHasKey('scope', $token); - $this->assertEquals($token['scope'], 'scope1'); - } - - public function testValidRefreshTokenDifferentScope() - { - $server = $this->getTestServer(); - $request = TestRequest::createPost(array( - 'grant_type' => 'refresh_token', // valid grant type - 'client_id' => 'Test Client ID', // valid client id - 'client_secret' => 'TestSecret', // valid client secret - 'refresh_token' => 'test-refreshtoken-with-scope', // valid refresh token (with scope) - 'scope' => 'scope3', - )); - $token = $server->grantAccessToken($request, $response = new Response()); - - $this->assertEquals($response->getStatusCode(), 400); - $this->assertEquals($response->getParameter('error'), 'invalid_scope'); - $this->assertEquals($response->getParameter('error_description'), 'The scope requested is invalid for this request'); - } - - public function testValidRefreshTokenInvalidScope() - { - $server = $this->getTestServer(); - $request = TestRequest::createPost(array( - 'grant_type' => 'refresh_token', // valid grant type - 'client_id' => 'Test Client ID', // valid client id - 'client_secret' => 'TestSecret', // valid client secret - 'refresh_token' => 'test-refreshtoken-with-scope', // valid refresh token (with scope) - 'scope' => 'invalid-scope', - )); - $token = $server->grantAccessToken($request, $response = new Response()); - - $this->assertEquals($response->getStatusCode(), 400); - $this->assertEquals($response->getParameter('error'), 'invalid_scope'); - $this->assertEquals($response->getParameter('error_description'), 'The scope requested is invalid for this request'); - } - - public function testValidClientDifferentRefreshToken() - { - $server = $this->getTestServer(); - $request = TestRequest::createPost(array( - 'grant_type' => 'refresh_token', // valid grant type - 'client_id' => 'Test Some Other Client', // valid client id - 'client_secret' => 'TestSecret3', // valid client secret - 'refresh_token' => 'test-refreshtoken', // valid refresh token - )); - $token = $server->grantAccessToken($request, $response = new Response()); - - $this->assertEquals($response->getStatusCode(), 400); - $this->assertEquals($response->getParameter('error'), 'invalid_grant'); - $this->assertEquals($response->getParameter('error_description'), 'refresh_token doesn\'t exist or is invalid for the client'); - } - - private function getTestServer() - { - $this->storage = Bootstrap::getInstance()->getMemoryStorage(); - $server = new Server($this->storage); - - return $server; - } -} -- cgit v1.2.3