OAuthTest.php 8.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243
  1. <?php
  2. /*
  3. * This file is part of the overtrue/socialite.
  4. *
  5. * (c) overtrue <i@overtrue.me>
  6. *
  7. * This source file is subject to the MIT license that is bundled
  8. * with this source code in the file LICENSE.
  9. */
  10. use Mockery as m;
  11. use Overtrue\Socialite\AccessTokenInterface;
  12. use Overtrue\Socialite\Providers\AbstractProvider;
  13. use Overtrue\Socialite\User;
  14. use PHPUnit\Framework\TestCase;
  15. use Symfony\Component\HttpFoundation\Request;
  16. class OAuthTest extends TestCase
  17. {
  18. public function tearDown()
  19. {
  20. m::close();
  21. }
  22. public function testAbstractProviderBackwardCompatible()
  23. {
  24. $request = Request::create('foo');
  25. $request->setSession($session = m::mock('Symfony\Component\HttpFoundation\Session\SessionInterface'));
  26. $session->shouldReceive('put')->once();
  27. $provider = new OAuthTwoTestProviderStub($request, 'client_id', 'client_secret', 'redirect');
  28. $this->assertSame('client_id', $provider->getConfig()['client_id']);
  29. $this->assertSame('client_secret', $provider->getConfig()['client_secret']);
  30. $this->assertSame('redirect', $provider->getConfig()['redirect']);
  31. $response = $provider->redirect();
  32. $this->assertInstanceOf('Symfony\Component\HttpFoundation\RedirectResponse', $response);
  33. $this->assertSame('http://auth.url', $response->getTargetUrl());
  34. }
  35. public function testRedirectGeneratesTheProperSymfonyRedirectResponse()
  36. {
  37. $request = Request::create('foo');
  38. $request->setSession($session = m::mock('Symfony\Component\HttpFoundation\Session\SessionInterface'));
  39. $session->shouldReceive('put')->once();
  40. $provider = new OAuthTwoTestProviderStub(
  41. $request, [
  42. 'client_id' => 'client_id',
  43. 'client_secret' => 'client_secret',
  44. 'redirect' => 'redirect',
  45. ]
  46. );
  47. $response = $provider->redirect();
  48. $this->assertInstanceOf('Symfony\Component\HttpFoundation\RedirectResponse', $response);
  49. $this->assertSame('http://auth.url', $response->getTargetUrl());
  50. }
  51. public function testRedirectUrl()
  52. {
  53. $request = Request::create('foo', 'GET', ['state' => str_repeat('A', 40), 'code' => 'code']);
  54. $request->setSession($session = m::mock('Symfony\Component\HttpFoundation\Session\SessionInterface'));
  55. $provider = new OAuthTwoTestProviderStub(
  56. $request, [
  57. 'client_id' => 'client_id',
  58. 'client_secret' => 'client_secret',
  59. ]
  60. );
  61. $this->assertNull($provider->getRedirectUrl());
  62. $provider = new OAuthTwoTestProviderStub(
  63. $request, [
  64. 'client_id' => 'client_id',
  65. 'client_secret' => 'client_secret',
  66. 'redirect' => 'redirect_uri',
  67. ]
  68. );
  69. $this->assertSame('redirect_uri', $provider->getRedirectUrl());
  70. $provider->setRedirectUrl('overtrue.me');
  71. $this->assertSame('overtrue.me', $provider->getRedirectUrl());
  72. $provider->withRedirectUrl('http://overtrue.me');
  73. $this->assertSame('http://overtrue.me', $provider->getRedirectUrl());
  74. }
  75. public function testUserReturnsAUserInstanceForTheAuthenticatedRequest()
  76. {
  77. $request = Request::create('foo', 'GET', ['state' => str_repeat('A', 40), 'code' => 'code']);
  78. $request->setSession($session = m::mock('Symfony\Component\HttpFoundation\Session\SessionInterface'));
  79. $session->shouldReceive('get')->once()->with('state')->andReturn(str_repeat('A', 40));
  80. $provider = new OAuthTwoTestProviderStub(
  81. $request, [
  82. 'client_id' => 'client_id',
  83. 'client_secret' => 'client_secret',
  84. 'redirect' => 'redirect_uri',
  85. ]
  86. );
  87. $provider->http = m::mock('StdClass');
  88. $provider->http->shouldReceive('post')->once()->with(
  89. 'http://token.url',
  90. [
  91. 'headers' => ['Accept' => 'application/json'],
  92. 'form_params' => [
  93. 'client_id' => 'client_id',
  94. 'client_secret' => 'client_secret',
  95. 'code' => 'code',
  96. 'redirect_uri' => 'redirect_uri',
  97. ],
  98. ]
  99. )->andReturn($response = m::mock('StdClass'));
  100. $response->shouldReceive('getBody')->once()->andReturn('{"access_token":"access_token"}');
  101. $user = $provider->user();
  102. $this->assertInstanceOf('Overtrue\Socialite\User', $user);
  103. $this->assertSame('foo', $user->getId());
  104. }
  105. /**
  106. * @expectedException \Overtrue\Socialite\InvalidStateException
  107. */
  108. public function testExceptionIsThrownIfStateIsInvalid()
  109. {
  110. $request = Request::create('foo', 'GET', ['state' => str_repeat('B', 40), 'code' => 'code']);
  111. $request->setSession($session = m::mock('Symfony\Component\HttpFoundation\Session\SessionInterface'));
  112. $session->shouldReceive('get')->once()->with('state')->andReturn(str_repeat('A', 40));
  113. $provider = new OAuthTwoTestProviderStub(
  114. $request, [
  115. 'client_id' => 'client_id',
  116. 'client_secret' => 'client_secret',
  117. 'redirect' => 'redirect',
  118. ]
  119. );
  120. $user = $provider->user();
  121. }
  122. /**
  123. * @expectedException \Overtrue\Socialite\AuthorizeFailedException
  124. * @expectedExceptionMessage Authorize Failed: {"error":"scope is invalid"}
  125. */
  126. public function testExceptionisThrownIfAuthorizeFailed()
  127. {
  128. $request = Request::create('foo', 'GET', ['state' => str_repeat('A', 40), 'code' => 'code']);
  129. $request->setSession($session = m::mock('Symfony\Component\HttpFoundation\Session\SessionInterface'));
  130. $session->shouldReceive('get')->once()->with('state')->andReturn(str_repeat('A', 40));
  131. $provider = new OAuthTwoTestProviderStub(
  132. $request, [
  133. 'client_id' => 'client_id',
  134. 'client_secret' => 'client_secret',
  135. 'redirect' => 'redirect_uri',
  136. ]
  137. );
  138. $provider->http = m::mock('StdClass');
  139. $provider->http->shouldReceive('post')->once()->with(
  140. 'http://token.url',
  141. [
  142. 'headers' => ['Accept' => 'application/json'],
  143. 'form_params' => [
  144. 'client_id' => 'client_id',
  145. 'client_secret' => 'client_secret',
  146. 'code' => 'code',
  147. 'redirect_uri' => 'redirect_uri',
  148. ],
  149. ]
  150. )->andReturn($response = m::mock('StdClass'));
  151. $response->shouldReceive('getBody')->once()->andReturn('{"error":"scope is invalid"}');
  152. $user = $provider->user();
  153. }
  154. /**
  155. * @expectedException \Overtrue\Socialite\InvalidStateException
  156. */
  157. public function testExceptionIsThrownIfStateIsNotSet()
  158. {
  159. $request = Request::create('foo', 'GET', ['state' => 'state', 'code' => 'code']);
  160. $request->setSession($session = m::mock('Symfony\Component\HttpFoundation\Session\SessionInterface'));
  161. $session->shouldReceive('get')->once()->with('state');
  162. $provider = new OAuthTwoTestProviderStub(
  163. $request, [
  164. 'client_id' => 'client_id',
  165. 'client_secret' => 'client_secret',
  166. 'redirect' => 'redirect',
  167. ]
  168. );
  169. $user = $provider->user();
  170. }
  171. public function testDriverName()
  172. {
  173. $request = Request::create('foo', 'GET', ['state' => 'state', 'code' => 'code']);
  174. $provider = new OAuthTwoTestProviderStub(
  175. $request, [
  176. 'client_id' => 'client_id',
  177. 'client_secret' => 'client_secret',
  178. 'redirect' => 'redirect',
  179. ]
  180. );
  181. $this->assertSame('OAuthTwoTest', $provider->getName());
  182. }
  183. }
  184. class OAuthTwoTestProviderStub extends AbstractProvider
  185. {
  186. public $http;
  187. protected function getAuthUrl($state)
  188. {
  189. return 'http://auth.url';
  190. }
  191. protected function getTokenUrl()
  192. {
  193. return 'http://token.url';
  194. }
  195. protected function getUserByToken(AccessTokenInterface $token)
  196. {
  197. return ['id' => 'foo'];
  198. }
  199. protected function mapUserToObject(array $user)
  200. {
  201. return new User(['id' => $user['id']]);
  202. }
  203. /**
  204. * Get a fresh instance of the Guzzle HTTP client.
  205. *
  206. * @return \GuzzleHttp\Client
  207. */
  208. protected function getHttpClient()
  209. {
  210. if ($this->http) {
  211. return $this->http;
  212. }
  213. return $this->http = m::mock('StdClass');
  214. }
  215. }