Tests fixed

.travis.yml

@@ -12,7 +12,6 @@ addons:
     - op
 
 php:
-    - 7.2
     - 7.3
     - nightly
 

phpstan.neon

@@ -7,6 +7,7 @@ parameters:
         - %currentWorkingDirectory%/src/*Bundle/var/*
         - %currentWorkingDirectory%/src/Component/*/Tests/*
     ignoreErrors:
+        - '#Method OAuth2Framework\\Component\\OpenIdConnect\\UserInfo\\Claim\\ClaimManager\:\:list\(\) should return array<OAuth2Framework\\Component\\OpenIdConnect\\UserInfo\\Claim\\Claim> but returns array.*\.#'
         - '#Parameter .* of method .* expects Symfony\\Component\\Config\\Definition\\Builder\\ArrayNodeDefinition, Symfony\\Component\\Config\\Definition\\Builder\\NodeDefinition given.#'
         - '#Call to an undefined method Symfony\\Component\\Config\\Definition\\Builder\\NodeDefinition::(.*)\(\)#'
         - '#Return type .* of method .* should be covariant with return type .* of method .*#'

src/Component/AuthorizationCodeGrant/composer.json

@@ -20,7 +20,7 @@
         "oauth2-framework/authorization-endpoint": "^1.0",
         "oauth2-framework/core": "^1.0",
         "oauth2-framework/token-endpoint": "^1.0",
-        "spomky-labs/base64url": "^1.0"
+        "spomky-labs/base64url": "^1.0|^2.0"
     },
     "require-dev": {
         "phpunit/phpunit": "^8.0"

src/Component/AuthorizationEndpoint/Tests/AuthorizationEndpointTest.php

@@ -272,6 +272,7 @@ private function getAuthorizationRequestStorage(AuthorizationRequest $authorizat
         $authorizationRequestStorage->getId(Argument::type(ServerRequestInterface::class))->willReturn('___ID___');
         $authorizationRequestStorage->get(Argument::containingString('___ID___'))->willReturn($authorizationRequest);
         $authorizationRequestStorage->has(Argument::containingString('___ID___'))->willReturn(true);
+        $authorizationRequestStorage->remove(Argument::containingString('___ID___'))->will(function () {});
         $authorizationRequestStorage->set(Argument::containingString('___ID___'), Argument::type(AuthorizationRequest::class))->will(function () {});
 
         return $authorizationRequestStorage->reveal();

src/Component/ClientRegistrationEndpoint/composer.json

@@ -24,7 +24,7 @@
         "psr/http-factory": "^1.0",
         "psr/http-server-handler": "^1.0",
         "psr/http-server-middleware": "^1.0",
-        "spomky-labs/base64url": "^1.0",
+        "spomky-labs/base64url": "^1.0|^2.0",
         "web-token/jwt-signature": "^2.0",
         "web-token/jwt-core": "^2.0"
     },

src/Component/Core/DataBag/DataBag.php

@@ -15,6 +15,7 @@
 
 use ArrayIterator;
 use Assert\Assertion;
+use function Safe\json_decode;
 
 class DataBag implements \IteratorAggregate, \Countable, \JsonSerializable
 {

src/Component/OpenIdConnect/UserInfoEndpoint/UserInfoEndpoint.php

@@ -119,12 +119,12 @@ private function buildUserinfoContent(Client $client, UserAccount $userAccount,
         $requestedClaims = $this->getEndpointClaims($accessToken);
         $idTokenBuilder = $this->idTokenBuilderFactory->createBuilder($client, $userAccount, $accessToken->getMetadata()->get('redirect_uri'));
 
-        if ($client->has('userinfo_signed_response_alg') && null !== $this->jwsBuilder) {
+        if (null !== $this->jwsBuilder && null !== $this->signatureKeys && $client->has('userinfo_signed_response_alg')) {
             $isJwt = true;
             $signatureAlgorithm = $client->get('userinfo_signed_response_alg');
             $idTokenBuilder->withSignature($this->jwsBuilder, $this->signatureKeys, $signatureAlgorithm);
         }
-        if ($client->has('userinfo_encrypted_response_alg') && $client->has('userinfo_encrypted_response_enc') && null !== $this->jweBuilder) {
+        if (null !== $this->jweBuilder && $client->has('userinfo_encrypted_response_alg') && $client->has('userinfo_encrypted_response_enc')) {
             $isJwt = true;
             $keyEncryptionAlgorithm = $client->get('userinfo_encrypted_response_alg');
             $contentEncryptionAlgorithm = $client->get('userinfo_encrypted_response_enc');

src/Component/RefreshTokenGrant/RefreshTokenGrantType.php

@@ -13,6 +13,7 @@
 
 namespace OAuth2Framework\Component\RefreshTokenGrant;
 
+use Assert\Assertion;
 use OAuth2Framework\Component\Core\Client\Client;
 use OAuth2Framework\Component\Core\Message\OAuth2Error;
 use OAuth2Framework\Component\Core\Util\RequestBodyParser;
@@ -72,9 +73,11 @@ public function grant(ServerRequestInterface $request, GrantTypeData $grantTypeD
 
         $grantTypeData->setResourceOwnerId($token->getResourceOwnerId());
         foreach ($token->getMetadata() as $k => $v) {
+            Assertion::string($k, 'Invalid key');
             $grantTypeData->getMetadata()->set($k, $v);
         }
         foreach ($token->getParameter() as $k => $v) {
+            Assertion::string($k, 'Invalid key');
             $grantTypeData->getParameter()->set($k, $v);
         }
     }

src/Component/RefreshTokenGrant/composer.json

@@ -19,7 +19,7 @@
         "php": "^7.3",
         "oauth2-framework/core": "^1.0",
         "oauth2-framework/token-endpoint": "^1.0",
-        "spomky-labs/base64url": "^1.0"
+        "spomky-labs/base64url": "^1.0|^2.0"
     },
     "require-dev": {
         "phpunit/phpunit": "^8.0"

src/Component/WebFingerEndpoint/WebFingerEndpoint.php

@@ -102,12 +102,12 @@ private function filterLinks(ServerRequestInterface $request, ResourceDescriptor
             return $data;
         }
 
-        $data['links'] = array_filter($data['links'], function (Link $link) use ($rels): ?Link {
+        $data['links'] = array_filter($data['links'], static function (Link $link) use ($rels): bool {
             if (\in_array($link->getRel(), $rels, true)) {
-                return $link;
+                return true;
             }
 
-            return null;
+            return false;
         });
 
         if (0 === \count($data['links'])) {

src/SecurityBundle/DependencyInjection/OAuth2FrameworkSecurityExtension.php

@@ -26,21 +26,6 @@
 
 final class OAuth2FrameworkSecurityExtension extends Extension
 {
-    /**
-     * @var string
-     */
-    private $alias;
-
-    public function __construct(string $alias)
-    {
-        $this->alias = $alias;
-    }
-
-    public function getAlias(): string
-    {
-        return $this->alias;
-    }
-
     public function load(array $configs, ContainerBuilder $container): void
     {
         $processor = new Processor();
@@ -54,7 +39,7 @@ public function load(array $configs, ContainerBuilder $container): void
         $loader = new PhpFileLoader($container, new FileLocator(__DIR__.'/../Resources/config/'));
         $loader->load('security.php');
 
-        if (true === $config['bearer_token']['enabled'] && class_exists(BearerToken::class)) {
+        /*if (true === $config['bearer_token']['enabled'] && class_exists(BearerToken::class)) {
             $container->setParameter('oauth2_security.token_type.bearer_token.realm', $config['bearer_token']['realm']);
             $loader->load('bearer_token.php');
 
@@ -68,18 +53,13 @@ public function load(array $configs, ContainerBuilder $container): void
             if (true === $bearerTokenConfig['request_body']) {
                 $loader->load('request_body_token_finder.php');
             }
-        }
-        if (class_exists(MacToken::class) && $config['mac_token']['enabled']) {
+        }*/
+        /*if (class_exists(MacToken::class) && $config['mac_token']['enabled']) {
             $container->setParameter('oauth2_security.token_type.mac_token.min_length', $config['mac_token']['min_length']);
             $container->setParameter('oauth2_security.token_type.mac_token.max_length', $config['mac_token']['max_length']);
             $container->setParameter('oauth2_security.token_type.mac_token.algorithm', $config['mac_token']['algorithm']);
             $container->setParameter('oauth2_security.token_type.mac_token.timestamp_lifetime', $config['mac_token']['timestamp_lifetime']);
             $loader->load('mac_token.php');
-        }
-    }
-
-    public function getConfiguration(array $configs, ContainerBuilder $container): ConfigurationInterface
-    {
-        return new Configuration($this->getAlias());
+        }*/
     }
 }

src/SecurityBundle/OAuth2FrameworkSecurityBundle.php

@@ -29,7 +29,7 @@ final class OAuth2FrameworkSecurityBundle extends Bundle
 {
     public function getContainerExtension(): ExtensionInterface
     {
-        return new OAuth2FrameworkSecurityExtension('oauth2_security');
+        return new OAuth2FrameworkSecurityExtension();
     }
 
     public function build(ContainerBuilder $container): void

src/SecurityBundle/Security/Factory/OAuth2SecurityFactory.php

@@ -31,7 +31,7 @@ final class OAuth2SecurityFactory implements SecurityFactoryInterface
      * @param string           $id
      * @param array            $config
      * @param string           $userProviderId
-     * @param string           $defaultEntryPointId
+     * @param null|string      $defaultEntryPointId
      *
      * @return array
      */

src/SecurityBundle/Tests/TestBundle/Controller/ApiController.php

@@ -15,10 +15,10 @@
 
 use OAuth2Framework\Component\Core\AccessToken\AccessToken;
 use OAuth2Framework\SecurityBundle\Annotation\OAuth2;
-use Symfony\Component\Routing\Annotation\Route;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\HttpFoundation\JsonResponse;
 use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Routing\Annotation\Route;
 
 /**
  * @Route("/api")

src/SecurityBundle/Tests/config/config_test.yml

@@ -1,6 +1,5 @@
 imports:
     - { resource: security.yml }
-    - { resource: oauth2_security.yml }
 
 framework:
     test: ~

src/SecurityBundle/Tests/config/security.yml

@@ -14,4 +14,7 @@ security:
             pattern: '^/api'
             stateless: true
             anonymous: true
-            oauth2: true
+            oauth2:
+                bearer_token:
+                    enabled: true
+                    realm: 'Protected API'

src/ServerBundle/Doctrine/Type/DatabagType.php

@@ -17,6 +17,7 @@
 use Doctrine\DBAL\Platforms\AbstractPlatform;
 use Doctrine\DBAL\Types\Type;
 use OAuth2Framework\Component\Core\DataBag\DataBag;
+use function Safe\json_encode;
 
 final class DatabagType extends Type
 {

src/ServerBundle/OAuth2FrameworkServerBundle.php

@@ -18,6 +18,7 @@
 use OAuth2Framework\Component\ClientRegistrationEndpoint\AbstractInitialAccessToken;
 use OAuth2Framework\Component\RefreshTokenGrant\AbstractRefreshToken;
 use OAuth2Framework\ServerBundle\DependencyInjection\OAuth2FrameworkExtension;
+use function Safe\realpath;
 use Symfony\Component\DependencyInjection\ContainerBuilder;
 use Symfony\Component\DependencyInjection\Extension\ExtensionInterface;
 use Symfony\Component\HttpKernel\Bundle\Bundle;

src/ServerBundle/Tests/Functional/DataFixtureTestCase.php

@@ -0,0 +1,88 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2014-2019 Spomky-Labs
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license.  See the LICENSE file for details.
+ */
+
+namespace OAuth2Framework\ServerBundle\Tests\Functional;
+
+use Doctrine\ORM\EntityManager;
+use Symfony\Bundle\FrameworkBundle\Client;
+use Symfony\Bundle\FrameworkBundle\Console\Application;
+use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
+use Symfony\Component\Console\Input\StringInput;
+use Symfony\Component\DependencyInjection\ContainerInterface;
+
+/**
+ * @internal
+ */
+class DataFixtureTestCase extends WebTestCase
+{
+    /** @var Application $application */
+    protected static $application;
+
+    /** @var Client $client */
+    protected $client;
+
+    /** @var ContainerInterface $container */
+    protected $container;
+
+    /** @var EntityManager $entityManager */
+    protected $entityManager;
+
+    /**
+     * {@inheritdoc}
+     */
+    public function setUp(): void
+    {
+        self::runCommand('doctrine:database:drop --force');
+        self::runCommand('doctrine:database:create');
+        self::runCommand('doctrine:schema:create');
+        self::runCommand('doctrine:fixtures:load --append --no-interaction');
+
+        $this->client = static::createClient();
+        $this->container = $this->client->getContainer();
+        $this->entityManager = $this->container->get('doctrine.orm.entity_manager');
+
+        parent::setUp();
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function tearDown()
+    {
+        self::runCommand('doctrine:database:drop --force');
+
+        parent::tearDown();
+
+        $this->entityManager->close();
+        $this->entityManager = null; // avoid memory leaks
+    }
+
+    protected static function runCommand($command)
+    {
+        $command = sprintf('%s --quiet', $command);
+
+        return self::getApplication()->run(new StringInput($command));
+    }
+
+    protected static function getApplication()
+    {
+        if (null === self::$application) {
+            $client = static::createClient();
+
+            self::$application = new Application($client->getKernel());
+            self::$application->setAutoExit(false);
+        }
+
+        return self::$application;
+    }
+}