Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Added 1 more test and yupdated unit tests

  • Loading branch information...
commit dc12dfb8ffc51528364fa60df1d1619463a074be 1 parent 469d70d
@catchdave catchdave authored
Showing with 24 additions and 13 deletions.
  1. +1 −1  lib/OAuth2.php
  2. +19 −0 tests/OAuth2OutputTest.php
  3. +4 −12 tests/OAuth2Test.php
View
2  lib/OAuth2.php
@@ -609,7 +609,7 @@ public function grantAccessToken(array $inputData = NULL, array $authHeaders = N
throw new OAuth2ServerException(self::HTTP_BAD_REQUEST, self::ERROR_INVALID_REQUEST, 'Missing parameter. "code" is required');
if ($this->getVariable(self::CONFIG_ENFORCE_INPUT_REDIRECT) && !$input["redirect_uri"])
- throw new OAuth2ServerException(self::HTTP_BAD_REQUEST, self::ERROR_REDIRECT_URI_MISMATCH, "The redirect URI parameter is required.");
+ throw new OAuth2ServerException(self::HTTP_BAD_REQUEST, self::ERROR_INVALID_REQUEST, "The redirect URI parameter is required.");
$stored = $this->storage->getAuthCode($input["code"]);
View
19 tests/OAuth2OutputTest.php
@@ -32,6 +32,25 @@ public function testGrantAccessTokenWithGrantAuthCodeSuccess() {
$this->fixture->grantAccessToken($inputData, array());
}
+ /**
+ * Tests OAuth2->grantAccessToken() with successful Auth code grant, but without redreict_uri in the input
+ */
+ public function testGrantAccessTokenWithGrantAuthCodeSuccessWithoutRedirect() {
+ $inputData = array('grant_type' => OAuth2::GRANT_TYPE_AUTH_CODE, 'client_id' => 'my_little_app', 'client_secret' => 'b', 'code'=> 'foo');
+ $storedToken = array('redirect_uri' => 'http://www.example.com', 'client_id' => 'my_little_app', 'expires' => time() + 60);
+
+ $mockStorage = $this->createBaseMock('IOAuth2GrantCode');
+ $mockStorage->expects($this->any())
+ ->method('getAuthCode')
+ ->will($this->returnValue($storedToken));
+
+ // Successful token grant will return a JSON encoded token:
+ $this->expectOutputRegex('/{"access_token":".*","expires_in":\d+,"token_type":"bearer"/');
+ $this->fixture = new OAuth2($mockStorage);
+ $this->fixture->setVariable(OAuth2::CONFIG_ENFORCE_INPUT_REDIRECT, false);
+ $this->fixture->grantAccessToken($inputData, array());
+ }
+
// Utility methods
/**
View
16 tests/OAuth2Test.php
@@ -181,16 +181,6 @@ public function testGrantAccessTokenCheckClientCredentials() {
} catch ( OAuth2ServerException $e ) {
$this->assertNotEquals(OAuth2::ERROR_INVALID_CLIENT, $e->getMessage());
}
-
- // Confirm Auth header checks client_id in body
- $authHeaders = array('PHP_AUTH_USER' => 'dev-abc', 'PHP_AUTH_PW' => 'pass');
- $inputData = array('grant_type' => OAuth2::GRANT_TYPE_AUTH_CODE, 'client_id' => 'someone-else');
- try {
- $this->fixture->grantAccessToken($inputData, $authHeaders);
- $this->fail('The expected exception OAuth2ServerException was not thrown');
- } catch ( OAuth2ServerException $e ) {
- $this->assertEquals(OAuth2::ERROR_INVALID_CLIENT, $e->getMessage());
- }
}
/**
@@ -200,10 +190,13 @@ public function testGrantAccessTokenCheckClientCredentials() {
public function testGrantAccessTokenWithGrantAuthCodeMandatoryParams() {
$mockStorage = $this->createBaseMock('IOAuth2GrantCode');
$inputData = array('grant_type' => OAuth2::GRANT_TYPE_AUTH_CODE, 'client_id' => 'a', 'client_secret' => 'b');
+ $fakeAuthCode = array('client_id' => $inputData['client_id'], 'redirect_uri' => '/foo', 'expires' => time() + 60);
+ $fakeAccessToken = array('access_token' => 'abcde');
// Ensure redirect URI and auth-code is mandatory
try {
$this->fixture = new OAuth2($mockStorage);
+ $this->fixture->setVariable(OAuth2::CONFIG_ENFORCE_INPUT_REDIRECT, true); // Only required when this is set
$this->fixture->grantAccessToken($inputData + array('code' => 'foo'), array());
$this->fail('The expected exception OAuth2ServerException was not thrown');
} catch ( OAuth2ServerException $e ) {
@@ -216,7 +209,6 @@ public function testGrantAccessTokenWithGrantAuthCodeMandatoryParams() {
} catch ( OAuth2ServerException $e ) {
$this->assertEquals(OAuth2::ERROR_INVALID_REQUEST, $e->getMessage());
}
-
}
/**
@@ -259,7 +251,7 @@ public function testGrantAccessTokenWithGrantAuthCodeRedirectChecked() {
$this->fail('The expected exception OAuth2ServerException was not thrown');
}
catch ( OAuth2ServerException $e ) {
- $this->assertEquals(OAuth2::ERROR_INVALID_GRANT, $e->getMessage());
+ $this->assertEquals(OAuth2::ERROR_REDIRECT_URI_MISMATCH, $e->getMessage());
}
}
Please sign in to comment.
Something went wrong with that request. Please try again.