/
AuthorizeTest.php
99 lines (79 loc) · 2.59 KB
/
AuthorizeTest.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
<?php
declare(strict_types=1);
namespace SimpleSAML\Test\Module\authorize\Controller;
use PHPUnit\Framework\TestCase;
use SimpleSAML\Auth;
use SimpleSAML\Configuration;
use SimpleSAML\Error;
use SimpleSAML\Module\authorize\Controller;
use SimpleSAML\Session;
use SimpleSAML\XHTML\Template;
use Symfony\Component\HttpFoundation\Request;
/**
* Set of tests for the controllers in the "authorize" module.
*
* @package SimpleSAML\Test
*/
class AuthorizeTest extends TestCase
{
/** @psalm-suppress PropertyNotSetInConstructor */
protected Configuration $config;
/** @psalm-suppress PropertyNotSetInConstructor */
protected string $stateId;
/**
* Set up for each test.
* @return void
*/
protected function setUp(): void
{
parent::setUp();
$this->config = Configuration::loadFromArray(
[
'baseurlpath' => 'https://example.org/simplesaml',
'module.enable' => ['authorize' => true],
],
'[ARRAY]',
'simplesaml'
);
$state = [
'StateId' => 'SomeState',
'Source' => ['auth' => 'test'],
'authprocAuthorize_reject_msg' => 'Test Rejected',
'authprocAuthorize_error_url' => true,
'authprocAuthorize_ctx' => 'example',
];
$this->stateId = Auth\State::saveState($state, 'authorize:Authorize');
Configuration::setPreLoadedConfig($this->config, 'config.php');
}
/**
* Test that a valid requests results in a HTTP/403 Forbidden page with translated messages
* @return void
*/
public function testValidRequest()
{
$request = Request::create(
'/',
'GET',
['StateId' => $this->stateId]
);
$session = Session::getSessionFromRequest();
$c = new Controller\Authorize($this->config, $session);
/** @var \SimpleSAML\XHTML\Template $response */
$response = $c->forbidden($request);
$this->assertInstanceOf(Template::class, $response);
$this->assertTrue($response->isForbidden());
}
/**
* Test that a request with a missing StateId throws an exception
* @return void
*/
public function testMissingStateIdThrowsException()
{
$request = new Request();
$session = Session::getSessionFromRequest();
$c = new Controller\Authorize($this->config, $session);
$this->expectException(Error\BadRequest::class);
$this->expectExceptionMessage('Missing required StateId query parameter.');
$c->forbidden($request);
}
}