[6351] | 1 | <?php |
---|
| 2 | require __DIR__ . '/../lib/OAuth2.php'; |
---|
| 3 | require __DIR__ . '/../lib/IOAuth2Storage.php'; |
---|
| 4 | require __DIR__ . '/../lib/IOAuth2GrantCode.php'; |
---|
| 5 | |
---|
| 6 | /** |
---|
| 7 | * OAuth2 test case. |
---|
| 8 | */ |
---|
| 9 | class OAuth2Test extends PHPUnit_Framework_TestCase { |
---|
| 10 | |
---|
| 11 | /** |
---|
| 12 | * @var OAuth2 |
---|
| 13 | */ |
---|
| 14 | private $fixture; |
---|
| 15 | |
---|
| 16 | /** |
---|
| 17 | * The actual token ID is irrelevant, so choose one: |
---|
| 18 | * @var string |
---|
| 19 | */ |
---|
| 20 | private $tokenId = 'my_token'; |
---|
| 21 | |
---|
| 22 | /** |
---|
| 23 | * Tests OAuth2->verifyAccessToken() with a missing token |
---|
| 24 | */ |
---|
| 25 | public function testVerifyAccessTokenWithNoParam() { |
---|
| 26 | $mockStorage = $this->getMock('IOAuth2Storage'); |
---|
| 27 | $this->fixture = new OAuth2($mockStorage); |
---|
| 28 | |
---|
| 29 | $scope = null; |
---|
| 30 | $this->setExpectedException('OAuth2AuthenticateException'); |
---|
| 31 | $this->fixture->verifyAccessToken('', $scope); |
---|
| 32 | } |
---|
| 33 | |
---|
| 34 | /** |
---|
| 35 | * Tests OAuth2->verifyAccessToken() with a invalid token |
---|
| 36 | */ |
---|
| 37 | public function testVerifyAccessTokenInvalidToken() { |
---|
| 38 | |
---|
| 39 | // Set up the mock storage to say this token does not exist |
---|
| 40 | $mockStorage = $this->getMock('IOAuth2Storage'); |
---|
| 41 | $mockStorage->expects($this->once()) |
---|
| 42 | ->method('getAccessToken') |
---|
| 43 | ->will($this->returnValue(false)); |
---|
| 44 | |
---|
| 45 | $this->fixture = new OAuth2($mockStorage); |
---|
| 46 | |
---|
| 47 | $scope = null; |
---|
| 48 | $this->setExpectedException('OAuth2AuthenticateException'); |
---|
| 49 | $this->fixture->verifyAccessToken($this->tokenId, $scope); |
---|
| 50 | } |
---|
| 51 | |
---|
| 52 | /** |
---|
| 53 | * Tests OAuth2->verifyAccessToken() with a malformed token |
---|
| 54 | * |
---|
| 55 | * @dataProvider generateMalformedTokens |
---|
| 56 | */ |
---|
| 57 | public function testVerifyAccessTokenMalformedToken($token) { |
---|
| 58 | |
---|
| 59 | // Set up the mock storage to say this token does not exist |
---|
| 60 | $mockStorage = $this->getMock('IOAuth2Storage'); |
---|
| 61 | $mockStorage->expects($this->once()) |
---|
| 62 | ->method('getAccessToken') |
---|
| 63 | ->will($this->returnValue($token)); |
---|
| 64 | |
---|
| 65 | $this->fixture = new OAuth2($mockStorage); |
---|
| 66 | |
---|
| 67 | $scope = null; |
---|
| 68 | $this->setExpectedException('OAuth2AuthenticateException'); |
---|
| 69 | $this->fixture->verifyAccessToken($this->tokenId, $scope); |
---|
| 70 | } |
---|
| 71 | |
---|
| 72 | /** |
---|
| 73 | * Tests OAuth2->verifyAccessToken() with different expiry dates |
---|
| 74 | * |
---|
| 75 | * @dataProvider generateExpiryTokens |
---|
| 76 | */ |
---|
| 77 | public function testVerifyAccessTokenCheckExpiry($token, $expectedToPass) { |
---|
| 78 | |
---|
| 79 | // Set up the mock storage to say this token does not exist |
---|
| 80 | $mockStorage = $this->getMock('IOAuth2Storage'); |
---|
| 81 | $mockStorage->expects($this->once()) |
---|
| 82 | ->method('getAccessToken') |
---|
| 83 | ->will($this->returnValue($token)); |
---|
| 84 | |
---|
| 85 | $this->fixture = new OAuth2($mockStorage); |
---|
| 86 | |
---|
| 87 | $scope = null; |
---|
| 88 | |
---|
| 89 | |
---|
| 90 | // When valid, we just want any sort of token |
---|
| 91 | if ($expectedToPass) { |
---|
| 92 | $actual = $this->fixture->verifyAccessToken($this->tokenId, $scope); |
---|
| 93 | $this->assertNotEmpty($actual, "verifyAccessToken() was expected to PASS, but it failed"); |
---|
| 94 | $this->assertInternalType('array', $actual); |
---|
| 95 | } |
---|
| 96 | else { |
---|
| 97 | $this->setExpectedException('OAuth2AuthenticateException'); |
---|
| 98 | $this->fixture->verifyAccessToken($this->tokenId, $scope); |
---|
| 99 | } |
---|
| 100 | } |
---|
| 101 | |
---|
| 102 | /** |
---|
| 103 | * Tests OAuth2->verifyAccessToken() with different scopes |
---|
| 104 | * |
---|
| 105 | * @dataProvider generateScopes |
---|
| 106 | */ |
---|
| 107 | public function testVerifyAccessTokenCheckScope($scopeRequired, $token, $expectedToPass) { |
---|
| 108 | |
---|
| 109 | // Set up the mock storage to say this token does not exist |
---|
| 110 | $mockStorage = $this->getMock('IOAuth2Storage'); |
---|
| 111 | $mockStorage->expects($this->once()) |
---|
| 112 | ->method('getAccessToken') |
---|
| 113 | ->will($this->returnValue($token)); |
---|
| 114 | |
---|
| 115 | $this->fixture = new OAuth2($mockStorage); |
---|
| 116 | |
---|
| 117 | // When valid, we just want any sort of token |
---|
| 118 | if ($expectedToPass) { |
---|
| 119 | $actual = $this->fixture->verifyAccessToken($this->tokenId, $scopeRequired); |
---|
| 120 | $this->assertNotEmpty($actual, "verifyAccessToken() was expected to PASS, but it failed"); |
---|
| 121 | $this->assertInternalType('array', $actual); |
---|
| 122 | } |
---|
| 123 | else { |
---|
| 124 | $this->setExpectedException('OAuth2AuthenticateException'); |
---|
| 125 | $this->fixture->verifyAccessToken($this->tokenId, $scopeRequired); |
---|
| 126 | } |
---|
| 127 | } |
---|
| 128 | |
---|
| 129 | /** |
---|
| 130 | * Tests OAuth2->grantAccessToken() for missing data |
---|
| 131 | * |
---|
| 132 | * @dataProvider generateEmptyDataForGrant |
---|
| 133 | */ |
---|
| 134 | public function testGrantAccessTokenMissingData($inputData, $authHeaders) { |
---|
| 135 | $mockStorage = $this->getMock('IOAuth2Storage'); |
---|
| 136 | $this->fixture = new OAuth2($mockStorage); |
---|
| 137 | |
---|
| 138 | $this->setExpectedException('OAuth2ServerException'); |
---|
| 139 | $this->fixture->grantAccessToken($inputData, $authHeaders); |
---|
| 140 | } |
---|
| 141 | |
---|
| 142 | /** |
---|
| 143 | * Tests OAuth2->grantAccessToken() |
---|
| 144 | * |
---|
| 145 | * Tests the different ways client credentials can be provided. |
---|
| 146 | */ |
---|
| 147 | public function testGrantAccessTokenCheckClientCredentials() { |
---|
| 148 | $mockStorage = $this->getMock('IOAuth2Storage'); |
---|
| 149 | $mockStorage->expects($this->any()) |
---|
| 150 | ->method('checkClientCredentials') |
---|
| 151 | ->will($this->returnValue(TRUE)); // Always return true for any combination of user/pass |
---|
| 152 | $this->fixture = new OAuth2($mockStorage); |
---|
| 153 | |
---|
| 154 | $inputData = array('grant_type' => OAuth2::GRANT_TYPE_AUTH_CODE); |
---|
| 155 | $authHeaders = array(); |
---|
| 156 | |
---|
| 157 | // First, confirm that an non-client related error is thrown: |
---|
| 158 | try { |
---|
| 159 | $this->fixture->grantAccessToken($inputData, $authHeaders); |
---|
| 160 | $this->fail('The expected exception OAuth2ServerException was not thrown'); |
---|
| 161 | } catch ( OAuth2ServerException $e ) { |
---|
| 162 | $this->assertEquals(OAuth2::ERROR_INVALID_CLIENT, $e->getMessage()); |
---|
| 163 | } |
---|
| 164 | |
---|
| 165 | // Confirm Auth header |
---|
| 166 | $authHeaders = array('PHP_AUTH_USER' => 'dev-abc', 'PHP_AUTH_PW' => 'pass'); |
---|
| 167 | $inputData = array('grant_type' => OAuth2::GRANT_TYPE_AUTH_CODE, 'client_id' => 'dev-abc'); // When using auth, client_id must match |
---|
| 168 | try { |
---|
| 169 | $this->fixture->grantAccessToken($inputData, $authHeaders); |
---|
| 170 | $this->fail('The expected exception OAuth2ServerException was not thrown'); |
---|
| 171 | } catch ( OAuth2ServerException $e ) { |
---|
| 172 | $this->assertNotEquals(OAuth2::ERROR_INVALID_CLIENT, $e->getMessage()); |
---|
| 173 | } |
---|
| 174 | |
---|
| 175 | // Confirm GET/POST |
---|
| 176 | $authHeaders = array(); |
---|
| 177 | $inputData = array('grant_type' => OAuth2::GRANT_TYPE_AUTH_CODE, 'client_id' => 'dev-abc', 'client_secret' => 'foo'); // When using auth, client_id must match |
---|
| 178 | try { |
---|
| 179 | $this->fixture->grantAccessToken($inputData, $authHeaders); |
---|
| 180 | $this->fail('The expected exception OAuth2ServerException was not thrown'); |
---|
| 181 | } catch ( OAuth2ServerException $e ) { |
---|
| 182 | $this->assertNotEquals(OAuth2::ERROR_INVALID_CLIENT, $e->getMessage()); |
---|
| 183 | } |
---|
| 184 | } |
---|
| 185 | |
---|
| 186 | /** |
---|
| 187 | * Tests OAuth2->grantAccessToken() with Auth code grant |
---|
| 188 | * |
---|
| 189 | */ |
---|
| 190 | public function testGrantAccessTokenWithGrantAuthCodeMandatoryParams() { |
---|
| 191 | $mockStorage = $this->createBaseMock('IOAuth2GrantCode'); |
---|
| 192 | $inputData = array('grant_type' => OAuth2::GRANT_TYPE_AUTH_CODE, 'client_id' => 'a', 'client_secret' => 'b'); |
---|
| 193 | $fakeAuthCode = array('client_id' => $inputData['client_id'], 'redirect_uri' => '/foo', 'expires' => time() + 60); |
---|
| 194 | $fakeAccessToken = array('access_token' => 'abcde'); |
---|
| 195 | |
---|
| 196 | // Ensure redirect URI and auth-code is mandatory |
---|
| 197 | try { |
---|
| 198 | $this->fixture = new OAuth2($mockStorage); |
---|
| 199 | $this->fixture->setVariable(OAuth2::CONFIG_ENFORCE_INPUT_REDIRECT, true); // Only required when this is set |
---|
| 200 | $this->fixture->grantAccessToken($inputData + array('code' => 'foo'), array()); |
---|
| 201 | $this->fail('The expected exception OAuth2ServerException was not thrown'); |
---|
| 202 | } catch ( OAuth2ServerException $e ) { |
---|
| 203 | $this->assertEquals(OAuth2::ERROR_INVALID_REQUEST, $e->getMessage()); |
---|
| 204 | } |
---|
| 205 | try { |
---|
| 206 | $this->fixture = new OAuth2($mockStorage); |
---|
| 207 | $this->fixture->grantAccessToken($inputData + array('redirect_uri' => 'foo'), array()); |
---|
| 208 | $this->fail('The expected exception OAuth2ServerException was not thrown'); |
---|
| 209 | } catch ( OAuth2ServerException $e ) { |
---|
| 210 | $this->assertEquals(OAuth2::ERROR_INVALID_REQUEST, $e->getMessage()); |
---|
| 211 | } |
---|
| 212 | } |
---|
| 213 | |
---|
| 214 | /** |
---|
| 215 | * Tests OAuth2->grantAccessToken() with Auth code grant |
---|
| 216 | * |
---|
| 217 | */ |
---|
| 218 | public function testGrantAccessTokenWithGrantAuthCodeNoToken() { |
---|
| 219 | $mockStorage = $this->createBaseMock('IOAuth2GrantCode'); |
---|
| 220 | $inputData = array('grant_type' => OAuth2::GRANT_TYPE_AUTH_CODE, 'client_id' => 'a', 'client_secret' => 'b', 'redirect_uri' => 'foo', 'code'=> 'foo'); |
---|
| 221 | |
---|
| 222 | // Ensure missing auth code raises an error |
---|
| 223 | try { |
---|
| 224 | $this->fixture = new OAuth2($mockStorage); |
---|
| 225 | $this->fixture->grantAccessToken($inputData + array(), array()); |
---|
| 226 | $this->fail('The expected exception OAuth2ServerException was not thrown'); |
---|
| 227 | } |
---|
| 228 | catch ( OAuth2ServerException $e ) { |
---|
| 229 | $this->assertEquals(OAuth2::ERROR_INVALID_GRANT, $e->getMessage()); |
---|
| 230 | } |
---|
| 231 | } |
---|
| 232 | |
---|
| 233 | /** |
---|
| 234 | * Tests OAuth2->grantAccessToken() with checks the redirect URI |
---|
| 235 | * |
---|
| 236 | */ |
---|
| 237 | public function testGrantAccessTokenWithGrantAuthCodeRedirectChecked() { |
---|
| 238 | $inputData = array('redirect_uri' => 'http://www.crossdomain.com/my/subdir', 'grant_type' => OAuth2::GRANT_TYPE_AUTH_CODE, 'client_id' => 'my_little_app', 'client_secret' => 'b', 'code'=> 'foo'); |
---|
| 239 | $storedToken = array('redirect_uri' => 'http://www.example.com', 'client_id' => 'my_little_app', 'expires' => time() + 60); |
---|
| 240 | |
---|
| 241 | $mockStorage = $this->createBaseMock('IOAuth2GrantCode'); |
---|
| 242 | $mockStorage->expects($this->any()) |
---|
| 243 | ->method('getAuthCode') |
---|
| 244 | ->will($this->returnValue($storedToken)); |
---|
| 245 | |
---|
| 246 | // Ensure that the redirect_uri is checked |
---|
| 247 | try { |
---|
| 248 | $this->fixture = new OAuth2($mockStorage); |
---|
| 249 | $this->fixture->grantAccessToken($inputData, array()); |
---|
| 250 | |
---|
| 251 | $this->fail('The expected exception OAuth2ServerException was not thrown'); |
---|
| 252 | } |
---|
| 253 | catch ( OAuth2ServerException $e ) { |
---|
| 254 | $this->assertEquals(OAuth2::ERROR_REDIRECT_URI_MISMATCH, $e->getMessage()); |
---|
| 255 | } |
---|
| 256 | } |
---|
| 257 | |
---|
| 258 | /** |
---|
| 259 | * Tests OAuth2->grantAccessToken() with checks the client ID is matched |
---|
| 260 | * |
---|
| 261 | */ |
---|
| 262 | public function testGrantAccessTokenWithGrantAuthCodeClientIdChecked() { |
---|
| 263 | $inputData = array('client_id' => 'another_app', 'grant_type' => OAuth2::GRANT_TYPE_AUTH_CODE, 'redirect_uri' => 'http://www.example.com/my/subdir', 'client_secret' => 'b', 'code'=> 'foo'); |
---|
| 264 | $storedToken = array('client_id' => 'my_little_app', 'redirect_uri' => 'http://www.example.com', 'expires' => time() + 60); |
---|
| 265 | |
---|
| 266 | $mockStorage = $this->createBaseMock('IOAuth2GrantCode'); |
---|
| 267 | $mockStorage->expects($this->any()) |
---|
| 268 | ->method('getAuthCode') |
---|
| 269 | ->will($this->returnValue($storedToken)); |
---|
| 270 | |
---|
| 271 | // Ensure the client ID is checked |
---|
| 272 | try { |
---|
| 273 | $this->fixture = new OAuth2($mockStorage); |
---|
| 274 | $this->fixture->grantAccessToken($inputData, array()); |
---|
| 275 | |
---|
| 276 | $this->fail('The expected exception OAuth2ServerException was not thrown'); |
---|
| 277 | } |
---|
| 278 | catch ( OAuth2ServerException $e ) { |
---|
| 279 | $this->assertEquals(OAuth2::ERROR_INVALID_GRANT, $e->getMessage()); |
---|
| 280 | } |
---|
| 281 | } |
---|
| 282 | |
---|
| 283 | /** |
---|
| 284 | * Tests OAuth2->grantAccessToken() with implicit |
---|
| 285 | * |
---|
| 286 | */ |
---|
| 287 | public function testGrantAccessTokenWithGrantImplicit() { |
---|
| 288 | $this->markTestIncomplete ( "grantAccessToken test not implemented" ); |
---|
| 289 | |
---|
| 290 | $this->fixture->grantAccessToken(/* parameters */); |
---|
| 291 | } |
---|
| 292 | |
---|
| 293 | /** |
---|
| 294 | * Tests OAuth2->grantAccessToken() with user credentials |
---|
| 295 | * |
---|
| 296 | */ |
---|
| 297 | public function testGrantAccessTokenWithGrantUser() { |
---|
| 298 | $this->markTestIncomplete ( "grantAccessToken test not implemented" ); |
---|
| 299 | |
---|
| 300 | $this->fixture->grantAccessToken(/* parameters */); |
---|
| 301 | } |
---|
| 302 | |
---|
| 303 | |
---|
| 304 | /** |
---|
| 305 | * Tests OAuth2->grantAccessToken() with client credentials |
---|
| 306 | * |
---|
| 307 | */ |
---|
| 308 | public function testGrantAccessTokenWithGrantClient() { |
---|
| 309 | $this->markTestIncomplete ( "grantAccessToken test not implemented" ); |
---|
| 310 | |
---|
| 311 | $this->fixture->grantAccessToken(/* parameters */); |
---|
| 312 | } |
---|
| 313 | |
---|
| 314 | /** |
---|
| 315 | * Tests OAuth2->grantAccessToken() with refresh token |
---|
| 316 | * |
---|
| 317 | */ |
---|
| 318 | public function testGrantAccessTokenWithGrantRefresh() { |
---|
| 319 | $this->markTestIncomplete ( "grantAccessToken test not implemented" ); |
---|
| 320 | |
---|
| 321 | $this->fixture->grantAccessToken(/* parameters */); |
---|
| 322 | } |
---|
| 323 | |
---|
| 324 | /** |
---|
| 325 | * Tests OAuth2->grantAccessToken() with extension |
---|
| 326 | * |
---|
| 327 | */ |
---|
| 328 | public function testGrantAccessTokenWithGrantExtension() { |
---|
| 329 | $this->markTestIncomplete ( "grantAccessToken test not implemented" ); |
---|
| 330 | |
---|
| 331 | $this->fixture->grantAccessToken(/* parameters */); |
---|
| 332 | } |
---|
| 333 | |
---|
| 334 | /** |
---|
| 335 | * Tests OAuth2->getAuthorizeParams() |
---|
| 336 | */ |
---|
| 337 | public function testGetAuthorizeParams() { |
---|
| 338 | // TODO Auto-generated OAuth2Test->testGetAuthorizeParams() |
---|
| 339 | $this->markTestIncomplete ( "getAuthorizeParams test not implemented" ); |
---|
| 340 | |
---|
| 341 | $this->fixture->getAuthorizeParams(/* parameters */); |
---|
| 342 | |
---|
| 343 | } |
---|
| 344 | |
---|
| 345 | /** |
---|
| 346 | * Tests OAuth2->finishClientAuthorization() |
---|
| 347 | */ |
---|
| 348 | public function testFinishClientAuthorization() { |
---|
| 349 | // TODO Auto-generated OAuth2Test->testFinishClientAuthorization() |
---|
| 350 | $this->markTestIncomplete ( "finishClientAuthorization test not implemented" ); |
---|
| 351 | |
---|
| 352 | $this->fixture->finishClientAuthorization(/* parameters */); |
---|
| 353 | |
---|
| 354 | } |
---|
| 355 | |
---|
| 356 | // Utility methods |
---|
| 357 | |
---|
| 358 | /** |
---|
| 359 | * |
---|
| 360 | * @param string $interfaceName |
---|
| 361 | */ |
---|
| 362 | protected function createBaseMock($interfaceName) { |
---|
| 363 | $mockStorage = $this->getMock($interfaceName); |
---|
| 364 | $mockStorage->expects($this->any()) |
---|
| 365 | ->method('checkClientCredentials') |
---|
| 366 | ->will($this->returnValue(TRUE)); // Always return true for any combination of user/pass |
---|
| 367 | $mockStorage->expects($this->any()) |
---|
| 368 | ->method('checkRestrictedGrantType') |
---|
| 369 | ->will($this->returnValue(TRUE)); // Always return true for any combination of user/pass |
---|
| 370 | |
---|
| 371 | return $mockStorage; |
---|
| 372 | } |
---|
| 373 | |
---|
| 374 | // Data Providers below: |
---|
| 375 | |
---|
| 376 | /** |
---|
| 377 | * Dataprovider for testVerifyAccessTokenMalformedToken(). |
---|
| 378 | * |
---|
| 379 | * Produces malformed access tokens |
---|
| 380 | */ |
---|
| 381 | public function generateMalformedTokens() { |
---|
| 382 | return array( |
---|
| 383 | array(array()), // an empty array as a token |
---|
| 384 | array(array('expires' => 5)), // missing client_id |
---|
| 385 | array(array('client_id' => 6)), // missing expires |
---|
| 386 | array(array('something' => 6)), // missing both 'expires' and 'client_id' |
---|
| 387 | ); |
---|
| 388 | } |
---|
| 389 | |
---|
| 390 | /** |
---|
| 391 | * Dataprovider for testVerifyAccessTokenCheckExpiry(). |
---|
| 392 | * |
---|
| 393 | * Produces malformed access tokens |
---|
| 394 | */ |
---|
| 395 | public function generateExpiryTokens() { |
---|
| 396 | return array( |
---|
| 397 | array(array('client_id' => 'blah', 'expires' => time() - 30), FALSE), // 30 seconds ago should fail |
---|
| 398 | array(array('client_id' => 'blah', 'expires' => time() - 1), FALSE), // now-ish should fail |
---|
| 399 | array(array('client_id' => 'blah', 'expires' => 0), FALSE), // 1970 should fail |
---|
| 400 | array(array('client_id' => 'blah', 'expires' => time() + 30), TRUE), // 30 seconds in the future should be valid |
---|
| 401 | array(array('client_id' => 'blah', 'expires' => time() + 86400), TRUE), // 1 day in the future should be valid |
---|
| 402 | array(array('client_id' => 'blah', 'expires' => time() + (365 * 86400)), TRUE), // 1 year should be valid |
---|
| 403 | array(array('client_id' => 'blah', 'expires' => time() + (10 * 365 * 86400)), TRUE), // 10 years should be valid |
---|
| 404 | ); |
---|
| 405 | } |
---|
| 406 | |
---|
| 407 | /** |
---|
| 408 | * Dataprovider for testVerifyAccessTokenCheckExpiry(). |
---|
| 409 | * |
---|
| 410 | * Produces malformed access tokens |
---|
| 411 | */ |
---|
| 412 | public function generateScopes() { |
---|
| 413 | $baseToken = array('client_id' => 'blah', 'expires' => time() + 60); |
---|
| 414 | |
---|
| 415 | return array( |
---|
| 416 | array(null, $baseToken + array(), TRUE), // missing scope is valif |
---|
| 417 | array(null, $baseToken + array('scope' => null), TRUE), // null scope is valid |
---|
| 418 | array('', $baseToken + array('scope' => ''), TRUE), // empty scope is valid |
---|
| 419 | array('read', $baseToken + array('scope' => 'read'), TRUE), // exact same scope is valid |
---|
| 420 | array('read', $baseToken + array('scope' => ' read '), TRUE), // exact same scope is valid |
---|
| 421 | array(' read ', $baseToken + array('scope' => 'read'), TRUE), // exact same scope is valid |
---|
| 422 | array('read', $baseToken + array('scope' => 'read write delete'), TRUE), // contains scope |
---|
| 423 | array('read', $baseToken + array('scope' => 'write read delete'), TRUE), // contains scope |
---|
| 424 | array('read', $baseToken + array('scope' => 'delete write read'), TRUE), // contains scope |
---|
| 425 | |
---|
| 426 | // Invalid combinations |
---|
| 427 | array('read', $baseToken + array('scope' => 'write'), FALSE), |
---|
| 428 | array('read', $baseToken + array('scope' => 'apple banana'), FALSE), |
---|
| 429 | array('read', $baseToken + array('scope' => 'apple read-write'), FALSE), |
---|
| 430 | array('read', $baseToken + array('scope' => 'apple read,write'), FALSE), |
---|
| 431 | array('read', $baseToken + array('scope' => null), FALSE), |
---|
| 432 | array('read', $baseToken + array('scope' => ''), FALSE), |
---|
| 433 | ); |
---|
| 434 | } |
---|
| 435 | |
---|
| 436 | /** |
---|
| 437 | * Provider for OAuth2->grantAccessToken() |
---|
| 438 | */ |
---|
| 439 | public function generateEmptyDataForGrant() { |
---|
| 440 | return array( |
---|
| 441 | array( |
---|
| 442 | array(), array() |
---|
| 443 | ), |
---|
| 444 | array( |
---|
| 445 | array(), array('grant_type' => OAuth2::GRANT_TYPE_AUTH_CODE) // grant_type in auth headers should be ignored |
---|
| 446 | ), |
---|
| 447 | array( |
---|
| 448 | array('not_grant_type' => 5), array() |
---|
| 449 | ), |
---|
| 450 | ); |
---|
| 451 | } |
---|
| 452 | } |
---|
| 453 | |
---|