2
2
3
3
namespace Laravel \Passport \Tests \Unit ;
4
4
5
- use Illuminate \Contracts \Routing \ResponseFactory ;
6
5
use Illuminate \Http \Request ;
7
6
use Laravel \Passport \Http \Controllers \DenyAuthorizationController ;
7
+ use League \OAuth2 \Server \AuthorizationServer ;
8
8
use League \OAuth2 \Server \RequestTypes \AuthorizationRequest ;
9
9
use Mockery as m ;
10
10
use PHPUnit \Framework \TestCase ;
11
+ use Psr \Http \Message \ResponseInterface ;
11
12
12
13
class DenyAuthorizationControllerTest extends TestCase
13
14
{
@@ -18,140 +19,44 @@ protected function tearDown(): void
18
19
19
20
public function test_authorization_can_be_denied ()
20
21
{
21
- $ response = m:: mock (ResponseFactory::class );
22
+ $ this -> expectException ( ' Laravel\Passport\Exceptions\OAuthServerException ' );
22
23
23
- $ controller = new DenyAuthorizationController ($ response );
24
+ $ server = m::mock (AuthorizationServer::class);
25
+ $ controller = new DenyAuthorizationController ($ server );
24
26
25
27
$ request = m::mock (Request::class);
26
28
27
29
$ request ->shouldReceive ('session ' )->andReturn ($ session = m::mock ());
28
30
$ request ->shouldReceive ('user ' )->andReturn (new DenyAuthorizationControllerFakeUser );
29
- $ request ->shouldReceive ('input ' )->with ('state ' )->andReturn ('state ' );
30
31
$ request ->shouldReceive ('has ' )->with ('auth_token ' )->andReturn (true );
31
32
$ request ->shouldReceive ('get ' )->with ('auth_token ' )->andReturn ('foo ' );
32
33
33
34
$ session ->shouldReceive ('get ' )->once ()->with ('authToken ' )->andReturn ('foo ' );
34
- $ session ->shouldReceive ('get ' )->once ()->with ('authRequest ' )->andReturn ($ authRequest = m::mock (
35
+ $ session ->shouldReceive ('get ' )
36
+ ->once ()
37
+ ->with ('authRequest ' )
38
+ ->andReturn ($ authRequest = m::mock (
35
39
AuthorizationRequest::class
36
- ));
40
+ ));
37
41
38
42
$ authRequest ->shouldReceive ('setUser ' )->once ();
39
- $ authRequest ->shouldReceive ('getGrantTypeId ' )->andReturn ('authorization_code ' );
40
- $ authRequest ->shouldReceive ('setAuthorizationApproved ' )->once ()->with (true );
41
- $ authRequest ->shouldReceive ('getRedirectUri ' )->andReturn ('http://localhost ' );
42
- $ authRequest ->shouldReceive ('getClient->getRedirectUri ' )->andReturn ('http://localhost ' );
43
+ $ authRequest ->shouldReceive ('setAuthorizationApproved ' )->once ()->with (false );
43
44
44
- $ response ->shouldReceive ('redirectTo ' )-> once ()-> andReturnUsing ( function ( $ url ) {
45
- return $ url ;
46
- } );
45
+ $ server ->shouldReceive ('completeAuthorizationRequest ' )
46
+ -> with ( $ authRequest , m:: type (ResponseInterface::class))
47
+ -> andThrow ( ' League\OAuth2\Server\Exception\OAuthServerException ' );
47
48
48
- $ this ->assertSame ('http://localhost?error=access_denied&state=state ' , $ controller ->deny ($ request ));
49
- }
50
-
51
- public function test_authorization_can_be_denied_with_multiple_redirect_uris ()
52
- {
53
- $ response = m::mock (ResponseFactory::class);
54
-
55
- $ controller = new DenyAuthorizationController ($ response );
56
-
57
- $ request = m::mock (Request::class);
58
-
59
- $ request ->shouldReceive ('session ' )->andReturn ($ session = m::mock ());
60
- $ request ->shouldReceive ('user ' )->andReturn (new DenyAuthorizationControllerFakeUser );
61
- $ request ->shouldReceive ('input ' )->with ('state ' )->andReturn ('state ' );
62
- $ request ->shouldReceive ('has ' )->with ('auth_token ' )->andReturn (true );
63
- $ request ->shouldReceive ('get ' )->with ('auth_token ' )->andReturn ('foo ' );
64
-
65
- $ session ->shouldReceive ('get ' )->once ()->with ('authRequest ' )->andReturn ($ authRequest = m::mock (
66
- AuthorizationRequest::class
67
- ));
68
-
69
- $ authRequest ->shouldReceive ('setUser ' )->once ();
70
- $ authRequest ->shouldReceive ('getGrantTypeId ' )->andReturn ('authorization_code ' );
71
- $ authRequest ->shouldReceive ('setAuthorizationApproved ' )->once ()->with (true );
72
- $ authRequest ->shouldReceive ('getRedirectUri ' )->andReturn ('http://localhost ' );
73
- $ authRequest ->shouldReceive ('getClient->getRedirectUri ' )->andReturn (['http://localhost.localdomain ' , 'http://localhost ' ]);
74
-
75
- $ session ->shouldReceive ('get ' )->once ()->with ('authToken ' )->andReturn ('foo ' );
76
- $ response ->shouldReceive ('redirectTo ' )->once ()->andReturnUsing (function ($ url ) {
77
- return $ url ;
78
- });
79
-
80
- $ this ->assertSame ('http://localhost?error=access_denied&state=state ' , $ controller ->deny ($ request ));
81
- }
82
-
83
- public function test_authorization_can_be_denied_implicit ()
84
- {
85
- $ response = m::mock (ResponseFactory::class);
86
-
87
- $ controller = new DenyAuthorizationController ($ response );
88
-
89
- $ request = m::mock (Request::class);
90
-
91
- $ request ->shouldReceive ('session ' )->andReturn ($ session = m::mock ());
92
- $ request ->shouldReceive ('user ' )->andReturn (new DenyAuthorizationControllerFakeUser );
93
- $ request ->shouldReceive ('input ' )->with ('state ' )->andReturn ('state ' );
94
- $ request ->shouldReceive ('has ' )->with ('auth_token ' )->andReturn (true );
95
- $ request ->shouldReceive ('get ' )->with ('auth_token ' )->andReturn ('foo ' );
96
-
97
- $ session ->shouldReceive ('get ' )->once ()->with ('authToken ' )->andReturn ('foo ' );
98
- $ session ->shouldReceive ('get ' )->once ()->with ('authRequest ' )->andReturn ($ authRequest = m::mock (
99
- AuthorizationRequest::class
100
- ));
101
-
102
- $ authRequest ->shouldReceive ('setUser ' )->once ();
103
- $ authRequest ->shouldReceive ('getGrantTypeId ' )->andReturn ('implicit ' );
104
- $ authRequest ->shouldReceive ('setAuthorizationApproved ' )->once ()->with (true );
105
- $ authRequest ->shouldReceive ('getRedirectUri ' )->andReturn ('http://localhost ' );
106
- $ authRequest ->shouldReceive ('getClient->getRedirectUri ' )->andReturn ('http://localhost ' );
107
-
108
- $ response ->shouldReceive ('redirectTo ' )->once ()->andReturnUsing (function ($ url ) {
109
- return $ url ;
110
- });
111
-
112
- $ this ->assertSame ('http://localhost#error=access_denied&state=state ' , $ controller ->deny ($ request ));
113
- }
114
-
115
- public function test_authorization_can_be_denied_with_existing_query_string ()
116
- {
117
- $ response = m::mock (ResponseFactory::class);
118
-
119
- $ controller = new DenyAuthorizationController ($ response );
120
-
121
- $ request = m::mock (Request::class);
122
-
123
- $ request ->shouldReceive ('session ' )->andReturn ($ session = m::mock ());
124
- $ request ->shouldReceive ('user ' )->andReturn (new DenyAuthorizationControllerFakeUser );
125
- $ request ->shouldReceive ('input ' )->with ('state ' )->andReturn ('state ' );
126
- $ request ->shouldReceive ('has ' )->with ('auth_token ' )->andReturn (true );
127
- $ request ->shouldReceive ('get ' )->with ('auth_token ' )->andReturn ('foo ' );
128
-
129
- $ session ->shouldReceive ('get ' )->once ()->with ('authToken ' )->andReturn ('foo ' );
130
- $ session ->shouldReceive ('get ' )->once ()->with ('authRequest ' )->andReturn ($ authRequest = m::mock (
131
- AuthorizationRequest::class
132
- ));
133
-
134
- $ authRequest ->shouldReceive ('setUser ' )->once ();
135
- $ authRequest ->shouldReceive ('getGrantTypeId ' )->andReturn ('authorization_code ' );
136
- $ authRequest ->shouldReceive ('setAuthorizationApproved ' )->once ()->with (true );
137
- $ authRequest ->shouldReceive ('getRedirectUri ' )->andReturn ('http://localhost?action=some_action ' );
138
- $ authRequest ->shouldReceive ('getClient->getRedirectUri ' )->andReturn ('http://localhost?action=some_action ' );
139
-
140
- $ response ->shouldReceive ('redirectTo ' )->once ()->andReturnUsing (function ($ url ) {
141
- return $ url ;
142
- });
143
-
144
- $ this ->assertSame ('http://localhost?action=some_action&error=access_denied&state=state ' , $ controller ->deny ($ request ));
49
+ $ controller ->deny ($ request );
145
50
}
146
51
147
52
public function test_auth_request_should_exist ()
148
53
{
149
54
$ this ->expectException ('Exception ' );
150
55
$ this ->expectExceptionMessage ('Authorization request was not present in the session. ' );
151
56
152
- $ response = m::mock (ResponseFactory ::class);
57
+ $ server = m::mock (AuthorizationServer ::class);
153
58
154
- $ controller = new DenyAuthorizationController ($ response );
59
+ $ controller = new DenyAuthorizationController ($ server );
155
60
156
61
$ request = m::mock (Request::class);
157
62
@@ -164,7 +69,7 @@ public function test_auth_request_should_exist()
164
69
$ session ->shouldReceive ('get ' )->once ()->with ('authToken ' )->andReturn ('foo ' );
165
70
$ session ->shouldReceive ('get ' )->once ()->with ('authRequest ' )->andReturnNull ();
166
71
167
- $ response ->shouldReceive ('redirectTo ' )->never ();
72
+ $ server ->shouldReceive ('completeAuthorizationRequest ' )->never ();
168
73
169
74
$ controller ->deny ($ request );
170
75
}
0 commit comments