provider = new \Stevenmaguire\OAuth2\Client\Provider\Keycloak([ 'authServerUrl' => 'http://mock.url/auth', 'realm' => 'mock_realm', 'clientId' => 'mock_client_id', 'clientSecret' => 'mock_secret', 'redirectUri' => 'none', ]); } public function tearDown() { m::close(); parent::tearDown(); } public function testAuthorizationUrl() { $url = $this->provider->getAuthorizationUrl(); $uri = parse_url($url); parse_str($uri['query'], $query); $this->assertArrayHasKey('client_id', $query); $this->assertArrayHasKey('redirect_uri', $query); $this->assertArrayHasKey('state', $query); $this->assertArrayHasKey('scope', $query); $this->assertArrayHasKey('response_type', $query); $this->assertArrayHasKey('approval_prompt', $query); $this->assertNotNull($this->provider->getState()); } public function testEncryptionAlgorithm() { $algorithm = uniqid(); $provider = new \Stevenmaguire\OAuth2\Client\Provider\Keycloak([ 'encryptionAlgorithm' => $algorithm, ]); $this->assertEquals($algorithm, $provider->encryptionAlgorithm); $algorithm = uniqid(); $provider->setEncryptionAlgorithm($algorithm); $this->assertEquals($algorithm, $provider->encryptionAlgorithm); } public function testEncryptionKey() { $key = uniqid(); $provider = new \Stevenmaguire\OAuth2\Client\Provider\Keycloak([ 'encryptionKey' => $key, ]); $this->assertEquals($key, $provider->encryptionKey); $key = uniqid(); $provider->setEncryptionKey($key); $this->assertEquals($key, $provider->encryptionKey); } public function testEncryptionKeyPath() { global $mockFileGetContents; $path = uniqid(); $key = uniqid(); $mockFileGetContents = $key; $provider = new \Stevenmaguire\OAuth2\Client\Provider\Keycloak([ 'encryptionKeyPath' => $path, ]); $this->assertEquals($key, $provider->encryptionKey); $path = uniqid(); $key = uniqid(); $mockFileGetContents = $key; $provider->setEncryptionKeyPath($path); $this->assertEquals($key, $provider->encryptionKey); } public function testScopes() { $options = ['scope' => [uniqid(),uniqid()]]; $url = $this->provider->getAuthorizationUrl($options); $this->assertContains(urlencode(implode(',', $options['scope'])), $url); } public function testGetAuthorizationUrl() { $url = $this->provider->getAuthorizationUrl(); $uri = parse_url($url); $this->assertEquals('/auth/realms/mock_realm/protocol/openid-connect/auth', $uri['path']); } public function testGetBaseAccessTokenUrl() { $params = []; $url = $this->provider->getBaseAccessTokenUrl($params); $uri = parse_url($url); $this->assertEquals('/auth/realms/mock_realm/protocol/openid-connect/token', $uri['path']); } public function testGetAccessToken() { $response = m::mock('Psr\Http\Message\ResponseInterface'); $response->shouldReceive('getBody')->andReturn('{"access_token":"mock_access_token", "scope":"email", "token_type":"bearer"}'); $response->shouldReceive('getHeader')->andReturn(['content-type' => 'json']); $client = m::mock('GuzzleHttp\ClientInterface'); $client->shouldReceive('send')->times(1)->andReturn($response); $this->provider->setHttpClient($client); $token = $this->provider->getAccessToken('authorization_code', ['code' => 'mock_authorization_code']); $this->assertEquals('mock_access_token', $token->getToken()); $this->assertNull($token->getExpires()); $this->assertNull($token->getRefreshToken()); $this->assertNull($token->getResourceOwnerId()); } public function testUserData() { $userId = rand(1000,9999); $name = uniqid(); $nickname = uniqid(); $email = uniqid(); $postResponse = m::mock('Psr\Http\Message\ResponseInterface'); $postResponse->shouldReceive('getBody')->andReturn('access_token=mock_access_token&expires=3600&refresh_token=mock_refresh_token&otherKey={1234}'); $postResponse->shouldReceive('getHeader')->andReturn(['content-type' => 'application/x-www-form-urlencoded']); $userResponse = m::mock('Psr\Http\Message\ResponseInterface'); $userResponse->shouldReceive('getBody')->andReturn('{"sub": '.$userId.', "name": "'.$name.'", "email": "'.$email.'"}'); $userResponse->shouldReceive('getHeader')->andReturn(['content-type' => 'json']); $client = m::mock('GuzzleHttp\ClientInterface'); $client->shouldReceive('send') ->times(2) ->andReturn($postResponse, $userResponse); $this->provider->setHttpClient($client); $token = $this->provider->getAccessToken('authorization_code', ['code' => 'mock_authorization_code']); $user = $this->provider->getResourceOwner($token); $this->assertEquals($userId, $user->getId()); $this->assertEquals($userId, $user->toArray()['sub']); $this->assertEquals($name, $user->getName()); $this->assertEquals($name, $user->toArray()['name']); $this->assertEquals($email, $user->getEmail()); $this->assertEquals($email, $user->toArray()['email']); } public function testUserDataWithEncryption() { $userId = rand(1000,9999); $name = uniqid(); $nickname = uniqid(); $email = uniqid(); $jwt = uniqid(); $algorithm = uniqid(); $key = uniqid(); $postResponse = m::mock('Psr\Http\Message\ResponseInterface'); $postResponse->shouldReceive('getBody')->andReturn('access_token=mock_access_token&expires=3600&refresh_token=mock_refresh_token&otherKey={1234}'); $postResponse->shouldReceive('getHeader')->andReturn(['content-type' => 'application/x-www-form-urlencoded']); $userResponse = m::mock('Psr\Http\Message\ResponseInterface'); $userResponse->shouldReceive('getBody')->andReturn($jwt); $userResponse->shouldReceive('getHeader')->andReturn(['content-type' => 'application/jwt']); $decoder = \Mockery::mock('overload:Firebase\JWT\JWT'); $decoder->shouldReceive('decode')->with($jwt, $key, [$algorithm])->andReturn([ 'sub' => $userId, 'email' => $email, 'name' => $name, ]); $client = m::mock('GuzzleHttp\ClientInterface'); $client->shouldReceive('send') ->times(2) ->andReturn($postResponse, $userResponse); $this->provider->setHttpClient($client); $token = $this->provider->setEncryptionAlgorithm($algorithm) ->setEncryptionKey($key) ->getAccessToken('authorization_code', ['code' => 'mock_authorization_code']); $user = $this->provider->getResourceOwner($token); $this->assertEquals($userId, $user->getId()); $this->assertEquals($userId, $user->toArray()['sub']); $this->assertEquals($name, $user->getName()); $this->assertEquals($name, $user->toArray()['name']); $this->assertEquals($email, $user->getEmail()); $this->assertEquals($email, $user->toArray()['email']); } /** * @expectedException Stevenmaguire\OAuth2\Client\Provider\Exception\EncryptionConfigurationException */ public function testUserDataFailsWhenEncryptionEncounteredAndNotConfigured() { $postResponse = m::mock('Psr\Http\Message\ResponseInterface'); $postResponse->shouldReceive('getBody')->andReturn('access_token=mock_access_token&expires=3600&refresh_token=mock_refresh_token&otherKey={1234}'); $postResponse->shouldReceive('getHeader')->andReturn(['content-type' => 'application/x-www-form-urlencoded']); $userResponse = m::mock('Psr\Http\Message\ResponseInterface'); $userResponse->shouldReceive('getBody')->andReturn(uniqid()); $userResponse->shouldReceive('getHeader')->andReturn(['content-type' => 'application/jwt']); $client = m::mock('GuzzleHttp\ClientInterface'); $client->shouldReceive('send') ->times(2) ->andReturn($postResponse, $userResponse); $this->provider->setHttpClient($client); $token = $this->provider->getAccessToken('authorization_code', ['code' => 'mock_authorization_code']); $user = $this->provider->getResourceOwner($token); } /** * @expectedException League\OAuth2\Client\Provider\Exception\IdentityProviderException */ public function testErrorResponse() { $response = m::mock('Psr\Http\Message\ResponseInterface'); $response->shouldReceive('getBody')->andReturn('{"error": "invalid_grant", "error_description": "Code not found"}'); $response->shouldReceive('getHeader')->andReturn(['content-type' => 'json']); $client = m::mock('GuzzleHttp\ClientInterface'); $client->shouldReceive('send')->times(1)->andReturn($response); $this->provider->setHttpClient($client); $token = $this->provider->getAccessToken('authorization_code', ['code' => 'mock_authorization_code']); } } }