ParameterCheckerManagerTest - Code Metrics - Inspection of "Ignoring Tests filders" - OAuth2-Framework/oauth2-framework - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Push — master ( 69a5a9...547d98 )

by Florent

created 2018-04-19 14:17 UTC

ParameterCheckerManagerTest A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	277
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	15

Importance

Changes

Metric	Value
wmc	19
lcom	1
cbo	15
dl	0
loc	277
rs	9.1666
c	0
b	0
f	0

10 Methods

Rating	Name	Size	Complexity
A	anAuthorizationRequestIsReceivedButTheDisplayParameterIsNotValid()	22	2
A	anAuthorizationRequestIsReceivedButThePromptParameterIsNotValid()	22	2
A	anAuthorizationRequestIsReceivedButThePromptParameterNoneMustBeUsedAlone()	22	2
A	anAuthorizationRequestIsReceivedButNoRedirectUriIsSet()	20	2
A	anAuthorizationRequestIsReceivedButNoResponseTypeIsSet()	22	2
B	anAuthorizationRequestIsReceivedButTheResponseModeIsNotSupported()	26	2
A	anAuthorizationRequestIsReceivedButTheResponseTypeIsNotSupportedByThisServer()	23	2
A	anAuthorizationRequestIsReceivedButTheResponseTypeIsNotAllowedForTheClient()	23	2
B	anAuthorizationRequestIsReceivedAndIsValid()	27	1
A	getParameterCheckerManager()	23	2

<?php

declare(strict_types=1);

/*
 * The MIT License (MIT)
 *
 * Copyright (c) 2014-2018 Spomky-Labs
 *
 * This software may be modified and distributed under the terms
 * of the MIT license.  See the LICENSE file for details.
 */

namespace OAuth2Framework\Component\AuthorizationEndpoint\Tests\ParameterChecker;

use OAuth2Framework\Component\AuthorizationEndpoint\Authorization;
use OAuth2Framework\Component\AuthorizationEndpoint\Exception\OAuth2AuthorizationException;
use OAuth2Framework\Component\AuthorizationEndpoint\ParameterChecker\DisplayParameterChecker;
use OAuth2Framework\Component\AuthorizationEndpoint\ParameterChecker\ParameterCheckerManager;
use OAuth2Framework\Component\AuthorizationEndpoint\ParameterChecker\PromptParameterChecker;
use OAuth2Framework\Component\AuthorizationEndpoint\ParameterChecker\RedirectUriParameterChecker;
use OAuth2Framework\Component\AuthorizationEndpoint\ParameterChecker\ResponseTypeAndResponseModeParameterChecker;
use OAuth2Framework\Component\AuthorizationEndpoint\ParameterChecker\StateParameterChecker;
use OAuth2Framework\Component\AuthorizationEndpoint\ResponseMode\FragmentResponseMode;
use OAuth2Framework\Component\AuthorizationEndpoint\ResponseMode\QueryResponseMode;
use OAuth2Framework\Component\AuthorizationEndpoint\ResponseMode\ResponseModeManager;
use OAuth2Framework\Component\AuthorizationEndpoint\ResponseType;
use OAuth2Framework\Component\AuthorizationEndpoint\ResponseTypeManager;
use OAuth2Framework\Component\Core\Client\Client;
use OAuth2Framework\Component\Core\Client\ClientId;
use OAuth2Framework\Component\Core\DataBag\DataBag;
use PHPUnit\Framework\TestCase;

/**
 * @group ParameterCheckerManager
 */
final class ParameterCheckerManagerTest extends TestCase
{
    /**
     * @test
     */
    public function anAuthorizationRequestIsReceivedButTheDisplayParameterIsNotValid()
    {
        $client = Client::createEmpty();
        $client = $client->create(
            ClientId::create('CLIENT_ID'),
            DataBag::create([]),
            null
        );
        $client->eraseMessages();
        $authorization = Authorization::create($client, [
            'display' => 'foo',
        ]);

        try {
            $this->getParameterCheckerManager()->process($authorization);
            $this->fail('An OAuth2 exception should be thrown.');
        } catch (OAuth2AuthorizationException $e) {
            self::assertEquals(400, $e->getCode());
            self::assertEquals('invalid_request', $e->getMessage());
            self::assertEquals('Invalid parameter "display". Allowed values are page, popup, touch, wap', $e->getErrorDescription());
        }
    }

    /**
     * @test
     */
    public function anAuthorizationRequestIsReceivedButThePromptParameterIsNotValid()
    {
        $client = Client::createEmpty();
        $client = $client->create(
            ClientId::create('CLIENT_ID'),
            DataBag::create([]),
            null
        );
        $client->eraseMessages();
        $authorization = Authorization::create($client, [
            'prompt' => 'foo',
        ]);

        try {
            $this->getParameterCheckerManager()->process($authorization);
            $this->fail('An OAuth2 exception should be thrown.');
        } catch (OAuth2AuthorizationException $e) {
            self::assertEquals(400, $e->getCode());
            self::assertEquals('invalid_request', $e->getMessage());
            self::assertEquals('Invalid parameter "prompt". Allowed values are none, login, consent, select_account', $e->getErrorDescription());
        }
    }

    /**
     * @test
     */
    public function anAuthorizationRequestIsReceivedButThePromptParameterNoneMustBeUsedAlone()
    {
        $client = Client::createEmpty();
        $client = $client->create(
            ClientId::create('CLIENT_ID'),
            DataBag::create([]),
            null
        );
        $client->eraseMessages();
        $authorization = Authorization::create($client, [
            'prompt' => 'none login',
        ]);

        try {
            $this->getParameterCheckerManager()->process($authorization);
            $this->fail('An OAuth2 exception should be thrown.');
        } catch (OAuth2AuthorizationException $e) {
            self::assertEquals(400, $e->getCode());
            self::assertEquals('invalid_request', $e->getMessage());
            self::assertEquals('Invalid parameter "prompt". Prompt value "none" must be used alone.', $e->getErrorDescription());
        }
    }

    /**
     * @test
     */
    public function anAuthorizationRequestIsReceivedButNoRedirectUriIsSet()
    {
        $client = Client::createEmpty();
        $client = $client->create(
            ClientId::create('CLIENT_ID'),
            DataBag::create([]),
            null
        );
        $client->eraseMessages();
        $authorization = Authorization::create($client, []);

        try {
            $this->getParameterCheckerManager()->process($authorization);
            $this->fail('An OAuth2 exception should be thrown.');
        } catch (OAuth2AuthorizationException $e) {
            self::assertEquals(400, $e->getCode());
            self::assertEquals('invalid_request', $e->getMessage());
            self::assertEquals('The parameter "redirect_uri" is mandatory.', $e->getErrorDescription());
        }
    }

    /**
     * @test
     */
    public function anAuthorizationRequestIsReceivedButNoResponseTypeIsSet()
    {
        $client = Client::createEmpty();
        $client = $client->create(
            ClientId::create('CLIENT_ID'),
            DataBag::create([]),
            null
        );
        $client->eraseMessages();
        $authorization = Authorization::create($client, [
            'redirect_uri' => 'https://www.foo.bar/callback',
        ]);

        try {
            $this->getParameterCheckerManager()->process($authorization);
            $this->fail('An OAuth2 exception should be thrown.');
        } catch (OAuth2AuthorizationException $e) {
            self::assertEquals(400, $e->getCode());
            self::assertEquals('invalid_request', $e->getMessage());
            self::assertEquals('The parameter "response_type" is mandatory.', $e->getErrorDescription());
        }
    }

    /**
     * @test
     */
    public function anAuthorizationRequestIsReceivedButTheResponseModeIsNotSupported()
    {
        $client = Client::createEmpty();
        $client = $client->create(
            ClientId::create('CLIENT_ID'),
            DataBag::create([
                'response_types' => ['foo'],
            ]),
            null
        );
        $client->eraseMessages();
        $authorization = Authorization::create($client, [
            'redirect_uri' => 'https://www.foo.bar/callback',
            'response_type' => 'foo',
            'response_mode' => 'foo',
        ]);

        try {
            $this->getParameterCheckerManager()->process($authorization);
            $this->fail('An OAuth2 exception should be thrown.');
        } catch (OAuth2AuthorizationException $e) {
            self::assertEquals(400, $e->getCode());
            self::assertEquals('invalid_request', $e->getMessage());
            self::assertEquals('The response mode "foo" is not supported. Please use one of the following values: query, fragment.', $e->getErrorDescription());
        }
    }

    /**
     * @test
     */
    public function anAuthorizationRequestIsReceivedButTheResponseTypeIsNotSupportedByThisServer()
    {
        $client = Client::createEmpty();
        $client = $client->create(
            ClientId::create('CLIENT_ID'),
            DataBag::create([]),
            null
        );
        $client->eraseMessages();
        $authorization = Authorization::create($client, [
            'redirect_uri' => 'https://www.foo.bar/callback',
            'response_type' => 'bar',
        ]);

        try {
            $this->getParameterCheckerManager()->process($authorization);
            $this->fail('An OAuth2 exception should be thrown.');
        } catch (OAuth2AuthorizationException $e) {
            self::assertEquals(400, $e->getCode());
            self::assertEquals('invalid_request', $e->getMessage());
            self::assertEquals('The response type "bar" is not supported by this server', $e->getErrorDescription());
        }
    }

    /**
     * @test
     */
    public function anAuthorizationRequestIsReceivedButTheResponseTypeIsNotAllowedForTheClient()
    {
        $client = Client::createEmpty();
        $client = $client->create(
            ClientId::create('CLIENT_ID'),
            DataBag::create([]),
            null
        );
        $client->eraseMessages();
        $authorization = Authorization::create($client, [
            'redirect_uri' => 'https://www.foo.bar/callback',
            'response_type' => 'foo',
        ]);

        try {
            $this->getParameterCheckerManager()->process($authorization);
            $this->fail('An OAuth2 exception should be thrown.');
        } catch (OAuth2AuthorizationException $e) {
            self::assertEquals(400, $e->getCode());
            self::assertEquals('invalid_request', $e->getMessage());
            self::assertEquals('The response type "foo" is not allowed for this client.', $e->getErrorDescription());
        }
    }

    /**
     * @test
     */
    public function anAuthorizationRequestIsReceivedAndIsValid()
    {
        $client = Client::createEmpty();
        $client = $client->create(
            ClientId::create('CLIENT_ID'),
            DataBag::create([
                'response_types' => ['foo'],
            ]),
            null
        );
        $client->eraseMessages();
        $authorization = Authorization::create($client, [
            'redirect_uri' => 'https://www.foo.bar/callback',
            'response_type' => 'foo',
            'state' => '0123456789',
            'prompt' => 'login consent',
            'display' => 'wap',
            'response_mode' => 'fragment',
        ]);

        $authorization = $this->getParameterCheckerManager()->process($authorization);

        self::assertInstanceOf(FragmentResponseMode::class, $authorization->getResponseMode());
        self::assertInstanceOf(ResponseType::class, $authorization->getResponseType());
        self::assertEquals(['login', 'consent'], $authorization->getPrompt());
        self::assertFalse($authorization->hasPrompt('none'));
    }

    /**
     * @var null|ParameterCheckerManager
     */
    private $extensionManager = null;

    /**
     * @return ParameterCheckerManager
     */
    private function getParameterCheckerManager(): ParameterCheckerManager
    {
        if (null === $this->extensionManager) {
            $responseType = $this->prophesize(ResponseType::class);
            $responseType->name()->willReturn('foo');
            $responseType->getResponseMode()->willReturn('query');
            $responseTypeManager = new ResponseTypeManager();
            $responseTypeManager->add($responseType->reveal());

            $responseModeManager = new ResponseModeManager();
            $responseModeManager->add(new QueryResponseMode());
            $responseModeManager->add(new FragmentResponseMode());

            $this->extensionManager = new ParameterCheckerManager();
            $this->extensionManager->add(new DisplayParameterChecker());
            $this->extensionManager->add(new PromptParameterChecker());
            $this->extensionManager->add(new RedirectUriParameterChecker());
            $this->extensionManager->add(new ResponseTypeAndResponseModeParameterChecker($responseTypeManager, $responseModeManager, true));
            $this->extensionManager->add(new StateParameterChecker());
        }

        return $this->extensionManager;
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			/*
6			* The MIT License (MIT)
7			*
8			* Copyright (c) 2014-2018 Spomky-Labs
9			*
10			* This software may be modified and distributed under the terms
11			* of the MIT license. See the LICENSE file for details.
12			*/
13
14			namespace OAuth2Framework\Component\AuthorizationEndpoint\Tests\ParameterChecker;
15
16			use OAuth2Framework\Component\AuthorizationEndpoint\Authorization;
17			use OAuth2Framework\Component\AuthorizationEndpoint\Exception\OAuth2AuthorizationException;
18			use OAuth2Framework\Component\AuthorizationEndpoint\ParameterChecker\DisplayParameterChecker;
19			use OAuth2Framework\Component\AuthorizationEndpoint\ParameterChecker\ParameterCheckerManager;
20			use OAuth2Framework\Component\AuthorizationEndpoint\ParameterChecker\PromptParameterChecker;
21			use OAuth2Framework\Component\AuthorizationEndpoint\ParameterChecker\RedirectUriParameterChecker;
22			use OAuth2Framework\Component\AuthorizationEndpoint\ParameterChecker\ResponseTypeAndResponseModeParameterChecker;
23			use OAuth2Framework\Component\AuthorizationEndpoint\ParameterChecker\StateParameterChecker;
24			use OAuth2Framework\Component\AuthorizationEndpoint\ResponseMode\FragmentResponseMode;
25			use OAuth2Framework\Component\AuthorizationEndpoint\ResponseMode\QueryResponseMode;
26			use OAuth2Framework\Component\AuthorizationEndpoint\ResponseMode\ResponseModeManager;
27			use OAuth2Framework\Component\AuthorizationEndpoint\ResponseType;
28			use OAuth2Framework\Component\AuthorizationEndpoint\ResponseTypeManager;
29			use OAuth2Framework\Component\Core\Client\Client;
30			use OAuth2Framework\Component\Core\Client\ClientId;
31			use OAuth2Framework\Component\Core\DataBag\DataBag;
32			use PHPUnit\Framework\TestCase;
33
34			/**
35			* @group ParameterCheckerManager
36			*/
37			final class ParameterCheckerManagerTest extends TestCase
38			{
39			/**
40			* @test
41			*/
42			public function anAuthorizationRequestIsReceivedButTheDisplayParameterIsNotValid()
43			{
44			$client = Client::createEmpty();
45			$client = $client->create(
46			ClientId::create('CLIENT_ID'),
47			DataBag::create([]),
48			null
49			);
50			$client->eraseMessages();
51			$authorization = Authorization::create($client, [
52			'display' => 'foo',
53			]);
54
55			try {
56			$this->getParameterCheckerManager()->process($authorization);
57			$this->fail('An OAuth2 exception should be thrown.');
58			} catch (OAuth2AuthorizationException $e) {
59			self::assertEquals(400, $e->getCode());
60			self::assertEquals('invalid_request', $e->getMessage());
61			self::assertEquals('Invalid parameter "display". Allowed values are page, popup, touch, wap', $e->getErrorDescription());
62			}
63			}
64
65			/**
66			* @test
67			*/
68			public function anAuthorizationRequestIsReceivedButThePromptParameterIsNotValid()
69			{
70			$client = Client::createEmpty();
71			$client = $client->create(
72			ClientId::create('CLIENT_ID'),
73			DataBag::create([]),
74			null
75			);
76			$client->eraseMessages();
77			$authorization = Authorization::create($client, [
78			'prompt' => 'foo',
79			]);
80
81			try {
82			$this->getParameterCheckerManager()->process($authorization);
83			$this->fail('An OAuth2 exception should be thrown.');
84			} catch (OAuth2AuthorizationException $e) {
85			self::assertEquals(400, $e->getCode());
86			self::assertEquals('invalid_request', $e->getMessage());
87			self::assertEquals('Invalid parameter "prompt". Allowed values are none, login, consent, select_account', $e->getErrorDescription());
88			}
89			}
90
91			/**
92			* @test
93			*/
94			public function anAuthorizationRequestIsReceivedButThePromptParameterNoneMustBeUsedAlone()
95			{
96			$client = Client::createEmpty();
97			$client = $client->create(
98			ClientId::create('CLIENT_ID'),
99			DataBag::create([]),
100			null
101			);
102			$client->eraseMessages();
103			$authorization = Authorization::create($client, [
104			'prompt' => 'none login',
105			]);
106
107			try {
108			$this->getParameterCheckerManager()->process($authorization);
109			$this->fail('An OAuth2 exception should be thrown.');
110			} catch (OAuth2AuthorizationException $e) {
111			self::assertEquals(400, $e->getCode());
112			self::assertEquals('invalid_request', $e->getMessage());
113			self::assertEquals('Invalid parameter "prompt". Prompt value "none" must be used alone.', $e->getErrorDescription());
114			}
115			}
116
117			/**
118			* @test
119			*/
120			public function anAuthorizationRequestIsReceivedButNoRedirectUriIsSet()
121			{
122			$client = Client::createEmpty();
123			$client = $client->create(
124			ClientId::create('CLIENT_ID'),
125			DataBag::create([]),
126			null
127			);
128			$client->eraseMessages();
129			$authorization = Authorization::create($client, []);
130
131			try {
132			$this->getParameterCheckerManager()->process($authorization);
133			$this->fail('An OAuth2 exception should be thrown.');
134			} catch (OAuth2AuthorizationException $e) {
135			self::assertEquals(400, $e->getCode());
136			self::assertEquals('invalid_request', $e->getMessage());
137			self::assertEquals('The parameter "redirect_uri" is mandatory.', $e->getErrorDescription());
138			}
139			}
140
141			/**
142			* @test
143			*/
144			public function anAuthorizationRequestIsReceivedButNoResponseTypeIsSet()
145			{
146			$client = Client::createEmpty();
147			$client = $client->create(
148			ClientId::create('CLIENT_ID'),
149			DataBag::create([]),
150			null
151			);
152			$client->eraseMessages();
153			$authorization = Authorization::create($client, [
154			'redirect_uri' => 'https://www.foo.bar/callback',
155			]);
156
157			try {
158			$this->getParameterCheckerManager()->process($authorization);
159			$this->fail('An OAuth2 exception should be thrown.');
160			} catch (OAuth2AuthorizationException $e) {
161			self::assertEquals(400, $e->getCode());
162			self::assertEquals('invalid_request', $e->getMessage());
163			self::assertEquals('The parameter "response_type" is mandatory.', $e->getErrorDescription());
164			}
165			}
166
167			/**
168			* @test
169			*/
170			public function anAuthorizationRequestIsReceivedButTheResponseModeIsNotSupported()
171			{
172			$client = Client::createEmpty();
173			$client = $client->create(
174			ClientId::create('CLIENT_ID'),
175			DataBag::create([
176			'response_types' => ['foo'],
177			]),
178			null
179			);
180			$client->eraseMessages();
181			$authorization = Authorization::create($client, [
182			'redirect_uri' => 'https://www.foo.bar/callback',
183			'response_type' => 'foo',
184			'response_mode' => 'foo',
185			]);
186
187			try {
188			$this->getParameterCheckerManager()->process($authorization);
189			$this->fail('An OAuth2 exception should be thrown.');
190			} catch (OAuth2AuthorizationException $e) {
191			self::assertEquals(400, $e->getCode());
192			self::assertEquals('invalid_request', $e->getMessage());
193			self::assertEquals('The response mode "foo" is not supported. Please use one of the following values: query, fragment.', $e->getErrorDescription());
194			}
195			}
196
197			/**
198			* @test
199			*/
200			public function anAuthorizationRequestIsReceivedButTheResponseTypeIsNotSupportedByThisServer()
201			{
202			$client = Client::createEmpty();
203			$client = $client->create(
204			ClientId::create('CLIENT_ID'),
205			DataBag::create([]),
206			null
207			);
208			$client->eraseMessages();
209			$authorization = Authorization::create($client, [
210			'redirect_uri' => 'https://www.foo.bar/callback',
211			'response_type' => 'bar',
212			]);
213
214			try {
215			$this->getParameterCheckerManager()->process($authorization);
216			$this->fail('An OAuth2 exception should be thrown.');
217			} catch (OAuth2AuthorizationException $e) {
218			self::assertEquals(400, $e->getCode());
219			self::assertEquals('invalid_request', $e->getMessage());
220			self::assertEquals('The response type "bar" is not supported by this server', $e->getErrorDescription());
221			}
222			}
223
224			/**
225			* @test
226			*/
227			public function anAuthorizationRequestIsReceivedButTheResponseTypeIsNotAllowedForTheClient()
228			{
229			$client = Client::createEmpty();
230			$client = $client->create(
231			ClientId::create('CLIENT_ID'),
232			DataBag::create([]),
233			null
234			);
235			$client->eraseMessages();
236			$authorization = Authorization::create($client, [
237			'redirect_uri' => 'https://www.foo.bar/callback',
238			'response_type' => 'foo',
239			]);
240
241			try {
242			$this->getParameterCheckerManager()->process($authorization);
243			$this->fail('An OAuth2 exception should be thrown.');
244			} catch (OAuth2AuthorizationException $e) {
245			self::assertEquals(400, $e->getCode());
246			self::assertEquals('invalid_request', $e->getMessage());
247			self::assertEquals('The response type "foo" is not allowed for this client.', $e->getErrorDescription());
248			}
249			}
250
251			/**
252			* @test
253			*/
254			public function anAuthorizationRequestIsReceivedAndIsValid()
255			{
256			$client = Client::createEmpty();
257			$client = $client->create(
258			ClientId::create('CLIENT_ID'),
259			DataBag::create([
260			'response_types' => ['foo'],
261			]),
262			null
263			);
264			$client->eraseMessages();
265			$authorization = Authorization::create($client, [
266			'redirect_uri' => 'https://www.foo.bar/callback',
267			'response_type' => 'foo',
268			'state' => '0123456789',
269			'prompt' => 'login consent',
270			'display' => 'wap',
271			'response_mode' => 'fragment',
272			]);
273
274			$authorization = $this->getParameterCheckerManager()->process($authorization);
275
276			self::assertInstanceOf(FragmentResponseMode::class, $authorization->getResponseMode());
277			self::assertInstanceOf(ResponseType::class, $authorization->getResponseType());
278			self::assertEquals(['login', 'consent'], $authorization->getPrompt());
279			self::assertFalse($authorization->hasPrompt('none'));
280			}
281
282			/**
283			* @var null\|ParameterCheckerManager
284			*/
285			private $extensionManager = null;
286
287			/**
288			* @return ParameterCheckerManager
289			*/
290			private function getParameterCheckerManager(): ParameterCheckerManager
291			{
292			if (null === $this->extensionManager) {
293			$responseType = $this->prophesize(ResponseType::class);
294			$responseType->name()->willReturn('foo');
295			$responseType->getResponseMode()->willReturn('query');
296			$responseTypeManager = new ResponseTypeManager();
297			$responseTypeManager->add($responseType->reveal());
298
299			$responseModeManager = new ResponseModeManager();
300			$responseModeManager->add(new QueryResponseMode());
301			$responseModeManager->add(new FragmentResponseMode());
302
303			$this->extensionManager = new ParameterCheckerManager();
304			$this->extensionManager->add(new DisplayParameterChecker());
305			$this->extensionManager->add(new PromptParameterChecker());
306			$this->extensionManager->add(new RedirectUriParameterChecker());
307			$this->extensionManager->add(new ResponseTypeAndResponseModeParameterChecker($responseTypeManager, $responseModeManager, true));
308			$this->extensionManager->add(new StateParameterChecker());
309			}
310
311			return $this->extensionManager;
312			}
313			}
314

OAuth2-Framework / oauth2-framework

Push — master ( 69a5a9...547d98 )

ParameterCheckerManagerTest A

Complexity

Size/Duplication

Coupling/Cohesion

Importance

10 Methods

Duplication Side-by-Side

Filter issues like