RevocationEndpointTest::theTokenParameterIsNotSet() - Code Metrics - Inspection of "Bugs fixed" - OAuth2-Framework/oauth2-framework - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Push — ng ( 625bbc...a06888 )

by Florent

created 2018-02-11 22:24 UTC

theTokenParameterIsNotSet() A

↳ Parent: RevocationEndpointTest

Complexity

Conditions	1
Paths	1

Size

Total Lines	8
Code Lines	6

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	8
rs	9.4285
c	0
b	0
f	0
cc	1
eloc	6
nc	1
nop	0

<?php

declare(strict_types=1);

/*
 * The MIT License (MIT)
 *
 * Copyright (c) 2014-2018 Spomky-Labs
 *
 * This software may be modified and distributed under the terms
 * of the MIT license.  See the LICENSE file for details.
 */

namespace OAuth2Framework\Bundle\Tests\Functional\Revocation\AccessToken;

use OAuth2Framework\Component\Core\AccessToken\AccessToken;
use OAuth2Framework\Component\Core\AccessToken\AccessTokenRepository;
use OAuth2Framework\Component\Core\Client\ClientId;
use OAuth2Framework\Component\Core\DataBag\DataBag;
use OAuth2Framework\Component\Core\UserAccount\UserAccountId;
use OAuth2Framework\Component\TokenRevocationEndpoint\TokenRevocationEndpoint;
use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;

/**
 * @group Bundle
 * @group Functional
 * @group Grant
 * @group Revocation
 */
class RevocationEndpointTest extends WebTestCase
{
    /**
     * {@inheritdoc}
     */
    protected function setUp()
    {
        if (!class_exists(TokenRevocationEndpoint::class)) {
            $this->markTestSkipped('The component "oauth2-framework/token-revocation-endpoint" is not installed.');
        }
    }

    /**
     * @test
     */
    public function theClientIsNotAuthenticated()
    {
        $client = static::createClient();
        $client->request('POST', '/token/revoke', [], [], ['HTTPS' => 'on'], null);
        $response = $client->getResponse();
        self::assertEquals(400, $response->getStatusCode());
        self::assertEquals('{"error":"invalid_client","error_description":"Client authentication failed."}', $response->getContent());
    }

    /**
     * @test
     */
    public function theTokenParameterIsNotSet()
    {
        $client = static::createClient();
        $client->request('POST', '/token/revoke', ['client_id' => 'CLIENT_ID_3', 'client_secret' => 'secret'], [], ['HTTPS' => 'on'], null);
        $response = $client->getResponse();
        self::assertEquals(400, $response->getStatusCode());
        self::assertEquals('{"error":"invalid_request","error_description":"The parameter \"token\" is missing."}', $response->getContent());
    }

    /**
     * @test
     */
    public function anUnknownTokenIsNotFound()
    {
        $client = static::createClient();
        $client->request('POST', '/token/revoke', ['client_id' => 'CLIENT_ID_3', 'client_secret' => 'secret', 'token' => 'FOO'], [], ['HTTPS' => 'on'], null);
        $response = $client->getResponse();
        self::assertEquals(200, $response->getStatusCode());
        self::assertEquals('', $response->getContent());
    }

    /**
     * @test
     */
    public function aAccessTokenIsCorrectlyRevoked()
    {
        $client = static::createClient();
        $container = $client->getContainer();
        /** @var AccessTokenRepository $accessTokenRepository */
        $accessTokenRepository = $container->get('MyAccessTokenRepository');

        $accessToken = $accessTokenRepository->create(
            UserAccountId::create('john.1'),
            ClientId::create('CLIENT_ID_3'),
            DataBag::create([]),
            DataBag::create([]),
            null
        );
        $accessTokenRepository->save($accessToken);

        $client->request('POST', '/token/revoke', ['client_id' => 'CLIENT_ID_3', 'client_secret' => 'secret', 'token' => $accessToken->getTokenId()->getValue()], [], ['HTTPS' => 'on'], null);
        $response = $client->getResponse();
        self::assertEquals(200, $response->getStatusCode());
        self::assertEquals('', $response->getContent());

        $newAccessToken = $accessTokenRepository->find($accessToken->getTokenId());
        self::assertInstanceOf(AccessToken::class, $newAccessToken);
        self::AssertTrue($newAccessToken->isRevoked());
    }

    /**
     * @test
     */
    public function aAccessTokenThatOwnsToAnotherClientIsNotRevoked()
    {
        $client = static::createClient();
        $container = $client->getContainer();
        /** @var AccessTokenRepository $accessTokenRepository */
        $accessTokenRepository = $container->get('MyAccessTokenRepository');

        $accessToken = $accessTokenRepository->create(
            UserAccountId::create('john.1'),
            ClientId::create('CLIENT_ID_2'),
            DataBag::create([]),
            DataBag::create([]),
            null
        );
        $accessTokenRepository->save($accessToken);

        $client->request('POST', '/token/revoke', ['client_id' => 'CLIENT_ID_3', 'client_secret' => 'secret', 'token' => $accessToken->getTokenId()->getValue()], [], ['HTTPS' => 'on'], null);
        $response = $client->getResponse();
        self::assertEquals(400, $response->getStatusCode());
        self::assertEquals('{"error":"invalid_request","error_description":"The parameter \"token\" is invalid."}', $response->getContent());

        $newAccessToken = $accessTokenRepository->find($accessToken->getTokenId());
        self::assertInstanceOf(AccessToken::class, $newAccessToken);
        self::AssertFalse($newAccessToken->isRevoked());
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			/*
6			* The MIT License (MIT)
7			*
8			* Copyright (c) 2014-2018 Spomky-Labs
9			*
10			* This software may be modified and distributed under the terms
11			* of the MIT license. See the LICENSE file for details.
12			*/
13
14			namespace OAuth2Framework\Bundle\Tests\Functional\Revocation\AccessToken;
15
16			use OAuth2Framework\Component\Core\AccessToken\AccessToken;
17			use OAuth2Framework\Component\Core\AccessToken\AccessTokenRepository;
18			use OAuth2Framework\Component\Core\Client\ClientId;
19			use OAuth2Framework\Component\Core\DataBag\DataBag;
20			use OAuth2Framework\Component\Core\UserAccount\UserAccountId;
21			use OAuth2Framework\Component\TokenRevocationEndpoint\TokenRevocationEndpoint;
22			use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
23
24			/**
25			* @group Bundle
26			* @group Functional
27			* @group Grant
28			* @group Revocation
29			*/
30			class RevocationEndpointTest extends WebTestCase
31			{
32			/**
33			* {@inheritdoc}
34			*/
35			protected function setUp()
36			{
37			if (!class_exists(TokenRevocationEndpoint::class)) {
38			$this->markTestSkipped('The component "oauth2-framework/token-revocation-endpoint" is not installed.');
39			}
40			}
41
42			/**
43			* @test
44			*/
45			public function theClientIsNotAuthenticated()
46			{
47			$client = static::createClient();
48			$client->request('POST', '/token/revoke', [], [], ['HTTPS' => 'on'], null);
49			$response = $client->getResponse();
50			self::assertEquals(400, $response->getStatusCode());
51			self::assertEquals('{"error":"invalid_client","error_description":"Client authentication failed."}', $response->getContent());
52			}
53
54			/**
55			* @test
56			*/
57			public function theTokenParameterIsNotSet()
58			{
59			$client = static::createClient();
60			$client->request('POST', '/token/revoke', ['client_id' => 'CLIENT_ID_3', 'client_secret' => 'secret'], [], ['HTTPS' => 'on'], null);
61			$response = $client->getResponse();
62			self::assertEquals(400, $response->getStatusCode());
63			self::assertEquals('{"error":"invalid_request","error_description":"The parameter \"token\" is missing."}', $response->getContent());
64			}
65
66			/**
67			* @test
68			*/
69			public function anUnknownTokenIsNotFound()
70			{
71			$client = static::createClient();
72			$client->request('POST', '/token/revoke', ['client_id' => 'CLIENT_ID_3', 'client_secret' => 'secret', 'token' => 'FOO'], [], ['HTTPS' => 'on'], null);
73			$response = $client->getResponse();
74			self::assertEquals(200, $response->getStatusCode());
75			self::assertEquals('', $response->getContent());
76			}
77
78			/**
79			* @test
80			*/
81			public function aAccessTokenIsCorrectlyRevoked()
82			{
83			$client = static::createClient();
84			$container = $client->getContainer();
85			/** @var AccessTokenRepository $accessTokenRepository */
86			$accessTokenRepository = $container->get('MyAccessTokenRepository');
			0 ignored issues – show Comprehensibility Naming introduced 2018-02-11 22:32 UTC by Report Bug Copy Issue Report The variable name `$accessTokenRepository` exceeds the maximum configured length of `20`. Very long variable names usually make code harder to read. It is therefore recommended not to make variable names too verbose. Loading history...
87			$accessToken = $accessTokenRepository->create(
88			UserAccountId::create('john.1'),
89			ClientId::create('CLIENT_ID_3'),
90			DataBag::create([]),
91			DataBag::create([]),
92			null
93			);
94			$accessTokenRepository->save($accessToken);
95
96			$client->request('POST', '/token/revoke', ['client_id' => 'CLIENT_ID_3', 'client_secret' => 'secret', 'token' => $accessToken->getTokenId()->getValue()], [], ['HTTPS' => 'on'], null);
97			$response = $client->getResponse();
98			self::assertEquals(200, $response->getStatusCode());
99			self::assertEquals('', $response->getContent());
100
101			$newAccessToken = $accessTokenRepository->find($accessToken->getTokenId());
102			self::assertInstanceOf(AccessToken::class, $newAccessToken);
103			self::AssertTrue($newAccessToken->isRevoked());
104			}
105
106			/**
107			* @test
108			*/
109			public function aAccessTokenThatOwnsToAnotherClientIsNotRevoked()
110			{
111			$client = static::createClient();
112			$container = $client->getContainer();
113			/** @var AccessTokenRepository $accessTokenRepository */
114			$accessTokenRepository = $container->get('MyAccessTokenRepository');
			0 ignored issues – show Comprehensibility Naming introduced 2018-02-11 22:32 UTC by Report Bug Copy Issue Report The variable name `$accessTokenRepository` exceeds the maximum configured length of `20`. Very long variable names usually make code harder to read. It is therefore recommended not to make variable names too verbose. Loading history...
115			$accessToken = $accessTokenRepository->create(
116			UserAccountId::create('john.1'),
117			ClientId::create('CLIENT_ID_2'),
118			DataBag::create([]),
119			DataBag::create([]),
120			null
121			);
122			$accessTokenRepository->save($accessToken);
123
124			$client->request('POST', '/token/revoke', ['client_id' => 'CLIENT_ID_3', 'client_secret' => 'secret', 'token' => $accessToken->getTokenId()->getValue()], [], ['HTTPS' => 'on'], null);
125			$response = $client->getResponse();
126			self::assertEquals(400, $response->getStatusCode());
127			self::assertEquals('{"error":"invalid_request","error_description":"The parameter \"token\" is invalid."}', $response->getContent());
128
129			$newAccessToken = $accessTokenRepository->find($accessToken->getTokenId());
130			self::assertInstanceOf(AccessToken::class, $newAccessToken);
131			self::AssertFalse($newAccessToken->isRevoked());
132			}
133			}
134

OAuth2-Framework / oauth2-framework

Push — ng ( 625bbc...a06888 )

theTokenParameterIsNotSet() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like