AuthenticationMethodManagerTest - Code Metrics - Inspection of "Bugs fixed" - OAuth2-Framework/oauth2-framework - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Push — master ( 393e29...5c5e5d )

by Florent

created 2018-05-26 14:26 UTC

AuthenticationMethodManagerTest A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	81
Duplicated Lines	0 %

Coupling/Cohesion

Components	0
Dependencies	5

Importance

Changes

Metric	Value
wmc	5
lcom	0
cbo	5
dl	0
loc	81
rs	10
c	0
b	0
f	0

4 Methods

Rating	Name	Size	Complexity
A	genericCalls()	13	1
B	theClientCannotUseSeveralAuthenticationMethods()	24	2
A	theClientCanUseSeveralAuthenticationMethodsWhenOneIsNone()	17	1
A	buildRequest()	12	1

<?php

declare(strict_types=1);

/*
 * The MIT License (MIT)
 *
 * Copyright (c) 2014-2018 Spomky-Labs
 *
 * This software may be modified and distributed under the terms
 * of the MIT license.  See the LICENSE file for details.
 */

namespace OAuth2Framework\Component\ClientAuthentication\Tests;

use OAuth2Framework\Component\Core\Client\ClientId;
use OAuth2Framework\Component\Core\Message\OAuth2Message;
use OAuth2Framework\Component\ClientAuthentication\AuthenticationMethod;
use OAuth2Framework\Component\ClientAuthentication\AuthenticationMethodManager;
use OAuth2Framework\Component\ClientAuthentication\ClientSecretBasic;
use OAuth2Framework\Component\ClientAuthentication\ClientSecretPost;
use OAuth2Framework\Component\ClientAuthentication\None;
use PHPUnit\Framework\TestCase;
use Prophecy\Prophecy\ObjectProphecy;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Message\StreamInterface;

/**
 * @group TokenEndpoint
 * @group ClientAuthentication
 */
final class AuthenticationMethodManagerTest extends TestCase
{
    /**
     * @test
     */
    public function genericCalls()
    {
        $manager = new AuthenticationMethodManager();
        $manager
            ->add(new None())
            ->add(new ClientSecretBasic('Realm'))
        ;
        self::assertTrue($manager->has('none'));
        self::assertEquals(['none', 'client_secret_basic'], $manager->list());
        self::assertInstanceOf(AuthenticationMethod::class, $manager->get('none'));
        self::assertEquals(2, count($manager->all()));
        self::assertEquals(['Basic realm="Realm",charset="UTF-8"'], $manager->getSchemesParameters());
    }

    /**
     * @test
     */
    public function theClientCannotUseSeveralAuthenticationMethods()
    {
        $manager = new AuthenticationMethodManager();
        $manager
            ->add(new ClientSecretBasic('My Service'))
            ->add(new ClientSecretPost())
        ;
        $request = $this->buildRequest([
            'client_id' => 'CLIENT_ID',
            'client_secret' => 'CLIENT_SECRET',
        ]);
        $request->getHeader('Authorization')->willReturn(['Basic '.base64_encode('CLIENT_ID:CLIENT_SECRET')]);

        try {
            $manager->findClientIdAndCredentials($request->reveal(), $method, $credentials);
            $this->fail('An OAuth2 exception should be thrown.');
        } catch (OAuth2Message $e) {
            self::assertEquals(400, $e->getCode());
            self::assertEquals([
                'error' => 'invalid_request',
                'error_description' => 'Only one authentication method may be used to authenticate the client.',
            ], $e->getData());
        }
    }

    /**
     * @test
     */
    public function theClientCanUseSeveralAuthenticationMethodsWhenOneIsNone()
    {
        $manager = new AuthenticationMethodManager();
        $manager
            ->add(new None())
            ->add(new ClientSecretPost())
        ;
        $request = $this->buildRequest([
            'client_id' => 'CLIENT_ID',
            'client_secret' => 'CLIENT_SECRET',
        ]);

        $clientId = $manager->findClientIdAndCredentials($request->reveal(), $method, $credentials);
        self::assertInstanceOf(ClientSecretPost::class, $method);
        self::assertInstanceOf(ClientId::class, $clientId);
        self::assertEquals('CLIENT_SECRET', $credentials);
    }

    private function buildRequest(array $data): ObjectProphecy
    {
        $body = $this->prophesize(StreamInterface::class);
        $body->getContents()->willReturn(http_build_query($data));
        $request = $this->prophesize(ServerRequestInterface::class);
        $request->hasHeader('Content-Type')->willReturn(true);
        $request->getHeader('Content-Type')->willReturn(['application/x-www-form-urlencoded']);
        $request->getBody()->willReturn($body->reveal());
        $request->getParsedBody()->willReturn([]);

        return $request;
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			/*
6			* The MIT License (MIT)
7			*
8			* Copyright (c) 2014-2018 Spomky-Labs
9			*
10			* This software may be modified and distributed under the terms
11			* of the MIT license. See the LICENSE file for details.
12			*/
13
14			namespace OAuth2Framework\Component\ClientAuthentication\Tests;
15
16			use OAuth2Framework\Component\Core\Client\ClientId;
17			use OAuth2Framework\Component\Core\Message\OAuth2Message;
18			use OAuth2Framework\Component\ClientAuthentication\AuthenticationMethod;
19			use OAuth2Framework\Component\ClientAuthentication\AuthenticationMethodManager;
20			use OAuth2Framework\Component\ClientAuthentication\ClientSecretBasic;
21			use OAuth2Framework\Component\ClientAuthentication\ClientSecretPost;
22			use OAuth2Framework\Component\ClientAuthentication\None;
23			use PHPUnit\Framework\TestCase;
24			use Prophecy\Prophecy\ObjectProphecy;
25			use Psr\Http\Message\ServerRequestInterface;
26			use Psr\Http\Message\StreamInterface;
27
28			/**
29			* @group TokenEndpoint
30			* @group ClientAuthentication
31			*/
32			final class AuthenticationMethodManagerTest extends TestCase
33			{
34			/**
35			* @test
36			*/
37			public function genericCalls()
38			{
39			$manager = new AuthenticationMethodManager();
40			$manager
41			->add(new None())
42			->add(new ClientSecretBasic('Realm'))
43			;
44			self::assertTrue($manager->has('none'));
45			self::assertEquals(['none', 'client_secret_basic'], $manager->list());
46			self::assertInstanceOf(AuthenticationMethod::class, $manager->get('none'));
47			self::assertEquals(2, count($manager->all()));
48			self::assertEquals(['Basic realm="Realm",charset="UTF-8"'], $manager->getSchemesParameters());
49			}
50
51			/**
52			* @test
53			*/
54			public function theClientCannotUseSeveralAuthenticationMethods()
55			{
56			$manager = new AuthenticationMethodManager();
57			$manager
58			->add(new ClientSecretBasic('My Service'))
59			->add(new ClientSecretPost())
60			;
61			$request = $this->buildRequest([
62			'client_id' => 'CLIENT_ID',
63			'client_secret' => 'CLIENT_SECRET',
64			]);
65			$request->getHeader('Authorization')->willReturn(['Basic '.base64_encode('CLIENT_ID:CLIENT_SECRET')]);
66
67			try {
68			$manager->findClientIdAndCredentials($request->reveal(), $method, $credentials);
69			$this->fail('An OAuth2 exception should be thrown.');
70			} catch (OAuth2Message $e) {
71			self::assertEquals(400, $e->getCode());
72			self::assertEquals([
73			'error' => 'invalid_request',
74			'error_description' => 'Only one authentication method may be used to authenticate the client.',
75			], $e->getData());
76			}
77			}
78
79			/**
80			* @test
81			*/
82			public function theClientCanUseSeveralAuthenticationMethodsWhenOneIsNone()
83			{
84			$manager = new AuthenticationMethodManager();
85			$manager
86			->add(new None())
87			->add(new ClientSecretPost())
88			;
89			$request = $this->buildRequest([
90			'client_id' => 'CLIENT_ID',
91			'client_secret' => 'CLIENT_SECRET',
92			]);
93
94			$clientId = $manager->findClientIdAndCredentials($request->reveal(), $method, $credentials);
95			self::assertInstanceOf(ClientSecretPost::class, $method);
96			self::assertInstanceOf(ClientId::class, $clientId);
97			self::assertEquals('CLIENT_SECRET', $credentials);
98			}
99
100			private function buildRequest(array $data): ObjectProphecy
101			{
102			$body = $this->prophesize(StreamInterface::class);
103			$body->getContents()->willReturn(http_build_query($data));
104			$request = $this->prophesize(ServerRequestInterface::class);
105			$request->hasHeader('Content-Type')->willReturn(true);
106			$request->getHeader('Content-Type')->willReturn(['application/x-www-form-urlencoded']);
107			$request->getBody()->willReturn($body->reveal());
108			$request->getParsedBody()->willReturn([]);
109
110			return $request;
111			}
112			}
113

OAuth2-Framework / oauth2-framework

Push — master ( 393e29...5c5e5d )

AuthenticationMethodManagerTest A

Complexity

Size/Duplication

Coupling/Cohesion

Importance

4 Methods

Duplication Side-by-Side

Filter issues like