Issues in ClientAuthenticationMiddlewareTest.php - Fixed Issues - Inspection of "WIP" - OAuth2-Framework/oauth2-framework - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Push — master ( 9eeb29...881d26 )

by Florent

created 2018-10-31 12:49 UTC

Tests/ClientAuthenticationMiddlewareTest.php (1 issue)

Labels

Bug 1

Severity

Minor 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

declare(strict_types=1);

/*
 * The MIT License (MIT)
 *
 * Copyright (c) 2014-2018 Spomky-Labs
 *
 * This software may be modified and distributed under the terms
 * of the MIT license.  See the LICENSE file for details.
 */

namespace OAuth2Framework\Component\ClientAuthentication\Tests;

use OAuth2Framework\Component\ClientAuthentication\AuthenticationMethod;
use OAuth2Framework\Component\ClientAuthentication\AuthenticationMethodManager;
use OAuth2Framework\Component\ClientAuthentication\ClientAuthenticationMiddleware;
use OAuth2Framework\Component\ClientAuthentication\ClientSecretBasic;
use OAuth2Framework\Component\Core\Client\Client;
use OAuth2Framework\Component\Core\Client\ClientId;
use OAuth2Framework\Component\Core\Client\ClientRepository;
use OAuth2Framework\Component\Core\DataBag\DataBag;
use OAuth2Framework\Component\Core\Message\OAuth2Error;
use PHPUnit\Framework\TestCase;
use Prophecy\Argument;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Server\RequestHandlerInterface;

/**
 * @group TokenEndpoint
 * @group ClientAuthenticationMiddleware
 */
final class ClientAuthenticationMiddlewareTest extends TestCase
{
    /**
     * @test
     */
    public function noClientIsFoundInTheRequest()
    {
        $response = $this->prophesize(ResponseInterface::class);
        $request = $this->prophesize(ServerRequestInterface::class);
        $request->getHeader('Authorization')->willReturn([])->shouldBeCalled();
        $handler = $this->prophesize(RequestHandlerInterface::class);
        $clientRepository = $this->prophesize(ClientRepository::class);
        $handler->handle(Argument::type(ServerRequestInterface::class))
            ->shouldBeCalled()
            ->willReturn($response->reveal())
        ;

        $this->getClientAuthenticationMiddleware($clientRepository->reveal())->process($request->reveal(), $handler->reveal());
    }

    /**
     * @test
     */
    public function aClientIdIsSetButTheClientDoesNotExist()
    {
        $request = $this->prophesize(ServerRequestInterface::class);
        $request->getHeader('Authorization')
            ->willReturn([
                'Basic '.\base64_encode('FOO:BAR'),
            ])
            ->shouldBeCalled();
        $handler = $this->prophesize(RequestHandlerInterface::class);
        $clientRepository = $this->prophesize(ClientRepository::class);
        $clientRepository->find(Argument::type(ClientId::class))->willReturn(null)->shouldBeCalled();
        $handler->handle(Argument::type(ServerRequestInterface::class))
            ->shouldNotBeCalled()
        ;

        try {
            $this->getClientAuthenticationMiddleware($clientRepository->reveal())->process($request->reveal(), $handler->reveal());
            static::fail('An OAuth2 exception should be thrown.');
        } catch (OAuth2Error $e) {
            static::assertEquals(401, $e->getCode());
            static::assertEquals([
                'error' => 'invalid_client',
                'error_description' => 'Client authentication failed.',
            ], $e->getData());
        }
    }

    /**
     * @test
     */
    public function aClientIdIsSetButTheClientIsDeleted()
    {
        $client = new Client(
            new ClientId('FOO'),
            new DataBag([]),
            null
        );
        $client = $client->markAsDeleted();
class A
{
    function getObject()
    {
        return null;
    }

}

$a = new A();
$object = $a->getObject();

        $request = $this->prophesize(ServerRequestInterface::class);
        $request->getHeader('Authorization')
            ->willReturn([
                'Basic '.\base64_encode('FOO:BAR'),
            ])
            ->shouldBeCalled();
        $handler = $this->prophesize(RequestHandlerInterface::class);
        $clientRepository = $this->prophesize(ClientRepository::class);
        $clientRepository->find(Argument::type(ClientId::class))->willReturn($client)->shouldBeCalled();
        $handler->handle(Argument::type(ServerRequestInterface::class))
            ->shouldNotBeCalled()
        ;

        try {
            $this->getClientAuthenticationMiddleware($clientRepository->reveal())->process($request->reveal(), $handler->reveal());
            static::fail('An OAuth2 exception should be thrown.');
        } catch (OAuth2Error $e) {
            static::assertEquals(401, $e->getCode());
            static::assertEquals([
                'error' => 'invalid_client',
                'error_description' => 'Client authentication failed.',
            ], $e->getData());
        }
    }

    /**
     * @test
     */
    public function aClientIdIsSetButTheClientCredentialsExpired()
    {
        $client = new Client(
            new ClientId('FOO'),
            new DataBag([
                'token_endpoint_auth_method' => 'client_secret_basic',
                'client_secret' => 'BAR',
                'client_secret_expires_at' => \time() - 1,
            ]),
            null
        );

        $request = $this->prophesize(ServerRequestInterface::class);
        $request->getHeader('Authorization')
            ->willReturn([
                'Basic '.\base64_encode('FOO:BAR'),
            ])
            ->shouldBeCalled();
        $handler = $this->prophesize(RequestHandlerInterface::class);
        $clientRepository = $this->prophesize(ClientRepository::class);
        $clientRepository->find(Argument::type(ClientId::class))->willReturn($client)->shouldBeCalled();
        $handler->handle(Argument::type(ServerRequestInterface::class))
            ->shouldNotBeCalled()
        ;

        try {
            $this->getClientAuthenticationMiddleware($clientRepository->reveal())->process($request->reveal(), $handler->reveal());
            static::fail('An OAuth2 exception should be thrown.');
        } catch (OAuth2Error $e) {
            static::assertEquals(401, $e->getCode());
            static::assertEquals([
                'error' => 'invalid_client',
                'error_description' => 'Client credentials expired.',
            ], $e->getData());
        }
    }

    /**
     * @test
     */
    public function aClientIdIsSetButTheAuthenticationMethodIsNotSupportedByTheClient()
    {
        $client = new Client(
            new ClientId('FOO'),
            new DataBag([
                'token_endpoint_auth_method' => 'none',
            ]),
            null
        );

        $request = $this->prophesize(ServerRequestInterface::class);
        $request->getHeader('Authorization')
            ->willReturn([
                'Basic '.\base64_encode('FOO:BAR'),
            ])
            ->shouldBeCalled();
        $handler = $this->prophesize(RequestHandlerInterface::class);
        $clientRepository = $this->prophesize(ClientRepository::class);
        $clientRepository->find(Argument::type(ClientId::class))->willReturn($client)->shouldBeCalled();
        $handler->handle(Argument::type(ServerRequestInterface::class))
            ->shouldNotBeCalled()
        ;

        try {
            $this->getClientAuthenticationMiddleware($clientRepository->reveal())->process($request->reveal(), $handler->reveal());
            static::fail('An OAuth2 exception should be thrown.');
        } catch (OAuth2Error $e) {
            static::assertEquals(401, $e->getCode());
            static::assertEquals([
                'error' => 'invalid_client',
                'error_description' => 'Client authentication failed.',
            ], $e->getData());
        }
    }

    /**
     * @test
     */
    public function aClientIdIsSetButTheClientIsNotAuthenticated()
    {
        $client = new Client(
            new ClientId('FOO'),
            new DataBag([
                'token_endpoint_auth_method' => 'client_secret_basic',
                'client_secret' => 'BAR',
            ]),
            null
        );

        $request = $this->prophesize(ServerRequestInterface::class);
        $request->getHeader('Authorization')
            ->willReturn([
                'Basic '.\base64_encode('FOO:BAD_SECRET'),
            ])
            ->shouldBeCalled();
        $handler = $this->prophesize(RequestHandlerInterface::class);
        $clientRepository = $this->prophesize(ClientRepository::class);
        $clientRepository->find(Argument::type(ClientId::class))->willReturn($client)->shouldBeCalled();
        $handler->handle(Argument::type(ServerRequestInterface::class))
            ->shouldNotBeCalled()
        ;

        try {
            $this->getClientAuthenticationMiddleware($clientRepository->reveal())->process($request->reveal(), $handler->reveal());
            static::fail('An OAuth2 exception should be thrown.');
        } catch (OAuth2Error $e) {
            static::assertEquals(401, $e->getCode());
            static::assertEquals([
                'error' => 'invalid_client',
                'error_description' => 'Client authentication failed.',
            ], $e->getData());
        }
    }

    /**
     * @test
     */
    public function aClientIsFullyAuthenticated()
    {
        $client = new Client(
            new ClientId('FOO'),
            new DataBag([
                'token_endpoint_auth_method' => 'client_secret_basic',
                'client_secret' => 'BAR',
            ]),
            null
        );

        $response = $this->prophesize(ResponseInterface::class);
        $request = $this->prophesize(ServerRequestInterface::class);
        $request->getHeader('Authorization')
            ->willReturn([
                'Basic '.\base64_encode('FOO:BAR'),
            ])
            ->shouldBeCalled();
        $request->withAttribute('client', $client)->shouldBeCalled()->willReturn($request->reveal());
        $request->withAttribute('client_authentication_method', Argument::type(AuthenticationMethod::class))->shouldBeCalled()->willReturn($request->reveal());
        $request->withAttribute('client_credentials', 'BAR')->shouldBeCalled()->willReturn($request->reveal());
        $handler = $this->prophesize(RequestHandlerInterface::class);
        $clientRepository = $this->prophesize(ClientRepository::class);
        $clientRepository->find(Argument::type(ClientId::class))->willReturn($client)->shouldBeCalled();
        $handler->handle(Argument::type(ServerRequestInterface::class))
            ->shouldBeCalled()
            ->willReturn($response->reveal())
        ;

        $this->getClientAuthenticationMiddleware($clientRepository->reveal())->process($request->reveal(), $handler->reveal());
    }

    private function getClientAuthenticationMiddleware(ClientRepository $clientRepository): ClientAuthenticationMiddleware
    {
        $authenticationMethodManager = new AuthenticationMethodManager();
        $authenticationMethodManager->add(new ClientSecretBasic('Real'));

        $clientAuthenticationMiddleware = new ClientAuthenticationMiddleware(
            $clientRepository,
            $authenticationMethodManager
        );

        return $clientAuthenticationMiddleware;
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			/*
6			* The MIT License (MIT)
7			*
8			* Copyright (c) 2014-2018 Spomky-Labs
9			*
10			* This software may be modified and distributed under the terms
11			* of the MIT license. See the LICENSE file for details.
12			*/
13
14			namespace OAuth2Framework\Component\ClientAuthentication\Tests;
15
16			use OAuth2Framework\Component\ClientAuthentication\AuthenticationMethod;
17			use OAuth2Framework\Component\ClientAuthentication\AuthenticationMethodManager;
18			use OAuth2Framework\Component\ClientAuthentication\ClientAuthenticationMiddleware;
19			use OAuth2Framework\Component\ClientAuthentication\ClientSecretBasic;
20			use OAuth2Framework\Component\Core\Client\Client;
21			use OAuth2Framework\Component\Core\Client\ClientId;
22			use OAuth2Framework\Component\Core\Client\ClientRepository;
23			use OAuth2Framework\Component\Core\DataBag\DataBag;
24			use OAuth2Framework\Component\Core\Message\OAuth2Error;
25			use PHPUnit\Framework\TestCase;
26			use Prophecy\Argument;
27			use Psr\Http\Message\ResponseInterface;
28			use Psr\Http\Message\ServerRequestInterface;
29			use Psr\Http\Server\RequestHandlerInterface;
30
31			/**
32			* @group TokenEndpoint
33			* @group ClientAuthenticationMiddleware
34			*/
35			final class ClientAuthenticationMiddlewareTest extends TestCase
36			{
37			/**
38			* @test
39			*/
40			public function noClientIsFoundInTheRequest()
41			{
42			$response = $this->prophesize(ResponseInterface::class);
43			$request = $this->prophesize(ServerRequestInterface::class);
44			$request->getHeader('Authorization')->willReturn([])->shouldBeCalled();
45			$handler = $this->prophesize(RequestHandlerInterface::class);
46			$clientRepository = $this->prophesize(ClientRepository::class);
47			$handler->handle(Argument::type(ServerRequestInterface::class))
48			->shouldBeCalled()
49			->willReturn($response->reveal())
50			;
51
52			$this->getClientAuthenticationMiddleware($clientRepository->reveal())->process($request->reveal(), $handler->reveal());
53			}
54
55			/**
56			* @test
57			*/
58			public function aClientIdIsSetButTheClientDoesNotExist()
59			{
60			$request = $this->prophesize(ServerRequestInterface::class);
61			$request->getHeader('Authorization')
62			->willReturn([
63			'Basic '.\base64_encode('FOO:BAR'),
64			])
65			->shouldBeCalled();
66			$handler = $this->prophesize(RequestHandlerInterface::class);
67			$clientRepository = $this->prophesize(ClientRepository::class);
68			$clientRepository->find(Argument::type(ClientId::class))->willReturn(null)->shouldBeCalled();
69			$handler->handle(Argument::type(ServerRequestInterface::class))
70			->shouldNotBeCalled()
71			;
72
73			try {
74			$this->getClientAuthenticationMiddleware($clientRepository->reveal())->process($request->reveal(), $handler->reveal());
75			static::fail('An OAuth2 exception should be thrown.');
76			} catch (OAuth2Error $e) {
77			static::assertEquals(401, $e->getCode());
78			static::assertEquals([
79			'error' => 'invalid_client',
80			'error_description' => 'Client authentication failed.',
81			], $e->getData());
82			}
83			}
84
85			/**
86			* @test
87			*/
88			public function aClientIdIsSetButTheClientIsDeleted()
89			{
90			$client = new Client(
91			new ClientId('FOO'),
92			new DataBag([]),
93			null
94			);
95			$client = $client->markAsDeleted();
			0 ignored issues – show Bug introduced 2018-08-04 23:26 UTC by Report Bug Copy Issue Report Show Similar Issues like this Are you sure the assignment to `$client` is correct as `$client->markAsDeleted()` (which targets `OAuth2Framework\Componen...Client::markAsDeleted()`) seems to always return null. This check looks for function or method calls that always return null and whose return value is assigned to a variable. class A { function getObject() { return null; } } $a = new A(); $object = $a->getObject(); The method `getObject()` can return nothing but null, so it makes no sense to assign that value to a variable. The reason is most likely that a function or method is imcomplete or has been reduced for debug purposes. Loading history...
96
97			$request = $this->prophesize(ServerRequestInterface::class);
98			$request->getHeader('Authorization')
99			->willReturn([
100			'Basic '.\base64_encode('FOO:BAR'),
101			])
102			->shouldBeCalled();
103			$handler = $this->prophesize(RequestHandlerInterface::class);
104			$clientRepository = $this->prophesize(ClientRepository::class);
105			$clientRepository->find(Argument::type(ClientId::class))->willReturn($client)->shouldBeCalled();
106			$handler->handle(Argument::type(ServerRequestInterface::class))
107			->shouldNotBeCalled()
108			;
109
110			try {
111			$this->getClientAuthenticationMiddleware($clientRepository->reveal())->process($request->reveal(), $handler->reveal());
112			static::fail('An OAuth2 exception should be thrown.');
113			} catch (OAuth2Error $e) {
114			static::assertEquals(401, $e->getCode());
115			static::assertEquals([
116			'error' => 'invalid_client',
117			'error_description' => 'Client authentication failed.',
118			], $e->getData());
119			}
120			}
121
122			/**
123			* @test
124			*/
125			public function aClientIdIsSetButTheClientCredentialsExpired()
126			{
127			$client = new Client(
128			new ClientId('FOO'),
129			new DataBag([
130			'token_endpoint_auth_method' => 'client_secret_basic',
131			'client_secret' => 'BAR',
132			'client_secret_expires_at' => \time() - 1,
133			]),
134			null
135			);
136
137			$request = $this->prophesize(ServerRequestInterface::class);
138			$request->getHeader('Authorization')
139			->willReturn([
140			'Basic '.\base64_encode('FOO:BAR'),
141			])
142			->shouldBeCalled();
143			$handler = $this->prophesize(RequestHandlerInterface::class);
144			$clientRepository = $this->prophesize(ClientRepository::class);
145			$clientRepository->find(Argument::type(ClientId::class))->willReturn($client)->shouldBeCalled();
146			$handler->handle(Argument::type(ServerRequestInterface::class))
147			->shouldNotBeCalled()
148			;
149
150			try {
151			$this->getClientAuthenticationMiddleware($clientRepository->reveal())->process($request->reveal(), $handler->reveal());
152			static::fail('An OAuth2 exception should be thrown.');
153			} catch (OAuth2Error $e) {
154			static::assertEquals(401, $e->getCode());
155			static::assertEquals([
156			'error' => 'invalid_client',
157			'error_description' => 'Client credentials expired.',
158			], $e->getData());
159			}
160			}
161
162			/**
163			* @test
164			*/
165			public function aClientIdIsSetButTheAuthenticationMethodIsNotSupportedByTheClient()
166			{
167			$client = new Client(
168			new ClientId('FOO'),
169			new DataBag([
170			'token_endpoint_auth_method' => 'none',
171			]),
172			null
173			);
174
175			$request = $this->prophesize(ServerRequestInterface::class);
176			$request->getHeader('Authorization')
177			->willReturn([
178			'Basic '.\base64_encode('FOO:BAR'),
179			])
180			->shouldBeCalled();
181			$handler = $this->prophesize(RequestHandlerInterface::class);
182			$clientRepository = $this->prophesize(ClientRepository::class);
183			$clientRepository->find(Argument::type(ClientId::class))->willReturn($client)->shouldBeCalled();
184			$handler->handle(Argument::type(ServerRequestInterface::class))
185			->shouldNotBeCalled()
186			;
187
188			try {
189			$this->getClientAuthenticationMiddleware($clientRepository->reveal())->process($request->reveal(), $handler->reveal());
190			static::fail('An OAuth2 exception should be thrown.');
191			} catch (OAuth2Error $e) {
192			static::assertEquals(401, $e->getCode());
193			static::assertEquals([
194			'error' => 'invalid_client',
195			'error_description' => 'Client authentication failed.',
196			], $e->getData());
197			}
198			}
199
200			/**
201			* @test
202			*/
203			public function aClientIdIsSetButTheClientIsNotAuthenticated()
204			{
205			$client = new Client(
206			new ClientId('FOO'),
207			new DataBag([
208			'token_endpoint_auth_method' => 'client_secret_basic',
209			'client_secret' => 'BAR',
210			]),
211			null
212			);
213
214			$request = $this->prophesize(ServerRequestInterface::class);
215			$request->getHeader('Authorization')
216			->willReturn([
217			'Basic '.\base64_encode('FOO:BAD_SECRET'),
218			])
219			->shouldBeCalled();
220			$handler = $this->prophesize(RequestHandlerInterface::class);
221			$clientRepository = $this->prophesize(ClientRepository::class);
222			$clientRepository->find(Argument::type(ClientId::class))->willReturn($client)->shouldBeCalled();
223			$handler->handle(Argument::type(ServerRequestInterface::class))
224			->shouldNotBeCalled()
225			;
226
227			try {
228			$this->getClientAuthenticationMiddleware($clientRepository->reveal())->process($request->reveal(), $handler->reveal());
229			static::fail('An OAuth2 exception should be thrown.');
230			} catch (OAuth2Error $e) {
231			static::assertEquals(401, $e->getCode());
232			static::assertEquals([
233			'error' => 'invalid_client',
234			'error_description' => 'Client authentication failed.',
235			], $e->getData());
236			}
237			}
238
239			/**
240			* @test
241			*/
242			public function aClientIsFullyAuthenticated()
243			{
244			$client = new Client(
245			new ClientId('FOO'),
246			new DataBag([
247			'token_endpoint_auth_method' => 'client_secret_basic',
248			'client_secret' => 'BAR',
249			]),
250			null
251			);
252
253			$response = $this->prophesize(ResponseInterface::class);
254			$request = $this->prophesize(ServerRequestInterface::class);
255			$request->getHeader('Authorization')
256			->willReturn([
257			'Basic '.\base64_encode('FOO:BAR'),
258			])
259			->shouldBeCalled();
260			$request->withAttribute('client', $client)->shouldBeCalled()->willReturn($request->reveal());
261			$request->withAttribute('client_authentication_method', Argument::type(AuthenticationMethod::class))->shouldBeCalled()->willReturn($request->reveal());
262			$request->withAttribute('client_credentials', 'BAR')->shouldBeCalled()->willReturn($request->reveal());
263			$handler = $this->prophesize(RequestHandlerInterface::class);
264			$clientRepository = $this->prophesize(ClientRepository::class);
265			$clientRepository->find(Argument::type(ClientId::class))->willReturn($client)->shouldBeCalled();
266			$handler->handle(Argument::type(ServerRequestInterface::class))
267			->shouldBeCalled()
268			->willReturn($response->reveal())
269			;
270
271			$this->getClientAuthenticationMiddleware($clientRepository->reveal())->process($request->reveal(), $handler->reveal());
272			}
273
274			private function getClientAuthenticationMiddleware(ClientRepository $clientRepository): ClientAuthenticationMiddleware
275			{
276			$authenticationMethodManager = new AuthenticationMethodManager();
277			$authenticationMethodManager->add(new ClientSecretBasic('Real'));
278
279			$clientAuthenticationMiddleware = new ClientAuthenticationMiddleware(
280			$clientRepository,
281			$authenticationMethodManager
282			);
283
284			return $clientAuthenticationMiddleware;
285			}
286			}
287

OAuth2-Framework / oauth2-framework

Push — master ( 9eeb29...881d26 )

Tests/ClientAuthenticationMiddlewareTest.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like