|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
declare(strict_types=1); |
|
4
|
|
|
|
|
5
|
|
|
/* |
|
6
|
|
|
* The MIT License (MIT) |
|
7
|
|
|
* |
|
8
|
|
|
* Copyright (c) 2014-2018 Spomky-Labs |
|
9
|
|
|
* |
|
10
|
|
|
* This software may be modified and distributed under the terms |
|
11
|
|
|
* of the MIT license. See the LICENSE file for details. |
|
12
|
|
|
*/ |
|
13
|
|
|
|
|
14
|
|
|
namespace OAuth2Framework\Component\AuthorizationEndpoint\Tests\UserAccount; |
|
15
|
|
|
|
|
16
|
|
|
use OAuth2Framework\Component\AuthorizationEndpoint\AuthorizationRequest\AuthorizationRequest; |
|
17
|
|
|
use OAuth2Framework\Component\AuthorizationEndpoint\Exception\RedirectToLoginPageException; |
|
18
|
|
|
use OAuth2Framework\Component\AuthorizationEndpoint\UserAccount\MaxAgeParameterAccountChecker; |
|
19
|
|
|
use OAuth2Framework\Component\Core\Client\Client; |
|
20
|
|
|
use OAuth2Framework\Component\Core\UserAccount\UserAccount; |
|
21
|
|
|
use PHPUnit\Framework\TestCase; |
|
22
|
|
|
|
|
23
|
|
|
/** |
|
24
|
|
|
* @group UserAccountChecker |
|
25
|
|
|
* @group MaxAgeParameterCheckerAccountChecker |
|
26
|
|
|
*/ |
|
27
|
|
|
final class MaxAgeParameterAccountCheckerTest extends TestCase |
|
28
|
|
|
{ |
|
29
|
|
|
/** |
|
30
|
|
|
* @test |
|
31
|
|
|
*/ |
|
32
|
|
|
public function theUserHasNeverBeenConnected() |
|
33
|
|
|
{ |
|
34
|
|
|
$userAccount = $this->prophesize(UserAccount::class); |
|
35
|
|
|
$userAccount->getLastLoginAt()->willReturn(null); |
|
36
|
|
|
|
|
37
|
|
|
$client = $this->prophesize(Client::class); |
|
38
|
|
|
|
|
39
|
|
|
$authorization = $this->prophesize(AuthorizationRequest::class); |
|
40
|
|
|
$authorization->hasQueryParam('max_age')->willReturn(true); |
|
41
|
|
|
$authorization->getQueryParam('max_age')->willReturn(3600); |
|
42
|
|
|
$authorization->getUserAccount()->willReturn(null); |
|
43
|
|
|
$authorization->isUserAccountFullyAuthenticated()->willReturn(false); |
|
44
|
|
|
$authorization->getClient()->willReturn($client->reveal()); |
|
45
|
|
|
$authorization->getUserAccount()->willReturn($userAccount->reveal()); |
|
46
|
|
|
$checker = new MaxAgeParameterAccountChecker(); |
|
47
|
|
|
|
|
48
|
|
|
try { |
|
49
|
|
|
$checker->check($authorization->reveal()); |
|
50
|
|
|
static::fail('The expected exception has not been thrown.'); |
|
51
|
|
|
} catch (RedirectToLoginPageException $e) { |
|
52
|
|
|
static::assertTrue(true); |
|
53
|
|
|
} |
|
54
|
|
|
} |
|
55
|
|
|
|
|
56
|
|
|
/** |
|
57
|
|
|
* @test |
|
58
|
|
|
*/ |
|
59
|
|
|
public function thereIsNoMaxAgeConstraintThenTheCheckSucceeded() |
|
60
|
|
|
{ |
|
61
|
|
|
$client = $this->prophesize(Client::class); |
|
62
|
|
|
$client->has('default_max_age')->willReturn(false); |
|
63
|
|
|
|
|
64
|
|
|
$userAccount = $this->prophesize(UserAccount::class); |
|
65
|
|
|
|
|
66
|
|
|
$authorization = $this->prophesize(AuthorizationRequest::class); |
|
67
|
|
|
$authorization->hasQueryParam('max_age')->willReturn(false); |
|
68
|
|
|
$authorization->getUserAccount()->willReturn($userAccount->reveal()); |
|
69
|
|
|
$authorization->getClient()->willReturn($client->reveal()); |
|
70
|
|
|
$checker = new MaxAgeParameterAccountChecker(); |
|
71
|
|
|
|
|
72
|
|
|
$checker->check($authorization->reveal(), $userAccount->reveal(), false); |
|
|
|
|
|
|
73
|
|
|
static::assertTrue(true); |
|
74
|
|
|
} |
|
75
|
|
|
|
|
76
|
|
|
/** |
|
77
|
|
|
* @test |
|
78
|
|
|
*/ |
|
79
|
|
|
public function thereIsConstraintFromTheClientThatIsSatisfied() |
|
80
|
|
|
{ |
|
81
|
|
|
$client = $this->prophesize(Client::class); |
|
82
|
|
|
$client->has('default_max_age')->willReturn(true); |
|
83
|
|
|
$client->get('default_max_age')->willReturn(3600); |
|
84
|
|
|
|
|
85
|
|
|
$userAccount = $this->prophesize(UserAccount::class); |
|
86
|
|
|
$userAccount->getLastLoginAt()->willReturn(\time() - 100); |
|
87
|
|
|
|
|
88
|
|
|
$authorization = $this->prophesize(AuthorizationRequest::class); |
|
89
|
|
|
$authorization->isUserAccountFullyAuthenticated()->willReturn(false); |
|
90
|
|
|
$authorization->hasQueryParam('max_age')->willReturn(false); |
|
91
|
|
|
$authorization->getUserAccount()->willReturn($userAccount->reveal()); |
|
92
|
|
|
$authorization->getClient()->willReturn($client->reveal()); |
|
93
|
|
|
$checker = new MaxAgeParameterAccountChecker(); |
|
94
|
|
|
|
|
95
|
|
|
$checker->check($authorization->reveal(), $userAccount->reveal(), false); |
|
|
|
|
|
|
96
|
|
|
static::assertTrue(true); |
|
97
|
|
|
} |
|
98
|
|
|
|
|
99
|
|
|
/** |
|
100
|
|
|
* @test |
|
101
|
|
|
*/ |
|
102
|
|
|
public function thereIsConstraintFromTheAuthorizationThatIsSatisfied() |
|
103
|
|
|
{ |
|
104
|
|
|
$client = $this->prophesize(Client::class); |
|
105
|
|
|
$client->has('default_max_age')->willReturn(false); |
|
106
|
|
|
|
|
107
|
|
|
$userAccount = $this->prophesize(UserAccount::class); |
|
108
|
|
|
$userAccount->getLastLoginAt()->willReturn(\time() - 100); |
|
109
|
|
|
|
|
110
|
|
|
$authorization = $this->prophesize(AuthorizationRequest::class); |
|
111
|
|
|
$authorization->hasQueryParam('max_age')->willReturn(true); |
|
112
|
|
|
$authorization->getQueryParam('max_age')->willReturn(3600); |
|
113
|
|
|
$authorization->getUserAccount()->willReturn($userAccount->reveal()); |
|
114
|
|
|
$authorization->getClient()->willReturn($client->reveal()); |
|
115
|
|
|
$authorization->isUserAccountFullyAuthenticated()->willReturn(false); |
|
116
|
|
|
$checker = new MaxAgeParameterAccountChecker(); |
|
117
|
|
|
|
|
118
|
|
|
$checker->check($authorization->reveal(), $userAccount->reveal(), false); |
|
|
|
|
|
|
119
|
|
|
static::assertTrue(true); |
|
120
|
|
|
} |
|
121
|
|
|
|
|
122
|
|
|
/** |
|
123
|
|
|
* @test |
|
124
|
|
|
*/ |
|
125
|
|
|
public function thereIsAConstraintButTheUserNeverLoggedIn() |
|
126
|
|
|
{ |
|
127
|
|
|
$client = $this->prophesize(Client::class); |
|
128
|
|
|
$client->has('default_max_age')->willReturn(false); |
|
129
|
|
|
|
|
130
|
|
|
$userAccount = $this->prophesize(UserAccount::class); |
|
131
|
|
|
$userAccount->getLastLoginAt()->willReturn(null); |
|
132
|
|
|
|
|
133
|
|
|
$authorization = $this->prophesize(AuthorizationRequest::class); |
|
134
|
|
|
$authorization->isUserAccountFullyAuthenticated()->willReturn(false); |
|
135
|
|
|
$authorization->hasQueryParam('max_age')->willReturn(true); |
|
136
|
|
|
$authorization->getQueryParam('max_age')->willReturn(3600); |
|
137
|
|
|
$authorization->getUserAccount()->willReturn($userAccount->reveal()); |
|
138
|
|
|
$authorization->getClient()->willReturn($client->reveal()); |
|
139
|
|
|
$checker = new MaxAgeParameterAccountChecker(); |
|
140
|
|
|
|
|
141
|
|
|
try { |
|
142
|
|
|
$checker->check($authorization->reveal(), $userAccount->reveal(), false); |
|
|
|
|
|
|
143
|
|
|
static::fail('The expected exception has not been thrown.'); |
|
144
|
|
|
} catch (RedirectToLoginPageException $e) { |
|
145
|
|
|
static::assertTrue(true); |
|
146
|
|
|
} |
|
147
|
|
|
} |
|
148
|
|
|
|
|
149
|
|
|
/** |
|
150
|
|
|
* @test |
|
151
|
|
|
*/ |
|
152
|
|
|
public function thereIsAConstraintThatIsNotSatisfied() |
|
153
|
|
|
{ |
|
154
|
|
|
$client = $this->prophesize(Client::class); |
|
155
|
|
|
$client->has('default_max_age')->willReturn(false); |
|
156
|
|
|
|
|
157
|
|
|
$userAccount = $this->prophesize(UserAccount::class); |
|
158
|
|
|
$userAccount->getLastLoginAt()->willReturn(\time() - 10000); |
|
159
|
|
|
|
|
160
|
|
|
$authorization = $this->prophesize(AuthorizationRequest::class); |
|
161
|
|
|
$authorization->isUserAccountFullyAuthenticated()->willReturn(false); |
|
162
|
|
|
$authorization->hasQueryParam('max_age')->willReturn(true); |
|
163
|
|
|
$authorization->getQueryParam('max_age')->willReturn(3600); |
|
164
|
|
|
$authorization->getUserAccount()->willReturn($userAccount->reveal()); |
|
165
|
|
|
$authorization->getClient()->willReturn($client->reveal()); |
|
166
|
|
|
$checker = new MaxAgeParameterAccountChecker(); |
|
167
|
|
|
|
|
168
|
|
|
try { |
|
169
|
|
|
$checker->check($authorization->reveal(), $userAccount->reveal(), false); |
|
|
|
|
|
|
170
|
|
|
static::fail('The expected exception has not been thrown.'); |
|
171
|
|
|
} catch (RedirectToLoginPageException $e) { |
|
172
|
|
|
static::assertTrue(true); |
|
173
|
|
|
} |
|
174
|
|
|
} |
|
175
|
|
|
} |
|
176
|
|
|
|
OAuth2-Framework /
oauth2-framework
Loading history...
This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.
If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.
In this case you can add the
@ignorePhpDoc annotation to the duplicate definition and it will be ignored.