|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
declare(strict_types=1); |
|
4
|
|
|
|
|
5
|
|
|
/* |
|
6
|
|
|
* The MIT License (MIT) |
|
7
|
|
|
* |
|
8
|
|
|
* Copyright (c) 2014-2018 Spomky-Labs |
|
9
|
|
|
* |
|
10
|
|
|
* This software may be modified and distributed under the terms |
|
11
|
|
|
* of the MIT license. See the LICENSE file for details. |
|
12
|
|
|
*/ |
|
13
|
|
|
|
|
14
|
|
|
namespace OAuth2Framework\Component\AuthorizationEndpoint\Tests\User; |
|
15
|
|
|
|
|
16
|
|
|
use OAuth2Framework\Component\AuthorizationEndpoint\AuthorizationRequest\AuthorizationRequest; |
|
17
|
|
|
use OAuth2Framework\Component\AuthorizationEndpoint\User\MaxAgeParameterAuthenticationChecker; |
|
18
|
|
|
use OAuth2Framework\Component\Core\Client\Client; |
|
19
|
|
|
use OAuth2Framework\Component\Core\User\User; |
|
20
|
|
|
use PHPUnit\Framework\TestCase; |
|
21
|
|
|
|
|
22
|
|
|
/** |
|
23
|
|
|
* @group UserChecker |
|
24
|
|
|
* @group MaxAgeParameterCheckerAccountChecker |
|
25
|
|
|
*/ |
|
26
|
|
|
final class MaxAgeParameterCheckerTest extends TestCase |
|
27
|
|
|
{ |
|
28
|
|
|
/** |
|
29
|
|
|
* @test |
|
30
|
|
|
*/ |
|
31
|
|
|
public function theUserHasNeverBeenConnected() |
|
32
|
|
|
{ |
|
33
|
|
|
$userAccount = $this->prophesize(User::class); |
|
34
|
|
|
$userAccount->getLastLoginAt()->willReturn(null); |
|
35
|
|
|
|
|
36
|
|
|
$client = $this->prophesize(Client::class); |
|
37
|
|
|
|
|
38
|
|
|
$authorization = $this->prophesize(AuthorizationRequest::class); |
|
39
|
|
|
$authorization->hasQueryParam('max_age')->willReturn(true); |
|
40
|
|
|
$authorization->getQueryParam('max_age')->willReturn(3600); |
|
41
|
|
|
$authorization->getUser()->willReturn(null); |
|
42
|
|
|
$authorization->getClient()->willReturn($client->reveal()); |
|
43
|
|
|
$authorization->getUser()->willReturn($userAccount->reveal()); |
|
44
|
|
|
$checker = new MaxAgeParameterAuthenticationChecker(); |
|
45
|
|
|
|
|
46
|
|
|
static::assertTrue($checker->isAuthenticationNeeded($authorization->reveal())); |
|
47
|
|
|
} |
|
48
|
|
|
|
|
49
|
|
|
/** |
|
50
|
|
|
* @test |
|
51
|
|
|
*/ |
|
52
|
|
|
public function thereIsNoMaxAgeConstraintThenTheCheckSucceeded() |
|
53
|
|
|
{ |
|
54
|
|
|
$client = $this->prophesize(Client::class); |
|
55
|
|
|
$client->has('default_max_age')->willReturn(false); |
|
56
|
|
|
|
|
57
|
|
|
$userAccount = $this->prophesize(User::class); |
|
58
|
|
|
|
|
59
|
|
|
$authorization = $this->prophesize(AuthorizationRequest::class); |
|
60
|
|
|
$authorization->hasQueryParam('max_age')->willReturn(false); |
|
61
|
|
|
$authorization->getUser()->willReturn($userAccount->reveal()); |
|
62
|
|
|
$authorization->getClient()->willReturn($client->reveal()); |
|
63
|
|
|
$checker = new MaxAgeParameterAuthenticationChecker(); |
|
64
|
|
|
|
|
65
|
|
|
$checker->isAuthenticationNeeded($authorization->reveal(), $userAccount->reveal(), false); |
|
|
|
|
|
|
66
|
|
|
static::assertTrue(true); |
|
67
|
|
|
} |
|
68
|
|
|
|
|
69
|
|
|
/** |
|
70
|
|
|
* @test |
|
71
|
|
|
*/ |
|
72
|
|
|
public function thereIsConstraintFromTheClientThatIsSatisfied() |
|
73
|
|
|
{ |
|
74
|
|
|
$client = $this->prophesize(Client::class); |
|
75
|
|
|
$client->has('default_max_age')->willReturn(true); |
|
76
|
|
|
$client->get('default_max_age')->willReturn(3600); |
|
77
|
|
|
|
|
78
|
|
|
$userAccount = $this->prophesize(User::class); |
|
79
|
|
|
$userAccount->getLastLoginAt()->willReturn(\time() - 100); |
|
80
|
|
|
|
|
81
|
|
|
$authorization = $this->prophesize(AuthorizationRequest::class); |
|
82
|
|
|
$authorization->hasQueryParam('max_age')->willReturn(false); |
|
83
|
|
|
$authorization->getUser()->willReturn($userAccount->reveal()); |
|
84
|
|
|
$authorization->getClient()->willReturn($client->reveal()); |
|
85
|
|
|
$checker = new MaxAgeParameterAuthenticationChecker(); |
|
86
|
|
|
|
|
87
|
|
|
$checker->isAuthenticationNeeded($authorization->reveal(), $userAccount->reveal(), false); |
|
|
|
|
|
|
88
|
|
|
static::assertTrue(true); |
|
89
|
|
|
} |
|
90
|
|
|
|
|
91
|
|
|
/** |
|
92
|
|
|
* @test |
|
93
|
|
|
*/ |
|
94
|
|
|
public function thereIsConstraintFromTheAuthorizationThatIsSatisfied() |
|
95
|
|
|
{ |
|
96
|
|
|
$client = $this->prophesize(Client::class); |
|
97
|
|
|
$client->has('default_max_age')->willReturn(false); |
|
98
|
|
|
|
|
99
|
|
|
$userAccount = $this->prophesize(User::class); |
|
100
|
|
|
$userAccount->getLastLoginAt()->willReturn(\time() - 100); |
|
101
|
|
|
|
|
102
|
|
|
$authorization = $this->prophesize(AuthorizationRequest::class); |
|
103
|
|
|
$authorization->hasQueryParam('max_age')->willReturn(true); |
|
104
|
|
|
$authorization->getQueryParam('max_age')->willReturn(3600); |
|
105
|
|
|
$authorization->getUser()->willReturn($userAccount->reveal()); |
|
106
|
|
|
$authorization->getClient()->willReturn($client->reveal()); |
|
107
|
|
|
$checker = new MaxAgeParameterAuthenticationChecker(); |
|
108
|
|
|
|
|
109
|
|
|
$checker->isAuthenticationNeeded($authorization->reveal(), $userAccount->reveal(), false); |
|
|
|
|
|
|
110
|
|
|
static::assertTrue(true); |
|
111
|
|
|
} |
|
112
|
|
|
|
|
113
|
|
|
/** |
|
114
|
|
|
* @test |
|
115
|
|
|
*/ |
|
116
|
|
|
public function thereIsAConstraintButTheUserNeverLoggedIn() |
|
117
|
|
|
{ |
|
118
|
|
|
$client = $this->prophesize(Client::class); |
|
119
|
|
|
$client->has('default_max_age')->willReturn(false); |
|
120
|
|
|
|
|
121
|
|
|
$userAccount = $this->prophesize(User::class); |
|
122
|
|
|
$userAccount->getLastLoginAt()->willReturn(null); |
|
123
|
|
|
|
|
124
|
|
|
$authorization = $this->prophesize(AuthorizationRequest::class); |
|
125
|
|
|
$authorization->hasQueryParam('max_age')->willReturn(true); |
|
126
|
|
|
$authorization->getQueryParam('max_age')->willReturn(3600); |
|
127
|
|
|
$authorization->getUser()->willReturn($userAccount->reveal()); |
|
128
|
|
|
$authorization->getClient()->willReturn($client->reveal()); |
|
129
|
|
|
$checker = new MaxAgeParameterAuthenticationChecker(); |
|
130
|
|
|
|
|
131
|
|
|
static::assertTrue($checker->isAuthenticationNeeded($authorization->reveal())); |
|
132
|
|
|
} |
|
133
|
|
|
|
|
134
|
|
|
/** |
|
135
|
|
|
* @test |
|
136
|
|
|
*/ |
|
137
|
|
|
public function thereIsAConstraintThatIsNotSatisfied() |
|
138
|
|
|
{ |
|
139
|
|
|
$client = $this->prophesize(Client::class); |
|
140
|
|
|
$client->has('default_max_age')->willReturn(false); |
|
141
|
|
|
|
|
142
|
|
|
$userAccount = $this->prophesize(User::class); |
|
143
|
|
|
$userAccount->getLastLoginAt()->willReturn(\time() - 10000); |
|
144
|
|
|
|
|
145
|
|
|
$authorization = $this->prophesize(AuthorizationRequest::class); |
|
146
|
|
|
$authorization->hasQueryParam('max_age')->willReturn(true); |
|
147
|
|
|
$authorization->getQueryParam('max_age')->willReturn(3600); |
|
148
|
|
|
$authorization->getUser()->willReturn($userAccount->reveal()); |
|
149
|
|
|
$authorization->getClient()->willReturn($client->reveal()); |
|
150
|
|
|
$checker = new MaxAgeParameterAuthenticationChecker(); |
|
151
|
|
|
|
|
152
|
|
|
static::assertTrue($checker->isAuthenticationNeeded($authorization->reveal())); |
|
153
|
|
|
} |
|
154
|
|
|
} |
|
155
|
|
|
|
OAuth2-Framework /
oauth2-framework
Loading history...
This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue.
If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress.
In this case you can add the
@ignorePhpDoc annotation to the duplicate definition and it will be ignored.