ClientAuthenticationMiddlewareTest::aClientIdIsSetButTheClientCredentialsExpired()

Complexity

Conditions	2
Paths	3

Size

Total Lines	38
Code Lines	29

Duplication

Lines	0
Ratio	0 %

Importance

Changes

0

<?php
    public function aClientIdIsSetButTheClientCredentialsExpired()
    {
        $client = Client::createEmpty();
        $client = $client->create(
            ClientId::create('FOO'),
            DataBag::create([
                'token_endpoint_auth_method' => 'client_secret_basic',
                'client_secret' => 'BAR',
                'client_secret_expires_at' => time() - 1,
            ]),
            null
        );
        $client->eraseMessages();

        $request = $this->prophesize(ServerRequestInterface::class);
        $request->getHeader('Authorization')
            ->willReturn([
                'Basic '.base64_encode('FOO:BAR'),
            ])
            ->shouldBeCalled();
        $handler = $this->prophesize(RequestHandlerInterface::class);
        $clientRepository = $this->prophesize(ClientRepository::class);
        $clientRepository->find(Argument::type(ClientId::class))->willReturn($client)->shouldBeCalled();
        $handler->handle(Argument::type(ServerRequestInterface::class))
            ->shouldNotBeCalled()
        ;

        try {
            $this->getClientAuthenticationMiddleware($clientRepository->reveal())->process($request->reveal(), $handler->reveal());
            $this->fail('An OAuth2 exception should be thrown.');
        } catch (OAuth2Exception $e) {
            self::assertEquals(401, $e->getCode());
            self::assertEquals([
                'error' => 'invalid_client',
                'error_description' => 'Client credentials expired.',
            ], $e->getData());
        }
    }