ParameterCheckerManagerTest::anAuthorizationRequestIsReceivedAndIsValid() - Code Metrics - Inspection of "Bugs fixed and tests added" - OAuth2-Framework/oauth2-framework - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Push — ng ( ede6c5...efffe8 )

by Florent

created 2018-01-23 13:35 UTC

anAuthorizationRequestIsReceivedAndIsValid() B

↳ Parent: ParameterCheckerManagerTest

Complexity

Conditions	1
Paths	1

Size

Total Lines	27
Code Lines	20

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	27
rs	8.8571
c	0
b	0
f	0
cc	1
eloc	20
nc	1
nop	0

<?php

declare(strict_types=1);

/*
 * The MIT License (MIT)
 *
 * Copyright (c) 2014-2018 Spomky-Labs
 *
 * This software may be modified and distributed under the terms
 * of the MIT license.  See the LICENSE file for details.
 */

namespace OAuth2Framework\Component\Server\AuthorizationEndpoint\Tests;

use Http\Factory\Diactoros\ResponseFactory;
use OAuth2Framework\Component\Server\AuthorizationEndpoint\Authorization;
use OAuth2Framework\Component\Server\AuthorizationEndpoint\Exception\OAuth2AuthorizationException;
use OAuth2Framework\Component\Server\AuthorizationEndpoint\ParameterChecker\DisplayParameterChecker;
use OAuth2Framework\Component\Server\AuthorizationEndpoint\ParameterChecker\ParameterCheckerManager;
use OAuth2Framework\Component\Server\AuthorizationEndpoint\ParameterChecker\PromptParameterChecker;
use OAuth2Framework\Component\Server\AuthorizationEndpoint\ParameterChecker\RedirectUriParameterChecker;
use OAuth2Framework\Component\Server\AuthorizationEndpoint\ParameterChecker\ResponseTypeAndResponseModeParameterChecker;
use OAuth2Framework\Component\Server\AuthorizationEndpoint\ParameterChecker\StateParameterChecker;
use OAuth2Framework\Component\Server\AuthorizationEndpoint\ResponseMode\FragmentResponseMode;
use OAuth2Framework\Component\Server\AuthorizationEndpoint\ResponseMode\QueryResponseMode;
use OAuth2Framework\Component\Server\AuthorizationEndpoint\ResponseMode\ResponseModeManager;
use OAuth2Framework\Component\Server\AuthorizationEndpoint\ResponseType;
use OAuth2Framework\Component\Server\AuthorizationEndpoint\ResponseTypeManager;
use OAuth2Framework\Component\Server\Core\Client\Client;
use OAuth2Framework\Component\Server\Core\Client\ClientId;
use OAuth2Framework\Component\Server\Core\DataBag\DataBag;
use PHPUnit\Framework\TestCase;
use Prophecy\Argument;

/**
 * @group ParameterCheckerManager
 */
final class ParameterCheckerManagerTest extends TestCase
{
    /**
     * @test
     */
    public function anAuthorizationRequestIsReceivedButTheDisplayParameterIsNotValid()
    {
        $client = Client::createEmpty();
        $client = $client->create(
            ClientId::create('CLIENT_ID'),
            DataBag::create([]),
            null
        );
        $client->eraseMessages();
        $authorization = Authorization::create($client, [
            'display' => 'foo',
        ]);

        try {
            $this->getParameterCheckerManager()->process($authorization);
            $this->fail('An OAuth2 exception should be thrown.');
        } catch (OAuth2AuthorizationException $e) {
            self::assertEquals(400, $e->getCode());
            self::assertEquals('invalid_request', $e->getMessage());
            self::assertEquals('Invalid parameter "display". Allowed values are page, popup, touch, wap', $e->getErrorDescription());
        }
    }

    /**
     * @test
     */
    public function anAuthorizationRequestIsReceivedButThePromptParameterIsNotValid()
    {
        $client = Client::createEmpty();
        $client = $client->create(
            ClientId::create('CLIENT_ID'),
            DataBag::create([]),
            null
        );
        $client->eraseMessages();
        $authorization = Authorization::create($client, [
            'prompt' => 'foo',
        ]);

        try {
            $this->getParameterCheckerManager()->process($authorization);
            $this->fail('An OAuth2 exception should be thrown.');
        } catch (OAuth2AuthorizationException $e) {
            self::assertEquals(400, $e->getCode());
            self::assertEquals('invalid_request', $e->getMessage());
            self::assertEquals('Invalid parameter "prompt". Allowed values are none, login, consent, select_account', $e->getErrorDescription());
        }
    }

    /**
     * @test
     */
    public function anAuthorizationRequestIsReceivedButThePromptParameterNoneMustBeUsedAlone()
    {
        $client = Client::createEmpty();
        $client = $client->create(
            ClientId::create('CLIENT_ID'),
            DataBag::create([]),
            null
        );
        $client->eraseMessages();
        $authorization = Authorization::create($client, [
            'prompt' => 'none login',
        ]);

        try {
            $this->getParameterCheckerManager()->process($authorization);
            $this->fail('An OAuth2 exception should be thrown.');
        } catch (OAuth2AuthorizationException $e) {
            self::assertEquals(400, $e->getCode());
            self::assertEquals('invalid_request', $e->getMessage());
            self::assertEquals('Invalid parameter "prompt". Prompt value "none" must be used alone.', $e->getErrorDescription());
        }
    }

    /**
     * @test
     */
    public function anAuthorizationRequestIsReceivedButNoRedirectUriIsSet()
    {
        $client = Client::createEmpty();
        $client = $client->create(
            ClientId::create('CLIENT_ID'),
            DataBag::create([]),
            null
        );
        $client->eraseMessages();
        $authorization = Authorization::create($client, []);

        try {
            $this->getParameterCheckerManager()->process($authorization);
            $this->fail('An OAuth2 exception should be thrown.');
        } catch (OAuth2AuthorizationException $e) {
            self::assertEquals(400, $e->getCode());
            self::assertEquals('invalid_request', $e->getMessage());
            self::assertEquals('The parameter "redirect_uri" is mandatory.', $e->getErrorDescription());
        }
    }

    /**
     * @test
     */
    public function anAuthorizationRequestIsReceivedButNoResponseTypeIsSet()
    {
        $client = Client::createEmpty();
        $client = $client->create(
            ClientId::create('CLIENT_ID'),
            DataBag::create([]),
            null
        );
        $client->eraseMessages();
        $authorization = Authorization::create($client, [
            'redirect_uri' => 'https://www.foo.bar/callback',
        ]);

        try {
            $this->getParameterCheckerManager()->process($authorization);
            $this->fail('An OAuth2 exception should be thrown.');
        } catch (OAuth2AuthorizationException $e) {
            self::assertEquals(400, $e->getCode());
            self::assertEquals('invalid_request', $e->getMessage());
            self::assertEquals('The parameter "response_type" is mandatory.', $e->getErrorDescription());
        }
    }

    /**
     * @test
     */
    public function anAuthorizationRequestIsReceivedButTheResponseModeIsNotSupported()
    {
        $client = Client::createEmpty();
        $client = $client->create(
            ClientId::create('CLIENT_ID'),
            DataBag::create([
                'response_types' => ['foo'],
            ]),
            null
        );
        $client->eraseMessages();
        $authorization = Authorization::create($client, [
            'redirect_uri' => 'https://www.foo.bar/callback',
            'response_type' => 'foo',
            'response_mode' => 'foo',
        ]);

        try {
            $this->getParameterCheckerManager()->process($authorization);
            $this->fail('An OAuth2 exception should be thrown.');
        } catch (OAuth2AuthorizationException $e) {
            self::assertEquals(400, $e->getCode());
            self::assertEquals('invalid_request', $e->getMessage());
            self::assertEquals('The response mode "foo" is not supported. Please use one of the following values: query, fragment.', $e->getErrorDescription());
        }
    }

    /**
     * @test
     */
    public function anAuthorizationRequestIsReceivedButTheResponseTypeIsNotSupportedByThisServer()
    {
        $client = Client::createEmpty();
        $client = $client->create(
            ClientId::create('CLIENT_ID'),
            DataBag::create([]),
            null
        );
        $client->eraseMessages();
        $authorization = Authorization::create($client, [
            'redirect_uri' => 'https://www.foo.bar/callback',
            'response_type' => 'bar'
        ]);

        try {
            $this->getParameterCheckerManager()->process($authorization);
            $this->fail('An OAuth2 exception should be thrown.');
        } catch (OAuth2AuthorizationException $e) {
            self::assertEquals(400, $e->getCode());
            self::assertEquals('invalid_request', $e->getMessage());
            self::assertEquals('The response type "bar" is not supported by this server', $e->getErrorDescription());
        }
    }

    /**
     * @test
     */
    public function anAuthorizationRequestIsReceivedButTheResponseTypeIsNotAllowedForTheClient()
    {
        $client = Client::createEmpty();
        $client = $client->create(
            ClientId::create('CLIENT_ID'),
            DataBag::create([]),
            null
        );
        $client->eraseMessages();
        $authorization = Authorization::create($client, [
            'redirect_uri' => 'https://www.foo.bar/callback',
            'response_type' => 'foo'
        ]);

        try {
            $this->getParameterCheckerManager()->process($authorization);
            $this->fail('An OAuth2 exception should be thrown.');
        } catch (OAuth2AuthorizationException $e) {
            self::assertEquals(400, $e->getCode());
            self::assertEquals('invalid_request', $e->getMessage());
            self::assertEquals('The response type "foo" is not allowed for this client.', $e->getErrorDescription());
        }
    }

    /**
     * @test
     */
    public function anAuthorizationRequestIsReceivedAndIsValid()
    {
        $client = Client::createEmpty();
        $client = $client->create(
            ClientId::create('CLIENT_ID'),
            DataBag::create([
                'response_types' => ['foo'],
            ]),
            null
        );
        $client->eraseMessages();
        $authorization = Authorization::create($client, [
            'redirect_uri' => 'https://www.foo.bar/callback',
            'response_type' => 'foo',
            'state' => '0123456789',
            'prompt' => 'login consent',
            'display' => 'wap',
            'response_mode' => 'fragment',
        ]);

        $authorization = $this->getParameterCheckerManager()->process($authorization);

        self::assertInstanceOf(FragmentResponseMode::class, $authorization->getResponseMode());
        self::assertInstanceOf(ResponseType::class, $authorization->getResponseType());
        self::assertEquals(['login', 'consent'], $authorization->getPrompt());
        self::assertFalse($authorization->hasPrompt('none'));
    }

    /**
     * @var null|ParameterCheckerManager
     */
    private $extensionManager = null;

    /**
     * @return ParameterCheckerManager
     */
    private function getParameterCheckerManager(): ParameterCheckerManager
    {
        if (null === $this->extensionManager) {
            $responseType = $this->prophesize(ResponseType::class);
            $responseType->name()->willReturn('foo');
            $responseType->getResponseMode()->willReturn('query');
            $responseTypeManager = new ResponseTypeManager();
            $responseTypeManager->add($responseType->reveal());

            $responseModeManager = new ResponseModeManager();
            $responseModeManager->add(new QueryResponseMode(new ResponseFactory()));
            $responseModeManager->add(new FragmentResponseMode(new ResponseFactory()));

            $this->extensionManager = new ParameterCheckerManager();
            $this->extensionManager->add(new DisplayParameterChecker());
            $this->extensionManager->add(new PromptParameterChecker());
            $this->extensionManager->add(new RedirectUriParameterChecker());
            $this->extensionManager->add(new ResponseTypeAndResponseModeParameterChecker($responseTypeManager, $responseModeManager, true));
            $this->extensionManager->add(new StateParameterChecker());
        }

        return $this->extensionManager;
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			/*
6			* The MIT License (MIT)
7			*
8			* Copyright (c) 2014-2018 Spomky-Labs
9			*
10			* This software may be modified and distributed under the terms
11			* of the MIT license. See the LICENSE file for details.
12			*/
13
14			namespace OAuth2Framework\Component\Server\AuthorizationEndpoint\Tests;
15
16			use Http\Factory\Diactoros\ResponseFactory;
17			use OAuth2Framework\Component\Server\AuthorizationEndpoint\Authorization;
18			use OAuth2Framework\Component\Server\AuthorizationEndpoint\Exception\OAuth2AuthorizationException;
19			use OAuth2Framework\Component\Server\AuthorizationEndpoint\ParameterChecker\DisplayParameterChecker;
20			use OAuth2Framework\Component\Server\AuthorizationEndpoint\ParameterChecker\ParameterCheckerManager;
21			use OAuth2Framework\Component\Server\AuthorizationEndpoint\ParameterChecker\PromptParameterChecker;
22			use OAuth2Framework\Component\Server\AuthorizationEndpoint\ParameterChecker\RedirectUriParameterChecker;
23			use OAuth2Framework\Component\Server\AuthorizationEndpoint\ParameterChecker\ResponseTypeAndResponseModeParameterChecker;
24			use OAuth2Framework\Component\Server\AuthorizationEndpoint\ParameterChecker\StateParameterChecker;
25			use OAuth2Framework\Component\Server\AuthorizationEndpoint\ResponseMode\FragmentResponseMode;
26			use OAuth2Framework\Component\Server\AuthorizationEndpoint\ResponseMode\QueryResponseMode;
27			use OAuth2Framework\Component\Server\AuthorizationEndpoint\ResponseMode\ResponseModeManager;
28			use OAuth2Framework\Component\Server\AuthorizationEndpoint\ResponseType;
29			use OAuth2Framework\Component\Server\AuthorizationEndpoint\ResponseTypeManager;
30			use OAuth2Framework\Component\Server\Core\Client\Client;
31			use OAuth2Framework\Component\Server\Core\Client\ClientId;
32			use OAuth2Framework\Component\Server\Core\DataBag\DataBag;
33			use PHPUnit\Framework\TestCase;
34			use Prophecy\Argument;
35
36			/**
37			* @group ParameterCheckerManager
38			*/
39			final class ParameterCheckerManagerTest extends TestCase
40			{
41			/**
42			* @test
43			*/
44			public function anAuthorizationRequestIsReceivedButTheDisplayParameterIsNotValid()
45			{
46			$client = Client::createEmpty();
47			$client = $client->create(
48			ClientId::create('CLIENT_ID'),
49			DataBag::create([]),
50			null
51			);
52			$client->eraseMessages();
53			$authorization = Authorization::create($client, [
54			'display' => 'foo',
55			]);
56
57			try {
58			$this->getParameterCheckerManager()->process($authorization);
59			$this->fail('An OAuth2 exception should be thrown.');
60			} catch (OAuth2AuthorizationException $e) {
61			self::assertEquals(400, $e->getCode());
62			self::assertEquals('invalid_request', $e->getMessage());
63			self::assertEquals('Invalid parameter "display". Allowed values are page, popup, touch, wap', $e->getErrorDescription());
64			}
65			}
66
67			/**
68			* @test
69			*/
70			public function anAuthorizationRequestIsReceivedButThePromptParameterIsNotValid()
71			{
72			$client = Client::createEmpty();
73			$client = $client->create(
74			ClientId::create('CLIENT_ID'),
75			DataBag::create([]),
76			null
77			);
78			$client->eraseMessages();
79			$authorization = Authorization::create($client, [
80			'prompt' => 'foo',
81			]);
82
83			try {
84			$this->getParameterCheckerManager()->process($authorization);
85			$this->fail('An OAuth2 exception should be thrown.');
86			} catch (OAuth2AuthorizationException $e) {
87			self::assertEquals(400, $e->getCode());
88			self::assertEquals('invalid_request', $e->getMessage());
89			self::assertEquals('Invalid parameter "prompt". Allowed values are none, login, consent, select_account', $e->getErrorDescription());
90			}
91			}
92
93			/**
94			* @test
95			*/
96			public function anAuthorizationRequestIsReceivedButThePromptParameterNoneMustBeUsedAlone()
97			{
98			$client = Client::createEmpty();
99			$client = $client->create(
100			ClientId::create('CLIENT_ID'),
101			DataBag::create([]),
102			null
103			);
104			$client->eraseMessages();
105			$authorization = Authorization::create($client, [
106			'prompt' => 'none login',
107			]);
108
109			try {
110			$this->getParameterCheckerManager()->process($authorization);
111			$this->fail('An OAuth2 exception should be thrown.');
112			} catch (OAuth2AuthorizationException $e) {
113			self::assertEquals(400, $e->getCode());
114			self::assertEquals('invalid_request', $e->getMessage());
115			self::assertEquals('Invalid parameter "prompt". Prompt value "none" must be used alone.', $e->getErrorDescription());
116			}
117			}
118
119			/**
120			* @test
121			*/
122			public function anAuthorizationRequestIsReceivedButNoRedirectUriIsSet()
123			{
124			$client = Client::createEmpty();
125			$client = $client->create(
126			ClientId::create('CLIENT_ID'),
127			DataBag::create([]),
128			null
129			);
130			$client->eraseMessages();
131			$authorization = Authorization::create($client, []);
132
133			try {
134			$this->getParameterCheckerManager()->process($authorization);
135			$this->fail('An OAuth2 exception should be thrown.');
136			} catch (OAuth2AuthorizationException $e) {
137			self::assertEquals(400, $e->getCode());
138			self::assertEquals('invalid_request', $e->getMessage());
139			self::assertEquals('The parameter "redirect_uri" is mandatory.', $e->getErrorDescription());
140			}
141			}
142
143			/**
144			* @test
145			*/
146			public function anAuthorizationRequestIsReceivedButNoResponseTypeIsSet()
147			{
148			$client = Client::createEmpty();
149			$client = $client->create(
150			ClientId::create('CLIENT_ID'),
151			DataBag::create([]),
152			null
153			);
154			$client->eraseMessages();
155			$authorization = Authorization::create($client, [
156			'redirect_uri' => 'https://www.foo.bar/callback',
157			]);
158
159			try {
160			$this->getParameterCheckerManager()->process($authorization);
161			$this->fail('An OAuth2 exception should be thrown.');
162			} catch (OAuth2AuthorizationException $e) {
163			self::assertEquals(400, $e->getCode());
164			self::assertEquals('invalid_request', $e->getMessage());
165			self::assertEquals('The parameter "response_type" is mandatory.', $e->getErrorDescription());
166			}
167			}
168
169			/**
170			* @test
171			*/
172			public function anAuthorizationRequestIsReceivedButTheResponseModeIsNotSupported()
173			{
174			$client = Client::createEmpty();
175			$client = $client->create(
176			ClientId::create('CLIENT_ID'),
177			DataBag::create([
178			'response_types' => ['foo'],
179			]),
180			null
181			);
182			$client->eraseMessages();
183			$authorization = Authorization::create($client, [
184			'redirect_uri' => 'https://www.foo.bar/callback',
185			'response_type' => 'foo',
186			'response_mode' => 'foo',
187			]);
188
189			try {
190			$this->getParameterCheckerManager()->process($authorization);
191			$this->fail('An OAuth2 exception should be thrown.');
192			} catch (OAuth2AuthorizationException $e) {
193			self::assertEquals(400, $e->getCode());
194			self::assertEquals('invalid_request', $e->getMessage());
195			self::assertEquals('The response mode "foo" is not supported. Please use one of the following values: query, fragment.', $e->getErrorDescription());
196			}
197			}
198
199			/**
200			* @test
201			*/
202			public function anAuthorizationRequestIsReceivedButTheResponseTypeIsNotSupportedByThisServer()
203			{
204			$client = Client::createEmpty();
205			$client = $client->create(
206			ClientId::create('CLIENT_ID'),
207			DataBag::create([]),
208			null
209			);
210			$client->eraseMessages();
211			$authorization = Authorization::create($client, [
212			'redirect_uri' => 'https://www.foo.bar/callback',
213			'response_type' => 'bar'
214			]);
215
216			try {
217			$this->getParameterCheckerManager()->process($authorization);
218			$this->fail('An OAuth2 exception should be thrown.');
219			} catch (OAuth2AuthorizationException $e) {
220			self::assertEquals(400, $e->getCode());
221			self::assertEquals('invalid_request', $e->getMessage());
222			self::assertEquals('The response type "bar" is not supported by this server', $e->getErrorDescription());
223			}
224			}
225
226			/**
227			* @test
228			*/
229			public function anAuthorizationRequestIsReceivedButTheResponseTypeIsNotAllowedForTheClient()
230			{
231			$client = Client::createEmpty();
232			$client = $client->create(
233			ClientId::create('CLIENT_ID'),
234			DataBag::create([]),
235			null
236			);
237			$client->eraseMessages();
238			$authorization = Authorization::create($client, [
239			'redirect_uri' => 'https://www.foo.bar/callback',
240			'response_type' => 'foo'
241			]);
242
243			try {
244			$this->getParameterCheckerManager()->process($authorization);
245			$this->fail('An OAuth2 exception should be thrown.');
246			} catch (OAuth2AuthorizationException $e) {
247			self::assertEquals(400, $e->getCode());
248			self::assertEquals('invalid_request', $e->getMessage());
249			self::assertEquals('The response type "foo" is not allowed for this client.', $e->getErrorDescription());
250			}
251			}
252
253			/**
254			* @test
255			*/
256			public function anAuthorizationRequestIsReceivedAndIsValid()
257			{
258			$client = Client::createEmpty();
259			$client = $client->create(
260			ClientId::create('CLIENT_ID'),
261			DataBag::create([
262			'response_types' => ['foo'],
263			]),
264			null
265			);
266			$client->eraseMessages();
267			$authorization = Authorization::create($client, [
268			'redirect_uri' => 'https://www.foo.bar/callback',
269			'response_type' => 'foo',
270			'state' => '0123456789',
271			'prompt' => 'login consent',
272			'display' => 'wap',
273			'response_mode' => 'fragment',
274			]);
275
276			$authorization = $this->getParameterCheckerManager()->process($authorization);
277
278			self::assertInstanceOf(FragmentResponseMode::class, $authorization->getResponseMode());
279			self::assertInstanceOf(ResponseType::class, $authorization->getResponseType());
280			self::assertEquals(['login', 'consent'], $authorization->getPrompt());
281			self::assertFalse($authorization->hasPrompt('none'));
282			}
283
284			/**
285			* @var null\|ParameterCheckerManager
286			*/
287			private $extensionManager = null;
288
289			/**
290			* @return ParameterCheckerManager
291			*/
292			private function getParameterCheckerManager(): ParameterCheckerManager
293			{
294			if (null === $this->extensionManager) {
295			$responseType = $this->prophesize(ResponseType::class);
296			$responseType->name()->willReturn('foo');
297			$responseType->getResponseMode()->willReturn('query');
298			$responseTypeManager = new ResponseTypeManager();
299			$responseTypeManager->add($responseType->reveal());
300
301			$responseModeManager = new ResponseModeManager();
302			$responseModeManager->add(new QueryResponseMode(new ResponseFactory()));
303			$responseModeManager->add(new FragmentResponseMode(new ResponseFactory()));
304
305			$this->extensionManager = new ParameterCheckerManager();
306			$this->extensionManager->add(new DisplayParameterChecker());
307			$this->extensionManager->add(new PromptParameterChecker());
308			$this->extensionManager->add(new RedirectUriParameterChecker());
309			$this->extensionManager->add(new ResponseTypeAndResponseModeParameterChecker($responseTypeManager, $responseModeManager, true));
310			$this->extensionManager->add(new StateParameterChecker());
311			}
312
313			return $this->extensionManager;
314			}
315			}
316

OAuth2-Framework / oauth2-framework

Push — ng ( ede6c5...efffe8 )

anAuthorizationRequestIsReceivedAndIsValid() B

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like