ClientSecretJwtTest - Code Metrics - facile-it/php-openid-client - Measure and Improve Code Quality continuously with Scrutinizer

ClientSecretJwtTest A
last analyzed 2021-05-07 08:22 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	128
Duplicated Lines	0 %

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
eloc	86
dl	0
loc	128
rs	10
c	1
b	0
f	0
wmc	3

3 Methods

Rating	Name	Size	Complexity
A	testCreateRequestWithNoClientSecret()	24	1
B	testCreateRequest()	94	1
A	testGetSupportedMethod()	4	1

<?php

declare(strict_types=1);

namespace Facile\OpenIDClientTest\AuthMethod;

use Facile\OpenIDClient\AuthMethod\ClientSecretJwt;
use function Facile\OpenIDClient\base64url_encode;
use Facile\OpenIDClient\Client\ClientInterface;
use Facile\OpenIDClient\Client\Metadata\ClientMetadataInterface;
use Facile\OpenIDClient\Exception\InvalidArgumentException;
use Facile\OpenIDClient\Issuer\IssuerInterface;
use Facile\OpenIDClient\Issuer\Metadata\IssuerMetadataInterface;
use function http_build_query;
use Jose\Component\Core\JWK;
use Jose\Component\Signature\JWS;
use Jose\Component\Signature\JWSBuilder;
use Jose\Component\Signature\Serializer\JWSSerializer;
use function json_decode;
use Facile\OpenIDClientTest\TestCase;
use Prophecy\Argument;
use Psr\Http\Message\RequestInterface;
use Psr\Http\Message\StreamInterface;
use function time;

class ClientSecretJwtTest extends TestCase
{
    public function testGetSupportedMethod(): void
    {
        $auth = new ClientSecretJwt();
        static::assertSame('client_secret_jwt', $auth->getSupportedMethod());
    }

    public function testCreateRequest(): void
    {
        $jwsBuilder = $this->prophesize(JWSBuilder::class);
        $serializer = $this->prophesize(JWSSerializer::class);

        $auth = new ClientSecretJwt(
            $jwsBuilder->reveal(),
            $serializer->reveal()
        );

        $stream = $this->prophesize(StreamInterface::class);
        $request = $this->prophesize(RequestInterface::class);
        $client = $this->prophesize(ClientInterface::class);
        $metadata = $this->prophesize(ClientMetadataInterface::class);
        $issuer = $this->prophesize(IssuerInterface::class);
        $issuerMetadata = $this->prophesize(IssuerMetadataInterface::class);

        $client->getMetadata()->willReturn($metadata->reveal());
        $client->getIssuer()->willReturn($issuer->reveal());
        $metadata->getClientId()->willReturn('foo');
        $metadata->getClientSecret()->willReturn('bar');
        $issuer->getMetadata()->willReturn($issuerMetadata->reveal());
        $issuerMetadata->getIssuer()->willReturn('issuer');

        $jwsBuilder2 = $this->prophesize(JWSBuilder::class);
        $jwsBuilder3 = $this->prophesize(JWSBuilder::class);
        $jwsBuilder4 = $this->prophesize(JWSBuilder::class);
        $jws = $this->prophesize(JWS::class);

        $jwsBuilder->create()->shouldBeCalled()->willReturn($jwsBuilder2->reveal());
        $jwsBuilder2->withPayload(Argument::that(function (string $payload) {
            $decoded = json_decode($payload, true);

            static::assertIsArray($decoded);

            static::assertArrayHasKey('iss', $decoded);
            static::assertArrayHasKey('sub', $decoded);
            static::assertArrayHasKey('aud', $decoded);
            static::assertArrayHasKey('iat', $decoded);
            static::assertArrayHasKey('exp', $decoded);
            static::assertArrayHasKey('jti', $decoded);

            static::assertSame('bar', $decoded['foo'] ?? null);
            static::assertSame('foo', $decoded['iss'] ?? null);
            static::assertSame('foo', $decoded['sub'] ?? null);
            static::assertSame('issuer', $decoded['aud'] ?? null);
            static::assertLessThanOrEqual(time(), $decoded['iat']);
            static::assertLessThanOrEqual(time() + 60, $decoded['exp']);
            static::assertGreaterThan(time(), $decoded['exp']);

            return true;
        }))
            ->shouldBeCalled()
            ->willReturn($jwsBuilder3->reveal());

        $jwsBuilder3->addSignature(Argument::allOf(
            Argument::type(JWK::class),
            Argument::that(function (JWK $jwk) {
                static::assertSame('oct', $jwk->get('kty'));
                static::assertSame(base64url_encode('bar'), $jwk->get('k'));

                return true;
            })
        ), Argument::allOf(
            Argument::type('array'),
            Argument::withEntry('alg', 'HS256'),
            Argument::withKey('jti')
        ))
            ->shouldBeCalled()
            ->willReturn($jwsBuilder4);
        $jwsBuilder4->build()->willReturn($jws->reveal());

        $serializer->serialize($jws->reveal(), 0)
            ->shouldBeCalled()
            ->willReturn('assertion');

        $body = http_build_query([
            'client_id' => 'foo',
            'client_assertion_type' => 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer',
            'client_assertion' => 'assertion',
            'foo' => 'bar',
        ]);

        $stream->write($body)->shouldBeCalled();

        $request->getBody()->willReturn($stream->reveal());

        $result = $auth->createRequest(
            $request->reveal(),
            $client->reveal(),
            ['foo' => 'bar']
        );

        static::assertSame($request->reveal(), $result);
    }

    public function testCreateRequestWithNoClientSecret(): void
    {
        $this->expectException(InvalidArgumentException::class);

        $jwsBuilder = $this->prophesize(JWSBuilder::class);
        $serializer = $this->prophesize(JWSSerializer::class);

        $auth = new ClientSecretJwt(
            $jwsBuilder->reveal(),
            $serializer->reveal()
        );

        $request = $this->prophesize(RequestInterface::class);
        $client = $this->prophesize(ClientInterface::class);
        $metadata = $this->prophesize(ClientMetadataInterface::class);

        $client->getMetadata()->willReturn($metadata->reveal());
        $metadata->getClientId()->willReturn('foo');
        $metadata->getClientSecret()->willReturn(null);

        $auth->createRequest(
            $request->reveal(),
            $client->reveal(),
            []
        );
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			namespace Facile\OpenIDClientTest\AuthMethod;
6
7			use Facile\OpenIDClient\AuthMethod\ClientSecretJwt;
8			use function Facile\OpenIDClient\base64url_encode;
9			use Facile\OpenIDClient\Client\ClientInterface;
10			use Facile\OpenIDClient\Client\Metadata\ClientMetadataInterface;
11			use Facile\OpenIDClient\Exception\InvalidArgumentException;
12			use Facile\OpenIDClient\Issuer\IssuerInterface;
13			use Facile\OpenIDClient\Issuer\Metadata\IssuerMetadataInterface;
14			use function http_build_query;
15			use Jose\Component\Core\JWK;
16			use Jose\Component\Signature\JWS;
17			use Jose\Component\Signature\JWSBuilder;
18			use Jose\Component\Signature\Serializer\JWSSerializer;
19			use function json_decode;
20			use Facile\OpenIDClientTest\TestCase;
21			use Prophecy\Argument;
22			use Psr\Http\Message\RequestInterface;
23			use Psr\Http\Message\StreamInterface;
24			use function time;
25
26			class ClientSecretJwtTest extends TestCase
27			{
28			public function testGetSupportedMethod(): void
29			{
30			$auth = new ClientSecretJwt();
31			static::assertSame('client_secret_jwt', $auth->getSupportedMethod());
32			}
33
34			public function testCreateRequest(): void
35			{
36			$jwsBuilder = $this->prophesize(JWSBuilder::class);
37			$serializer = $this->prophesize(JWSSerializer::class);
38
39			$auth = new ClientSecretJwt(
40			$jwsBuilder->reveal(),
41			$serializer->reveal()
42			);
43
44			$stream = $this->prophesize(StreamInterface::class);
45			$request = $this->prophesize(RequestInterface::class);
46			$client = $this->prophesize(ClientInterface::class);
47			$metadata = $this->prophesize(ClientMetadataInterface::class);
48			$issuer = $this->prophesize(IssuerInterface::class);
49			$issuerMetadata = $this->prophesize(IssuerMetadataInterface::class);
50
51			$client->getMetadata()->willReturn($metadata->reveal());
52			$client->getIssuer()->willReturn($issuer->reveal());
53			$metadata->getClientId()->willReturn('foo');
54			$metadata->getClientSecret()->willReturn('bar');
55			$issuer->getMetadata()->willReturn($issuerMetadata->reveal());
56			$issuerMetadata->getIssuer()->willReturn('issuer');
57
58			$jwsBuilder2 = $this->prophesize(JWSBuilder::class);
59			$jwsBuilder3 = $this->prophesize(JWSBuilder::class);
60			$jwsBuilder4 = $this->prophesize(JWSBuilder::class);
61			$jws = $this->prophesize(JWS::class);
62
63			$jwsBuilder->create()->shouldBeCalled()->willReturn($jwsBuilder2->reveal());
64			$jwsBuilder2->withPayload(Argument::that(function (string $payload) {
65			$decoded = json_decode($payload, true);
66
67			static::assertIsArray($decoded);
68
69			static::assertArrayHasKey('iss', $decoded);
70			static::assertArrayHasKey('sub', $decoded);
71			static::assertArrayHasKey('aud', $decoded);
72			static::assertArrayHasKey('iat', $decoded);
73			static::assertArrayHasKey('exp', $decoded);
74			static::assertArrayHasKey('jti', $decoded);
75
76			static::assertSame('bar', $decoded['foo'] ?? null);
77			static::assertSame('foo', $decoded['iss'] ?? null);
78			static::assertSame('foo', $decoded['sub'] ?? null);
79			static::assertSame('issuer', $decoded['aud'] ?? null);
80			static::assertLessThanOrEqual(time(), $decoded['iat']);
81			static::assertLessThanOrEqual(time() + 60, $decoded['exp']);
82			static::assertGreaterThan(time(), $decoded['exp']);
83
84			return true;
85			}))
86			->shouldBeCalled()
87			->willReturn($jwsBuilder3->reveal());
88
89			$jwsBuilder3->addSignature(Argument::allOf(
90			Argument::type(JWK::class),
91			Argument::that(function (JWK $jwk) {
92			static::assertSame('oct', $jwk->get('kty'));
93			static::assertSame(base64url_encode('bar'), $jwk->get('k'));
94
95			return true;
96			})
97			), Argument::allOf(
98			Argument::type('array'),
99			Argument::withEntry('alg', 'HS256'),
100			Argument::withKey('jti')
101			))
102			->shouldBeCalled()
103			->willReturn($jwsBuilder4);
104			$jwsBuilder4->build()->willReturn($jws->reveal());
105
106			$serializer->serialize($jws->reveal(), 0)
107			->shouldBeCalled()
108			->willReturn('assertion');
109
110			$body = http_build_query([
111			'client_id' => 'foo',
112			'client_assertion_type' => 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer',
113			'client_assertion' => 'assertion',
114			'foo' => 'bar',
115			]);
116
117			$stream->write($body)->shouldBeCalled();
118
119			$request->getBody()->willReturn($stream->reveal());
120
121			$result = $auth->createRequest(
122			$request->reveal(),
123			$client->reveal(),
124			['foo' => 'bar']
125			);
126
127			static::assertSame($request->reveal(), $result);
128			}
129
130			public function testCreateRequestWithNoClientSecret(): void
131			{
132			$this->expectException(InvalidArgumentException::class);
133
134			$jwsBuilder = $this->prophesize(JWSBuilder::class);
135			$serializer = $this->prophesize(JWSSerializer::class);
136
137			$auth = new ClientSecretJwt(
138			$jwsBuilder->reveal(),
139			$serializer->reveal()
140			);
141
142			$request = $this->prophesize(RequestInterface::class);
143			$client = $this->prophesize(ClientInterface::class);
144			$metadata = $this->prophesize(ClientMetadataInterface::class);
145
146			$client->getMetadata()->willReturn($metadata->reveal());
147			$metadata->getClientId()->willReturn('foo');
148			$metadata->getClientSecret()->willReturn(null);
149
150			$auth->createRequest(
151			$request->reveal(),
152			$client->reveal(),
153			[]
154			);
155			}
156			}
157

facile-it / php-openid-client

ClientSecretJwtTest A last analyzed 2021-05-07 08:22 UTC

Complexity

Size/Duplication

Importance

3 Methods

Duplication Side-by-Side

Filter issues like

ClientSecretJwtTest A
last analyzed 2021-05-07 08:22 UTC