PrivateKeyJwtTest - Code Metrics - facile-it/php-openid-client - Measure and Improve Code Quality continuously with Scrutinizer

PrivateKeyJwtTest A
last analyzed 2021-05-07 08:22 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	140
Duplicated Lines	0 %

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
eloc	90
dl	0
loc	140
rs	10
c	1
b	0
f	0
wmc	5

3 Methods

Rating	Name	Size	Complexity
A	createRequestProvider()	5	1
A	testGetSupportedMethod()	12	1
B	testCreateRequest()	111	3

<?php

declare(strict_types=1);

namespace Facile\OpenIDClientTest\AuthMethod;

use Facile\JoseVerifier\JWK\JwksProviderInterface;
use Facile\OpenIDClient\AuthMethod\PrivateKeyJwt;
use Facile\OpenIDClient\Client\ClientInterface;
use Facile\OpenIDClient\Client\Metadata\ClientMetadataInterface;
use Facile\OpenIDClient\Issuer\IssuerInterface;
use Facile\OpenIDClient\Issuer\Metadata\IssuerMetadataInterface;
use function http_build_query;
use Jose\Component\Core\JWK;
use Jose\Component\KeyManagement\JWKFactory;
use Jose\Component\Signature\JWS;
use Jose\Component\Signature\JWSBuilder;
use Jose\Component\Signature\Serializer\JWSSerializer;
use function json_decode;
use Facile\OpenIDClientTest\TestCase;
use Prophecy\Argument;
use Psr\Http\Message\RequestInterface;
use Psr\Http\Message\StreamInterface;
use function time;

class PrivateKeyJwtTest extends TestCase
{
    public function testGetSupportedMethod(): void
    {
        $jwsBuilder = $this->prophesize(JWSBuilder::class);
        $serializer = $this->prophesize(JWSSerializer::class);

        $auth = new PrivateKeyJwt(
            $jwsBuilder->reveal(),
            $serializer->reveal(),
            null,
            60
        );
        static::assertSame('private_key_jwt', $auth->getSupportedMethod());
    }

    public function createRequestProvider(): array
    {
        return [
            [true],
            [false],
        ];
    }

    /**
     * @dataProvider createRequestProvider
     *
     * @param bool $jwkAsDependency
     */
    public function testCreateRequest(bool $jwkAsDependency = false): void
    {
        $jwsBuilder = $this->prophesize(JWSBuilder::class);
        $serializer = $this->prophesize(JWSSerializer::class);

        $jwk = JWKFactory::createFromSecret('secret', [
            'alg' => 'ALG',
            'kid' => 'foo',
        ]);

        $auth = new PrivateKeyJwt(
            $jwsBuilder->reveal(),
            $serializer->reveal(),
            $jwkAsDependency ? $jwk : null,
            60
        );

        $jwksProvider = $this->prophesize(JwksProviderInterface::class);

        $stream = $this->prophesize(StreamInterface::class);
        $request = $this->prophesize(RequestInterface::class);
        $client = $this->prophesize(ClientInterface::class);
        $metadata = $this->prophesize(ClientMetadataInterface::class);
        $issuer = $this->prophesize(IssuerInterface::class);
        $issuerMetadata = $this->prophesize(IssuerMetadataInterface::class);
        $client->getJwksProvider()->willReturn($jwksProvider->reveal());

        if (! $jwkAsDependency) {
            $jwksProvider->getJwks()->willReturn([
                'keys' => [
                    $jwk->all(),
                ],
            ]);
        }

        $client->getMetadata()->willReturn($metadata->reveal());
        $client->getIssuer()->willReturn($issuer->reveal());
        $metadata->getClientId()->willReturn('foo');
        $metadata->getClientSecret()->willReturn('bar');
        $issuer->getMetadata()->willReturn($issuerMetadata->reveal());
        $issuerMetadata->getIssuer()->willReturn('issuer');

        $jwsBuilder2 = $this->prophesize(JWSBuilder::class);
        $jwsBuilder3 = $this->prophesize(JWSBuilder::class);
        $jwsBuilder4 = $this->prophesize(JWSBuilder::class);
        $jws = $this->prophesize(JWS::class);

        $jwsBuilder->create()->shouldBeCalled()->willReturn($jwsBuilder2->reveal());
        $jwsBuilder2->withPayload(Argument::that(function (string $payload) {
            $decoded = json_decode($payload, true);

            static::assertIsArray($decoded);

            static::assertArrayHasKey('iss', $decoded);
            static::assertArrayHasKey('sub', $decoded);
            static::assertArrayHasKey('aud', $decoded);
            static::assertArrayHasKey('iat', $decoded);
            static::assertArrayHasKey('exp', $decoded);
            static::assertArrayHasKey('jti', $decoded);

            static::assertSame('bar', $decoded['foo'] ?? null);
            static::assertSame('foo', $decoded['iss'] ?? null);
            static::assertSame('foo', $decoded['sub'] ?? null);
            static::assertSame('issuer', $decoded['aud'] ?? null);
            static::assertLessThanOrEqual(time(), $decoded['iat']);
            static::assertLessThanOrEqual(time() + 60, $decoded['exp']);
            static::assertGreaterThan(time(), $decoded['exp']);

            return true;
        }))
            ->shouldBeCalled()
            ->willReturn($jwsBuilder3->reveal());

        $jwsBuilder3->addSignature(
            Argument::allOf(
                Argument::type(JWK::class),
                Argument::that(function (JWK $key) {
                    return 'foo' === $key->get('kid');
                })
            ),
            Argument::allOf(
                Argument::type('array'),
                Argument::withEntry('alg', 'ALG'),
                Argument::withKey('jti')
            )
        )
            ->shouldBeCalled()
            ->willReturn($jwsBuilder4);
        $jwsBuilder4->build()->willReturn($jws->reveal());

        $serializer->serialize($jws->reveal(), 0)
            ->shouldBeCalled()
            ->willReturn('assertion');

        $body = http_build_query([
            'client_id' => 'foo',
            'client_assertion_type' => 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer',
            'client_assertion' => 'assertion',
            'foo' => 'bar',
        ]);

        $stream->write($body)->shouldBeCalled();
        $request->getBody()->willReturn($stream->reveal());

        $result = $auth->createRequest(
            $request->reveal(),
            $client->reveal(),
            ['foo' => 'bar']
        );

        static::assertSame($request->reveal(), $result);
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			namespace Facile\OpenIDClientTest\AuthMethod;
6
7			use Facile\JoseVerifier\JWK\JwksProviderInterface;
8			use Facile\OpenIDClient\AuthMethod\PrivateKeyJwt;
9			use Facile\OpenIDClient\Client\ClientInterface;
10			use Facile\OpenIDClient\Client\Metadata\ClientMetadataInterface;
11			use Facile\OpenIDClient\Issuer\IssuerInterface;
12			use Facile\OpenIDClient\Issuer\Metadata\IssuerMetadataInterface;
13			use function http_build_query;
14			use Jose\Component\Core\JWK;
15			use Jose\Component\KeyManagement\JWKFactory;
16			use Jose\Component\Signature\JWS;
17			use Jose\Component\Signature\JWSBuilder;
18			use Jose\Component\Signature\Serializer\JWSSerializer;
19			use function json_decode;
20			use Facile\OpenIDClientTest\TestCase;
21			use Prophecy\Argument;
22			use Psr\Http\Message\RequestInterface;
23			use Psr\Http\Message\StreamInterface;
24			use function time;
25
26			class PrivateKeyJwtTest extends TestCase
27			{
28			public function testGetSupportedMethod(): void
29			{
30			$jwsBuilder = $this->prophesize(JWSBuilder::class);
31			$serializer = $this->prophesize(JWSSerializer::class);
32
33			$auth = new PrivateKeyJwt(
34			$jwsBuilder->reveal(),
35			$serializer->reveal(),
36			null,
37			60
38			);
39			static::assertSame('private_key_jwt', $auth->getSupportedMethod());
40			}
41
42			public function createRequestProvider(): array
43			{
44			return [
45			[true],
46			[false],
47			];
48			}
49
50			/**
51			* @dataProvider createRequestProvider
52			*
53			* @param bool $jwkAsDependency
54			*/
55			public function testCreateRequest(bool $jwkAsDependency = false): void
56			{
57			$jwsBuilder = $this->prophesize(JWSBuilder::class);
58			$serializer = $this->prophesize(JWSSerializer::class);
59
60			$jwk = JWKFactory::createFromSecret('secret', [
61			'alg' => 'ALG',
62			'kid' => 'foo',
63			]);
64
65			$auth = new PrivateKeyJwt(
66			$jwsBuilder->reveal(),
67			$serializer->reveal(),
68			$jwkAsDependency ? $jwk : null,
69			60
70			);
71
72			$jwksProvider = $this->prophesize(JwksProviderInterface::class);
73
74			$stream = $this->prophesize(StreamInterface::class);
75			$request = $this->prophesize(RequestInterface::class);
76			$client = $this->prophesize(ClientInterface::class);
77			$metadata = $this->prophesize(ClientMetadataInterface::class);
78			$issuer = $this->prophesize(IssuerInterface::class);
79			$issuerMetadata = $this->prophesize(IssuerMetadataInterface::class);
80			$client->getJwksProvider()->willReturn($jwksProvider->reveal());
81
82			if (! $jwkAsDependency) {
83			$jwksProvider->getJwks()->willReturn([
84			'keys' => [
85			$jwk->all(),
86			],
87			]);
88			}
89
90			$client->getMetadata()->willReturn($metadata->reveal());
91			$client->getIssuer()->willReturn($issuer->reveal());
92			$metadata->getClientId()->willReturn('foo');
93			$metadata->getClientSecret()->willReturn('bar');
94			$issuer->getMetadata()->willReturn($issuerMetadata->reveal());
95			$issuerMetadata->getIssuer()->willReturn('issuer');
96
97			$jwsBuilder2 = $this->prophesize(JWSBuilder::class);
98			$jwsBuilder3 = $this->prophesize(JWSBuilder::class);
99			$jwsBuilder4 = $this->prophesize(JWSBuilder::class);
100			$jws = $this->prophesize(JWS::class);
101
102			$jwsBuilder->create()->shouldBeCalled()->willReturn($jwsBuilder2->reveal());
103			$jwsBuilder2->withPayload(Argument::that(function (string $payload) {
104			$decoded = json_decode($payload, true);
105
106			static::assertIsArray($decoded);
107
108			static::assertArrayHasKey('iss', $decoded);
109			static::assertArrayHasKey('sub', $decoded);
110			static::assertArrayHasKey('aud', $decoded);
111			static::assertArrayHasKey('iat', $decoded);
112			static::assertArrayHasKey('exp', $decoded);
113			static::assertArrayHasKey('jti', $decoded);
114
115			static::assertSame('bar', $decoded['foo'] ?? null);
116			static::assertSame('foo', $decoded['iss'] ?? null);
117			static::assertSame('foo', $decoded['sub'] ?? null);
118			static::assertSame('issuer', $decoded['aud'] ?? null);
119			static::assertLessThanOrEqual(time(), $decoded['iat']);
120			static::assertLessThanOrEqual(time() + 60, $decoded['exp']);
121			static::assertGreaterThan(time(), $decoded['exp']);
122
123			return true;
124			}))
125			->shouldBeCalled()
126			->willReturn($jwsBuilder3->reveal());
127
128			$jwsBuilder3->addSignature(
129			Argument::allOf(
130			Argument::type(JWK::class),
131			Argument::that(function (JWK $key) {
132			return 'foo' === $key->get('kid');
133			})
134			),
135			Argument::allOf(
136			Argument::type('array'),
137			Argument::withEntry('alg', 'ALG'),
138			Argument::withKey('jti')
139			)
140			)
141			->shouldBeCalled()
142			->willReturn($jwsBuilder4);
143			$jwsBuilder4->build()->willReturn($jws->reveal());
144
145			$serializer->serialize($jws->reveal(), 0)
146			->shouldBeCalled()
147			->willReturn('assertion');
148
149			$body = http_build_query([
150			'client_id' => 'foo',
151			'client_assertion_type' => 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer',
152			'client_assertion' => 'assertion',
153			'foo' => 'bar',
154			]);
155
156			$stream->write($body)->shouldBeCalled();
157			$request->getBody()->willReturn($stream->reveal());
158
159			$result = $auth->createRequest(
160			$request->reveal(),
161			$client->reveal(),
162			['foo' => 'bar']
163			);
164
165			static::assertSame($request->reveal(), $result);
166			}
167			}
168

facile-it / php-openid-client

PrivateKeyJwtTest A last analyzed 2021-05-07 08:22 UTC

Complexity

Size/Duplication

Importance

3 Methods

Duplication Side-by-Side

Filter issues like

PrivateKeyJwtTest A
last analyzed 2021-05-07 08:22 UTC