mirror of
https://github.com/phpbb/phpbb.git
synced 2025-08-22 08:13:14 +02:00
Merge branch 'develop' of github.com:phpbb/phpbb3 into ticket/11832
# By Joseph Warner (187) and others # Via Andreas Fischer (2) and others * 'develop' of github.com:phpbb/phpbb3: (189 commits) [ticket/11835] Fix ucp_auth_link adding in migration [prep-release-3.0.12] Remove changelog entry for ticket that was not resolved. [feature/oauth] Fix tabindex [feature/oauth] Fix bug on ucp_auth_link related to error display [feature/oauth] More small fixes [feature/oauth] More minor changes from review [feature/oauth] Fix small bug introduced by update in OAuth library [feature/oauth] Fix small issues on ucp pages [feature/oauth] Fix typo in OAuth logout method [feature/oauth] Make token storage service ignorant [feature/oauth] Update oauth::logout() to use clearAllTokens() [feature/oauth] Update storage implementation due to inteface change [feature/oauth] Update lusitanian/oauth to stable branch [feature/oauth] Update comment on oauth service exception [feature/oauth] Forgot to remove placeholder comment [feature/oauth] OAuth service exception [feature/oauth] A few more minor changes [feature/oauth] Changes due to code review [feature/oauth] Fix redirects [feature/oauth] Fix issues on ucp_login_link from review ...
This commit is contained in:
Nathan Guse
10
tests/auth/fixtures/oauth_tokens.xml
Normal file
10
tests/auth/fixtures/oauth_tokens.xml
Normal file
@@ -0,0 +1,10 @@
|
||||
<?xml version="1.0" encoding="UTF-8" ?>
|
||||
<dataset>
|
||||
<table name="phpbb_oauth_tokens">
|
||||
<column>user_id</column>
|
||||
<column>session_id</column>
|
||||
<column>provider</column>
|
||||
<column>oauth_token</column>
|
||||
</table>
|
||||
</dataset>
|
||||
|
||||
207
tests/auth/provider_oauth_token_storage_test.php
Normal file
207
tests/auth/provider_oauth_token_storage_test.php
Normal file
@@ -0,0 +1,207 @@
|
||||
<?php
|
||||
/**
|
||||
*
|
||||
* @package testing
|
||||
* @copyright (c) 2013 phpBB Group
|
||||
* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
|
||||
*
|
||||
*/
|
||||
|
||||
use OAuth\OAuth2\Token\StdOAuth2Token;
|
||||
|
||||
class phpbb_auth_provider_oauth_token_storage_test extends phpbb_database_test_case
|
||||
{
|
||||
protected $db;
|
||||
protected $service_name;
|
||||
protected $session_id;
|
||||
protected $token_storage;
|
||||
protected $token_storage_table;
|
||||
protected $user;
|
||||
|
||||
protected function setup()
|
||||
{
|
||||
parent::setUp();
|
||||
|
||||
global $phpbb_root_path, $phpEx;
|
||||
|
||||
$this->db = $this->new_dbal();
|
||||
$this->user = $this->getMock('phpbb_user');
|
||||
$this->service_name = 'auth.provider.oauth.service.testing';
|
||||
$this->token_storage_table = 'phpbb_oauth_tokens';
|
||||
|
||||
// Give the user a session_id that we will remember
|
||||
$this->session_id = '12345';
|
||||
$this->user->data['session_id'] = $this->session_id;
|
||||
|
||||
// Set the user id to anonymous
|
||||
$this->user->data['user_id'] = ANONYMOUS;
|
||||
|
||||
$this->token_storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->token_storage_table);
|
||||
}
|
||||
|
||||
public function getDataSet()
|
||||
{
|
||||
return $this->createXMLDataSet(dirname(__FILE__).'/fixtures/oauth_tokens.xml');
|
||||
}
|
||||
|
||||
public static function retrieveAccessToken_data()
|
||||
{
|
||||
return array(
|
||||
array(new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param')), null),
|
||||
array(null, 'OAuth\Common\Storage\Exception\TokenNotFoundException'),
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* @dataProvider retrieveAccessToken_data
|
||||
*/
|
||||
public function test_retrieveAccessToken($cache_token, $exception)
|
||||
{
|
||||
if ($cache_token)
|
||||
{
|
||||
$this->token_storage->storeAccessToken($this->service_name, $cache_token);
|
||||
$token = $cache_token;
|
||||
}
|
||||
|
||||
$this->setExpectedException($exception);
|
||||
|
||||
$stored_token = $this->token_storage->retrieveAccessToken($this->service_name);
|
||||
$this->assertEquals($token, $stored_token);
|
||||
}
|
||||
|
||||
public function test_retrieveAccessToken_from_db()
|
||||
{
|
||||
$expected_token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES);
|
||||
|
||||
// Store a token in the database
|
||||
$temp_storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->token_storage_table);
|
||||
$temp_storage->storeAccessToken($this->service_name, $expected_token);
|
||||
unset($temp_storage);
|
||||
|
||||
// Test to see if the token can be retrieved
|
||||
$stored_token = $this->token_storage->retrieveAccessToken($this->service_name);
|
||||
$this->assertEquals($expected_token, $stored_token);
|
||||
}
|
||||
|
||||
/**
|
||||
* @dataProvider retrieveAccessToken_data
|
||||
*/
|
||||
public function test_retrieve_access_token_by_session($cache_token, $exception)
|
||||
{
|
||||
if ($cache_token)
|
||||
{
|
||||
$this->token_storage->storeAccessToken($this->service_name, $cache_token);
|
||||
$token = $cache_token;
|
||||
}
|
||||
|
||||
$this->setExpectedException($exception);
|
||||
|
||||
$stored_token = $this->token_storage->retrieve_access_token_by_session($this->service_name);
|
||||
$this->assertEquals($token, $stored_token);
|
||||
}
|
||||
|
||||
public function test_retrieve_access_token_by_session_from_db()
|
||||
{
|
||||
$expected_token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES);
|
||||
|
||||
// Store a token in the database
|
||||
$temp_storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->token_storage_table);
|
||||
$temp_storage->storeAccessToken($this->service_name, $expected_token);
|
||||
unset($temp_storage);
|
||||
|
||||
// Test to see if the token can be retrieved
|
||||
$stored_token = $this->token_storage->retrieve_access_token_by_session($this->service_name);
|
||||
$this->assertEquals($expected_token, $stored_token);
|
||||
}
|
||||
|
||||
public function test_storeAccessToken()
|
||||
{
|
||||
$token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param') );
|
||||
$this->token_storage->storeAccessToken($this->service_name, $token);
|
||||
|
||||
// Confirm that the token is cached
|
||||
$extraParams = $this->token_storage->retrieveAccessToken($this->service_name)->getExtraParams();
|
||||
$this->assertEquals( 'param', $extraParams['extra'] );
|
||||
$this->assertEquals( 'access', $this->token_storage->retrieveAccessToken($this->service_name)->getAccessToken() );
|
||||
|
||||
$row = $this->get_token_row_by_session_id($this->session_id);
|
||||
|
||||
// The token is serialized before stored in the database
|
||||
$this->assertEquals($this->token_storage->json_encode_token($token), $row['oauth_token']);
|
||||
}
|
||||
|
||||
public static function hasAccessToken_data()
|
||||
{
|
||||
return array(
|
||||
array(null, false),
|
||||
array(new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param') ), true),
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* @dataProvider hasAccessToken_data
|
||||
*/
|
||||
public function test_hasAccessToken($token, $expected)
|
||||
{
|
||||
if ($token)
|
||||
{
|
||||
$this->token_storage->storeAccessToken($this->service_name, $token);
|
||||
}
|
||||
|
||||
$has_access_token = $this->token_storage->hasAccessToken($this->service_name);
|
||||
$this->assertEquals($expected, $has_access_token);
|
||||
}
|
||||
|
||||
/**
|
||||
* @dataProvider hasAccessToken_data
|
||||
*/
|
||||
public function test_has_access_token_by_session($token, $expected)
|
||||
{
|
||||
if ($token)
|
||||
{
|
||||
$this->token_storage->storeAccessToken($this->service_name, $token);
|
||||
}
|
||||
|
||||
$has_access_token = $this->token_storage->has_access_token_by_session($this->service_name);
|
||||
$this->assertEquals($expected, $has_access_token);
|
||||
}
|
||||
|
||||
public function test_clearToken()
|
||||
{
|
||||
$token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param') );
|
||||
$this->token_storage->storeAccessToken($this->service_name, $token);
|
||||
|
||||
$this->token_storage->clearToken($this->service_name);
|
||||
|
||||
// Check that the database has been cleared
|
||||
$row = $this->get_token_row_by_session_id($this->session_id);
|
||||
$this->assertFalse($row);
|
||||
|
||||
// Check that the token is no longer in memory
|
||||
$this->assertFalse($this->token_storage->hasAccessToken($this->service_name));
|
||||
}
|
||||
|
||||
public function test_set_user_id()
|
||||
{
|
||||
$token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param') );
|
||||
$this->token_storage->storeAccessToken($this->service_name, $token);
|
||||
|
||||
$new_user_id = ANONYMOUS + 1;
|
||||
$this->token_storage->set_user_id($new_user_id);
|
||||
|
||||
$row = $this->get_token_row_by_session_id($this->session_id);
|
||||
$this->assertEquals($new_user_id, $row['user_id']);
|
||||
}
|
||||
|
||||
protected function get_token_row_by_session_id($session_id)
|
||||
{
|
||||
// Test that the token is stored in the database
|
||||
$sql = 'SELECT * FROM phpbb_oauth_tokens
|
||||
WHERE session_id = \'' . $this->db->sql_escape($session_id) . '\'';
|
||||
$result = $this->db->sql_query($sql);
|
||||
$row = $this->db->sql_fetchrow($result);
|
||||
$this->db->sql_freeresult($result);
|
||||
|
||||
return $row;
|
||||
}
|
||||
}
|
||||
@@ -74,6 +74,11 @@ class phpbb_mock_request implements phpbb_request_interface
|
||||
return array_keys($this->data[$super_global]);
|
||||
}
|
||||
|
||||
public function get_super_global($super_global = phpbb_request_interface::REQUEST)
|
||||
{
|
||||
return $this->data[$super_global];
|
||||
}
|
||||
|
||||
/* custom methods */
|
||||
|
||||
public function set_header($header_name, $value)
|
||||
|
||||
Reference in New Issue
Block a user