mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-02-19 15:45:34 +01:00
Code Issues Releases Wiki Activity
php-phpbb/tests/auth/provider_oauth_token_storage_test.php
DinHere 8c9d26db1f
[ticket/15392] Changed dirname(__FILE__) to __DIR__ 
Changed dirname(__FILE__) to __DIR__ everywhere

PHPBB3-15392
2021-03-03 22:24:10 +01:00

240 lines
7.4 KiB
PHP
Raw Blame History

<?php
/**
*
* This file is part of the phpBB Forum Software package.
*
* @copyright (c) phpBB Limited <https://www.phpbb.com>
* @license GNU General Public License, version 2 (GPL-2.0)
*
* For full copyright and license information, please see
* the docs/CREDITS.txt file.
*
*/
use OAuth\OAuth2\Token\StdOAuth2Token;
require_once __DIR__ . '/phpbb_not_a_token.php';
class phpbb_auth_provider_oauth_token_storage_test extends phpbb_database_test_case
{
protected $db;
protected $service_name;
protected $session_id;
protected $token_storage;
protected $token_storage_table;
protected $state_table;
protected $user;
protected function setUp(): void
{
parent::setUp();
global $phpbb_root_path, $phpEx;
$this->db = $this->new_dbal();
$lang_loader = new \phpbb\language\language_file_loader($phpbb_root_path, $phpEx);
$lang = new \phpbb\language\language($lang_loader);
$this->user = new \phpbb\user($lang, '\phpbb\datetime');
$this->service_name = 'auth.provider.oauth.service.testing';
$this->token_storage_table = 'phpbb_oauth_tokens';
$this->state_table = 'phpbb_oauth_states';
// Give the user a session_id that we will remember
$this->session_id = '12345';
$this->user->data['session_id'] = $this->session_id;
// Set the user id to anonymous
$this->user->data['user_id'] = ANONYMOUS;
$this->token_storage = new \phpbb\auth\provider\oauth\token_storage($this->db, $this->user, $this->token_storage_table, $this->state_table);
}
public function getDataSet()
{
return $this->createXMLDataSet(__DIR__.'/fixtures/oauth_tokens.xml');
}
public static function retrieveAccessToken_data()
{
return array(
array(new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param')), null),
array(null, 'OAuth\Common\Storage\Exception\TokenNotFoundException'),
);
}
/**
* @dataProvider retrieveAccessToken_data
*/
public function test_retrieveAccessToken($cache_token, $exception)
{
if ($cache_token)
{
$this->token_storage->storeAccessToken($this->service_name, $cache_token);
$token = $cache_token;
}
if (!empty($exception))
{
$this->expectException($exception);
}
$stored_token = $this->token_storage->retrieveAccessToken($this->service_name);
$this->assertEquals($token, $stored_token);
}
public function test_retrieveAccessToken_wrong_token()
{
$this->user->data['session_id'] = 'abcd';
try
{
$this->token_storage->retrieveAccessToken($this->service_name);
$this->fail('The token can not be deserialized and an exception should be thrown.');
}
catch (\OAuth\Common\Storage\Exception\TokenNotFoundException $e)
{
}
$row = $this->get_token_row_by_session_id('abcd');
$this->assertFalse($row);
}
public function test_retrieveAccessToken_from_db()
{
$expected_token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES);
// Store a token in the database
$temp_storage = new \phpbb\auth\provider\oauth\token_storage($this->db, $this->user, $this->token_storage_table, $this->state_table);
$temp_storage->storeAccessToken($this->service_name, $expected_token);
unset($temp_storage);
// Test to see if the token can be retrieved
$stored_token = $this->token_storage->retrieveAccessToken($this->service_name);
$this->assertEquals($expected_token, $stored_token);
}
/**
* @dataProvider retrieveAccessToken_data
*/
public function test_retrieve_access_token_by_session($cache_token, $exception)
{
if ($cache_token)
{
$this->token_storage->storeAccessToken($this->service_name, $cache_token);
$token = $cache_token;
}
if (!empty($exception))
{
$this->expectException($exception);
}
$stored_token = $this->token_storage->retrieve_access_token_by_session($this->service_name);
$this->assertEquals($token, $stored_token);
}
public function test_retrieve_access_token_by_session_from_db()
{
$expected_token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES);
// Store a token in the database
$temp_storage = new \phpbb\auth\provider\oauth\token_storage($this->db, $this->user, $this->token_storage_table, $this->state_table);
$temp_storage->storeAccessToken($this->service_name, $expected_token);
unset($temp_storage);
// Test to see if the token can be retrieved
$stored_token = $this->token_storage->retrieve_access_token_by_session($this->service_name);
$this->assertEquals($expected_token, $stored_token);
}
public function test_storeAccessToken()
{
$token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param') );
$this->token_storage->storeAccessToken($this->service_name, $token);
// Confirm that the token is cached
$extraParams = $this->token_storage->retrieveAccessToken($this->service_name)->getExtraParams();
$this->assertEquals( 'param', $extraParams['extra'] );
$this->assertEquals( 'access', $this->token_storage->retrieveAccessToken($this->service_name)->getAccessToken() );
$row = $this->get_token_row_by_session_id($this->session_id);
// The token is serialized before stored in the database
$this->assertEquals($this->token_storage->json_encode_token($token), $row['oauth_token']);
}
public static function hasAccessToken_data()
{
return array(
array(null, false),
array(new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param') ), true),
);
}
/**
* @dataProvider hasAccessToken_data
*/
public function test_hasAccessToken($token, $expected)
{
if ($token)
{
$this->token_storage->storeAccessToken($this->service_name, $token);
}
$has_access_token = $this->token_storage->hasAccessToken($this->service_name);
$this->assertEquals($expected, $has_access_token);
}
/**
* @dataProvider hasAccessToken_data
*/
public function test_has_access_token_by_session($token, $expected)
{
if ($token)
{
$this->token_storage->storeAccessToken($this->service_name, $token);
}
$has_access_token = $this->token_storage->has_access_token_by_session($this->service_name);
$this->assertEquals($expected, $has_access_token);
}
public function test_clearToken()
{
$token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param') );
$this->token_storage->storeAccessToken($this->service_name, $token);
$this->token_storage->clearToken($this->service_name);
// Check that the database has been cleared
$row = $this->get_token_row_by_session_id($this->session_id);
$this->assertFalse($row);
// Check that the token is no longer in memory
$this->assertFalse($this->token_storage->hasAccessToken($this->service_name));
}
public function test_set_user_id()
{
$token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param') );
$this->token_storage->storeAccessToken($this->service_name, $token);
$new_user_id = ANONYMOUS + 1;
$this->token_storage->set_user_id($new_user_id);
$row = $this->get_token_row_by_session_id($this->session_id);
$this->assertEquals($new_user_id, $row['user_id']);
}
protected function get_token_row_by_session_id($session_id)
{
// Test that the token is stored in the database
$sql = 'SELECT * FROM phpbb_oauth_tokens
WHERE session_id = \'' . $this->db->sql_escape($session_id) . '\'';
$result = $this->db->sql_query($sql);
$row = $this->db->sql_fetchrow($result);
$this->db->sql_freeresult($result);
return $row;
}
}
Reference in New Issue View Git Blame Copy Permalink