diff options
| author | Joas Schilling <nickvergessen@gmx.de> | 2014-06-27 16:00:29 +0200 |
|---|---|---|
| committer | Joas Schilling <nickvergessen@gmx.de> | 2014-06-27 16:00:29 +0200 |
| commit | 404c2f11448f53e55eca4cfdf082671230711241 (patch) | |
| tree | 9f0d18f57bff2bd4f9c418c28e4ab6657ccc8bb1 | |
| parent | 919e1a6bc87ff93d974224678c63b7ddef4a708b (diff) | |
| parent | 2ebd86611a760b923752a6103e3f75d2bb94e048 (diff) | |
| download | forums-404c2f11448f53e55eca4cfdf082671230711241.tar forums-404c2f11448f53e55eca4cfdf082671230711241.tar.gz forums-404c2f11448f53e55eca4cfdf082671230711241.tar.bz2 forums-404c2f11448f53e55eca4cfdf082671230711241.tar.xz forums-404c2f11448f53e55eca4cfdf082671230711241.zip | |
Merge pull request #2598 from Nicofuma/ticket/12716
[ticket/12716] Add the missing parameters in the call of clearToken
* Nicofuma/ticket/12716:
[ticket/12716] Use a string as session_id
[ticket/12716] Add regression test
[ticket/12716] Add the missing parameters in the call of clearToken
| -rw-r--r-- | phpBB/phpbb/auth/provider/oauth/token_storage.php | 2 | ||||
| -rw-r--r-- | tests/auth/fixtures/oauth_tokens.xml | 6 | ||||
| -rw-r--r-- | tests/auth/phpbb_not_a_token.php | 23 | ||||
| -rw-r--r-- | tests/auth/provider_oauth_token_storage_test.php | 18 |
4 files changed, 48 insertions, 1 deletions
diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index fe1a376cfe..023cf402ca 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -266,7 +266,7 @@ class token_storage implements TokenStorageInterface // Ensure that the token was serialized/unserialized correctly if (!($token instanceof TokenInterface)) { - $this->clearToken(); + $this->clearToken($data['provider']); throw new TokenNotFoundException('AUTH_PROVIDER_OAUTH_TOKEN_ERROR_INCORRECTLY_STORED'); } diff --git a/tests/auth/fixtures/oauth_tokens.xml b/tests/auth/fixtures/oauth_tokens.xml index 9bfb5a4422..6c82e94e62 100644 --- a/tests/auth/fixtures/oauth_tokens.xml +++ b/tests/auth/fixtures/oauth_tokens.xml @@ -5,6 +5,12 @@ <column>session_id</column> <column>provider</column> <column>oauth_token</column> + <row> + <value>1</value> + <value>abcd</value> + <value>auth.provider.oauth.service.testing</value> + <value>{"token_class":"phpbb_not_a_token","accessToken":"error","refreshToken":0,"endOfLife":null,"extraParams":null}</value> + </row> </table> </dataset> diff --git a/tests/auth/phpbb_not_a_token.php b/tests/auth/phpbb_not_a_token.php new file mode 100644 index 0000000000..61cc14fa10 --- /dev/null +++ b/tests/auth/phpbb_not_a_token.php @@ -0,0 +1,23 @@ +<?php +/** +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +class phpbb_not_a_token +{ + public function __construct($param1, $param2, $param3, $param4) + { + } + + public function setEndOfLife() + { + } +} diff --git a/tests/auth/provider_oauth_token_storage_test.php b/tests/auth/provider_oauth_token_storage_test.php index ec28e546bd..45daa9816b 100644 --- a/tests/auth/provider_oauth_token_storage_test.php +++ b/tests/auth/provider_oauth_token_storage_test.php @@ -13,6 +13,8 @@ use OAuth\OAuth2\Token\StdOAuth2Token; +require_once dirname(__FILE__) . '/phpbb_not_a_token.php'; + class phpbb_auth_provider_oauth_token_storage_test extends phpbb_database_test_case { protected $db; @@ -73,6 +75,22 @@ class phpbb_auth_provider_oauth_token_storage_test extends phpbb_database_test_c $this->assertEquals($token, $stored_token); } + public function test_retrieveAccessToken_wrong_token() + { + $this->user->data['session_id'] = 'abcd'; + try + { + $this->token_storage->retrieveAccessToken($this->service_name); + $this->fail('The token can not be deserialized and an exception should be thrown.'); + } + catch (\OAuth\Common\Storage\Exception\TokenNotFoundException $e) + { + } + + $row = $this->get_token_row_by_session_id('abcd'); + $this->assertFalse($row); + } + public function test_retrieveAccessToken_from_db() { $expected_token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES); |