diff options
author | Maat <maat-pub@mageia.biz> | 2020-05-08 18:29:30 +0200 |
---|---|---|
committer | Maat <maat-pub@mageia.biz> | 2020-05-08 21:36:04 +0200 |
commit | 36bc1870f21fac04736a1049c1d5b8e127d729f4 (patch) | |
tree | 9d102331eeaf1ef3cd23e656320d7c08e65757ed /tests/auth/provider_oauth_token_storage_test.php | |
parent | 8875d385d0579b451dac4d9bda465172b4f69ee0 (diff) | |
parent | 149375253685b3a38996f63015a74b7a0f53aa14 (diff) | |
download | forums-36bc1870f21fac04736a1049c1d5b8e127d729f4.tar forums-36bc1870f21fac04736a1049c1d5b8e127d729f4.tar.gz forums-36bc1870f21fac04736a1049c1d5b8e127d729f4.tar.bz2 forums-36bc1870f21fac04736a1049c1d5b8e127d729f4.tar.xz forums-36bc1870f21fac04736a1049c1d5b8e127d729f4.zip |
Merge remote-tracking branch 'upstream/prep-release-3.1.11'
Diffstat (limited to 'tests/auth/provider_oauth_token_storage_test.php')
-rw-r--r-- | tests/auth/provider_oauth_token_storage_test.php | 229 |
1 files changed, 229 insertions, 0 deletions
diff --git a/tests/auth/provider_oauth_token_storage_test.php b/tests/auth/provider_oauth_token_storage_test.php new file mode 100644 index 0000000000..71b49ff439 --- /dev/null +++ b/tests/auth/provider_oauth_token_storage_test.php @@ -0,0 +1,229 @@ +<?php +/** +* +* This file is part of the phpBB Forum Software package. +* +* @copyright (c) phpBB Limited <https://www.phpbb.com> +* @license GNU General Public License, version 2 (GPL-2.0) +* +* For full copyright and license information, please see +* the docs/CREDITS.txt file. +* +*/ + +use OAuth\OAuth2\Token\StdOAuth2Token; + +require_once dirname(__FILE__) . '/phpbb_not_a_token.php'; + +class phpbb_auth_provider_oauth_token_storage_test extends phpbb_database_test_case +{ + protected $db; + protected $service_name; + protected $session_id; + protected $token_storage; + protected $token_storage_table; + protected $user; + + protected function setup() + { + parent::setUp(); + + global $phpbb_root_path, $phpEx; + + $this->db = $this->new_dbal(); + $this->user = new \phpbb\user('\phpbb\datetime'); + $this->service_name = 'auth.provider.oauth.service.testing'; + $this->token_storage_table = 'phpbb_oauth_tokens'; + + // Give the user a session_id that we will remember + $this->session_id = '12345'; + $this->user->data['session_id'] = $this->session_id; + + // Set the user id to anonymous + $this->user->data['user_id'] = ANONYMOUS; + + $this->token_storage = new \phpbb\auth\provider\oauth\token_storage($this->db, $this->user, $this->token_storage_table); + } + + public function getDataSet() + { + return $this->createXMLDataSet(dirname(__FILE__).'/fixtures/oauth_tokens.xml'); + } + + public static function retrieveAccessToken_data() + { + return array( + array(new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param')), null), + array(null, 'OAuth\Common\Storage\Exception\TokenNotFoundException'), + ); + } + + /** + * @dataProvider retrieveAccessToken_data + */ + public function test_retrieveAccessToken($cache_token, $exception) + { + if ($cache_token) + { + $this->token_storage->storeAccessToken($this->service_name, $cache_token); + $token = $cache_token; + } + + $this->setExpectedException($exception); + + $stored_token = $this->token_storage->retrieveAccessToken($this->service_name); + $this->assertEquals($token, $stored_token); + } + + public function test_retrieveAccessToken_wrong_token() + { + $this->user->data['session_id'] = 'abcd'; + try + { + $this->token_storage->retrieveAccessToken($this->service_name); + $this->fail('The token can not be deserialized and an exception should be thrown.'); + } + catch (\OAuth\Common\Storage\Exception\TokenNotFoundException $e) + { + } + + $row = $this->get_token_row_by_session_id('abcd'); + $this->assertFalse($row); + } + + public function test_retrieveAccessToken_from_db() + { + $expected_token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES); + + // Store a token in the database + $temp_storage = new \phpbb\auth\provider\oauth\token_storage($this->db, $this->user, $this->token_storage_table); + $temp_storage->storeAccessToken($this->service_name, $expected_token); + unset($temp_storage); + + // Test to see if the token can be retrieved + $stored_token = $this->token_storage->retrieveAccessToken($this->service_name); + $this->assertEquals($expected_token, $stored_token); + } + + /** + * @dataProvider retrieveAccessToken_data + */ + public function test_retrieve_access_token_by_session($cache_token, $exception) + { + if ($cache_token) + { + $this->token_storage->storeAccessToken($this->service_name, $cache_token); + $token = $cache_token; + } + + $this->setExpectedException($exception); + + $stored_token = $this->token_storage->retrieve_access_token_by_session($this->service_name); + $this->assertEquals($token, $stored_token); + } + + public function test_retrieve_access_token_by_session_from_db() + { + $expected_token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES); + + // Store a token in the database + $temp_storage = new \phpbb\auth\provider\oauth\token_storage($this->db, $this->user, $this->token_storage_table); + $temp_storage->storeAccessToken($this->service_name, $expected_token); + unset($temp_storage); + + // Test to see if the token can be retrieved + $stored_token = $this->token_storage->retrieve_access_token_by_session($this->service_name); + $this->assertEquals($expected_token, $stored_token); + } + + public function test_storeAccessToken() + { + $token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param') ); + $this->token_storage->storeAccessToken($this->service_name, $token); + + // Confirm that the token is cached + $extraParams = $this->token_storage->retrieveAccessToken($this->service_name)->getExtraParams(); + $this->assertEquals( 'param', $extraParams['extra'] ); + $this->assertEquals( 'access', $this->token_storage->retrieveAccessToken($this->service_name)->getAccessToken() ); + + $row = $this->get_token_row_by_session_id($this->session_id); + + // The token is serialized before stored in the database + $this->assertEquals($this->token_storage->json_encode_token($token), $row['oauth_token']); + } + + public static function hasAccessToken_data() + { + return array( + array(null, false), + array(new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param') ), true), + ); + } + + /** + * @dataProvider hasAccessToken_data + */ + public function test_hasAccessToken($token, $expected) + { + if ($token) + { + $this->token_storage->storeAccessToken($this->service_name, $token); + } + + $has_access_token = $this->token_storage->hasAccessToken($this->service_name); + $this->assertEquals($expected, $has_access_token); + } + + /** + * @dataProvider hasAccessToken_data + */ + public function test_has_access_token_by_session($token, $expected) + { + if ($token) + { + $this->token_storage->storeAccessToken($this->service_name, $token); + } + + $has_access_token = $this->token_storage->has_access_token_by_session($this->service_name); + $this->assertEquals($expected, $has_access_token); + } + + public function test_clearToken() + { + $token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param') ); + $this->token_storage->storeAccessToken($this->service_name, $token); + + $this->token_storage->clearToken($this->service_name); + + // Check that the database has been cleared + $row = $this->get_token_row_by_session_id($this->session_id); + $this->assertFalse($row); + + // Check that the token is no longer in memory + $this->assertFalse($this->token_storage->hasAccessToken($this->service_name)); + } + + public function test_set_user_id() + { + $token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param') ); + $this->token_storage->storeAccessToken($this->service_name, $token); + + $new_user_id = ANONYMOUS + 1; + $this->token_storage->set_user_id($new_user_id); + + $row = $this->get_token_row_by_session_id($this->session_id); + $this->assertEquals($new_user_id, $row['user_id']); + } + + protected function get_token_row_by_session_id($session_id) + { + // Test that the token is stored in the database + $sql = 'SELECT * FROM phpbb_oauth_tokens + WHERE session_id = \'' . $this->db->sql_escape($session_id) . '\''; + $result = $this->db->sql_query($sql); + $row = $this->db->sql_fetchrow($result); + $this->db->sql_freeresult($result); + + return $row; + } +} |