tests/auth/provider_oauth_token_storage_test.php


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154

<?php
/**
*
* @package testing
* @copyright (c) 2013 phpBB Group
* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
*
*/

use OAuth\OAuth2\Token\StdOAuth2Token;

class phpbb_auth_provider_oauth_token_storage_test extends phpbb_database_test_case
{
	protected $db;
	protected $service_name;
	protected $session_id;
	protected $token_storage;
	protected $token_storage_table;
	protected $user;

	protected function setup()
	{
		parent::setUp();

		global $phpbb_root_path, $phpEx;

		$this->db = $this->new_dbal();
		$this->user = $this->getMock('phpbb_user');
		$this->service_name = 'auth.provider.oauth.service.testing';
		$this->token_storage_table = 'phpbb_oauth_tokens';

		// Give the user a session_id that we will remember
		$this->session_id = '12345';
		$this->user->data['session_id'] = $this->session_id;

		// Set the user id to anonymous
		$this->user->data['user_id'] = ANONYMOUS;

		$this->token_storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->service_name, $this->token_storage_table);
	}

	public function getDataSet()
	{
		return $this->createXMLDataSet(dirname(__FILE__).'/fixtures/oauth_tokens.xml');
	}

	public static function retrieveAccessToken_data()
	{
		return array(
			array(null, new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param')), null),
			array(new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param') ), null, null),
			array(null, null, 'OAuth\Common\Storage\Exception\TokenNotFoundException'),
		);
	}

	/**
	* @dataProvider retrieveAccessToken_data
	*/
	public function test_retrieveAccessToken($cache_token, $db_token, $exception)
	{
		if ($db_token)
		{
			$temp_storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $this->service_name, $this->token_storage_table);
			$temp_storage->storeAccessToken($db_token);
			unset($temp_storage);
			$token = $db_token;
		}

		if ($cache_token)
		{
			$this->token_storage->storeAccessToken($cache_token);
			$token = $cache_token;
		}

		$this->setExpectedException($exception);

		$stored_token = $this->token_storage->retrieveAccessToken();
		$this->assertEquals($token, $stored_token);
	}

	public function test_storeAccessToken()
	{
		$token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param') );
		$this->token_storage->storeAccessToken($token);

		// Confirm that the token is cached
		$extraParams = $this->token_storage->retrieveAccessToken()->getExtraParams();
		$this->assertEquals( 'param', $extraParams['extra'] );
		$this->assertEquals( 'access', $this->token_storage->retrieveAccessToken()->getAccessToken() );

		$row = $this->get_token_row_by_session_id($this->session_id);

		// The token is serialized before stored in the database
		$this->assertEquals(serialize($token), $row['oauth_token']);
	}

	public static function hasAccessToken_data()
	{
		return array(
			array(null, false),
			array(new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param') ), true),
		);
	}

	/**
	* @dataProvider hasAccessToken_data
	*/
	public function test_hasAccessToken($token, $expected)
	{
		if ($token)
		{
			$this->token_storage->storeAccessToken($token);
		}

		$has_access_token = $this->token_storage->hasAccessToken();
		$this->assertEquals($expected, $has_access_token);
	}

	public function test_clearToken()
	{
		$token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param') );
		$this->token_storage->storeAccessToken($token);

		$this->token_storage->clearToken();
		
		$this->assertFalse($this->token_storage->hasAccessToken());
		$row = $this->get_token_row_by_session_id($this->session_id());
		$this->assertFalse($row);
	}

	public function test_set_user_id()
	{
		$token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param') );
		$this->token_storage->storeAccessToken($token);

		$new_user_id = ANONYMOUS + 1;
		$this->token_storage->set_user_id($new_user_id);

		$row = $this->get_token_row_by_session_id($this->session_id);
		$this->assertEquals($new_user_id, $row['user_id']);
	}

	protected function get_token_row_by_session_id($session_id)
	{
		// Test that the token is stored in the database
		$sql = 'SELECT * FROM phpbb_oauth_tokens 
			WHERE session_id = \'' . $session_id . '\'';
		$result = $this->db->sql_query($sql);
		$row = $this->db->sql_fetchrow($result);
		$this->db->sql_freeresult($result);

		return $row;
	}
}