ApiOAuth2Test

Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements.

Defined (1)

The class is defined in the following location(s).

/lib/vendor/google/apiclient/tests/general/ApiOAuth2Test.php  
  1. class ApiOAuth2Test extends BaseTest { 
  2.  
  3. public function testSign() 
  4. $client = $this->getClient(); 
  5. $oauth = new Google_Auth_OAuth2($client); 
  6.  
  7. $client->setClientId('clientId1'); 
  8. $client->setClientSecret('clientSecret1'); 
  9. $client->setRedirectUri('http://localhost'); 
  10. $client->setDeveloperKey('devKey'); 
  11. $client->setAccessType('offline'); 
  12. $client->setApprovalPrompt('force'); 
  13. $client->setRequestVisibleActions('http://foo'); 
  14.  
  15. $req = new Google_Http_Request('http://localhost'); 
  16. $req = $oauth->sign($req); 
  17.  
  18. $this->assertEquals('http://localhost?key=devKey', $req->getUrl()); 
  19.  
  20. // test accessToken 
  21. $oauth->setAccessToken(json_encode(array( 
  22. 'access_token' => 'ACCESS_TOKEN',  
  23. 'created' => time(),  
  24. 'expires_in' => '3600' 
  25. ))); 
  26.  
  27. $req = $oauth->sign($req); 
  28. $auth = $req->getRequestHeader('authorization'); 
  29. $this->assertEquals('Bearer ACCESS_TOKEN', $auth); 
  30.  
  31. public function testRevokeAccess() 
  32. $accessToken = "ACCESS_TOKEN"; 
  33. $refreshToken = "REFRESH_TOKEN"; 
  34. $accessToken2 = "ACCESS_TOKEN_2"; 
  35. $token = ""; 
  36.  
  37. $client = $this->getClient(); 
  38. $response = $this->getMock("Google_Http_Request", array(), array('')); 
  39. $response->expects($this->any()) 
  40. ->method('getResponseHttpCode') 
  41. ->will($this->returnValue(200)); 
  42. $io = $this->getMock("Google_IO_Stream", array(), array($client)); 
  43. $io->expects($this->any()) 
  44. ->method('makeRequest') 
  45. ->will($this->returnCallback(function($request) use (&$token, $response) { 
  46. $elements = array(); 
  47. parse_str($request->getPostBody(), $elements); 
  48. $token = isset($elements['token']) ? $elements['token'] : null; 
  49. return $response; 
  50. })); 
  51. $client->setIo($io); 
  52.  
  53. // Test with access token. 
  54. $oauth = new Google_Auth_OAuth2($client); 
  55. $oauth->setAccessToken(json_encode(array( 
  56. 'access_token' => $accessToken,  
  57. 'created' => time(),  
  58. 'expires_in' => '3600' 
  59. ))); 
  60. $this->assertTrue($oauth->revokeToken()); 
  61. $this->assertEquals($accessToken, $token); 
  62.  
  63. // Test with refresh token. 
  64. $oauth = new Google_Auth_OAuth2($client); 
  65. $oauth->setAccessToken(json_encode(array( 
  66. 'access_token' => $accessToken,  
  67. 'refresh_token' => $refreshToken,  
  68. 'created' => time(),  
  69. 'expires_in' => '3600' 
  70. ))); 
  71. $this->assertTrue($oauth->revokeToken()); 
  72. $this->assertEquals($refreshToken, $token); 
  73.  
  74. // Test with passed in token. 
  75. $this->assertTrue($oauth->revokeToken($accessToken2)); 
  76. $this->assertEquals($accessToken2, $token); 
  77.  
  78. public function testCreateAuthUrl() 
  79. $client = $this->getClient(); 
  80. $oauth = new Google_Auth_OAuth2($client); 
  81.  
  82. $client->setClientId('clientId1'); 
  83. $client->setClientSecret('clientSecret1'); 
  84. $client->setRedirectUri('http://localhost'); 
  85. $client->setDeveloperKey('devKey'); 
  86. $client->setAccessType('offline'); 
  87. $client->setApprovalPrompt('force'); 
  88. $client->setRequestVisibleActions(array('http://foo')); 
  89. $client->setLoginHint("bob@example.org"); 
  90.  
  91. $authUrl = $oauth->createAuthUrl("http://googleapis.com/scope/foo"); 
  92. $expected = "https://accounts.google.com/o/oauth2/auth" 
  93. . "?response_type=code" 
  94. . "&redirect_uri=http%3A%2F%2Flocalhost" 
  95. . "&client_id=clientId1" 
  96. . "&scope=http%3A%2F%2Fgoogleapis.com%2Fscope%2Ffoo" 
  97. . "&access_type=offline" 
  98. . "&approval_prompt=force" 
  99. . "&login_hint=bob%40example.org"; 
  100. $this->assertEquals($expected, $authUrl); 
  101.  
  102. // Again with a blank login hint (should remove all traces from authUrl) 
  103. $client->setLoginHint(""); 
  104. $client->setHostedDomain("example.com"); 
  105. $client->setOpenidRealm("example.com"); 
  106. $client->setPrompt("select_account"); 
  107. $client->setIncludeGrantedScopes(true); 
  108. $authUrl = $oauth->createAuthUrl("http://googleapis.com/scope/foo"); 
  109. $expected = "https://accounts.google.com/o/oauth2/auth" 
  110. . "?response_type=code" 
  111. . "&redirect_uri=http%3A%2F%2Flocalhost" 
  112. . "&client_id=clientId1" 
  113. . "&scope=http%3A%2F%2Fgoogleapis.com%2Fscope%2Ffoo" 
  114. . "&access_type=offline" 
  115. . "&approval_prompt=force" 
  116. . "&hd=example.com" 
  117. . "&openid.realm=example.com" 
  118. . "&prompt=select_account" 
  119. . "&include_granted_scopes=true"; 
  120. $this->assertEquals($expected, $authUrl); 
  121.  
  122. /** 
  123. * Most of the logic for ID token validation is in AuthTest - 
  124. * this is just a general check to ensure we verify a valid 
  125. * id token if one exists. 
  126. */ 
  127. public function testValidateIdToken() 
  128. if (!$this->checkToken()) { 
  129. return; 
  130.  
  131. $client = $this->getClient(); 
  132. $token = json_decode($client->getAccessToken()); 
  133. $segments = explode(".", $token->id_token); 
  134. $this->assertEquals(3, count($segments)); 
  135. // Extract the client ID in this case as it wont be set on the test client. 
  136. $data = json_decode(Google_Utils::urlSafeB64Decode($segments[1])); 
  137. $oauth = new Google_Auth_OAuth2($client); 
  138. $ticket = $oauth->verifyIdToken($token->id_token, $data->aud); 
  139. $this->assertInstanceOf( 
  140. "Google_Auth_LoginTicket",  
  141. $ticket 
  142. ); 
  143. $this->assertTrue(strlen($ticket->getUserId()) > 0); 
  144.  
  145. // TODO(ianbarber): Need to be smart about testing/disabling the 
  146. // caching for this test to make sense. Not sure how to do that 
  147. // at the moment. 
  148. $client = $this->getClient(); 
  149. $client->setIo(new Google_IO_Stream($client)); 
  150. $data = json_decode(Google_Utils::urlSafeB64Decode($segments[1])); 
  151. $oauth = new Google_Auth_OAuth2($client); 
  152. $this->assertInstanceOf( 
  153. "Google_Auth_LoginTicket",  
  154. $oauth->verifyIdToken($token->id_token, $data->aud) 
  155. ); 
  156.  
  157. /** 
  158. * Test for revoking token when none is opened 
  159. */ 
  160. public function testRevokeWhenNoTokenExists() 
  161. $client = new Google_Client(); 
  162. $this->assertFalse($client->revokeToken()); 
  163.  
  164. /** 
  165. * Test that the ID token is properly refreshed. 
  166. */ 
  167. public function testRefreshTokenSetsValues() 
  168. $client = new Google_Client(); 
  169. $response_data = json_encode(array( 
  170. 'access_token' => "ACCESS_TOKEN",  
  171. 'id_token' => "ID_TOKEN",  
  172. 'expires_in' => "12345",  
  173. )); 
  174. $response = $this->getMock("Google_Http_Request", array(), array('')); 
  175. $response->expects($this->any()) 
  176. ->method('getResponseHttpCode') 
  177. ->will($this->returnValue(200)); 
  178. $response->expects($this->any()) 
  179. ->method('getResponseBody') 
  180. ->will($this->returnValue($response_data)); 
  181. $io = $this->getMock("Google_IO_Stream", array(), array($client)); 
  182. $io->expects($this->any()) 
  183. ->method('makeRequest') 
  184. ->will($this->returnCallback(function($request) use (&$token, $response) { 
  185. $elements = $request->getPostBody(); 
  186. PHPUnit_Framework_TestCase::assertEquals($elements['grant_type'],  
  187. "refresh_token"); 
  188. PHPUnit_Framework_TestCase::assertEquals($elements['refresh_token'],  
  189. "REFRESH_TOKEN"); 
  190. return $response; 
  191. })); 
  192. $client->setIo($io); 
  193. $oauth = new Google_Auth_OAuth2($client); 
  194. $oauth->refreshToken("REFRESH_TOKEN"); 
  195. $token = json_decode($oauth->getAccessToken(), true); 
  196. $this->assertEquals($token['id_token'], "ID_TOKEN");