diff --git a/.travis.yml b/.travis.yml index f4a1983..a32795a 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,11 +1,9 @@ language: php dist: trusty php: - - 5.5 - - 5.6 - - 7.0 - - 7.1 - 7.2 + - 7.3 + - 7.4 install: - composer install diff --git a/composer.json b/composer.json index 9a9ccab..f1ec58a 100644 --- a/composer.json +++ b/composer.json @@ -17,11 +17,11 @@ ], "require": { - "php": "^5.5.9|^7.0.8|^7.1.3|^7.2.5", - "symfony/http-foundation": "~3.0|~4.0|~5.0" + "php": "^7.2", + "symfony/http-foundation": "^4.4|^5.0" }, "require-dev": { - "phpunit/phpunit": "^4.8 || ^5.0" + "phpunit/phpunit": "^8.5" }, "autoload": { diff --git a/lib/OAuth2.php b/lib/OAuth2.php index 637372d..96753ee 100644 --- a/lib/OAuth2.php +++ b/lib/OAuth2.php @@ -2,7 +2,6 @@ namespace OAuth2; -use OAuth2\Model\IOAuth2AccessToken; use OAuth2\Model\IOAuth2AuthCode; use OAuth2\Model\IOAuth2Client; use Symfony\Component\HttpFoundation\Request; @@ -1008,13 +1007,12 @@ protected function getClientCredentials(array $inputData, array $authHeaders) * * @throws OAuth2ServerException * @throws OAuth2RedirectException - * * @see http://tools.ietf.org/html/draft-ietf-oauth-v2-20#section-4.1.1 * @see http://tools.ietf.org/html/draft-ietf-oauth-v2-21#section-10.12 * * @ingroup oauth2_section_3 */ - protected function getAuthorizeParams(Request $request = null) + public function getAuthorizeParams(Request $request = null) { $filters = array( "client_id" => array( diff --git a/phpunit.xml.dist b/phpunit.xml.dist index c27823d..4d8da63 100644 --- a/phpunit.xml.dist +++ b/phpunit.xml.dist @@ -8,7 +8,6 @@ convertWarningsToExceptions="true" processIsolation="false" stopOnFailure="false" - syntaxCheck="false" bootstrap="vendor/autoload.php" > diff --git a/tests/ExtraHeadersTest.php b/tests/ExtraHeadersTest.php index 52030d4..39a1f17 100644 --- a/tests/ExtraHeadersTest.php +++ b/tests/ExtraHeadersTest.php @@ -1,22 +1,25 @@ array( - "Access-Control-Allow-Origin" => "http://www.foo.com", - "X-Extra-Header-1" => "Foo-Bar", - ), + OAuth2::CONFIG_RESPONSE_EXTRA_HEADERS => [ + 'Access-Control-Allow-Origin' => 'http://www.foo.com', + 'X-Extra-Header-1' => 'Foo-Bar', + ], ); $stub = new OAuth2GrantUserStub(); $stub->addClient(new OAuth2Client('cid', 'cpass')); @@ -32,7 +35,7 @@ public function testErrorResponseContainsExtraHeaders() 'username' => 'foo', 'password' => 'bar', ))); - $this->assertSame("http://www.foo.com", $response->headers->get("Access-Control-Allow-Origin")); - $this->assertSame("Foo-Bar", $response->headers->get("X-Extra-Header-1")); + $this->assertSame('http://www.foo.com', $response->headers->get('Access-Control-Allow-Origin')); + $this->assertSame('Foo-Bar', $response->headers->get('X-Extra-Header-1')); } } diff --git a/tests/Model/OAuth2TokenTest.php b/tests/Model/OAuth2TokenTest.php index 9f06064..508c4a1 100644 --- a/tests/Model/OAuth2TokenTest.php +++ b/tests/Model/OAuth2TokenTest.php @@ -3,10 +3,11 @@ namespace OAuth2\Tests\Model; use OAuth2\Model\OAuth2Token; +use PHPUnit\Framework\TestCase; -class OAuth2TokenTest extends \PHPUnit_Framework_TestCase +class OAuth2TokenTest extends TestCase { - public function testConstruct() + public function testConstruct(): void { $expiresAt = time() + 42; $data = new \stdClass; @@ -23,14 +24,14 @@ public function testConstruct() } /** @dataProvider getTestExpiresData */ - public function testExpires($offset, $expired) + public function testExpires($offset, $expired): void { $token = new OAuth2Token('foo', 'bar', time() + $offset); $this->assertSame($expired, $token->hasExpired()); } - public function getTestExpiresData() + public function getTestExpiresData(): array { return array( array(-10, true), diff --git a/tests/OAuth2ImplicitGrantTypeTest.php b/tests/OAuth2ImplicitGrantTypeTest.php index 4eb6f22..8e4f7ef 100644 --- a/tests/OAuth2ImplicitGrantTypeTest.php +++ b/tests/OAuth2ImplicitGrantTypeTest.php @@ -1,21 +1,24 @@ grantAccessToken() with implicit * */ - public function testGrantAccessTokenWithGrantImplicit() + public function testGrantAccessTokenWithGrantImplicit(): void { $stub = new OAuth2ImplicitStub(); $stub->addClient(new OAuth2Client('blah', 'foo', array('http://www.example.com/'))); @@ -37,7 +40,7 @@ public function testGrantAccessTokenWithGrantImplicit() * Tests OAuth2->grantAccessToken() with implicit * */ - public function testRejectedAccessTokenWithGrantImplicit() + public function testRejectedAccessTokenWithGrantImplicit(): void { //$this->fixture->grantAccessToken(/* parameters */); @@ -58,9 +61,9 @@ public function testRejectedAccessTokenWithGrantImplicit() } catch (OAuth2ServerException $e) { $this->assertSame('access_denied', $e->getMessage()); $this->assertSame('The user denied access to your application', $e->getDescription()); - $this->assertSame(array( + $this->assertSame([ 'Location' => 'http://www.example.com/?foo=bar#error=access_denied&error_description=The+user+denied+access+to+your+application&state=42', - ), $e->getResponseHeaders()); + ], $e->getResponseHeaders()); } } } diff --git a/tests/OAuth2OutputTest.php b/tests/OAuth2OutputTest.php index 1db2331..9407bdf 100644 --- a/tests/OAuth2OutputTest.php +++ b/tests/OAuth2OutputTest.php @@ -1,14 +1,19 @@ grantAccessToken() with successful Auth code grant * */ - public function testGrantAccessTokenWithGrantAuthCodeSuccess() + public function testGrantAccessTokenWithGrantAuthCodeSuccess(): void { $request = new Request( - array('grant_type' => OAuth2::GRANT_TYPE_AUTH_CODE, 'redirect_uri' => 'http://www.example.com/my/subdir', 'client_id' => 'my_little_app', 'client_secret' => 'b', 'code'=> 'foo') + [ + 'grant_type' => OAuth2::GRANT_TYPE_AUTH_CODE, + 'redirect_uri' => 'http://www.example.com/my/subdir', + 'client_id' => 'my_little_app', + 'client_secret' => 'b', + 'code'=> 'foo' + ] ); $storedToken = new OAuth2AuthCode('my_little_app', '', time() + 60, null, null, 'http://www.example.com'); - $mockStorage = $this->createBaseMock('OAuth2\IOAuth2GrantCode'); + $mockStorage = $this->createBaseMock(IOAuth2GrantCode::class); $mockStorage->expects($this->any()) ->method('getAuthCode') - ->will($this->returnValue($storedToken)); + ->willReturn($storedToken); $this->fixture = new OAuth2($mockStorage); $response = $this->fixture->grantAccessToken($request); @@ -41,17 +52,29 @@ public function testGrantAccessTokenWithGrantAuthCodeSuccess() /** * Tests OAuth2->grantAccessToken() with successful Auth code grant, but without redreict_uri in the input */ - public function testGrantAccessTokenWithGrantAuthCodeSuccessWithoutRedirect() + public function testGrantAccessTokenWithGrantAuthCodeSuccessWithoutRedirect(): void { $request = new Request( - array('grant_type' => OAuth2::GRANT_TYPE_AUTH_CODE, 'client_id' => 'my_little_app', 'client_secret' => 'b', 'code'=> 'foo') + [ + 'grant_type' => OAuth2::GRANT_TYPE_AUTH_CODE, + 'client_id' => 'my_little_app', + 'client_secret' => 'b', + 'code'=> 'foo' + ] + ); + $storedToken = new OAuth2AuthCode( + 'my_little_app', + '', + time() + 60, + null, + null, + 'http://www.example.com' ); - $storedToken = new OAuth2AuthCode('my_little_app', '', time() + 60, null, null, 'http://www.example.com'); - $mockStorage = $this->createBaseMock('OAuth2\IOAuth2GrantCode'); + $mockStorage = $this->createBaseMock(IOAuth2GrantCode::class); $mockStorage->expects($this->any()) ->method('getAuthCode') - ->will($this->returnValue($storedToken)); + ->willReturn($storedToken); $this->fixture = new OAuth2($mockStorage); $this->fixture->setVariable(OAuth2::CONFIG_ENFORCE_INPUT_REDIRECT, false); @@ -63,28 +86,25 @@ public function testGrantAccessTokenWithGrantAuthCodeSuccessWithoutRedirect() // Utility methods - /** - * - * @param string $interfaceName - */ - protected function createBaseMock($interfaceName) + + protected function createBaseMock(string $interfaceName): MockObject { $client = new OAuth2Client('my_little_app'); $mockStorage = $this->getMockBuilder($interfaceName)->getMock(); $mockStorage->expects($this->any()) ->method('getClient') - ->will($this->returnCallback(function ($id) use ($client) { + ->willReturnCallback(function ($id) use ($client) { if ('my_little_app' === $id) { return $client; } - })); + }); $mockStorage->expects($this->any()) ->method('checkClientCredentials') - ->will($this->returnValue(true)); // Always return true for any combination of user/pass + ->willReturn(true); // Always return true for any combination of user/pass $mockStorage->expects($this->any()) ->method('checkRestrictedGrantType') - ->will($this->returnValue(true)); // Always return true for any combination of user/pass + ->willReturn(true); // Always return true for any combination of user/pass return $mockStorage; } diff --git a/tests/OAuth2Test.php b/tests/OAuth2Test.php index fceef71..f999e18 100644 --- a/tests/OAuth2Test.php +++ b/tests/OAuth2Test.php @@ -1,5 +1,7 @@ verifyAccessToken() with a missing token */ - public function testVerifyAccessTokenWithNoParam() + public function testVerifyAccessTokenWithNoParam(): void { - $mockStorage = $this->getMockBuilder('OAuth2\IOAuth2Storage')->getMock(); + $mockStorage = $this->getMockBuilder(IOAuth2Storage::class)->getMock(); $this->fixture = new OAuth2($mockStorage); $scope = null; - $this->setExpectedException('OAuth2\OAuth2AuthenticateException'); + $this->expectException(OAuth2AuthenticateException::class); $this->fixture->verifyAccessToken('', $scope); } /** * Tests OAuth2->verifyAccessToken() with a invalid token */ - public function testVerifyAccessTokenInvalidToken() + public function testVerifyAccessTokenInvalidToken(): void { // Set up the mock storage to say this token does not exist - $mockStorage = $this->getMockBuilder('OAuth2\IOAuth2Storage')->getMock(); + $mockStorage = $this->getMockBuilder(IOAuth2Storage::class)->getMock(); $mockStorage->expects($this->once()) ->method('getAccessToken') - ->will($this->returnValue(false)); + ->willReturn(false); $this->fixture = new OAuth2($mockStorage); $scope = null; - $this->setExpectedException('OAuth2\OAuth2AuthenticateException'); + $this->expectException(OAuth2AuthenticateException::class); $this->fixture->verifyAccessToken($this->tokenId, $scope); } @@ -62,19 +68,21 @@ public function testVerifyAccessTokenInvalidToken() * Tests OAuth2->verifyAccessToken() with a malformed token * * @dataProvider generateMalformedTokens + * @param IOAuth2AccessToken $token + * @throws OAuth2AuthenticateException */ - public function testVerifyAccessTokenMalformedToken(IOAuth2AccessToken $token) + public function testVerifyAccessTokenMalformedToken(IOAuth2AccessToken $token): void { // Set up the mock storage to say this token does not exist - $mockStorage = $this->getMockBuilder('OAuth2\IOAuth2Storage')->getMock(); + $mockStorage = $this->getMockBuilder(IOAuth2Storage::class)->getMock(); $mockStorage->expects($this->once()) ->method('getAccessToken') - ->will($this->returnValue($token)); + ->willReturn($token); $this->fixture = new OAuth2($mockStorage); $scope = null; - $this->setExpectedException('OAuth2\OAuth2AuthenticateException'); + $this->expectException(OAuth2AuthenticateException::class); $this->fixture->verifyAccessToken($this->tokenId, $scope); } @@ -82,14 +90,19 @@ public function testVerifyAccessTokenMalformedToken(IOAuth2AccessToken $token) * Tests OAuth2->verifyAccessToken() with different expiry dates * * @dataProvider generateExpiryTokens + * @param IOAuth2AccessToken $token + * @param $expectedToPass + * @throws OAuth2AuthenticateException */ - public function testVerifyAccessTokenCheckExpiry(IOAuth2AccessToken $token, $expectedToPass) - { + public function testVerifyAccessTokenCheckExpiry( + IOAuth2AccessToken $token, + $expectedToPass + ): void { // Set up the mock storage to say this token does not exist - $mockStorage = $this->getMockBuilder('OAuth2\IOAuth2Storage')->getMock(); + $mockStorage = $this->getMockBuilder(IOAuth2Storage::class)->getMock(); $mockStorage->expects($this->once()) ->method('getAccessToken') - ->will($this->returnValue($token)); + ->willReturn($token); $this->fixture = new OAuth2($mockStorage); @@ -98,10 +111,10 @@ public function testVerifyAccessTokenCheckExpiry(IOAuth2AccessToken $token, $exp // When valid, we just want any sort of token if ($expectedToPass) { $actual = $this->fixture->verifyAccessToken($this->tokenId, $scope); - $this->assertNotEmpty($actual, "verifyAccessToken() was expected to PASS, but it failed"); - $this->assertInstanceOf('OAuth2\Model\IOAuth2AccessToken', $actual); + $this->assertNotEmpty($actual, 'verifyAccessToken() was expected to PASS, but it failed'); + $this->assertInstanceOf(IOAuth2AccessToken::class, $actual); } else { - $this->setExpectedException('OAuth2\OAuth2AuthenticateException'); + $this->expectException(OAuth2AuthenticateException::class); $this->fixture->verifyAccessToken($this->tokenId, $scope); } } @@ -110,24 +123,31 @@ public function testVerifyAccessTokenCheckExpiry(IOAuth2AccessToken $token, $exp * Tests OAuth2->verifyAccessToken() with different scopes * * @dataProvider generateScopes + * @param $scopeRequired + * @param IOAuth2AccessToken $token + * @param $expectedToPass + * @throws OAuth2AuthenticateException */ - public function testVerifyAccessTokenCheckScope($scopeRequired, IOAuth2AccessToken $token, $expectedToPass) - { + public function testVerifyAccessTokenCheckScope( + $scopeRequired, + IOAuth2AccessToken $token, + $expectedToPass + ): void { // Set up the mock storage to say this token does not exist - $mockStorage = $this->getMockBuilder('OAuth2\IOAuth2Storage')->getMock(); + $mockStorage = $this->getMockBuilder(IOAuth2Storage::class)->getMock(); $mockStorage->expects($this->once()) ->method('getAccessToken') - ->will($this->returnValue($token)); + ->willReturn($token); $this->fixture = new OAuth2($mockStorage); // When valid, we just want any sort of token if ($expectedToPass) { $actual = $this->fixture->verifyAccessToken($this->tokenId, $scopeRequired); - $this->assertNotEmpty($actual, "verifyAccessToken() was expected to PASS, but it failed"); - $this->assertInstanceOf('OAuth2\Model\IOAuth2AccessToken', $actual); + $this->assertNotEmpty($actual, 'verifyAccessToken() was expected to PASS, but it failed'); + $this->assertInstanceOf(IOAuth2AccessToken::class, $actual); } else { - $this->setExpectedException('OAuth2\OAuth2AuthenticateException'); + $this->expectException(OAuth2AuthenticateException::class); $this->fixture->verifyAccessToken($this->tokenId, $scopeRequired); } } @@ -137,12 +157,12 @@ public function testVerifyAccessTokenCheckScope($scopeRequired, IOAuth2AccessTok * * @dataProvider generateEmptyDataForGrant */ - public function testGrantAccessTokenMissingData($request) + public function testGrantAccessTokenMissingData($request): void { - $mockStorage = $this->getMockBuilder('OAuth2\IOAuth2Storage')->getMock(); + $mockStorage = $this->getMockBuilder(IOAuth2Storage::class)->getMock(); $this->fixture = new OAuth2($mockStorage); - $this->setExpectedException('OAuth2\OAuth2ServerException'); + $this->expectException(OAuth2ServerException::class); $this->fixture->grantAccessToken($request); } @@ -151,15 +171,15 @@ public function testGrantAccessTokenMissingData($request) * * Tests the different ways client credentials can be provided. */ - public function testGrantAccessTokenCheckClientCredentials() + public function testGrantAccessTokenCheckClientCredentials(): void { - $mockStorage = $this->getMockBuilder('OAuth2\IOAuth2Storage')->getMock(); + $mockStorage = $this->getMockBuilder(IOAuth2Storage::class)->getMock(); $mockStorage->expects($this->any()) ->method('getClient') - ->will($this->returnValue(new OAuth2Client('dev-abc'))); + ->willReturn(new OAuth2Client('dev-abc')); $mockStorage->expects($this->any()) ->method('checkClientCredentials') - ->will($this->returnValue(true)); // Always return true for any combination of user/pass + ->willReturn(true); // Always return true for any combination of user/pass $this->fixture = new OAuth2($mockStorage); $inputData = array('grant_type' => OAuth2::GRANT_TYPE_AUTH_CODE); @@ -169,29 +189,36 @@ public function testGrantAccessTokenCheckClientCredentials() try { $this->fixture->grantAccessToken($request); $this->fail('The expected exception OAuth2ServerException was not thrown'); - } catch ( OAuth2ServerException $e ) { + } catch (OAuth2ServerException $e) { $this->assertEquals(OAuth2::ERROR_INVALID_CLIENT, $e->getMessage()); } // Confirm Auth header - $authHeaders = array('PHP_AUTH_USER' => 'dev-abc', 'PHP_AUTH_PW' => 'pass'); - $inputData = array('grant_type' => OAuth2::GRANT_TYPE_AUTH_CODE, 'client_id' => 'dev-abc'); // When using auth, client_id must match + $authHeaders = ['PHP_AUTH_USER' => 'dev-abc', 'PHP_AUTH_PW' => 'pass']; + $inputData = [ + 'grant_type' => OAuth2::GRANT_TYPE_AUTH_CODE, + 'client_id' => 'dev-abc' + ]; // When using auth, client_id must match $request = $this->createRequest($inputData, $authHeaders); try { $this->fixture->grantAccessToken($request); $this->fail('The expected exception OAuth2ServerException was not thrown'); - } catch ( OAuth2ServerException $e ) { + } catch (OAuth2ServerException $e) { $this->assertNotEquals(OAuth2::ERROR_INVALID_CLIENT, $e->getMessage()); } // Confirm GET/POST $authHeaders = array(); - $inputData = array('grant_type' => OAuth2::GRANT_TYPE_AUTH_CODE, 'client_id' => 'dev-abc', 'client_secret' => 'foo'); // When using auth, client_id must match + $inputData = [ + 'grant_type' => OAuth2::GRANT_TYPE_AUTH_CODE, + 'client_id' => 'dev-abc', + 'client_secret' => 'foo' + ]; // When using auth, client_id must match $request = $this->createRequest($inputData, $authHeaders); try { $this->fixture->grantAccessToken($request); $this->fail('The expected exception OAuth2ServerException was not thrown'); - } catch ( OAuth2ServerException $e ) { + } catch (OAuth2ServerException $e) { $this->assertNotEquals(OAuth2::ERROR_INVALID_CLIENT, $e->getMessage()); } } @@ -200,10 +227,14 @@ public function testGrantAccessTokenCheckClientCredentials() * Tests OAuth2->grantAccessToken() with successful Client Credentials grant * */ - public function testGrantAccessTokenWithClientCredentialsSuccess() + public function testGrantAccessTokenWithClientCredentialsSuccess(): void { $request = new Request( - array('grant_type' => OAuth2::GRANT_TYPE_CLIENT_CREDENTIALS, 'client_id' => 'my_little_app', 'client_secret' => 'b') + [ + 'grant_type' => OAuth2::GRANT_TYPE_CLIENT_CREDENTIALS, + 'client_id' => 'my_little_app', + 'client_secret' => 'b' + ] ); $storage = new OAuth2StorageStub; @@ -215,22 +246,25 @@ public function testGrantAccessTokenWithClientCredentialsSuccess() $response = $this->fixture->grantAccessToken($request); // Successful token grant will return a JSON encoded token WITHOUT a refresh token: - $this->assertRegExp('/^{"access_token":"[^"]+","expires_in":[^"]+,"token_type":"bearer","scope":null}$/', $response->getContent()); + $this->assertRegExp( + '/^{"access_token":"[^"]+","expires_in":[^"]+,"token_type":"bearer","scope":null}$/', + $response->getContent() + ); } /** * Tests OAuth2->grantAccessToken() with Auth code grant * */ - public function testGrantAccessTokenWithGrantAuthCodeMandatoryParams() + public function testGrantAccessTokenWithGrantAuthCodeMandatoryParams(): void { - $mockStorage = $this->createBaseMock('OAuth2\IOAuth2GrantCode'); - $mockStorage->expects($this->any()) + $mockStorage = $this->createBaseMock(IOAuth2GrantCode::class); + $mockStorage ->method('getClient') - ->will($this->returnValue(new OAuth2Client('dev-abc'))); - $mockStorage->expects($this->any()) + ->willReturn(new OAuth2Client('dev-abc')); + $mockStorage ->method('checkClientCredentials') - ->will($this->returnValue(true)); // Always return true for any combination of user/pass + ->willReturn(true); // Always return true for any combination of user/pass $inputData = array('grant_type' => OAuth2::GRANT_TYPE_AUTH_CODE, 'client_id' => 'a', 'client_secret' => 'b'); @@ -241,7 +275,7 @@ public function testGrantAccessTokenWithGrantAuthCodeMandatoryParams() $request = $this->createRequest($inputData + array('code' => 'foo')); $this->fixture->grantAccessToken($request); $this->fail('The expected exception OAuth2ServerException was not thrown'); - } catch ( OAuth2ServerException $e ) { + } catch (OAuth2ServerException $e) { $this->assertEquals(OAuth2::ERROR_INVALID_REQUEST, $e->getMessage()); } try { @@ -249,7 +283,7 @@ public function testGrantAccessTokenWithGrantAuthCodeMandatoryParams() $request = $this->createRequest($inputData + array('redirect_uri' => 'foo')); $this->fixture->grantAccessToken($request); $this->fail('The expected exception OAuth2ServerException was not thrown'); - } catch ( OAuth2ServerException $e ) { + } catch (OAuth2ServerException $e) { $this->assertEquals(OAuth2::ERROR_INVALID_REQUEST, $e->getMessage()); } } @@ -258,17 +292,23 @@ public function testGrantAccessTokenWithGrantAuthCodeMandatoryParams() * Tests OAuth2->grantAccessToken() with Auth code grant * */ - public function testGrantAccessTokenWithGrantAuthCodeNoToken() + public function testGrantAccessTokenWithGrantAuthCodeNoToken(): void { - $mockStorage = $this->createBaseMock('OAuth2\IOAuth2GrantCode'); - $mockStorage->expects($this->any()) + $mockStorage = $this->createBaseMock(IOAuth2GrantCode::class); + $mockStorage ->method('getClient') - ->will($this->returnValue(new OAuth2Client('dev-abc'))); - $mockStorage->expects($this->any()) + ->willReturn(new OAuth2Client('dev-abc')); + $mockStorage ->method('checkClientCredentials') - ->will($this->returnValue(true)); // Always return true for any combination of user/pass + ->willReturn(true); // Always return true for any combination of user/pass - $inputData = array('grant_type' => OAuth2::GRANT_TYPE_AUTH_CODE, 'client_id' => 'a', 'client_secret' => 'b', 'redirect_uri' => 'foo', 'code'=> 'foo'); + $inputData = [ + 'grant_type' => OAuth2::GRANT_TYPE_AUTH_CODE, + 'client_id' => 'a', + 'client_secret' => 'b', + 'redirect_uri' => 'foo', + 'code'=> 'foo' + ]; // Ensure missing auth code raises an error try { @@ -276,7 +316,7 @@ public function testGrantAccessTokenWithGrantAuthCodeNoToken() $request = $this->createRequest($inputData); $this->fixture->grantAccessToken($request); $this->fail('The expected exception OAuth2ServerException was not thrown'); - } catch ( OAuth2ServerException $e ) { + } catch (OAuth2ServerException $e) { $this->assertEquals(OAuth2::ERROR_INVALID_GRANT, $e->getMessage()); } } @@ -1076,14 +1116,31 @@ public function getTestGetBearerTokenData() $data[] = array(new Request(array('access_token' => 'foo')), 'foo', true); foreach (array('POST', 'PUT', 'DELETE', 'FOOBAR') as $method) { - // $method without remove - $request = Request::create('/', $method, array(), array(), array(), array('CONTENT_TYPE' => 'application/x-www-form-urlencoded'), 'access_token=foo'); - $data[] = array($request, 'foo'); + $request = Request::create( + '/', + $method, + [], + [], + [], + ['CONTENT_TYPE' => 'application/x-www-form-urlencoded'], + 'access_token=foo' + ); + $data[] = [$request, 'foo']; // $method without remove and charset - $request = Request::create('/', $method, array(), array(), array(), array('CONTENT_TYPE' => 'application/x-www-form-urlencoded; charset=utf-8'), 'access_token=foo'); - $data[] = array($request, 'foo'); + $request = Request::create( + '/', + $method, + [], + [], + [], + [ + 'CONTENT_TYPE' => 'application/x-www-form-urlencoded; charset=utf-8' + ], + 'access_token=foo' + ); + $data[] = [$request, 'foo']; // $method without remove and additional information $request = Request::create('/', $method, array(), array(), array(), array('CONTENT_TYPE' => 'application/x-www-form-urlencoded mode=baz'), 'access_token=foo'); @@ -1170,7 +1227,6 @@ public function getTestGetBearerTokenData() $data[] = array($request, 'foo'); return $data; - } // Utility methods @@ -1178,18 +1234,21 @@ public function getTestGetBearerTokenData() /** * * @param string $interfaceName + * @return IOAuth2Storage */ - protected function createBaseMock($interfaceName) + protected function createBaseMock($interfaceName) : IOAuth2Storage { $mockStorage = $this->getMockBuilder($interfaceName)->getMock(); - $mockStorage->expects($this->any()) + $mockStorage ->method('checkClientCredentials') - ->will($this->returnValue(true)); // Always return true for any combination of user/pass - $mockStorage->expects($this->any()) + ->willReturn(true); // Always return true for any combination of user/pass + $mockStorage ->method('checkRestrictedGrantType') - ->will($this->returnValue(true)); // Always return true for any combination of user/pass + ->willReturn(true); // Always return true for any combination of user/pass - return $mockStorage; + /** @var IOAuth2Storage $mockStorage */ + $theMock = $mockStorage; + return $theMock; } // Data Providers below: @@ -1199,7 +1258,7 @@ protected function createBaseMock($interfaceName) * * Produces malformed access tokens */ - public function generateMalformedTokens() + public function generateMalformedTokens(): array { return array( array(new OAuth2AccessToken(null, null, null)), @@ -1211,16 +1270,16 @@ public function generateMalformedTokens() * * Produces malformed access tokens */ - public function generateExpiryTokens() + public function generateExpiryTokens(): array { return array( - array(new OAuth2AccessToken('blah', '', time() - 30), false), // 30 seconds ago should fail - array(new OAuth2AccessToken('blah', '', time() - 1), false), // now-ish should fail - array(new OAuth2AccessToken('blah', '', 0), false), // 1970 should fail - array(new OAuth2AccessToken('blah', '', time() + 30), true), // 30 seconds in the future should be valid - array(new OAuth2AccessToken('blah', '', time() + 86400), true), // 1 day in the future should be valid - array(new OAuth2AccessToken('blah', '', time() + (365 * 86400)), true), // 1 year should be valid - array(new OAuth2AccessToken('blah', '', time() + (10 * 365 * 86400)), true), // 10 years should be valid + [new OAuth2AccessToken('blah', '', time() - 30), false], // 30 seconds ago should fail + [new OAuth2AccessToken('blah', '', time() - 1), false], // now-ish should fail + [new OAuth2AccessToken('blah', '', 0), false], // 1970 should fail + [new OAuth2AccessToken('blah', '', time() + 30), true], // 30 seconds in the future should be valid + [new OAuth2AccessToken('blah', '', time() + 86400), true], // 1 day in the future should be valid + [new OAuth2AccessToken('blah', '', time() + (365 * 86400)), true], // 1 year should be valid + [new OAuth2AccessToken('blah', '', time() + (10 * 365 * 86400)), true], // 10 years should be valid ); } @@ -1229,9 +1288,9 @@ public function generateExpiryTokens() * * Produces malformed access tokens */ - public function generateScopes() + public function generateScopes(): array { - $token = function ($scope) { + $token = static function ($scope) { return new OAuth2AccessToken('blah', '', time() + 60, $scope); }; @@ -1258,32 +1317,33 @@ public function generateScopes() /** * Provider for OAuth2->grantAccessToken() */ - public function generateEmptyDataForGrant() + public function generateEmptyDataForGrant(): array { - return array( - array( - $this->createRequest(array(), array()) - ), - array( - $this->createRequest(array(), array('grant_type' => OAuth2::GRANT_TYPE_AUTH_CODE)) // grant_type in auth headers should be ignored - ), - array( - $this->createRequest(array('not_grant_type' => 5), array()) - ), - ); + return [ + [ + $this->createRequest([], []) + ], + [ + $this->createRequest( + [], + ['grant_type' => OAuth2::GRANT_TYPE_AUTH_CODE] + ) // grant_type in auth headers should be ignored + ], + [ + $this->createRequest(['not_grant_type' => 5], []) + ], + ]; } - public function createRequest(array $query = array(), array $headers = array()) + public function createRequest(array $query = [], array $headers = []): Request { - $request = new Request( - $query // _GET - , array() // _REQUEST - , array() // attributes - , array() // _COOKIES - , array() // _FILES - , $headers // _SERVER + return new Request( + $query, // _GET + [], // _REQUEST + [], // attributes + [], // _COOKIES + [], // _FILES + $headers // _SERVER ); - - return $request; } }