diff --git a/.github/workflows/backwards-compatibility.yml b/.github/workflows/backwards-compatibility.yml index e15e132b5..cc1971dc9 100644 --- a/.github/workflows/backwards-compatibility.yml +++ b/.github/workflows/backwards-compatibility.yml @@ -14,7 +14,8 @@ jobs: uses: "actions/checkout@v2" with: fetch-depth: 0 - + - name: Fix git safe.directory in container + run: mkdir -p /home/runner/work/_temp/_github_home && printf "[safe]\n\tdirectory = /github/workspace" > /home/runner/work/_temp/_github_home/.gitconfig - name: "Backwards Compatibility Check" uses: docker://nyholm/roave-bc-check-ga with: diff --git a/CHANGELOG.md b/CHANGELOG.md index 7f5f79c4b..902b6119a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,8 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html). ## [Unreleased] +### Fixed +- Fix deprecation notices for PHP 8.x (PR #1329) ## [8.4.0] - released 2023-02-15 ### Added diff --git a/examples/public/client_credentials.php b/examples/public/client_credentials.php index 51a1ca0b7..1e5f090d7 100644 --- a/examples/public/client_credentials.php +++ b/examples/public/client_credentials.php @@ -53,20 +53,16 @@ ]); $app->post('/access_token', function (ServerRequestInterface $request, ResponseInterface $response) use ($app) { - /* @var \League\OAuth2\Server\AuthorizationServer $server */ $server = $app->getContainer()->get(AuthorizationServer::class); try { - // Try to respond to the request return $server->respondToAccessTokenRequest($request, $response); } catch (OAuthServerException $exception) { - // All instances of OAuthServerException can be formatted into a HTTP response return $exception->generateHttpResponse($response); } catch (\Exception $exception) { - // Unknown exception $body = new Stream('php://temp', 'r+'); $body->write($exception->getMessage()); diff --git a/examples/public/password.php b/examples/public/password.php index 6857e988a..db65d7840 100644 --- a/examples/public/password.php +++ b/examples/public/password.php @@ -17,7 +17,6 @@ $app = new App([ // Add the authorization server to the DI container AuthorizationServer::class => function () { - // Setup the authorization server $server = new AuthorizationServer( new ClientRepository(), // instance of ClientRepositoryInterface @@ -46,20 +45,16 @@ $app->post( '/access_token', function (ServerRequestInterface $request, ResponseInterface $response) use ($app) { - /* @var \League\OAuth2\Server\AuthorizationServer $server */ $server = $app->getContainer()->get(AuthorizationServer::class); try { - // Try to respond to the access token request return $server->respondToAccessTokenRequest($request, $response); } catch (OAuthServerException $exception) { - // All instances of OAuthServerException can be converted to a PSR-7 response return $exception->generateHttpResponse($response); } catch (\Exception $exception) { - // Catch unexpected exceptions $body = $response->getBody(); $body->write($exception->getMessage()); diff --git a/phpunit.xml.dist b/phpunit.xml.dist index 5f8851b28..641a4946b 100644 --- a/phpunit.xml.dist +++ b/phpunit.xml.dist @@ -1,6 +1,15 @@ - + ./tests/ diff --git a/src/Entities/Traits/ClientTrait.php b/src/Entities/Traits/ClientTrait.php index a0078d8d7..370163c35 100644 --- a/src/Entities/Traits/ClientTrait.php +++ b/src/Entities/Traits/ClientTrait.php @@ -30,6 +30,7 @@ trait ClientTrait * Get the client's name. * * @return string + * * @codeCoverageIgnore */ public function getName() diff --git a/src/Entities/Traits/ScopeTrait.php b/src/Entities/Traits/ScopeTrait.php index a132234fc..7eacc3359 100644 --- a/src/Entities/Traits/ScopeTrait.php +++ b/src/Entities/Traits/ScopeTrait.php @@ -16,6 +16,7 @@ trait ScopeTrait * * @return string */ + #[\ReturnTypeWillChange] public function jsonSerialize() { return $this->getIdentifier(); diff --git a/src/RequestAccessTokenEvent.php b/src/RequestAccessTokenEvent.php index 99d17bf36..c2f478284 100644 --- a/src/RequestAccessTokenEvent.php +++ b/src/RequestAccessTokenEvent.php @@ -31,6 +31,7 @@ public function __construct($name, ServerRequestInterface $request, AccessTokenE /** * @return AccessTokenEntityInterface + * * @codeCoverageIgnore */ public function getAccessToken() diff --git a/src/RequestEvent.php b/src/RequestEvent.php index b1ca3f6b8..4f7dad097 100644 --- a/src/RequestEvent.php +++ b/src/RequestEvent.php @@ -40,6 +40,7 @@ public function __construct($name, ServerRequestInterface $request) /** * @return ServerRequestInterface + * * @codeCoverageIgnore */ public function getRequest() diff --git a/src/RequestRefreshTokenEvent.php b/src/RequestRefreshTokenEvent.php index 0682e57f5..326a115ed 100644 --- a/src/RequestRefreshTokenEvent.php +++ b/src/RequestRefreshTokenEvent.php @@ -31,6 +31,7 @@ public function __construct($name, ServerRequestInterface $request, RefreshToken /** * @return RefreshTokenEntityInterface + * * @codeCoverageIgnore */ public function getRefreshToken() diff --git a/tests/AuthorizationServerTest.php b/tests/AuthorizationServerTest.php index 1ba4ad9cc..af8c89d8a 100644 --- a/tests/AuthorizationServerTest.php +++ b/tests/AuthorizationServerTest.php @@ -32,6 +32,7 @@ class AuthorizationServerTest extends TestCase { const DEFAULT_SCOPE = 'basic'; + const REDIRECT_URI = 'https://foo/bar'; public function setUp(): void { @@ -86,7 +87,7 @@ public function testRespondToRequest() $client = new ClientEntity(); $client->setConfidential(); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $clientRepository = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepository->method('getClientEntity')->willReturn($client); @@ -245,9 +246,12 @@ public function testCompleteAuthorizationRequest() $server->enableGrantType($grant); + $client = new ClientEntity(); + $client->setRedirectUri(self::REDIRECT_URI); + $authRequest = new AuthorizationRequest(); $authRequest->setAuthorizationApproved(true); - $authRequest->setClient(new ClientEntity()); + $authRequest->setClient($client); $authRequest->setGrantTypeId('authorization_code'); $authRequest->setUser(new UserEntity()); @@ -260,7 +264,7 @@ public function testCompleteAuthorizationRequest() public function testValidateAuthorizationRequest() { $client = new ClientEntity(); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $client->setConfidential(); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); diff --git a/tests/Bootstrap.php b/tests/Bootstrap.php index b02cb7be4..a31ef6f34 100644 --- a/tests/Bootstrap.php +++ b/tests/Bootstrap.php @@ -1,5 +1,7 @@ setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $client->setConfidential(); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); @@ -115,7 +116,7 @@ public function testValidateAuthorizationRequest() [ 'response_type' => 'code', 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, ] ); @@ -125,7 +126,7 @@ public function testValidateAuthorizationRequest() public function testValidateAuthorizationRequestRedirectUriArray() { $client = new ClientEntity(); - $client->setRedirectUri(['http://foo/bar']); + $client->setRedirectUri([self::REDIRECT_URI]); $client->setConfidential(); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -154,7 +155,7 @@ public function testValidateAuthorizationRequestRedirectUriArray() [ 'response_type' => 'code', 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, ] ); @@ -164,7 +165,7 @@ public function testValidateAuthorizationRequestRedirectUriArray() public function testValidateAuthorizationRequestWithoutRedirectUri() { $client = new ClientEntity(); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $client->setConfidential(); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); @@ -206,7 +207,7 @@ public function testValidateAuthorizationRequestWithoutRedirectUri() public function testValidateAuthorizationRequestCodeChallenge() { $client = new ClientEntity(); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -235,7 +236,7 @@ public function testValidateAuthorizationRequestCodeChallenge() [ 'response_type' => 'code', 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code_challenge' => self::CODE_CHALLENGE, ] ); @@ -246,7 +247,7 @@ public function testValidateAuthorizationRequestCodeChallenge() public function testValidateAuthorizationRequestCodeChallengeInvalidLengthTooShort() { $client = new ClientEntity(); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -261,7 +262,7 @@ public function testValidateAuthorizationRequestCodeChallengeInvalidLengthTooSho $request = (new ServerRequest())->withQueryParams([ 'response_type' => 'code', 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code_challenge' => \str_repeat('A', 42), ]); @@ -273,7 +274,7 @@ public function testValidateAuthorizationRequestCodeChallengeInvalidLengthTooSho public function testValidateAuthorizationRequestCodeChallengeInvalidLengthTooLong() { $client = new ClientEntity(); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -288,7 +289,7 @@ public function testValidateAuthorizationRequestCodeChallengeInvalidLengthTooLon $request = (new ServerRequest())->withQueryParams([ 'response_type' => 'code', 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code_challenge' => \str_repeat('A', 129), ]); @@ -300,7 +301,7 @@ public function testValidateAuthorizationRequestCodeChallengeInvalidLengthTooLon public function testValidateAuthorizationRequestCodeChallengeInvalidCharacters() { $client = new ClientEntity(); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -315,7 +316,7 @@ public function testValidateAuthorizationRequestCodeChallengeInvalidCharacters() $request = (new ServerRequest())->withQueryParams([ 'response_type' => 'code', 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code_challenge' => \str_repeat('A', 42) . '!', ]); @@ -371,7 +372,7 @@ public function testValidateAuthorizationRequestInvalidClientId() public function testValidateAuthorizationRequestBadRedirectUriString() { $client = new ClientEntity(); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -397,7 +398,7 @@ public function testValidateAuthorizationRequestBadRedirectUriString() public function testValidateAuthorizationRequestBadRedirectUriArray() { $client = new ClientEntity(); - $client->setRedirectUri(['http://foo/bar']); + $client->setRedirectUri([self::REDIRECT_URI]); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -423,7 +424,7 @@ public function testValidateAuthorizationRequestBadRedirectUriArray() public function testValidateAuthorizationRequestInvalidCodeChallengeMethod() { $client = new ClientEntity(); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -444,7 +445,7 @@ public function testValidateAuthorizationRequestInvalidCodeChallengeMethod() $request = (new ServerRequest())->withQueryParams([ 'response_type' => 'code', 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code_challenge' => 'foobar', 'code_challenge_method' => 'foo', ]); @@ -457,9 +458,12 @@ public function testValidateAuthorizationRequestInvalidCodeChallengeMethod() public function testCompleteAuthorizationRequest() { + $client = new ClientEntity(); + $client->setRedirectUri(self::REDIRECT_URI); + $authRequest = new AuthorizationRequest(); $authRequest->setAuthorizationApproved(true); - $authRequest->setClient(new ClientEntity()); + $authRequest->setClient($client); $authRequest->setGrantTypeId('authorization_code'); $authRequest->setUser(new UserEntity()); @@ -478,9 +482,12 @@ public function testCompleteAuthorizationRequest() public function testCompleteAuthorizationRequestDenied() { + $client = new ClientEntity(); + $client->setRedirectUri(self::REDIRECT_URI); + $authRequest = new AuthorizationRequest(); $authRequest->setAuthorizationApproved(false); - $authRequest->setClient(new ClientEntity()); + $authRequest->setClient($client); $authRequest->setGrantTypeId('authorization_code'); $authRequest->setUser(new UserEntity()); @@ -504,7 +511,7 @@ public function testRespondToAccessTokenRequest() { $client = new ClientEntity(); $client->setIdentifier('foo'); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $client->setConfidential(); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -546,7 +553,7 @@ public function testRespondToAccessTokenRequest() [ 'grant_type' => 'authorization_code', 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code' => $this->cryptStub->doEncrypt( \json_encode( [ @@ -555,7 +562,7 @@ public function testRespondToAccessTokenRequest() 'client_id' => 'foo', 'user_id' => 123, 'scopes' => ['foo'], - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, ] ) ), @@ -572,7 +579,7 @@ public function testRespondToAccessTokenRequest() public function testRespondToAccessTokenRequestUsingHttpBasicAuth() { $client = new ClientEntity(); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $client->setIdentifier('foo'); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -612,7 +619,7 @@ public function testRespondToAccessTokenRequestUsingHttpBasicAuth() [], [ 'grant_type' => 'authorization_code', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code' => $this->cryptStub->doEncrypt( \json_encode( [ @@ -621,7 +628,7 @@ public function testRespondToAccessTokenRequestUsingHttpBasicAuth() 'expire_time' => \time() + 3600, 'user_id' => 123, 'scopes' => ['foo'], - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, ] ) ), @@ -639,7 +646,7 @@ public function testRespondToAccessTokenRequestForPublicClient() { $client = new ClientEntity(); $client->setIdentifier('foo'); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -680,7 +687,7 @@ public function testRespondToAccessTokenRequestForPublicClient() [ 'grant_type' => 'authorization_code', 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code' => $this->cryptStub->doEncrypt( \json_encode( [ @@ -689,7 +696,7 @@ public function testRespondToAccessTokenRequestForPublicClient() 'client_id' => 'foo', 'user_id' => 123, 'scopes' => ['foo'], - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, ] ) ), @@ -707,7 +714,7 @@ public function testRespondToAccessTokenRequestNullRefreshToken() { $client = new ClientEntity(); $client->setIdentifier('foo'); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -748,7 +755,7 @@ public function testRespondToAccessTokenRequestNullRefreshToken() [ 'grant_type' => 'authorization_code', 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code' => $this->cryptStub->doEncrypt( \json_encode( [ @@ -757,7 +764,7 @@ public function testRespondToAccessTokenRequestNullRefreshToken() 'client_id' => 'foo', 'user_id' => 123, 'scopes' => ['foo'], - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, ] ) ), @@ -775,7 +782,7 @@ public function testRespondToAccessTokenRequestCodeChallengePlain() { $client = new ClientEntity(); $client->setIdentifier('foo'); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $client->setConfidential(); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -818,7 +825,7 @@ public function testRespondToAccessTokenRequestCodeChallengePlain() [ 'grant_type' => 'authorization_code', 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code_verifier' => self::CODE_VERIFIER, 'code' => $this->cryptStub->doEncrypt( \json_encode( @@ -828,7 +835,7 @@ public function testRespondToAccessTokenRequestCodeChallengePlain() 'client_id' => 'foo', 'user_id' => 123, 'scopes' => ['foo'], - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code_challenge' => self::CODE_VERIFIER, 'code_challenge_method' => 'plain', ] @@ -848,7 +855,7 @@ public function testRespondToAccessTokenRequestCodeChallengeS256() { $client = new ClientEntity(); $client->setIdentifier('foo'); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $client->setConfidential(); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -891,7 +898,7 @@ public function testRespondToAccessTokenRequestCodeChallengeS256() [ 'grant_type' => 'authorization_code', 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code_verifier' => self::CODE_VERIFIER, 'code' => $this->cryptStub->doEncrypt( \json_encode( @@ -901,7 +908,7 @@ public function testRespondToAccessTokenRequestCodeChallengeS256() 'client_id' => 'foo', 'user_id' => 123, 'scopes' => ['foo'], - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code_challenge' => self::CODE_CHALLENGE, 'code_challenge_method' => 'S256', ] @@ -921,7 +928,7 @@ public function testPKCEDowngradeBlocked() { $client = new ClientEntity(); $client->setIdentifier('foo'); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $client->setConfidential(); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -964,7 +971,7 @@ public function testPKCEDowngradeBlocked() [ 'grant_type' => 'authorization_code', 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code_verifier' => self::CODE_VERIFIER, 'code' => $this->cryptStub->doEncrypt( \json_encode( @@ -974,7 +981,7 @@ public function testPKCEDowngradeBlocked() 'client_id' => 'foo', 'user_id' => 123, 'scopes' => ['foo'], - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, ] ) ), @@ -993,7 +1000,7 @@ public function testRespondToAccessTokenRequestMissingRedirectUri() $client = new ClientEntity(); $client->setIdentifier('foo'); $client->setConfidential(); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -1023,7 +1030,7 @@ public function testRespondToAccessTokenRequestMissingRedirectUri() 'auth_code_id' => \uniqid(), 'expire_time' => \time() + 3600, 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, ] ) ), @@ -1072,7 +1079,7 @@ public function testRespondToAccessTokenRequestRedirectUriMismatch() 'auth_code_id' => \uniqid(), 'expire_time' => \time() + 3600, 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, ] ) ), @@ -1088,7 +1095,7 @@ public function testRespondToAccessTokenRequestRedirectUriMismatch() public function testRespondToAccessTokenRequestMissingCode() { $client = new ClientEntity(); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $client->setConfidential(); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -1119,7 +1126,7 @@ public function testRespondToAccessTokenRequestMissingCode() 'grant_type' => 'authorization_code', 'client_id' => 'foo', 'client_secret' => 'bar', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, ] ); @@ -1133,7 +1140,7 @@ public function testRespondToAccessTokenRequestMissingCode() public function testRespondToAccessTokenRequestWithRefreshTokenInsteadOfAuthCode() { $client = new ClientEntity(); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -1159,7 +1166,7 @@ public function testRespondToAccessTokenRequestWithRefreshTokenInsteadOfAuthCode [ 'grant_type' => 'authorization_code', 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code' => $this->cryptStub->doEncrypt( \json_encode( [ @@ -1186,7 +1193,7 @@ public function testRespondToAccessTokenRequestWithRefreshTokenInsteadOfAuthCode public function testRespondToAccessTokenRequestWithAuthCodeNotAString() { $client = new ClientEntity(); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -1212,7 +1219,7 @@ public function testRespondToAccessTokenRequestWithAuthCodeNotAString() [ 'grant_type' => 'authorization_code', 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code' => ['not', 'a', 'string'], ] ); @@ -1224,7 +1231,7 @@ public function testRespondToAccessTokenRequestWithAuthCodeNotAString() public function testRespondToAccessTokenRequestExpiredCode() { $client = new ClientEntity(); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -1250,7 +1257,7 @@ public function testRespondToAccessTokenRequestExpiredCode() [ 'grant_type' => 'authorization_code', 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code' => $this->cryptStub->doEncrypt( \json_encode( [ @@ -1259,7 +1266,7 @@ public function testRespondToAccessTokenRequestExpiredCode() 'client_id' => 'foo', 'user_id' => 123, 'scopes' => ['foo'], - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, ] ) ), @@ -1278,7 +1285,7 @@ public function testRespondToAccessTokenRequestRevokedCode() { $client = new ClientEntity(); $client->setIdentifier('foo'); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $client->setConfidential(); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -1314,7 +1321,7 @@ public function testRespondToAccessTokenRequestRevokedCode() [ 'grant_type' => 'authorization_code', 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code' => $this->cryptStub->doEncrypt( \json_encode( [ @@ -1323,7 +1330,7 @@ public function testRespondToAccessTokenRequestRevokedCode() 'client_id' => 'foo', 'user_id' => 123, 'scopes' => ['foo'], - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, ] ) ), @@ -1342,7 +1349,7 @@ public function testRespondToAccessTokenRequestClientMismatch() { $client = new ClientEntity(); $client->setIdentifier('foo'); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $client->setConfidential(); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -1375,7 +1382,7 @@ public function testRespondToAccessTokenRequestClientMismatch() [ 'grant_type' => 'authorization_code', 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code' => $this->cryptStub->doEncrypt( \json_encode( [ @@ -1384,7 +1391,7 @@ public function testRespondToAccessTokenRequestClientMismatch() 'client_id' => 'bar', 'user_id' => 123, 'scopes' => ['foo'], - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, ] ) ), @@ -1403,7 +1410,7 @@ public function testRespondToAccessTokenRequestBadCodeEncryption() { $client = new ClientEntity(); $client->setIdentifier('foo'); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $client->setConfidential(); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -1436,7 +1443,7 @@ public function testRespondToAccessTokenRequestBadCodeEncryption() [ 'grant_type' => 'authorization_code', 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code' => 'sdfsfsd', ] ); @@ -1453,7 +1460,7 @@ public function testRespondToAccessTokenRequestBadCodeVerifierPlain() { $client = new ClientEntity(); $client->setIdentifier('foo'); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $client->setConfidential(); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -1495,7 +1502,7 @@ public function testRespondToAccessTokenRequestBadCodeVerifierPlain() [ 'grant_type' => 'authorization_code', 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code_verifier' => self::CODE_VERIFIER, 'code' => $this->cryptStub->doEncrypt( \json_encode( @@ -1505,7 +1512,7 @@ public function testRespondToAccessTokenRequestBadCodeVerifierPlain() 'client_id' => 'foo', 'user_id' => 123, 'scopes' => ['foo'], - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code_challenge' => 'foobar', 'code_challenge_method' => 'plain', ] @@ -1526,7 +1533,7 @@ public function testRespondToAccessTokenRequestBadCodeVerifierS256() { $client = new ClientEntity(); $client->setIdentifier('foo'); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $client->setConfidential(); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -1568,7 +1575,7 @@ public function testRespondToAccessTokenRequestBadCodeVerifierS256() [ 'grant_type' => 'authorization_code', 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code_verifier' => 'nope', 'code' => $this->cryptStub->doEncrypt( \json_encode( @@ -1578,7 +1585,7 @@ public function testRespondToAccessTokenRequestBadCodeVerifierS256() 'client_id' => 'foo', 'user_id' => 123, 'scopes' => ['foo'], - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code_challenge' => 'foobar', 'code_challenge_method' => 'S256', ] @@ -1599,7 +1606,7 @@ public function testRespondToAccessTokenRequestMalformedCodeVerifierS256WithInva { $client = new ClientEntity(); $client->setIdentifier('foo'); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $client->setConfidential(); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -1641,7 +1648,7 @@ public function testRespondToAccessTokenRequestMalformedCodeVerifierS256WithInva [ 'grant_type' => 'authorization_code', 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code_verifier' => 'dqX7C-RbqjHYtytmhGTigKdZCXfxq-+xbsk9_GxUcaE', // Malformed code. Contains `+`. 'code' => $this->cryptStub->doEncrypt( \json_encode( @@ -1651,7 +1658,7 @@ public function testRespondToAccessTokenRequestMalformedCodeVerifierS256WithInva 'client_id' => 'foo', 'user_id' => 123, 'scopes' => ['foo'], - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code_challenge' => self::CODE_CHALLENGE, 'code_challenge_method' => 'S256', ] @@ -1672,7 +1679,7 @@ public function testRespondToAccessTokenRequestMalformedCodeVerifierS256WithInva { $client = new ClientEntity(); $client->setIdentifier('foo'); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $client->setConfidential(); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -1714,7 +1721,7 @@ public function testRespondToAccessTokenRequestMalformedCodeVerifierS256WithInva [ 'grant_type' => 'authorization_code', 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code_verifier' => 'dqX7C-RbqjHY', // Malformed code. Invalid length. 'code' => $this->cryptStub->doEncrypt( \json_encode( @@ -1724,7 +1731,7 @@ public function testRespondToAccessTokenRequestMalformedCodeVerifierS256WithInva 'client_id' => 'foo', 'user_id' => 123, 'scopes' => ['foo'], - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code_challenge' => 'R7T1y1HPNFvs1WDCrx4lfoBS6KD2c71pr8OHvULjvv8', 'code_challenge_method' => 'S256', ] @@ -1745,7 +1752,7 @@ public function testRespondToAccessTokenRequestMissingCodeVerifier() { $client = new ClientEntity(); $client->setIdentifier('foo'); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $client->setConfidential(); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -1787,7 +1794,7 @@ public function testRespondToAccessTokenRequestMissingCodeVerifier() [ 'grant_type' => 'authorization_code', 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code' => $this->cryptStub->doEncrypt( \json_encode( [ @@ -1796,7 +1803,7 @@ public function testRespondToAccessTokenRequestMissingCodeVerifier() 'client_id' => 'foo', 'user_id' => 123, 'scopes' => ['foo'], - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code_challenge' => 'foobar', 'code_challenge_method' => 'plain', ] @@ -1815,9 +1822,12 @@ public function testRespondToAccessTokenRequestMissingCodeVerifier() public function testAuthCodeRepositoryUniqueConstraintCheck() { + $client = new ClientEntity(); + $client->setRedirectUri(self::REDIRECT_URI); + $authRequest = new AuthorizationRequest(); $authRequest->setAuthorizationApproved(true); - $authRequest->setClient(new ClientEntity()); + $authRequest->setClient($client); $authRequest->setGrantTypeId('authorization_code'); $authRequest->setUser(new UserEntity()); @@ -1899,7 +1909,7 @@ public function testRefreshTokenRepositoryUniqueConstraintCheck() { $client = new ClientEntity(); $client->setIdentifier('foo'); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -1950,7 +1960,7 @@ public function testRefreshTokenRepositoryUniqueConstraintCheck() [ 'grant_type' => 'authorization_code', 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code' => $this->cryptStub->doEncrypt( \json_encode( [ @@ -1959,7 +1969,7 @@ public function testRefreshTokenRepositoryUniqueConstraintCheck() 'client_id' => 'foo', 'user_id' => 123, 'scopes' => ['foo'], - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, ] ) ), @@ -1977,7 +1987,7 @@ public function testRefreshTokenRepositoryFailToPersist() { $client = new ClientEntity(); $client->setIdentifier('foo'); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -2018,7 +2028,7 @@ public function testRefreshTokenRepositoryFailToPersist() [ 'grant_type' => 'authorization_code', 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code' => $this->cryptStub->doEncrypt( \json_encode( [ @@ -2027,7 +2037,7 @@ public function testRefreshTokenRepositoryFailToPersist() 'client_id' => 'foo', 'user_id' => 123, 'scopes' => ['foo'], - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, ] ) ), @@ -2048,7 +2058,7 @@ public function testRefreshTokenRepositoryFailToPersistUniqueNoInfiniteLoop() { $client = new ClientEntity(); $client->setIdentifier('foo'); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -2089,7 +2099,7 @@ public function testRefreshTokenRepositoryFailToPersistUniqueNoInfiniteLoop() [ 'grant_type' => 'authorization_code', 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, 'code' => $this->cryptStub->doEncrypt( \json_encode( [ @@ -2098,7 +2108,7 @@ public function testRefreshTokenRepositoryFailToPersistUniqueNoInfiniteLoop() 'client_id' => 'foo', 'user_id' => 123, 'scopes' => ['foo'], - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, ] ) ), @@ -2131,7 +2141,7 @@ public function testCompleteAuthorizationRequestNoUser() public function testPublicClientAuthCodeRequestRejectedWhenCodeChallengeRequiredButNotGiven() { $client = new ClientEntity(); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -2153,7 +2163,7 @@ public function testPublicClientAuthCodeRequestRejectedWhenCodeChallengeRequired $request = (new ServerRequest())->withQueryParams([ 'response_type' => 'code', 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, ]); $this->expectException(OAuthServerException::class); @@ -2165,7 +2175,7 @@ public function testPublicClientAuthCodeRequestRejectedWhenCodeChallengeRequired public function testUseValidRedirectUriIfScopeCheckFails() { $client = new ClientEntity(); - $client->setRedirectUri(['http://foo/bar', 'http://bar/foo']); + $client->setRedirectUri([self::REDIRECT_URI, 'http://bar/foo']); $client->setConfidential(); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); diff --git a/tests/Grant/ImplicitGrantTest.php b/tests/Grant/ImplicitGrantTest.php index 546450384..5f69242c7 100644 --- a/tests/Grant/ImplicitGrantTest.php +++ b/tests/Grant/ImplicitGrantTest.php @@ -25,6 +25,7 @@ class ImplicitGrantTest extends TestCase { const DEFAULT_SCOPE = 'basic'; + const REDIRECT_URI = 'https://foo/bar'; /** * CryptTrait stub @@ -79,7 +80,7 @@ public function testCanRespondToAuthorizationRequest() public function testValidateAuthorizationRequest() { $client = new ClientEntity(); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -95,7 +96,7 @@ public function testValidateAuthorizationRequest() $request = (new ServerRequest())->withQueryParams([ 'response_type' => 'code', 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, ]); $this->assertInstanceOf(AuthorizationRequest::class, $grant->validateAuthorizationRequest($request)); @@ -104,7 +105,7 @@ public function testValidateAuthorizationRequest() public function testValidateAuthorizationRequestRedirectUriArray() { $client = new ClientEntity(); - $client->setRedirectUri(['http://foo/bar']); + $client->setRedirectUri([self::REDIRECT_URI]); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -120,7 +121,7 @@ public function testValidateAuthorizationRequestRedirectUriArray() $request = (new ServerRequest())->withQueryParams([ 'response_type' => 'code', 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', + 'redirect_uri' => self::REDIRECT_URI, ]); $this->assertInstanceOf(AuthorizationRequest::class, $grant->validateAuthorizationRequest($request)); @@ -163,7 +164,7 @@ public function testValidateAuthorizationRequestInvalidClientId() public function testValidateAuthorizationRequestBadRedirectUriString() { $client = new ClientEntity(); - $client->setRedirectUri('http://foo/bar'); + $client->setRedirectUri(self::REDIRECT_URI); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -185,7 +186,7 @@ public function testValidateAuthorizationRequestBadRedirectUriString() public function testValidateAuthorizationRequestBadRedirectUriArray() { $client = new ClientEntity(); - $client->setRedirectUri(['http://foo/bar']); + $client->setRedirectUri([self::REDIRECT_URI]); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock->method('getClientEntity')->willReturn($client); @@ -208,6 +209,7 @@ public function testCompleteAuthorizationRequest() { $client = new ClientEntity(); $client->setIdentifier('identifier'); + $client->setRedirectUri(self::REDIRECT_URI); $authRequest = new AuthorizationRequest(); $authRequest->setAuthorizationApproved(true); @@ -235,9 +237,12 @@ public function testCompleteAuthorizationRequest() public function testCompleteAuthorizationRequestDenied() { + $client = new ClientEntity(); + $client->setRedirectUri(self::REDIRECT_URI); + $authRequest = new AuthorizationRequest(); $authRequest->setAuthorizationApproved(false); - $authRequest->setClient(new ClientEntity()); + $authRequest->setClient($client); $authRequest->setGrantTypeId('authorization_code'); $authRequest->setUser(new UserEntity()); @@ -263,6 +268,7 @@ public function testAccessTokenRepositoryUniqueConstraintCheck() { $client = new ClientEntity(); $client->setIdentifier('identifier'); + $client->setRedirectUri(self::REDIRECT_URI); $authRequest = new AuthorizationRequest(); $authRequest->setAuthorizationApproved(true); diff --git a/tests/Stubs/ScopeEntity.php b/tests/Stubs/ScopeEntity.php index 4e4a6bec5..4c93d91dc 100644 --- a/tests/Stubs/ScopeEntity.php +++ b/tests/Stubs/ScopeEntity.php @@ -9,6 +9,7 @@ class ScopeEntity implements ScopeEntityInterface { use EntityTrait; + #[\ReturnTypeWillChange] public function jsonSerialize() { return $this->getIdentifier();