add tests

hafezdivandari · hafezdivandari · commit f090882655c1 · 2024-10-11T03:14:18.000+03:30
diff --git a/tests/Grant/AuthCodeGrantTest.php b/tests/Grant/AuthCodeGrantTest.php
@@ -469,6 +469,50 @@ public function testValidateAuthorizationRequestInvalidCodeChallengeMethod(): vo
         $grant->validateAuthorizationRequest($request);
     }
 
+    public function testValidateAuthorizationRequestInvalidScopes(): void
+    {
+        $client = new ClientEntity();
+        $client->setRedirectUri(self::REDIRECT_URI);
+        $client->setConfidential();
+
+        $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
+        $clientRepositoryMock->method('getClientEntity')->willReturn($client);
+
+        $scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
+        $scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn(null);
+
+        $grant = new AuthCodeGrant(
+            $this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(),
+            $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(),
+            new DateInterval('PT10M')
+        );
+
+        $grant->setClientRepository($clientRepositoryMock);
+        $grant->setScopeRepository($scopeRepositoryMock);
+        $grant->setDefaultScope(self::DEFAULT_SCOPE);
+
+        $request = (new ServerRequest())->withQueryParams([
+            'response_type' => 'code',
+            'client_id' => 'foo',
+            'redirect_uri' => self::REDIRECT_URI,
+            'scope' => 'foo',
+            'state' => 'foo',
+        ]);
+
+        try {
+            $grant->validateAuthorizationRequest($request);
+        } catch (OAuthServerException $e) {
+            $this->assertSame(5, $e->getCode());
+            $this->assertSame('invalid_scope', $e->getErrorType());
+            $this->assertSame('https://foo/bar?state=foo', $e->getRedirectUri());
+
+            return;
+        }
+
+        $this->expectException(OAuthServerException::class);
+        $this->expectExceptionCode(5);
+    }
+
     public function testCompleteAuthorizationRequest(): void
     {
         $client = new ClientEntity();
@@ -529,6 +573,7 @@ public function testCompleteAuthorizationRequestDenied(): void
         $authRequest->setClient($client);
         $authRequest->setGrantTypeId('authorization_code');
         $authRequest->setUser(new UserEntity());
+        $authRequest->setState('foo');
 
         $authCodeRepository = $this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock();
         $authCodeRepository->method('getNewAuthCode')->willReturn(new AuthCodeEntity());
@@ -540,10 +585,18 @@ public function testCompleteAuthorizationRequestDenied(): void
         );
         $grant->setEncryptionKey($this->cryptStub->getKey());
 
+        try {
+            $grant->completeAuthorizationRequest($authRequest);
+        } catch (OAuthServerException $e) {
+            $this->assertSame(9, $e->getCode());
+            $this->assertSame('access_denied', $e->getErrorType());
+            $this->assertSame('http://foo/bar?state=foo', $e->getRedirectUri());
+
+            return;
+        }
+
         $this->expectException(OAuthServerException::class);
         $this->expectExceptionCode(9);
-
-        $grant->completeAuthorizationRequest($authRequest);
     }
 
     public function testRespondToAccessTokenRequest(): void
diff --git a/tests/Grant/ImplicitGrantTest.php b/tests/Grant/ImplicitGrantTest.php
@@ -95,7 +95,7 @@ public function testValidateAuthorizationRequest(): void
         $grant->setDefaultScope(self::DEFAULT_SCOPE);
 
         $request = (new ServerRequest())->withQueryParams([
-            'response_type' => 'code',
+            'response_type' => 'token',
             'client_id'     => 'foo',
             'redirect_uri'  => self::REDIRECT_URI,
         ]);
@@ -120,7 +120,7 @@ public function testValidateAuthorizationRequestRedirectUriArray(): void
         $grant->setDefaultScope(self::DEFAULT_SCOPE);
 
         $request = (new ServerRequest())->withQueryParams([
-            'response_type' => 'code',
+            'response_type' => 'token',
             'client_id' => 'foo',
             'redirect_uri' => self::REDIRECT_URI,
         ]);
@@ -135,7 +135,7 @@ public function testValidateAuthorizationRequestMissingClientId(): void
         $grant = new ImplicitGrant(new DateInterval('PT10M'));
         $grant->setClientRepository($clientRepositoryMock);
 
-        $request = (new ServerRequest())->withQueryParams(['response_type' => 'code']);
+        $request = (new ServerRequest())->withQueryParams(['response_type' => 'token']);
 
         $this->expectException(OAuthServerException::class);
         $this->expectExceptionCode(3);
@@ -152,7 +152,7 @@ public function testValidateAuthorizationRequestInvalidClientId(): void
         $grant->setClientRepository($clientRepositoryMock);
 
         $request = (new ServerRequest())->withQueryParams([
-            'response_type' => 'code',
+            'response_type' => 'token',
             'client_id'     => 'foo',
         ]);
 
@@ -173,7 +173,7 @@ public function testValidateAuthorizationRequestBadRedirectUriString(): void
         $grant->setClientRepository($clientRepositoryMock);
 
         $request = (new ServerRequest())->withQueryParams([
-            'response_type' => 'code',
+            'response_type' => 'token',
             'client_id' => 'foo',
             'redirect_uri' => 'http://bar',
         ]);
@@ -195,7 +195,7 @@ public function testValidateAuthorizationRequestBadRedirectUriArray(): void
         $grant->setClientRepository($clientRepositoryMock);
 
         $request = (new ServerRequest())->withQueryParams([
-            'response_type' => 'code',
+            'response_type' => 'token',
             'client_id'     => 'foo',
             'redirect_uri'  => 'http://bar',
         ]);
@@ -206,6 +206,45 @@ public function testValidateAuthorizationRequestBadRedirectUriArray(): void
         $grant->validateAuthorizationRequest($request);
     }
 
+    public function testValidateAuthorizationRequestInvalidScopes(): void
+    {
+        $client = new ClientEntity();
+        $client->setRedirectUri(self::REDIRECT_URI);
+
+        $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
+        $clientRepositoryMock->method('getClientEntity')->willReturn($client);
+
+        $scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
+        $scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn(null);
+
+        $grant = new ImplicitGrant(new DateInterval('PT10M'));
+
+        $grant->setClientRepository($clientRepositoryMock);
+        $grant->setScopeRepository($scopeRepositoryMock);
+        $grant->setDefaultScope(self::DEFAULT_SCOPE);
+
+        $request = (new ServerRequest())->withQueryParams([
+            'response_type' => 'token',
+            'client_id' => 'foo',
+            'redirect_uri' => self::REDIRECT_URI,
+            'scope' => 'foo',
+            'state' => 'foo',
+        ]);
+
+        try {
+            $grant->validateAuthorizationRequest($request);
+        } catch (OAuthServerException $e) {
+            $this->assertSame(5, $e->getCode());
+            $this->assertSame('invalid_scope', $e->getErrorType());
+            $this->assertSame('https://foo/bar#state=foo', $e->getRedirectUri());
+
+            return;
+        }
+
+        $this->expectException(OAuthServerException::class);
+        $this->expectExceptionCode(5);
+    }
+
     public function testCompleteAuthorizationRequest(): void
     {
         $client = new ClientEntity();
@@ -248,6 +287,7 @@ public function testCompleteAuthorizationRequestDenied(): void
         $authRequest->setClient($client);
         $authRequest->setGrantTypeId('authorization_code');
         $authRequest->setUser(new UserEntity());
+        $authRequest->setState('foo');
 
         $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
         $accessTokenRepositoryMock->method('getNewToken')->willReturn(new AccessTokenEntity());
@@ -261,10 +301,18 @@ public function testCompleteAuthorizationRequestDenied(): void
         $grant->setAccessTokenRepository($accessTokenRepositoryMock);
         $grant->setScopeRepository($scopeRepositoryMock);
 
+        try {
+            $grant->completeAuthorizationRequest($authRequest);
+        } catch (OAuthServerException $e) {
+            $this->assertSame(9, $e->getCode());
+            $this->assertSame('access_denied', $e->getErrorType());
+            $this->assertSame('https://foo/bar#state=foo', $e->getRedirectUri());
+
+            return;
+        }
+
         $this->expectException(OAuthServerException::class);
         $this->expectExceptionCode(9);
-
-        $grant->completeAuthorizationRequest($authRequest);
     }
 
     public function testAccessTokenRepositoryUniqueConstraintCheck(): void
