Home Explore Help
Register Sign In
wangdu
/
wangdu_wechat
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 1d5ef8fe7f
Branches Tags
wangdu_wechat
/
vendor
/
google
/
apiclient
/
tests
/
general
/
ApiOAuth2Test.php

ApiOAuth2Test.php 8.5 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256 
  1. <?php
    2. 

  2. /**
    3. 

  3.  * Licensed to the Apache Software Foundation (ASF) under one
    4. 

  4.  * or more contributor license agreements.  See the NOTICE file
    5. 

  5.  * distributed with this work for additional information
    6. 

  6.  * regarding copyright ownership.  The ASF licenses this file
    7. 

  7.  * to you under the Apache License, Version 2.0 (the
    8. 

  8.  * "License"); you may not use this file except in compliance
    9. 

  9.  * with the License.  You may obtain a copy of the License at
    10. 

  10.  *
    11. 

  11.  *     http://www.apache.org/licenses/LICENSE-2.0
    12. 

  12.  *
    13. 

  13.  * Unless required by applicable law or agreed to in writing,
    14. 

  14.  * software distributed under the License is distributed on an
    15. 

  15.  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
    16. 

  16.  * KIND, either express or implied.  See the License for the
    17. 

  17.  * specific language governing permissions and limitations
    18. 

  18.  * under the License.
    19. 

  19.  */
    20. 

  20. 

  21. class ApiOAuth2Test extends BaseTest
    22. 

  22. {
    23. 

  23. 

  24.   public function testSign()
    25. 

  25.   {
    26. 

  26.     $client = $this->getClient();
    27. 

  27.     $oauth = new Google_Auth_OAuth2($client);
    28. 

  28. 

  29.     $client->setClientId('clientId1');
    30. 

  30.     $client->setClientSecret('clientSecret1');
    31. 

  31.     $client->setRedirectUri('http://localhost');
    32. 

  32.     $client->setDeveloperKey('devKey');
    33. 

  33.     $client->setAccessType('offline');
    34. 

  34.     $client->setApprovalPrompt('force');
    35. 

  35.     $client->setRequestVisibleActions('http://foo');
    36. 

  36. 

  37.     $req = new Google_Http_Request('http://localhost');
    38. 

  38.     $req = $oauth->sign($req);
    39. 

  39. 

  40.     $this->assertEquals('http://localhost?key=devKey', $req->getUrl());
    41. 

  41. 

  42.     // test accessToken
    43. 

  43.     $oauth->setAccessToken(
    44. 

  44.         json_encode(
    45. 

  45.             array(
    46. 

  46.               'access_token' => 'ACCESS_TOKEN',
    47. 

  47.               'created' => time(),
    48. 

  48.               'expires_in' => '3600'
    49. 

  49.             )
    50. 

  50.         )
    51. 

  51.     );
    52. 

  52. 

  53.     $req = $oauth->sign($req);
    54. 

  54.     $auth = $req->getRequestHeader('authorization');
    55. 

  55.     $this->assertEquals('Bearer ACCESS_TOKEN', $auth);
    56. 

  56.   }
    57. 

  57. 

  58.   public function testRevokeAccess()
    59. 

  59.   {
    60. 

  60.     $accessToken = "ACCESS_TOKEN";
    61. 

  61.     $refreshToken = "REFRESH_TOKEN";
    62. 

  62.     $accessToken2 = "ACCESS_TOKEN_2";
    63. 

  63.     $token = "";
    64. 

  64. 

  65.     $client = $this->getClient();
    66. 

  66.     $response = $this->getMock("Google_Http_Request", array(), array(''));
    67. 

  67.     $response->expects($this->any())
    68. 

  68.             ->method('getResponseHttpCode')
    69. 

  69.             ->will($this->returnValue(200));
    70. 

  70.     $io = $this->getMock("Google_IO_Stream", array(), array($client));
    71. 

  71.     $io->expects($this->any())
    72. 

  72.         ->method('makeRequest')
    73. 

  73.         ->will(
    74. 

  74.             $this->returnCallback(
    75. 

  75.                 function ($request) use (&$token, $response) {
    76. 

  76.                   $elements = array();
    77. 

  77.                   parse_str($request->getPostBody(), $elements);
    78. 

  78.                   $token = isset($elements['token']) ? $elements['token'] : null;
    79. 

  79.                   return $response;
    80. 

  80.                 }
    81. 

  81.             )
    82. 

  82.         );
    83. 

  83.     $client->setIo($io);
    84. 

  84. 

  85.     // Test with access token.
    86. 

  86.     $oauth  = new Google_Auth_OAuth2($client);
    87. 

  87.     $oauth->setAccessToken(
    88. 

  88.         json_encode(
    89. 

  89.             array(
    90. 

  90.               'access_token' => $accessToken,
    91. 

  91.               'created' => time(),
    92. 

  92.               'expires_in' => '3600'
    93. 

  93.             )
    94. 

  94.         )
    95. 

  95.     );
    96. 

  96.     $this->assertTrue($oauth->revokeToken());
    97. 

  97.     $this->assertEquals($accessToken, $token);
    98. 

  98. 

  99.     // Test with refresh token.
    100. 

  100.     $oauth  = new Google_Auth_OAuth2($client);
    101. 

  101.     $oauth->setAccessToken(
    102. 

  102.         json_encode(
    103. 

  103.             array(
    104. 

  104.               'access_token' => $accessToken,
    105. 

  105.               'refresh_token' => $refreshToken,
    106. 

  106.               'created' => time(),
    107. 

  107.               'expires_in' => '3600'
    108. 

  108.             )
    109. 

  109.         )
    110. 

  110.     );
    111. 

  111.     $this->assertTrue($oauth->revokeToken());
    112. 

  112.     $this->assertEquals($refreshToken, $token);
    113. 

  113. 

  114.     // Test with passed in token.
    115. 

  115.     $this->assertTrue($oauth->revokeToken($accessToken2));
    116. 

  116.     $this->assertEquals($accessToken2, $token);
    117. 

  117.   }
    118. 

  118. 

  119.   public function testCreateAuthUrl()
    120. 

  120.   {
    121. 

  121.     $client = $this->getClient();
    122. 

  122.     $oauth = new Google_Auth_OAuth2($client);
    123. 

  123. 

  124.     $client->setClientId('clientId1');
    125. 

  125.     $client->setClientSecret('clientSecret1');
    126. 

  126.     $client->setRedirectUri('http://localhost');
    127. 

  127.     $client->setDeveloperKey('devKey');
    128. 

  128.     $client->setAccessType('offline');
    129. 

  129.     $client->setApprovalPrompt('force');
    130. 

  130.     $client->setRequestVisibleActions(array('http://foo'));
    131. 

  131.     $client->setLoginHint("bob@example.org");
    132. 

  132. 

  133.     $authUrl = $oauth->createAuthUrl("http://googleapis.com/scope/foo");
    134. 

  134.     $expected = "https://accounts.google.com/o/oauth2/auth"
    135. 

  135.         . "?response_type=code"
    136. 

  136.         . "&redirect_uri=http%3A%2F%2Flocalhost"
    137. 

  137.         . "&client_id=clientId1"
    138. 

  138.         . "&scope=http%3A%2F%2Fgoogleapis.com%2Fscope%2Ffoo"
    139. 

  139.         . "&access_type=offline"
    140. 

  140.         . "&approval_prompt=force"
    141. 

  141.         . "&login_hint=bob%40example.org";
    142. 

  142.     $this->assertEquals($expected, $authUrl);
    143. 

  143. 

  144.     // Again with a blank login hint (should remove all traces from authUrl)
    145. 

  145.     $client->setLoginHint("");
    146. 

  146.     $client->setHostedDomain("example.com");
    147. 

  147.     $client->setOpenidRealm("example.com");
    148. 

  148.     $client->setPrompt("select_account");
    149. 

  149.     $client->setIncludeGrantedScopes(true);
    150. 

  150.     $authUrl = $oauth->createAuthUrl("http://googleapis.com/scope/foo");
    151. 

  151.     $expected = "https://accounts.google.com/o/oauth2/auth"
    152. 

  152.         . "?response_type=code"
    153. 

  153.         . "&redirect_uri=http%3A%2F%2Flocalhost"
    154. 

  154.         . "&client_id=clientId1"
    155. 

  155.         . "&scope=http%3A%2F%2Fgoogleapis.com%2Fscope%2Ffoo"
    156. 

  156.         . "&access_type=offline"
    157. 

  157.         . "&prompt=select_account"
    158. 

  158.         . "&hd=example.com"
    159. 

  159.         . "&openid.realm=example.com"
    160. 

  160.         . "&include_granted_scopes=true";
    161. 

  161.     $this->assertEquals($expected, $authUrl);
    162. 

  162.   }
    163. 

  163. 

  164.   /**
    165. 

  165.    * Most of the logic for ID token validation is in AuthTest -
    166. 

  166.    * this is just a general check to ensure we verify a valid
    167. 

  167.    * id token if one exists.
    168. 

  168.    */
    169. 

  169.   public function testValidateIdToken()
    170. 

  170.   {
    171. 

  171.     if (!$this->checkToken()) {
    172. 

  172.       return;
    173. 

  173.     }
    174. 

  174. 

  175.     $client = $this->getClient();
    176. 

  176.     $token = json_decode($client->getAccessToken());
    177. 

  177.     $segments = explode(".", $token->id_token);
    178. 

  178.     $this->assertEquals(3, count($segments));
    179. 

  179.     // Extract the client ID in this case as it wont be set on the test client.
    180. 

  180.     $data = json_decode(Google_Utils::urlSafeB64Decode($segments[1]));
    181. 

  181.     $oauth = new Google_Auth_OAuth2($client);
    182. 

  182.     $ticket = $oauth->verifyIdToken($token->id_token, $data->aud);
    183. 

  183.     $this->assertInstanceOf(
    184. 

  184.         "Google_Auth_LoginTicket",
    185. 

  185.         $ticket
    186. 

  186.     );
    187. 

  187.     $this->assertTrue(strlen($ticket->getUserId()) > 0);
    188. 

  188. 

  189.     // TODO: Need to be smart about testing/disabling the
    190. 

  190.     // caching for this test to make sense. Not sure how to do that
    191. 

  191.     // at the moment.
    192. 

  192.     $client = $this->getClient();
    193. 

  193.     $client->setIo(new Google_IO_Stream($client));
    194. 

  194.     $data = json_decode(Google_Utils::urlSafeB64Decode($segments[1]));
    195. 

  195.     $oauth = new Google_Auth_OAuth2($client);
    196. 

  196.     $this->assertInstanceOf(
    197. 

  197.         "Google_Auth_LoginTicket",
    198. 

  198.         $oauth->verifyIdToken($token->id_token, $data->aud)
    199. 

  199.     );
    200. 

  200.   }
    201. 

  201. 

  202.   /**
    203. 

  203.    * Test for revoking token when none is opened
    204. 

  204.    */
    205. 

  205.   public function testRevokeWhenNoTokenExists()
    206. 

  206.   {
    207. 

  207.     $client = new Google_Client();
    208. 

  208.     $this->assertFalse($client->revokeToken());
    209. 

  209.   }
    210. 

  210. 

  211.   /**
    212. 

  212.    * Test that the ID token is properly refreshed.
    213. 

  213.    */
    214. 

  214.   public function testRefreshTokenSetsValues()
    215. 

  215.   {
    216. 

  216.     $client = new Google_Client();
    217. 

  217.     $response_data = json_encode(
    218. 

  218.         array(
    219. 

  219.           'access_token' => "ACCESS_TOKEN",
    220. 

  220.           'id_token' => "ID_TOKEN",
    221. 

  221.           'expires_in' => "12345",
    222. 

  222.         )
    223. 

  223.     );
    224. 

  224.     $response = $this->getMock("Google_Http_Request", array(), array(''));
    225. 

  225.     $response->expects($this->any())
    226. 

  226.             ->method('getResponseHttpCode')
    227. 

  227.             ->will($this->returnValue(200));
    228. 

  228.     $response->expects($this->any())
    229. 

  229.             ->method('getResponseBody')
    230. 

  230.             ->will($this->returnValue($response_data));
    231. 

  231.     $io = $this->getMock("Google_IO_Stream", array(), array($client));
    232. 

  232.     $io->expects($this->any())
    233. 

  233.         ->method('makeRequest')
    234. 

  234.         ->will(
    235. 

  235.             $this->returnCallback(
    236. 

  236.                 function ($request) use (&$token, $response) {
    237. 

  237.                   $elements = $request->getPostBody();
    238. 

  238.                   PHPUnit_Framework_TestCase::assertEquals(
    239. 

  239.                       $elements['grant_type'],
    240. 

  240.                       "refresh_token"
    241. 

  241.                   );
    242. 

  242.                   PHPUnit_Framework_TestCase::assertEquals(
    243. 

  243.                       $elements['refresh_token'],
    244. 

  244.                       "REFRESH_TOKEN"
    245. 

  245.                   );
    246. 

  246.                   return $response;
    247. 

  247.                 }
    248. 

  248.             )
    249. 

  249.         );
    250. 

  250.     $client->setIo($io);
    251. 

  251.     $oauth = new Google_Auth_OAuth2($client);
    252. 

  252.     $oauth->refreshToken("REFRESH_TOKEN");
    253. 

  253.     $token = json_decode($oauth->getAccessToken(), true);
    254. 

  254.     $this->assertEquals($token['id_token'], "ID_TOKEN");
    255. 

  255.   }
    256. 

  256. }
    257.