| Server IP : 79.136.114.73 / Your IP : 216.73.216.227 Web Server : Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.29 OpenSSL/1.0.1f System : Linux b8009 3.13.0-170-generic #220-Ubuntu SMP Thu May 9 12:40:49 UTC 2019 x86_64 User : www-data ( 33) PHP Version : 5.5.9-1ubuntu4.29 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority, MySQL : ON | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /var/www/icad.astacus.se/google/vendor/google/apiclient/tests/general/ |
Upload File : |
<?php
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
class ApiOAuth2Test extends BaseTest
{
public function testSign()
{
$client = $this->getClient();
$oauth = new Google_Auth_OAuth2($client);
$client->setClientId('clientId1');
$client->setClientSecret('clientSecret1');
$client->setRedirectUri('http://localhost');
$client->setDeveloperKey('devKey');
$client->setAccessType('offline');
$client->setApprovalPrompt('force');
$client->setRequestVisibleActions('http://foo');
$req = new Google_Http_Request('http://localhost');
$req = $oauth->sign($req);
$this->assertEquals('http://localhost?key=devKey', $req->getUrl());
// test accessToken
$oauth->setAccessToken(
json_encode(
array(
'access_token' => 'ACCESS_TOKEN',
'created' => time(),
'expires_in' => '3600'
)
)
);
$req = $oauth->sign($req);
$auth = $req->getRequestHeader('authorization');
$this->assertEquals('Bearer ACCESS_TOKEN', $auth);
}
public function testRevokeAccess()
{
$accessToken = "ACCESS_TOKEN";
$refreshToken = "REFRESH_TOKEN";
$accessToken2 = "ACCESS_TOKEN_2";
$token = "";
$client = $this->getClient();
$response = $this->getMock("Google_Http_Request", array(), array(''));
$response->expects($this->any())
->method('getResponseHttpCode')
->will($this->returnValue(200));
$io = $this->getMock("Google_IO_Stream", array(), array($client));
$io->expects($this->any())
->method('makeRequest')
->will(
$this->returnCallback(
function ($request) use (&$token, $response) {
$elements = array();
parse_str($request->getPostBody(), $elements);
$token = isset($elements['token']) ? $elements['token'] : null;
return $response;
}
)
);
$client->setIo($io);
// Test with access token.
$oauth = new Google_Auth_OAuth2($client);
$oauth->setAccessToken(
json_encode(
array(
'access_token' => $accessToken,
'created' => time(),
'expires_in' => '3600'
)
)
);
$this->assertTrue($oauth->revokeToken());
$this->assertEquals($accessToken, $token);
// Test with refresh token.
$oauth = new Google_Auth_OAuth2($client);
$oauth->setAccessToken(
json_encode(
array(
'access_token' => $accessToken,
'refresh_token' => $refreshToken,
'created' => time(),
'expires_in' => '3600'
)
)
);
$this->assertTrue($oauth->revokeToken());
$this->assertEquals($refreshToken, $token);
// Test with passed in token.
$this->assertTrue($oauth->revokeToken($accessToken2));
$this->assertEquals($accessToken2, $token);
}
public function testCreateAuthUrl()
{
$client = $this->getClient();
$oauth = new Google_Auth_OAuth2($client);
$client->setClientId('clientId1');
$client->setClientSecret('clientSecret1');
$client->setRedirectUri('http://localhost');
$client->setDeveloperKey('devKey');
$client->setAccessType('offline');
$client->setApprovalPrompt('force');
$client->setRequestVisibleActions(array('http://foo'));
$client->setLoginHint("bob@example.org");
$authUrl = $oauth->createAuthUrl("http://googleapis.com/scope/foo");
$expected = "https://accounts.google.com/o/oauth2/auth"
. "?response_type=code"
. "&redirect_uri=http%3A%2F%2Flocalhost"
. "&client_id=clientId1"
. "&scope=http%3A%2F%2Fgoogleapis.com%2Fscope%2Ffoo"
. "&access_type=offline"
. "&approval_prompt=force"
. "&login_hint=bob%40example.org";
$this->assertEquals($expected, $authUrl);
// Again with a blank login hint (should remove all traces from authUrl)
$client->setLoginHint("");
$client->setHostedDomain("example.com");
$client->setOpenidRealm("example.com");
$client->setPrompt("select_account");
$client->setIncludeGrantedScopes(true);
$authUrl = $oauth->createAuthUrl("http://googleapis.com/scope/foo");
$expected = "https://accounts.google.com/o/oauth2/auth"
. "?response_type=code"
. "&redirect_uri=http%3A%2F%2Flocalhost"
. "&client_id=clientId1"
. "&scope=http%3A%2F%2Fgoogleapis.com%2Fscope%2Ffoo"
. "&access_type=offline"
. "&prompt=select_account"
. "&hd=example.com"
. "&openid.realm=example.com"
. "&include_granted_scopes=true";
$this->assertEquals($expected, $authUrl);
}
/**
* Most of the logic for ID token validation is in AuthTest -
* this is just a general check to ensure we verify a valid
* id token if one exists.
*/
public function testValidateIdToken()
{
if (!$this->checkToken()) {
return;
}
$client = $this->getClient();
$token = json_decode($client->getAccessToken());
$segments = explode(".", $token->id_token);
$this->assertEquals(3, count($segments));
// Extract the client ID in this case as it wont be set on the test client.
$data = json_decode(Google_Utils::urlSafeB64Decode($segments[1]));
$oauth = new Google_Auth_OAuth2($client);
$ticket = $oauth->verifyIdToken($token->id_token, $data->aud);
$this->assertInstanceOf(
"Google_Auth_LoginTicket",
$ticket
);
$this->assertTrue(strlen($ticket->getUserId()) > 0);
// TODO: Need to be smart about testing/disabling the
// caching for this test to make sense. Not sure how to do that
// at the moment.
$client = $this->getClient();
$client->setIo(new Google_IO_Stream($client));
$data = json_decode(Google_Utils::urlSafeB64Decode($segments[1]));
$oauth = new Google_Auth_OAuth2($client);
$this->assertInstanceOf(
"Google_Auth_LoginTicket",
$oauth->verifyIdToken($token->id_token, $data->aud)
);
}
/**
* Test for revoking token when none is opened
*/
public function testRevokeWhenNoTokenExists()
{
$client = new Google_Client();
$this->assertFalse($client->revokeToken());
}
/**
* Test that the ID token is properly refreshed.
*/
public function testRefreshTokenSetsValues()
{
$client = new Google_Client();
$response_data = json_encode(
array(
'access_token' => "ACCESS_TOKEN",
'id_token' => "ID_TOKEN",
'expires_in' => "12345",
)
);
$response = $this->getMock("Google_Http_Request", array(), array(''));
$response->expects($this->any())
->method('getResponseHttpCode')
->will($this->returnValue(200));
$response->expects($this->any())
->method('getResponseBody')
->will($this->returnValue($response_data));
$io = $this->getMock("Google_IO_Stream", array(), array($client));
$io->expects($this->any())
->method('makeRequest')
->will(
$this->returnCallback(
function ($request) use (&$token, $response) {
$elements = $request->getPostBody();
PHPUnit_Framework_TestCase::assertEquals(
$elements['grant_type'],
"refresh_token"
);
PHPUnit_Framework_TestCase::assertEquals(
$elements['refresh_token'],
"REFRESH_TOKEN"
);
return $response;
}
)
);
$client->setIo($io);
$oauth = new Google_Auth_OAuth2($client);
$oauth->refreshToken("REFRESH_TOKEN");
$token = json_decode($oauth->getAccessToken(), true);
$this->assertEquals($token['id_token'], "ID_TOKEN");
}
}