MensBeam
/
Arsse
3
1
Fork 0
Code Issues 24 Pull Requests Releases 28 Activity
Browse Source

Tests for auth code verification

microsub
J. King 4 years ago
parent
38a2776ae9
commit
9d28dd5051
2 changed files with 35 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      lib/REST/Microsub/Auth.php
  2. 33
      tests/cases/REST/Microsub/TestAuth.php

4
lib/REST/Microsub/Auth.php
View File

@ -294,9 +294,9 @@ class Auth extends \JKingWeb\Arsse\REST\AbstractHandler {
} catch (\JKingWeb\Arsse\Db\ExceptionInput $e) {
throw new ExceptionAuth("invalid_grant");
}
$data = @json_decode($token['data'], true);
$data = @json_decode((string) $token['data'], true);
// validate the auth code
if (!is_array($data)) {
if (!is_array($data) || !isset($data['redirect_uri']) || !isset($data['client_id'])) {
throw new ExceptionAuth("invalid_grant");
} elseif ($data['client_id'] !== $clientId || $data['redirect_uri'] !== $redirUrl) {
throw new ExceptionAuth("invalid_client");

33
tests/cases/REST/Microsub/TestAuth.php
View File

@ -8,6 +8,7 @@ namespace JKingWeb\Arsse\TestCase\REST\Microsub;
use JKingWeb\Arsse\Arsse;
use JKingWeb\Arsse\Database;
use JKingWeb\Arsse\Db\ExceptionInput;
use JKingWeb\Arsse\Misc\Date;
use Psr\Http\Message\ResponseInterface;
use Zend\Diactoros\Response\JsonResponse as Response;
@ -128,4 +129,36 @@ class TestAuth extends \JKingWeb\Arsse\Test\AbstractTest {
'Success 3' => [['me' => "https://example.com/u/john.doe", 'client_id' => "http://example.org/", 'redirect_uri' => "http://example.org/?p=redirect", 'state' => "ABCDEF", 'response_type' => "code"], "john.doe", new EmptyResponse(302, ['Location' => "http://example.org/?p=redirect&state=ABCDEF&code=authCode"])],
];
}
/** @dataProvider provideAuthData */
public function testVerifyAnAuthenticationCode(array $params, string $user, $data, ResponseInterface $exp) {
if ($data instanceof \Exception) {
\Phake::when(Arsse::$db)->tokenLookup("microsub.auth", $params['code'] ?? "")->thenThrow($data);
} else {
\Phake::when(Arsse::$db)->tokenLookup("microsub.auth", $params['code'] ?? "")->thenReturn(['user' => $user, 'data' => $data]);
}
$act = $this->req("http://example.com/u/?f=auth", "POST", [], [], $params);
$this->assertMessage($exp, $act);
\Phake::verify(Arsse::$db, \Phake::times($act->getStatusCode() == 200 ? 1 : 0))->tokenRevoke($user, "microsub.auth", $params['code'] ?? "");
}
public function provideAuthData() {
return [
'Missing code 1' => [[ 'redirect_uri' => "https://example.org/", 'client_id' => "https://example.net/"], "someone", '{"redirect_uri":"https://example.org/","client_id":"https://example.net/"}', new Response(['error' => "invalid_request"], 400)],
'Missing code 2' => [['code' => "", 'redirect_uri' => "https://example.org/", 'client_id' => "https://example.net/"], "someone", '{"redirect_uri":"https://example.org/","client_id":"https://example.net/"}', new Response(['error' => "invalid_request"], 400)],
'Missing URL 1' => [['code' => "code", 'client_id' => "https://example.net/"], "someone", '{"redirect_uri":"https://example.org/","client_id":"https://example.net/"}', new Response(['error' => "invalid_request"], 400)],
'Missing URL 2' => [['code' => "code", 'redirect_uri' => "", 'client_id' => "https://example.net/"], "someone", '{"redirect_uri":"https://example.org/","client_id":"https://example.net/"}', new Response(['error' => "invalid_request"], 400)],
'Missing ID 1' => [['code' => "code", 'redirect_uri' => "https://example.org/", ], "someone", '{"redirect_uri":"https://example.org/","client_id":"https://example.net/"}', new Response(['error' => "invalid_request"], 400)],
'Missing ID 2' => [['code' => "code", 'redirect_uri' => "https://example.org/", 'client_id' => "" ], "someone", '{"redirect_uri":"https://example.org/","client_id":"https://example.net/"}', new Response(['error' => "invalid_request"], 400)],
'Mismatched URL' => [['code' => "code", 'redirect_uri' => "https://example.net/", 'client_id' => "https://example.net/"], "someone", '{"redirect_uri":"https://example.org/","client_id":"https://example.net/"}', new Response(['error' => "invalid_client" ], 400)],
'Mismatched ID' => [['code' => "code", 'redirect_uri' => "https://example.org/", 'client_id' => "https://example.org/"], "someone", '{"redirect_uri":"https://example.org/","client_id":"https://example.net/"}', new Response(['error' => "invalid_client" ], 400)],
'Bad data 1' => [['code' => "bad-data1", 'redirect_uri' => "https://example.org/", 'client_id' => "https://example.net/"], "someone", null, new Response(['error' => "invalid_grant" ], 400)],
'Bad data 2' => [['code' => "bad-data2", 'redirect_uri' => "https://example.org/", 'client_id' => "https://example.net/"], "someone", '{client_id":"https://example.net/"}', new Response(['error' => "invalid_grant" ], 400)],
'Bad data 3' => [['code' => "bad-data3", 'redirect_uri' => "https://example.org/", 'client_id' => "https://example.net/"], "someone", '{"redirect_uri":"https://example.org/"}', new Response(['error' => "invalid_grant" ], 400)],
'Bad user' => [['code' => "bad-user", 'redirect_uri' => "https://example.org/", 'client_id' => "https://example.net/"], "someone", new ExceptionInput("subjectMissing"), new Response(['error' => "invalid_grant" ], 400)],
'Bad type' => [['code' => "bad-type", 'redirect_uri' => "https://example.org/", 'client_id' => "https://example.net/"], "someone", '{"redirect_uri":"https://example.org/","client_id":"https://example.net/","response_type":"token"}', new Response(['error' => "invalid_grant" ], 400)],
'Success 1' => [['code' => "valid-code", 'redirect_uri' => "https://example.org/", 'client_id' => "https://example.net/"], "someone", '{"redirect_uri":"https://example.org/","client_id":"https://example.net/"}', new Response(['me' => "http://example.com/u/someone"], 200)],
'Success 2' => [['code' => "good-code", 'redirect_uri' => "https://example.org/", 'client_id' => "https://example.net/"], "somehow", '{"redirect_uri":"https://example.org/","client_id":"https://example.net/","response_type":"id"}', new Response(['me' => "http://example.com/u/somehow"], 200)],
];
}
}

Write Preview
Loading…
Cancel
Save