You are here

Home » API reference » Entity Share 8.3 » AuthenticationOAuthTest.php » AuthenticationOAuthTest

public function AuthenticationOAuthTest::testTokenExpiration in Entity Share 8.3

Test behavior when access and refresh tokens are revoked.

File

modules/entity_share_client/tests/src/Functional/AuthenticationOAuthTest.php, line 266

Class

AuthenticationOAuthTest
Functional test class for import with "OAuth" authorization.

Namespace

Drupal\Tests\entity_share_client\Functional

Code

public function testTokenExpiration() {

  // 1. Access token is valid.
  $entity_share_entrypoint_url = Url::fromRoute('entity_share_server.resource_list');
  $response = $this->remoteManager
    ->jsonApiRequest($this->remote, 'GET', $entity_share_entrypoint_url
    ->setAbsolute()
    ->toString());
  $this
    ->assertNotNull($response, 'No exception caught during request');
  $this
    ->assertEquals(200, $response
    ->getStatusCode());

  // Ensure access token has expired.
  $plugin = $this->remote
    ->getAuthPlugin();
  $configuration = $plugin
    ->getConfiguration();

  /** @var \League\OAuth2\Client\Token\AccessTokenInterface $access_token */
  $access_token = $this->keyValueStore
    ->get($configuration['uuid'] . '-' . $plugin
    ->getPluginId());
  $this
    ->assertFalse($access_token
    ->hasExpired(), 'The access token has not expired yet.');
  sleep(30);
  $this
    ->assertTrue($access_token
    ->hasExpired(), 'The access token has expired.');

  // 2. Access token has expired but refresh token is still valid.
  $this
    ->resetRemoteCaches();
  $response = $this->remoteManager
    ->jsonApiRequest($this->remote, 'GET', $entity_share_entrypoint_url
    ->setAbsolute()
    ->toString());
  $this
    ->assertNotNull($response, 'No exception caught during request');
  $this
    ->assertEquals(200, $response
    ->getStatusCode());

  // Ensure refresh token has expired.
  sleep(120);

  // 3. Both access and refresh tokens have expired, so use
  // client_credentials as a last resort.
  $this
    ->resetRemoteCaches();
  $response = $this->remoteManager
    ->jsonApiRequest($this->remote, 'GET', $entity_share_entrypoint_url
    ->setAbsolute()
    ->toString());
  $this
    ->assertNotNull($response, 'No exception caught during request');
  $this
    ->assertEquals(200, $response
    ->getStatusCode());
}