You are here

public function OAuth2ServerStorageTestCase::testCheckClientCredentials in OAuth2 Server 7

File

tests/oauth2_server.test, line 938
OAuth2 tests.

Class

OAuth2ServerStorageTestCase
Test \Drupal\oauth2_server\Storage.

Code

public function testCheckClientCredentials() {

  // Nonexistent client_id.
  $result = $this->storage
    ->checkClientCredentials('fakeclient', 'testpass');
  $this
    ->assertFalse($result, 'Invalid client credentials correctly detected.');

  // Invalid client_secret.
  $result = $this->storage
    ->checkClientCredentials($this->client_key, 'invalidcredentials');
  $this
    ->assertFalse($result, 'Invalid client_secret correctly detected.');

  // Valid credentials.
  $result = $this->storage
    ->checkClientCredentials($this->client_key, $this->client_secret);
  $this
    ->assertTrue($result, 'Valid client credentials correctly detected.');

  // No client secret.
  $result = $this->storage
    ->checkClientCredentials($this->client_key, '');
  $this
    ->assertFalse($result, 'Empty client secret not accepted.');

  // Allow empty client secret, try again.
  $this->client->client_secret = '';
  $this->client
    ->save();
  $result = $this->storage
    ->checkClientCredentials($this->client_key, '');
  $this
    ->assertTrue($result, 'Empty client secret accepted if none required.');

  // Try again with a NULL client secret. This should be accepted too.
  $result = $this->storage
    ->checkClientCredentials($this->client_key, NULL);
  $this
    ->assertTrue($result, 'Null client secret accepted if none required.');
}