You are here

public function OAuth2ServerTestCase::testAuthorization in OAuth2 Server 7

Tests the authorization part of the flow.

File

tests/oauth2_server.test, line 183
OAuth2 tests.

Class

OAuth2ServerTestCase
Test basic API.

Code

public function testAuthorization() {

  // Create a user, log him in, and retry the request.
  $user = $this
    ->drupalCreateUser(array(
    'use oauth2 server',
  ));
  $this
    ->drupalLogin($user);
  $result = $this
    ->authorizationCodeRequest('code');

  // Test the redirect_uri and authorization code.
  $authorize_redirect = FALSE;
  $redirect_uri = url('authorized', array(
    'absolute' => TRUE,
  ));

  // Rather than assuming that clean URLs are enabled let's assume that if
  // they are not enabled then the q argument is first.
  if ($result->code == 302 && strpos($result->redirect_url, $redirect_uri, 0) === 0) {
    $authorize_redirect = TRUE;
  }
  $this
    ->assertTrue($authorize_redirect, 'User was properly redirected to the "redirect_uri".');
  $redirect_url_parts = explode('?', $result->redirect_url);
  $redirect_url_params = drupal_get_query_array($redirect_url_parts[1]);
  $redirect_url_params += array(
    'code' => '',
  );
  $this
    ->assertTrue($redirect_url_params['code'], 'The server returned an authorization code');
  $valid_token = drupal_valid_token($redirect_url_params['state'], $this->client_key);
  $this
    ->assertTrue($valid_token, 'The server returned a valid state');
}