You are here

Home » API reference » OAuth2 Server 7 » oauth2_server.test » OAuth2ServerTestCase

function OAuth2ServerTestCase::testOpenIdConnectImplicitFlow in OAuth2 Server 7

Tests the OpenID Connect implicit flow.

File

tests/oauth2_server.test, line 474
OAuth2 tests.

Class

OAuth2ServerTestCase
Test basic API.

Code

function testOpenIdConnectImplicitFlow() {
  $account = $this
    ->drupalCreateUser(array(
    'use oauth2 server',
  ));
  $this
    ->drupalLogin($account);
  $result = $this
    ->authorizationCodeRequest('id_token', 'openid email');
  $this
    ->assertEqual($result->code, 302, 'The "id_token" implicit flow request completed successfully');
  $redirect_url_parts = explode('#', $result->redirect_url);
  $response = drupal_get_query_array($redirect_url_parts[1]);
  if (!empty($response['id_token'])) {
    $this
      ->assertIdToken($response['id_token'], FALSE, $account);
  }
  else {
    $this
      ->assertTrue(FALSE, 'The token request returned an id_token.');
  }
  $result = $this
    ->authorizationCodeRequest('token id_token', 'openid email profile phone');
  $this
    ->assertEqual($result->code, 302, 'The "token id_token" implicit flow request completed successfully');
  $redirect_url_parts = explode('#', $result->redirect_url);
  $response = drupal_get_query_array($redirect_url_parts[1]);
  $this
    ->assertTokenResponse($response, FALSE);
  if (!empty($response['id_token'])) {
    $this
      ->assertIdToken($response['id_token'], TRUE);
  }
  else {
    $this
      ->assertTrue(FALSE, 'The token request returned an id_token.');
  }

  // Add a timezone to the account, to test the 'zoneinfo' claim.
  user_save($account, array(
    'timezone' => 'Europe/London',
  ));

  // Request OpenID Connect user information (claims).
  $query = array(
    'access_token' => $response['access_token'],
  );
  $info_url = url('oauth2/UserInfo', array(
    'absolute' => TRUE,
    'query' => $query,
  ));
  $result = $this
    ->httpRequest($info_url);
  $response = json_decode($result->data);
  $expected_claims = array(
    'sub' => $account->uid,
    'email' => $account->mail,
    'email_verified' => TRUE,
    'phone_number' => '123456',
    'phone_number_verified' => FALSE,
    'preferred_username' => $account->name,
    'name' => format_username($account),
    'zoneinfo' => $account->timezone,
  );
  foreach ($expected_claims as $claim => $expected_value) {
    $this
      ->assertEqual($response->{$claim}, $expected_value, 'The UserInfo endpoint returned a valid "' . $claim . '" claim');
  }
}