You are here

Home » API reference » OAuth2 Server 7 » oauth2_server.test » OAuth2ServerTestCase

public function OAuth2ServerTestCase::testOpenIdConnectNonDefaultSubInIdToken in OAuth2 Server 7

Tests that the OpenID Connect 'sub' property affects ID token 'sub' claim.

File

tests/oauth2_server.test, line 550
OAuth2 tests.

Class

OAuth2ServerTestCase
Test basic API.

Code

public function testOpenIdConnectNonDefaultSubInIdToken() {
  variable_set('oauth2_server_user_sub_property', 'name');

  // This is the authorization code grant type flow.
  $user = $this
    ->drupalCreateUser(array(
    'use oauth2 server',
  ));
  $this
    ->drupalLogin($user);
  $result = $this
    ->authorizationCodeRequest('code', 'openid offline_access');
  $redirect_url_parts = explode('?', $result->redirect_url);
  $redirect_url_params = drupal_get_query_array($redirect_url_parts[1]);
  $authorization_code = $redirect_url_params['code'];

  // Get tokens using the authorization code.
  $token_url = url('oauth2/token', array(
    'absolute' => TRUE,
  ));
  $data = array(
    'grant_type' => 'authorization_code',
    'code' => $authorization_code,
    'redirect_uri' => url('authorized', array(
      'absolute' => TRUE,
    )),
  );
  $options = array(
    'method' => 'POST',
    'data' => http_build_query($data),
    'headers' => array(
      'Content-Type' => 'application/x-www-form-urlencoded',
      'Authorization' => 'Basic ' . base64_encode($this->client_key . ':' . $this->client_secret),
    ),
  );
  $result = $this
    ->httpRequest($token_url, $options);
  $response = json_decode($result->data);
  $parts = explode('.', $response->id_token);
  $claims = json_decode(oauth2_server_base64url_decode($parts[1]), TRUE);
  $this
    ->assertEqual($this->loggedInUser->name, $claims['sub'], 'The ID token "sub" is now the user\'s name.');
}