You are here

Home » API reference » OAuth2 Server 8 » OAuth2ServerTest.php » OAuth2ServerTest

public function OAuth2ServerTest::testAuthorization in OAuth2 Server 8

Same name and namespace in other branches
  1. 2.0.x tests/src/Functional/OAuth2ServerTest.php \Drupal\Tests\oauth2_server\Functional\OAuth2ServerTest::testAuthorization()

Tests the authorization part of the flow.

File

tests/src/Functional/OAuth2ServerTest.php, line 177

Class

OAuth2ServerTest
The OAuth2 Server admin test case.

Namespace

Drupal\Tests\oauth2_server\Functional

Code

public function testAuthorization() {

  // Create a user, log the user in, and retry the request.
  $user = $this
    ->drupalCreateUser([
    'use oauth2 server',
  ]);
  $this
    ->drupalLogin($user);
  $response = $this
    ->authorizationCodeRequest('code');

  // Test the redirect_uri and authorization code.
  $redirect_url_parts = explode('?', $response
    ->getHeader('location')[0]);
  $authorize_redirect = FALSE;
  if ($response
    ->getStatusCode() == 302 && $redirect_url_parts[0] == $this->redirectUri) {
    $authorize_redirect = TRUE;
  }
  $this
    ->assertTrue($authorize_redirect, 'User was properly redirected to the "redirect_uri".');
  $redirect_url_params = $this
    ->getRedirectParams($response);
  $valid_code = (bool) $redirect_url_params['code'];
  $this
    ->assertTrue($valid_code, 'The server returned an authorization code');
  $valid_token = $redirect_url_params['state'] == Crypt::hmacBase64($this->clientId, Settings::getHashSalt());
  $this
    ->assertTrue($valid_token, 'The server returned a valid state');
}