You are here

public function OAuth2ServerTest::testOpenIdConnectImplicitFlow in OAuth2 Server 2.0.x

Same name and namespace in other branches
  1. 8 tests/src/Functional/OAuth2ServerTest.php \Drupal\Tests\oauth2_server\Functional\OAuth2ServerTest::testOpenIdConnectImplicitFlow()

Tests the OpenID Connect implicit flow.

File

tests/src/Functional/OAuth2ServerTest.php, line 426

Class

OAuth2ServerTest
The OAuth2 Server admin test case.

Namespace

Drupal\Tests\oauth2_server\Functional

Code

public function testOpenIdConnectImplicitFlow() {
  $account = $this
    ->drupalCreateUser([
    'use oauth2 server',
  ]);
  $this
    ->drupalLogin($account);
  $response = $this
    ->authorizationCodeRequest('id_token', 'openid email');
  $this
    ->assertEqual($response
    ->getStatusCode(), 302, 'The "id_token" implicit flow request completed successfully');
  $parameters = $this
    ->getRedirectParams($response, '#');
  if (!empty($parameters['id_token'])) {
    $this
      ->assertIdToken($parameters['id_token'], FALSE, $account);
  }
  else {
    $this
      ->assertTrue(FALSE, 'The token request returned an id_token.');
  }
  $response = $this
    ->authorizationCodeRequest('token id_token', 'openid email profile phone');
  $this
    ->assertEqual($response
    ->getStatusCode(), 302, 'The "token id_token" implicit flow request completed successfully');
  $parameters = $this
    ->getRedirectParams($response, '#');
  $this
    ->assertTokenResponse($parameters, FALSE);
  if (!empty($parameters['id_token'])) {
    $this
      ->assertIdToken($parameters['id_token'], TRUE);
  }
  else {
    $this
      ->assertTrue(FALSE, 'The token request returned an id_token.');
  }
  $account->timezone = 'Europe/London';
  $account
    ->save();

  // Request OpenID Connect user information (claims).
  $query = [
    'access_token' => $parameters['access_token'],
  ];
  $info_url = $this
    ->buildUrl(new Url('oauth2_server.userinfo'), [
    'query' => $query,
  ]);
  $response = $this
    ->httpGetRequest($info_url);
  $payload = json_decode($response
    ->getBody());
  $sub_property = \Drupal::config('oauth2_server.oauth')
    ->get('user_sub_property');
  $expected_claims = [
    'sub' => $account->{$sub_property}->value,
    'email' => $account->mail->value,
    'email_verified' => TRUE,
    'phone_number' => '123456',
    'phone_number_verified' => FALSE,
    'preferred_username' => $account->name->value,
    'name' => $account
      ->label(),
    'zoneinfo' => $account->timezone->value,
  ];
  foreach ($expected_claims as $claim => $expected_value) {
    $this
      ->assertEqual($payload->{$claim}, $expected_value, 'The UserInfo endpoint returned a valid "' . $claim . '" claim');
  }
}