public function OAuth2ServerTest::testOpenIdConnectImplicitFlow in OAuth2 Server 2.0.x
Same name and namespace in other branches
- 8 tests/src/Functional/OAuth2ServerTest.php \Drupal\Tests\oauth2_server\Functional\OAuth2ServerTest::testOpenIdConnectImplicitFlow()
Tests the OpenID Connect implicit flow.
File
- tests/
src/ Functional/ OAuth2ServerTest.php, line 426
Class
- OAuth2ServerTest
- The OAuth2 Server admin test case.
Namespace
Drupal\Tests\oauth2_server\FunctionalCode
public function testOpenIdConnectImplicitFlow() {
$account = $this
->drupalCreateUser([
'use oauth2 server',
]);
$this
->drupalLogin($account);
$response = $this
->authorizationCodeRequest('id_token', 'openid email');
$this
->assertEqual($response
->getStatusCode(), 302, 'The "id_token" implicit flow request completed successfully');
$parameters = $this
->getRedirectParams($response, '#');
if (!empty($parameters['id_token'])) {
$this
->assertIdToken($parameters['id_token'], FALSE, $account);
}
else {
$this
->assertTrue(FALSE, 'The token request returned an id_token.');
}
$response = $this
->authorizationCodeRequest('token id_token', 'openid email profile phone');
$this
->assertEqual($response
->getStatusCode(), 302, 'The "token id_token" implicit flow request completed successfully');
$parameters = $this
->getRedirectParams($response, '#');
$this
->assertTokenResponse($parameters, FALSE);
if (!empty($parameters['id_token'])) {
$this
->assertIdToken($parameters['id_token'], TRUE);
}
else {
$this
->assertTrue(FALSE, 'The token request returned an id_token.');
}
$account->timezone = 'Europe/London';
$account
->save();
// Request OpenID Connect user information (claims).
$query = [
'access_token' => $parameters['access_token'],
];
$info_url = $this
->buildUrl(new Url('oauth2_server.userinfo'), [
'query' => $query,
]);
$response = $this
->httpGetRequest($info_url);
$payload = json_decode($response
->getBody());
$sub_property = \Drupal::config('oauth2_server.oauth')
->get('user_sub_property');
$expected_claims = [
'sub' => $account->{$sub_property}->value,
'email' => $account->mail->value,
'email_verified' => TRUE,
'phone_number' => '123456',
'phone_number_verified' => FALSE,
'preferred_username' => $account->name->value,
'name' => $account
->label(),
'zoneinfo' => $account->timezone->value,
];
foreach ($expected_claims as $claim => $expected_value) {
$this
->assertEqual($payload->{$claim}, $expected_value, 'The UserInfo endpoint returned a valid "' . $claim . '" claim');
}
}