public function OAuth2ServerTest::testOpenIdConnectNonDefaultSubInIdToken in OAuth2 Server 2.0.x
Same name and namespace in other branches
- 8 tests/src/Functional/OAuth2ServerTest.php \Drupal\Tests\oauth2_server\Functional\OAuth2ServerTest::testOpenIdConnectNonDefaultSubInIdToken()
Tests that the OpenID Connect 'sub' property affects ID token 'sub' claim.
File
- tests/
src/ Functional/ OAuth2ServerTest.php, line 499
Class
- OAuth2ServerTest
- The OAuth2 Server admin test case.
Namespace
Drupal\Tests\oauth2_server\FunctionalCode
public function testOpenIdConnectNonDefaultSubInIdToken() {
$this
->config('oauth2_server.oauth')
->set('user_sub_property', 'name')
->save();
// This is the authorization code grant type flow.
$user = $this
->drupalCreateUser([
'use oauth2 server',
]);
$this
->drupalLogin($user);
$response = $this
->authorizationCodeRequest('code', 'openid offline_access');
$parameters = $this
->getRedirectParams($response);
$authorization_code = $parameters['code'];
// Get tokens using the authorization code.
$token_url = $this
->buildUrl(new Url('oauth2_server.token'));
$data = [
'grant_type' => 'authorization_code',
'code' => $authorization_code,
'redirect_uri' => $this->redirectUri,
];
$response = $this
->httpPostRequest($token_url, $data);
$payload = json_decode($response
->getBody());
$parts = explode('.', $payload->id_token);
$claims = json_decode(Utility::base64urlDecode($parts[1]), TRUE);
$this
->assertEqual($this->loggedInUser->name->value, $claims['sub'], 'The ID token "sub" is now the user\'s name.');
}