public function AuthCodeFunctionalTest::testRememberClient in Simple OAuth (OAuth2) & OpenID Connect 8.3
Tests the remember client functionality.
File
- simple_oauth_extras/
tests/ src/ Functional/ AuthCodeFunctionalTest.php, line 147
Class
- AuthCodeFunctionalTest
- @group simple_oauth_extras
Namespace
Drupal\Tests\simple_oauth_extras\FunctionalCode
public function testRememberClient() {
$valid_params = [
'response_type' => 'code',
'client_id' => $this->client
->uuid(),
'client_secret' => $this->clientSecret,
];
// 1. Anonymous request invites the user to log in.
$this
->drupalGet($this->authorizeUrl
->toString(), [
'query' => $valid_params,
]);
$assert_session = $this
->assertSession();
$assert_session
->buttonExists('Log in');
$assert_session
->responseContains('An external client application is requesting access');
// 2. Log the user in and try again.
$this
->drupalLogin($this->user);
$this
->drupalGet($this->authorizeUrl
->toString(), [
'query' => $valid_params,
]);
$this
->assertGrantForm();
// 3. Grant access by submitting the form and get the token back.
$this
->drupalPostForm(NULL, [], 'Grant');
// Store the code for the second part of the flow.
$code = $this
->getAndValidateCodeFromResponse();
// 4. Send the code to get the access token.
$response = $this
->postGrantedCodeWithScopes($code, $this->scope);
$this
->assertValidTokenResponse($response, TRUE);
// Do a second authorize request, the client is now remembered and the user
// does not need to confirm again.
$this
->drupalGet($this->authorizeUrl
->toString(), [
'query' => $valid_params,
]);
$code = $this
->getAndValidateCodeFromResponse();
$response = $this
->postGrantedCodeWithScopes($code, $this->scope);
$this
->assertValidTokenResponse($response, TRUE);
// Do a third request with an additional scope.
$valid_params['scope'] = $this->extraRole
->id();
$this
->drupalGet($this->authorizeUrl
->toString(), [
'query' => $valid_params,
]);
$this
->assertGrantForm();
$this
->assertSession()
->pageTextContains($this->extraRole
->label());
$this
->drupalPostForm(NULL, [], 'Grant');
$code = $this
->getAndValidateCodeFromResponse();
$response = $this
->postGrantedCodeWithScopes($code, $this->scope . ' ' . $this->extraRole
->id());
$this
->assertValidTokenResponse($response, TRUE);
// Do another request with the additional scope, this scope is now remembered too.
$valid_params['scope'] = $this->extraRole
->id();
$this
->drupalGet($this->authorizeUrl
->toString(), [
'query' => $valid_params,
]);
$code = $this
->getAndValidateCodeFromResponse();
$response = $this
->postGrantedCodeWithScopes($code, $this->scope . ' ' . $this->extraRole
->id());
$this
->assertValidTokenResponse($response, TRUE);
// Disable the remember clients feature, make sure that the redirect doesn't happen automatically anymore.
$this
->config('simple_oauth.settings')
->set('remember_clients', FALSE)
->save();
$this
->drupalGet($this->authorizeUrl
->toString(), [
'query' => $valid_params,
]);
$this
->assertGrantForm();
}