public function AuthCodeFunctionalTest::testRememberClient in Simple OAuth (OAuth2) & OpenID Connect 5.x
Same name and namespace in other branches
- 8.4 tests/src/Functional/AuthCodeFunctionalTest.php \Drupal\Tests\simple_oauth\Functional\AuthCodeFunctionalTest::testRememberClient()
Tests the remember client functionality.
File
- tests/
src/ Functional/ AuthCodeFunctionalTest.php, line 163
Class
- AuthCodeFunctionalTest
- The auth code test.
Namespace
Drupal\Tests\simple_oauth\FunctionalCode
public function testRememberClient() {
$valid_params = [
'response_type' => 'code',
'client_id' => $this->client
->uuid(),
'client_secret' => $this->clientSecret,
'redirect_uri' => Url::fromRoute('oauth2_token.test_token', [], [
'absolute' => TRUE,
])
->toString(),
];
// 1. Anonymous request invites the user to log in.
$this
->drupalGet($this->authorizeUrl
->toString(), [
'query' => $valid_params,
]);
$assert_session = $this
->assertSession();
$assert_session
->buttonExists('Log in');
// 2. Log the user in and try again.
$this
->drupalLogin($this->user);
$this
->drupalGet($this->authorizeUrl
->toString(), [
'query' => $valid_params,
]);
$this
->assertGrantForm();
// 3. Grant access by submitting the form and get the token back.
$this
->drupalPostForm(NULL, [], 'Grant');
// Store the code for the second part of the flow.
$code = $this
->getAndValidateCodeFromResponse();
// 4. Send the code to get the access token.
$response = $this
->postGrantedCodeWithScopes($code, $this->scope);
$this
->assertValidTokenResponse($response, TRUE);
// Do a second authorize request, the client is now remembered and the user
// does not need to confirm again.
$this
->drupalGet($this->authorizeUrl
->toString(), [
'query' => $valid_params,
]);
$code = $this
->getAndValidateCodeFromResponse();
$response = $this
->postGrantedCodeWithScopes($code, $this->scope);
$this
->assertValidTokenResponse($response, TRUE);
// Do a third request with an additional scope.
$valid_params['scope'] = $this->extraRole
->id();
$this
->drupalGet($this->authorizeUrl
->toString(), [
'query' => $valid_params,
]);
$this
->assertGrantForm();
$this
->assertSession()
->pageTextContains($this->extraRole
->label());
$this
->drupalPostForm(NULL, [], 'Grant');
$code = $this
->getAndValidateCodeFromResponse();
$response = $this
->postGrantedCodeWithScopes($code, $this->scope . ' ' . $this->extraRole
->id());
$this
->assertValidTokenResponse($response, TRUE);
// Do another request with the additional scope, this scope is now
// remembered too.
$valid_params['scope'] = $this->extraRole
->id();
$this
->drupalGet($this->authorizeUrl
->toString(), [
'query' => $valid_params,
]);
$code = $this
->getAndValidateCodeFromResponse();
$response = $this
->postGrantedCodeWithScopes($code, $this->scope . ' ' . $this->extraRole
->id());
$this
->assertValidTokenResponse($response, TRUE);
// Disable the remember clients feature, make sure that the redirect doesn't
// happen automatically anymore.
$this
->config('simple_oauth.settings')
->set('remember_clients', FALSE)
->save();
$this
->drupalGet($this->authorizeUrl
->toString(), [
'query' => $valid_params,
]);
$this
->assertGrantForm();
}