You are here

public function RefreshFunctionalTest::testRefreshGrant in Simple OAuth (OAuth2) & OpenID Connect 8.4

Same name and namespace in other branches
  1. 5.x tests/src/Functional/RefreshFunctionalTest.php \Drupal\Tests\simple_oauth\Functional\RefreshFunctionalTest::testRefreshGrant()

Test the valid Refresh grant.

File

tests/src/Functional/RefreshFunctionalTest.php, line 48

Class

RefreshFunctionalTest
The refresh tests.

Namespace

Drupal\Tests\simple_oauth\Functional

Code

public function testRefreshGrant() {

  // 1. Test the valid response.
  $valid_payload = [
    'grant_type' => 'refresh_token',
    'client_id' => $this->client
      ->uuid(),
    'client_secret' => $this->clientSecret,
    'refresh_token' => $this->refreshToken,
    'scope' => $this->scope,
  ];
  $response = $this
    ->post($this->url, $valid_payload);
  $this
    ->assertValidTokenResponse($response, TRUE);

  // 2. Test the valid without scopes.
  // We need to use the new refresh token, the old one is revoked.
  $parsed_response = Json::decode((string) $response
    ->getBody());
  $valid_payload = [
    'grant_type' => 'refresh_token',
    'client_id' => $this->client
      ->uuid(),
    'client_secret' => $this->clientSecret,
    'refresh_token' => $parsed_response['refresh_token'],
    'scope' => $this->scope,
  ];
  $response = $this
    ->post($this->url, $valid_payload);
  $this
    ->assertValidTokenResponse($response, TRUE);

  // 3. Test that the token token was revoked.
  $valid_payload = [
    'grant_type' => 'refresh_token',
    'client_id' => $this->client
      ->uuid(),
    'client_secret' => $this->clientSecret,
    'refresh_token' => $this->refreshToken,
  ];
  $response = $this
    ->post($this->url, $valid_payload);
  $parsed_response = Json::decode((string) $response
    ->getBody());
  $this
    ->assertSame(401, $response
    ->getStatusCode());
  $this
    ->assertSame('invalid_request', $parsed_response['error']);
}