Skip to content

Commit

Permalink
WIP AccessTokenEntityFactory
Browse files Browse the repository at this point in the history
  • Loading branch information
cicnavi committed Oct 3, 2024
1 parent b5ef5a5 commit 50cbd3f
Showing 1 changed file with 49 additions and 38 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -6,25 +6,29 @@

use DateTimeImmutable;
use DateTimeZone;
use League\OAuth2\Server\CryptKey;
use PDO;
use PHPUnit\Framework\Attributes\DataProvider;
use PHPUnit\Framework\MockObject\MockObject;
use PHPUnit\Framework\TestCase;
use SimpleSAML\Configuration;
use SimpleSAML\Database;
use SimpleSAML\Module\oidc\Entities\AccessTokenEntity;
use SimpleSAML\Module\oidc\Entities\ClientEntity;
use SimpleSAML\Module\oidc\Entities\Interfaces\ClientEntityInterface;
use SimpleSAML\Module\oidc\Entities\ScopeEntity;
use SimpleSAML\Module\oidc\Entities\UserEntity;
use SimpleSAML\Module\oidc\Factories\Entities\AccessTokenEntityFactory;
use SimpleSAML\Module\oidc\Factories\Entities\ClientEntityFactory;
use SimpleSAML\Module\oidc\Helpers;
use SimpleSAML\Module\oidc\ModuleConfig;
use SimpleSAML\Module\oidc\Repositories\AbstractDatabaseRepository;
use SimpleSAML\Module\oidc\Repositories\AccessTokenRepository;
use SimpleSAML\Module\oidc\Repositories\ClientRepository;
use SimpleSAML\Module\oidc\Repositories\Traits\RevokeTokenByAuthCodeIdTrait;
use SimpleSAML\Module\oidc\Repositories\UserRepository;
use SimpleSAML\Module\oidc\Services\DatabaseMigration;
use SimpleSAML\Module\oidc\Services\JsonWebTokenBuilderService;
use Testcontainers\Container\MySQLContainer;
use Testcontainers\Container\PostgresContainer;
use Testcontainers\Wait\WaitForHealthCheck;
Expand Down Expand Up @@ -53,22 +57,18 @@ class RevokeTokenByAuthCodeIdTraitTest extends TestCase
public static array $sqliteConfig;

protected AbstractDatabaseRepository $mock;

/**
* @var \SimpleSAML\Module\oidc\Entities\ScopeEntity
*/
protected ScopeEntity $scopeEntityOpenId;

/**
* @var \SimpleSAML\Module\oidc\Entities\ScopeEntity
*/
protected ScopeEntity $scopeEntityProfile;

private static ?string $containerAddress = null;
private static ?string $mysqlPort = null;
private static ?string $postgresPort = null;

protected MockObject $accessTokenEntityFactoryMock;
protected MockObject $accessTokenEntityMock;
protected array $accessTokenState;
protected AccessTokenEntityFactory $accessTokenEntityFactory;
protected CryptKey $privateKey;

public static function setUpBeforeClass(): void
{
Expand All @@ -91,6 +91,42 @@ public static function setUpBeforeClass(): void
self::$sqliteConfig = self::loadSqliteDatabase();
}

/**
* @return void
* @throws \PHPUnit\Framework\MockObject\Exception
*/
public function setUp(): void
{
$this->scopeEntityOpenId = $this->createStub(ScopeEntity::class);
$this->scopeEntityOpenId->method('getIdentifier')->willReturn('openid');
$this->scopeEntityOpenId->method('jsonSerialize')->willReturn('openid');
$this->scopeEntityProfile = $this->createStub(ScopeEntity::class);
$this->scopeEntityProfile->method('getIdentifier')->willReturn('profile');
$this->scopeEntityProfile->method('jsonSerialize')->willReturn('profile');
$this->scopes = [$this->scopeEntityOpenId, $this->scopeEntityProfile,];

$this->accessTokenState = [
'id' => self::ACCESS_TOKEN_ID,
'scopes' => '{"openid":"openid","profile":"profile"}',
'expires_at' => date('Y-m-d H:i:s', time() - 60), // expired...
'user_id' => 'user123',
'client_id' => self::CLIENT_ID,
'is_revoked' => false,
'auth_code_id' => 'authCode123',
];

$this->accessTokenEntityMock = $this->createMock(AccessTokenEntity::class);
$this->accessTokenEntityFactoryMock = $this->createMock(AccessTokenEntityFactory::class);
$certFolder = dirname(__DIR__, 5) . '/docker/ssp/';
$privateKeyPath = $certFolder . ModuleConfig::DEFAULT_PKI_PRIVATE_KEY_FILENAME;
$this->privateKey = new CryptKey($privateKeyPath);
$this->accessTokenEntityFactory = new AccessTokenEntityFactory(
new Helpers(),
$this->privateKey,
$this->createMock(JsonWebTokenBuilderService::class),
);
}

public function useDatabase($config): void
{
$configuration = Configuration::loadFromArray($config, '', 'simplesaml');
Expand Down Expand Up @@ -129,7 +165,7 @@ public function getDatabase(): Database
$this->accessTokenRepository = new AccessTokenRepository(
$moduleConfig,
$clientRepositoryMock,
$this->accessTokenEntityFactoryMock,
$this->accessTokenEntityFactory,
);

$client = self::clientRepositoryGetClient(self::CLIENT_ID);
Expand Down Expand Up @@ -227,28 +263,11 @@ public static function loadMySqlDatabase(): array
];
}

/**
* @return void
* @throws \PHPUnit\Framework\MockObject\Exception
*/
public function setUp(): void
{
$this->scopeEntityOpenId = $this->createStub(ScopeEntity::class);
$this->scopeEntityOpenId->method('getIdentifier')->willReturn('openid');
$this->scopeEntityOpenId->method('jsonSerialize')->willReturn('openid');
$this->scopeEntityProfile = $this->createStub(ScopeEntity::class);
$this->scopeEntityProfile->method('getIdentifier')->willReturn('profile');
$this->scopeEntityProfile->method('jsonSerialize')->willReturn('profile');
$this->scopes = [$this->scopeEntityOpenId, $this->scopeEntityProfile,];

$this->accessTokenEntityFactoryMock = $this->createMock(AccessTokenEntityFactory::class);
}

public static function databaseToTest(): array
{
return [
'PostgreSql' => ['pgConfig'],
'MySql' => ['mysqlConfig'],
//'PostgreSql' => ['pgConfig'],
//'MySql' => ['mysqlConfig'],
'Sqlite' => ['sqliteConfig'],
];
}
Expand Down Expand Up @@ -285,17 +304,9 @@ public function testRevokeByAuthCodeId(string $database): void
{
$this->useDatabase(self::$$database);

$accessToken = $this->accessTokenRepository->getNewToken(
self::clientRepositoryGetClient(self::CLIENT_ID),
$this->scopes,
self::USER_ID,
self::AUTH_CODE_ID,
self::REQUESTED_CLAIMS,
self::ACCESS_TOKEN_ID,
(new DateTimeImmutable('yesterday', new DateTimeZone('UTC'))),
);
$this->accessTokenEntityMock->method('getState')->willReturn($this->accessTokenState);

$this->accessTokenRepository->persistNewAccessToken($accessToken);
$this->accessTokenRepository->persistNewAccessToken($this->accessTokenEntityMock);

$isRevoked = $this->accessTokenRepository->isAccessTokenRevoked(self::ACCESS_TOKEN_ID);
$this->assertFalse($isRevoked);
Expand Down

0 comments on commit 50cbd3f

Please sign in to comment.