Code Coverage for /data/tests/auth/provider_oauth_token_storage

	Code Coverage
	Lines			Functions and Methods				Classes and Traits
Total	89.66% covered (warning)	89.66%	78 / 87	80.00% covered (warning)	80.00%	12 / 15	CRAP	0.00% covered (danger)	0.00%	0 / 1
phpbb_auth_provider_oauth_token_storage_test	89.66% covered (warning)	89.66%	78 / 87	80.00% covered (warning)	80.00%	12 / 15	22.54	0.00% covered (danger)	0.00%	0 / 1
setUp	100.00% covered (success)	100.00%	13 / 13	100.00% covered (success)	100.00%	1 / 1	1
getDataSet	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	1 / 1	1
retrieveAccessToken_data	0.00% covered (danger)	0.00%	0 / 4	0.00% covered (danger)	0.00%	0 / 1	2
test_retrieveAccessToken	100.00% covered (success)	100.00%	7 / 7	100.00% covered (success)	100.00%	1 / 1	3
test_retrieveAccessToken_wrong_token	83.33% covered (warning)	83.33%	5 / 6	0.00% covered (danger)	0.00%	0 / 1	2.02
test_retrieveAccessToken_from_db	100.00% covered (success)	100.00%	6 / 6	100.00% covered (success)	100.00%	1 / 1	1
test_retrieve_access_token_by_session	100.00% covered (success)	100.00%	7 / 7	100.00% covered (success)	100.00%	1 / 1	3
test_retrieve_access_token_by_session_from_db	100.00% covered (success)	100.00%	6 / 6	100.00% covered (success)	100.00%	1 / 1	1
test_storeAccessToken	100.00% covered (success)	100.00%	7 / 7	100.00% covered (success)	100.00%	1 / 1	1
hasAccessToken_data	0.00% covered (danger)	0.00%	0 / 4	0.00% covered (danger)	0.00%	0 / 1	2
test_hasAccessToken	100.00% covered (success)	100.00%	4 / 4	100.00% covered (success)	100.00%	1 / 1	2
test_has_access_token_by_session	100.00% covered (success)	100.00%	4 / 4	100.00% covered (success)	100.00%	1 / 1	2
test_clearToken	100.00% covered (success)	100.00%	6 / 6	100.00% covered (success)	100.00%	1 / 1	1
test_set_user_id	100.00% covered (success)	100.00%	6 / 6	100.00% covered (success)	100.00%	1 / 1	1
get_token_row_by_session_id	100.00% covered (success)	100.00%	6 / 6	100.00% covered (success)	100.00%	1 / 1	1

1	<?php
2	/**
3	*
4	* This file is part of the phpBB Forum Software package.
5	*
6	* @copyright (c) phpBB Limited <https://www.phpbb.com>
7	* @license GNU General Public License, version 2 (GPL-2.0)
8	*
9	* For full copyright and license information, please see
10	* the docs/CREDITS.txt file.
11	*
12	*/
13
14	use OAuth\OAuth2\Token\StdOAuth2Token;
15
16	require_once __DIR__ . '/phpbb_not_a_token.php';
17
18	class phpbb_auth_provider_oauth_token_storage_test extends phpbb_database_test_case
19	{
20	protected $db;
21	protected $service_name;
22	protected $session_id;
23	protected $token_storage;
24	protected $token_storage_table;
25	protected $state_table;
26
27	/** @var \phpbb\user */
28	protected $user;
29
30	protected function setUp(): void
31	{
32	parent::setUp();
33
34	global $phpbb_root_path, $phpEx;
35
36	$this->db = $this->new_dbal();
37	$lang_loader = new \phpbb\language\language_file_loader($phpbb_root_path, $phpEx);
38	$lang = new \phpbb\language\language($lang_loader);
39	$this->user = new \phpbb\user($lang, '\phpbb\datetime');
40	$this->service_name = 'auth.provider.oauth.service.testing';
41	$this->token_storage_table = 'phpbb_oauth_tokens';
42	$this->state_table = 'phpbb_oauth_states';
43
44	// Give the user a session_id that we will remember
45	$this->session_id = '12345';
46	$this->user->data['session_id'] = $this->session_id;
47
48	// Set the user id to anonymous
49	$this->user->data['user_id'] = ANONYMOUS;
50
51	$this->token_storage = new \phpbb\auth\provider\oauth\token_storage($this->db, $this->user, $this->token_storage_table, $this->state_table);
52	}
53
54	public function getDataSet()
55	{
56	return $this->createXMLDataSet(__DIR__.'/fixtures/oauth_tokens.xml');
57	}
58
59	public static function retrieveAccessToken_data()
60	{
61	return array(
62	array(new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param')), null),
63	array(null, 'OAuth\Common\Storage\Exception\TokenNotFoundException'),
64	);
65	}
66
67	/**
68	* @dataProvider retrieveAccessToken_data
69	*/
70	public function test_retrieveAccessToken($cache_token, $exception)
71	{
72	if ($cache_token)
73	{
74	$this->token_storage->storeAccessToken($this->service_name, $cache_token);
75	$token = $cache_token;
76	}
77
78	if (!empty($exception))
79	{
80	$this->expectException($exception);
81	}
82
83	$stored_token = $this->token_storage->retrieveAccessToken($this->service_name);
84	$this->assertEquals($token, $stored_token);
85	}
86
87	public function test_retrieveAccessToken_wrong_token()
88	{
89	$this->user->data['session_id'] = 'abcd';
90	try
91	{
92	$this->token_storage->retrieveAccessToken($this->service_name);
93	$this->fail('The token can not be deserialized and an exception should be thrown.');
94	}
95	catch (\OAuth\Common\Storage\Exception\TokenNotFoundException $e)
96	{
97	}
98
99	$row = $this->get_token_row_by_session_id('abcd');
100	$this->assertFalse($row);
101	}
102
103	public function test_retrieveAccessToken_from_db()
104	{
105	$expected_token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES);
106
107	// Store a token in the database
108	$temp_storage = new \phpbb\auth\provider\oauth\token_storage($this->db, $this->user, $this->token_storage_table, $this->state_table);
109	$temp_storage->storeAccessToken($this->service_name, $expected_token);
110	unset($temp_storage);
111
112	// Test to see if the token can be retrieved
113	$stored_token = $this->token_storage->retrieveAccessToken($this->service_name);
114	$this->assertEquals($expected_token, $stored_token);
115	}
116
117	/**
118	* @dataProvider retrieveAccessToken_data
119	*/
120	public function test_retrieve_access_token_by_session($cache_token, $exception)
121	{
122	if ($cache_token)
123	{
124	$this->token_storage->storeAccessToken($this->service_name, $cache_token);
125	$token = $cache_token;
126	}
127
128	if (!empty($exception))
129	{
130	$this->expectException($exception);
131	}
132
133	$stored_token = $this->token_storage->retrieve_access_token_by_session($this->service_name);
134	$this->assertEquals($token, $stored_token);
135	}
136
137	public function test_retrieve_access_token_by_session_from_db()
138	{
139	$expected_token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES);
140
141	// Store a token in the database
142	$temp_storage = new \phpbb\auth\provider\oauth\token_storage($this->db, $this->user, $this->token_storage_table, $this->state_table);
143	$temp_storage->storeAccessToken($this->service_name, $expected_token);
144	unset($temp_storage);
145
146	// Test to see if the token can be retrieved
147	$stored_token = $this->token_storage->retrieve_access_token_by_session($this->service_name);
148	$this->assertEquals($expected_token, $stored_token);
149	}
150
151	public function test_storeAccessToken()
152	{
153	$token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param') );
154	$this->token_storage->storeAccessToken($this->service_name, $token);
155
156	// Confirm that the token is cached
157	$extraParams = $this->token_storage->retrieveAccessToken($this->service_name)->getExtraParams();
158	$this->assertEquals( 'param', $extraParams['extra'] );
159	$this->assertEquals( 'access', $this->token_storage->retrieveAccessToken($this->service_name)->getAccessToken() );
160
161	$row = $this->get_token_row_by_session_id($this->session_id);
162
163	// The token is serialized before stored in the database
164	$this->assertEquals($this->token_storage->json_encode_token($token), $row['oauth_token']);
165	}
166
167	public static function hasAccessToken_data()
168	{
169	return array(
170	array(null, false),
171	array(new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param') ), true),
172	);
173	}
174
175	/**
176	* @dataProvider hasAccessToken_data
177	*/
178	public function test_hasAccessToken($token, $expected)
179	{
180	if ($token)
181	{
182	$this->token_storage->storeAccessToken($this->service_name, $token);
183	}
184
185	$has_access_token = $this->token_storage->hasAccessToken($this->service_name);
186	$this->assertEquals($expected, $has_access_token);
187	}
188
189	/**
190	* @dataProvider hasAccessToken_data
191	*/
192	public function test_has_access_token_by_session($token, $expected)
193	{
194	if ($token)
195	{
196	$this->token_storage->storeAccessToken($this->service_name, $token);
197	}
198
199	$has_access_token = $this->token_storage->has_access_token_by_session($this->service_name);
200	$this->assertEquals($expected, $has_access_token);
201	}
202
203	public function test_clearToken()
204	{
205	$token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param') );
206	$this->token_storage->storeAccessToken($this->service_name, $token);
207
208	$this->token_storage->clearToken($this->service_name);
209
210	// Check that the database has been cleared
211	$row = $this->get_token_row_by_session_id($this->session_id);
212	$this->assertFalse($row);
213
214	// Check that the token is no longer in memory
215	$this->assertFalse($this->token_storage->hasAccessToken($this->service_name));
216	}
217
218	public function test_set_user_id()
219	{
220	$token = new StdOAuth2Token('access', 'refresh', StdOAuth2Token::EOL_NEVER_EXPIRES, array('extra' => 'param') );
221	$this->token_storage->storeAccessToken($this->service_name, $token);
222
223	$new_user_id = ANONYMOUS + 1;
224	$this->token_storage->set_user_id($new_user_id);
225
226	$row = $this->get_token_row_by_session_id($this->session_id);
227	$this->assertEquals($new_user_id, $row['user_id']);
228	}
229
230	protected function get_token_row_by_session_id($session_id)
231	{
232	// Test that the token is stored in the database
233	$sql = 'SELECT * FROM phpbb_oauth_tokens
234	WHERE session_id = \'' . $this->db->sql_escape($session_id) . '\'';
235	$result = $this->db->sql_query($sql);
236	$row = $this->db->sql_fetchrow($result);
237	$this->db->sql_freeresult($result);
238
239	return $row;
240	}
241	}