diff options
| author | emkael <emkael@tlen.pl> | 2017-01-16 22:04:43 +0100 |
|---|---|---|
| committer | emkael <emkael@tlen.pl> | 2017-01-16 22:50:24 +0100 |
| commit | 677953067f2bb5502a70f0d004f1ac844b18a128 (patch) | |
| tree | 003c26454b543c2a8d73f0602446482fdbbef8db /lib/facebook-graph-sdk/tests/Authentication | |
| parent | f7b2bfae9778af2c99e0c7fe7b2634e0f4f0973f (diff) | |
* Facebook support
Diffstat (limited to 'lib/facebook-graph-sdk/tests/Authentication')
4 files changed, 474 insertions, 0 deletions
diff --git a/lib/facebook-graph-sdk/tests/Authentication/AccessTokenMetadata.php b/lib/facebook-graph-sdk/tests/Authentication/AccessTokenMetadata.php new file mode 100644 index 0000000..1b54503 --- /dev/null +++ b/lib/facebook-graph-sdk/tests/Authentication/AccessTokenMetadata.php @@ -0,0 +1,138 @@ +<?php +/** + * Copyright 2014 Facebook, Inc. + * + * You are hereby granted a non-exclusive, worldwide, royalty-free license to + * use, copy, modify, and distribute this software in source code or binary + * form for use in connection with the web services and APIs provided by + * Facebook. + * + * As with any software that integrates with the Facebook platform, your use + * of this software is subject to the Facebook Developer Principles and + * Policies [http://developers.facebook.com/policy/]. This copyright notice + * shall be included in all copies or substantial portions of the software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL + * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER + * DEALINGS IN THE SOFTWARE. + * + */ +namespace Facebook\Tests\Authentication; + +use Facebook\Authentication\AccessTokenMetadata; + +class AccessTokenMetadataTest extends \PHPUnit_Framework_TestCase +{ + + protected $graphResponseData = [ + 'data' => [ + 'app_id' => '123', + 'application' => 'Foo App', + 'error' => [ + 'code' => 190, + 'message' => 'Foo error message.', + 'subcode' => 463, + ], + 'issued_at' => 1422110200, + 'expires_at' => 1422115200, + 'is_valid' => false, + 'metadata' => [ + 'sso' => 'iphone-sso', + 'auth_type' => 'rerequest', + 'auth_nonce' => 'no-replicatey', + ], + 'scopes' => ['public_profile', 'basic_info', 'user_friends'], + 'profile_id' => '1000', + 'user_id' => '1337', + ], + ]; + + public function testDatesGetCastToDateTime() + { + $metadata = new AccessTokenMetadata($this->graphResponseData); + + $expires = $metadata->getExpiresAt(); + $issuedAt = $metadata->getIssuedAt(); + + $this->assertInstanceOf('DateTime', $expires); + $this->assertInstanceOf('DateTime', $issuedAt); + } + + public function testAllTheGettersReturnTheProperValue() + { + $metadata = new AccessTokenMetadata($this->graphResponseData); + + $this->assertEquals('123', $metadata->getAppId()); + $this->assertEquals('Foo App', $metadata->getApplication()); + $this->assertTrue($metadata->isError(), 'Expected an error'); + $this->assertEquals('190', $metadata->getErrorCode()); + $this->assertEquals('Foo error message.', $metadata->getErrorMessage()); + $this->assertEquals('463', $metadata->getErrorSubcode()); + $this->assertFalse($metadata->getIsValid(), 'Expected the access token to not be valid'); + $this->assertEquals('iphone-sso', $metadata->getSso()); + $this->assertEquals('rerequest', $metadata->getAuthType()); + $this->assertEquals('no-replicatey', $metadata->getAuthNonce()); + $this->assertEquals('1000', $metadata->getProfileId()); + $this->assertEquals(['public_profile', 'basic_info', 'user_friends'], $metadata->getScopes()); + $this->assertEquals('1337', $metadata->getUserId()); + } + + /** + * @expectedException \Facebook\Exceptions\FacebookSDKException + */ + public function testInvalidMetadataWillThrow() + { + new AccessTokenMetadata(['foo' => 'bar']); + } + + public function testAnExpectedAppIdWillNotThrow() + { + $metadata = new AccessTokenMetadata($this->graphResponseData); + $metadata->validateAppId('123'); + } + + /** + * @expectedException \Facebook\Exceptions\FacebookSDKException + */ + public function testAnUnexpectedAppIdWillThrow() + { + $metadata = new AccessTokenMetadata($this->graphResponseData); + $metadata->validateAppId('foo'); + } + + public function testAnExpectedUserIdWillNotThrow() + { + $metadata = new AccessTokenMetadata($this->graphResponseData); + $metadata->validateUserId('1337'); + } + + /** + * @expectedException \Facebook\Exceptions\FacebookSDKException + */ + public function testAnUnexpectedUserIdWillThrow() + { + $metadata = new AccessTokenMetadata($this->graphResponseData); + $metadata->validateUserId('foo'); + } + + public function testAnActiveAccessTokenWillNotThrow() + { + $this->graphResponseData['data']['expires_at'] = time() + 1000; + $metadata = new AccessTokenMetadata($this->graphResponseData); + $metadata->validateExpiration(); + } + + /** + * @expectedException \Facebook\Exceptions\FacebookSDKException + */ + public function testAnExpiredAccessTokenWillThrow() + { + $this->graphResponseData['data']['expires_at'] = time() - 1000; + $metadata = new AccessTokenMetadata($this->graphResponseData); + $metadata->validateExpiration(); + } +} diff --git a/lib/facebook-graph-sdk/tests/Authentication/AccessTokenTest.php b/lib/facebook-graph-sdk/tests/Authentication/AccessTokenTest.php new file mode 100644 index 0000000..d66a5ba --- /dev/null +++ b/lib/facebook-graph-sdk/tests/Authentication/AccessTokenTest.php @@ -0,0 +1,111 @@ +<?php +/** + * Copyright 2014 Facebook, Inc. + * + * You are hereby granted a non-exclusive, worldwide, royalty-free license to + * use, copy, modify, and distribute this software in source code or binary + * form for use in connection with the web services and APIs provided by + * Facebook. + * + * As with any software that integrates with the Facebook platform, your use + * of this software is subject to the Facebook Developer Principles and + * Policies [http://developers.facebook.com/policy/]. This copyright notice + * shall be included in all copies or substantial portions of the software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL + * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER + * DEALINGS IN THE SOFTWARE. + * + */ +namespace Facebook\Tests\Authentication; + +use Facebook\Authentication\AccessToken; + +class AccessTokenTest extends \PHPUnit_Framework_TestCase +{ + + public function testAnAccessTokenCanBeReturnedAsAString() + { + $accessToken = new AccessToken('foo_token'); + + $this->assertEquals('foo_token', $accessToken->getValue()); + $this->assertEquals('foo_token', (string)$accessToken); + } + + public function testAnAppSecretProofWillBeProperlyGenerated() + { + $accessToken = new AccessToken('foo_token'); + + $appSecretProof = $accessToken->getAppSecretProof('shhhhh!is.my.secret'); + + $this->assertEquals('796ba0d8a6b339e476a7b166a9e8ac0a395f7de736dc37de5f2f4397f5854eb8', $appSecretProof); + } + + public function testAnAppAccessTokenCanBeDetected() + { + $normalToken = new AccessToken('foo_token'); + $isNormalToken = $normalToken->isAppAccessToken(); + + $this->assertFalse($isNormalToken, 'Normal access token not expected to look like an app access token.'); + + $appToken = new AccessToken('123|secret'); + $isAppToken = $appToken->isAppAccessToken(); + + $this->assertTrue($isAppToken, 'App access token expected to look like an app access token.'); + } + + public function testShortLivedAccessTokensCanBeDetected() + { + $anHourAndAHalf = time() + (1.5 * 60); + $accessToken = new AccessToken('foo_token', $anHourAndAHalf); + + $isLongLived = $accessToken->isLongLived(); + + $this->assertFalse($isLongLived, 'Expected access token to be short lived.'); + } + + public function testLongLivedAccessTokensCanBeDetected() + { + $accessToken = new AccessToken('foo_token', $this->aWeekFromNow()); + + $isLongLived = $accessToken->isLongLived(); + + $this->assertTrue($isLongLived, 'Expected access token to be long lived.'); + } + + public function testAnAppAccessTokenDoesNotExpire() + { + $appToken = new AccessToken('123|secret'); + $hasExpired = $appToken->isExpired(); + + $this->assertFalse($hasExpired, 'App access token not expected to expire.'); + } + + public function testAnAccessTokenCanExpire() + { + $expireTime = time() - 100; + $appToken = new AccessToken('foo_token', $expireTime); + $hasExpired = $appToken->isExpired(); + + $this->assertTrue($hasExpired, 'Expected 100 second old access token to be expired.'); + } + + public function testAccessTokenCanBeSerialized() + { + $accessToken = new AccessToken('foo', time(), 'bar'); + + $newAccessToken = unserialize(serialize($accessToken)); + + $this->assertEquals((string)$accessToken, (string)$newAccessToken); + $this->assertEquals($accessToken->getExpiresAt(), $newAccessToken->getExpiresAt()); + } + + private function aWeekFromNow() + { + return time() + (60 * 60 * 24 * 7);//a week from now + } +} diff --git a/lib/facebook-graph-sdk/tests/Authentication/FooFacebookClientForOAuth2Test.php b/lib/facebook-graph-sdk/tests/Authentication/FooFacebookClientForOAuth2Test.php new file mode 100644 index 0000000..1199b00 --- /dev/null +++ b/lib/facebook-graph-sdk/tests/Authentication/FooFacebookClientForOAuth2Test.php @@ -0,0 +1,58 @@ +<?php +/** + * Copyright 2014 Facebook, Inc. + * + * You are hereby granted a non-exclusive, worldwide, royalty-free license to + * use, copy, modify, and distribute this software in source code or binary + * form for use in connection with the web services and APIs provided by + * Facebook. + * + * As with any software that integrates with the Facebook platform, your use + * of this software is subject to the Facebook Developer Principles and + * Policies [http://developers.facebook.com/policy/]. This copyright notice + * shall be included in all copies or substantial portions of the software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL + * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER + * DEALINGS IN THE SOFTWARE. + * + */ +namespace Facebook\Tests\Authentication; + +use Facebook\FacebookClient; +use Facebook\FacebookRequest; +use Facebook\FacebookResponse; + +class FooFacebookClientForOAuth2Test extends FacebookClient +{ + protected $response = ''; + + public function setMetadataResponse() + { + $this->response = '{"data":{"user_id":"444"}}'; + } + + public function setAccessTokenResponse() + { + $this->response = '{"access_token":"my_access_token","expires":"1422115200"}'; + } + + public function setCodeResponse() + { + $this->response = '{"code":"my_neat_code"}'; + } + + public function sendRequest(FacebookRequest $request) + { + return new FacebookResponse( + $request, + $this->response, + 200, + [] + ); + } +} diff --git a/lib/facebook-graph-sdk/tests/Authentication/OAuth2ClientTest.php b/lib/facebook-graph-sdk/tests/Authentication/OAuth2ClientTest.php new file mode 100644 index 0000000..72a8e2a --- /dev/null +++ b/lib/facebook-graph-sdk/tests/Authentication/OAuth2ClientTest.php @@ -0,0 +1,167 @@ +<?php +/** + * Copyright 2014 Facebook, Inc. + * + * You are hereby granted a non-exclusive, worldwide, royalty-free license to + * use, copy, modify, and distribute this software in source code or binary + * form for use in connection with the web services and APIs provided by + * Facebook. + * + * As with any software that integrates with the Facebook platform, your use + * of this software is subject to the Facebook Developer Principles and + * Policies [http://developers.facebook.com/policy/]. This copyright notice + * shall be included in all copies or substantial portions of the software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL + * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER + * DEALINGS IN THE SOFTWARE. + * + */ +namespace Facebook\Tests\Authentication; + +use Mockery as m; +use Facebook\Facebook; +use Facebook\FacebookApp; +use Facebook\Authentication\OAuth2Client; + +class OAuth2ClientTest extends \PHPUnit_Framework_TestCase +{ + + /** + * @const The foo Graph version + */ + const TESTING_GRAPH_VERSION = 'v1337'; + + /** + * @var FooFacebookClientForOAuth2Test + */ + protected $client; + + /** + * @var OAuth2Client + */ + protected $oauth; + + public function setUp() + { + $app = new FacebookApp('123', 'foo_secret'); + $this->client = new FooFacebookClientForOAuth2Test(); + $this->oauth = new OAuth2Client($app, $this->client, static::TESTING_GRAPH_VERSION); + } + + public function testCanGetMetadataFromAnAccessToken() + { + $this->client->setMetadataResponse(); + + $metadata = $this->oauth->debugToken('baz_token'); + + $this->assertInstanceOf('Facebook\Authentication\AccessTokenMetadata', $metadata); + $this->assertEquals('444', $metadata->getUserId()); + + $expectedParams = [ + 'input_token' => 'baz_token', + 'access_token' => '123|foo_secret', + 'appsecret_proof' => 'de753c58fd58b03afca2340bbaeb4ecf987b5de4c09e39a63c944dd25efbc234', + ]; + + $request = $this->oauth->getLastRequest(); + $this->assertEquals('GET', $request->getMethod()); + $this->assertEquals('/debug_token', $request->getEndpoint()); + $this->assertEquals($expectedParams, $request->getParams()); + $this->assertEquals(static::TESTING_GRAPH_VERSION, $request->getGraphVersion()); + } + + public function testCanBuildAuthorizationUrl() + { + $scope = ['email', 'base_foo']; + $authUrl = $this->oauth->getAuthorizationUrl('https://foo.bar', 'foo_state', $scope, ['foo' => 'bar'], '*'); + + $this->assertContains('*', $authUrl); + + $expectedUrl = 'https://www.facebook.com/' . static::TESTING_GRAPH_VERSION . '/dialog/oauth?'; + $this->assertTrue(strpos($authUrl, $expectedUrl) === 0, 'Unexpected base authorization URL returned from getAuthorizationUrl().'); + + $params = [ + 'client_id' => '123', + 'redirect_uri' => 'https://foo.bar', + 'state' => 'foo_state', + 'sdk' => 'php-sdk-' . Facebook::VERSION, + 'scope' => implode(',', $scope), + 'foo' => 'bar', + ]; + foreach ($params as $key => $value) { + $this->assertContains($key . '=' . urlencode($value), $authUrl); + } + } + + public function testCanGetAccessTokenFromCode() + { + $this->client->setAccessTokenResponse(); + + $accessToken = $this->oauth->getAccessTokenFromCode('bar_code', 'foo_uri'); + + $this->assertInstanceOf('Facebook\Authentication\AccessToken', $accessToken); + $this->assertEquals('my_access_token', $accessToken->getValue()); + + $expectedParams = [ + 'code' => 'bar_code', + 'redirect_uri' => 'foo_uri', + 'client_id' => '123', + 'client_secret' => 'foo_secret', + 'access_token' => '123|foo_secret', + 'appsecret_proof' => 'de753c58fd58b03afca2340bbaeb4ecf987b5de4c09e39a63c944dd25efbc234', + ]; + + $request = $this->oauth->getLastRequest(); + $this->assertEquals('GET', $request->getMethod()); + $this->assertEquals('/oauth/access_token', $request->getEndpoint()); + $this->assertEquals($expectedParams, $request->getParams()); + $this->assertEquals(static::TESTING_GRAPH_VERSION, $request->getGraphVersion()); + } + + public function testCanGetLongLivedAccessToken() + { + $this->client->setAccessTokenResponse(); + + $accessToken = $this->oauth->getLongLivedAccessToken('short_token'); + + $this->assertEquals('my_access_token', $accessToken->getValue()); + + $expectedParams = [ + 'grant_type' => 'fb_exchange_token', + 'fb_exchange_token' => 'short_token', + 'client_id' => '123', + 'client_secret' => 'foo_secret', + 'access_token' => '123|foo_secret', + 'appsecret_proof' => 'de753c58fd58b03afca2340bbaeb4ecf987b5de4c09e39a63c944dd25efbc234', + ]; + + $request = $this->oauth->getLastRequest(); + $this->assertEquals($expectedParams, $request->getParams()); + } + + public function testCanGetCodeFromLongLivedAccessToken() + { + $this->client->setCodeResponse(); + + $code = $this->oauth->getCodeFromLongLivedAccessToken('long_token', 'foo_uri'); + + $this->assertEquals('my_neat_code', $code); + + $expectedParams = [ + 'access_token' => 'long_token', + 'redirect_uri' => 'foo_uri', + 'client_id' => '123', + 'client_secret' => 'foo_secret', + 'appsecret_proof' => '7e91300ea91be4166282611d4fc700b473466f3ea2981dafbf492fc096995bf1', + ]; + + $request = $this->oauth->getLastRequest(); + $this->assertEquals($expectedParams, $request->getParams()); + $this->assertEquals('/oauth/client_code', $request->getEndpoint()); + } +} |