summaryrefslogtreecommitdiff
path: root/lib/facebook-graph-sdk/tests/Authentication
diff options
context:
space:
mode:
authoremkael <emkael@tlen.pl>2017-01-16 22:04:43 +0100
committeremkael <emkael@tlen.pl>2017-01-16 22:50:24 +0100
commit677953067f2bb5502a70f0d004f1ac844b18a128 (patch)
tree003c26454b543c2a8d73f0602446482fdbbef8db /lib/facebook-graph-sdk/tests/Authentication
parentf7b2bfae9778af2c99e0c7fe7b2634e0f4f0973f (diff)
* Facebook support
Diffstat (limited to 'lib/facebook-graph-sdk/tests/Authentication')
-rw-r--r--lib/facebook-graph-sdk/tests/Authentication/AccessTokenMetadata.php138
-rw-r--r--lib/facebook-graph-sdk/tests/Authentication/AccessTokenTest.php111
-rw-r--r--lib/facebook-graph-sdk/tests/Authentication/FooFacebookClientForOAuth2Test.php58
-rw-r--r--lib/facebook-graph-sdk/tests/Authentication/OAuth2ClientTest.php167
4 files changed, 474 insertions, 0 deletions
diff --git a/lib/facebook-graph-sdk/tests/Authentication/AccessTokenMetadata.php b/lib/facebook-graph-sdk/tests/Authentication/AccessTokenMetadata.php
new file mode 100644
index 0000000..1b54503
--- /dev/null
+++ b/lib/facebook-graph-sdk/tests/Authentication/AccessTokenMetadata.php
@@ -0,0 +1,138 @@
+<?php
+/**
+ * Copyright 2014 Facebook, Inc.
+ *
+ * You are hereby granted a non-exclusive, worldwide, royalty-free license to
+ * use, copy, modify, and distribute this software in source code or binary
+ * form for use in connection with the web services and APIs provided by
+ * Facebook.
+ *
+ * As with any software that integrates with the Facebook platform, your use
+ * of this software is subject to the Facebook Developer Principles and
+ * Policies [http://developers.facebook.com/policy/]. This copyright notice
+ * shall be included in all copies or substantial portions of the software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+ * DEALINGS IN THE SOFTWARE.
+ *
+ */
+namespace Facebook\Tests\Authentication;
+
+use Facebook\Authentication\AccessTokenMetadata;
+
+class AccessTokenMetadataTest extends \PHPUnit_Framework_TestCase
+{
+
+ protected $graphResponseData = [
+ 'data' => [
+ 'app_id' => '123',
+ 'application' => 'Foo App',
+ 'error' => [
+ 'code' => 190,
+ 'message' => 'Foo error message.',
+ 'subcode' => 463,
+ ],
+ 'issued_at' => 1422110200,
+ 'expires_at' => 1422115200,
+ 'is_valid' => false,
+ 'metadata' => [
+ 'sso' => 'iphone-sso',
+ 'auth_type' => 'rerequest',
+ 'auth_nonce' => 'no-replicatey',
+ ],
+ 'scopes' => ['public_profile', 'basic_info', 'user_friends'],
+ 'profile_id' => '1000',
+ 'user_id' => '1337',
+ ],
+ ];
+
+ public function testDatesGetCastToDateTime()
+ {
+ $metadata = new AccessTokenMetadata($this->graphResponseData);
+
+ $expires = $metadata->getExpiresAt();
+ $issuedAt = $metadata->getIssuedAt();
+
+ $this->assertInstanceOf('DateTime', $expires);
+ $this->assertInstanceOf('DateTime', $issuedAt);
+ }
+
+ public function testAllTheGettersReturnTheProperValue()
+ {
+ $metadata = new AccessTokenMetadata($this->graphResponseData);
+
+ $this->assertEquals('123', $metadata->getAppId());
+ $this->assertEquals('Foo App', $metadata->getApplication());
+ $this->assertTrue($metadata->isError(), 'Expected an error');
+ $this->assertEquals('190', $metadata->getErrorCode());
+ $this->assertEquals('Foo error message.', $metadata->getErrorMessage());
+ $this->assertEquals('463', $metadata->getErrorSubcode());
+ $this->assertFalse($metadata->getIsValid(), 'Expected the access token to not be valid');
+ $this->assertEquals('iphone-sso', $metadata->getSso());
+ $this->assertEquals('rerequest', $metadata->getAuthType());
+ $this->assertEquals('no-replicatey', $metadata->getAuthNonce());
+ $this->assertEquals('1000', $metadata->getProfileId());
+ $this->assertEquals(['public_profile', 'basic_info', 'user_friends'], $metadata->getScopes());
+ $this->assertEquals('1337', $metadata->getUserId());
+ }
+
+ /**
+ * @expectedException \Facebook\Exceptions\FacebookSDKException
+ */
+ public function testInvalidMetadataWillThrow()
+ {
+ new AccessTokenMetadata(['foo' => 'bar']);
+ }
+
+ public function testAnExpectedAppIdWillNotThrow()
+ {
+ $metadata = new AccessTokenMetadata($this->graphResponseData);
+ $metadata->validateAppId('123');
+ }
+
+ /**
+ * @expectedException \Facebook\Exceptions\FacebookSDKException
+ */
+ public function testAnUnexpectedAppIdWillThrow()
+ {
+ $metadata = new AccessTokenMetadata($this->graphResponseData);
+ $metadata->validateAppId('foo');
+ }
+
+ public function testAnExpectedUserIdWillNotThrow()
+ {
+ $metadata = new AccessTokenMetadata($this->graphResponseData);
+ $metadata->validateUserId('1337');
+ }
+
+ /**
+ * @expectedException \Facebook\Exceptions\FacebookSDKException
+ */
+ public function testAnUnexpectedUserIdWillThrow()
+ {
+ $metadata = new AccessTokenMetadata($this->graphResponseData);
+ $metadata->validateUserId('foo');
+ }
+
+ public function testAnActiveAccessTokenWillNotThrow()
+ {
+ $this->graphResponseData['data']['expires_at'] = time() + 1000;
+ $metadata = new AccessTokenMetadata($this->graphResponseData);
+ $metadata->validateExpiration();
+ }
+
+ /**
+ * @expectedException \Facebook\Exceptions\FacebookSDKException
+ */
+ public function testAnExpiredAccessTokenWillThrow()
+ {
+ $this->graphResponseData['data']['expires_at'] = time() - 1000;
+ $metadata = new AccessTokenMetadata($this->graphResponseData);
+ $metadata->validateExpiration();
+ }
+}
diff --git a/lib/facebook-graph-sdk/tests/Authentication/AccessTokenTest.php b/lib/facebook-graph-sdk/tests/Authentication/AccessTokenTest.php
new file mode 100644
index 0000000..d66a5ba
--- /dev/null
+++ b/lib/facebook-graph-sdk/tests/Authentication/AccessTokenTest.php
@@ -0,0 +1,111 @@
+<?php
+/**
+ * Copyright 2014 Facebook, Inc.
+ *
+ * You are hereby granted a non-exclusive, worldwide, royalty-free license to
+ * use, copy, modify, and distribute this software in source code or binary
+ * form for use in connection with the web services and APIs provided by
+ * Facebook.
+ *
+ * As with any software that integrates with the Facebook platform, your use
+ * of this software is subject to the Facebook Developer Principles and
+ * Policies [http://developers.facebook.com/policy/]. This copyright notice
+ * shall be included in all copies or substantial portions of the software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+ * DEALINGS IN THE SOFTWARE.
+ *
+ */
+namespace Facebook\Tests\Authentication;
+
+use Facebook\Authentication\AccessToken;
+
+class AccessTokenTest extends \PHPUnit_Framework_TestCase
+{
+
+ public function testAnAccessTokenCanBeReturnedAsAString()
+ {
+ $accessToken = new AccessToken('foo_token');
+
+ $this->assertEquals('foo_token', $accessToken->getValue());
+ $this->assertEquals('foo_token', (string)$accessToken);
+ }
+
+ public function testAnAppSecretProofWillBeProperlyGenerated()
+ {
+ $accessToken = new AccessToken('foo_token');
+
+ $appSecretProof = $accessToken->getAppSecretProof('shhhhh!is.my.secret');
+
+ $this->assertEquals('796ba0d8a6b339e476a7b166a9e8ac0a395f7de736dc37de5f2f4397f5854eb8', $appSecretProof);
+ }
+
+ public function testAnAppAccessTokenCanBeDetected()
+ {
+ $normalToken = new AccessToken('foo_token');
+ $isNormalToken = $normalToken->isAppAccessToken();
+
+ $this->assertFalse($isNormalToken, 'Normal access token not expected to look like an app access token.');
+
+ $appToken = new AccessToken('123|secret');
+ $isAppToken = $appToken->isAppAccessToken();
+
+ $this->assertTrue($isAppToken, 'App access token expected to look like an app access token.');
+ }
+
+ public function testShortLivedAccessTokensCanBeDetected()
+ {
+ $anHourAndAHalf = time() + (1.5 * 60);
+ $accessToken = new AccessToken('foo_token', $anHourAndAHalf);
+
+ $isLongLived = $accessToken->isLongLived();
+
+ $this->assertFalse($isLongLived, 'Expected access token to be short lived.');
+ }
+
+ public function testLongLivedAccessTokensCanBeDetected()
+ {
+ $accessToken = new AccessToken('foo_token', $this->aWeekFromNow());
+
+ $isLongLived = $accessToken->isLongLived();
+
+ $this->assertTrue($isLongLived, 'Expected access token to be long lived.');
+ }
+
+ public function testAnAppAccessTokenDoesNotExpire()
+ {
+ $appToken = new AccessToken('123|secret');
+ $hasExpired = $appToken->isExpired();
+
+ $this->assertFalse($hasExpired, 'App access token not expected to expire.');
+ }
+
+ public function testAnAccessTokenCanExpire()
+ {
+ $expireTime = time() - 100;
+ $appToken = new AccessToken('foo_token', $expireTime);
+ $hasExpired = $appToken->isExpired();
+
+ $this->assertTrue($hasExpired, 'Expected 100 second old access token to be expired.');
+ }
+
+ public function testAccessTokenCanBeSerialized()
+ {
+ $accessToken = new AccessToken('foo', time(), 'bar');
+
+ $newAccessToken = unserialize(serialize($accessToken));
+
+ $this->assertEquals((string)$accessToken, (string)$newAccessToken);
+ $this->assertEquals($accessToken->getExpiresAt(), $newAccessToken->getExpiresAt());
+ }
+
+ private function aWeekFromNow()
+ {
+ return time() + (60 * 60 * 24 * 7);//a week from now
+ }
+}
diff --git a/lib/facebook-graph-sdk/tests/Authentication/FooFacebookClientForOAuth2Test.php b/lib/facebook-graph-sdk/tests/Authentication/FooFacebookClientForOAuth2Test.php
new file mode 100644
index 0000000..1199b00
--- /dev/null
+++ b/lib/facebook-graph-sdk/tests/Authentication/FooFacebookClientForOAuth2Test.php
@@ -0,0 +1,58 @@
+<?php
+/**
+ * Copyright 2014 Facebook, Inc.
+ *
+ * You are hereby granted a non-exclusive, worldwide, royalty-free license to
+ * use, copy, modify, and distribute this software in source code or binary
+ * form for use in connection with the web services and APIs provided by
+ * Facebook.
+ *
+ * As with any software that integrates with the Facebook platform, your use
+ * of this software is subject to the Facebook Developer Principles and
+ * Policies [http://developers.facebook.com/policy/]. This copyright notice
+ * shall be included in all copies or substantial portions of the software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+ * DEALINGS IN THE SOFTWARE.
+ *
+ */
+namespace Facebook\Tests\Authentication;
+
+use Facebook\FacebookClient;
+use Facebook\FacebookRequest;
+use Facebook\FacebookResponse;
+
+class FooFacebookClientForOAuth2Test extends FacebookClient
+{
+ protected $response = '';
+
+ public function setMetadataResponse()
+ {
+ $this->response = '{"data":{"user_id":"444"}}';
+ }
+
+ public function setAccessTokenResponse()
+ {
+ $this->response = '{"access_token":"my_access_token","expires":"1422115200"}';
+ }
+
+ public function setCodeResponse()
+ {
+ $this->response = '{"code":"my_neat_code"}';
+ }
+
+ public function sendRequest(FacebookRequest $request)
+ {
+ return new FacebookResponse(
+ $request,
+ $this->response,
+ 200,
+ []
+ );
+ }
+}
diff --git a/lib/facebook-graph-sdk/tests/Authentication/OAuth2ClientTest.php b/lib/facebook-graph-sdk/tests/Authentication/OAuth2ClientTest.php
new file mode 100644
index 0000000..72a8e2a
--- /dev/null
+++ b/lib/facebook-graph-sdk/tests/Authentication/OAuth2ClientTest.php
@@ -0,0 +1,167 @@
+<?php
+/**
+ * Copyright 2014 Facebook, Inc.
+ *
+ * You are hereby granted a non-exclusive, worldwide, royalty-free license to
+ * use, copy, modify, and distribute this software in source code or binary
+ * form for use in connection with the web services and APIs provided by
+ * Facebook.
+ *
+ * As with any software that integrates with the Facebook platform, your use
+ * of this software is subject to the Facebook Developer Principles and
+ * Policies [http://developers.facebook.com/policy/]. This copyright notice
+ * shall be included in all copies or substantial portions of the software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+ * DEALINGS IN THE SOFTWARE.
+ *
+ */
+namespace Facebook\Tests\Authentication;
+
+use Mockery as m;
+use Facebook\Facebook;
+use Facebook\FacebookApp;
+use Facebook\Authentication\OAuth2Client;
+
+class OAuth2ClientTest extends \PHPUnit_Framework_TestCase
+{
+
+ /**
+ * @const The foo Graph version
+ */
+ const TESTING_GRAPH_VERSION = 'v1337';
+
+ /**
+ * @var FooFacebookClientForOAuth2Test
+ */
+ protected $client;
+
+ /**
+ * @var OAuth2Client
+ */
+ protected $oauth;
+
+ public function setUp()
+ {
+ $app = new FacebookApp('123', 'foo_secret');
+ $this->client = new FooFacebookClientForOAuth2Test();
+ $this->oauth = new OAuth2Client($app, $this->client, static::TESTING_GRAPH_VERSION);
+ }
+
+ public function testCanGetMetadataFromAnAccessToken()
+ {
+ $this->client->setMetadataResponse();
+
+ $metadata = $this->oauth->debugToken('baz_token');
+
+ $this->assertInstanceOf('Facebook\Authentication\AccessTokenMetadata', $metadata);
+ $this->assertEquals('444', $metadata->getUserId());
+
+ $expectedParams = [
+ 'input_token' => 'baz_token',
+ 'access_token' => '123|foo_secret',
+ 'appsecret_proof' => 'de753c58fd58b03afca2340bbaeb4ecf987b5de4c09e39a63c944dd25efbc234',
+ ];
+
+ $request = $this->oauth->getLastRequest();
+ $this->assertEquals('GET', $request->getMethod());
+ $this->assertEquals('/debug_token', $request->getEndpoint());
+ $this->assertEquals($expectedParams, $request->getParams());
+ $this->assertEquals(static::TESTING_GRAPH_VERSION, $request->getGraphVersion());
+ }
+
+ public function testCanBuildAuthorizationUrl()
+ {
+ $scope = ['email', 'base_foo'];
+ $authUrl = $this->oauth->getAuthorizationUrl('https://foo.bar', 'foo_state', $scope, ['foo' => 'bar'], '*');
+
+ $this->assertContains('*', $authUrl);
+
+ $expectedUrl = 'https://www.facebook.com/' . static::TESTING_GRAPH_VERSION . '/dialog/oauth?';
+ $this->assertTrue(strpos($authUrl, $expectedUrl) === 0, 'Unexpected base authorization URL returned from getAuthorizationUrl().');
+
+ $params = [
+ 'client_id' => '123',
+ 'redirect_uri' => 'https://foo.bar',
+ 'state' => 'foo_state',
+ 'sdk' => 'php-sdk-' . Facebook::VERSION,
+ 'scope' => implode(',', $scope),
+ 'foo' => 'bar',
+ ];
+ foreach ($params as $key => $value) {
+ $this->assertContains($key . '=' . urlencode($value), $authUrl);
+ }
+ }
+
+ public function testCanGetAccessTokenFromCode()
+ {
+ $this->client->setAccessTokenResponse();
+
+ $accessToken = $this->oauth->getAccessTokenFromCode('bar_code', 'foo_uri');
+
+ $this->assertInstanceOf('Facebook\Authentication\AccessToken', $accessToken);
+ $this->assertEquals('my_access_token', $accessToken->getValue());
+
+ $expectedParams = [
+ 'code' => 'bar_code',
+ 'redirect_uri' => 'foo_uri',
+ 'client_id' => '123',
+ 'client_secret' => 'foo_secret',
+ 'access_token' => '123|foo_secret',
+ 'appsecret_proof' => 'de753c58fd58b03afca2340bbaeb4ecf987b5de4c09e39a63c944dd25efbc234',
+ ];
+
+ $request = $this->oauth->getLastRequest();
+ $this->assertEquals('GET', $request->getMethod());
+ $this->assertEquals('/oauth/access_token', $request->getEndpoint());
+ $this->assertEquals($expectedParams, $request->getParams());
+ $this->assertEquals(static::TESTING_GRAPH_VERSION, $request->getGraphVersion());
+ }
+
+ public function testCanGetLongLivedAccessToken()
+ {
+ $this->client->setAccessTokenResponse();
+
+ $accessToken = $this->oauth->getLongLivedAccessToken('short_token');
+
+ $this->assertEquals('my_access_token', $accessToken->getValue());
+
+ $expectedParams = [
+ 'grant_type' => 'fb_exchange_token',
+ 'fb_exchange_token' => 'short_token',
+ 'client_id' => '123',
+ 'client_secret' => 'foo_secret',
+ 'access_token' => '123|foo_secret',
+ 'appsecret_proof' => 'de753c58fd58b03afca2340bbaeb4ecf987b5de4c09e39a63c944dd25efbc234',
+ ];
+
+ $request = $this->oauth->getLastRequest();
+ $this->assertEquals($expectedParams, $request->getParams());
+ }
+
+ public function testCanGetCodeFromLongLivedAccessToken()
+ {
+ $this->client->setCodeResponse();
+
+ $code = $this->oauth->getCodeFromLongLivedAccessToken('long_token', 'foo_uri');
+
+ $this->assertEquals('my_neat_code', $code);
+
+ $expectedParams = [
+ 'access_token' => 'long_token',
+ 'redirect_uri' => 'foo_uri',
+ 'client_id' => '123',
+ 'client_secret' => 'foo_secret',
+ 'appsecret_proof' => '7e91300ea91be4166282611d4fc700b473466f3ea2981dafbf492fc096995bf1',
+ ];
+
+ $request = $this->oauth->getLastRequest();
+ $this->assertEquals($expectedParams, $request->getParams());
+ $this->assertEquals('/oauth/client_code', $request->getEndpoint());
+ }
+}