From 677953067f2bb5502a70f0d004f1ac844b18a128 Mon Sep 17 00:00:00 2001
From: emkael <emkael@tlen.pl>
Date: Mon, 16 Jan 2017 22:04:43 +0100
Subject:  * Facebook support

---
 .../tests/Authentication/AccessTokenMetadata.php   | 138 +++++++++++++++++
 .../tests/Authentication/AccessTokenTest.php       | 111 ++++++++++++++
 .../FooFacebookClientForOAuth2Test.php             |  58 +++++++
 .../tests/Authentication/OAuth2ClientTest.php      | 167 +++++++++++++++++++++
 4 files changed, 474 insertions(+)
 create mode 100644 lib/facebook-graph-sdk/tests/Authentication/AccessTokenMetadata.php
 create mode 100644 lib/facebook-graph-sdk/tests/Authentication/AccessTokenTest.php
 create mode 100644 lib/facebook-graph-sdk/tests/Authentication/FooFacebookClientForOAuth2Test.php
 create mode 100644 lib/facebook-graph-sdk/tests/Authentication/OAuth2ClientTest.php

(limited to 'lib/facebook-graph-sdk/tests/Authentication')

diff --git a/lib/facebook-graph-sdk/tests/Authentication/AccessTokenMetadata.php b/lib/facebook-graph-sdk/tests/Authentication/AccessTokenMetadata.php
new file mode 100644
index 0000000..1b54503
--- /dev/null
+++ b/lib/facebook-graph-sdk/tests/Authentication/AccessTokenMetadata.php
@@ -0,0 +1,138 @@
+<?php
+/**
+ * Copyright 2014 Facebook, Inc.
+ *
+ * You are hereby granted a non-exclusive, worldwide, royalty-free license to
+ * use, copy, modify, and distribute this software in source code or binary
+ * form for use in connection with the web services and APIs provided by
+ * Facebook.
+ *
+ * As with any software that integrates with the Facebook platform, your use
+ * of this software is subject to the Facebook Developer Principles and
+ * Policies [http://developers.facebook.com/policy/]. This copyright notice
+ * shall be included in all copies or substantial portions of the software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+ * DEALINGS IN THE SOFTWARE.
+ *
+ */
+namespace Facebook\Tests\Authentication;
+
+use Facebook\Authentication\AccessTokenMetadata;
+
+class AccessTokenMetadataTest extends \PHPUnit_Framework_TestCase
+{
+
+    protected $graphResponseData = [
+        'data' => [
+            'app_id' => '123',
+            'application' => 'Foo App',
+            'error' => [
+                'code' => 190,
+                'message' => 'Foo error message.',
+                'subcode' => 463,
+            ],
+            'issued_at' => 1422110200,
+            'expires_at' => 1422115200,
+            'is_valid' => false,
+            'metadata' => [
+                'sso' => 'iphone-sso',
+                'auth_type' => 'rerequest',
+                'auth_nonce' => 'no-replicatey',
+            ],
+            'scopes' => ['public_profile', 'basic_info', 'user_friends'],
+            'profile_id' => '1000',
+            'user_id' => '1337',
+        ],
+    ];
+
+    public function testDatesGetCastToDateTime()
+    {
+        $metadata = new AccessTokenMetadata($this->graphResponseData);
+
+        $expires = $metadata->getExpiresAt();
+        $issuedAt = $metadata->getIssuedAt();
+
+        $this->assertInstanceOf('DateTime', $expires);
+        $this->assertInstanceOf('DateTime', $issuedAt);
+    }
+
+    public function testAllTheGettersReturnTheProperValue()
+    {
+        $metadata = new AccessTokenMetadata($this->graphResponseData);
+
+        $this->assertEquals('123', $metadata->getAppId());
+        $this->assertEquals('Foo App', $metadata->getApplication());
+        $this->assertTrue($metadata->isError(), 'Expected an error');
+        $this->assertEquals('190', $metadata->getErrorCode());
+        $this->assertEquals('Foo error message.', $metadata->getErrorMessage());
+        $this->assertEquals('463', $metadata->getErrorSubcode());
+        $this->assertFalse($metadata->getIsValid(), 'Expected the access token to not be valid');
+        $this->assertEquals('iphone-sso', $metadata->getSso());
+        $this->assertEquals('rerequest', $metadata->getAuthType());
+        $this->assertEquals('no-replicatey', $metadata->getAuthNonce());
+        $this->assertEquals('1000', $metadata->getProfileId());
+        $this->assertEquals(['public_profile', 'basic_info', 'user_friends'], $metadata->getScopes());
+        $this->assertEquals('1337', $metadata->getUserId());
+    }
+
+    /**
+     * @expectedException \Facebook\Exceptions\FacebookSDKException
+     */
+    public function testInvalidMetadataWillThrow()
+    {
+        new AccessTokenMetadata(['foo' => 'bar']);
+    }
+
+    public function testAnExpectedAppIdWillNotThrow()
+    {
+        $metadata = new AccessTokenMetadata($this->graphResponseData);
+        $metadata->validateAppId('123');
+    }
+
+    /**
+     * @expectedException \Facebook\Exceptions\FacebookSDKException
+     */
+    public function testAnUnexpectedAppIdWillThrow()
+    {
+        $metadata = new AccessTokenMetadata($this->graphResponseData);
+        $metadata->validateAppId('foo');
+    }
+
+    public function testAnExpectedUserIdWillNotThrow()
+    {
+        $metadata = new AccessTokenMetadata($this->graphResponseData);
+        $metadata->validateUserId('1337');
+    }
+
+    /**
+     * @expectedException \Facebook\Exceptions\FacebookSDKException
+     */
+    public function testAnUnexpectedUserIdWillThrow()
+    {
+        $metadata = new AccessTokenMetadata($this->graphResponseData);
+        $metadata->validateUserId('foo');
+    }
+
+    public function testAnActiveAccessTokenWillNotThrow()
+    {
+        $this->graphResponseData['data']['expires_at'] = time() + 1000;
+        $metadata = new AccessTokenMetadata($this->graphResponseData);
+        $metadata->validateExpiration();
+    }
+
+    /**
+     * @expectedException \Facebook\Exceptions\FacebookSDKException
+     */
+    public function testAnExpiredAccessTokenWillThrow()
+    {
+        $this->graphResponseData['data']['expires_at'] = time() - 1000;
+        $metadata = new AccessTokenMetadata($this->graphResponseData);
+        $metadata->validateExpiration();
+    }
+}
diff --git a/lib/facebook-graph-sdk/tests/Authentication/AccessTokenTest.php b/lib/facebook-graph-sdk/tests/Authentication/AccessTokenTest.php
new file mode 100644
index 0000000..d66a5ba
--- /dev/null
+++ b/lib/facebook-graph-sdk/tests/Authentication/AccessTokenTest.php
@@ -0,0 +1,111 @@
+<?php
+/**
+ * Copyright 2014 Facebook, Inc.
+ *
+ * You are hereby granted a non-exclusive, worldwide, royalty-free license to
+ * use, copy, modify, and distribute this software in source code or binary
+ * form for use in connection with the web services and APIs provided by
+ * Facebook.
+ *
+ * As with any software that integrates with the Facebook platform, your use
+ * of this software is subject to the Facebook Developer Principles and
+ * Policies [http://developers.facebook.com/policy/]. This copyright notice
+ * shall be included in all copies or substantial portions of the software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+ * DEALINGS IN THE SOFTWARE.
+ *
+ */
+namespace Facebook\Tests\Authentication;
+
+use Facebook\Authentication\AccessToken;
+
+class AccessTokenTest extends \PHPUnit_Framework_TestCase
+{
+
+    public function testAnAccessTokenCanBeReturnedAsAString()
+    {
+        $accessToken = new AccessToken('foo_token');
+
+        $this->assertEquals('foo_token', $accessToken->getValue());
+        $this->assertEquals('foo_token', (string)$accessToken);
+    }
+
+    public function testAnAppSecretProofWillBeProperlyGenerated()
+    {
+        $accessToken = new AccessToken('foo_token');
+
+        $appSecretProof = $accessToken->getAppSecretProof('shhhhh!is.my.secret');
+
+        $this->assertEquals('796ba0d8a6b339e476a7b166a9e8ac0a395f7de736dc37de5f2f4397f5854eb8', $appSecretProof);
+    }
+
+    public function testAnAppAccessTokenCanBeDetected()
+    {
+        $normalToken = new AccessToken('foo_token');
+        $isNormalToken = $normalToken->isAppAccessToken();
+
+        $this->assertFalse($isNormalToken, 'Normal access token not expected to look like an app access token.');
+
+        $appToken = new AccessToken('123|secret');
+        $isAppToken = $appToken->isAppAccessToken();
+
+        $this->assertTrue($isAppToken, 'App access token expected to look like an app access token.');
+    }
+
+    public function testShortLivedAccessTokensCanBeDetected()
+    {
+        $anHourAndAHalf = time() + (1.5 * 60);
+        $accessToken = new AccessToken('foo_token', $anHourAndAHalf);
+
+        $isLongLived = $accessToken->isLongLived();
+
+        $this->assertFalse($isLongLived, 'Expected access token to be short lived.');
+    }
+
+    public function testLongLivedAccessTokensCanBeDetected()
+    {
+        $accessToken = new AccessToken('foo_token', $this->aWeekFromNow());
+
+        $isLongLived = $accessToken->isLongLived();
+
+        $this->assertTrue($isLongLived, 'Expected access token to be long lived.');
+    }
+
+    public function testAnAppAccessTokenDoesNotExpire()
+    {
+        $appToken = new AccessToken('123|secret');
+        $hasExpired = $appToken->isExpired();
+
+        $this->assertFalse($hasExpired, 'App access token not expected to expire.');
+    }
+
+    public function testAnAccessTokenCanExpire()
+    {
+        $expireTime = time() - 100;
+        $appToken = new AccessToken('foo_token', $expireTime);
+        $hasExpired = $appToken->isExpired();
+
+        $this->assertTrue($hasExpired, 'Expected 100 second old access token to be expired.');
+    }
+
+    public function testAccessTokenCanBeSerialized()
+    {
+        $accessToken = new AccessToken('foo', time(), 'bar');
+
+        $newAccessToken = unserialize(serialize($accessToken));
+
+        $this->assertEquals((string)$accessToken, (string)$newAccessToken);
+        $this->assertEquals($accessToken->getExpiresAt(), $newAccessToken->getExpiresAt());
+    }
+
+    private function aWeekFromNow()
+    {
+        return time() + (60 * 60 * 24 * 7);//a week from now
+    }
+}
diff --git a/lib/facebook-graph-sdk/tests/Authentication/FooFacebookClientForOAuth2Test.php b/lib/facebook-graph-sdk/tests/Authentication/FooFacebookClientForOAuth2Test.php
new file mode 100644
index 0000000..1199b00
--- /dev/null
+++ b/lib/facebook-graph-sdk/tests/Authentication/FooFacebookClientForOAuth2Test.php
@@ -0,0 +1,58 @@
+<?php
+/**
+ * Copyright 2014 Facebook, Inc.
+ *
+ * You are hereby granted a non-exclusive, worldwide, royalty-free license to
+ * use, copy, modify, and distribute this software in source code or binary
+ * form for use in connection with the web services and APIs provided by
+ * Facebook.
+ *
+ * As with any software that integrates with the Facebook platform, your use
+ * of this software is subject to the Facebook Developer Principles and
+ * Policies [http://developers.facebook.com/policy/]. This copyright notice
+ * shall be included in all copies or substantial portions of the software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+ * DEALINGS IN THE SOFTWARE.
+ *
+ */
+namespace Facebook\Tests\Authentication;
+
+use Facebook\FacebookClient;
+use Facebook\FacebookRequest;
+use Facebook\FacebookResponse;
+
+class FooFacebookClientForOAuth2Test extends FacebookClient
+{
+    protected $response = '';
+
+    public function setMetadataResponse()
+    {
+        $this->response = '{"data":{"user_id":"444"}}';
+    }
+
+    public function setAccessTokenResponse()
+    {
+        $this->response = '{"access_token":"my_access_token","expires":"1422115200"}';
+    }
+
+    public function setCodeResponse()
+    {
+        $this->response = '{"code":"my_neat_code"}';
+    }
+
+    public function sendRequest(FacebookRequest $request)
+    {
+        return new FacebookResponse(
+            $request,
+            $this->response,
+            200,
+            []
+        );
+    }
+}
diff --git a/lib/facebook-graph-sdk/tests/Authentication/OAuth2ClientTest.php b/lib/facebook-graph-sdk/tests/Authentication/OAuth2ClientTest.php
new file mode 100644
index 0000000..72a8e2a
--- /dev/null
+++ b/lib/facebook-graph-sdk/tests/Authentication/OAuth2ClientTest.php
@@ -0,0 +1,167 @@
+<?php
+/**
+ * Copyright 2014 Facebook, Inc.
+ *
+ * You are hereby granted a non-exclusive, worldwide, royalty-free license to
+ * use, copy, modify, and distribute this software in source code or binary
+ * form for use in connection with the web services and APIs provided by
+ * Facebook.
+ *
+ * As with any software that integrates with the Facebook platform, your use
+ * of this software is subject to the Facebook Developer Principles and
+ * Policies [http://developers.facebook.com/policy/]. This copyright notice
+ * shall be included in all copies or substantial portions of the software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+ * DEALINGS IN THE SOFTWARE.
+ *
+ */
+namespace Facebook\Tests\Authentication;
+
+use Mockery as m;
+use Facebook\Facebook;
+use Facebook\FacebookApp;
+use Facebook\Authentication\OAuth2Client;
+
+class OAuth2ClientTest extends \PHPUnit_Framework_TestCase
+{
+
+    /**
+     * @const The foo Graph version
+     */
+    const TESTING_GRAPH_VERSION = 'v1337';
+
+    /**
+     * @var FooFacebookClientForOAuth2Test
+     */
+    protected $client;
+
+    /**
+     * @var OAuth2Client
+     */
+    protected $oauth;
+
+    public function setUp()
+    {
+        $app = new FacebookApp('123', 'foo_secret');
+        $this->client = new FooFacebookClientForOAuth2Test();
+        $this->oauth = new OAuth2Client($app, $this->client, static::TESTING_GRAPH_VERSION);
+    }
+
+    public function testCanGetMetadataFromAnAccessToken()
+    {
+        $this->client->setMetadataResponse();
+
+        $metadata = $this->oauth->debugToken('baz_token');
+
+        $this->assertInstanceOf('Facebook\Authentication\AccessTokenMetadata', $metadata);
+        $this->assertEquals('444', $metadata->getUserId());
+
+        $expectedParams = [
+            'input_token' => 'baz_token',
+            'access_token' => '123|foo_secret',
+            'appsecret_proof' => 'de753c58fd58b03afca2340bbaeb4ecf987b5de4c09e39a63c944dd25efbc234',
+        ];
+
+        $request = $this->oauth->getLastRequest();
+        $this->assertEquals('GET', $request->getMethod());
+        $this->assertEquals('/debug_token', $request->getEndpoint());
+        $this->assertEquals($expectedParams, $request->getParams());
+        $this->assertEquals(static::TESTING_GRAPH_VERSION, $request->getGraphVersion());
+    }
+
+    public function testCanBuildAuthorizationUrl()
+    {
+        $scope = ['email', 'base_foo'];
+        $authUrl = $this->oauth->getAuthorizationUrl('https://foo.bar', 'foo_state', $scope, ['foo' => 'bar'], '*');
+
+        $this->assertContains('*', $authUrl);
+
+        $expectedUrl = 'https://www.facebook.com/' . static::TESTING_GRAPH_VERSION . '/dialog/oauth?';
+        $this->assertTrue(strpos($authUrl, $expectedUrl) === 0, 'Unexpected base authorization URL returned from getAuthorizationUrl().');
+
+        $params = [
+            'client_id' => '123',
+            'redirect_uri' => 'https://foo.bar',
+            'state' => 'foo_state',
+            'sdk' => 'php-sdk-' . Facebook::VERSION,
+            'scope' => implode(',', $scope),
+            'foo' => 'bar',
+        ];
+        foreach ($params as $key => $value) {
+            $this->assertContains($key . '=' . urlencode($value), $authUrl);
+        }
+    }
+
+    public function testCanGetAccessTokenFromCode()
+    {
+        $this->client->setAccessTokenResponse();
+
+        $accessToken = $this->oauth->getAccessTokenFromCode('bar_code', 'foo_uri');
+
+        $this->assertInstanceOf('Facebook\Authentication\AccessToken', $accessToken);
+        $this->assertEquals('my_access_token', $accessToken->getValue());
+
+        $expectedParams = [
+            'code' => 'bar_code',
+            'redirect_uri' => 'foo_uri',
+            'client_id' => '123',
+            'client_secret' => 'foo_secret',
+            'access_token' => '123|foo_secret',
+            'appsecret_proof' => 'de753c58fd58b03afca2340bbaeb4ecf987b5de4c09e39a63c944dd25efbc234',
+        ];
+
+        $request = $this->oauth->getLastRequest();
+        $this->assertEquals('GET', $request->getMethod());
+        $this->assertEquals('/oauth/access_token', $request->getEndpoint());
+        $this->assertEquals($expectedParams, $request->getParams());
+        $this->assertEquals(static::TESTING_GRAPH_VERSION, $request->getGraphVersion());
+    }
+
+    public function testCanGetLongLivedAccessToken()
+    {
+        $this->client->setAccessTokenResponse();
+
+        $accessToken = $this->oauth->getLongLivedAccessToken('short_token');
+
+        $this->assertEquals('my_access_token', $accessToken->getValue());
+
+        $expectedParams = [
+            'grant_type' => 'fb_exchange_token',
+            'fb_exchange_token' => 'short_token',
+            'client_id' => '123',
+            'client_secret' => 'foo_secret',
+            'access_token' => '123|foo_secret',
+            'appsecret_proof' => 'de753c58fd58b03afca2340bbaeb4ecf987b5de4c09e39a63c944dd25efbc234',
+        ];
+
+        $request = $this->oauth->getLastRequest();
+        $this->assertEquals($expectedParams, $request->getParams());
+    }
+
+    public function testCanGetCodeFromLongLivedAccessToken()
+    {
+        $this->client->setCodeResponse();
+
+        $code = $this->oauth->getCodeFromLongLivedAccessToken('long_token', 'foo_uri');
+
+        $this->assertEquals('my_neat_code', $code);
+
+        $expectedParams = [
+            'access_token' => 'long_token',
+            'redirect_uri' => 'foo_uri',
+            'client_id' => '123',
+            'client_secret' => 'foo_secret',
+            'appsecret_proof' => '7e91300ea91be4166282611d4fc700b473466f3ea2981dafbf492fc096995bf1',
+        ];
+
+        $request = $this->oauth->getLastRequest();
+        $this->assertEquals($expectedParams, $request->getParams());
+        $this->assertEquals('/oauth/client_code', $request->getEndpoint());
+    }
+}
-- 
cgit v1.2.3