summaryrefslogtreecommitdiff
path: root/vendor/jumbojett/openid-connect-php/tests
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/jumbojett/openid-connect-php/tests')
-rw-r--r--vendor/jumbojett/openid-connect-php/tests/OpenIDConnectClientTest.php65
-rw-r--r--vendor/jumbojett/openid-connect-php/tests/TokenVerificationTest.php34
-rw-r--r--vendor/jumbojett/openid-connect-php/tests/data/jwks-ps256.json12
3 files changed, 111 insertions, 0 deletions
diff --git a/vendor/jumbojett/openid-connect-php/tests/OpenIDConnectClientTest.php b/vendor/jumbojett/openid-connect-php/tests/OpenIDConnectClientTest.php
new file mode 100644
index 0000000..7abf311
--- /dev/null
+++ b/vendor/jumbojett/openid-connect-php/tests/OpenIDConnectClientTest.php
@@ -0,0 +1,65 @@
+<?php
+
+use Jumbojett\OpenIDConnectClient;
+use Jumbojett\OpenIDConnectClientException;
+use PHPUnit\Framework\MockObject\MockObject;
+use Yoast\PHPUnitPolyfills\TestCases\TestCase;
+
+class OpenIDConnectClientTest extends TestCase
+{
+ /**
+ * @return void
+ */
+ public function testGetRedirectURL()
+ {
+ $client = new OpenIDConnectClient();
+
+ self::assertSame('http:///', $client->getRedirectURL());
+
+ $_SERVER['SERVER_NAME'] = 'domain.test';
+ $_SERVER['REQUEST_URI'] = '/path/index.php?foo=bar&baz#fragment';
+ self::assertSame('http://domain.test/path/index.php', $client->getRedirectURL());
+ }
+
+ public function testAuthenticateDoesNotThrowExceptionIfClaimsIsMissingNonce()
+ {
+ $fakeClaims = new \StdClass();
+ $fakeClaims->iss = 'fake-issuer';
+ $fakeClaims->aud = 'fake-client-id';
+ $fakeClaims->nonce = null;
+
+ $_REQUEST['id_token'] = 'abc.123.xyz';
+ $_REQUEST['state'] = false;
+ $_SESSION['openid_connect_state'] = false;
+
+ /** @var OpenIDConnectClient | MockObject $client */
+ $client = $this->getMockBuilder(OpenIDConnectClient::class)->setMethods(['decodeJWT', 'getProviderConfigValue', 'verifyJWTsignature'])->getMock();
+ $client->method('decodeJWT')->willReturn($fakeClaims);
+ $client->method('getProviderConfigValue')->with('jwks_uri')->willReturn(true);
+ $client->method('verifyJWTsignature')->willReturn(true);
+
+ $client->setClientID('fake-client-id');
+ $client->setIssuer('fake-issuer');
+ $client->setIssuerValidator(function() {
+ return true;
+ });
+ $client->setAllowImplicitFlow(true);
+ $client->setProviderURL('https://jwt.io/');
+
+ try {
+ $authenticated = $client->authenticate();
+ $this->assertTrue($authenticated);
+ } catch ( OpenIDConnectClientException $e ) {
+ if ( $e->getMessage() === 'Unable to verify JWT claims' ) {
+ self::fail( 'OpenIDConnectClientException was thrown when it should not have been.' );
+ }
+ }
+ }
+
+ public function testSerialize()
+ {
+ $client = new OpenIDConnectClient('https://example.com', 'foo', 'bar', 'baz');
+ $serialized = serialize($client);
+ $this->assertInstanceOf('Jumbojett\OpenIDConnectClient', unserialize($serialized));
+ }
+}
diff --git a/vendor/jumbojett/openid-connect-php/tests/TokenVerificationTest.php b/vendor/jumbojett/openid-connect-php/tests/TokenVerificationTest.php
new file mode 100644
index 0000000..5844992
--- /dev/null
+++ b/vendor/jumbojett/openid-connect-php/tests/TokenVerificationTest.php
@@ -0,0 +1,34 @@
+<?php
+
+
+use Jumbojett\OpenIDConnectClient;
+use PHPUnit\Framework\MockObject\MockObject;
+use Yoast\PHPUnitPolyfills\TestCases\TestCase;
+
+class TokenVerificationTest extends TestCase
+{
+ /**
+ * @param $alg
+ * @param $jwt
+ * @throws \Jumbojett\OpenIDConnectClientException
+ * @dataProvider providesTokens
+ */
+ public function testTokenVerification($alg, $jwt)
+ {
+ /** @var OpenIDConnectClient | MockObject $client */
+ $client = $this->getMockBuilder(OpenIDConnectClient::class)->setMethods(['fetchUrl'])->getMock();
+ $client->method('fetchUrl')->willReturn(file_get_contents(__DIR__ . "/data/jwks-$alg.json"));
+ $client->setProviderURL('https://jwt.io/');
+ $client->providerConfigParam(['jwks_uri' => 'https://jwt.io/.well-known/jwks.json']);
+ $verified = $client->verifyJWTsignature($jwt);
+ self::assertTrue($verified);
+ $client->setAccessToken($jwt);
+ }
+
+ public function providesTokens()
+ {
+ return [
+ 'PS256' => ['ps256', 'eyJhbGciOiJQUzI1NiIsImtpZCI6Imtvbm5lY3RkLXRva2Vucy1zaWduaW5nLWtleSIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJrcG9wLWh0dHBzOi8va29wYW5vLmRlbW8vbWVldC8iLCJleHAiOjE1NjgzNzE0NjEsImp0aSI6IkpkR0tDbEdOTXl2VXJpcmlRRUlWUXZCVmttT2FfQkRjIiwiaWF0IjoxNTY4MzcxMjIxLCJpc3MiOiJodHRwczovL2tvcGFuby5kZW1vIiwic3ViIjoiUHpUVWp3NHBlXzctWE5rWlBILXJxVHE0MTQ1Z3lDdlRvQmk4V1E5bFBrcW5rbEc1aktvRU5LM21Qb0I1WGY1ZTM5dFRMR2RKWXBMNEJubXFnelpaX0FAa29ubmVjdCIsImtjLmlzQWNjZXNzVG9rZW4iOnRydWUsImtjLmF1dGhvcml6ZWRTY29wZXMiOlsicHJvZmlsZSIsImVtYWlsIiwia29wYW5vL2t3bSIsImtvcGFuby9nYyIsImtvcGFuby9rdnMiLCJvcGVuaWQiXSwia2MuYXV0aG9yaXplZENsYWltcyI6eyJpZF90b2tlbiI6eyJuYW1lIjpudWxsfX0sImtjLmlkZW50aXR5Ijp7ImtjLmkuZG4iOiJKb25hcyBCcmVra2UiLCJrYy5pLmlkIjoiQUFBQUFLd2hxVkJBMCs1SXN4bjdwMU13UkNVQkFBQUFCZ0FBQUJzQUFBQk5VVDA5QUFBQUFBPT0iLCJrYy5pLnVuIjoidXNlcjEiLCJrYy5pLnVzIjoiTVEifSwia2MucHJvdmlkZXIiOiJpZGVudGlmaWVyLWtjIn0.hGRuXvul2kOiALHexwYp5MBEJVwz1YV3ehyM3AOuwCoK2w5sJxdciqqY_TfXCKyO6nAEbYLK3J0CBOjfup_IG0aCZcwzjto8khYlc4ezXkGnFsbJBNQdDGkpHtWnioWx-OJ3cXvY9F8aOvjaq0gw11ZDAcqQl0g7LTbJ9-J_yx0pmy3NGai2JB30Fh1OgSDzYfxWnE0RRgZG-x68e65RXfSBaEGW85OUh4wihxO2zdTGAHJ3Iq_-QAG4yRbXZtLx3ZspG7LNmqG-YE3huy3Rd8u3xrJNhmUOfEnz3x07q7VW0cj9NedX98BAbj3iNvksQsE0oG0J_f_Tu8Ai8VbWB72sJuXZWxANDKdz0BBYLzXhsjXkNByRq9x3zqDVsX-cVHei_XudxEOVRBjhkvW2MmIjcAHNKCKsdar865-gFG9McP4PCcBlY28tC0Cvnzyi83LBfpGRXdl6MJunnUsKQ1C79iCoVI1doK1erFN959Q-TGJfJA3Tr5LNpuGawB5rpe1nDGWvmYhg3uYfNl8uTTyvNgvvejcflEb2DURuXdqABuSiP7RkDWYtzx6mq49G0tRxelBbvyjQ2id2QjmRRdQ6dHEZ2NCJ51b8OFoDJBtxN1CD62TTxa3FUqCdZAPAUR3hHn_69vYq82MR514s-Gb67A6j2PbMPFATQP2UdK8']
+ ];
+ }
+}
diff --git a/vendor/jumbojett/openid-connect-php/tests/data/jwks-ps256.json b/vendor/jumbojett/openid-connect-php/tests/data/jwks-ps256.json
new file mode 100644
index 0000000..a73a1e0
--- /dev/null
+++ b/vendor/jumbojett/openid-connect-php/tests/data/jwks-ps256.json
@@ -0,0 +1,12 @@
+{
+ "keys": [
+ {
+ "kty": "RSA",
+ "use": "sig",
+ "kid": "konnectd-tokens-signing-key",
+ "n": "10hb3pFUVcqJcS-d1pLCkFTyTqVD1GavlAai582CoRwFcyIQxCPJz0LJVgkUNwxSRkY0g0PcgFN_MmuuzpFXMkkiMIC9O_KwnuL34FrbijZvcGpnDn7kb9KAM883OVTr_w3wFeQIyh0ksSwVQ9CxVQ-ZeCXP73CCGk99uDb8SeF8_vncXJmaak99pK6HKJteSLkA-Ywxo9HOINZK2vW06UYcSkeoQnSI27Cd5-T6GVgqKH0Su4c5Ydou_w0tL_UkbZA4fIbMZC6dtWmBQf6tyYsCM9fbWNIVOj_7WlWcAOSTFNF2We2dxJrOzt6vDND3k1nCgg_EEM6cgBO3swUCktTFuQxo1sryYX5WXz9wnJb38b9mTXhOeF0bd9y_VQq8erSlcyRu8UGzX65tIf534hLL16KQaHbjROGSQvzqFrISmSBjBTjkPedTZSYOhiVJ95-em_Y6uLi-T7V4bs4dcg3oa0H_glXltoC9JxzS6gfMGGLgh-NpGEOdC_QosyzVVfzT70TurOGnsB1_VcAm_fK-T1Zv_ztpr5OZNfXWXC3Pfq_3sxP5HDKMk8luZ7LOWk7HVSYBdCFmOM1A3KmHNS2fEs-QHIr-XjYQ7QrXsRFP3dmoEPfiYlu03m8Xs3UMB70eGeGQx7OhZSuogxV_oCfApV5EJfuz97tVmOg8iMs",
+ "e": "AQAB"
+ }
+ ],
+ "kty": ""
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-05 21:49:53 +0000