diff options
| author | Thomas Citharel <tcit@tcit.fr> | 2017-06-14 17:30:12 +0200 |
|---|---|---|
| committer | Thomas Citharel <tcit@tcit.fr> | 2017-06-14 17:30:12 +0200 |
| commit | caa0b1765b8c249ff4a868980d90e3410b26b664 (patch) | |
| tree | 4396948b27c04b41cc02a1c1fee4a9d292f4b858 | |
| parent | f93a3109a5f0999dbbd69131c9e5041c390120c9 (diff) | |
| download | wallabag-caa0b1765b8c249ff4a868980d90e3410b26b664.tar.gz wallabag-caa0b1765b8c249ff4a868980d90e3410b26b664.tar.zst wallabag-caa0b1765b8c249ff4a868980d90e3410b26b664.zip | |
Add client_credentials oAuth2 auth method
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
| -rw-r--r-- | src/Wallabag/ApiBundle/Controller/DeveloperController.php | 2 | ||||
| -rw-r--r-- | tests/Wallabag/ApiBundle/Controller/DeveloperControllerTest.php | 27 |
2 files changed, 25 insertions, 4 deletions
diff --git a/src/Wallabag/ApiBundle/Controller/DeveloperController.php b/src/Wallabag/ApiBundle/Controller/DeveloperController.php index 9cb1b626..9cb73f4c 100644 --- a/src/Wallabag/ApiBundle/Controller/DeveloperController.php +++ b/src/Wallabag/ApiBundle/Controller/DeveloperController.php | |||
| @@ -43,7 +43,7 @@ class DeveloperController extends Controller | |||
| 43 | $clientForm->handleRequest($request); | 43 | $clientForm->handleRequest($request); |
| 44 | 44 | ||
| 45 | if ($clientForm->isSubmitted() && $clientForm->isValid()) { | 45 | if ($clientForm->isSubmitted() && $clientForm->isValid()) { |
| 46 | $client->setAllowedGrantTypes(['token', 'authorization_code', 'password', 'refresh_token']); | 46 | $client->setAllowedGrantTypes(['client_credentials', 'token', 'authorization_code', 'password', 'refresh_token']); |
| 47 | $em->persist($client); | 47 | $em->persist($client); |
| 48 | $em->flush(); | 48 | $em->flush(); |
| 49 | 49 | ||
diff --git a/tests/Wallabag/ApiBundle/Controller/DeveloperControllerTest.php b/tests/Wallabag/ApiBundle/Controller/DeveloperControllerTest.php index d37cbbf9..53aed12b 100644 --- a/tests/Wallabag/ApiBundle/Controller/DeveloperControllerTest.php +++ b/tests/Wallabag/ApiBundle/Controller/DeveloperControllerTest.php | |||
| @@ -34,7 +34,7 @@ class DeveloperControllerTest extends WallabagCoreTestCase | |||
| 34 | $this->assertContains('My app', $alert[0]); | 34 | $this->assertContains('My app', $alert[0]); |
| 35 | } | 35 | } |
| 36 | 36 | ||
| 37 | public function testCreateToken() | 37 | public function testCreateTokenFromPasswords() |
| 38 | { | 38 | { |
| 39 | $client = $this->getClient(); | 39 | $client = $this->getClient(); |
| 40 | $apiClient = $this->createApiClientForUser('admin'); | 40 | $apiClient = $this->createApiClientForUser('admin'); |
| @@ -56,6 +56,26 @@ class DeveloperControllerTest extends WallabagCoreTestCase | |||
| 56 | $this->assertArrayHasKey('refresh_token', $data); | 56 | $this->assertArrayHasKey('refresh_token', $data); |
| 57 | } | 57 | } |
| 58 | 58 | ||
| 59 | public function testCreateTokenFromClientCredentialsOnly() | ||
| 60 | { | ||
| 61 | $client = $this->getClient(); | ||
| 62 | $apiClient = $this->createApiClientForUser('admin', ['client_credentials']); | ||
| 63 | |||
| 64 | $client->request('POST', '/oauth/v2/token', [ | ||
| 65 | 'grant_type' => 'client_credentials', | ||
| 66 | 'client_id' => $apiClient->getPublicId(), | ||
| 67 | 'client_secret' => $apiClient->getSecret(), | ||
| 68 | ]); | ||
| 69 | |||
| 70 | $this->assertEquals(200, $client->getResponse()->getStatusCode()); | ||
| 71 | |||
| 72 | $data = json_decode($client->getResponse()->getContent(), true); | ||
| 73 | $this->assertArrayHasKey('access_token', $data); | ||
| 74 | $this->assertArrayHasKey('expires_in', $data); | ||
| 75 | $this->assertArrayHasKey('token_type', $data); | ||
| 76 | // Client Credentials created-clients have no refresh tokens | ||
| 77 | } | ||
| 78 | |||
| 59 | public function testListingClient() | 79 | public function testListingClient() |
| 60 | { | 80 | { |
| 61 | $this->logInAs('admin'); | 81 | $this->logInAs('admin'); |
| @@ -114,9 +134,10 @@ class DeveloperControllerTest extends WallabagCoreTestCase | |||
| 114 | /** | 134 | /** |
| 115 | * @param string $username | 135 | * @param string $username |
| 116 | * | 136 | * |
| 137 | * @param array $grantTypes | ||
| 117 | * @return Client | 138 | * @return Client |
| 118 | */ | 139 | */ |
| 119 | private function createApiClientForUser($username) | 140 | private function createApiClientForUser($username, $grantTypes = ['password']) |
| 120 | { | 141 | { |
| 121 | $client = $this->getClient(); | 142 | $client = $this->getClient(); |
| 122 | $em = $client->getContainer()->get('doctrine.orm.entity_manager'); | 143 | $em = $client->getContainer()->get('doctrine.orm.entity_manager'); |
| @@ -124,7 +145,7 @@ class DeveloperControllerTest extends WallabagCoreTestCase | |||
| 124 | $user = $userManager->findUserBy(array('username' => $username)); | 145 | $user = $userManager->findUserBy(array('username' => $username)); |
| 125 | $apiClient = new Client($user); | 146 | $apiClient = new Client($user); |
| 126 | $apiClient->setName('My app'); | 147 | $apiClient->setName('My app'); |
| 127 | $apiClient->setAllowedGrantTypes(['password']); | 148 | $apiClient->setAllowedGrantTypes($grantTypes); |
| 128 | $em->persist($apiClient); | 149 | $em->persist($apiClient); |
| 129 | $em->flush(); | 150 | $em->flush(); |
| 130 | 151 | ||