diff options
author | Nicolas LÅ“uillet <nicolas@loeuillet.org> | 2017-06-22 10:00:23 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-06-22 10:00:23 +0200 |
commit | d0702f9fbd7aa8bf47948b44007cccde2fa66cc6 (patch) | |
tree | 00964db846a58922756b99fcca2cca9467706fbe | |
parent | 8c68acff2abe0573e287ad9ee4589668d1bb7ffa (diff) | |
parent | caa0b1765b8c249ff4a868980d90e3410b26b664 (diff) | |
download | wallabag-d0702f9fbd7aa8bf47948b44007cccde2fa66cc6.tar.gz wallabag-d0702f9fbd7aa8bf47948b44007cccde2fa66cc6.tar.zst wallabag-d0702f9fbd7aa8bf47948b44007cccde2fa66cc6.zip |
Merge pull request #3227 from wallabag/oauth-client-credentials
Add client_credentials oAuth2 auth method
-rw-r--r-- | src/Wallabag/ApiBundle/Controller/DeveloperController.php | 2 | ||||
-rw-r--r-- | tests/Wallabag/ApiBundle/Controller/DeveloperControllerTest.php | 27 |
2 files changed, 25 insertions, 4 deletions
diff --git a/src/Wallabag/ApiBundle/Controller/DeveloperController.php b/src/Wallabag/ApiBundle/Controller/DeveloperController.php index 9cb1b626..9cb73f4c 100644 --- a/src/Wallabag/ApiBundle/Controller/DeveloperController.php +++ b/src/Wallabag/ApiBundle/Controller/DeveloperController.php | |||
@@ -43,7 +43,7 @@ class DeveloperController extends Controller | |||
43 | $clientForm->handleRequest($request); | 43 | $clientForm->handleRequest($request); |
44 | 44 | ||
45 | if ($clientForm->isSubmitted() && $clientForm->isValid()) { | 45 | if ($clientForm->isSubmitted() && $clientForm->isValid()) { |
46 | $client->setAllowedGrantTypes(['token', 'authorization_code', 'password', 'refresh_token']); | 46 | $client->setAllowedGrantTypes(['client_credentials', 'token', 'authorization_code', 'password', 'refresh_token']); |
47 | $em->persist($client); | 47 | $em->persist($client); |
48 | $em->flush(); | 48 | $em->flush(); |
49 | 49 | ||
diff --git a/tests/Wallabag/ApiBundle/Controller/DeveloperControllerTest.php b/tests/Wallabag/ApiBundle/Controller/DeveloperControllerTest.php index d37cbbf9..53aed12b 100644 --- a/tests/Wallabag/ApiBundle/Controller/DeveloperControllerTest.php +++ b/tests/Wallabag/ApiBundle/Controller/DeveloperControllerTest.php | |||
@@ -34,7 +34,7 @@ class DeveloperControllerTest extends WallabagCoreTestCase | |||
34 | $this->assertContains('My app', $alert[0]); | 34 | $this->assertContains('My app', $alert[0]); |
35 | } | 35 | } |
36 | 36 | ||
37 | public function testCreateToken() | 37 | public function testCreateTokenFromPasswords() |
38 | { | 38 | { |
39 | $client = $this->getClient(); | 39 | $client = $this->getClient(); |
40 | $apiClient = $this->createApiClientForUser('admin'); | 40 | $apiClient = $this->createApiClientForUser('admin'); |
@@ -56,6 +56,26 @@ class DeveloperControllerTest extends WallabagCoreTestCase | |||
56 | $this->assertArrayHasKey('refresh_token', $data); | 56 | $this->assertArrayHasKey('refresh_token', $data); |
57 | } | 57 | } |
58 | 58 | ||
59 | public function testCreateTokenFromClientCredentialsOnly() | ||
60 | { | ||
61 | $client = $this->getClient(); | ||
62 | $apiClient = $this->createApiClientForUser('admin', ['client_credentials']); | ||
63 | |||
64 | $client->request('POST', '/oauth/v2/token', [ | ||
65 | 'grant_type' => 'client_credentials', | ||
66 | 'client_id' => $apiClient->getPublicId(), | ||
67 | 'client_secret' => $apiClient->getSecret(), | ||
68 | ]); | ||
69 | |||
70 | $this->assertEquals(200, $client->getResponse()->getStatusCode()); | ||
71 | |||
72 | $data = json_decode($client->getResponse()->getContent(), true); | ||
73 | $this->assertArrayHasKey('access_token', $data); | ||
74 | $this->assertArrayHasKey('expires_in', $data); | ||
75 | $this->assertArrayHasKey('token_type', $data); | ||
76 | // Client Credentials created-clients have no refresh tokens | ||
77 | } | ||
78 | |||
59 | public function testListingClient() | 79 | public function testListingClient() |
60 | { | 80 | { |
61 | $this->logInAs('admin'); | 81 | $this->logInAs('admin'); |
@@ -114,9 +134,10 @@ class DeveloperControllerTest extends WallabagCoreTestCase | |||
114 | /** | 134 | /** |
115 | * @param string $username | 135 | * @param string $username |
116 | * | 136 | * |
137 | * @param array $grantTypes | ||
117 | * @return Client | 138 | * @return Client |
118 | */ | 139 | */ |
119 | private function createApiClientForUser($username) | 140 | private function createApiClientForUser($username, $grantTypes = ['password']) |
120 | { | 141 | { |
121 | $client = $this->getClient(); | 142 | $client = $this->getClient(); |
122 | $em = $client->getContainer()->get('doctrine.orm.entity_manager'); | 143 | $em = $client->getContainer()->get('doctrine.orm.entity_manager'); |
@@ -124,7 +145,7 @@ class DeveloperControllerTest extends WallabagCoreTestCase | |||
124 | $user = $userManager->findUserBy(array('username' => $username)); | 145 | $user = $userManager->findUserBy(array('username' => $username)); |
125 | $apiClient = new Client($user); | 146 | $apiClient = new Client($user); |
126 | $apiClient->setName('My app'); | 147 | $apiClient->setName('My app'); |
127 | $apiClient->setAllowedGrantTypes(['password']); | 148 | $apiClient->setAllowedGrantTypes($grantTypes); |
128 | $em->persist($apiClient); | 149 | $em->persist($apiClient); |
129 | $em->flush(); | 150 | $em->flush(); |
130 | 151 | ||