From caa0b1765b8c249ff4a868980d90e3410b26b664 Mon Sep 17 00:00:00 2001
From: Thomas Citharel <tcit@tcit.fr>
Date: Wed, 14 Jun 2017 17:30:12 +0200
Subject: Add client_credentials oAuth2 auth method

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
---
 .../ApiBundle/Controller/DeveloperController.php   |  2 +-
 .../Controller/DeveloperControllerTest.php         | 27 +++++++++++++++++++---
 2 files changed, 25 insertions(+), 4 deletions(-)

diff --git a/src/Wallabag/ApiBundle/Controller/DeveloperController.php b/src/Wallabag/ApiBundle/Controller/DeveloperController.php
index 9cb1b626..9cb73f4c 100644
--- a/src/Wallabag/ApiBundle/Controller/DeveloperController.php
+++ b/src/Wallabag/ApiBundle/Controller/DeveloperController.php
@@ -43,7 +43,7 @@ class DeveloperController extends Controller
         $clientForm->handleRequest($request);
 
         if ($clientForm->isSubmitted() && $clientForm->isValid()) {
-            $client->setAllowedGrantTypes(['token', 'authorization_code', 'password', 'refresh_token']);
+            $client->setAllowedGrantTypes(['client_credentials', 'token', 'authorization_code', 'password', 'refresh_token']);
             $em->persist($client);
             $em->flush();
 
diff --git a/tests/Wallabag/ApiBundle/Controller/DeveloperControllerTest.php b/tests/Wallabag/ApiBundle/Controller/DeveloperControllerTest.php
index d37cbbf9..53aed12b 100644
--- a/tests/Wallabag/ApiBundle/Controller/DeveloperControllerTest.php
+++ b/tests/Wallabag/ApiBundle/Controller/DeveloperControllerTest.php
@@ -34,7 +34,7 @@ class DeveloperControllerTest extends WallabagCoreTestCase
         $this->assertContains('My app', $alert[0]);
     }
 
-    public function testCreateToken()
+    public function testCreateTokenFromPasswords()
     {
         $client = $this->getClient();
         $apiClient = $this->createApiClientForUser('admin');
@@ -56,6 +56,26 @@ class DeveloperControllerTest extends WallabagCoreTestCase
         $this->assertArrayHasKey('refresh_token', $data);
     }
 
+    public function testCreateTokenFromClientCredentialsOnly()
+    {
+        $client = $this->getClient();
+        $apiClient = $this->createApiClientForUser('admin', ['client_credentials']);
+
+        $client->request('POST', '/oauth/v2/token', [
+            'grant_type' => 'client_credentials',
+            'client_id' => $apiClient->getPublicId(),
+            'client_secret' => $apiClient->getSecret(),
+        ]);
+
+        $this->assertEquals(200, $client->getResponse()->getStatusCode());
+
+        $data = json_decode($client->getResponse()->getContent(), true);
+        $this->assertArrayHasKey('access_token', $data);
+        $this->assertArrayHasKey('expires_in', $data);
+        $this->assertArrayHasKey('token_type', $data);
+        // Client Credentials created-clients have no refresh tokens
+    }
+
     public function testListingClient()
     {
         $this->logInAs('admin');
@@ -114,9 +134,10 @@ class DeveloperControllerTest extends WallabagCoreTestCase
     /**
      * @param string $username
      *
+     * @param array $grantTypes
      * @return Client
      */
-    private function createApiClientForUser($username)
+    private function createApiClientForUser($username, $grantTypes = ['password'])
     {
         $client = $this->getClient();
         $em = $client->getContainer()->get('doctrine.orm.entity_manager');
@@ -124,7 +145,7 @@ class DeveloperControllerTest extends WallabagCoreTestCase
         $user = $userManager->findUserBy(array('username' => $username));
         $apiClient = new Client($user);
         $apiClient->setName('My app');
-        $apiClient->setAllowedGrantTypes(['password']);
+        $apiClient->setAllowedGrantTypes($grantTypes);
         $em->persist($apiClient);
         $em->flush();
 
-- 
cgit v1.2.3