Skip to content

Commit b5f67c1

Browse files
ricklambrechtsricklambrechts
authored
chore: add additional assertions of redirect url and ass scopes test (#29)
1 parent 8c0aad8 commit b5f67c1

File tree

2 files changed

+37
-2
lines changed

2 files changed

+37
-2
lines changed

config/oidc.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@
2929
/**
3030
* By default, the openid scope is requested. If you need additional scopes, you can specify them here.
3131
*/
32-
'additional_scopes' => explode(',', env('OIDC_ADDITIONAL_SCOPES', '')),
32+
'additional_scopes' => array_filter(explode(',', env('OIDC_ADDITIONAL_SCOPES', ''))),
3333

3434
/**
3535
* Code Challenge Method used for PKCE.

tests/Feature/Http/Controllers/LoginControllerTest.php

Lines changed: 36 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -33,8 +33,43 @@ public function testLoginRouteRedirectsToAuthorizeUrlOfProvider(): void
3333
$response
3434
->assertStatus(302)
3535
->assertRedirectContains("https://provider.rdobeheer.nl/authorize")
36-
->assertRedirectContains('test-client-id');
36+
->assertRedirectContains('response_type=code')
37+
->assertRedirectContains('redirect_uri=http%3A%2F%2Flocalhost%2Foidc%2Flogin')
38+
->assertRedirectContains('client_id=test-client-id')
39+
->assertRedirectContains('scope=openid')
40+
->assertRedirectContains('code_challenge_method=S256');
3741
}
42+
43+
/**
44+
* @dataProvider scopesProvider
45+
*/
46+
public function testLoginRouteRedirectsToAuthorizeUrlOfProviderWithScopes(
47+
array $additionalScopes,
48+
string $scopeInUrl
49+
): void {
50+
$this->mockOpenIDConfigurationLoader();
51+
52+
config()->set('oidc.client_id', 'test-client-id');
53+
config()->set('oidc.additional_scopes', $additionalScopes);
54+
55+
$response = $this->get(route('oidc.login', ['login_hint' => 'test-login-hint']));
56+
$response
57+
->assertStatus(302)
58+
->assertRedirectContains("https://provider.rdobeheer.nl/authorize")
59+
->assertRedirectContains('test-client-id')
60+
->assertRedirectContains('login_hint=test-login-hint')
61+
->assertRedirectContains($scopeInUrl);
62+
}
63+
64+
public static function scopesProvider(): array
65+
{
66+
return [
67+
'no scopes' => [[], 'scope=openid'],
68+
'one scope' => [['test-scope-1'], 'scope=test-scope-1+openid'],
69+
'multiple scopes' => [['test-scope-1', 'test-scope-2'], 'scope=test-scope-1+test-scope-2+openid'],
70+
];
71+
}
72+
3873
public function testLoginRouteRedirectsToAuthorizeUrlOfProviderWithLoginHint(): void
3974
{
4075
$this->mockOpenIDConfigurationLoader();

0 commit comments

Comments
 (0)