Skip to content

Commit 6934c57

Browse files
marchriusmarchrius
committed
fix(refresh token): indent with spaces
1 parent f4ae050 commit 6934c57

File tree

3 files changed

+743
-743
lines changed

3 files changed

+743
-743
lines changed

tests/src/AccessTokenTest.php

Lines changed: 193 additions & 193 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
<?php declare( strict_types=1 );
1+
<?php declare(strict_types=1);
22

33
namespace UsefulTeam\Tests\JwtAuth;
44

@@ -8,197 +8,197 @@
88

99
final class AccessTokenTest extends TestCase {
1010

11-
use RestTestTrait;
12-
13-
/**
14-
* @throws GuzzleException
15-
*/
16-
public function testToken(): string {
17-
$response = $this->client->post( '/wp-json/jwt-auth/v1/token', [
18-
'form_params' => [
19-
'username' => $this->username,
20-
'password' => $this->password,
21-
],
22-
] );
23-
$body = json_decode( $response->getBody()->getContents(), true );
24-
$this->assertEquals( 'jwt_auth_valid_credential', $body['code'] );
25-
$this->assertEquals( 200, $response->getStatusCode() );
26-
$this->assertEquals( true, $body['success'] );
27-
28-
$this->assertArrayHasKey( 'data', $body );
29-
$this->assertArrayHasKey( 'token', $body['data'] );
30-
$this->token = $body['data']['token'];
31-
$this->assertNotEmpty( $this->token );
32-
33-
if ( $this->flow === 'cookie' ) {
34-
$cookie = $this->cookies->getCookieByName( 'refresh_token' );
35-
$this->refreshToken = $cookie->getValue();
36-
} else {
37-
$this->assertArrayHasKey( 'refresh_token', $body['data'] );
38-
$this->refreshToken = $body['data']['refresh_token'];
39-
}
40-
41-
$this->assertNotEmpty( $this->refreshToken );
42-
$this->assertNotEquals( $this->token, $this->refreshToken );
43-
44-
return $this->token;
45-
}
46-
47-
/**
48-
* @depends testToken
49-
* @throws GuzzleException
50-
*/
51-
public function testTokenWithEditedTokenType( string $token ): void {
52-
$this->assertNotEmpty( $token );
53-
54-
$payload = json_decode( base64_decode( explode( '.', $token )[1] ), false );
55-
$payload->typ = 'refresh';
56-
$malicious_token = implode( '.', [
57-
explode( '.', $token )[0],
58-
base64_encode( json_encode( $payload ) ),
59-
explode( '.', $token )[2],
60-
] );
61-
62-
$request_options = array();
63-
64-
if ( $this->flow === 'cookie' ) {
65-
$cookies = [
66-
'refresh_token' => $malicious_token,
67-
];
68-
$domain = $this->getDomain();
69-
$cookies = CookieJar::fromArray( $cookies, $domain );
70-
$request_options['cookies'] = $cookies;
71-
} else if ($this->flow === 'body') {
72-
$request_options[\GuzzleHttp\RequestOptions::JSON] = [
73-
'refresh_token' => $token,
74-
];
75-
} else {
76-
$request_options['form_params'] = [
77-
'refresh_token' => $token,
78-
];
79-
}
80-
81-
$response = $this->client->post( '/wp-json/jwt-auth/v1/token/refresh', $request_options );
82-
$body = json_decode( $response->getBody()->getContents(), true );
83-
$this->assertIsArray( $body );
84-
$this->assertArrayHasKey( 'data', $body );
85-
$this->assertEquals( 'jwt_auth_invalid_refresh_token', $body['code'] );
86-
$this->assertEquals( 401, $response->getStatusCode() );
87-
$this->assertEquals( false, $body['success'] );
88-
}
89-
90-
/**
91-
* @depends testToken
92-
* @throws GuzzleException
93-
*/
94-
public function testTokenValidate( string $token ): void {
95-
$this->assertNotEmpty( $token );
96-
97-
$response = $this->client->post( '/wp-json/jwt-auth/v1/token/validate', [
98-
'headers' => [
99-
'Authorization' => "Bearer $token",
100-
],
101-
] );
102-
$body = json_decode( $response->getBody()->getContents(), true );
103-
$this->assertEquals( 'jwt_auth_valid_token', $body['code'] );
104-
$this->assertEquals( 200, $response->getStatusCode() );
105-
$this->assertEquals( true, $body['success'] );
106-
}
107-
108-
/**
109-
* @depends testToken
110-
* @throws GuzzleException
111-
*/
112-
public function testTokenValidateWithInvalidToken( string $token ): void {
113-
$this->assertNotEmpty( $token );
114-
115-
$response = $this->client->post( '/wp-json/jwt-auth/v1/token/validate', [
116-
'headers' => [
117-
'Authorization' => "Bearer {$token}123",
118-
],
119-
] );
120-
$body = json_decode( $response->getBody()->getContents(), true );
121-
$this->assertEquals( 'jwt_auth_invalid_token', $body['code'] );
122-
$this->assertEquals( 401, $response->getStatusCode() );
123-
$this->assertEquals( false, $body['success'] );
124-
}
125-
126-
/**
127-
* @depends testToken
128-
* @throws GuzzleException
129-
*/
130-
public function testTokenRefreshWithInvalidToken( string $token ): void {
131-
$this->assertNotEmpty( $token );
132-
133-
$response = $this->client->post( '/wp-json/jwt-auth/v1/token/refresh', [
134-
'headers' => [
135-
'Authorization' => "Bearer {$token}",
136-
],
137-
] );
138-
$body = json_decode( $response->getBody()->getContents(), true );
139-
if ( $this->flow === 'cookie' ) {
140-
$this->assertEquals( 'jwt_auth_no_auth_cookie', $body['code'] );
141-
} else {
142-
$this->assertEquals( 'jwt_auth_no_refresh_token', $body['code'] );
143-
}
144-
$this->assertEquals( 401, $response->getStatusCode() );
145-
$this->assertEquals( false, $body['success'] );
146-
147-
$request_options = array();
148-
149-
if ( $this->flow === 'cookie' ) {
150-
$cookies = [
151-
'refresh_token' => $token,
152-
];
153-
$domain = $this->getDomain();
154-
$cookies = CookieJar::fromArray( $cookies, $domain );
155-
$request_options['cookies'] = $cookies;
156-
} else if ($this->flow === 'body') {
157-
$request_options[\GuzzleHttp\RequestOptions::JSON] = [
158-
'refresh_token' => $token,
159-
];
160-
} else {
161-
$request_options['form_params'] = [
162-
'refresh_token' => $token,
163-
];
164-
}
165-
$response = $this->client->post( '/wp-json/jwt-auth/v1/token/refresh', $request_options );
166-
$body = json_decode( $response->getBody()->getContents(), true );
167-
$this->assertEquals( 'jwt_auth_invalid_refresh_token', $body['code'] );
168-
$this->assertEquals( 401, $response->getStatusCode() );
169-
$this->assertEquals( false, $body['success'] );
170-
}
171-
172-
/**
173-
* @depends testToken
174-
* @throws GuzzleException
175-
*/
176-
public function testTokenWithInvalidRefreshToken( string $token ): void {
177-
$this->assertNotEmpty( $token );
178-
179-
$request_options = array();
180-
181-
if ( $this->flow === 'cookie' ) {
182-
$cookies = [
183-
'refresh_token' => $token,
184-
];
185-
$domain = $this->getDomain();
186-
$cookies = CookieJar::fromArray( $cookies, $domain );
187-
$request_options['cookies'] = $cookies;
188-
} else if ($this->flow === 'body') {
189-
$request_options[\GuzzleHttp\RequestOptions::JSON] = [
190-
'refresh_token' => $token,
191-
];
192-
} else {
193-
$request_options['form_params'] = [
194-
'refresh_token' => $token,
195-
];
196-
}
197-
$response = $this->client->post( '/wp-json/jwt-auth/v1/token', $request_options );
198-
$body = json_decode( $response->getBody()->getContents(), true );
199-
$this->assertEquals( 'jwt_auth_invalid_refresh_token', $body['code'] );
200-
$this->assertEquals( 401, $response->getStatusCode() );
201-
$this->assertEquals( false, $body['success'] );
202-
}
11+
use RestTestTrait;
12+
13+
/**
14+
* @throws GuzzleException
15+
*/
16+
public function testToken(): string {
17+
$response = $this->client->post('/wp-json/jwt-auth/v1/token', [
18+
'form_params' => [
19+
'username' => $this->username,
20+
'password' => $this->password,
21+
],
22+
]);
23+
$body = json_decode($response->getBody()->getContents(), true);
24+
$this->assertEquals('jwt_auth_valid_credential', $body['code']);
25+
$this->assertEquals(200, $response->getStatusCode());
26+
$this->assertEquals(true, $body['success']);
27+
28+
$this->assertArrayHasKey('data', $body);
29+
$this->assertArrayHasKey('token', $body['data']);
30+
$this->token = $body['data']['token'];
31+
$this->assertNotEmpty( $this->token );
32+
33+
if ($this->flow === 'cookie') {
34+
$cookie = $this->cookies->getCookieByName('refresh_token');
35+
$this->refreshToken = $cookie->getValue();
36+
} else {
37+
$this->assertArrayHasKey('refresh_token', $body['data']);
38+
$this->refreshToken = $body['data']['refresh_token'];
39+
}
40+
41+
$this->assertNotEmpty($this->refreshToken);
42+
$this->assertNotEquals($this->token, $this->refreshToken);
43+
44+
return $this->token;
45+
}
46+
47+
/**
48+
* @depends testToken
49+
* @throws GuzzleException
50+
*/
51+
public function testTokenWithEditedTokenType(string $token): void {
52+
$this->assertNotEmpty($token);
53+
54+
$payload = json_decode(base64_decode(explode('.', $token)[1]), false);
55+
$payload->typ = 'refresh';
56+
$malicious_token = implode('.', [
57+
explode('.', $token )[0],
58+
base64_encode(json_encode($payload)),
59+
explode('.', $token )[2],
60+
]);
61+
62+
$request_options = array();
63+
64+
if ($this->flow === 'cookie') {
65+
$cookies = [
66+
'refresh_token' => $malicious_token,
67+
];
68+
$domain = $this->getDomain();
69+
$cookies = CookieJar::fromArray($cookies, $domain);
70+
$request_options['cookies'] = $cookies;
71+
} else if ($this->flow === 'body') {
72+
$request_options[\GuzzleHttp\RequestOptions::JSON] = [
73+
'refresh_token' => $token,
74+
];
75+
} else {
76+
$request_options['form_params'] = [
77+
'refresh_token' => $token,
78+
];
79+
}
80+
81+
$response = $this->client->post('/wp-json/jwt-auth/v1/token/refresh', $request_options);
82+
$body = json_decode($response->getBody()->getContents(), true);
83+
$this->assertIsArray($body);
84+
$this->assertArrayHasKey('data', $body);
85+
$this->assertEquals('jwt_auth_invalid_refresh_token', $body['code']);
86+
$this->assertEquals(401, $response->getStatusCode());
87+
$this->assertEquals(false, $body['success']);
88+
}
89+
90+
/**
91+
* @depends testToken
92+
* @throws GuzzleException
93+
*/
94+
public function testTokenValidate(string $token): void {
95+
$this->assertNotEmpty($token);
96+
97+
$response = $this->client->post('/wp-json/jwt-auth/v1/token/validate', [
98+
'headers' => [
99+
'Authorization' => "Bearer $token",
100+
],
101+
]);
102+
$body = json_decode($response->getBody()->getContents(), true);
103+
$this->assertEquals('jwt_auth_valid_token', $body['code']);
104+
$this->assertEquals(200, $response->getStatusCode());
105+
$this->assertEquals(true, $body['success']);
106+
}
107+
108+
/**
109+
* @depends testToken
110+
* @throws GuzzleException
111+
*/
112+
public function testTokenValidateWithInvalidToken(string $token): void {
113+
$this->assertNotEmpty($token);
114+
115+
$response = $this->client->post('/wp-json/jwt-auth/v1/token/validate', [
116+
'headers' => [
117+
'Authorization' => "Bearer {$token}123",
118+
],
119+
]);
120+
$body = json_decode($response->getBody()->getContents(), true);
121+
$this->assertEquals('jwt_auth_invalid_token', $body['code']);
122+
$this->assertEquals(401, $response->getStatusCode());
123+
$this->assertEquals(false, $body['success']);
124+
}
125+
126+
/**
127+
* @depends testToken
128+
* @throws GuzzleException
129+
*/
130+
public function testTokenRefreshWithInvalidToken(string $token): void {
131+
$this->assertNotEmpty($token);
132+
133+
$response = $this->client->post('/wp-json/jwt-auth/v1/token/refresh', [
134+
'headers' => [
135+
'Authorization' => "Bearer {$token}",
136+
],
137+
]);
138+
$body = json_decode($response->getBody()->getContents(), true);
139+
if ($this->flow === 'cookie') {
140+
$this->assertEquals('jwt_auth_no_auth_cookie', $body['code']);
141+
} else {
142+
$this->assertEquals('jwt_auth_no_refresh_token', $body['code']);
143+
}
144+
$this->assertEquals(401, $response->getStatusCode());
145+
$this->assertEquals(false, $body['success']);
146+
147+
$request_options = array();
148+
149+
if ($this->flow === 'cookie') {
150+
$cookies = [
151+
'refresh_token' => $token,
152+
];
153+
$domain = $this->getDomain();
154+
$cookies = CookieJar::fromArray($cookies, $domain);
155+
$request_options['cookies'] = $cookies;
156+
} else if ($this->flow === 'body') {
157+
$request_options[\GuzzleHttp\RequestOptions::JSON] = [
158+
'refresh_token' => $token,
159+
];
160+
} else {
161+
$request_options['form_params'] = [
162+
'refresh_token' => $token,
163+
];
164+
}
165+
$response = $this->client->post('/wp-json/jwt-auth/v1/token/refresh', $request_options);
166+
$body = json_decode($response->getBody()->getContents(), true);
167+
$this->assertEquals('jwt_auth_invalid_refresh_token', $body['code']);
168+
$this->assertEquals(401, $response->getStatusCode());
169+
$this->assertEquals(false, $body['success']);
170+
}
171+
172+
/**
173+
* @depends testToken
174+
* @throws GuzzleException
175+
*/
176+
public function testTokenWithInvalidRefreshToken(string $token): void {
177+
$this->assertNotEmpty($token);
178+
179+
$request_options = array();
180+
181+
if ($this->flow === 'cookie') {
182+
$cookies = [
183+
'refresh_token' => $token,
184+
];
185+
$domain = $this->getDomain();
186+
$cookies = CookieJar::fromArray( $cookies, $domain );
187+
$request_options['cookies'] = $cookies;
188+
} else if ($this->flow === 'body') {
189+
$request_options[\GuzzleHttp\RequestOptions::JSON] = [
190+
'refresh_token' => $token,
191+
];
192+
} else {
193+
$request_options['form_params'] = [
194+
'refresh_token' => $token,
195+
];
196+
}
197+
$response = $this->client->post('/wp-json/jwt-auth/v1/token', $request_options);
198+
$body = json_decode($response->getBody()->getContents(), true);
199+
$this->assertEquals('jwt_auth_invalid_refresh_token', $body['code']);
200+
$this->assertEquals(401, $response->getStatusCode());
201+
$this->assertEquals(false, $body['success']);
202+
}
203203

204204
}

0 commit comments

Comments
 (0)