@@ -94,4 +94,84 @@ public function testLoadSealedSessionReturnsValidCookieSession()
9494
9595 $ this assertInstanceOf (CookieSession::class, $ cookieSession
9696 }
97+
98+ public function testRefreshPassesCorrectParametersToAuthenticateWithRefreshToken ()
99+ {
100+ // REGRESSION TEST: Verify that CookieSession.refresh() passes all 5 parameters
101+ // to authenticateWithRefreshToken(), not just 2. The clientId parameter must be
102+ // included from WorkOS::getClientId() (see CookieSession.php:86-92)
103+
104+ $ organizationId"org_01H7X1M4TZJN5N4HG4XXMA1234 " ;
105+
106+ // Create a mock UserManagement to verify method calls
107+ $ userManagementMock$ this getMockBuilder (UserManagement::class)
108+ ->onlyMethods (['authenticateWithSessionCookie ' , 'authenticateWithRefreshToken ' , 'sealSession ' ])
109+ ->getMock ();
110+
111+ // Mock authenticateWithSessionCookie to return a successful authentication
112+ $ authResponseData
113+ 'authenticated ' => true ,
114+ 'access_token ' => 'test_access_token ' ,
115+ 'refresh_token ' => 'test_refresh_token ' ,
116+ 'session_id ' => 'session_123 ' ,
117+ 'user ' => [
118+ 'object ' => 'user ' ,
119+ 'id ' => 'user_123 ' ,
120+ 121+ 'first_name ' => 'Test ' ,
122+ 'last_name ' => 'User ' ,
123+ 'email_verified ' => true ,
124+ 'created_at ' => '2021-01-01T00:00:00.000Z ' ,
125+ 'updated_at ' => '2021-01-01T00:00:00.000Z '
126+ ]
127+ ];
128+ $ authResponseResource \SessionAuthenticationSuccessResponse::constructFromResponse ($ authResponseData
129+ $ userManagementMockmethod ('authenticateWithSessionCookie ' )
130+ ->willReturn ($ authResponse
131+
132+ // CRITICAL ASSERTION: Verify authenticateWithRefreshToken is called with exactly 5 parameters
133+ $ refreshResponseData
134+ 'access_token ' => 'new_access_token ' ,
135+ 'refresh_token ' => 'new_refresh_token ' ,
136+ 'user ' => [
137+ 'object ' => 'user ' ,
138+ 'id ' => 'user_123 ' ,
139+ 140+ 'first_name ' => 'Test ' ,
141+ 'last_name ' => 'User ' ,
142+ 'email_verified ' => true ,
143+ 'created_at ' => '2021-01-01T00:00:00.000Z ' ,
144+ 'updated_at ' => '2021-01-01T00:00:00.000Z '
145+ ]
146+ ];
147+ $ refreshResponseResource \AuthenticationResponse::constructFromResponse ($ refreshResponseData
148+
149+ $ userManagementMockexpects ($ this once ())
150+ ->method ('authenticateWithRefreshToken ' )
151+ ->with (
152+ $ this identicalTo (WorkOS::getClientId ()), // clientId from config
153+ $ this identicalTo ('test_refresh_token ' ), // refresh token
154+ $ this identicalTo (null ), // ipAddress
155+ $ this identicalTo (null ), // userAgent
156+ $ this identicalTo ($ organizationId// organizationId
157+ )
158+ ->willReturn ($ refreshResponse
159+
160+ $ userManagementMockmethod ('sealSession ' )
161+ ->willReturn ('new_sealed_session ' );
162+
163+ // Execute refresh with the mocked UserManagement
164+ $ cookieSessionnew CookieSession (
165+ $ userManagementMock
166+ $ this sealedSession ,
167+ $ this cookiePassword
168+ );
169+
170+ [$ response$ newSealedSession$ cookieSessionrefresh ([
171+ 'organizationId ' => $ organizationId
172+ ]);
173+
174+ // If we reach here without the mock throwing an exception, the test passes
175+ $ this assertInstanceOf (Resource \SessionAuthenticationSuccessResponse::class, $ response
176+ }
97177}
0 commit comments