Update tests of 'check client credentials (of any scope)' middlewares

Author: gdebrauwer

tests/CheckClientCredentialsForAnyScopeTest.php

@@ -5,8 +5,7 @@
 use Illuminate\Http\Request;
 use Laravel\Passport\Client;
 use Laravel\Passport\Http\Middleware\CheckClientCredentialsForAnyScope;
-use Laravel\Passport\Token;
-use Laravel\Passport\TokenRepository;
+use Laravel\Passport\ClientRepository;
 use League\OAuth2\Server\Exception\OAuthServerException;
 use League\OAuth2\Server\ResourceServer;
 use Mockery as m;
@@ -24,21 +23,17 @@ public function test_request_is_passed_along_if_token_is_valid()
         $resourceServer = m::mock(ResourceServer::class);
         $resourceServer->shouldReceive('validateAuthenticatedRequest')->andReturn($psr = m::mock());
         $psr->shouldReceive('getAttribute')->with('oauth_user_id')->andReturn(1);
-        $psr->shouldReceive('getAttribute')->with('oauth_client_id')->andReturn(1);
+        $psr->shouldReceive('getAttribute')->with('oauth_client_id')->andReturn(2);
         $psr->shouldReceive('getAttribute')->with('oauth_access_token_id')->andReturn('token');
         $psr->shouldReceive('getAttribute')->with('oauth_scopes')->andReturn(['*']);
 
         $client = m::mock(Client::class);
         $client->shouldReceive('firstParty')->andReturnFalse();
 
-        $token = m::mock(Token::class);
-        $token->shouldReceive('getAttribute')->with('client')->andReturn($client);
-        $token->shouldReceive('getAttribute')->with('scopes')->andReturn(['*']);
+        $clientRepository = m::mock(ClientRepository::class);
+        $clientRepository->shouldReceive('find')->with(2)->andReturn($client);
 
-        $tokenRepository = m::mock(TokenRepository::class);
-        $tokenRepository->shouldReceive('find')->with('token')->andReturn($token);
-
-        $middleware = new CheckClientCredentialsForAnyScope($resourceServer, $tokenRepository);
+        $middleware = new CheckClientCredentialsForAnyScope($resourceServer, $clientRepository);
 
         $request = Request::create('/');
         $request->headers->set('Authorization', 'Bearer token');
@@ -55,23 +50,17 @@ public function test_request_is_passed_along_if_token_has_any_required_scope()
         $resourceServer = m::mock(ResourceServer::class);
         $resourceServer->shouldReceive('validateAuthenticatedRequest')->andReturn($psr = m::mock());
         $psr->shouldReceive('getAttribute')->with('oauth_user_id')->andReturn(1);
-        $psr->shouldReceive('getAttribute')->with('oauth_client_id')->andReturn(1);
+        $psr->shouldReceive('getAttribute')->with('oauth_client_id')->andReturn(2);
         $psr->shouldReceive('getAttribute')->with('oauth_access_token_id')->andReturn('token');
         $psr->shouldReceive('getAttribute')->with('oauth_scopes')->andReturn(['foo', 'bar', 'baz']);
 
         $client = m::mock(Client::class);
         $client->shouldReceive('firstParty')->andReturnFalse();
 
-        $token = m::mock(Token::class);
-        $token->shouldReceive('getAttribute')->with('client')->andReturn($client);
-        $token->shouldReceive('getAttribute')->with('scopes')->andReturn(['foo', 'bar', 'baz']);
-        $token->shouldReceive('can')->with('notfoo')->andReturnFalse();
-        $token->shouldReceive('can')->with('bar')->andReturnTrue();
-
-        $tokenRepository = m::mock(TokenRepository::class);
-        $tokenRepository->shouldReceive('find')->with('token')->andReturn($token);
+        $clientRepository = m::mock(ClientRepository::class);
+        $clientRepository->shouldReceive('find')->with(2)->andReturn($client);
 
-        $middleware = new CheckClientCredentialsForAnyScope($resourceServer, $tokenRepository);
+        $middleware = new CheckClientCredentialsForAnyScope($resourceServer, $clientRepository);
 
         $request = Request::create('/');
         $request->headers->set('Authorization', 'Bearer token');
@@ -88,13 +77,13 @@ public function test_request_is_passed_along_if_token_has_any_required_scope()
      */
     public function test_exception_is_thrown_when_oauth_throws_exception()
     {
-        $tokenRepository = m::mock(TokenRepository::class);
+        $clientRepository = m::mock(ClientRepository::class);
         $resourceServer = m::mock(ResourceServer::class);
         $resourceServer->shouldReceive('validateAuthenticatedRequest')->andThrow(
             new OAuthServerException('message', 500, 'error type')
         );
 
-        $middleware = new CheckClientCredentialsForAnyScope($resourceServer, $tokenRepository);
+        $middleware = new CheckClientCredentialsForAnyScope($resourceServer, $clientRepository);
 
         $request = Request::create('/');
         $request->headers->set('Authorization', 'Bearer token');
@@ -112,23 +101,17 @@ public function test_exception_is_thrown_if_token_does_not_have_required_scope()
         $resourceServer = m::mock(ResourceServer::class);
         $resourceServer->shouldReceive('validateAuthenticatedRequest')->andReturn($psr = m::mock());
         $psr->shouldReceive('getAttribute')->with('oauth_user_id')->andReturn(1);
-        $psr->shouldReceive('getAttribute')->with('oauth_client_id')->andReturn(1);
+        $psr->shouldReceive('getAttribute')->with('oauth_client_id')->andReturn(2);
         $psr->shouldReceive('getAttribute')->with('oauth_access_token_id')->andReturn('token');
         $psr->shouldReceive('getAttribute')->with('oauth_scopes')->andReturn(['foo', 'bar']);
 
         $client = m::mock(Client::class);
         $client->shouldReceive('firstParty')->andReturnFalse();
 
-        $token = m::mock(Token::class);
-        $token->shouldReceive('getAttribute')->with('client')->andReturn($client);
-        $token->shouldReceive('getAttribute')->with('scopes')->andReturn(['foo', 'bar']);
-        $token->shouldReceive('can')->with('baz')->andReturnFalse();
-        $token->shouldReceive('can')->with('notbar')->andReturnFalse();
+        $clientRepository = m::mock(ClientRepository::class);
+        $clientRepository->shouldReceive('find')->with(2)->andReturn($client);
 
-        $tokenRepository = m::mock(TokenRepository::class);
-        $tokenRepository->shouldReceive('find')->with('token')->andReturn($token);
-
-        $middleware = new CheckClientCredentialsForAnyScope($resourceServer, $tokenRepository);
+        $middleware = new CheckClientCredentialsForAnyScope($resourceServer, $clientRepository);
 
         $request = Request::create('/');
         $request->headers->set('Authorization', 'Bearer token');
@@ -146,20 +129,17 @@ public function test_exception_is_thrown_if_token_belongs_to_first_party_client(
         $resourceServer = m::mock(ResourceServer::class);
         $resourceServer->shouldReceive('validateAuthenticatedRequest')->andReturn($psr = m::mock());
         $psr->shouldReceive('getAttribute')->with('oauth_user_id')->andReturn(1);
-        $psr->shouldReceive('getAttribute')->with('oauth_client_id')->andReturn(1);
+        $psr->shouldReceive('getAttribute')->with('oauth_client_id')->andReturn(2);
         $psr->shouldReceive('getAttribute')->with('oauth_access_token_id')->andReturn('token');
         $psr->shouldReceive('getAttribute')->with('oauth_scopes')->andReturn(['*']);
 
         $client = m::mock(Client::class);
         $client->shouldReceive('firstParty')->andReturnTrue();
 
-        $token = m::mock(Token::class);
-        $token->shouldReceive('getAttribute')->with('client')->andReturn($client);
-
-        $tokenRepository = m::mock(TokenRepository::class);
-        $tokenRepository->shouldReceive('find')->with('token')->andReturn($token);
+        $clientRepository = m::mock(ClientRepository::class);
+        $clientRepository->shouldReceive('find')->with(2)->andReturn($client);
 
-        $middleware = new CheckClientCredentialsForAnyScope($resourceServer, $tokenRepository);
+        $middleware = new CheckClientCredentialsForAnyScope($resourceServer, $clientRepository);
 
         $request = Request::create('/');
         $request->headers->set('Authorization', 'Bearer token');

tests/CheckClientCredentialsTest.php

@@ -7,6 +7,7 @@
 use Laravel\Passport\Http\Middleware\CheckClientCredentials;
 use Laravel\Passport\Token;
 use Laravel\Passport\TokenRepository;
+use Laravel\Passport\ClientRepository;
 use League\OAuth2\Server\Exception\OAuthServerException;
 use League\OAuth2\Server\ResourceServer;
 use Mockery as m;
@@ -24,21 +25,17 @@ public function test_request_is_passed_along_if_token_is_valid()
         $resourceServer = m::mock(ResourceServer::class);
         $resourceServer->shouldReceive('validateAuthenticatedRequest')->andReturn($psr = m::mock());
         $psr->shouldReceive('getAttribute')->with('oauth_user_id')->andReturn(1);
-        $psr->shouldReceive('getAttribute')->with('oauth_client_id')->andReturn(1);
+        $psr->shouldReceive('getAttribute')->with('oauth_client_id')->andReturn(2);
         $psr->shouldReceive('getAttribute')->with('oauth_access_token_id')->andReturn('token');
         $psr->shouldReceive('getAttribute')->with('oauth_scopes')->andReturn(['*']);
 
         $client = m::mock(Client::class);
         $client->shouldReceive('firstParty')->andReturnFalse();
 
-        $token = m::mock(Token::class);
-        $token->shouldReceive('getAttribute')->with('client')->andReturn($client);
-        $token->shouldReceive('getAttribute')->with('scopes')->andReturn(['*']);
+        $clientRepository = m::mock(ClientRepository::class);
+        $clientRepository->shouldReceive('find')->with(2)->andReturn($client);
 
-        $tokenRepository = m::mock(TokenRepository::class);
-        $tokenRepository->shouldReceive('find')->with('token')->andReturn($token);
-
-        $middleware = new CheckClientCredentials($resourceServer, $tokenRepository);
+        $middleware = new CheckClientCredentials($resourceServer, $clientRepository);
 
         $request = Request::create('/');
         $request->headers->set('Authorization', 'Bearer token');
@@ -55,22 +52,17 @@ public function test_request_is_passed_along_if_token_and_scope_are_valid()
         $resourceServer = m::mock(ResourceServer::class);
         $resourceServer->shouldReceive('validateAuthenticatedRequest')->andReturn($psr = m::mock());
         $psr->shouldReceive('getAttribute')->with('oauth_user_id')->andReturn(1);
-        $psr->shouldReceive('getAttribute')->with('oauth_client_id')->andReturn(1);
+        $psr->shouldReceive('getAttribute')->with('oauth_client_id')->andReturn(2);
         $psr->shouldReceive('getAttribute')->with('oauth_access_token_id')->andReturn('token');
         $psr->shouldReceive('getAttribute')->with('oauth_scopes')->andReturn(['see-profile']);
 
         $client = m::mock(Client::class);
         $client->shouldReceive('firstParty')->andReturnFalse();
 
-        $token = m::mock(Token::class);
-        $token->shouldReceive('getAttribute')->with('client')->andReturn($client);
-        $token->shouldReceive('getAttribute')->with('scopes')->andReturn(['see-profile']);
-        $token->shouldReceive('cant')->with('see-profile')->andReturnFalse();
-
-        $tokenRepository = m::mock(TokenRepository::class);
-        $tokenRepository->shouldReceive('find')->with('token')->andReturn($token);
+        $clientRepository = m::mock(ClientRepository::class);
+        $clientRepository->shouldReceive('find')->with(2)->andReturn($client);
 
-        $middleware = new CheckClientCredentials($resourceServer, $tokenRepository);
+        $middleware = new CheckClientCredentials($resourceServer, $clientRepository);
 
         $request = Request::create('/');
         $request->headers->set('Authorization', 'Bearer token');
@@ -87,13 +79,13 @@ public function test_request_is_passed_along_if_token_and_scope_are_valid()
      */
     public function test_exception_is_thrown_when_oauth_throws_exception()
     {
-        $tokenRepository = m::mock(TokenRepository::class);
+        $clientRepository = m::mock(ClientRepository::class);
         $resourceServer = m::mock(ResourceServer::class);
         $resourceServer->shouldReceive('validateAuthenticatedRequest')->andThrow(
             new OAuthServerException('message', 500, 'error type')
         );
 
-        $middleware = new CheckClientCredentials($resourceServer, $tokenRepository);
+        $middleware = new CheckClientCredentials($resourceServer, $clientRepository);
 
         $request = Request::create('/');
         $request->headers->set('Authorization', 'Bearer token');
@@ -111,23 +103,17 @@ public function test_exception_is_thrown_if_token_does_not_have_required_scopes(
         $resourceServer = m::mock(ResourceServer::class);
         $resourceServer->shouldReceive('validateAuthenticatedRequest')->andReturn($psr = m::mock());
         $psr->shouldReceive('getAttribute')->with('oauth_user_id')->andReturn(1);
-        $psr->shouldReceive('getAttribute')->with('oauth_client_id')->andReturn(1);
+        $psr->shouldReceive('getAttribute')->with('oauth_client_id')->andReturn(2);
         $psr->shouldReceive('getAttribute')->with('oauth_access_token_id')->andReturn('token');
         $psr->shouldReceive('getAttribute')->with('oauth_scopes')->andReturn(['foo', 'notbar']);
 
         $client = m::mock(Client::class);
         $client->shouldReceive('firstParty')->andReturnFalse();
 
-        $token = m::mock(Token::class);
-        $token->shouldReceive('getAttribute')->with('client')->andReturn($client);
-        $token->shouldReceive('getAttribute')->with('scopes')->andReturn(['foo', 'notbar']);
-        $token->shouldReceive('cant')->with('foo')->andReturnFalse();
-        $token->shouldReceive('cant')->with('bar')->andReturnTrue();
+        $clientRepository = m::mock(ClientRepository::class);
+        $clientRepository->shouldReceive('find')->with(2)->andReturn($client);
 
-        $tokenRepository = m::mock(TokenRepository::class);
-        $tokenRepository->shouldReceive('find')->with('token')->andReturn($token);
-
-        $middleware = new CheckClientCredentials($resourceServer, $tokenRepository);
+        $middleware = new CheckClientCredentials($resourceServer, $clientRepository);
 
         $request = Request::create('/');
         $request->headers->set('Authorization', 'Bearer token');
@@ -145,20 +131,17 @@ public function test_exception_is_thrown_if_token_belongs_to_first_party_client(
         $resourceServer = m::mock(ResourceServer::class);
         $resourceServer->shouldReceive('validateAuthenticatedRequest')->andReturn($psr = m::mock());
         $psr->shouldReceive('getAttribute')->with('oauth_user_id')->andReturn(1);
-        $psr->shouldReceive('getAttribute')->with('oauth_client_id')->andReturn(1);
+        $psr->shouldReceive('getAttribute')->with('oauth_client_id')->andReturn(2);
         $psr->shouldReceive('getAttribute')->with('oauth_access_token_id')->andReturn('token');
         $psr->shouldReceive('getAttribute')->with('oauth_scopes')->andReturn(['*']);
 
         $client = m::mock(Client::class);
         $client->shouldReceive('firstParty')->andReturnTrue();
 
-        $token = m::mock(Token::class);
-        $token->shouldReceive('getAttribute')->with('client')->andReturn($client);
-
-        $tokenRepository = m::mock(TokenRepository::class);
-        $tokenRepository->shouldReceive('find')->with('token')->andReturn($token);
+        $clientRepository = m::mock(ClientRepository::class);
+        $clientRepository->shouldReceive('find')->with(2)->andReturn($client);
 
-        $middleware = new CheckClientCredentials($resourceServer, $tokenRepository);
+        $middleware = new CheckClientCredentials($resourceServer, $clientRepository);
 
         $request = Request::create('/');
         $request->headers->set('Authorization', 'Bearer token');