minor #73 Add authorization tests (X-Coder264)

This PR was merged into the 0.1-dev branch. Discussion ---------- Add authorization tests This PR adds a regression test which was previously missing (it checks that the bundle integrates properly with Symfony authorization). This test is failing on Symfony 5.4 without the changes that were made in #72 so it's needed to prove that the bundle works as intended after that change was made. Commits ------- fdff4d3 Add authorization test
thephpleague · Dec 16, 2021 · 429864a · 429864a
2 parents a0b5585 + fdff4d3
commit 429864a
Show file tree

Hide file tree

Showing 3 changed files with 44 additions and 0 deletions.
diff --git a/tests/Acceptance/SecurityLayerTest.php b/tests/Acceptance/SecurityLayerTest.php
@@ -95,6 +95,40 @@ public function testAuthenticatedUserRolesRequest(): void
         $this->assertSame('These are the roles I have currently assigned: ROLE_OAUTH2_FANCY, ROLE_USER', $response->getContent());
     }
 
+    public function testSuccessfulAuthorizationForAuthenticatedUserRequest(): void
+    {
+        $accessToken = $this->client
+            ->getContainer()
+            ->get(AccessTokenManagerInterface::class)
+            ->find(FixtureFactory::FIXTURE_ACCESS_TOKEN_USER_BOUND_WITH_SCOPES);
+
+        $this->client->request('GET', '/security-test-authorization', [], [], [
+            'HTTP_AUTHORIZATION' => sprintf('Bearer %s', TestHelper::generateJwtToken($accessToken)),
+        ]);
+
+        $response = $this->client->getResponse();
+
+        $this->assertSame(200, $response->getStatusCode());
+        $this->assertSame('access granted', $response->getContent());
+    }
+
+    public function testUnsuccessfulAuthorizationForAuthenticatedUserRequest(): void
+    {
+        $accessToken = $this->client
+            ->getContainer()
+            ->get(AccessTokenManagerInterface::class)
+            ->find(FixtureFactory::FIXTURE_ACCESS_TOKEN_USER_BOUND);
+
+        $this->client->request('GET', '/security-test-authorization', [], [], [
+            'HTTP_AUTHORIZATION' => sprintf('Bearer %s', TestHelper::generateJwtToken($accessToken)),
+        ]);
+
+        $response = $this->client->getResponse();
+
+        $this->assertSame(403, $response->getStatusCode());
+        $this->assertNotSame('access granted', $response->getContent());
+    }
+
     public function testExpiredRequest(): void
     {
         $accessToken = $this->client

diff --git a/tests/Fixtures/SecurityTestController.php b/tests/Fixtures/SecurityTestController.php
@@ -48,4 +48,11 @@ public function rolesAction(): Response
             )
         );
     }
+
+    public function authorizationAction(): Response
+    {
+        $this->denyAccessUnlessGranted('ROLE_OAUTH2_FANCY');
+
+        return new Response('access granted');
+    }
 }
diff --git a/tests/Fixtures/routes.php b/tests/Fixtures/routes.php
@@ -23,5 +23,8 @@
         ->defaults([
             'oauth2_scopes' => ['fancy'],
         ])
+
+        ->add('security_test_authorization', '/security-test-authorization')
+        ->controller([SecurityTestController::class, 'authorizationAction'])
     ;
 };