From 40c4b9115276bc5b9ccc9d7ab82d14ab78e2ada1 Mon Sep 17 00:00:00 2001 From: Hafez Divandari Date: Mon, 7 Oct 2024 21:07:59 +0330 Subject: [PATCH] [13.x] Improve resolving and converting PSR responses (#1793) * inject psr response * update dependencies --- composer.json | 2 +- src/Exceptions/OAuthServerException.php | 6 ++- src/Guards/TokenGuard.php | 10 +--- .../Controllers/AccessTokenController.php | 12 ++--- .../ApproveAuthorizationController.php | 8 +-- .../Controllers/AuthorizationController.php | 21 ++++---- src/Http/Controllers/ConvertsPsrResponses.php | 9 ++-- .../DenyAuthorizationController.php | 8 +-- src/Http/Middleware/ValidateToken.php | 8 +-- src/PersonalAccessTokenFactory.php | 11 ++-- tests/Unit/AccessTokenControllerTest.php | 6 ++- .../ApproveAuthorizationControllerTest.php | 2 +- tests/Unit/AuthorizationControllerTest.php | 53 ++++++++++++------- .../Unit/DenyAuthorizationControllerTest.php | 10 +++- 14 files changed, 91 insertions(+), 75 deletions(-) diff --git a/composer.json b/composer.json index 2ca2b791..12733823 100644 --- a/composer.json +++ b/composer.json @@ -32,7 +32,7 @@ "nyholm/psr7": "^1.5", "phpseclib/phpseclib": "^3.0", "symfony/console": "^7.0", - "symfony/psr-http-message-bridge": "^7.0" + "symfony/psr-http-message-bridge": "^7.1" }, "require-dev": { "mockery/mockery": "^1.0", diff --git a/src/Exceptions/OAuthServerException.php b/src/Exceptions/OAuthServerException.php index 738b5e5e..fe7adf0f 100644 --- a/src/Exceptions/OAuthServerException.php +++ b/src/Exceptions/OAuthServerException.php @@ -7,7 +7,7 @@ use Laravel\Passport\Http\Controllers\ConvertsPsrResponses; use League\OAuth2\Server\Exception\OAuthServerException as LeagueException; use League\OAuth2\Server\RequestTypes\AuthorizationRequestInterface; -use Nyholm\Psr7\Response as Psr7Response; +use Psr\Http\Message\ResponseInterface; class OAuthServerException extends HttpResponseException { @@ -18,7 +18,9 @@ class OAuthServerException extends HttpResponseException */ public function __construct(LeagueException $e, bool $useFragment = false) { - parent::__construct($this->convertResponse($e->generateHttpResponse(new Psr7Response, $useFragment)), $e); + parent::__construct($this->convertResponse( + $e->generateHttpResponse(app(ResponseInterface::class), $useFragment) + ), $e); } /** diff --git a/src/Guards/TokenGuard.php b/src/Guards/TokenGuard.php index 0339fc65..488a30cd 100644 --- a/src/Guards/TokenGuard.php +++ b/src/Guards/TokenGuard.php @@ -21,7 +21,6 @@ use Laravel\Passport\TransientToken; use League\OAuth2\Server\Exception\OAuthServerException; use League\OAuth2\Server\ResourceServer; -use Nyholm\Psr7\Factory\Psr17Factory; use Psr\Http\Message\ServerRequestInterface; use Symfony\Bridge\PsrHttpMessage\Factory\PsrHttpFactory; @@ -161,13 +160,8 @@ protected function getPsrRequestViaBearerToken(): ?ServerRequestInterface { // First, we will convert the Symfony request to a PSR-7 implementation which will // be compatible with the base OAuth2 library. The Symfony bridge can perform a - // conversion for us to a new Nyholm implementation of this PSR-7 request. - $psr = (new PsrHttpFactory( - new Psr17Factory, - new Psr17Factory, - new Psr17Factory, - new Psr17Factory - ))->createRequest($this->request); + // conversion for us to a new PSR-7 implementation from this Symfony request. + $psr = (new PsrHttpFactory())->createRequest($this->request); try { return $this->server->validateAuthenticatedRequest($psr); diff --git a/src/Http/Controllers/AccessTokenController.php b/src/Http/Controllers/AccessTokenController.php index eae2779b..3b488e56 100644 --- a/src/Http/Controllers/AccessTokenController.php +++ b/src/Http/Controllers/AccessTokenController.php @@ -2,11 +2,11 @@ namespace Laravel\Passport\Http\Controllers; -use Illuminate\Http\Response; use League\OAuth2\Server\AuthorizationServer; use League\OAuth2\Server\Exception\OAuthServerException; -use Nyholm\Psr7\Response as Psr7Response; +use Psr\Http\Message\ResponseInterface; use Psr\Http\Message\ServerRequestInterface; +use Symfony\Component\HttpFoundation\Response; class AccessTokenController { @@ -23,16 +23,16 @@ public function __construct( /** * Issue an access token. */ - public function issueToken(ServerRequestInterface $request): Response + public function issueToken(ServerRequestInterface $psrRequest, ResponseInterface $psrResponse): Response { - return $this->withErrorHandling(function () use ($request) { - if (array_key_exists('grant_type', $attributes = (array) $request->getParsedBody()) && + return $this->withErrorHandling(function () use ($psrRequest, $psrResponse) { + if (array_key_exists('grant_type', $attributes = (array) $psrRequest->getParsedBody()) && $attributes['grant_type'] === 'personal_access') { throw OAuthServerException::unsupportedGrantType(); } return $this->convertResponse( - $this->server->respondToAccessTokenRequest($request, new Psr7Response) + $this->server->respondToAccessTokenRequest($psrRequest, $psrResponse) ); }); } diff --git a/src/Http/Controllers/ApproveAuthorizationController.php b/src/Http/Controllers/ApproveAuthorizationController.php index 736a8712..b20ecb9b 100644 --- a/src/Http/Controllers/ApproveAuthorizationController.php +++ b/src/Http/Controllers/ApproveAuthorizationController.php @@ -3,9 +3,9 @@ namespace Laravel\Passport\Http\Controllers; use Illuminate\Http\Request; -use Illuminate\Http\Response; use League\OAuth2\Server\AuthorizationServer; -use Nyholm\Psr7\Response as Psr7Response; +use Psr\Http\Message\ResponseInterface; +use Symfony\Component\HttpFoundation\Response; class ApproveAuthorizationController { @@ -22,14 +22,14 @@ public function __construct( /** * Approve the authorization request. */ - public function approve(Request $request): Response + public function approve(Request $request, ResponseInterface $psrResponse): Response { $authRequest = $this->getAuthRequestFromSession($request); $authRequest->setAuthorizationApproved(true); return $this->withErrorHandling(fn () => $this->convertResponse( - $this->server->completeAuthorizationRequest($authRequest, new Psr7Response) + $this->server->completeAuthorizationRequest($authRequest, $psrResponse) ), $authRequest->getGrantTypeId() === 'implicit'); } } diff --git a/src/Http/Controllers/AuthorizationController.php b/src/Http/Controllers/AuthorizationController.php index f816f26e..150e3689 100644 --- a/src/Http/Controllers/AuthorizationController.php +++ b/src/Http/Controllers/AuthorizationController.php @@ -5,7 +5,6 @@ use Illuminate\Contracts\Auth\Authenticatable; use Illuminate\Contracts\Auth\StatefulGuard; use Illuminate\Http\Request; -use Illuminate\Http\Response; use Illuminate\Support\Facades\Date; use Illuminate\Support\Str; use Laravel\Passport\Bridge\User; @@ -18,8 +17,9 @@ use League\OAuth2\Server\AuthorizationServer; use League\OAuth2\Server\Entities\ScopeEntityInterface; use League\OAuth2\Server\RequestTypes\AuthorizationRequestInterface; -use Nyholm\Psr7\Response as Psr7Response; +use Psr\Http\Message\ResponseInterface; use Psr\Http\Message\ServerRequestInterface; +use Symfony\Component\HttpFoundation\Response; class AuthorizationController { @@ -31,7 +31,6 @@ class AuthorizationController public function __construct( protected AuthorizationServer $server, protected StatefulGuard $guard, - protected AuthorizationViewResponse $response, protected ClientRepository $clients ) { } @@ -39,8 +38,12 @@ public function __construct( /** * Authorize a client to access the user's account. */ - public function authorize(ServerRequestInterface $psrRequest, Request $request): Response|AuthorizationViewResponse - { + public function authorize( + ServerRequestInterface $psrRequest, + Request $request, + ResponseInterface $psrResponse, + AuthorizationViewResponse $viewResponse + ): Response|AuthorizationViewResponse { $authRequest = $this->withErrorHandling( fn () => $this->server->validateAuthorizationRequest($psrRequest), ($psrRequest->getQueryParams()['response_type'] ?? null) === 'token' @@ -71,7 +74,7 @@ public function authorize(ServerRequestInterface $psrRequest, Request $request): if ($request->get('prompt') !== 'consent' && ($client->skipsAuthorization($user, $scopes) || $this->hasGrantedScopes($user, $client, $scopes))) { - return $this->approveRequest($authRequest); + return $this->approveRequest($authRequest, $psrResponse); } if ($request->get('prompt') === 'none') { @@ -81,7 +84,7 @@ public function authorize(ServerRequestInterface $psrRequest, Request $request): $request->session()->put('authToken', $authToken = Str::random()); $request->session()->put('authRequest', $authRequest); - return $this->response->withParameters([ + return $viewResponse->withParameters([ 'client' => $client, 'user' => $user, 'scopes' => $scopes, @@ -124,12 +127,12 @@ protected function hasGrantedScopes(Authenticatable $user, Client $client, array /** * Approve the authorization request. */ - protected function approveRequest(AuthorizationRequestInterface $authRequest): Response + protected function approveRequest(AuthorizationRequestInterface $authRequest, ResponseInterface $psrResponse): Response { $authRequest->setAuthorizationApproved(true); return $this->withErrorHandling(fn () => $this->convertResponse( - $this->server->completeAuthorizationRequest($authRequest, new Psr7Response) + $this->server->completeAuthorizationRequest($authRequest, $psrResponse) ), $authRequest->getGrantTypeId() === 'implicit'); } diff --git a/src/Http/Controllers/ConvertsPsrResponses.php b/src/Http/Controllers/ConvertsPsrResponses.php index 81ccc7e5..b39f9723 100644 --- a/src/Http/Controllers/ConvertsPsrResponses.php +++ b/src/Http/Controllers/ConvertsPsrResponses.php @@ -2,8 +2,9 @@ namespace Laravel\Passport\Http\Controllers; -use Illuminate\Http\Response; use Psr\Http\Message\ResponseInterface; +use Symfony\Bridge\PsrHttpMessage\Factory\HttpFoundationFactory; +use Symfony\Component\HttpFoundation\Response; trait ConvertsPsrResponses { @@ -12,10 +13,6 @@ trait ConvertsPsrResponses */ public function convertResponse(ResponseInterface $psrResponse): Response { - return new Response( - $psrResponse->getBody(), - $psrResponse->getStatusCode(), - $psrResponse->getHeaders() - ); + return (new HttpFoundationFactory())->createResponse($psrResponse); } } diff --git a/src/Http/Controllers/DenyAuthorizationController.php b/src/Http/Controllers/DenyAuthorizationController.php index abe7f67b..c9cf57d3 100644 --- a/src/Http/Controllers/DenyAuthorizationController.php +++ b/src/Http/Controllers/DenyAuthorizationController.php @@ -3,9 +3,9 @@ namespace Laravel\Passport\Http\Controllers; use Illuminate\Http\Request; -use Illuminate\Http\Response; use League\OAuth2\Server\AuthorizationServer; -use Nyholm\Psr7\Response as Psr7Response; +use Psr\Http\Message\ResponseInterface; +use Symfony\Component\HttpFoundation\Response; class DenyAuthorizationController { @@ -22,14 +22,14 @@ public function __construct( /** * Deny the authorization request. */ - public function deny(Request $request): Response + public function deny(Request $request, ResponseInterface $psrResponse): Response { $authRequest = $this->getAuthRequestFromSession($request); $authRequest->setAuthorizationApproved(false); return $this->withErrorHandling(fn () => $this->convertResponse( - $this->server->completeAuthorizationRequest($authRequest, new Psr7Response) + $this->server->completeAuthorizationRequest($authRequest, $psrResponse) ), $authRequest->getGrantTypeId() === 'implicit'); } } diff --git a/src/Http/Middleware/ValidateToken.php b/src/Http/Middleware/ValidateToken.php index b7f8b7b7..d9b5f2cf 100644 --- a/src/Http/Middleware/ValidateToken.php +++ b/src/Http/Middleware/ValidateToken.php @@ -8,7 +8,6 @@ use Laravel\Passport\Exceptions\AuthenticationException; use League\OAuth2\Server\Exception\OAuthServerException; use League\OAuth2\Server\ResourceServer; -use Nyholm\Psr7\Factory\Psr17Factory; use Symfony\Bridge\PsrHttpMessage\Factory\PsrHttpFactory; use Symfony\Component\HttpFoundation\Response; @@ -46,12 +45,7 @@ public static function using(...$scopes): string */ public function handle(Request $request, Closure $next, string ...$scopes): Response { - $psr = (new PsrHttpFactory( - new Psr17Factory, - new Psr17Factory, - new Psr17Factory, - new Psr17Factory - ))->createRequest($request); + $psr = (new PsrHttpFactory())->createRequest($request); try { $psr = $this->server->validateAuthenticatedRequest($psr); diff --git a/src/PersonalAccessTokenFactory.php b/src/PersonalAccessTokenFactory.php index cdc16856..31419ec0 100644 --- a/src/PersonalAccessTokenFactory.php +++ b/src/PersonalAccessTokenFactory.php @@ -4,9 +4,10 @@ use Lcobucci\JWT\Parser as JwtParser; use League\OAuth2\Server\AuthorizationServer; -use Nyholm\Psr7\Response; -use Nyholm\Psr7\ServerRequest; +use Psr\Http\Message\ResponseInterface; use Psr\Http\Message\ServerRequestInterface; +use Symfony\Bridge\PsrHttpMessage\Factory\PsrHttpFactory; +use Symfony\Component\HttpFoundation\Request; class PersonalAccessTokenFactory { @@ -48,12 +49,12 @@ public function make(string|int $userId, string $name, array $scopes, string $pr */ protected function createRequest(string|int $userId, array $scopes, string $provider): ServerRequestInterface { - return (new ServerRequest('POST', 'not-important'))->withParsedBody([ + return (new PsrHttpFactory())->createRequest(Request::create('not-important', 'POST', [ 'grant_type' => 'personal_access', 'provider' => $provider, 'user_id' => $userId, 'scope' => implode(' ', $scopes), - ]); + ])); } /** @@ -64,7 +65,7 @@ protected function createRequest(string|int $userId, array $scopes, string $prov protected function dispatchRequestToAuthorizationServer(ServerRequestInterface $request): array { return json_decode($this->server->respondToAccessTokenRequest( - $request, new Response + $request, app(ResponseInterface::class) )->getBody()->__toString(), true); } diff --git a/tests/Unit/AccessTokenControllerTest.php b/tests/Unit/AccessTokenControllerTest.php index 6471ad9f..6788c9d4 100644 --- a/tests/Unit/AccessTokenControllerTest.php +++ b/tests/Unit/AccessTokenControllerTest.php @@ -34,7 +34,7 @@ public function test_a_token_can_be_issued() $controller = new AccessTokenController($server); - $this->assertSame('{"access_token":"access-token"}', $controller->issueToken($request)->getContent()); + $this->assertSame('{"access_token":"access-token"}', $controller->issueToken($request, $psrResponse)->getContent()); } public function test_exceptions_are_handled() @@ -42,6 +42,8 @@ public function test_exceptions_are_handled() $request = m::mock(ServerRequestInterface::class); $request->shouldReceive('getParsedBody')->once()->andReturn([]); + app()->instance(ResponseInterface::class, new Response); + $server = m::mock(AuthorizationServer::class); $server->shouldReceive('respondToAccessTokenRequest')->with( $request, m::type(ResponseInterface::class) @@ -51,7 +53,7 @@ public function test_exceptions_are_handled() $this->expectException(OAuthServerException::class); - $controller->issueToken($request); + $controller->issueToken($request, m::mock(ResponseInterface::class)); } } diff --git a/tests/Unit/ApproveAuthorizationControllerTest.php b/tests/Unit/ApproveAuthorizationControllerTest.php index 1e9e0b5b..903ea270 100644 --- a/tests/Unit/ApproveAuthorizationControllerTest.php +++ b/tests/Unit/ApproveAuthorizationControllerTest.php @@ -45,7 +45,7 @@ public function test_complete_authorization_request() ->with($authRequest, m::type(ResponseInterface::class)) ->andReturn($psrResponse); - $this->assertSame('response', $controller->approve($request)->getContent()); + $this->assertSame('response', $controller->approve($request, $psrResponse)->getContent()); } } diff --git a/tests/Unit/AuthorizationControllerTest.php b/tests/Unit/AuthorizationControllerTest.php index 952f337c..4d1e7ec8 100644 --- a/tests/Unit/AuthorizationControllerTest.php +++ b/tests/Unit/AuthorizationControllerTest.php @@ -72,9 +72,11 @@ public function test_authorization_view_is_presented() return $response; }); - $controller = new AuthorizationController($server, $guard, $response, $clients); + $psrResponse = m::mock(ResponseInterface::class); - $this->assertSame($response, $controller->authorize($psrRequest, $request)); + $controller = new AuthorizationController($server, $guard, $clients); + + $this->assertSame($response, $controller->authorize($psrRequest, $request, $psrResponse, $response)); } public function test_authorization_exceptions_are_handled() @@ -89,15 +91,18 @@ public function test_authorization_exceptions_are_handled() $psrRequest = m::mock(ServerRequestInterface::class); $psrRequest->shouldReceive('getQueryParams')->andReturn([]); + $psrResponse = m::mock(ResponseInterface::class); + app()->instance(ResponseInterface::class, new Response); + $request = m::mock(Request::class); $clients = m::mock(ClientRepository::class); $this->expectException(OAuthServerException::class); - $controller = new AuthorizationController($server, $guard, $response, $clients); + $controller = new AuthorizationController($server, $guard, $clients); - $controller->authorize($psrRequest, $request); + $controller->authorize($psrRequest, $request, $psrResponse, $response); } public function test_request_is_approved_if_valid_token_exists() @@ -143,9 +148,9 @@ public function test_request_is_approved_if_valid_token_exists() $client->shouldReceive('getKey')->andReturn(1); $client->shouldReceive('tokens->where->pluck')->andReturn(collect([['scope-1']])); - $controller = new AuthorizationController($server, $guard, $response, $clients); + $controller = new AuthorizationController($server, $guard, $clients); - $this->assertSame('approved', $controller->authorize($psrRequest, $request)->getContent()); + $this->assertSame('approved', $controller->authorize($psrRequest, $request, $psrResponse, $response)->getContent()); } public function test_request_is_approved_if_client_can_skip_authorization() @@ -189,9 +194,9 @@ public function test_request_is_approved_if_client_can_skip_authorization() $client->shouldReceive('skipsAuthorization')->andReturn(true); - $controller = new AuthorizationController($server, $guard, $response, $clients); + $controller = new AuthorizationController($server, $guard, $clients); - $this->assertSame('approved', $controller->authorize($psrRequest, $request)->getContent()); + $this->assertSame('approved', $controller->authorize($psrRequest, $request, $psrResponse, $response)->getContent()); } public function test_authorization_view_is_presented_if_request_has_prompt_equals_to_consent() @@ -213,6 +218,8 @@ public function test_authorization_view_is_presented_if_request_has_prompt_equal $psrRequest = m::mock(ServerRequestInterface::class); $psrRequest->shouldReceive('getQueryParams')->andReturn([]); + $psrResponse = m::mock(ResponseInterface::class); + $request = m::mock(Request::class); $request->shouldReceive('session')->andReturn($session = m::mock()); $session->shouldReceive('put')->withSomeOfArgs('authToken'); @@ -237,9 +244,9 @@ public function test_authorization_view_is_presented_if_request_has_prompt_equal return $response; }); - $controller = new AuthorizationController($server, $guard, $response, $clients); + $controller = new AuthorizationController($server, $guard, $clients); - $this->assertSame($response, $controller->authorize($psrRequest, $request)); + $this->assertSame($response, $controller->authorize($psrRequest, $request, $psrResponse, $response)); } public function test_authorization_denied_if_request_has_prompt_equals_to_none() @@ -260,6 +267,9 @@ public function test_authorization_denied_if_request_has_prompt_equals_to_none() $psrRequest = m::mock(ServerRequestInterface::class); $psrRequest->shouldReceive('getQueryParams')->andReturn([]); + $psrResponse = m::mock(ResponseInterface::class); + app()->instance(ResponseInterface::class, new Response); + $request = m::mock(Request::class); $request->shouldReceive('session')->andReturn($session = m::mock()); $session->shouldReceive('forget')->with('promptedForLogin')->once(); @@ -279,10 +289,10 @@ public function test_authorization_denied_if_request_has_prompt_equals_to_none() $client->shouldReceive('getKey')->andReturn(1); $client->shouldReceive('tokens->where->pluck')->andReturn(collect()); - $controller = new AuthorizationController($server, $guard, $response, $clients); + $controller = new AuthorizationController($server, $guard, $clients); try { - $controller->authorize($psrRequest, $request); + $controller->authorize($psrRequest, $request, $psrResponse, $response); } catch (OAuthServerException $e) { $this->assertSame($e->getMessage(), 'The authorization server requires end-user consent.'); $this->assertStringStartsWith( @@ -310,6 +320,9 @@ public function test_authorization_denied_if_unauthenticated_and_request_has_pro $psrRequest = m::mock(ServerRequestInterface::class); $psrRequest->shouldReceive('getQueryParams')->andReturn([]); + $psrResponse = m::mock(ResponseInterface::class); + app()->instance(ResponseInterface::class, new Response); + $request = m::mock(Request::class); $request->shouldNotReceive('user'); $request->shouldReceive('get')->with('prompt')->andReturn('none'); @@ -323,10 +336,10 @@ public function test_authorization_denied_if_unauthenticated_and_request_has_pro $clients = m::mock(ClientRepository::class); - $controller = new AuthorizationController($server, $guard, $response, $clients); + $controller = new AuthorizationController($server, $guard, $clients); try { - $controller->authorize($psrRequest, $request); + $controller->authorize($psrRequest, $request, $psrResponse, $response); } catch (OAuthServerException $e) { $this->assertSame($e->getMessage(), 'The authorization server requires end-user authentication.'); $this->assertStringStartsWith( @@ -355,6 +368,8 @@ public function test_logout_and_prompt_login_if_request_has_prompt_equals_to_log $psrRequest = m::mock(ServerRequestInterface::class); $psrRequest->shouldReceive('getQueryParams')->andReturn([]); + $psrResponse = m::mock(ResponseInterface::class); + $request = m::mock(Request::class); $request->shouldReceive('session')->andReturn($session = m::mock()); $session->shouldReceive('invalidate')->once(); @@ -366,9 +381,9 @@ public function test_logout_and_prompt_login_if_request_has_prompt_equals_to_log $clients = m::mock(ClientRepository::class); - $controller = new AuthorizationController($server, $guard, $response, $clients); + $controller = new AuthorizationController($server, $guard, $clients); - $controller->authorize($psrRequest, $request); + $controller->authorize($psrRequest, $request, $psrResponse, $response); } public function test_user_should_be_authenticated() @@ -385,6 +400,8 @@ public function test_user_should_be_authenticated() $psrRequest = m::mock(ServerRequestInterface::class); $psrRequest->shouldReceive('getQueryParams')->andReturn([]); + $psrResponse = m::mock(ResponseInterface::class); + $request = m::mock(Request::class); $request->shouldNotReceive('user'); $request->shouldReceive('session')->andReturn($session = m::mock()); @@ -394,8 +411,8 @@ public function test_user_should_be_authenticated() $clients = m::mock(ClientRepository::class); - $controller = new AuthorizationController($server, $guard, $response, $clients); + $controller = new AuthorizationController($server, $guard, $clients); - $controller->authorize($psrRequest, $request); + $controller->authorize($psrRequest, $request, $psrResponse, $response); } } diff --git a/tests/Unit/DenyAuthorizationControllerTest.php b/tests/Unit/DenyAuthorizationControllerTest.php index e5d7505e..6208749b 100644 --- a/tests/Unit/DenyAuthorizationControllerTest.php +++ b/tests/Unit/DenyAuthorizationControllerTest.php @@ -8,6 +8,7 @@ use League\OAuth2\Server\RequestTypes\AuthorizationRequest; use Mockery\Adapter\Phpunit\MockeryPHPUnitIntegration; use Mockery as m; +use Nyholm\Psr7\Response; use PHPUnit\Framework\TestCase; use Psr\Http\Message\ResponseInterface; @@ -39,13 +40,16 @@ public function test_authorization_can_be_denied() $authRequest->shouldReceive('getGrantTypeId')->once()->andReturn('authorization_code'); $authRequest->shouldReceive('setAuthorizationApproved')->once()->with(false); + $psrResponse = m::mock(ResponseInterface::class); + app()->instance(ResponseInterface::class, new Response); + $server->shouldReceive('completeAuthorizationRequest') ->with($authRequest, m::type(ResponseInterface::class)) ->andReturnUsing(function () { throw new \League\OAuth2\Server\Exception\OAuthServerException('', 0, ''); }); - $controller->deny($request); + $controller->deny($request, $psrResponse); } public function test_auth_request_should_exist() @@ -68,9 +72,11 @@ public function test_auth_request_should_exist() $session->shouldReceive('pull')->once()->with('authToken')->andReturn('foo'); $session->shouldReceive('pull')->once()->with('authRequest')->andReturnNull(); + $psrResponse = m::mock(ResponseInterface::class); + $server->shouldReceive('completeAuthorizationRequest')->never(); - $controller->deny($request); + $controller->deny($request, $psrResponse); } }