From bd3e03979a55f76e0b30bc209ee64469d611f897 Mon Sep 17 00:00:00 2001 From: Wendy Nestor Date: Fri, 31 Oct 2014 16:41:48 -0400 Subject: [PATCH] Tests para el feature Oauth --- .../main_tests_authorization_code.feature | 160 ++++++++ .../main_tests_client_credentials.feature | 131 +++++++ .../oauth/main_tests_implicit_grant.feature | 126 ++++++ ...sources_owner_password_credentials.feature | 139 +++++++ features/bootstrap/RestContext.php | 360 +++++++++++++++++- .../ProcessMaker/Services/OAuth2/PmPdo.php | 2 +- 6 files changed, 915 insertions(+), 3 deletions(-) create mode 100644 features/backend/oauth/main_tests_authorization_code.feature create mode 100644 features/backend/oauth/main_tests_client_credentials.feature create mode 100644 features/backend/oauth/main_tests_implicit_grant.feature create mode 100644 features/backend/oauth/main_tests_resources_owner_password_credentials.feature diff --git a/features/backend/oauth/main_tests_authorization_code.feature b/features/backend/oauth/main_tests_authorization_code.feature new file mode 100644 index 000000000..05ea8a957 --- /dev/null +++ b/features/backend/oauth/main_tests_authorization_code.feature @@ -0,0 +1,160 @@ +@ProcessMakerMichelangelo @RestAPI +Feature: Generate token Grant type - Authorization Code +Requirements: + a workspace with open session and installed application + + +Scenario Outline: Create new CLIENT_ID and CLIENT_SECRET + Given OAUTH register an application + """ + { + "name":"", + "description":"", + "webSite":"", + "redirectUri":"", + "applicationNumber":"" + } + """ + Examples: + + | Description | application_number | application_name | application_description | application_website | application_redirectUri | + | Create token normal | 1 | Demo3 | Demo3 desc | http://www.demowendy3.com | www.demowendy3.com/auth | + | Create token normal | 2 | Demo4 | Demo4 desc | http://www.demowendy4.com | http://www.processmaker.com | + + +#Endpoint para verificar el correcto funcionamiento del token generado en este script +Scenario Outline: Get the Output Documents List both process + Given that I assign an access token from session variable "access_token_" + And I request "project//output-documents" + Then the response status code should be 200 + And the response charset is "UTF-8" + And the content type is "application/json" + And the type is "array" + And the response has records + And the "out_doc_title" property in row 0 equals "" + + Examples: + + | test_description | project | records | out_doc_title | application_number | + | List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 1 | + | List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 2 | + + +Scenario Outline: Get the Output Documents List both process (without valid token) + Given I request "project//output-documents" + Then the response status code should be 401 + + Examples: + + | test_description | project | records | out_doc_title | application_number | + | List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 1 | + | List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 2 | + + +#Endpoint para hacer que expire los token creados en este script +Scenario Outline: Expire token created in this script + Given POST this data: + """ + { + } + """ + And I request "oauth2/access_token/expire" with the key "access_token" stored in session array as variable "access_token_" + Then the response status code should be 200 + + Examples: + + | Description | application_number | + | Expire token 1 | 1 | + | Expire token 2 | 2 | + + +#Endpoint para verificar que el token haya expirado +Scenario Outline: Get the Output Documents List both process + Given that I assign an access token from session variable "access_token_" + And I request "project//output-documents" + Then the response status code should be 401 + And the response status message should have the following text "" + + Examples: + + | test_description | project | records | out_doc_title | application_number | error_message | + | List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 1 | Unauthorized | + | List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 2 | Unauthorized | + + +#Grant type Refresh Token +Scenario Outline: Refresh token + Given POST this data: + """ + { + + } + """ + And I request a refresh token for "refresh_token_" + Then the response status code should be 200 + And the response charset is "UTF-8" + And the content type is "application/json" + And the type is "object" + And store "access_token" in session array as variable "access_token_" + And store "expires_in" in session array as variable "expires_in_" + And store "token_type" in session array as variable "token_type_" + And store "scope" in session array as variable "scope_" + + Examples: + + | Description | grant_number | refresh_token_number | + | Create token normal | 1 | 3 | + | Create token normal | 2 | 4 | + + +#Endpoint para verificar el correcto funcionamiento del Refresh Token generado en este script +Scenario Outline: Get the Output Documents List both process + Given that I assign an access token from session variable "access_token_" + And I request "project//output-documents" + Then the response status code should be 200 + And the response charset is "UTF-8" + And the content type is "application/json" + And the type is "array" + And the response has records + And the "out_doc_title" property in row 0 equals "" + + Examples: + + | test_description | project | records | out_doc_title | application_number | + | List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 3 | + | List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 4 | + + +#Endpoint para borrar el token creado en este script + +Scenario Outline: Delete all tokens created previously in this script + Given that I want to delete a resource with the key "access_token_" stored in session array + And I request "oauth2" + And the content type is "application/json" + Then the response status code should be 200 + And the response charset is "UTF-8" + And the type is "object" + + Examples: + + | application_number | + | 1 | + | 2 | + | 3 | + | 4 | + + +#Endpoint para verificar que el token ya no existe +Scenario Outline: Get the Output Documents List both process + Given that I assign an access token from session variable "access_token_" + And I request "project//output-documents" + Then the response status code should be 401 + And the response status message should have the following text "" + + Examples: + + | test_description | project | records | out_doc_title | application_number | error_message | + | List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 1 | Unauthorized | + | List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 2 | Unauthorized | + | List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 3 | Unauthorized | + | List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 4 | Unauthorized | diff --git a/features/backend/oauth/main_tests_client_credentials.feature b/features/backend/oauth/main_tests_client_credentials.feature new file mode 100644 index 000000000..f808fd820 --- /dev/null +++ b/features/backend/oauth/main_tests_client_credentials.feature @@ -0,0 +1,131 @@ +@ProcessMakerMichelangelo @RestAPI +Feature: Generate token Grant type - Client Credentials Grant +Requirements: + a workspace with installed application + + +Scenario Outline: Create new CLIENT_ID and CLIENT_SECRET + Given POST this data: + """ + { + "grant_type":"" + } + """ + And I request a client credential grant + Then the response status code should be 200 + And the response charset is "UTF-8" + And the content type is "application/json" + And the type is "object" + And store "access_token" in session array as variable "access_token_" + And store "expires_in" in session array as variable "expires_in_" + And store "token_type" in session array as variable "token_type_" + + Examples: + | Description | grant_number | grant_type | + | Create token normal | 1 | client_credentials | + | Create token normal | 2 | client_credentials | + + +#Endpoint para verificar el correcto funcionamiento del token generado en este script especificamente en la opción Running Cases +Scenario Outline: Returns a list of the cases for the logged in user (Inbox) + Given that I assign an access token from session variable "access_token_" + And I request "cases" + Then the response status code should be 400 + And the response charset is "UTF-8" + + + Examples: + | Description | grant_number | + | Create token normal | 1 | + | Create token normal | 2 | + +#Endpoint para hacer que expire los token creados en este script +Scenario Outline: Expire token created in this script + Given POST this data: + """ + { + } + """ + And I request "oauth2/access_token/expire" with the key "access_token" stored in session array as variable "access_token_" + Then the response status code should be 200 + + Examples: + | Description | application_number | + | Expire token 1 | 1 | + + +Scenario Outline: Expire token created in this script + Given POST this data: + """ + { + } + """ + And I request "oauth2/access_token/expire" with the key "access_token" stored in session array as variable "access_token_" + Then the response status code should be 200 + + Examples: + | Description | application_number | + | Expire token 2 | 2 | + + +#Endpoint para verificar que el token haya expirado +Scenario Outline: Get the Output Documents List both process + Given that I assign an access token from session variable "access_token_" + And I request "project//output-documents" + Then the response status code should be 401 + And the response status message should have the following text "" + + Examples: + | test_description | project | records | out_doc_title | application_number | error_message | + | List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 1 | Unauthorized | + + +Scenario Outline: Get the Output Documents List both process + Given that I assign an access token from session variable "access_token_" + And I request "project//output-documents" + Then the response status code should be 401 + And the response status message should have the following text "" + + Examples: + | test_description | project | records | out_doc_title | application_number | error_message | + | List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 2 | Unauthorized | + + +#Endpoint para borrar el token creado en este script + +Scenario Outline: Delete all tokens created previously in this script + Given that I want to delete a resource with the key "access_token_" stored in session array + And I request "oauth2" + And the content type is "application/json" + Then the response status code should be 200 + And the response charset is "UTF-8" + And the type is "object" + + Examples: + + | application_number | + | 1 | + | 2 | + +#Endpoint para verificar que el token ya no existe +Scenario Outline: Get the Output Documents List both process + Given that I assign an access token from session variable "access_token_" + And I request "project//output-documents" + Then the response status code should be 401 + And the response status message should have the following text "" + + Examples: + | test_description | project | records | out_doc_title | application_number | error_message | + | List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 1 | Unauthorized | + + +Scenario Outline: Get the Output Documents List both process + Given that I assign an access token from session variable "access_token_" + And I request "project//output-documents" + Then the response status code should be 401 + And the response status message should have the following text "" + + Examples: + | test_description | project | records | out_doc_title | application_number | error_message | + | List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 2 | Unauthorized | + diff --git a/features/backend/oauth/main_tests_implicit_grant.feature b/features/backend/oauth/main_tests_implicit_grant.feature new file mode 100644 index 000000000..8dc368f70 --- /dev/null +++ b/features/backend/oauth/main_tests_implicit_grant.feature @@ -0,0 +1,126 @@ +@ProcessMakerMichelangelo @RestAPI +Feature: Generate token Grant type - Implicit Grant +Requirements: + a workspace with installed application + + +Scenario Outline: Create new CLIENT_ID and CLIENT_SECRET + Given OAUTH request implicit grant + """ + { + "response_type":"", + "client_id":"", + "scope":"", + "implicit_grant_number":"" + } + """ + Examples: + | Description | implicit_grant_number | response_type | client_id | scope | + | Create token normal | 1 | token | x-pm-local-client | * | + | Create token normal | 2 | token | x-pm-local-client | * | + + +#Endpoint para verificar el correcto funcionamiento del token generado en este script especificamente en la opción Running Cases +Scenario Outline: Returns a list of the cases for the logged in user (Inbox) + Given that I assign an access token from session variable "access_token_" + And I request "cases" + Then the response status code should be 200 + And the response charset is "UTF-8" + And the type is "array" + And the response has 14 records + + Examples: + | Description | implicit_grant_number | + | Create token normal | 1 | + | Create token normal | 2 | + +#Endpoint para hacer que expire los token creados en este script +Scenario Outline: Expire token created in this script + Given POST this data: + """ + { + } + """ + And I request "oauth2/access_token/expire" with the key "access_token" stored in session array as variable "access_token_" + Then the response status code should be 200 + + Examples: + | Description | application_number | + | Expire token 1 | 1 | + + +Scenario Outline: Expire token created in this script + Given POST this data: + """ + { + } + """ + And I request "oauth2/access_token/expire" with the key "access_token" stored in session array as variable "access_token_" + Then the response status code should be 200 + + Examples: + | Description | application_number | + | Expire token 2 | 2 | + + +#Endpoint para verificar que el token haya expirado +Scenario Outline: Get the Output Documents List both process + Given that I assign an access token from session variable "access_token_" + And I request "project//output-documents" + Then the response status code should be 401 + And the response status message should have the following text "" + + Examples: + | test_description | project | records | out_doc_title | application_number | error_message | + | List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 1 | Unauthorized | + + +Scenario Outline: Get the Output Documents List both process + Given that I assign an access token from session variable "access_token_" + And I request "project//output-documents" + Then the response status code should be 401 + And the response status message should have the following text "" + + Examples: + | test_description | project | records | out_doc_title | application_number | error_message | + | List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 2 | Unauthorized | + + +#Endpoint para borrar el token creado en este script + +Scenario Outline: Delete all tokens created previously in this script + Given that I want to delete a resource with the key "access_token_" stored in session array + And I request "oauth2" + And the content type is "application/json" + Then the response status code should be 200 + And the response charset is "UTF-8" + And the type is "object" + + Examples: + + | application_number | + | 1 | + | 2 | + +#Endpoint para verificar que el token ya no existe +Scenario Outline: Get the Output Documents List both process + Given that I assign an access token from session variable "access_token_" + And I request "project//output-documents" + Then the response status code should be 401 + And the response status message should have the following text "" + + Examples: + | test_description | project | records | out_doc_title | application_number | error_message | + | List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 1 | Unauthorized | + + +Scenario Outline: Get the Output Documents List both process + Given that I assign an access token from session variable "access_token_" + And I request "project//output-documents" + Then the response status code should be 401 + And the response status message should have the following text "" + + Examples: + | test_description | project | records | out_doc_title | application_number | error_message | + | List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 2 | Unauthorized | + diff --git a/features/backend/oauth/main_tests_resources_owner_password_credentials.feature b/features/backend/oauth/main_tests_resources_owner_password_credentials.feature new file mode 100644 index 000000000..de1c448d5 --- /dev/null +++ b/features/backend/oauth/main_tests_resources_owner_password_credentials.feature @@ -0,0 +1,139 @@ +@ProcessMakerMichelangelo @RestAPI +Feature: Generate token Grant type - Resources Owner Password Credential Grant +Requirements: + a workspace with installed application + + +Scenario Outline: Create new CLIENT_ID and CLIENT_SECRET + Given POST this data: + """ + { + "grant_type":"", + "username":"", + "password":"", + "scope":"" + } + """ + And I request a owner password credential grant + Then the response status code should be 200 + And the response charset is "UTF-8" + And the content type is "application/json" + And the type is "object" + And store "access_token" in session array as variable "access_token_" + And store "expires_in" in session array as variable "expires_in_" + And store "token_type" in session array as variable "token_type_" + And store "scope" in session array as variable "scope_" + And store "refresh_token" in session array as variable "refresh_token_" + + + Examples: + | Description | grant_number | grant_type | username | password | scope | + | Create token normal | 1 | password | amy | sample | * | + | Create token normal | 2 | password | admin | sample123* | * | + + +#Endpoint para verificar el correcto funcionamiento del token generado en este script especificamente en la opción Running Cases +Scenario Outline: Returns a list of the cases for the logged in user (Inbox) + Given that I assign an access token from session variable "access_token_" + And I request "cases" + Then the response status code should be 200 + And the response charset is "UTF-8" + And the type is "array" + And the response has records + + Examples: + | Description | grant_number | records | + | Create token normal | 1 | 4 | + | Create token normal | 2 | 14 | + + +#Endpoint para hacer que expire los token creados en este script +Scenario Outline: Expire token created in this script + Given POST this data: + """ + { + } + """ + And I request "oauth2/access_token/expire" with the key "access_token" stored in session array as variable "access_token_" + Then the response status code should be 200 + + Examples: + | Description | application_number | + | Expire token 1 | 1 | + + +Scenario Outline: Expire token created in this script + Given POST this data: + """ + { + } + """ + And I request "oauth2/access_token/expire" with the key "access_token" stored in session array as variable "access_token_" + Then the response status code should be 200 + + Examples: + | Description | application_number | + | Expire token 2 | 2 | + + +#Endpoint para verificar que el token haya expirado +Scenario Outline: Get the Output Documents List both process + Given that I assign an access token from session variable "access_token_" + And I request "project//output-documents" + Then the response status code should be 401 + And the response status message should have the following text "" + + Examples: + | test_description | project | records | out_doc_title | application_number | error_message | + | List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 1 | Unauthorized | + + +Scenario Outline: Get the Output Documents List both process + Given that I assign an access token from session variable "access_token_" + And I request "project//output-documents" + Then the response status code should be 401 + And the response status message should have the following text "" + + Examples: + | test_description | project | records | out_doc_title | application_number | error_message | + | List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 2 | Unauthorized | + + +#Endpoint para borrar el token creado en este script + +Scenario Outline: Delete all tokens created previously in this script + Given that I want to delete a resource with the key "access_token_" stored in session array + And I request "oauth2" + And the content type is "application/json" + Then the response status code should be 200 + And the response charset is "UTF-8" + And the type is "object" + + Examples: + + | application_number | + | 1 | + | 2 | + +#Endpoint para verificar que el token ya no existe +Scenario Outline: Get the Output Documents List both process + Given that I assign an access token from session variable "access_token_" + And I request "project//output-documents" + Then the response status code should be 401 + And the response status message should have the following text "" + + Examples: + | test_description | project | records | out_doc_title | application_number | error_message | + | List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 1 | Unauthorized | + + +Scenario Outline: Get the Output Documents List both process + Given that I assign an access token from session variable "access_token_" + And I request "project//output-documents" + Then the response status code should be 401 + And the response status message should have the following text "" + + Examples: + | test_description | project | records | out_doc_title | application_number | error_message | + | List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 2 | Unauthorized | + diff --git a/features/bootstrap/RestContext.php b/features/bootstrap/RestContext.php index 3afd0f99c..efdcf730c 100644 --- a/features/bootstrap/RestContext.php +++ b/features/bootstrap/RestContext.php @@ -337,12 +337,16 @@ class RestContext extends BehatContext /** * @When /^I request "([^"]*)"$/ */ - public function iRequest($pageUrl, $urlType="") + public function iRequest($pageUrl, $urlType="",$customHeader=array()) { $this->_startTime = microtime(true); $baseUrl = $this->getParameter('base_url'); if ($this->access_token != null) { $this->_headers['Authorization'] = 'Bearer ' . $this->access_token; + }elseif(!empty($customHeader)){ + foreach($customHeader as $headerKey => $headerValue){ + $this->_headers[$headerKey] = $headerValue; + } } @@ -447,7 +451,7 @@ class RestContext extends BehatContext $message = 'unexpected control character found'; break; case JSON_ERROR_SYNTAX : - $message = "malformed JSON \n\n ------\n".$this->_response->getBody(true)."\n ------"; + $message = "malformed JSON:: \n\n ------\n".$this->_response->getBody(true)."\n ------"; break; case JSON_ERROR_UTF8 : $message = 'malformed UTF-8 characters, possibly ' . @@ -1052,10 +1056,12 @@ class RestContext extends BehatContext */ public function storeInAsVariable($varName, $sessionVarName) { + if (!isset($this->_data->$varName)) { throw new \Exception("JSON Response does not have '$varName' property\n\n" ); } + $varValue = $this->_data->$varName; if (file_exists("session.data")) { $sessionData = json_decode(file_get_contents("session.data")); @@ -1828,5 +1834,355 @@ class RestContext extends BehatContext throw new PendingException("Skip inactive dbconnection: $dbConnectionId"); } } + /** + * @Given /^OAUTH register an application$/ + */ + public function oauthRegisterAnApplication(PyStringNode $data) + { + $this->printDebug("Register Application..."); + $baseUrl = $this->getParameter('base_url'); + $login_url = $this->getParameter('login_url'); + $authentication_url = $this->getParameter('authentication_url'); + $oauth_app_url = $this->getParameter('oauth_app_url'); + $oauth_authorization_url = $this->getParameter('oauth_authorization_url'); + + $user_name = $this->getParameter('user_name'); + $user_password = $this->getParameter('user_password'); + $cookie_file = sys_get_temp_dir()."pmcookie"; + + + + $ch = curl_init(); + curl_setopt($ch, CURLOPT_URL, $authentication_url); + curl_setopt($ch, CURLOPT_REFERER, $login_url); + curl_setopt($ch, CURLOPT_USERAGENT,'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/32.0.1700.107 Chrome/32.0.1700.107 Safari/537.36'); + curl_setopt($ch, CURLOPT_POST, true); + curl_setopt($ch, CURLOPT_POSTFIELDS, "form[USR_USERNAME]=$user_name&form[USR_PASSWORD]=$user_password&form[USER_LANG]=en&form[URL]"); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); + curl_setopt($ch, CURLOPT_COOKIESESSION, true); + curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file); + curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file); + curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); + $answer = curl_exec($ch); + $newurl = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL); + + + if (strpos($newurl, "/login/login") !== false) { + throw new Exception('Bad credentials'); + } + + + //print ""; + if (curl_error($ch)) { + throw new Exception(curl_error($ch)); + } + + + // Read the session saved in the cookie file + + if(!file_exists($cookie_file)){ + throw new Exception('Invalid Cookie/Session: '.$cookie_file); + } + + + + //another request preserving the session + + $data = json_decode((string) $data); + + $name=$data->name; + $description=$data->description; + $webSite = $data->webSite; + $redirectUri=$data->redirectUri; + $applicationNumber=$data->applicationNumber; + + //1. Register application + curl_setopt($ch, CURLOPT_URL, $oauth_app_url); + curl_setopt($ch, CURLOPT_POST, true); + curl_setopt($ch, CURLOPT_POSTFIELDS, "option=INS&name=$name&description=$description&webSite=$webSite&redirectUri=$redirectUri"); + $answer = curl_exec($ch); + if (curl_error($ch)) { + throw new Exception(curl_error($ch)); + } + $newurl = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL); + + if (strpos($newurl, "/login/login") !== false) { + throw new Exception('Not authenticated'); + } + // json_decode(json) + $response=json_decode($answer); + $this->printDebug("Register application:\n".$answer."\n"); + $this->_restObjectMethod = 'post'; + $this->_headers['Content-Type'] = 'application/json; charset=UTF-8'; + $this->_response = json_decode($answer); + + + if (file_exists("session.data")) { + $sessionData = json_decode(file_get_contents("session.data")); + } else { + $sessionData = new StdClass(); + } + foreach($response->data as $key => $varValue){ + $sessionVarName=$key."_".$applicationNumber; + $sessionData->$sessionVarName = $varValue; + $this->printDebug("Save $sessionVarName = $varValue"); + } + //print_r($sessionData); + + $clientId = $response->data->CLIENT_ID; + $clientSecret = $response->data->CLIENT_SECRET; + + //2. Request Authorization + curl_setopt($ch, CURLOPT_URL, $oauth_authorization_url."?"."response_type=code&client_id=$clientId&scope=*"); + curl_setopt($ch, CURLOPT_POST, true); + curl_setopt($ch, CURLOPT_POSTFIELDS, "allow=Accept&transaction_id="); + //print "response_type=code&client_id=$clientId&scope=*"; + $answer = curl_exec($ch); + if (curl_error($ch)) { + throw new Exception(curl_error($ch)); + } + $newurl = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL); + $codeA = explode("code=",$newurl); + + $code = $codeA[1]; + $this->printDebug("Authorization code:\n".$code."\n"); + + //3. Request Token + $headr = array(); + $headr[] = 'Content-Type: application/json'; + $headr[] = 'Authorization: Basic '.base64_encode("$clientId:$clientSecret"); + + curl_setopt($ch, CURLOPT_HTTPHEADER,$headr); + //curl_setopt($ch, CURLOPT_HEADER, false); + curl_setopt($ch, CURLOPT_URL, $baseUrl."oauth2/token"); + //curl_setopt($ch, CURLOPT_USERPWD, "$clientId:$clientSecret"); + curl_setopt($ch, CURLOPT_POST, true); + curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode(array("grant_type"=>"authorization_code","code"=>$code))); + + $answer = curl_exec($ch); + if (curl_error($ch)) { + throw new Exception(curl_error($ch)); + } + $newurl = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL); + $this->printDebug("Request token:\n".$answer."\n"); + //print_r("Request token:\n".$newurl."\n"); + foreach(json_decode($answer) as $key => $varValue){ + $sessionVarName=$key."_".$applicationNumber; + $sessionData->$sessionVarName = $varValue; + $this->printDebug("Save $sessionVarName = $varValue"); + } +file_put_contents("session.data", json_encode($sessionData)); + + } + +/** + * @Given /^I request a owner password credential grant$/ + */ + public function iRequestAOwnerPasswordCredentialGrant() + { + $baseUrl = $this->getParameter('base_url'); + $clientId = $this->getParameter('client_id'); + $clientSecret = $this->getParameter('client_secret'); + + $this->printDebug("Password credentials"); + + $headr = array(); + $headr['Authorization'] = 'Basic '.base64_encode("$clientId:$clientSecret"); + + $this->iRequest($baseUrl."oauth2/token", "absolute",$headr); + //print_r($this->_data); + if(isset($this->_data->error)){ + throw new Exception($this->_data->error." : ".$this->_data->error_description); + } + } + /** + * @Given /^I request a client credential grant$/ + */ + public function iRequestAClientCredentialGrant() + { + $baseUrl = $this->getParameter('base_url'); + $clientId = $this->getParameter('client_id'); + $clientSecret = $this->getParameter('client_secret'); + + $this->printDebug("Client credentials"); + + $headr = array(); + $headr['Authorization'] = 'Basic '.base64_encode("$clientId:$clientSecret"); + + $this->iRequest($baseUrl."oauth2/token", "absolute",$headr); + //print_r($this->_data); + if(isset($this->_data->error)){ + throw new Exception($this->_data->error." : ".$this->_data->error_description); + } + } + /** + * @Given /^I request a refresh token for "([^"]*)"$/ + */ + public function iRequestARefreshToken($refreshTokenSession) + { + $refArray=explode("_",$refreshTokenSession); + $varNumber = $refArray[2]; + $baseUrl = $this->getParameter('base_url'); + $clientId = $this->getParameter('client_id'); + $clientSecret = $this->getParameter('client_secret'); + $this->printDebug("Refresh token"); + + $headr = array(); + + $request=array(); + $request['grant_type']="refresh_token"; + if (file_exists("session.data")) { + $sessionData = json_decode(file_get_contents("session.data")); + } else { + $sessionData = array(); + } + if (!isset($sessionData->$refreshTokenSession) ) { + $varValue = ''; + } else { + $varValue = $sessionData->$refreshTokenSession; + $clientIdName="CLIENT_ID_$varNumber"; + $clientSecretName="CLIENT_SECRET_$varNumber"; + $clientId = $sessionData->$clientIdName; + $clientSecret = $sessionData->$clientSecretName; + } + $headr['Authorization'] = 'Basic '.base64_encode("$clientId:$clientSecret"); + $request['refresh_token']=$varValue; + $this->_requestBody=json_encode($request); +print_r($this->_requestBody); + $this->iRequest($baseUrl."oauth2/token", "absolute", $headr); + print_r($this->_data); + if(isset($this->_data->error)){ + throw new Exception($this->_data->error." : ".$this->_data->error_description); + } + } + + /** + * @Given /^OAUTH request implicit grant$/ + */ + public function oauthRequestImplicitGrant(PyStringNode $data) + { + $this->printDebug("Implicit Grant"); + $baseUrl = $this->getParameter('base_url'); + $login_url = $this->getParameter('login_url'); + $authentication_url = $this->getParameter('authentication_url'); + $oauth_app_url = $this->getParameter('oauth_app_url'); + $oauth_authorization_url = $this->getParameter('oauth_authorization_url'); + + $user_name = $this->getParameter('user_name'); + $user_password = $this->getParameter('user_password'); + $cookie_file = sys_get_temp_dir()."pmcookie"; + + + + $ch = curl_init(); + curl_setopt($ch, CURLOPT_URL, $authentication_url); + curl_setopt($ch, CURLOPT_REFERER, $login_url); + curl_setopt($ch, CURLOPT_USERAGENT,'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/32.0.1700.107 Chrome/32.0.1700.107 Safari/537.36'); + curl_setopt($ch, CURLOPT_POST, true); + curl_setopt($ch, CURLOPT_POSTFIELDS, "form[USR_USERNAME]=$user_name&form[USR_PASSWORD]=$user_password&form[USER_LANG]=en&form[URL]"); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); + curl_setopt($ch, CURLOPT_COOKIESESSION, true); + curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file); + curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file); + curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); + $answer = curl_exec($ch); + $newurl = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL); + + //print_r($newurl); + if (strpos($newurl, "/login/login") !== false) { + throw new Exception('Bad credentials'); + } + + + //print ""; + if (curl_error($ch)) { + throw new Exception(curl_error($ch)); + } + + + // Read the session saved in the cookie file + + if(!file_exists($cookie_file)){ + throw new Exception('Invalid Cookie/Session: '.$cookie_file); + } + + //another request preserving the session + + $data = json_decode((string) $data); + + $response_type=$data->response_type; + $client_id=$data->client_id; + $scope = $data->scope; + $implicit_grant_number = $data->implicit_grant_number; + + + //1. Register application + curl_setopt($ch, CURLOPT_URL, $oauth_authorization_url."?response_type=$response_type&client_id=$client_id&scope=$scope"); + curl_setopt($ch, CURLOPT_POST, true); + curl_setopt($ch, CURLOPT_POSTFIELDS, "transaction_id="); + curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); + $answer = curl_exec($ch); + if (curl_error($ch)) { + throw new Exception(curl_error($ch)); + } + $newurl = urldecode(curl_getinfo($ch, CURLINFO_EFFECTIVE_URL)); + + + if (strpos($newurl, "/login/login") !== false) { + throw new Exception('Not authenticated'); + } + $parts = parse_url($newurl); + + parse_str($parts['fragment'], $fragment); + //print_r($fragment); + // json_decode(json) + $response=json_decode($answer); + + if (file_exists("session.data")) { + $sessionData = json_decode(file_get_contents("session.data")); + } else { + $sessionData = new StdClass(); + } + foreach($fragment as $key => $varValue){ + $sessionVarName=$key."_".$implicit_grant_number; + $sessionData->$sessionVarName = $varValue; + } + //print_r($sessionData); + file_put_contents("session.data", json_encode($sessionData)); + //print_r("\nRegister application:\n".$answer."\n$oauth_authorization_url?response_type=$response_type&client_id=$client_id&scope=$scope\n"); + //print_r($newurl); + $this->_restObjectMethod = 'post'; + $this->_headers['Content-Type'] = 'application/json; charset=UTF-8'; + $this->_response = json_decode($answer); + + + } + + /** + * @Given /^that I assign an access token from session variable "([^"]*)"$/ + */ + public function thatIAssignAnAccessTokenFromSessionVariable($varName) + { + if (file_exists("session.data")) { + $sessionData = json_decode(file_get_contents("session.data")); + } else { + $sessionData = array(); + } + if (!isset($sessionData->$varName) ) { + $varValue = ''; + } else { + $varValue = $sessionData->$varName; + } + $access_token = $varValue; + if (strlen($access_token)<= 10) { + + throw new Exception ("Access token is not valid\n\n" ); + } + $this->printDebug("Access token set to: $access_token"); + $this->access_token = $access_token; + } + + + } \ No newline at end of file diff --git a/workflow/engine/src/ProcessMaker/Services/OAuth2/PmPdo.php b/workflow/engine/src/ProcessMaker/Services/OAuth2/PmPdo.php index fecdf27c7..ec83f68eb 100644 --- a/workflow/engine/src/ProcessMaker/Services/OAuth2/PmPdo.php +++ b/workflow/engine/src/ProcessMaker/Services/OAuth2/PmPdo.php @@ -149,7 +149,7 @@ class PmPdo implements \OAuth2\Storage\AuthorizationCodeInterface, { $access_token = new \OauthAccessTokens(); $access_token->load($token); - $stmt = $this->db->prepare(sprintf('UPDATE %s SET EXPIRES=%s WHERE ACCESS_TOKEN=:token', $this->config['access_token_table'], "'".Date('Y-m-d H:i:s')."'")); + $stmt = $this->db->prepare(sprintf('UPDATE %s SET EXPIRES=%s WHERE ACCESS_TOKEN=:token', $this->config['access_token_table'], "'".Date('Y-m-d H:i:s',strtotime("-1 minute"))."'")); return $stmt->execute(compact('token')); }