fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Tests para el feature Oauth

Browse Source
This commit is contained in:
Wendy Nestor
2014-10-31 16:41:48 -04:00
parent 72dd59f6f0
commit bd3e03979a
6 changed files with 915 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

160
features/backend/oauth/main_tests_authorization_code.feature Normal file
View File

@@ -0,0 +1,160 @@
@ProcessMakerMichelangelo @RestAPI
Feature: Generate token Grant type - Authorization Code
Requirements:
a workspace with open session and installed application
Scenario Outline: Create new CLIENT_ID and CLIENT_SECRET
Given OAUTH register an application
"""
{
"name":"<application_name>",
"description":"<application_description>",
"webSite":"<application_website>",
"redirectUri":"<application_redirectUri>",
"applicationNumber":"<application_number>"
}
"""
Examples:
| Description | application_number | application_name | application_description | application_website | application_redirectUri |
| Create token normal | 1 | Demo3 | Demo3 desc | http://www.demowendy3.com | www.demowendy3.com/auth |
| Create token normal | 2 | Demo4 | Demo4 desc | http://www.demowendy4.com | http://www.processmaker.com |
#Endpoint para verificar el correcto funcionamiento del token generado en este script
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 200
And the response charset is "UTF-8"
And the content type is "application/json"
And the type is "array"
And the response has <records> records
And the "out_doc_title" property in row 0 equals "<out_doc_title>"
Examples:
| test_description | project | records | out_doc_title | application_number |
| List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 1 |
| List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 2 |
Scenario Outline: Get the Output Documents List both process (without valid token)
Given I request "project/<project>/output-documents"
Then the response status code should be 401
Examples:
| test_description | project | records | out_doc_title | application_number |
| List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 1 |
| List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 2 |
#Endpoint para hacer que expire los token creados en este script
Scenario Outline: Expire token created in this script
Given POST this data:
"""
{
}
"""
And I request "oauth2/access_token/expire" with the key "access_token" stored in session array as variable "access_token_<application_number>"
Then the response status code should be 200
Examples:
| Description | application_number |
| Expire token 1 | 1 |
| Expire token 2 | 2 |
#Endpoint para verificar que el token haya expirado
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 401
And the response status message should have the following text "<error_message>"
Examples:
| test_description | project | records | out_doc_title | application_number | error_message |
| List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 1 | Unauthorized |
| List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 2 | Unauthorized |
#Grant type Refresh Token
Scenario Outline: Refresh token
Given POST this data:
"""
{
}
"""
And I request a refresh token for "refresh_token_<grant_number>"
Then the response status code should be 200
And the response charset is "UTF-8"
And the content type is "application/json"
And the type is "object"
And store "access_token" in session array as variable "access_token_<refresh_token_number>"
And store "expires_in" in session array as variable "expires_in_<refresh_token_number>"
And store "token_type" in session array as variable "token_type_<refresh_token_number>"
And store "scope" in session array as variable "scope_<refresh_token_number>"
Examples:
| Description | grant_number | refresh_token_number |
| Create token normal | 1 | 3 |
| Create token normal | 2 | 4 |
#Endpoint para verificar el correcto funcionamiento del Refresh Token generado en este script
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 200
And the response charset is "UTF-8"
And the content type is "application/json"
And the type is "array"
And the response has <records> records
And the "out_doc_title" property in row 0 equals "<out_doc_title>"
Examples:
| test_description | project | records | out_doc_title | application_number |
| List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 3 |
| List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 4 |
#Endpoint para borrar el token creado en este script
Scenario Outline: Delete all tokens created previously in this script
Given that I want to delete a resource with the key "access_token_<application_number>" stored in session array
And I request "oauth2"
And the content type is "application/json"
Then the response status code should be 200
And the response charset is "UTF-8"
And the type is "object"
Examples:
| application_number |
| 1 |
| 2 |
| 3 |
| 4 |
#Endpoint para verificar que el token ya no existe
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 401
And the response status message should have the following text "<error_message>"
Examples:
| test_description | project | records | out_doc_title | application_number | error_message |
| List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 1 | Unauthorized |
| List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 2 | Unauthorized |
| List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 3 | Unauthorized |
| List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 4 | Unauthorized |

131
features/backend/oauth/main_tests_client_credentials.feature Normal file
View File

@@ -0,0 +1,131 @@
@ProcessMakerMichelangelo @RestAPI
Feature: Generate token Grant type - Client Credentials Grant
Requirements:
a workspace with installed application
Scenario Outline: Create new CLIENT_ID and CLIENT_SECRET
Given POST this data:
"""
{
"grant_type":"<grant_type>"
}
"""
And I request a client credential grant
Then the response status code should be 200
And the response charset is "UTF-8"
And the content type is "application/json"
And the type is "object"
And store "access_token" in session array as variable "access_token_<grant_number>"
And store "expires_in" in session array as variable "expires_in_<grant_number>"
And store "token_type" in session array as variable "token_type_<grant_number>"
Examples:
| Description | grant_number | grant_type |
| Create token normal | 1 | client_credentials |
| Create token normal | 2 | client_credentials |
#Endpoint para verificar el correcto funcionamiento del token generado en este script especificamente en la opción Running Cases
Scenario Outline: Returns a list of the cases for the logged in user (Inbox)
Given that I assign an access token from session variable "access_token_<grant_number>"
And I request "cases"
Then the response status code should be 400
And the response charset is "UTF-8"
Examples:
| Description | grant_number |
| Create token normal | 1 |
| Create token normal | 2 |
#Endpoint para hacer que expire los token creados en este script
Scenario Outline: Expire token created in this script
Given POST this data:
"""
{
}
"""
And I request "oauth2/access_token/expire" with the key "access_token" stored in session array as variable "access_token_<application_number>"
Then the response status code should be 200
Examples:
| Description | application_number |
| Expire token 1 | 1 |
Scenario Outline: Expire token created in this script
Given POST this data:
"""
{
}
"""
And I request "oauth2/access_token/expire" with the key "access_token" stored in session array as variable "access_token_<application_number>"
Then the response status code should be 200
Examples:
| Description | application_number |
| Expire token 2 | 2 |
#Endpoint para verificar que el token haya expirado
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 401
And the response status message should have the following text "<error_message>"
Examples:
| test_description | project | records | out_doc_title | application_number | error_message |
| List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 1 | Unauthorized |
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 401
And the response status message should have the following text "<error_message>"
Examples:
| test_description | project | records | out_doc_title | application_number | error_message |
| List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 2 | Unauthorized |
#Endpoint para borrar el token creado en este script
Scenario Outline: Delete all tokens created previously in this script
Given that I want to delete a resource with the key "access_token_<application_number>" stored in session array
And I request "oauth2"
And the content type is "application/json"
Then the response status code should be 200
And the response charset is "UTF-8"
And the type is "object"
Examples:
| application_number |
| 1 |
| 2 |
#Endpoint para verificar que el token ya no existe
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 401
And the response status message should have the following text "<error_message>"
Examples:
| test_description | project | records | out_doc_title | application_number | error_message |
| List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 1 | Unauthorized |
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 401
And the response status message should have the following text "<error_message>"
Examples:
| test_description | project | records | out_doc_title | application_number | error_message |
| List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 2 | Unauthorized |

126
features/backend/oauth/main_tests_implicit_grant.feature Normal file
View File

@@ -0,0 +1,126 @@
@ProcessMakerMichelangelo @RestAPI
Feature: Generate token Grant type - Implicit Grant
Requirements:
a workspace with installed application
Scenario Outline: Create new CLIENT_ID and CLIENT_SECRET
Given OAUTH request implicit grant
"""
{
"response_type":"<response_type>",
"client_id":"<client_id>",
"scope":"<scope>",
"implicit_grant_number":"<implicit_grant_number>"
}
"""
Examples:
| Description | implicit_grant_number | response_type | client_id | scope |
| Create token normal | 1 | token | x-pm-local-client | * |
| Create token normal | 2 | token | x-pm-local-client | * |
#Endpoint para verificar el correcto funcionamiento del token generado en este script especificamente en la opción Running Cases
Scenario Outline: Returns a list of the cases for the logged in user (Inbox)
Given that I assign an access token from session variable "access_token_<implicit_grant_number>"
And I request "cases"
Then the response status code should be 200
And the response charset is "UTF-8"
And the type is "array"
And the response has 14 records
Examples:
| Description | implicit_grant_number |
| Create token normal | 1 |
| Create token normal | 2 |
#Endpoint para hacer que expire los token creados en este script
Scenario Outline: Expire token created in this script
Given POST this data:
"""
{
}
"""
And I request "oauth2/access_token/expire" with the key "access_token" stored in session array as variable "access_token_<application_number>"
Then the response status code should be 200
Examples:
| Description | application_number |
| Expire token 1 | 1 |
Scenario Outline: Expire token created in this script
Given POST this data:
"""
{
}
"""
And I request "oauth2/access_token/expire" with the key "access_token" stored in session array as variable "access_token_<application_number>"
Then the response status code should be 200
Examples:
| Description | application_number |
| Expire token 2 | 2 |
#Endpoint para verificar que el token haya expirado
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 401
And the response status message should have the following text "<error_message>"
Examples:
| test_description | project | records | out_doc_title | application_number | error_message |
| List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 1 | Unauthorized |
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 401
And the response status message should have the following text "<error_message>"
Examples:
| test_description | project | records | out_doc_title | application_number | error_message |
| List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 2 | Unauthorized |
#Endpoint para borrar el token creado en este script
Scenario Outline: Delete all tokens created previously in this script
Given that I want to delete a resource with the key "access_token_<application_number>" stored in session array
And I request "oauth2"
And the content type is "application/json"
Then the response status code should be 200
And the response charset is "UTF-8"
And the type is "object"
Examples:
| application_number |
| 1 |
| 2 |
#Endpoint para verificar que el token ya no existe
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 401
And the response status message should have the following text "<error_message>"
Examples:
| test_description | project | records | out_doc_title | application_number | error_message |
| List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 1 | Unauthorized |
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 401
And the response status message should have the following text "<error_message>"
Examples:
| test_description | project | records | out_doc_title | application_number | error_message |
| List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 2 | Unauthorized |

139
features/backend/oauth/main_tests_resources_owner_password_credentials.feature Normal file
View File

@@ -0,0 +1,139 @@
@ProcessMakerMichelangelo @RestAPI
Feature: Generate token Grant type - Resources Owner Password Credential Grant
Requirements:
a workspace with installed application
Scenario Outline: Create new CLIENT_ID and CLIENT_SECRET
Given POST this data:
"""
{
"grant_type":"<grant_type>",
"username":"<username>",
"password":"<password>",
"scope":"<scope>"
}
"""
And I request a owner password credential grant
Then the response status code should be 200
And the response charset is "UTF-8"
And the content type is "application/json"
And the type is "object"
And store "access_token" in session array as variable "access_token_<grant_number>"
And store "expires_in" in session array as variable "expires_in_<grant_number>"
And store "token_type" in session array as variable "token_type_<grant_number>"
And store "scope" in session array as variable "scope_<grant_number>"
And store "refresh_token" in session array as variable "refresh_token_<grant_number>"
Examples:
| Description | grant_number | grant_type | username | password | scope |
| Create token normal | 1 | password | amy | sample | * |
| Create token normal | 2 | password | admin | sample123* | * |
#Endpoint para verificar el correcto funcionamiento del token generado en este script especificamente en la opción Running Cases
Scenario Outline: Returns a list of the cases for the logged in user (Inbox)
Given that I assign an access token from session variable "access_token_<grant_number>"
And I request "cases"
Then the response status code should be 200
And the response charset is "UTF-8"
And the type is "array"
And the response has <records> records
Examples:
| Description | grant_number | records |
| Create token normal | 1 | 4 |
| Create token normal | 2 | 14 |
#Endpoint para hacer que expire los token creados en este script
Scenario Outline: Expire token created in this script
Given POST this data:
"""
{
}
"""
And I request "oauth2/access_token/expire" with the key "access_token" stored in session array as variable "access_token_<application_number>"
Then the response status code should be 200
Examples:
| Description | application_number |
| Expire token 1 | 1 |
Scenario Outline: Expire token created in this script
Given POST this data:
"""
{
}
"""
And I request "oauth2/access_token/expire" with the key "access_token" stored in session array as variable "access_token_<application_number>"
Then the response status code should be 200
Examples:
| Description | application_number |
| Expire token 2 | 2 |
#Endpoint para verificar que el token haya expirado
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 401
And the response status message should have the following text "<error_message>"
Examples:
| test_description | project | records | out_doc_title | application_number | error_message |
| List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 1 | Unauthorized |
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 401
And the response status message should have the following text "<error_message>"
Examples:
| test_description | project | records | out_doc_title | application_number | error_message |
| List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 2 | Unauthorized |
#Endpoint para borrar el token creado en este script
Scenario Outline: Delete all tokens created previously in this script
Given that I want to delete a resource with the key "access_token_<application_number>" stored in session array
And I request "oauth2"
And the content type is "application/json"
Then the response status code should be 200
And the response charset is "UTF-8"
And the type is "object"
Examples:
| application_number |
| 1 |
| 2 |
#Endpoint para verificar que el token ya no existe
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 401
And the response status message should have the following text "<error_message>"
Examples:
| test_description | project | records | out_doc_title | application_number | error_message |
| List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 1 | Unauthorized |
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 401
And the response status message should have the following text "<error_message>"
Examples:
| test_description | project | records | out_doc_title | application_number | error_message |
| List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 2 | Unauthorized |

360
features/bootstrap/RestContext.php
View File

@@ -337,12 +337,16 @@ class RestContext extends BehatContext
/** /**
* @When /^I request "([^"]*)"$/ * @When /^I request "([^"]*)"$/
*/ */
public function iRequest($pageUrl, $urlType="") public function iRequest($pageUrl, $urlType="",$customHeader=array())
{ {
$this->_startTime = microtime(true); $this->_startTime = microtime(true);
$baseUrl = $this->getParameter('base_url'); $baseUrl = $this->getParameter('base_url');
if ($this->access_token != null) { if ($this->access_token != null) {
$this->_headers['Authorization'] = 'Bearer ' . $this->access_token; $this->_headers['Authorization'] = 'Bearer ' . $this->access_token;
}elseif(!empty($customHeader)){
foreach($customHeader as $headerKey => $headerValue){
$this->_headers[$headerKey] = $headerValue;
}
} }
@@ -447,7 +451,7 @@ class RestContext extends BehatContext
$message = 'unexpected control character found'; $message = 'unexpected control character found';
break; break;
case JSON_ERROR_SYNTAX : case JSON_ERROR_SYNTAX :
$message = "malformed JSON \n\n ------\n".$this->_response->getBody(true)."\n ------"; $message = "malformed JSON:: \n\n ------\n".$this->_response->getBody(true)."\n ------";
break; break;
case JSON_ERROR_UTF8 : case JSON_ERROR_UTF8 :
$message = 'malformed UTF-8 characters, possibly ' . $message = 'malformed UTF-8 characters, possibly ' .
@@ -1052,10 +1056,12 @@ class RestContext extends BehatContext
*/ */
public function storeInAsVariable($varName, $sessionVarName) public function storeInAsVariable($varName, $sessionVarName)
{ {
if (!isset($this->_data->$varName)) { if (!isset($this->_data->$varName)) {
throw new \Exception("JSON Response does not have '$varName' property\n\n" ); throw new \Exception("JSON Response does not have '$varName' property\n\n" );
} }
$varValue = $this->_data->$varName; $varValue = $this->_data->$varName;
if (file_exists("session.data")) { if (file_exists("session.data")) {
$sessionData = json_decode(file_get_contents("session.data")); $sessionData = json_decode(file_get_contents("session.data"));
@@ -1828,5 +1834,355 @@ class RestContext extends BehatContext
throw new PendingException("Skip inactive dbconnection: $dbConnectionId"); throw new PendingException("Skip inactive dbconnection: $dbConnectionId");
} }
} }
/**
* @Given /^OAUTH register an application$/
*/
public function oauthRegisterAnApplication(PyStringNode $data)
{
$this->printDebug("Register Application...");
$baseUrl = $this->getParameter('base_url');
$login_url = $this->getParameter('login_url');
$authentication_url = $this->getParameter('authentication_url');
$oauth_app_url = $this->getParameter('oauth_app_url');
$oauth_authorization_url = $this->getParameter('oauth_authorization_url');
$user_name = $this->getParameter('user_name');
$user_password = $this->getParameter('user_password');
$cookie_file = sys_get_temp_dir()."pmcookie";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $authentication_url);
curl_setopt($ch, CURLOPT_REFERER, $login_url);
curl_setopt($ch, CURLOPT_USERAGENT,'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/32.0.1700.107 Chrome/32.0.1700.107 Safari/537.36');
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, "form[USR_USERNAME]=$user_name&form[USR_PASSWORD]=$user_password&form[USER_LANG]=en&form[URL]");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_COOKIESESSION, true);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
$answer = curl_exec($ch);
$newurl = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL);
if (strpos($newurl, "/login/login") !== false) {
throw new Exception('Bad credentials');
}
//print "<textarea>$answer</textarea>";
if (curl_error($ch)) {
throw new Exception(curl_error($ch));
}
// Read the session saved in the cookie file
if(!file_exists($cookie_file)){
throw new Exception('Invalid Cookie/Session: '.$cookie_file);
}
//another request preserving the session
$data = json_decode((string) $data);
$name=$data->name;
$description=$data->description;
$webSite = $data->webSite;
$redirectUri=$data->redirectUri;
$applicationNumber=$data->applicationNumber;
//1. Register application
curl_setopt($ch, CURLOPT_URL, $oauth_app_url);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, "option=INS&name=$name&description=$description&webSite=$webSite&redirectUri=$redirectUri");
$answer = curl_exec($ch);
if (curl_error($ch)) {
throw new Exception(curl_error($ch));
}
$newurl = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL);
if (strpos($newurl, "/login/login") !== false) {
throw new Exception('Not authenticated');
}
// json_decode(json)
$response=json_decode($answer);
$this->printDebug("Register application:\n".$answer."\n");
$this->_restObjectMethod = 'post';
$this->_headers['Content-Type'] = 'application/json; charset=UTF-8';
$this->_response = json_decode($answer);
if (file_exists("session.data")) {
$sessionData = json_decode(file_get_contents("session.data"));
} else {
$sessionData = new StdClass();
}
foreach($response->data as $key => $varValue){
$sessionVarName=$key."_".$applicationNumber;
$sessionData->$sessionVarName = $varValue;
$this->printDebug("Save $sessionVarName = $varValue");
}
//print_r($sessionData);
$clientId = $response->data->CLIENT_ID;
$clientSecret = $response->data->CLIENT_SECRET;
//2. Request Authorization
curl_setopt($ch, CURLOPT_URL, $oauth_authorization_url."?"."response_type=code&client_id=$clientId&scope=*");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, "allow=Accept&transaction_id=");
//print "response_type=code&client_id=$clientId&scope=*";
$answer = curl_exec($ch);
if (curl_error($ch)) {
throw new Exception(curl_error($ch));
}
$newurl = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL);
$codeA = explode("code=",$newurl);
$code = $codeA[1];
$this->printDebug("Authorization code:\n".$code."\n");
//3. Request Token
$headr = array();
$headr[] = 'Content-Type: application/json';
$headr[] = 'Authorization: Basic '.base64_encode("$clientId:$clientSecret");
curl_setopt($ch, CURLOPT_HTTPHEADER,$headr);
//curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_URL, $baseUrl."oauth2/token");
//curl_setopt($ch, CURLOPT_USERPWD, "$clientId:$clientSecret");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode(array("grant_type"=>"authorization_code","code"=>$code)));
$answer = curl_exec($ch);
if (curl_error($ch)) {
throw new Exception(curl_error($ch));
}
$newurl = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL);
$this->printDebug("Request token:\n".$answer."\n");
//print_r("Request token:\n".$newurl."\n");
foreach(json_decode($answer) as $key => $varValue){
$sessionVarName=$key."_".$applicationNumber;
$sessionData->$sessionVarName = $varValue;
$this->printDebug("Save $sessionVarName = $varValue");
}
file_put_contents("session.data", json_encode($sessionData));
}
/**
* @Given /^I request a owner password credential grant$/
*/
public function iRequestAOwnerPasswordCredentialGrant()
{
$baseUrl = $this->getParameter('base_url');
$clientId = $this->getParameter('client_id');
$clientSecret = $this->getParameter('client_secret');
$this->printDebug("Password credentials");
$headr = array();
$headr['Authorization'] = 'Basic '.base64_encode("$clientId:$clientSecret");
$this->iRequest($baseUrl."oauth2/token", "absolute",$headr);
//print_r($this->_data);
if(isset($this->_data->error)){
throw new Exception($this->_data->error." : ".$this->_data->error_description);
}
}
/**
* @Given /^I request a client credential grant$/
*/
public function iRequestAClientCredentialGrant()
{
$baseUrl = $this->getParameter('base_url');
$clientId = $this->getParameter('client_id');
$clientSecret = $this->getParameter('client_secret');
$this->printDebug("Client credentials");
$headr = array();
$headr['Authorization'] = 'Basic '.base64_encode("$clientId:$clientSecret");
$this->iRequest($baseUrl."oauth2/token", "absolute",$headr);
//print_r($this->_data);
if(isset($this->_data->error)){
throw new Exception($this->_data->error." : ".$this->_data->error_description);
}
}
/**
* @Given /^I request a refresh token for "([^"]*)"$/
*/
public function iRequestARefreshToken($refreshTokenSession)
{
$refArray=explode("_",$refreshTokenSession);
$varNumber = $refArray[2];
$baseUrl = $this->getParameter('base_url');
$clientId = $this->getParameter('client_id');
$clientSecret = $this->getParameter('client_secret');
$this->printDebug("Refresh token");
$headr = array();
$request=array();
$request['grant_type']="refresh_token";
if (file_exists("session.data")) {
$sessionData = json_decode(file_get_contents("session.data"));
} else {
$sessionData = array();
}
if (!isset($sessionData->$refreshTokenSession) ) {
$varValue = '';
} else {
$varValue = $sessionData->$refreshTokenSession;
$clientIdName="CLIENT_ID_$varNumber";
$clientSecretName="CLIENT_SECRET_$varNumber";
$clientId = $sessionData->$clientIdName;
$clientSecret = $sessionData->$clientSecretName;
}
$headr['Authorization'] = 'Basic '.base64_encode("$clientId:$clientSecret");
$request['refresh_token']=$varValue;
$this->_requestBody=json_encode($request);
print_r($this->_requestBody);
$this->iRequest($baseUrl."oauth2/token", "absolute", $headr);
print_r($this->_data);
if(isset($this->_data->error)){
throw new Exception($this->_data->error." : ".$this->_data->error_description);
}
}
/**
* @Given /^OAUTH request implicit grant$/
*/
public function oauthRequestImplicitGrant(PyStringNode $data)
{
$this->printDebug("Implicit Grant");
$baseUrl = $this->getParameter('base_url');
$login_url = $this->getParameter('login_url');
$authentication_url = $this->getParameter('authentication_url');
$oauth_app_url = $this->getParameter('oauth_app_url');
$oauth_authorization_url = $this->getParameter('oauth_authorization_url');
$user_name = $this->getParameter('user_name');
$user_password = $this->getParameter('user_password');
$cookie_file = sys_get_temp_dir()."pmcookie";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $authentication_url);
curl_setopt($ch, CURLOPT_REFERER, $login_url);
curl_setopt($ch, CURLOPT_USERAGENT,'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/32.0.1700.107 Chrome/32.0.1700.107 Safari/537.36');
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, "form[USR_USERNAME]=$user_name&form[USR_PASSWORD]=$user_password&form[USER_LANG]=en&form[URL]");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_COOKIESESSION, true);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
$answer = curl_exec($ch);
$newurl = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL);
//print_r($newurl);
if (strpos($newurl, "/login/login") !== false) {
throw new Exception('Bad credentials');
}
//print "<textarea>$answer</textarea>";
if (curl_error($ch)) {
throw new Exception(curl_error($ch));
}
// Read the session saved in the cookie file
if(!file_exists($cookie_file)){
throw new Exception('Invalid Cookie/Session: '.$cookie_file);
}
//another request preserving the session
$data = json_decode((string) $data);
$response_type=$data->response_type;
$client_id=$data->client_id;
$scope = $data->scope;
$implicit_grant_number = $data->implicit_grant_number;
//1. Register application
curl_setopt($ch, CURLOPT_URL, $oauth_authorization_url."?response_type=$response_type&client_id=$client_id&scope=$scope");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, "transaction_id=");
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
$answer = curl_exec($ch);
if (curl_error($ch)) {
throw new Exception(curl_error($ch));
}
$newurl = urldecode(curl_getinfo($ch, CURLINFO_EFFECTIVE_URL));
if (strpos($newurl, "/login/login") !== false) {
throw new Exception('Not authenticated');
}
$parts = parse_url($newurl);
parse_str($parts['fragment'], $fragment);
//print_r($fragment);
// json_decode(json)
$response=json_decode($answer);
if (file_exists("session.data")) {
$sessionData = json_decode(file_get_contents("session.data"));
} else {
$sessionData = new StdClass();
}
foreach($fragment as $key => $varValue){
$sessionVarName=$key."_".$implicit_grant_number;
$sessionData->$sessionVarName = $varValue;
}
//print_r($sessionData);
file_put_contents("session.data", json_encode($sessionData));
//print_r("\nRegister application:\n".$answer."\n$oauth_authorization_url?response_type=$response_type&client_id=$client_id&scope=$scope\n");
//print_r($newurl);
$this->_restObjectMethod = 'post';
$this->_headers['Content-Type'] = 'application/json; charset=UTF-8';
$this->_response = json_decode($answer);
}
/**
* @Given /^that I assign an access token from session variable "([^"]*)"$/
*/
public function thatIAssignAnAccessTokenFromSessionVariable($varName)
{
if (file_exists("session.data")) {
$sessionData = json_decode(file_get_contents("session.data"));
} else {
$sessionData = array();
}
if (!isset($sessionData->$varName) ) {
$varValue = '';
} else {
$varValue = $sessionData->$varName;
}
$access_token = $varValue;
if (strlen($access_token)<= 10) {
throw new Exception ("Access token is not valid\n\n" );
}
$this->printDebug("Access token set to: $access_token");
$this->access_token = $access_token;
}
} }

2
workflow/engine/src/ProcessMaker/Services/OAuth2/PmPdo.php
View File

@@ -149,7 +149,7 @@ class PmPdo implements \OAuth2\Storage\AuthorizationCodeInterface,
{ {
$access_token = new \OauthAccessTokens(); $access_token = new \OauthAccessTokens();
$access_token->load($token); $access_token->load($token);
$stmt = $this->db->prepare(sprintf('UPDATE %s SET EXPIRES=%s WHERE ACCESS_TOKEN=:token', $this->config['access_token_table'], "'".Date('Y-m-d H:i:s')."'")); $stmt = $this->db->prepare(sprintf('UPDATE %s SET EXPIRES=%s WHERE ACCESS_TOKEN=:token', $this->config['access_token_table'], "'".Date('Y-m-d H:i:s',strtotime("-1 minute"))."'"));
return $stmt->execute(compact('token')); return $stmt->execute(compact('token'));
} }