Skip to content

Commit 8e901cb

Browse files
cornelius-behrendcornelius-behrend
committed
NFS-1239: Readded testConstructorToFailOnUnsignedToken test
1 parent 3ecf507 commit 8e901cb

1 file changed

Lines changed: 55 additions & 0 deletions

File tree

test/SSOTokenTest.php

Lines changed: 55 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -88,6 +88,42 @@ public static function createSignedTokenFromData($privateKey, $tokenData) {
8888
->getToken($config->signer(), $config->signingKey());
8989
}
9090

91+
/**
92+
* Create an unsigned token by omitting sign().
93+
*
94+
* @param array $tokenData associative array of claims
95+
*
96+
* @return string Encoded token.
97+
*/
98+
private static function createUnsignedTokenFromData($tokenData) {
99+
100+
$config = Configuration::forUnsecuredSigner();
101+
102+
return ($config->builder())
103+
->issuedBy($tokenData[SSOToken::CLAIM_ISSUER])
104+
->permittedFor($tokenData[SSOToken::CLAIM_AUDIENCE])
105+
->issuedAt($tokenData[SSOToken::CLAIM_ISSUED_AT])
106+
->canOnlyBeUsedAfter($tokenData[SSOToken::CLAIM_NOT_BEFORE])
107+
->expiresAt($tokenData[SSOToken::CLAIM_EXPIRE_AT])
108+
->relatedTo($tokenData[SSOToken::CLAIM_USER_ID])
109+
->withClaim(SSOToken::CLAIM_INSTANCE_ID, $tokenData[SSOToken::CLAIM_INSTANCE_ID])
110+
->withClaim(SSOToken::CLAIM_INSTANCE_NAME, $tokenData[SSOToken::CLAIM_INSTANCE_NAME])
111+
->withClaim(SSOToken::CLAIM_USER_EXTERNAL_ID, $tokenData[SSOToken::CLAIM_USER_EXTERNAL_ID])
112+
->withClaim(SSOToken::CLAIM_USER_FULL_NAME, $tokenData[SSOToken::CLAIM_USER_FULL_NAME])
113+
->withClaim(SSOToken::CLAIM_USER_FIRST_NAME, $tokenData[SSOToken::CLAIM_USER_FIRST_NAME])
114+
->withClaim(SSOToken::CLAIM_USER_LAST_NAME, $tokenData[SSOToken::CLAIM_USER_LAST_NAME])
115+
->withClaim(SSOToken::CLAIM_USER_ROLE, $tokenData[SSOToken::CLAIM_USER_ROLE])
116+
->withClaim(SSOToken::CLAIM_ENTITY_TYPE, $tokenData[SSOToken::CLAIM_ENTITY_TYPE])
117+
->withClaim(SSOToken::CLAIM_THEME_TEXT_COLOR, $tokenData[SSOToken::CLAIM_THEME_TEXT_COLOR])
118+
->withClaim(SSOToken::CLAIM_THEME_BACKGROUND_COLOR, $tokenData[SSOToken::CLAIM_THEME_BACKGROUND_COLOR])
119+
->withClaim(SSOToken::CLAIM_USER_LOCALE, $tokenData[SSOToken::CLAIM_USER_LOCALE])
120+
->withClaim(SSOToken::CLAIM_USER_TAGS, $tokenData[SSOToken::CLAIM_USER_TAGS])
121+
->withClaim(SSOToken::CLAIM_BRANCH_ID, $tokenData[SSOToken::CLAIM_BRANCH_ID])
122+
->withClaim(SSOToken::CLAIM_BRANCH_SLUG, $tokenData[SSOToken::CLAIM_BRANCH_SLUG])
123+
->withClaim(SSOToken::CLAIM_SESSION_ID, $tokenData[SSOToken::CLAIM_SESSION_ID])
124+
->getToken($config->signer(), $config->signingKey());
125+
}
126+
91127
/**
92128
* @test
93129
*
@@ -251,6 +287,25 @@ public function testConstructorToFailOnMissingInstanceId() {
251287
new SSOToken($this->publicKey, $token);
252288
}
253289

290+
/**
291+
* @test
292+
*
293+
* Test constructor throws exception on a unsigned token.
294+
*
295+
* @covers \Staffbase\plugins\sdk\SSOToken::__construct
296+
*/
297+
public function testConstructorToFailOnUnsignedToken() {
298+
299+
$tokenData = SSODataTest::getTokenData();
300+
301+
$token = self::createUnsignedTokenFromData($tokenData);
302+
303+
$this->expectException(SSOAuthenticationException::class);
304+
$this->expectExceptionMessage('Token verification failed.');
305+
306+
new SSOToken($this->publicKey, $token);
307+
}
308+
254309
/**
255310
* @test
256311
*

0 commit comments

Comments
 (0)