Skip to content

test: pin request factory wiring and zero-boundary option values #52

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
turegjorup merged 2 commits into from
Jun 11, 2026
Merged

test: pin request factory wiring and zero-boundary option values #52

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
28d986f
test: pin request factory wiring and zero-boundary option values
turegjorup Jun 11, 2026
8ac6b79
Merge remote-tracking branch 'origin/develop' into test/mutation-cons…
turegjorup Jun 11, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

### Changed

- Strengthened constructor tests guided by mutation testing: the `jwt`
collaborator is asserted to become the request factory, and `0` is
asserted to be an accepted boundary value for `cacheDuration` and
`leeway`
- Strengthened cache assertions guided by mutation testing: the discovery
document and JWKS key map are asserted to be written to the cache with
the configured duration under the namespaced key, and a multi-key JWKS
Expand Down
35 changes: 35 additions & 0 deletions tests/Security/OpenIdConfigurationProviderTest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@
use ItkDev\OpenIdConnect\Security\OpenIdConfigurationProvider;
use League\OAuth2\Client\Provider\Exception\IdentityProviderException;
use League\OAuth2\Client\Token\AccessToken;
use League\OAuth2\Client\Tool\RequestFactory;
use Mockery\Adapter\Phpunit\MockeryPHPUnitIntegration;
use PHPUnit\Framework\TestCase;
use Psr\Cache\CacheItemInterface;
Expand Down Expand Up @@ -124,6 +125,40 @@ public function testConstructLeeway(): void
], []);
}

public function testConstructZeroCacheDurationAndLeewayAccepted(): void
{
$mockCacheItemPool = $this->createStub(CacheItemPoolInterface::class);

// Zero is a valid boundary value for both options: cache nothing,
// tolerate no clock skew. Only negative values are rejected.
$provider = new OpenIdConfigurationProvider([
'cacheItemPool' => $mockCacheItemPool,
'openIDConnectMetadataUrl' => 'https://some.url/openid-configuration',
'cacheDuration' => 0,
'leeway' => 0,
], []);

$this->assertInstanceOf(OpenIdConfigurationProvider::class, $provider);
}

public function testConstructWiresJwtCollaboratorAsRequestFactory(): void
{
$mockCacheItemPool = $this->createStub(CacheItemPoolInterface::class);
$requestFactory = new RequestFactory();

$provider = new OpenIdConfigurationProvider([
'cacheItemPool' => $mockCacheItemPool,
'openIDConnectMetadataUrl' => 'https://some.url/openid-configuration',
], [
'jwt' => $requestFactory,
]);

// The 'jwt' collaborator must become the provider's request factory;
// without the explicit wiring the parent's default factory would be
// silently used instead.
$this->assertSame($requestFactory, $provider->getRequestFactory());
}

public function testGenerateState(): void
{
$state = $this->provider->generateState(32);
Expand Down
Loading