Merge pull request #3 from arai-ta/master

Fix `IdentityProviderException(code: 401)` on accessing Token Endpoint
chatwork · Jan 29, 2021 · 33d6305 · 33d6305
2 parents e7b2662 + 71d02f0
commit 33d6305
Show file tree

Hide file tree

Showing 3 changed files with 70 additions and 1 deletion.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -0,0 +1,26 @@
+name: ci
+
+on: [push]
+
+jobs:
+  run-phpunit:
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        php: [7.0, 7.1, 7.2, 7.3, 7.4]
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - uses: php-actions/composer@v5
+        with:
+          php_version: ${{ matrix.php }}
+
+      - name: PHPUnit Tests
+        uses: php-actions/phpunit@v2
+        with:
+          version: 6
+          php_version: ${{ matrix.php }}
+          bootstrap: vendor/autoload.php
+          args: --coverage-text
diff --git a/composer.json b/composer.json
@@ -18,7 +18,7 @@
     ],
     "require": {
         "php": "^7.0",
-        "league/oauth2-client": "^2.2"
+        "league/oauth2-client": ">=2.2.0 <2.4.0"
     },
     "require-dev": {
         "phpunit/phpunit": "^6.0"

diff --git a/tests/ChatWorkProviderTest.php b/tests/ChatWorkProviderTest.php
@@ -2,8 +2,12 @@
 
 namespace ChatWork\OAuth2\Client\Test;
 
+require 'vendor/phpunit/phpunit/src/Framework/Assert/Functions.php';
+
 use ChatWork\OAuth2\Client\ChatWorkProvider;
+use League\OAuth2\Client\Grant\AuthorizationCode;
 use PHPUnit\Framework\TestCase;
+use Psr\Http\Message\RequestInterface;
 
 /**
  * @package ChatWork\OAuth2\Client\Test
@@ -28,4 +32,43 @@ public function getAuthorizationUrl_containsRequiredParameters()
 
         $this->assertNotNull($provider->getState());
     }
+
+    /**
+     * @test
+     */
+    public function getAccessToken_willSendClientIdByHeader()
+    {
+        $clientId       = 'test_client_id';
+        $clientSecret   = 'test_client_secret';
+        $expectedToken  = base64_encode("{$clientId}:{$clientSecret}");
+
+        $assert = function (RequestInterface $request) use ($expectedToken) {
+            parse_str($request->getBody()->getContents(), $param);
+            assertArrayNotHasKey('client_id', $param,       'request body should not contains "client_id".');
+            assertArrayNotHasKey('client_secret', $param,   'request body should not contains "client_secret" too.');
+            assertEquals("Basic {$expectedToken}", $request->getHeader('Authorization')[0], 'client MUST use Basic Authentication');
+            throw new \Exception('OK'); // stop before send request
+        };
+
+        $this->expectExceptionMessage('OK');
+
+        $provider = new ChatWorkProvider(
+            $clientId, 
+            $clientSecret, 
+            'https://example.com/',
+            [
+                'httpClient' => $this->createSpyClient($assert)
+            ]
+        );
+
+        $provider->getAccessToken(new AuthorizationCode(), ['code' => 'authorization_code']);
+    }
+
+    private function createSpyClient(callable $assetion)
+    {
+        $stack = \GuzzleHttp\HandlerStack::create();
+        $stack->push(\GuzzleHttp\Middleware::tap($assetion));
+        return new \GuzzleHttp\Client(['handler' => $stack]);
+    }
+
 }