Merge pull request hwi#1702 from balazscsaba2006/master

Added state support for service authentication URLs
bruno-ds · Jul 1, 2021 · cf3b762 · cf3b762
2 parents 099084a + 509b287
commit cf3b762
Show file tree

Hide file tree

Showing 2 changed files with 43 additions and 5 deletions.
diff --git a/Security/OAuthUtils.php b/Security/OAuthUtils.php
@@ -134,6 +134,9 @@ public function getServiceAuthUrl(Request $request, ResourceOwnerInterface $reso
         }
 
         $request->attributes->set('service', $resourceOwner->getName());
+        if ($request->query->has('state')) {
+            $this->addQueryParameterToState($request->query->get('state'), $resourceOwner);
+        }
 
         return $this->httpUtils->generateUri($request, 'hwi_oauth_connect_service');
     }

diff --git a/Tests/Security/OAuthUtilsTest.php b/Tests/Security/OAuthUtilsTest.php
@@ -50,7 +50,7 @@ public function testGetAuthorizationUrlWithConnectAndUserToken()
         $request = $this->getRequest($url);
         $redirect = 'https://api.instagram.com/oauth/authorize?redirect='.rawurlencode($url);
 
-        $utils = new OAuthUtils($this->getHttpUtils($url), $this->getAutorizationChecker(true, $this->grantRule), true, $this->grantRule);
+        $utils = new OAuthUtils($this->getHttpUtils($url), $this->getAuthorizationChecker(true, $this->grantRule), true, $this->grantRule);
         $utils->addResourceOwnerMap($this->getMap($url, $redirect, true, false));
 
         $this->assertEquals(
@@ -75,7 +75,7 @@ public function testGetAuthorizationUrlWithStateQueryParameters()
         $request = $this->getRequest($url.'?state='.$state->encode());
         $resource = $this->getMockBuilder(ResourceOwnerInterface::class)->getMock();
 
-        $utils = new OAuthUtils($this->getHttpUtils($url), $this->getAutorizationChecker(false, $this->grantRule), true, $this->grantRule);
+        $utils = new OAuthUtils($this->getHttpUtils($url), $this->getAuthorizationChecker(false, $this->grantRule), true, $this->grantRule);
         $utils->addResourceOwnerMap($this->getMap($url, $redirect, false, false, $resource));
 
         $resource->expects($this->exactly(2))
@@ -94,7 +94,7 @@ public function testGetAuthorizationUrlWithoutUserToken()
         $request = $this->getRequest($url);
         $redirect = 'https://api.instagram.com/oauth/authorize?redirect='.rawurlencode($url);
 
-        $utils = new OAuthUtils($this->getHttpUtils($url), $this->getAutorizationChecker(false, $this->grantRule), true, $this->grantRule);
+        $utils = new OAuthUtils($this->getHttpUtils($url), $this->getAuthorizationChecker(false, $this->grantRule), true, $this->grantRule);
         $utils->addResourceOwnerMap($this->getMap($url, $redirect));
 
         $this->assertEquals(
@@ -113,7 +113,7 @@ public function testGetAuthorizationUrlWithAuthenticatedFullyRule()
 
         $utils = new OAuthUtils(
             $this->getHttpUtils($url),
-            $this->getAutorizationChecker(false, 'IS_AUTHENTICATED_FULLY'),
+            $this->getAuthorizationChecker(false, 'IS_AUTHENTICATED_FULLY'),
             true,
             'IS_AUTHENTICATED_FULLY'
         );
@@ -127,6 +127,41 @@ public function testGetAuthorizationUrlWithAuthenticatedFullyRule()
         $this->assertNull($request->attributes->get('service'));
     }
 
+    public function testGetServiceAuthUrlWithStateQueryParameters()
+    {
+        $parameters = ['foo' => 'bar', 'foobar' => 'foobaz'];
+        $state = new State($parameters);
+
+        $url = 'http://localhost:8080/service/instagram';
+
+        $request = $this->getRequest($url.'?state='.$state->encode());
+        $resource = $this->getMockBuilder(ResourceOwnerInterface::class)->getMock();
+        $resource
+            ->expects($this->any())
+            ->method('getName')
+            ->willReturn('instagram');
+
+        $mapMock = $this->createMock(ResourceOwnerMap::class);
+        $mapMock
+            ->expects($this->any())
+            ->method('getResourceOwnerByName')
+            ->with('instagram')
+            ->willReturn($resource);
+
+        $authorizationChecker = $this->createMock(AuthorizationCheckerInterface::class);
+        $utils = new OAuthUtils($this->getHttpUtils($url), $authorizationChecker, true, $this->grantRule);
+        $utils->addResourceOwnerMap($mapMock);
+
+        $resource->expects($this->exactly(2))
+            ->method('addStateParameter')
+            ->withConsecutive(['foo', 'bar'], ['foobar', 'foobaz']);
+
+        $this->assertEquals(
+            $url,
+            $utils->getServiceAuthUrl($request, $resource)
+        );
+    }
+
     /**
      * @dataProvider provideValidData
      *
@@ -276,7 +311,7 @@ private function getHttpUtils($generatedUrl = '/')
         return new HttpUtils($urlGenerator);
     }
 
-    private function getAutorizationChecker($hasUser, $grantRule)
+    private function getAuthorizationChecker($hasUser, $grantRule)
     {
         $mock = $this->createMock(AuthorizationCheckerInterface::class);
         $mock->expects($this->once())