Skip to content
This repository was archived by the owner on Jan 29, 2020. It is now read-only.

Implemented the check of fetched row, if isn't a array, throw exception #71

Closed
wants to merge 2 commits into from
Closed

Implemented the check of fetched row, if isn't a array, throw exception #71

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
08ff345
Implemented the check of fetched row, if isn't a array, throw exception
Nov 26, 2019
a8749b5
Fix cs-check issue
Nov 26, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions src/Repository/Pdo/AccessTokenRepository.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@

use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
use League\OAuth2\Server\Entities\ClientEntityInterface;
use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Exception\UniqueTokenIdentifierConstraintViolationException;
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
use Zend\Expressive\Authentication\OAuth2\Entity\AccessTokenEntity;
Expand Down Expand Up @@ -114,6 +115,9 @@ public function isAccessTokenRevoked($tokenId)
return false;
}
$row = $sth->fetch();
if (! is_array($row)) {
throw OAuthServerException::invalidRefreshToken();
}

return array_key_exists('revoked', $row) ? (bool) $row['revoked'] : false;
}
Expand Down
16 changes: 16 additions & 0 deletions test/Repository/Pdo/AccessTokenRepositoryTest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@
use League\OAuth2\Server\Entities\ClientEntityInterface;
use League\OAuth2\Server\Entities\ScopeEntityInterface;
use League\OAuth2\Server\Entities\Traits\AccessTokenTrait;
use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Exception\UniqueTokenIdentifierConstraintViolationException;
use PDOStatement;
use PHPUnit\Framework\TestCase;
Expand Down Expand Up @@ -133,6 +134,21 @@ public function testIsAccessTokenRevokedReturnsTrueWhenRowRevokedFlagIsTrue()
$this->assertTrue($this->repo->isAccessTokenRevoked('token_id'));
}

public function testIsAcessTokenRevokedRaisesExceptionWhenTokenIdDontExists()
{
$statement = $this->prophesize(PDOStatement::class);
$statement->bindParam(':tokenId', 'token_id')->shouldBeCalled();
$statement->execute()->willReturn(true)->shouldBeCalled();
$statement->fetch()->willReturn(false)->shouldBeCalled();

$this->pdo
->prepare(Argument::containingString('SELECT revoked FROM oauth_access_tokens'))
->will([$statement, 'reveal']);

$this->expectException(OAuthServerException::class);
$this->repo->isAccessTokenRevoked('token_id');
}

public function testRevokeAccessToken()
{
$statement = $this->prophesize(PDOStatement::class);
Expand Down