From 97adbcee4b519700ad14abc9f73962077a4c6b80 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= <1005065+DeepDiver1975@users.noreply.github.com> Date: Wed, 18 Sep 2024 09:06:55 +0200 Subject: [PATCH] test: unit tests for verifyJWTClaims and different aud claims (#443) --- tests/OpenIDConnectClientTest.php | 43 ++++++++++++++++++++++++++++++- 1 file changed, 42 insertions(+), 1 deletion(-) diff --git a/tests/OpenIDConnectClientTest.php b/tests/OpenIDConnectClientTest.php index 45adc7b3..4b46923d 100644 --- a/tests/OpenIDConnectClientTest.php +++ b/tests/OpenIDConnectClientTest.php @@ -7,6 +7,48 @@ class OpenIDConnectClientTest extends TestCase { + public function testValidateClaims() + { + $client = new class extends OpenIDConnectClient { + public function testVerifyJWTClaims($claims): bool + { + return $this->verifyJWTClaims($claims); + } + public function getIdTokenPayload() + { + return (object)[ + 'sub' => 'sub' + ]; + } + }; + $client->setClientID('client-id'); + $client->setIssuer('issuer'); + $client->setIdToken(''); + + # simple aud + $valid = $client->testVerifyJWTClaims((object)[ + 'aud' => 'client-id', + 'iss' => 'issuer', + 'sub' => 'sub', + ]); + self::assertTrue($valid); + + # array aud + $valid = $client->testVerifyJWTClaims((object)[ + 'aud' => ['client-id'], + 'iss' => 'issuer', + 'sub' => 'sub', + ]); + self::assertTrue($valid); + + # aud not matching + $valid = $client->testVerifyJWTClaims((object)[ + 'aud' => ['ipsum'], + 'iss' => 'issuer', + 'sub' => 'sub', + ]); + self::assertFalse($valid); + } public function testJWTDecode() { $client = new OpenIDConnectClient(); @@ -23,7 +65,6 @@ public function testJWTDecode() self::assertEquals('', $header); $payload = $client->getIdTokenPayload(); self::assertEquals('', $payload); - } public function testGetNull()