diff --git a/src/Provider/AbstractProvider.php b/src/Provider/AbstractProvider.php index 0120ad78..b23548ea 100644 --- a/src/Provider/AbstractProvider.php +++ b/src/Provider/AbstractProvider.php @@ -624,11 +624,7 @@ public function getAccessToken($grant, array $options = []) { $grant = $this->verifyGrant($grant); - if (empty($options['scope'])) { - $options['scope'] = $this->getDefaultScopes(); - } - - if (is_array($options['scope'])) { + if (isset($options['scope']) && is_array($options['scope'])) { $separator = $this->getScopeSeparator(); $options['scope'] = implode($separator, $options['scope']); } diff --git a/test/src/Grant/PasswordTest.php b/test/src/Grant/PasswordTest.php index b10f1774..e7ead776 100644 --- a/test/src/Grant/PasswordTest.php +++ b/test/src/Grant/PasswordTest.php @@ -20,8 +20,7 @@ protected function getParamExpectation() return !empty($body['grant_type']) && $body['grant_type'] === 'password' && !empty($body['username']) - && !empty($body['password']) - && !empty($body['scope']); + && !empty($body['password']); }; } diff --git a/test/src/Provider/AbstractProviderTest.php b/test/src/Provider/AbstractProviderTest.php index 842e1fe0..49c970f5 100644 --- a/test/src/Provider/AbstractProviderTest.php +++ b/test/src/Provider/AbstractProviderTest.php @@ -632,7 +632,7 @@ public function testGetAccessToken($method) ->once() ->with( ['client_id' => 'mock_client_id', 'client_secret' => 'mock_secret', 'redirect_uri' => 'none'], - ['code' => 'mock_authorization_code', 'scope' => 'test'] + ['code' => 'mock_authorization_code'] ) ->andReturn([]); @@ -675,6 +675,71 @@ public function testGetAccessToken($method) }); } + /** + * @dataProvider getAccessTokenMethodProvider + */ + #[DataProvider('getAccessTokenMethodProvider')] + public function testGetAccessTokenWithScope($method) + { + $provider = new MockProvider([ + 'clientId' => 'mock_client_id', + 'clientSecret' => 'mock_secret', + 'redirectUri' => 'none', + ]); + + $provider->setAccessTokenMethod($method); + + $raw_response = ['access_token' => 'okay', 'expires' => time() + 3600, 'resource_owner_id' => 3]; + + $grant = Mockery::mock(AbstractGrant::class); + $grant + ->shouldReceive('prepareRequestParameters') + ->once() + ->with( + ['client_id' => 'mock_client_id', 'client_secret' => 'mock_secret', 'redirect_uri' => 'none'], + ['code' => 'mock_authorization_code', 'scope' => 'foo,bar'] + ) + ->andReturn([]); + + $stream = Mockery::mock(StreamInterface::class); + $stream + ->shouldReceive('__toString') + ->once() + ->andReturn(json_encode($raw_response)); + + $response = Mockery::mock(ResponseInterface::class); + $response + ->shouldReceive('getBody') + ->once() + ->andReturn($stream); + $response + ->shouldReceive('getHeader') + ->once() + ->with('content-type') + ->andReturn(['application/json']); + + $client = Mockery::spy(ClientInterface::class, [ + 'send' => $response, + ]); + + $provider->setHttpClient($client); + $token = $provider->getAccessToken($grant, ['code' => 'mock_authorization_code', 'scope' => ['foo', 'bar']]); + + $this->assertInstanceOf(AccessTokenInterface::class, $token); + + $this->assertSame($raw_response['resource_owner_id'], $token->getResourceOwnerId()); + $this->assertSame($raw_response['access_token'], $token->getToken()); + $this->assertSame($raw_response['expires'], $token->getExpires()); + + $client + ->shouldHaveReceived('send') + ->once() + ->withArgs(function ($request) use ($provider) { + return $request->getMethod() === $provider->getAccessTokenMethod() + && (string) $request->getUri() === $provider->getBaseAccessTokenUrl([]); + }); + } + public function testGetAccessTokenWithNonJsonResponse() { $provider = $this->getMockProvider();