File Coverage

blib/lib/Mojolicious/Plugin/OAuth2/Mock.pm
Criterion Covered Total %
statement 57 59 96.6
branch 9 14 64.2
condition 12 21 57.1
subroutine 13 14 92.8
pod 1 1 100.0
total 92 109 84.4


line stmt bran cond sub pod time code
1             package Mojolicious::Plugin::OAuth2::Mock;
2 2     2   15 use Mojo::Base -base;
  2         5  
  2         16  
3              
4             require Mojolicious::Plugin::OAuth2;
5              
6 2   50 2   448 use constant DEBUG => $ENV{MOJO_OAUTH2_DEBUG} || 0;
  2         5  
  2         3395  
7              
8             has provider => sub {
9             return {
10             authorization_endpoint_url => '/mocked/oauth2/authorize',
11             end_session_endpoint_url => '/mocked/oauth2/logout',
12             issuer_url => '/mocked/oauth2/v2.0',
13             jwks_url => '/mocked/oauth2/keys',
14             return_code => 'fake_code',
15             return_token => 'fake_token',
16             token_endpoint_url => '/mocked/oauth2/token',
17             };
18             };
19              
20             has _rsa => sub { require Crypt::OpenSSL::RSA; Crypt::OpenSSL::RSA->generate_key(2048) };
21              
22             sub apply_to {
23 2 50   2 1 13 my $self = ref $_[0] ? shift : shift->SUPER::new;
24 2         15 my ($app, $provider) = @_;
25              
26 2 50       11 map { $self->provider->{$_} = $provider->{$_} } keys %$provider if $provider;
  9         41  
27 2         12 push @{$app->renderer->classes}, __PACKAGE__;
  2         6  
28              
29             # Add mocked routes for "authorize", "token", ...
30 2         21 for my $k (keys %{$self->provider}) {
  2         7  
31 23 100       5862 next unless $k =~ m!^([a-z].+)_url$!;
32 15         60 my $method = "_action_$1";
33 15         48 my $url = $self->provider->{$k};
34 15         155 warn "[Oauth2::Mock] $url => $method()\n" if DEBUG;
35 15     13   51 $app->routes->any($url => sub { $self->$method(@_) });
  13         122444  
36             }
37             }
38              
39             sub _action_authorization_endpoint {
40 3     3   11 my ($self, $c) = @_;
41              
42 3 100       13 if ($c->param('response_mode') eq 'form_post') {
43 1         628 return $c->render(
44             template => 'oauth2/mock/form_post',
45             format => 'html',
46             code => "authorize-code",
47             redirect_uri => $c->param('redirect_uri'),
48             state => $c->param('state')
49             );
50             }
51              
52             # $c->param('response_mode') eq 'query'
53 2         1248 my $url = Mojo::URL->new($c->param('redirect_uri'));
54 2         367 $url->query({code => 'authorize-code', state => $c->param('state')});
55 2         464 return $c->redirect_to($url);
56             }
57              
58             sub _action_authorize {
59 1     1   6 my ($self, $c) = @_;
60              
61 1 50 33     5 if ($c->param('client_id') and $c->param('redirect_uri')) {
62 1         417 my $url = Mojo::URL->new($c->param('redirect_uri'));
63 1         147 $url->query->append(code => $self->provider->{return_code});
64 1     1   48 $c->render(text => $c->tag('a', href => $url, sub {'Connect'}));
  1         37  
65             }
66             else {
67 0         0 $c->render(text => "Invalid request\n", status => 400);
68             }
69             }
70              
71             sub _action_end_session_endpoint {
72 1     1   4 my ($self, $c) = @_;
73 1         5 my $rp_url = Mojo::URL->new($c->param('post_logout_redirect_uri'))
74             ->query({id_token_hint => $c->param('id_token_hint'), state => $c->param('state')});
75 1         776 $c->redirect_to($rp_url);
76             }
77              
78             sub _action_issuer {
79 0     0   0 my ($self, $c) = @_;
80             }
81              
82             sub _action_jwks {
83 1     1   4 my ($self, $c) = @_;
84              
85 1         7 my ($n, $e) = $self->_rsa->get_key_parameters;
86 1         1016 my $x5c = $self->_rsa->get_public_key_string;
87 1         43 $x5c =~ s/\n/\\n/g;
88              
89 1         9 require MIME::Base64;
90             return $c->render(
91             template => 'oauth2/mock/keys',
92             format => 'json',
93             n => MIME::Base64::encode_base64url($n->to_bin),
94             e => MIME::Base64::encode_base64url($e->to_bin),
95             x5c => $x5c,
96 1         16 issuer => $c->url_for($self->provider->{issuer_url})->to_abs,
97             );
98             }
99              
100             sub _action_token {
101 1     1   4 my ($self, $c) = @_;
102              
103             return $c->render(text => 'FAIL OVERFLOW', status => 404)
104 1 50       3 unless 3 == grep { $c->param($_) } qw(client_secret redirect_uri code);
  3         573  
105              
106             $c->render(
107             text => Mojo::Parameters->new(
108             access_token => $self->provider->{return_token},
109             expires_in => 3600,
110             refresh_token => Mojo::Util::md5_sum(rand),
111 1   50     62 scope => $self->provider->{scopes} || 'some list of scopes',
112             token_type => 'bearer',
113             )->to_string
114             );
115             }
116              
117             sub _action_token_endpoint {
118 5     5   17 my ($self, $c) = @_;
119 5 50 66     22 return $c->render(json => {error => 'invalid_request'}, status => 500)
      66        
      33        
      66        
120             unless (($c->param('client_secret') and $c->param('redirect_uri') and $c->param('code'))
121             || ($c->param('grant_type') eq 'refresh_token' and $c->param('refresh_token')));
122              
123             my $claims = {
124             aud => $c->param('client_id'),
125             email => 'foo.bar@example.com',
126 5         3647 iss => $c->url_for($self->provider->{issuer_url})->to_abs,
127             name => 'foo bar',
128             preferred_username => 'foo.bar@example.com',
129             sub => 'foo.bar'
130             };
131              
132 5         2588 require Mojo::JWT;
133 5         31 my $id_token = Mojo::JWT->new(
134             algorithm => 'RS256',
135             secret => $self->_rsa->get_private_key_string,
136             set_iat => 1,
137             claims => $claims,
138             header => {kid => 'TEST_SIGNING_KEY'}
139             );
140              
141 5   100     397 return $c->render(
142             template => 'oauth2/mock/token',
143             format => 'json',
144             id_token => $id_token->expires(Mojo::JWT->now + 3600)->encode,
145             refresh_token => $c->param('refresh_token') // 'refresh-token',
146             );
147             }
148              
149             sub _action_well_known {
150 1     1   4 my ($self, $c) = @_;
151 1         20 my $provider = $self->provider;
152 1         10 my $req_url = $c->req->url->to_abs;
153 1     5   237 my $to_abs = sub { $req_url->path(Mojo::URL->new(shift)->path)->to_abs };
  5         605  
154              
155             $c->render(
156             template => 'oauth2/mock/configuration',
157             format => 'json',
158             authorization_endpoint => $to_abs->($provider->{authorization_endpoint_url}),
159             end_session_endpoint => $to_abs->($provider->{end_session_endpoint_url}),
160             issuer => $to_abs->($provider->{issuer_url}),
161             jwks_uri => $to_abs->($provider->{jwks_url}),
162 1         5 token_endpoint => $to_abs->($provider->{token_endpoint_url}),
163             );
164             }
165              
166             1;
167              
168             =encoding utf8
169              
170             =head1 NAME
171              
172             Mojolicious::Plugin::OAuth2::Mock - Mock an Oauth2 and/or OpenID Connect provider
173              
174             =head1 SYNOPSIS
175              
176             use Mojolicious::Plugin::OAuth2::Mock;
177             use Mojolicious;
178              
179             my $app = Mojolicious->new;
180             Mojolicious::Plugin::OAuth2::Mock->apply_to($app);
181              
182             =head1 DESCRIPTION
183              
184             L is an EXPERIMENTAL module to make it
185             easier to test your L based code.
186              
187             =head1 METHODS
188              
189             =head2 apply_to
190              
191             Mojolicious::Plugin::OAuth2::Mock->apply_to($app, \%provider_args);
192             $mock->apply_to($app, \%provider_args);
193              
194             Used to add mocked routes to a L application, based on all the
195             keys in C<%provider_args> that end with "_url". Example:
196              
197              
198             * authorize_url => /mocked/oauth/authorize
199             * authorization_endpoint_url => /mocked/oauth2/authorize
200             * end_session_endpoint_url => /mocked/oauth2/logout
201             * issuer_url => /mocked/oauth2/v2.0
202             * jwks_url => /mocked/oauth2/keys
203             * token_url => /mocked/oauth/token
204             * token_endpoint_url => /mocked/oauth2/token
205              
206             =head1 SEE ALSO
207              
208             L.
209              
210             =cut
211              
212             __DATA__