Add end-to-end test coverage for OAuth grant flows
Overview
Expand test-coverage of oauth-client
.
Current behavior
The oauth-client
includes unit-tests for several specific parts of processing OAuth2. However, it does not have an end-to-end test to interact with a concrete, remote service.
Proposed behavior
Define a mock OAuth2 service provider.
The automated tests for oauth-client
should include a case which (1) registers details for the provider, (2) requests a token, and (3) uses it. Repeat for each grant-type (authorizationCode
, userPassword
, clientCredentials
).
Comments
During development, I used https://github.com/bshaffer/oauth2-demo-php as a mock service, so it may be worth a look. But if something else looks more amenable, that's great.
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information