singleloginsystem/tests/Feature/OidcAppViewTest.php
= 6a400fc532 Feat: Add OIDC app management UI and features
- Introduced a detailed view for OIDC apps (`show` page) with client credentials and sign-out URI management.
- Added functionality to toggle app status, generate new client secrets, and display OAuth scopes.
- Implemented service methods for handling OIDC app data, including `getPassportClient`, `generateNewSecret`, and `toggleStatus`.
- Enhanced feature tests for role-based access and validation of client secret generation.
2026-06-22 10:06:00 +00:00

90 lines
3.1 KiB
PHP

<?php
declare(strict_types=1);
use App\Models\{ConnectedApp, ConnectionProtocol, ConnectionStatus, User};
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Str;
use Laravel\Passport\Client;
use Livewire\Livewire;
beforeEach(function (): void {
$this->seed(Database\Seeders\PermissionSeeder::class);
$this->seed(Database\Seeders\DefaultRoleWithPermissionSeeder::class);
$this->seed(Database\Seeders\ConnectionProtocolSeeder::class);
$this->seed(Database\Seeders\ConnectionProviderSeeder::class);
$this->seed(Database\Seeders\ConnectionStatusSeeder::class);
$this->oidcProtocol = ConnectionProtocol::query()->where('name', 'oidc')->firstOrFail();
$this->status = ConnectionStatus::query()->where('name', 'connected')->firstOrFail();
// Create a mock OIDC application in database
$this->connectedApp = ConnectedApp::query()->create([
'name' => 'Test OIDC App',
'slug' => 'test-oidc-app',
'connection_protocol_id' => $this->oidcProtocol->id,
'connection_provider_id' => 0,
'connection_status_id' => $this->status->id,
'settings' => [
'access_url' => 'https://test-oidc-app.example.com',
'signOutUris' => ['https://test-oidc-app.example.com/logout'],
],
]);
// Create corresponding Passport Client
$this->passportClient = Client::query()->create([
'id' => (string) Str::uuid(),
'name' => 'Test OIDC App',
'secret' => bcrypt('old-secret-value'),
'provider' => 'users',
'redirect_uris' => ['https://test-oidc-app.example.com/callback'],
'grant_types' => ['authorization_code'],
'revoked' => false,
]);
});
it('authorizes only admin users to access the OIDC view page', function (): void {
$user = User::factory()->create();
$user->assignRole('user'); // standard user
$this->actingAs($user);
// Should fail with 403 Forbidden
Livewire::actingAs($user)
->test('pages::apps.oidc.show', ['id' => $this->connectedApp->id])
->assertForbidden();
$admin = User::factory()->create();
$admin->assignRole('admin'); // admin user
$this->actingAs($admin);
// Should load successfully
Livewire::actingAs($admin)
->test('pages::apps.oidc.show', ['id' => $this->connectedApp->id])
->assertOk();
});
it('displays client credentials and allows generating a new client secret', function (): void {
$admin = User::factory()->create();
$admin->assignRole('admin');
$this->actingAs($admin);
$component = Livewire::test('pages::apps.oidc.show', ['id' => $this->connectedApp->id])
->assertSet('appId', $this->connectedApp->id)
->assertSet('passportClient.id', $this->passportClient->id);
// Call generateNewSecret
$component->call('generateNewSecret');
// Get plain secret set in component
$newSecretPlain = $component->get('newSecretPlain');
expect($newSecretPlain)->toBeString()
->and(mb_strlen($newSecretPlain))->toBe(40);
// Verify it is updated in DB
$this->passportClient->refresh();
expect(Hash::check($newSecretPlain, $this->passportClient->secret))->toBeTrue();
});