public function testAuthorizationCodeGrant()
{
// Start session manually.
$session = new Session(new MockFileSessionStorage());
$session->start();
// Query authorization endpoint with response_type = code.
$parameters = ['response_type' => 'code', 'client_id' => 'http://democlient1.com/', 'redirect_uri' => 'http://democlient1.com/redirect_uri', 'scope' => 'demoscope1', 'state' => $session->getId()];
$server = ['PHP_AUTH_USER' => 'demousername1', 'PHP_AUTH_PW' => 'demopassword1'];
$client = $this->createClient();
$crawler = $client->request('GET', '/api/oauth2/authorize', $parameters, [], $server);
$this->assertTrue($client->getResponse()->isRedirect());
// Check basic auth response that can simply compare.
$authResponse = Request::create($client->getResponse()->headers->get('Location'), 'GET');
$this->assertSame('http://democlient1.com/redirect_uri', $authResponse->getSchemeAndHttpHost() . $authResponse->getBaseUrl() . $authResponse->getPathInfo());
// Query token endpoint with grant_type = authorization_code.
$codeResponse = $authResponse->query->all();
$parameters = ['grant_type' => 'authorization_code', 'code' => $codeResponse['code'], 'redirect_uri' => 'http://democlient1.com/redirect_uri', 'client_id' => 'http://democlient1.com/', 'client_secret' => 'demosecret1', 'state' => $codeResponse['state']];
$server = [];
$client = $this->createClient();
$crawler = $client->request('POST', '/api/oauth2/token', $parameters, [], $server);
$this->assertNotNull(json_decode($client->getResponse()->getContent()));
// Query token endpoint with grant_type = refresh_token.
$tokenResponse = json_decode($client->getResponse()->getContent(), true);
$parameters = ['grant_type' => 'refresh_token', 'refresh_token' => $tokenResponse['refresh_token'], 'scope' => 'demoscope1'];
$server = ['PHP_AUTH_USER' => 'http://democlient1.com/', 'PHP_AUTH_PW' => 'demosecret1'];
$client = $this->createClient();
$crawler = $client->request('POST', '/api/oauth2/token', $parameters, [], $server);
// Check basic token response that can simply compare.
$tokenResponse = json_decode($client->getResponse()->getContent(), true);
$this->assertSame('bearer', $tokenResponse['token_type']);
$this->assertSame('demoscope1', $tokenResponse['scope']);
// Query debug endpoint with access_token.
$parameters = [];
$server = ['HTTP_Authorization' => implode(' ', ['Bearer', $tokenResponse['access_token']])];
$client = $this->createClient();
$crawler = $client->request('GET', '/api/oauth2/debug', $parameters, [], $server);
$debugResponse = json_decode($client->getResponse()->getContent(), true);
$this->assertSame('demousername1', $debugResponse['username']);
}