public function testImplicitGrant()
{
// Start session manually.
$session = new Session(new MockFileSessionStorage());
$session->start();
// Query authorization endpoint with response_type = token.
$parameters = ['response_type' => 'token', 'client_id' => 'http://democlient1.com/', 'redirect_uri' => 'http://democlient1.com/redirect_uri', 'scope' => 'demoscope1', 'state' => $session->getId()];
$server = ['PHP_AUTH_USER' => 'demousername1', 'PHP_AUTH_PW' => 'demopassword1'];
$client = $this->createClient();
$crawler = $client->request('GET', '/api/oauth2/authorize', $parameters, [], $server);
$this->assertTrue($client->getResponse()->isRedirect());
// Check basic auth response that can simply compare.
$authResponse = Request::create($client->getResponse()->headers->get('Location'), 'GET');
$this->assertSame('http://democlient1.com/redirect_uri', $authResponse->getSchemeAndHttpHost() . $authResponse->getBaseUrl() . $authResponse->getPathInfo());
// Check basic token response that can simply compare.
$tokenResponse = $authResponse->query->all();
$this->assertSame('bearer', $tokenResponse['token_type']);
$this->assertSame('demoscope1', $tokenResponse['scope']);
$this->assertSame($session->getId(), $tokenResponse['state']);
// Query debug endpoint with access_token.
$parameters = [];
$server = ['HTTP_Authorization' => implode(' ', ['Bearer', $tokenResponse['access_token']])];
$client = $this->createClient();
$crawler = $client->request('GET', '/api/oauth2/debug', $parameters, [], $server);
$debugResponse = json_decode($client->getResponse()->getContent(), true);
$this->assertSame('demousername1', $debugResponse['username']);
}