. */ use App\Models\User; use Illuminate\Foundation\Testing\DatabaseMigrations; use Poniverse\Lib\AccessToken; class ApiAuthTest extends TestCase { use DatabaseMigrations; /** * Ensures that when we call the Pony.fm API with a user who has never * logged into Pony.fm before, a Pony.fm account is created for them using * their Poniverse details. */ public function testApiCreatesNewUser() { $user = User::factory()->make(); $accessTokenInfo = new AccessToken('nonsense-token'); $accessTokenInfo->setIsActive(true); $accessTokenInfo->setScopes(['basic', 'ponyfm:tracks:upload']); $poniverse = \Mockery::mock('overload:Poniverse\Lib\OAuth2\PoniverseProvider'); $poniverse->shouldReceive('getResourceOwner') ->andReturn(new \Poniverse\Lib\Entity\Poniverse\User([ 'id' => $user->id, 'username' => $user->username, 'display_name' => $user->display_name, 'email' => $user->email, ])); $poniverse->shouldReceive('setAccessToken'); $accessTokenService = \Mockery::mock('overload:Poniverse\Lib\Service\Poniverse\Meta'); $accessTokenService->shouldReceive('introspect') ->andReturn($accessTokenInfo); $this->dontSeeInDatabase('users', ['username' => $user->username]); $this->post('/api/v1/tracks', ['access_token' => 'nonsense-token']); $this->seeInDatabase('users', ['username' => $user->username]); } public function testApiClientIdIsRecordedWhenUploadingTrack() { $user = User::factory()->make(); $accessTokenInfo = new AccessToken('nonsense-token'); $accessTokenInfo->setIsActive(true); $accessTokenInfo->setClientId('Unicorns and rainbows'); $accessTokenInfo->setScopes(['basic', 'ponyfm:tracks:upload']); $poniverse = \Mockery::mock('overload:Poniverse\Lib\OAuth2\PoniverseProvider'); $poniverse->shouldReceive('getResourceOwner') ->andReturn(new \Poniverse\Lib\Entity\Poniverse\User([ 'id' => $user->id, 'username' => $user->username, 'display_name' => $user->display_name, 'email' => $user->email, ])); $poniverse->shouldReceive('setAccessToken'); $accessTokenService = \Mockery::mock('overload:Poniverse\Lib\Service\Poniverse\Meta'); $accessTokenService ->shouldReceive('introspect') ->andReturn($accessTokenInfo); $this->callUploadWithParameters(['access_token' => $accessTokenInfo->getToken()]); $this->assertSessionHas('api_client_id', $accessTokenInfo->getClientId()); $this->seeInDatabase('tracks', ['source' => $accessTokenInfo->getClientId()]); } }