|
10 | 10 | use Magento\Customer\Api\Data\AddressInterface as Address;
|
11 | 11 | use Magento\Framework\Api\SortOrder;
|
12 | 12 | use Magento\Framework\Exception\InputException;
|
| 13 | +use Magento\Framework\Exception\LocalizedException; |
| 14 | +use Magento\Framework\Webapi\Rest\Request; |
| 15 | +use Magento\Integration\Api\CustomerTokenServiceInterface; |
13 | 16 | use Magento\TestFramework\Helper\Bootstrap;
|
14 | 17 | use Magento\TestFramework\Helper\Customer as CustomerHelper;
|
15 | 18 | use Magento\TestFramework\TestCase\WebapiAbstract;
|
@@ -780,6 +783,66 @@ public function testSearchCustomersMultipleFilterGroups()
|
780 | 783 | $this->assertEquals(0, $searchResults['total_count']);
|
781 | 784 | }
|
782 | 785 |
|
| 786 | + /** |
| 787 | + * Test revoking all access Tokens for customer |
| 788 | + */ |
| 789 | + public function testRevokeAllAccessTokensForCustomer() |
| 790 | + { |
| 791 | + $customerData = $this->_createCustomer(); |
| 792 | + |
| 793 | + /** @var CustomerTokenServiceInterface $customerTokenService */ |
| 794 | + $customerTokenService = Bootstrap::getObjectManager()->create(CustomerTokenServiceInterface::class); |
| 795 | + $token = $customerTokenService->createCustomerAccessToken( |
| 796 | + $customerData[Customer::EMAIL], |
| 797 | + CustomerHelper::PASSWORD |
| 798 | + ); |
| 799 | + $serviceInfo = [ |
| 800 | + 'rest' => [ |
| 801 | + 'resourcePath' => self::RESOURCE_PATH . '/me', |
| 802 | + 'httpMethod' => Request::HTTP_METHOD_GET, |
| 803 | + 'token' => $token, |
| 804 | + ], |
| 805 | + 'soap' => [ |
| 806 | + 'service' => self::SERVICE_NAME, |
| 807 | + 'serviceVersion' => self::SERVICE_VERSION, |
| 808 | + 'operation' => self::SERVICE_NAME . 'GetSelf', |
| 809 | + 'token' => $token, |
| 810 | + ], |
| 811 | + ]; |
| 812 | + |
| 813 | + $customerLoadedData = $this->_webApiCall($serviceInfo, ['customerId' => $customerData[Customer::ID]]); |
| 814 | + self::assertGreaterThanOrEqual($customerData[Customer::UPDATED_AT], $customerLoadedData[Customer::UPDATED_AT]); |
| 815 | + unset($customerData[Customer::UPDATED_AT]); |
| 816 | + self::assertArraySubset($customerData, $customerLoadedData); |
| 817 | + |
| 818 | + $revokeToken = $customerTokenService->revokeCustomerAccessToken($customerData[Customer::ID]); |
| 819 | + self::assertTrue($revokeToken); |
| 820 | + |
| 821 | + try { |
| 822 | + $customerTokenService->revokeCustomerAccessToken($customerData[Customer::ID]); |
| 823 | + } catch (\Throwable $exception) { |
| 824 | + $this->assertInstanceOf(LocalizedException::class, $exception); |
| 825 | + $this->assertEquals('This customer has no tokens.', $exception->getMessage()); |
| 826 | + } |
| 827 | + |
| 828 | + $expectedMessage = 'The consumer isn\'t authorized to access %resources.'; |
| 829 | + |
| 830 | + try { |
| 831 | + $this->_webApiCall($serviceInfo, ['customerId' => $customerData[Customer::ID]]); |
| 832 | + } catch (\SoapFault $e) { |
| 833 | + $this->assertContains( |
| 834 | + $expectedMessage, |
| 835 | + $e->getMessage(), |
| 836 | + 'SoapFault does not contain expected message.' |
| 837 | + ); |
| 838 | + } catch (\Throwable $e) { |
| 839 | + $errorObj = $this->processRestExceptionResult($e); |
| 840 | + $this->assertEquals($expectedMessage, $errorObj['message']); |
| 841 | + $this->assertEquals(['resources' => 'self'], $errorObj['parameters']); |
| 842 | + $this->assertEquals(HTTPExceptionCodes::HTTP_UNAUTHORIZED, $e->getCode()); |
| 843 | + } |
| 844 | + } |
| 845 | + |
783 | 846 | /**
|
784 | 847 | * Retrieve customer data by Id
|
785 | 848 | *
|
|
0 commit comments