Skip to content

Commit cee3afc

Browse files
author
Bohdan Shevchenko
committed
MC-20481: [API Test] Revoke all access Tokens for Customer
1 parent f35c6eb commit cee3afc

File tree

1 file changed

+63
-0
lines changed

1 file changed

+63
-0
lines changed

dev/tests/api-functional/testsuite/Magento/Customer/Api/CustomerRepositoryTest.php

Lines changed: 63 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,9 @@
1010
use Magento\Customer\Api\Data\AddressInterface as Address;
1111
use Magento\Framework\Api\SortOrder;
1212
use Magento\Framework\Exception\InputException;
13+
use Magento\Framework\Exception\LocalizedException;
14+
use Magento\Framework\Webapi\Rest\Request;
15+
use Magento\Integration\Api\CustomerTokenServiceInterface;
1316
use Magento\TestFramework\Helper\Bootstrap;
1417
use Magento\TestFramework\Helper\Customer as CustomerHelper;
1518
use Magento\TestFramework\TestCase\WebapiAbstract;
@@ -780,6 +783,66 @@ public function testSearchCustomersMultipleFilterGroups()
780783
$this->assertEquals(0, $searchResults['total_count']);
781784
}
782785

786+
/**
787+
* Test revoking all access Tokens for customer
788+
*/
789+
public function testRevokeAllAccessTokensForCustomer()
790+
{
791+
$customerData = $this->_createCustomer();
792+
793+
/** @var CustomerTokenServiceInterface $customerTokenService */
794+
$customerTokenService = Bootstrap::getObjectManager()->create(CustomerTokenServiceInterface::class);
795+
$token = $customerTokenService->createCustomerAccessToken(
796+
$customerData[Customer::EMAIL],
797+
CustomerHelper::PASSWORD
798+
);
799+
$serviceInfo = [
800+
'rest' => [
801+
'resourcePath' => self::RESOURCE_PATH . '/me',
802+
'httpMethod' => Request::HTTP_METHOD_GET,
803+
'token' => $token,
804+
],
805+
'soap' => [
806+
'service' => self::SERVICE_NAME,
807+
'serviceVersion' => self::SERVICE_VERSION,
808+
'operation' => self::SERVICE_NAME . 'GetSelf',
809+
'token' => $token,
810+
],
811+
];
812+
813+
$customerLoadedData = $this->_webApiCall($serviceInfo, ['customerId' => $customerData[Customer::ID]]);
814+
self::assertGreaterThanOrEqual($customerData[Customer::UPDATED_AT], $customerLoadedData[Customer::UPDATED_AT]);
815+
unset($customerData[Customer::UPDATED_AT]);
816+
self::assertArraySubset($customerData, $customerLoadedData);
817+
818+
$revokeToken = $customerTokenService->revokeCustomerAccessToken($customerData[Customer::ID]);
819+
self::assertTrue($revokeToken);
820+
821+
try {
822+
$customerTokenService->revokeCustomerAccessToken($customerData[Customer::ID]);
823+
} catch (\Throwable $exception) {
824+
$this->assertInstanceOf(LocalizedException::class, $exception);
825+
$this->assertEquals('This customer has no tokens.', $exception->getMessage());
826+
}
827+
828+
$expectedMessage = 'The consumer isn\'t authorized to access %resources.';
829+
830+
try {
831+
$this->_webApiCall($serviceInfo, ['customerId' => $customerData[Customer::ID]]);
832+
} catch (\SoapFault $e) {
833+
$this->assertContains(
834+
$expectedMessage,
835+
$e->getMessage(),
836+
'SoapFault does not contain expected message.'
837+
);
838+
} catch (\Throwable $e) {
839+
$errorObj = $this->processRestExceptionResult($e);
840+
$this->assertEquals($expectedMessage, $errorObj['message']);
841+
$this->assertEquals(['resources' => 'self'], $errorObj['parameters']);
842+
$this->assertEquals(HTTPExceptionCodes::HTTP_UNAUTHORIZED, $e->getCode());
843+
}
844+
}
845+
783846
/**
784847
* Retrieve customer data by Id
785848
*

0 commit comments

Comments
 (0)