-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsmoke.php
More file actions
61 lines (51 loc) · 1.91 KB
/
smoke.php
File metadata and controls
61 lines (51 loc) · 1.91 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
<?php
declare(strict_types=1);
/**
* Local smoke test against a running auth server.
*
* Prerequisites:
* - a reachable auth.stromcom.cz instance (production or a dev deployment)
* - a service-account client (svc_…) and its secret
*
* Run with:
* AUTH_ISSUER=https://auth.stromcom.cz \
* AUTH_CLIENT_ID=svc_... \
* AUTH_CLIENT_SECRET=... \
* php examples/smoke.php
*/
require __DIR__ . '/../vendor/autoload.php';
use Stromcom\AuthClient\Client;
use Stromcom\AuthClient\Configuration;
$clientId = getenv('AUTH_CLIENT_ID');
$clientSecret = getenv('AUTH_CLIENT_SECRET');
if ($clientId === false || $clientSecret === false || $clientId === '' || $clientSecret === '') {
fwrite(STDERR, "Set AUTH_CLIENT_ID and AUTH_CLIENT_SECRET.\n");
exit(2);
}
$auth = new Client(new Configuration(
clientId: $clientId,
clientSecret: $clientSecret,
issuer: getenv('AUTH_ISSUER') ?: 'http://localhost:8003',
));
echo "1) GET /.well-known/openid-configuration\n";
$discovery = $auth->discover();
printf(" issuer=%s\n token_endpoint=%s\n", $discovery['issuer'] ?? '?', $discovery['token_endpoint'] ?? '?');
echo "\n2) POST /oauth/token (client_credentials)\n";
$tokens = $auth->clientCredentials();
printf(" expires_in=%d jwt_prefix=%s\n", $tokens->expiresIn, substr($tokens->accessToken, 0, 40) . '...');
echo "\n3) Local JWT verification via JWKS\n";
$claims = $auth->verify($tokens->accessToken);
printf(" sub=%s\n aud=[%s]\n token_use=%s isService=%s\n displayName=%s\n",
$claims->subject,
implode(',', $claims->audiences),
$claims->tokenUse,
$claims->isService() ? 'yes' : 'no',
$claims->displayName(),
);
echo "\n4) GET /me\n";
$me = $auth->userInfo($tokens->accessToken);
printf(" client_name=%s roles=[%s]\n",
is_string($me['client_name'] ?? null) ? $me['client_name'] : '?',
is_array($me['roles'] ?? null) ? implode(',', array_map('strval', $me['roles'])) : '',
);
echo "\nOK\n";