Add handling for string concatenation of scopes when getting roles

auth0 · Jan 16, 2024 · 5516f55 · 5516f55
1 parent 0af5b54
commit 5516f55
Show file tree

Hide file tree

Showing 2 changed files with 49 additions and 1 deletion.
diff --git a/src/Models/User.php b/src/Models/User.php
@@ -254,7 +254,7 @@ public function getRoles(): array
         $scopes = $this->data['scope'] ?? [];
 
         if (is_string($scopes)) {
-            $scopes = [$scopes];
+            $scopes = explode(' ', $scopes);
         }
 
         foreach ($roles as $role) {

diff --git a/tests/Unit/Models/UserTest.php b/tests/Unit/Models/UserTest.php
@@ -0,0 +1,48 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Auth0\Tests\Unit\Models;
+
+use Auth0\Symfony\Models\User;
+use PHPUnit\Framework\TestCase;
+
+class UserTest extends TestCase
+{
+
+    /** @param string[] $expectedRoles */
+    private function assertHasRoles(User $user, array $expectedRoles): void
+    {
+        $userRoles = $user->getRoles();
+        foreach ($expectedRoles as $role) {
+            $this::assertContains($role, $userRoles);
+        }
+    }
+
+    public function testGetRolesWithSingleScope(): void
+    {
+        $user = new User([
+            'scope' => 'read:users',
+        ]);
+
+        $this->assertHasRoles($user, ['ROLE_USER', 'ROLE_READ_USERS']);
+    }
+
+    public function testGetRolesWithArrayScope(): void
+    {
+        $user = new User([
+            'scope' => ['read:users', 'write:users'],
+        ]);
+
+        $this->assertHasRoles($user, ['ROLE_USER', 'ROLE_READ_USERS', 'ROLE_WRITE_USERS']);
+    }
+
+    public function testGetRolesWithStringScope(): void
+    {
+        $user = new User([
+            'scope' => 'read:users write:users',
+        ]);
+
+        $this->assertHasRoles($user, ['ROLE_USER', 'ROLE_READ_USERS', 'ROLE_WRITE_USERS']);
+    }
+}