ElyBy-Mirror/accounts
1
0
Fork 0
mirror of https://github.com/elyby/accounts.git synced 2024-09-29 23:07:21 +05:30
Code Issues Packages Projects Releases Wiki Activity

Исправлено поведение при обновлении устаревшего токена

Browse Source 
Обновлена логика в компонентах для работы с ключами redis
This commit is contained in:
ErickSkrauch 2016-11-29 01:57:58 +03:00
parent 1e94cda399
commit 5f07834f45
8 changed files with 83 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
api/components/OAuth2/Entities/RefreshTokenEntity.php Normal file
View File

@ -0,0 +1,10 @@
<?php
namespace api\components\OAuth2\Entities;
class RefreshTokenEntity extends \League\OAuth2\Server\Entity\RefreshTokenEntity {
public function isExpired() : bool {
return false;
}
}

2
api/components/OAuth2/Storage/AuthCodeStorage.php
View File

@ -19,7 +19,7 @@ class AuthCodeStorage extends AbstractStorage implements AuthCodeInterface {
* @inheritdoc
*/
public function get($code) {
$result = (new Key($this->dataTable, $code))->getValue();
$result = json_decode((new Key($this->dataTable, $code))->getValue(), true);
if (!$result) {
return null;
}

9
api/components/OAuth2/Storage/RefreshTokenStorage.php
View File

@ -1,8 +1,9 @@
<?php
namespace api\components\OAuth2\Storage;
use api\components\OAuth2\Entities\RefreshTokenEntity;
use common\components\Redis\Key;
use League\OAuth2\Server\Entity\RefreshTokenEntity;
use League\OAuth2\Server\Entity\RefreshTokenEntity as OriginalRefreshTokenEntity;
use League\OAuth2\Server\Storage\AbstractStorage;
use League\OAuth2\Server\Storage\RefreshTokenInterface;
@ -14,14 +15,13 @@ class RefreshTokenStorage extends AbstractStorage implements RefreshTokenInterfa
* @inheritdoc
*/
public function get($token) {
$result = (new Key($this->dataTable, $token))->getValue();
$result = json_decode((new Key($this->dataTable, $token))->getValue(), true);
if (!$result) {
return null;
}
$entity = new RefreshTokenEntity($this->server);
$entity->setId($result['id']);
$entity->setExpireTime($result['expire_time']);
$entity->setAccessTokenId($result['access_token_id']);
return $entity;
@ -33,7 +33,6 @@ class RefreshTokenStorage extends AbstractStorage implements RefreshTokenInterfa
public function create($token, $expireTime, $accessToken) {
$payload = [
'id' => $token,
'expire_time' => $expireTime,
'access_token_id' => $accessToken,
];
@ -43,7 +42,7 @@ class RefreshTokenStorage extends AbstractStorage implements RefreshTokenInterfa
/**
* @inheritdoc
*/
public function delete(RefreshTokenEntity $token) {
public function delete(OriginalRefreshTokenEntity $token) {
(new Key($this->dataTable, $token->getId()))->delete();
}

5
api/controllers/OauthController.php
View File

@ -195,7 +195,10 @@ class OauthController extends Controller {
return;
}
$this->getServer()->addGrantType(new RefreshTokenGrant());
$grant = new RefreshTokenGrant();
$grant->setRefreshTokenRotation(false);
$this->getServer()->addGrantType($grant);
}
/**

30
common/components/Redis/Key.php
View File

@ -9,18 +9,18 @@ class Key {
protected $key;
/**
* @return \yii\redis\Connection
* @return Connection
*/
public function getRedis() {
return Yii::$app->redis;
}
public function getKey() {
public function getKey() : string {
return $this->key;
}
public function getValue() {
return json_decode($this->getRedis()->get($this->key), true);
return $this->getRedis()->get($this->key);
}
public function setValue($value) {
@ -29,15 +29,27 @@ class Key {
}
public function delete() {
$this->getRedis()->executeCommand('DEL', [$this->key]);
$this->getRedis()->del($this->key);
return $this;
}
public function exists() : bool {
return (bool)$this->getRedis()->exists($this->key);
}
public function expire($ttl) {
$this->getRedis()->executeCommand('EXPIRE', [$this->key, $ttl]);
$this->getRedis()->expire($this->key, $ttl);
return $this;
}
public function __construct(...$key) {
if (empty($key)) {
throw new InvalidArgumentException('You must specify at least one key.');
}
$this->key = $this->buildKey($key);
}
private function buildKey(array $parts) {
$keyParts = [];
foreach($parts as $part) {
@ -47,12 +59,4 @@ class Key {
return implode(':', $keyParts);
}
public function __construct(...$key) {
if (empty($key)) {
throw new InvalidArgumentException('You must specify at least one key.');
}
$this->key = $this->buildKey($key);
}
}

24
common/components/Redis/Set.php
View File

@ -3,41 +3,37 @@ namespace common\components\Redis;
use ArrayIterator;
use IteratorAggregate;
use Yii;
class Set extends Key implements IteratorAggregate {
/**
* @return Connection
*/
public static function getDb() {
return Yii::$app->redis;
}
public function add($value) {
static::getDb()->sadd($this->key, $value);
$this->getRedis()->sadd($this->key, $value);
return $this;
}
public function remove($value) {
static::getDb()->srem($this->key, $value);
$this->getRedis()->srem($this->key, $value);
return $this;
}
public function members() {
return static::getDb()->smembers($this->key);
return $this->getRedis()->smembers($this->key);
}
public function getValue() {
return $this->members();
}
public function exists($value) {
return (bool)static::getDb()->sismember($this->key, $value);
public function exists(string $value = null) : bool {
if ($value === null) {
return parent::exists();
} else {
return (bool)$this->getRedis()->sismember($this->key, $value);
}
}
public function diff(array $sets) {
return static::getDb()->sdiff([$this->key, implode(' ', $sets)]);
return $this->getRedis()->sdiff([$this->key, implode(' ', $sets)]);
}
/**

6
composer.json
View File

@ -18,7 +18,7 @@
"yiisoft/yii2": "2.0.9",
"yiisoft/yii2-swiftmailer": "*",
"ramsey/uuid": "^3.5.0",
"league/oauth2-server": "~4.1.5",
"league/oauth2-server": "dev-improvements#546dbfe85ae7c049cf9266281d228afe8bdd3ef6",
"yiisoft/yii2-redis": "~2.0.0",
"guzzlehttp/guzzle": "^6.0.0",
"php-amqplib/php-amqplib": "^2.6.2",
@ -53,6 +53,10 @@
{
"type": "git",
"url": "git@gitlab.com:elyby/email-renderer.git"
},
{
"type": "git",
"url": "git@gitlab.ely.by:elyby/oauth2-server.git"
}
],
"scripts": {

48
tests/codeception/api/functional/OauthRefreshTokenCest.php
View File

@ -23,14 +23,7 @@ class OauthRefreshTokenCest {
'ely',
'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM'
));
$I->canSeeResponseCodeIs(200);
$I->canSeeResponseIsJson();
$I->canSeeResponseContainsJson([
'token_type' => 'Bearer',
]);
$I->canSeeResponseJsonMatchesJsonPath('$.access_token');
$I->canSeeResponseJsonMatchesJsonPath('$.refresh_token');
$I->canSeeResponseJsonMatchesJsonPath('$.expires_in');
$this->canSeeRefreshTokenSuccess($I);
}
public function testRefreshTokenWithSameScopes(OauthSteps $I) {
@ -41,14 +34,26 @@ class OauthRefreshTokenCest {
'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM',
[S::MINECRAFT_SERVER_SESSION, S::OFFLINE_ACCESS]
));
$I->canSeeResponseCodeIs(200);
$I->canSeeResponseIsJson();
$I->canSeeResponseContainsJson([
'token_type' => 'Bearer',
]);
$I->canSeeResponseJsonMatchesJsonPath('$.access_token');
$I->canSeeResponseJsonMatchesJsonPath('$.refresh_token');
$I->canSeeResponseJsonMatchesJsonPath('$.expires_in');
$this->canSeeRefreshTokenSuccess($I);
}
public function testRefreshTokenTwice(OauthSteps $I) {
$refreshToken = $I->getRefreshToken([S::MINECRAFT_SERVER_SESSION]);
$this->route->issueToken($this->buildParams(
$refreshToken,
'ely',
'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM',
[S::MINECRAFT_SERVER_SESSION, S::OFFLINE_ACCESS]
));
$this->canSeeRefreshTokenSuccess($I);
$this->route->issueToken($this->buildParams(
$refreshToken,
'ely',
'ZuM1vGchJz-9_UZ5HC3H3Z9Hg5PzdbkM',
[S::MINECRAFT_SERVER_SESSION, S::OFFLINE_ACCESS]
));
$this->canSeeRefreshTokenSuccess($I);
}
public function testRefreshTokenWithNewScopes(OauthSteps $I) {
@ -91,4 +96,15 @@ class OauthRefreshTokenCest {
return $params;
}
private function canSeeRefreshTokenSuccess(OauthSteps $I) {
$I->canSeeResponseCodeIs(200);
$I->canSeeResponseIsJson();
$I->canSeeResponseContainsJson([
'token_type' => 'Bearer',
]);
$I->canSeeResponseJsonMatchesJsonPath('$.access_token');
$I->canSeeResponseJsonMatchesJsonPath('$.expires_in');
$I->cantSeeResponseJsonMatchesJsonPath('$.refresh_token');
}
}