ElyBy-Mirror/accounts
1
0
Fork 0
mirror of https://github.com/elyby/accounts.git synced 2025-05-31 14:11:46 +05:30
Code Issues Packages Projects Releases Wiki Activity

Генерируемые AccessTokens заменены на UUID значения

Browse Source
This commit is contained in:
ErickSkrauch
2016-06-18 16:38:15 +03:00
parent 7ea7c5245f
commit eb1a3703cf
3 changed files with 27 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
common/components/oauth/Component.php
View File

@@ -7,7 +7,10 @@ use common\components\oauth\Storage\Yii2\AccessTokenStorage;
use common\components\oauth\Storage\Yii2\ClientStorage;
use common\components\oauth\Storage\Yii2\ScopeStorage;
use common\components\oauth\Storage\Yii2\SessionStorage;
use common\components\oauth\Util\KeyAlgorithm\UuidAlgorithm;
use League\OAuth2\Server\AuthorizationServer;
use League\OAuth2\Server\Grant;
use League\OAuth2\Server\Util\SecureKey;
use yii\base\InvalidConfigException;
/**
@@ -29,10 +32,10 @@ class Component extends \yii\base\Component {
* @var array grant type => class
*/
public $grantMap = [
'authorization_code' => 'League\OAuth2\Server\Grant\AuthCodeGrant',
'client_credentials' => 'League\OAuth2\Server\Grant\ClientCredentialsGrant',
'password' => 'League\OAuth2\Server\Grant\PasswordGrant',
'refresh_token' => 'League\OAuth2\Server\Grant\RefreshTokenGrant'
'authorization_code' => Grant\AuthCodeGrant::class,
'client_credentials' => Grant\ClientCredentialsGrant::class,
'password' => Grant\PasswordGrant::class,
'refresh_token' => Grant\RefreshTokenGrant::class,
];
public function getAuthServer() {
@@ -57,6 +60,8 @@ class Component extends \yii\base\Component {
$grant = new $this->grantMap[$grantType]();
$this->_authServer->addGrantType($grant);
}
SecureKey::setAlgorithm(new UuidAlgorithm());
}
return $this->_authServer;

17
common/components/oauth/Util/KeyAlgorithm/UuidAlgorithm.php Normal file
View File

@@ -0,0 +1,17 @@
<?php
namespace common\components\oauth\Util\KeyAlgorithm;
use League\OAuth2\Server\Util\KeyAlgorithm\DefaultAlgorithm;
use League\OAuth2\Server\Util\KeyAlgorithm\KeyAlgorithmInterface;
use Ramsey\Uuid\Uuid;
class UuidAlgorithm extends DefaultAlgorithm implements KeyAlgorithmInterface {
/**
* @inheritdoc
*/
public function generate($len = 40) : string {
return Uuid::uuid5(Uuid::NAMESPACE_DNS, parent::generate($len))->toString();
}
}

2
tests/codeception/api/functional/_steps/OauthSteps.php
View File

@@ -17,7 +17,7 @@ class OauthSteps extends \tests\codeception\api\FunctionalTester {
], ['accept' => true]);
$this->canSeeResponseJsonMatchesJsonPath('$.redirectUri');
$response = json_decode($this->grabResponse(), true);
preg_match('/code=(\w+)/', $response['redirectUri'], $matches);
preg_match('/code=([\w-]+)/', $response['redirectUri'], $matches);
return $matches[1];
}