ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2024-11-01 16:33:07 +05:30
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'v4.0.0-relational-example' into v4.0.0-WIP

Browse Source
This commit is contained in:
Alex Bilbie 2014-08-06 09:02:54 +01:00
commit 0754b9ec75
76 changed files with 1945 additions and 298 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
.gitignore vendored
View File

@ -2,8 +2,11 @@
/composer.lock
/build
/docs
/testing
/examples/relational/vendor
/examples/relational/config/oauth2.sqlite3
/examples/nosql/vendor
/examples/nosql/config/oauth2.sqlite3
/examples/nosql/config/oauth2.sqlite3
/examples/relational/composer.lock
/tests/codecept/tests/_log
tests/_output/*
oauth2-server.paw

13
.travis.yml
View File

@ -13,12 +13,13 @@ matrix:
before_script:
- composer self-update
- composer require satooshi/php-coveralls:dev-master --no-update --dev
- composer install --prefer-source
- composer install
- cd examples/relational && composer install --prefer-dist
- php config/init.php
- php -S localhost:8000 &
- sleep 3
- cd ../..
script:
- mkdir -p build/logs
- phpunit --coverage-text
- ./vendor/bin/phpcs src --standard=psr2
after_script:
- php vendor/bin/coveralls
- phpunit --coverage-text

11
README.md
View File

@ -12,15 +12,18 @@ The framework is provided as a Composer package which can be installed by adding
```javascript
{
"require": {
"league/oauth2-server": "3.*"
"league/oauth2-server": "4.*"
}
}
```
### Framework Integrations
### Storage Adapters
* [Laravel 4 service provider](https://packagist.org/packages/lucadegasperi/oauth2-server-laravel) by @lucadegasperi
* [Laravel 4 Eloquent implementation](https://github.com/ScubaClick/scubaclick-oauth2) by @ScubaClick (under development)
The following adapters have been created by other developers to help you easily integrate this library into your project.
* [Redis storage adapter](https://github.com/jasonlewis/oauth2-server-redis) by @jasonlewis
If you want to roll your own adapter check out the docs.
---

12
composer.json
View File

@ -5,18 +5,24 @@
"license": "MIT",
"require": {
"php": ">=5.4.0",
"symfony/http-foundation": "~2.1"
"symfony/http-foundation": "~2.1",
"league/event": "0.2.0"
},
"require-dev": {
"phpunit/phpunit": "~4.0",
"mockery/mockery": "~0.9",
"league/phpunit-coverage-listener": "~1.0",
"squizlabs/php_codesniffer": "1.*"
"squizlabs/php_codesniffer": "1.*",
"codeception/codeception": "2.0.*",
"alexbilbie/fizzfuzz": "dev-develop"
},
"repositories": [
{
"type": "git",
"url": "https://github.com/thephpleague/oauth2-server.git"
},{
"type": "git",
"url": "https://github.com/alexbilbie/fizzfuzz.git"
}
],
"keywords": [
@ -54,7 +60,7 @@
},
"autoload-dev": {
"psr-4": {
"LeagueTests\\": "tests/"
"LeagueTests\\": "tests/unit/"
}
},
"extra": {

25
examples/relational/Model/Users.php Normal file
View File

@ -0,0 +1,25 @@
<?php
namespace RelationalExample\Model;
use Illuminate\Database\Capsule\Manager as Capsule;
class Users
{
public function get($username = null)
{
$query = Capsule::table('users')->select(['username', 'password', 'name', 'email', 'photo']);
if ($username !== null) {
$query->where('username', '=', $username);
}
$result = $query->get();
if (count($result) > 0) {
return $result;
}
return null;
}
}

97
examples/relational/Storage/AccessTokenStorage.php Normal file
View File

@ -0,0 +1,97 @@
<?php
namespace RelationalExample\Storage;
use League\OAuth2\Server\Storage\AccessTokenInterface;
use League\OAuth2\Server\Storage\Adapter;
use League\OAuth2\Server\Entity\AccessTokenEntity;
use League\OAuth2\Server\Entity\AbstractTokenEntity;
use League\OAuth2\Server\Entity\RefreshTokenEntity;
use League\OAuth2\Server\Entity\ScopeEntity;
use Illuminate\Database\Capsule\Manager as Capsule;
class AccessTokenStorage extends Adapter implements AccessTokenInterface
{
/**
* {@inheritdoc}
*/
public function get($token)
{
$result = Capsule::table('oauth_access_tokens')
->where('access_token', $token)
->where('expire_time', '>=', time())
->get();
if (count($result) === 1) {
$token = (new AccessTokenEntity($this->server))
->setId($result[0]['access_token'])
->setExpireTime($result[0]['expire_time']);
return $token;
}
return null;
}
/**
* {@inheritdoc}
*/
public function getScopes(AbstractTokenEntity $token)
{
$result = Capsule::table('oauth_access_token_scopes')
->select(['oauth_scopes.id', 'oauth_scopes.description'])
->join('oauth_scopes', 'oauth_access_token_scopes.scope', '=', 'oauth_scopes.id')
->where('access_token', $token->getId())
->get();
$response = [];
if (count($result) > 0) {
foreach ($result as $row) {
$scope = (new ScopeEntity($this->server))->hydrate([
'id' => $row['id'],
'description' => $row['description']
]);
$response[] = $scope;
}
}
return $response;
}
/**
* {@inheritdoc}
*/
public function create($token, $expireTime, $sessionId)
{
Capsule::table('oauth_access_tokens')
->insert([
'access_token' => $token,
'session_id' => $sessionId,
'expire_time' => $expireTime
]);
}
/**
* {@inheritdoc}
*/
public function associateScope(AbstractTokenEntity $token, ScopeEntity $scope)
{
Capsule::table('oauth_access_token_scopes')
->insert([
'access_token' => $token->getId(),
'scope' => $scope->getId()
]);
}
/**
* {@inheritdoc}
*/
public function delete(AbstractTokenEntity $token)
{
Capsule::table('oauth_access_token_scopes')
->where('access_token', $token->getId())
->delete();
}
}

92
examples/relational/Storage/AuthCodeStorage.php Normal file
View File

@ -0,0 +1,92 @@
<?php
namespace RelationalExample\Storage;
use League\OAuth2\Server\Storage\AuthCodeInterface;
use League\OAuth2\Server\Storage\Adapter;
use League\OAuth2\Server\Entity\AuthCodeEntity;
use League\OAuth2\Server\Entity\ScopeEntity;
use Illuminate\Database\Capsule\Manager as Capsule;
class AuthCodeStorage extends Adapter implements AuthCodeInterface
{
/**
* {@inheritdoc}
*/
public function get($code)
{
$result = Capsule::table('oauth_auth_codes')
->where('auth_code', $code)
->where('expire_time', '>=', time())
->get();
if (count($result) === 1) {
$token = new AuthCodeEntity($this->server);
$token->setId($result[0]['auth_code']);
$token->setRedirectUri($result[0]['client_redirect_uri']);
return $token;
}
return null;
}
public function create($token, $expireTime, $sessionId, $redirectUri)
{
Capsule::table('oauth_auth_codes')
->insert([
'auth_code' => $token,
'client_redirect_uri' => $redirectUri,
'session_id' => $sessionId,
'expire_time' => $expireTime
]);
}
/**
* {@inheritdoc}
*/
public function getScopes(AuthCodeEntity $token)
{
$result = Capsule::table('oauth_auth_code_scopes')
->select(['oauth_scopes.id', 'oauth_scopes.description'])
->join('oauth_scopes', 'oauth_auth_code_scopes.scope', '=', 'oauth_scopes.id')
->where('auth_code', $token->getId())
->get();
$response = [];
if (count($result) > 0) {
foreach ($result as $row) {
$scope = (new ScopeEntity($this->server))->hydrate([
'id' => $row['id'],
'description' => $row['description']
]);
$response[] = $scope;
}
}
return $response;
}
/**
* {@inheritdoc}
*/
public function associateScope(AuthCodeEntity $token, ScopeEntity $scope)
{
Capsule::table('oauth_auth_code_scopes')
->insert([
'auth_code' => $token->getId(),
'scope' => $scope->getId()
]);
}
/**
* {@inheritdoc}
*/
public function delete(AuthCodeEntity $token)
{
Capsule::table('oauth_auth_codes')
->where('auth_code', $token->getId())
->delete();
}
}

71
examples/relational/Storage/ClientStorage.php Normal file
View File

@ -0,0 +1,71 @@
<?php
namespace RelationalExample\Storage;
use League\OAuth2\Server\Storage\ClientInterface;
use League\OAuth2\Server\Storage\Adapter;
use League\OAuth2\Server\Entity\ClientEntity;
use League\OAuth2\Server\Entity\SessionEntity;
use Illuminate\Database\Capsule\Manager as Capsule;
class ClientStorage extends Adapter implements ClientInterface
{
/**
* {@inheritdoc}
*/
public function get($clientId, $clientSecret = null, $redirectUri = null, $grantType = null)
{
$query = Capsule::table('oauth_clients')
->select('oauth_clients.*')
->where('oauth_clients.id', $clientId);
if ($clientSecret !== null) {
$query->where('oauth_clients.secret', $clientSecret);
}
if ($redirectUri) {
$query->join('oauth_client_redirect_uris', 'oauth_clients.id', '=', 'oauth_client_redirect_uris.client_id')
->select(['oauth_clients.*', 'oauth_client_redirect_uris.*'])
->where('oauth_client_redirect_uris.redirect_uri', $redirectUri);
}
$result = $query->get();
if (count($result) === 1) {
$client = new ClientEntity($this->server);
$client->hydrate([
'id' => $result[0]['id'],
'name' => $result[0]['name']
]);
return $client;
}
return null;
}
/**
* {@inheritdoc}
*/
public function getBySession(SessionEntity $session)
{
$result = Capsule::table('oauth_clients')
->select(['oauth_clients.id', 'oauth_clients.name'])
->join('oauth_sessions', 'oauth_clients.id', '=', 'oauth_sessions.client_id')
->where('oauth_sessions.id', $session->getId())
->get();
if (count($result) === 1) {
$client = new ClientEntity($this->server);
$client->hydrate([
'id' => $result[0]['id'],
'name' => $result[0]['name']
]);
return $client;
}
return null;
}
}

58
examples/relational/Storage/RefreshTokenStorage.php Normal file
View File

@ -0,0 +1,58 @@
<?php
namespace RelationalExample\Storage;
use League\OAuth2\Server\Storage\RefreshTokenInterface;
use League\OAuth2\Server\Storage\Adapter;
use League\OAuth2\Server\Entity\RefreshTokenEntity;
use Illuminate\Database\Capsule\Manager as Capsule;
class RefreshTokenStorage extends Adapter implements RefreshTokenInterface
{
/**
* {@inheritdoc}
*/
public function get($token)
{
$result = Capsule::table('oauth_refresh_tokens')
->where('refresh_token', $token)
->where('expire_time', '>=', time())
->get();
if (count($result) === 1) {
$token = (new RefreshTokenEntity($this->server))
->setId($result[0]['refresh_token'])
->setExpireTime($result[0]['expire_time'])
->setAccessTokenId($result[0]['access_token']);
return $token;
}
return null;
}
/**
* {@inheritdoc}
*/
public function create($token, $expireTime, $accessToken)
{
Capsule::table('oauth_refresh_tokens')
->insert([
'refresh_token' => $token,
'access_token' => $accessToken,
'expire_time' => $expireTime
]);
}
/**
* {@inheritdoc}
*/
public function delete(RefreshTokenEntity $token)
{
Capsule::table('oauth_refresh_tokens')
->where('refresh_token', $token->getId())
->delete();
}
}

31
examples/relational/Storage/ScopeStorage.php Normal file
View File

@ -0,0 +1,31 @@
<?php
namespace RelationalExample\Storage;
use League\OAuth2\Server\Storage\ScopeInterface;
use League\OAuth2\Server\Storage\Adapter;
use League\OAuth2\Server\Entity\ScopeEntity;
use Illuminate\Database\Capsule\Manager as Capsule;
class ScopeStorage extends Adapter implements ScopeInterface
{
/**
* {@inheritdoc}
*/
public function get($scope, $grantType = null)
{
$result = Capsule::table('oauth_scopes')
->where('id', $scope)
->get();
if (count($result) === 0) {
return null;
}
return (new ScopeEntity($this->server))->hydrate([
'id' => $result[0]['id'],
'description' => $result[0]['description']
]);
}
}

110
examples/relational/Storage/SessionStorage.php Normal file
View File

@ -0,0 +1,110 @@
<?php
namespace RelationalExample\Storage;
use League\OAuth2\Server\Storage\SessionInterface;
use League\OAuth2\Server\Storage\Adapter;
use League\OAuth2\Server\Entity\AccessTokenEntity;
use League\OAuth2\Server\Entity\AuthCodeEntity;
use League\OAuth2\Server\Entity\SessionEntity;
use League\OAuth2\Server\Entity\ScopeEntity;
use Illuminate\Database\Capsule\Manager as Capsule;
class SessionStorage extends Adapter implements SessionInterface
{
/**
* {@inheritdoc}
*/
public function getByAccessToken(AccessTokenEntity $accessToken)
{
$result = Capsule::table('oauth_sessions')
->select(['oauth_sessions.id', 'oauth_sessions.owner_type', 'oauth_sessions.owner_id', 'oauth_sessions.client_id', 'oauth_sessions.client_redirect_uri'])
->join('oauth_access_tokens', 'oauth_access_tokens.session_id', '=', 'oauth_sessions.id')
->where('oauth_access_tokens.access_token', $accessToken->getId())
->get();
if (count($result) === 1) {
$session = new SessionEntity($this->server);
$session->setId($result[0]['id']);
$session->setOwner($result[0]['owner_type'], $result[0]['owner_id']);
return $session;
}
return null;
}
/**
* {@inheritdoc}
*/
public function getByAuthCode(AuthCodeEntity $authCode)
{
$result = Capsule::table('oauth_sessions')
->select(['oauth_sessions.id', 'oauth_sessions.owner_type', 'oauth_sessions.owner_id', 'oauth_sessions.client_id', 'oauth_sessions.client_redirect_uri'])
->join('oauth_auth_codes', 'oauth_auth_codes.session_id', '=', 'oauth_sessions.id')
->where('oauth_auth_codes.auth_code', $authCode->getId())
->get();
if (count($result) === 1) {
$session = new SessionEntity($this->server);
$session->setId($result[0]['id']);
$session->setOwner($result[0]['owner_type'], $result[0]['owner_id']);
return $session;
}
return null;
}
/**
* {@inheritdoc}
*/
public function getScopes(SessionEntity $session)
{
$result = Capsule::table('oauth_sessions')
->select('oauth_scopes.*')
->join('oauth_session_scopes', 'oauth_sessions.id', '=', 'oauth_session_scopes.session_id')
->join('oauth_scopes', 'oauth_scopes.id', '=', 'oauth_session_scopes.scope')
->where('oauth_sessions.id', $session->getId())
->get();
$scopes = [];
foreach ($result as $scope) {
$scopes[] = (new ScopeEntity($this->server))->hydrate([
'id' => $scope['id'],
'description' => $scope['description']
]);
}
return $scopes;
}
/**
* {@inheritdoc}
*/
public function create($ownerType, $ownerId, $clientId, $clientRedirectUri = null)
{
$id = Capsule::table('oauth_sessions')
->insert([
'owner_type' => $ownerType,
'owner_id' => $ownerId,
'client_id' => $clientId
]);
return $id;
}
/**
* {@inheritdoc}
*/
public function associateScope(SessionEntity $session, ScopeEntity $scope)
{
Capsule::table('oauth_session_scopes')
->insert([
'session_id' => $session->getId(),
'scope' => $scope->getId()
]);
}
}

145
examples/relational/api.php Normal file
View File

@ -0,0 +1,145 @@
<?php
use \Orno\Http\Request;
use \Orno\Http\Response;
use \Orno\Http\JsonResponse;
use \Orno\Http\Exception\NotFoundException;
use \League\OAuth2\Server\ResourceServer;
use \RelationalExample\Storage;
use \RelationalExample\Model;
use Illuminate\Database\Capsule\Manager as Capsule;
use \League\Event\Emitter;
include __DIR__.'/vendor/autoload.php';
// Routing setup
$request = (new Request)->createFromGlobals();
$router = new \Orno\Route\RouteCollection;
$router->setStrategy(\Orno\Route\RouteStrategyInterface::RESTFUL_STRATEGY);
// Set up the OAuth 2.0 resource server
$sessionStorage = new Storage\SessionStorage();
$accessTokenStorage = new Storage\AccessTokenStorage();
$clientStorage = new Storage\ClientStorage();
$scopeStorage = new Storage\ScopeStorage();
$server = new ResourceServer(
$sessionStorage,
$accessTokenStorage,
$clientStorage,
$scopeStorage
);
// Routing setup
$request = (new Request)->createFromGlobals();
$router = new \Orno\Route\RouteCollection;
// GET /tokeninfo
$router->get('/tokeninfo', function (Request $request) use ($server) {
$token = [
'owner_id' => $server->getOwnerId(),
'owner_type' => $server->getOwnerType(),
'access_token' => $server->getAccessToken(),
'client_id' => $server->getClientId(),
'scopes' => $server->getScopes()
];
return new Response(json_encode($token));
});
// GET /users
$router->get('/users', function (Request $request) use ($server) {
$results = (new Model\Users())->get();
$users = [];
foreach ($results as $result) {
$user = [
'username' => $result['username'],
'name' => $result['name']
];
if ($server->hasScope('email')) {
$user['email'] = $result['email'];
}
if ($server->hasScope('photo')) {
$user['photo'] = $result['photo'];
}
$users[] = $user;
}
return new Response(json_encode($users));
});
// GET /users/{username}
$router->get('/users/{username}', function (Request $request, $args) use ($server) {
$result = (new Model\Users())->get($args['username']);
if (count($result) === 0) {
throw new NotFoundException();
}
$user = [
'username' => $result[0]['username'],
'name' => $result[0]['name']
];
if ($server->hasScope('email')) {
$user['email'] = $result[0]['email'];
}
if ($server->hasScope('photo')) {
$user['photo'] = $result[0]['photo'];
}
return new Response(json_encode($user));
});
$dispatcher = $router->getDispatcher();
try {
// Check that access token is present
$server->isValidRequest(false);
// A successful response
$response = $dispatcher->dispatch(
$request->getMethod(),
$request->getPathInfo()
);
} catch (\Orno\Http\Exception $e) {
// A failed response
$response = $e->getJsonResponse();
$response->setContent(json_encode(['status_code' => $e->getStatusCode(), 'message' => $e->getMessage()]));
} catch (\League\OAuth2\Server\Exception\OAuthException $e) {
$response = new Response(json_encode([
'error' => $e->errorType,
'message' => $e->getMessage()
]), $e->httpStatusCode);
foreach ($e->getHttpHeaders() as $header) {
$response->headers($header);
}
} catch (\Exception $e) {
$response = new Orno\Http\Response;
$response->setStatusCode(500);
$response->setContent(json_encode(['status_code' => 500, 'message' => $e->getMessage()]));
} finally {
// Return the response
$response->headers->set('Content-type', 'application/json');
$response->send();
}

139
examples/relational/authcode_grant.php Normal file
View File

@ -0,0 +1,139 @@
<?php
use \Orno\Http\Request;
use \Orno\Http\Response;
use \Orno\Http\JsonResponse;
use \Orno\Http\Exception\NotFoundException;
use \League\OAuth2\Server\ResourceServer;
use \RelationalExample\Storage;
use \RelationalExample\Model;
use Illuminate\Database\Capsule\Manager as Capsule;
use \League\Event\Emitter;
include __DIR__.'/vendor/autoload.php';
// Routing setup
$request = (new Request)->createFromGlobals();
$router = new \Orno\Route\RouteCollection;
$router->setStrategy(\Orno\Route\RouteStrategyInterface::RESTFUL_STRATEGY);
// Set up the OAuth 2.0 authorization server
$server = new \League\OAuth2\Server\AuthorizationServer;
$server->setSessionStorage(new Storage\SessionStorage);
$server->setAccessTokenStorage(new Storage\AccessTokenStorage);
$server->setRefreshTokenStorage(new Storage\RefreshTokenStorage);
$server->setClientStorage(new Storage\ClientStorage);
$server->setScopeStorage(new Storage\ScopeStorage);
$server->setAuthCodeStorage(new Storage\AuthCodeStorage);
$authCodeGrant = new \League\OAuth2\Server\Grant\AuthCodeGrant();
$server->addGrantType($authCodeGrant);
$refrehTokenGrant = new \League\OAuth2\Server\Grant\RefreshTokenGrant();
$server->addGrantType($refrehTokenGrant);
// Routing setup
$request = (new Request)->createFromGlobals();
$router = new \Orno\Route\RouteCollection;
$router->get('/authorize', function (Request $request) use ($server) {
// First ensure the parameters in the query string are correct
try {
$authParams = $server->getGrantType('authorization_code')->checkAuthorizeParams();
} catch (\Exception $e) {
return new Response(
json_encode([
'error' => $e->errorType,
'message' => $e->getMessage()
]),
$e->httpStatusCode,
$e->getHttpHeaders()
);
}
// Normally at this point you would show the user a sign-in screen and ask them to authorize the requested scopes
// ...
// ...
// ...
// Create a new authorize request which will respond with a redirect URI that the user will be redirected to
$redirectUri = $server->getGrantType('authorization_code')->newAuthorizeRequest('user', 1, $authParams);
$response = new Response('', 200, [
'Location' => $redirectUri
]);
return $response;
});
$router->post('/access_token', function (Request $request) use ($server) {
try {
$response = $server->issueAccessToken();
return new Response(json_encode($response), 200);
} catch (\Exception $e) {
return new Response(
json_encode([
'error' => $e->errorType,
'message' => $e->getMessage()
]),
$e->httpStatusCode,
$e->getHttpHeaders()
);
}
});
$dispatcher = $router->getDispatcher();
try {
// A successful response
$response = $dispatcher->dispatch(
$request->getMethod(),
$request->getPathInfo()
);
} catch (\Orno\Http\Exception $e) {
// A failed response
$response = $e->getJsonResponse();
$response->setContent(json_encode(['status_code' => $e->getStatusCode(), 'message' => $e->getMessage()]));
} catch (\League\OAuth2\Server\Exception\OAuthException $e) {
$response = new Response(json_encode([
'error' => $e->errorType,
'message' => $e->getMessage()
]), $e->httpStatusCode);
foreach ($e->getHttpHeaders() as $header) {
$response->headers($header);
}
} catch (\Exception $e) {
$response = new Orno\Http\Response;
$response->setStatusCode(500);
$response->setContent(json_encode(['status_code' => 500, 'message' => $e->getMessage()]));
} finally {
// Return the response
$response->headers->set('Content-type', 'application/json');
$response->send();
}

17
examples/relational/composer.json Normal file
View File

@ -0,0 +1,17 @@
{
"require": {
"illuminate/database": "4.1.*",
"orno/route": "1.*",
"ircmaxell/password-compat": "1.0.2",
"league/event": "0.2.0"
},
"autoload": {
"psr-4": {
"League\\OAuth2\\Server\\": "../../src/",
"RelationalExample\\": "."
},
"files": [
"config/db.php"
]
}
}

18
examples/relational/config/db.php Normal file
View File

@ -0,0 +1,18 @@
<?php
namespace RelationalExample\Config;
use Illuminate\Database\Capsule\Manager as Capsule;
include __DIR__.'/../vendor/autoload.php';
$capsule = new Capsule;
$capsule->addConnection([
'driver' => 'sqlite',
'database' => __DIR__.'/oauth2.sqlite3',
'charset' => 'utf8',
'collation' => 'utf8_unicode_ci'
]);
$capsule->setAsGlobal();

249
examples/relational/config/init.php Normal file
View File

@ -0,0 +1,249 @@
<?php
namespace RelationalExample\Config;
use Illuminate\Database\Capsule\Manager as Capsule;
include __DIR__.'/../vendor/autoload.php';
@unlink(__DIR__.'/oauth2.sqlite3');
touch(__DIR__.'/oauth2.sqlite3');
Capsule::statement('PRAGMA foreign_keys = ON');
/******************************************************************************/
print 'Creating users table'.PHP_EOL;
Capsule::schema()->create('users', function ($table) {
$table->increments('id');
$table->string('username');
$table->string('password');
$table->string('name');
$table->string('email');
$table->string('photo');
});
Capsule::table('users')->insert([
'username' => 'alexbilbie',
'password' => password_hash('whisky', PASSWORD_DEFAULT),
'name' => 'Alex Bilbie',
'email' => 'hello@alexbilbie.com',
'photo' => 'https://s.gravatar.com/avatar/14902eb1dac66b8458ebbb481d80f0a3'
]);
Capsule::table('users')->insert([
'username' => 'philsturgeon',
'password' => password_hash('cider', PASSWORD_DEFAULT),
'name' => 'Phil Sturgeon',
'email' => 'email@philsturgeon.co.uk',
'photo' => 'https://s.gravatar.com/avatar/14df293d6c5cd6f05996dfc606a6a951'
]);
/******************************************************************************/
print 'Creating clients table'.PHP_EOL;
Capsule::schema()->create('oauth_clients', function ($table) {
$table->string('id');
$table->string('secret');
$table->string('name');
$table->primary('id');
});
Capsule::table('oauth_clients')->insert([
'id' => 'testclient',
'secret' => 'secret',
'name' => 'Test Client'
]);
/******************************************************************************/
print 'Creating client redirect uris table'.PHP_EOL;
Capsule::schema()->create('oauth_client_redirect_uris', function ($table) {
$table->increments('id');
$table->string('client_id');
$table->string('redirect_uri');
});
Capsule::table('oauth_client_redirect_uris')->insert([
'client_id' => 'testclient',
'redirect_uri' => 'http://example.com/redirect'
]);
/******************************************************************************/
print 'Creating scopes table'.PHP_EOL;
Capsule::schema()->create('oauth_scopes', function ($table) {
$table->string('id');
$table->string('description');
$table->primary('id');
});
Capsule::table('oauth_scopes')->insert([
'id' => 'basic',
'description' => 'Basic details about your account'
]);
Capsule::table('oauth_scopes')->insert([
'id' => 'email',
'description' => 'Your email address'
]);
Capsule::table('oauth_scopes')->insert([
'id' => 'photo',
'description' => 'Your photo'
]);
/******************************************************************************/
print 'Creating sessions table'.PHP_EOL;
Capsule::schema()->create('oauth_sessions', function ($table) {
$table->increments('id');
$table->string('owner_type');
$table->string('owner_id');
$table->string('client_id');
$table->string('client_redirect_uri')->nullable();
$table->foreign('client_id')->references('id')->on('oauth_clients')->onDelete('cascade');
});
Capsule::table('oauth_sessions')->insert([
'owner_type' => 'client',
'owner_id' => 'testclient',
'client_id' => 'testclient'
]);
Capsule::table('oauth_sessions')->insert([
'owner_type' => 'user',
'owner_id' => '1',
'client_id' => 'testclient'
]);
Capsule::table('oauth_sessions')->insert([
'owner_type' => 'user',
'owner_id' => '2',
'client_id' => 'testclient'
]);
/******************************************************************************/
print 'Creating access tokens table'.PHP_EOL;
Capsule::schema()->create('oauth_access_tokens', function ($table) {
$table->string('access_token')->primary();
$table->integer('session_id');
$table->integer('expire_time');
$table->foreign('session_id')->references('id')->on('oauth_sessions')->onDelete('cascade');
});
Capsule::table('oauth_access_tokens')->insert([
'access_token' => 'iamgod',
'session_id' => '1',
'expire_time' => time() + 86400
]);
Capsule::table('oauth_access_tokens')->insert([
'access_token' => 'iamalex',
'session_id' => '2',
'expire_time' => time() + 86400
]);
Capsule::table('oauth_access_tokens')->insert([
'access_token' => 'iamphil',
'session_id' => '3',
'expire_time' => time() + 86400
]);
/******************************************************************************/
print 'Creating refresh tokens table'.PHP_EOL;
Capsule::schema()->create('oauth_refresh_tokens', function ($table) {
$table->string('refresh_token')->primary();
$table->integer('expire_time');
$table->string('access_token');
$table->foreign('access_token')->references('id')->on('oauth_access_tokens')->onDelete('cascade');
});
/******************************************************************************/
print 'Creating auth codes table'.PHP_EOL;
Capsule::schema()->create('oauth_auth_codes', function ($table) {
$table->string('auth_code')->primary();
$table->integer('session_id');
$table->integer('expire_time');
$table->string('client_redirect_uri');
$table->foreign('session_id')->references('id')->on('oauth_sessions')->onDelete('cascade');
});
/******************************************************************************/
print 'Creating oauth access token scopes table'.PHP_EOL;
Capsule::schema()->create('oauth_access_token_scopes', function ($table) {
$table->increments('id');
$table->string('access_token');
$table->string('scope');
$table->foreign('access_token')->references('access_token')->on('oauth_access_tokens')->onDelete('cascade');
$table->foreign('scope')->references('id')->on('oauth_scopes')->onDelete('cascade');
});
Capsule::table('oauth_access_token_scopes')->insert([
'access_token' => 'iamgod',
'scope' => 'basic'
]);
Capsule::table('oauth_access_token_scopes')->insert([
'access_token' => 'iamgod',
'scope' => 'email'
]);
Capsule::table('oauth_access_token_scopes')->insert([
'access_token' => 'iamgod',
'scope' => 'photo'
]);
Capsule::table('oauth_access_token_scopes')->insert([
'access_token' => 'iamphil',
'scope' => 'email'
]);
Capsule::table('oauth_access_token_scopes')->insert([
'access_token' => 'iamalex',
'scope' => 'photo'
]);
/******************************************************************************/
print 'Creating oauth auth code scopes table'.PHP_EOL;
Capsule::schema()->create('oauth_auth_code_scopes', function ($table) {
$table->increments('id');
$table->string('auth_code');
$table->string('scope');
$table->foreign('auth_code')->references('auth_code')->on('oauth_auth_codes')->onDelete('cascade');
$table->foreign('scope')->references('id')->on('oauth_scopes')->onDelete('cascade');
});
/******************************************************************************/
print 'Creating oauth session scopes table'.PHP_EOL;
Capsule::schema()->create('oauth_session_scopes', function ($table) {
$table->increments('id');
$table->string('session_id');
$table->string('scope');
$table->foreign('session_id')->references('id')->on('oauth_sessions')->onDelete('cascade');
$table->foreign('scope')->references('id')->on('oauth_scopes')->onDelete('cascade');
});

114
examples/relational/other_grants.php Normal file
View File

@ -0,0 +1,114 @@
<?php
use \Orno\Http\Request;
use \Orno\Http\Response;
use \Orno\Http\JsonResponse;
use \Orno\Http\Exception\NotFoundException;
use \League\OAuth2\Server\ResourceServer;
use \RelationalExample\Storage;
use \RelationalExample\Model;
use Illuminate\Database\Capsule\Manager as Capsule;
use \League\Event\Emitter;
include __DIR__.'/vendor/autoload.php';
// Routing setup
$request = (new Request)->createFromGlobals();
$router = new \Orno\Route\RouteCollection;
$router->setStrategy(\Orno\Route\RouteStrategyInterface::RESTFUL_STRATEGY);
// Set up the OAuth 2.0 authorization server
$server = new \League\OAuth2\Server\AuthorizationServer;
$server->setSessionStorage(new Storage\SessionStorage);
$server->setAccessTokenStorage(new Storage\AccessTokenStorage);
$server->setRefreshTokenStorage(new Storage\RefreshTokenStorage);
$server->setClientStorage(new Storage\ClientStorage);
$server->setScopeStorage(new Storage\ScopeStorage);
$server->setAuthCodeStorage(new Storage\AuthCodeStorage);
$clientCredentials = new \League\OAuth2\Server\Grant\ClientCredentialsGrant();
$server->addGrantType($clientCredentials);
$passwordGrant = new \League\OAuth2\Server\Grant\PasswordGrant();
$passwordGrant->setVerifyCredentialsCallback(function ($username, $password) {
$result = (new Model\Users())->get($username);
if (count($result) !== 1) {
return false;
}
if (password_verify($password, $result[0]['password'])) {
return $username;
}
return false;
});
$server->addGrantType($passwordGrant);
$refrehTokenGrant = new \League\OAuth2\Server\Grant\RefreshTokenGrant();
$server->addGrantType($refrehTokenGrant);
// Routing setup
$request = (new Request)->createFromGlobals();
$router = new \Orno\Route\RouteCollection;
$router->post('/access_token', function (Request $request) use ($server) {
try {
$response = $server->issueAccessToken();
return new Response(json_encode($response), 200);
} catch (\Exception $e) {
return new Response(
json_encode([
'error' => $e->errorType,
'message' => $e->getMessage()
]),
$e->httpStatusCode,
$e->getHttpHeaders()
);
}
});
$dispatcher = $router->getDispatcher();
try {
// A successful response
$response = $dispatcher->dispatch(
$request->getMethod(),
$request->getPathInfo()
);
} catch (\Orno\Http\Exception $e) {
// A failed response
$response = $e->getJsonResponse();
$response->setContent(json_encode(['status_code' => $e->getStatusCode(), 'message' => $e->getMessage()]));
} catch (\League\OAuth2\Server\Exception\OAuthException $e) {
$response = new Response(json_encode([
'error' => $e->errorType,
'message' => $e->getMessage()
]), $e->httpStatusCode);
foreach ($e->getHttpHeaders() as $header) {
$response->headers($header);
}
} catch (\Exception $e) {
$response = new Orno\Http\Response;
$response->setStatusCode(500);
$response->setContent(json_encode(['status_code' => 500, 'message' => $e->getMessage()]));
} finally {
// Return the response
$response->headers->set('Content-type', 'application/json');
$response->send();
}

6
phpunit.xml
View File

@ -1,8 +1,8 @@
<?xml version="1.0" encoding="UTF-8"?>
<phpunit colors="true" convertNoticesToExceptions="true" convertWarningsToExceptions="true" stopOnError="true" stopOnFailure="true" stopOnIncomplete="false" stopOnSkipped="false" bootstrap="tests/Bootstrap.php">
<phpunit colors="true" convertNoticesToExceptions="true" convertWarningsToExceptions="true" stopOnError="true" stopOnFailure="true" stopOnIncomplete="false" stopOnSkipped="false" bootstrap="tests/unit/Bootstrap.php">
<testsuites>
<testsuite name="Tests">
<directory>./tests/</directory>
<directory>./tests/unit/</directory>
</testsuite>
</testsuites>
<filter>
@ -11,7 +11,7 @@
</whitelist>
</filter>
<logging>
<log type="coverage-text" target="php://stdout" title="thephpleague/oauth2-server" charset="UTF-8" yui="true" highlight="true" lowUpperBound="60" highLowerBound="90"/>
<!-- <log type="coverage-text" target="php://stdout" title="thephpleague/oauth2-server" charset="UTF-8" yui="true" highlight="true" lowUpperBound="60" highLowerBound="90"/> -->
<log type="coverage-html" target="build/coverage" title="thephpleague/oauth2-server" charset="UTF-8" yui="true" highlight="true" lowUpperBound="60" highLowerBound="90"/>
</logging>
</phpunit>

39
src/AbstractServer.php
View File

@ -14,6 +14,7 @@ namespace League\OAuth2\Server;
use League\OAuth2\Server\Exception;
use League\OAuth2\Server\TokenType\TokenTypeInterface;
use Symfony\Component\HttpFoundation\Request;
use League\Event\Emitter;
/**
* OAuth 2.0 Resource Server
@ -40,6 +41,42 @@ abstract class AbstractServer
*/
protected $tokenType;
/**
* Event emitter
*/
protected $eventEmitter;
/**
* Abstract server constructor
*/
public function __construct()
{
$this->setEventEmitter();
}
/**
* Set an event emitter
* @param object $emitter Event emitter object
*/
public function setEventEmitter($emitter = null)
{
if ($emitter === null) {
$this->eventEmitter = new Emitter;
} else {
$this->eventEmitter = $emitter;
}
}
public function addEventListener($eventName, callable $listener)
{
$this->eventEmitter->addListener($eventName, $listener);
}
public function getEventEmitter()
{
return $this->eventEmitter;
}
/**
* Sets the Request Object
* @param \Symfony\Component\HttpFoundation\Request The Request Object
@ -86,7 +123,7 @@ abstract class AbstractServer
* @param TokenTypeInterface $tokenType The token type
* @return void
*/
public function setTokenType(TokenTypeInterface $tokenType)
public function setIdType(TokenTypeInterface $tokenType)
{
$this->tokenType = $tokenType;
}

4
src/AuthorizationServer.php
View File

@ -78,7 +78,9 @@ class AuthorizationServer extends AbstractServer
$this->storages = [];
// Set Bearer as the default token type
$this->setTokenType(new Bearer);
$this->setIdType(new Bearer);
parent::__construct();
return $this;
}

23
src/Entity/AbstractTokenEntity.php
View File

@ -21,10 +21,10 @@ use Symfony\Component\HttpFoundation\ParameterBag;
abstract class AbstractTokenEntity
{
/**
* Access token ID
* Token identifier
* @var string
*/
protected $token;
protected $id;
/**
* Associated session
@ -34,7 +34,7 @@ abstract class AbstractTokenEntity
/**
* Session scopes
* @var \Symfony\Component\HttpFoundation\ParameterBag
* @var array Array of ScopeEntity
*/
protected $scopes;
@ -96,13 +96,13 @@ abstract class AbstractTokenEntity
}
/**
* Set access token ID
* Set token ID
* @param string $token Token ID
* @return self
*/
public function setToken($token = null)
public function setId($id = null)
{
$this->token = ($token !== null) ? $token : SecureKey::generate();
$this->id = ($id !== null) ? $id : SecureKey::generate();
return $this;
}
@ -111,9 +111,9 @@ abstract class AbstractTokenEntity
* Get the token ID
* @return string
*/
public function getToken()
public function getId()
{
return $this->token;
return $this->id;
}
/**
@ -153,11 +153,10 @@ abstract class AbstractTokenEntity
*/
public function __toString()
{
if (is_null($this->token)) {
throw new \BadMethodCallException('Token is null');
if ($this->id === null) {
return '';
}
return $this->token;
return $this->id;
}
/**

2
src/Entity/AccessTokenEntity.php
View File

@ -66,7 +66,7 @@ class AccessTokenEntity extends AbstractTokenEntity
public function save()
{
$this->server->getStorage('access_token')->create(
$this->getToken(),
$this->getId(),
$this->getExpireTime(),
$this->getSession()->getId()
);

7
src/Entity/AuthCodeEntity.php
View File

@ -55,7 +55,7 @@ class AuthCodeEntity extends AbstractTokenEntity
$uri .= (strstr($this->getRedirectUri(), $queryDelimeter) === false) ? $queryDelimeter : '&';
return $uri.http_build_query([
'code' => $this->getToken(),
'code' => $this->getId(),
'state' => $state
]);
}
@ -94,9 +94,10 @@ class AuthCodeEntity extends AbstractTokenEntity
public function save()
{
$this->server->getStorage('auth_code')->create(
$this->getToken(),
$this->getId(),
$this->getExpireTime(),
$this->getSession()->getId()
$this->getSession()->getId(),
$this->getRedirectUri()
);
// Associate the scope with the token

50
src/Entity/ClientEntity.php
View File

@ -18,6 +18,8 @@ use League\OAuth2\Server\AbstractServer;
*/
class ClientEntity
{
use EntityTrait;
/**
* Client identifier
* @var string
@ -60,18 +62,6 @@ class ClientEntity
return $this;
}
/**
* Set the client identifier
* @param string $id
* @return self
*/
public function setId($id)
{
$this->id = $id;
return $this;
}
/**
* Return the client identifier
* @return string
@ -81,18 +71,6 @@ class ClientEntity
return $this->id;
}
/**
* Set the client secret
* @param string $secret
* @return self
*/
public function setSecret($secret)
{
$this->secret = $secret;
return $this;
}
/**
* Return the client secret
* @return string
@ -102,18 +80,6 @@ class ClientEntity
return $this->secret;
}
/**
* Set the client name
* @param string $name
* @return self
*/
public function setName($name)
{
$this->name = $name;
return $this;
}
/**
* Get the client name
* @return string
@ -123,18 +89,6 @@ class ClientEntity
return $this->name;
}
/**
* Set the client redirect URI
* @param string $redirectUri
* @return self
*/
public function setRedirectUri($redirectUri)
{
$this->redirectUri = $redirectUri;
return $this;
}
/**
* Returnt the client redirect URI
* @return string

30
src/Entity/EntityTrait.php Normal file
View File

@ -0,0 +1,30 @@
<?php
/**
* OAuth 2.0 Entity trait
*
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) Alex Bilbie
* @license http://mit-license.org/
* @link https://github.com/thephpleague/oauth2-server
*/
namespace League\OAuth2\Server\Entity;
trait EntityTrait
{
/**
* Hydrate an entity with properites
* @param array $properties
*/
public function hydrate(array $properties)
{
foreach ($properties as $prop => $val) {
if (property_exists($this, $prop)) {
$this->{$prop} = $val;
}
}
return $this;
}
}

34
src/Entity/RefreshTokenEntity.php
View File

@ -20,16 +20,34 @@ class RefreshTokenEntity extends AbstractTokenEntity
* Access token associated to refresh token
* @var \League\OAuth2\Server\Entity\AccessTokenEntity
*/
protected $accessToken;
protected $accessTokenEntity;
/**
* Id of the access token
* @var string
*/
protected $accessTokenId;
/**
* Set the ID of the associated access token
* @param string $accessToken
* @return self
*/
public function setAccessTokenId($accessTokenId)
{
$this->accessTokenId = $accessTokenId;
return $this;
}
/**
* Associate an access token
* @param \League\OAuth2\Server\Entity\AccessTokenEntity $accessToken
* @return self
*/
public function setAccessToken(AccessTokenEntity $accessToken)
public function setAccessToken(AccessTokenEntity $accessTokenEntity)
{
$this->accessToken = $accessToken;
$this->accessTokenEntity = $accessTokenEntity;
return $this;
}
@ -40,11 +58,11 @@ class RefreshTokenEntity extends AbstractTokenEntity
*/
public function getAccessToken()
{
if (! $this->accessToken instanceof AccessTokenEntity) {
$this->accessToken = $this->server->getStorage('access_token')->getByRefreshToken($this);
if (! $this->accessTokenEntity instanceof AccessTokenEntity) {
$this->accessTokenEntity = $this->server->getStorage('access_token')->get($this->accessTokenId);
}
return $this->accessToken;
return $this->accessTokenEntity;
}
/**
@ -53,9 +71,9 @@ class RefreshTokenEntity extends AbstractTokenEntity
public function save()
{
$this->server->getStorage('refresh_token')->create(
$this->getToken(),
$this->getId(),
$this->getExpireTime(),
$this->getAccessToken()->getToken()
$this->getAccessToken()->getId()
);
}

26
src/Entity/ScopeEntity.php
View File

@ -18,6 +18,8 @@ use League\OAuth2\Server\AbstractServer;
*/
class ScopeEntity implements \JsonSerializable
{
use EntityTrait;
/**
* Scope identifier
* @var string
@ -48,18 +50,6 @@ class ScopeEntity implements \JsonSerializable
return $this;
}
/**
* Set the scope identifer
* @param string $id The scope identifier
* @return self
*/
public function setId($id)
{
$this->id = $id;
return $this;
}
/**
* Return the scope identifer
* @return string
@ -69,18 +59,6 @@ class ScopeEntity implements \JsonSerializable
return $this->id;
}
/**
* Set the scope's descripton
* @param string $description
* @return self
*/
public function setDescription($description)
{
$this->description = $description;
return $this;
}
/**
* Return the scope's description
* @return string

3
src/Entity/SessionEntity.php
View File

@ -12,6 +12,7 @@
namespace League\OAuth2\Server\Entity;
use League\OAuth2\Server\AbstractServer;
use League\OAuth2\Server\Event;
use Symfony\Component\HttpFoundation\ParameterBag;
/**
@ -228,6 +229,8 @@ class SessionEntity
$this->ownerType = $type;
$this->ownerId = $id;
$this->server->getEventEmitter()->emit(new Event\SessionOwnerEvent($this));
return $this;
}

51
src/Event/SessionOwnerEvent.php Normal file
View File

@ -0,0 +1,51 @@
<?php
/**
* OAuth 2.0 session owner event
*
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) Alex Bilbie
* @license http://mit-license.org/
* @link https://github.com/thephpleague/oauth2-server
*/
namespace League\OAuth2\Server\Event;
use League\Event\AbstractEvent;
use League\OAuth2\Server\Entity\SessionEntity;
class SessionOwnerEvent extends AbstractEvent
{
/**
* Session entity
* @var \League\OAuth2\Server\Entity\SessionEntity
*/
private $session;
/**
* Init the event with a session
* @param \League\OAuth2\Server\Entity\SessionEntity $session
*/
public function __construct(SessionEntity $session)
{
$this->session = $session;
}
/**
* The name of the event
* @return string
*/
public function getName()
{
return 'session.owner';
}
/**
* Return session
* @return \League\OAuth2\Server\Entity\SessionEntity
*/
public function getSession()
{
return $this->session;
}
}

3
src/Exception/InvalidGrantException.php
View File

@ -34,8 +34,7 @@ class InvalidGrantException extends OAuthException
{
parent::__construct(
sprintf(
'The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used
in the authorization request, or was issued to another client. Check the "%s" parameter.',
'The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client. Check the "%s" parameter.',
$parameter
)
);

4
src/Exception/InvalidRefreshException.php
View File

@ -19,12 +19,12 @@ class InvalidRefreshException extends OAuthException
/**
* {@inheritdoc}
*/
public $httpStatusCode = 401;
public $httpStatusCode = 400;
/**
* {@inheritdoc}
*/
public $errorType = 'invalid_client';
public $errorType = 'invalid_request';
/**
* {@inheritdoc}

3
src/Exception/InvalidRequestException.php
View File

@ -34,8 +34,7 @@ class InvalidRequestException extends OAuthException
{
parent::__construct(
sprintf(
'The request is missing a required parameter, includes an invalid parameter value, includes a parameter
more than once, or is otherwise malformed. Check the "%s" parameter.',
'The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the "%s" parameter.',
$parameter
)
);

3
src/Exception/ServerErrorException.php
View File

@ -31,8 +31,7 @@ class ServerErrorException extends OAuthException
*/
public function __construct($parameter = null)
{
$parameter = is_null($parameter) ? 'The authorization server encountered an unexpected condition which prevented
it from fulfilling the request.' : $parameter;
$parameter = is_null($parameter) ? 'The authorization server encountered an unexpected condition which prevented it from fulfilling the request.' : $parameter;
parent::__construct($parameter);
}
}

2
src/Exception/UnauthorizedClientException.php
View File

@ -29,7 +29,7 @@ class UnauthorizedClientException extends OAuthException
/**
* {@inheritdoc}
*/
public function __construct($parameter)
public function __construct()
{
parent::__construct('The client is not authorized to request an access token using this method.');
}

30
src/Grant/AuthCodeGrant.php
View File

@ -66,12 +66,11 @@ class AuthCodeGrant extends AbstractGrant
}
/**
* Check authorise parameters
* Check authorize parameters
*
* @throws
* @return array Authorise request parameters
* @return array Authorize request parameters
*/
public function checkAuthoriseParams()
public function checkAuthorizeParams()
{
// Get required params
$clientId = $this->server->getRequest()->query->get('client_id', null);
@ -125,14 +124,14 @@ class AuthCodeGrant extends AbstractGrant
}
/**
* Parse a new authorise request
* Parse a new authorize request
*
* @param string $type The session owner's type
* @param string $typeId The session owner's ID
* @param array $authParams The authorise request $_GET parameters
* @param array $authParams The authorize request $_GET parameters
* @return string An authorisation code
*/
public function newAuthoriseRequest($type, $typeId, $authParams = [])
public function newAuthorizeRequest($type, $typeId, $authParams = [])
{
// Create a new session
$session = new SessionEntity($this->server);
@ -142,8 +141,9 @@ class AuthCodeGrant extends AbstractGrant
// Create a new auth code
$authCode = new AuthCodeEntity($this->server);
$authCode->setToken(SecureKey::generate());
$authCode->setId(SecureKey::generate());
$authCode->setRedirectUri($authParams['redirect_uri']);
$authCode->setExpireTime(time() + $this->authTokenTTL);
foreach ($authParams['scopes'] as $scope) {
$authCode->associateScope($scope);
@ -157,10 +157,9 @@ class AuthCodeGrant extends AbstractGrant
/**
* Complete the auth code grant
* @param null|array $inputParams
* @return array
*/
public function completeFlow($inputParams = null)
public function completeFlow()
{
// Get the required params
$clientId = $this->server->getRequest()->request->get('client_id', null);
@ -207,7 +206,7 @@ class AuthCodeGrant extends AbstractGrant
throw new Exception\InvalidRequestException('code');
}
// Check redirect URI presented matches redirect URI originally used in authorise request
// Check redirect URI presented matches redirect URI originally used in authorize request
if ($code->getRedirectUri() !== $redirectUri) {
throw new Exception\InvalidRequestException('redirect_uri');
}
@ -217,23 +216,22 @@ class AuthCodeGrant extends AbstractGrant
// Generate the access token
$accessToken = new AccessTokenEntity($this->server);
$accessToken->setToken(SecureKey::generate());
$accessToken->setId(SecureKey::generate());
$accessToken->setExpireTime($this->server->getAccessTokenTTL() + time());
foreach ($authCodeScopes as $authCodeScope) {
$session->associateScope($authCodeScope);
}
$this->server->getTokenType()->set('access_token', $accessToken->getToken());
$this->server->getTokenType()->set('expires', $accessToken->getExpireTime());
$this->server->getTokenType()->set('access_token', $accessToken->getId());
$this->server->getTokenType()->set('expires_in', $this->server->getAccessTokenTTL());
// Associate a refresh token if set
if ($this->server->hasGrantType('refresh_token')) {
$refreshToken = new RefreshTokenEntity($this->server);
$refreshToken->setToken(SecureKey::generate());
$refreshToken->setId(SecureKey::generate());
$refreshToken->setExpireTime($this->server->getGrantType('refresh_token')->getRefreshTokenTTL() + time());
$this->server->getTokenType()->set('refresh_token', $refreshToken->getToken());
$this->server->getTokenType()->set('refresh_token', $refreshToken->getId());
}
// Expire the auth code

5
src/Grant/ClientCredentialsGrant.php
View File

@ -93,7 +93,7 @@ class ClientCredentialsGrant extends AbstractGrant
// Generate an access token
$accessToken = new AccessTokenEntity($this->server);
$accessToken->setToken(SecureKey::generate());
$accessToken->setId(SecureKey::generate());
$accessToken->setExpireTime($this->server->getAccessTokenTTL() + time());
// Associate scopes with the session and access token
@ -107,8 +107,7 @@ class ClientCredentialsGrant extends AbstractGrant
$accessToken->setSession($session);
$accessToken->save($this->server->getStorage('access_token'));
$this->server->getTokenType()->set('access_token', $accessToken->getToken());
$this->server->getTokenType()->set('expires', $accessToken->getExpireTime());
$this->server->getTokenType()->set('access_token', $accessToken->getId());
$this->server->getTokenType()->set('expires_in', $this->server->getAccessTokenTTL());
return $this->server->getTokenType()->generateResponse();

12
src/Grant/PasswordGrant.php
View File

@ -72,10 +72,9 @@ class PasswordGrant extends AbstractGrant
/**
* Complete the password grant
* @param null|array $inputParams
* @return array
*/
public function completeFlow($inputParams = null)
public function completeFlow()
{
// Get the required params
$clientId = $this->server->getRequest()->request->get('client_id', null);
@ -134,7 +133,7 @@ class PasswordGrant extends AbstractGrant
// Generate an access token
$accessToken = new AccessTokenEntity($this->server);
$accessToken->setToken(SecureKey::generate());
$accessToken->setId(SecureKey::generate());
$accessToken->setExpireTime($this->server->getAccessTokenTTL() + time());
// Associate scopes with the session and access token
@ -143,16 +142,15 @@ class PasswordGrant extends AbstractGrant
$session->associateScope($scope);
}
$this->server->getTokenType()->set('access_token', $accessToken->getToken());
$this->server->getTokenType()->set('expires', $accessToken->getExpireTime());
$this->server->getTokenType()->set('access_token', $accessToken->getId());
$this->server->getTokenType()->set('expires_in', $this->server->getAccessTokenTTL());
// Associate a refresh token if set
if ($this->server->hasGrantType('refresh_token')) {
$refreshToken = new RefreshTokenEntity($this->server);
$refreshToken->setToken(SecureKey::generate());
$refreshToken->setId(SecureKey::generate());
$refreshToken->setExpireTime($this->server->getGrantType('refresh_token')->getRefreshTokenTTL() + time());
$this->server->getTokenType()->set('refresh_token', $refreshToken->getToken());
$this->server->getTokenType()->set('refresh_token', $refreshToken->getId());
}
// Save everything

9
src/Grant/RefreshTokenGrant.php
View File

@ -125,7 +125,7 @@ class RefreshTokenGrant extends AbstractGrant
// Generate a new access token and assign it the correct sessions
$newAccessToken = new AccessTokenEntity($this->server);
$newAccessToken->setToken(SecureKey::generate());
$newAccessToken->setId(SecureKey::generate());
$newAccessToken->setExpireTime($this->server->getAccessTokenTTL() + time());
$newAccessToken->setSession($session);
@ -137,8 +137,7 @@ class RefreshTokenGrant extends AbstractGrant
$oldAccessToken->expire($this->server->getStorage('access_token'));
$newAccessToken->save($this->server->getStorage('access_token'));
$this->server->getTokenType()->set('access_token', $newAccessToken->getToken());
$this->server->getTokenType()->set('expires', $newAccessToken->getExpireTime());
$this->server->getTokenType()->set('access_token', $newAccessToken->getId());
$this->server->getTokenType()->set('expires_in', $this->server->getAccessTokenTTL());
// Expire the old refresh token
@ -146,12 +145,12 @@ class RefreshTokenGrant extends AbstractGrant
// Generate a new refresh token
$newRefreshToken = new RefreshTokenEntity($this->server);
$newRefreshToken->setToken(SecureKey::generate());
$newRefreshToken->setId(SecureKey::generate());
$newRefreshToken->setExpireTime($this->getRefreshTokenTTL() + time());
$newRefreshToken->setAccessToken($newAccessToken);
$newRefreshToken->save($this->server->getStorage('refresh_token'));
$this->server->getTokenType()->set('refresh_token', $newRefreshToken->getToken());
$this->server->getTokenType()->set('refresh_token', $newRefreshToken->getId());
return $this->server->getTokenType()->generateResponse();
}

10
src/ResourceServer.php
View File

@ -64,7 +64,9 @@ class ResourceServer extends AbstractServer
$this->setStorage('scope', $scopeStorage);
// Set Bearer as the default token type
$this->setTokenType(new Bearer);
$this->setIdType(new Bearer);
parent::__construct();
return $this;
}
@ -87,7 +89,7 @@ class ResourceServer extends AbstractServer
* Returns the query string key for the access token.
* @return string
*/
public function getTokenKey()
public function getIdKey()
{
return $this->tokenKey;
}
@ -97,7 +99,7 @@ class ResourceServer extends AbstractServer
* @param $key The new query string key
* @return self
*/
public function setTokenKey($key)
public function setIdKey($key)
{
$this->tokenKey = $key;
@ -128,7 +130,7 @@ class ResourceServer extends AbstractServer
*/
public function getAccessToken()
{
return $this->accessToken->getToken();
return $this->accessToken->getId();
}
/**

7
src/Storage/AccessTokenInterface.php
View File

@ -28,13 +28,6 @@ interface AccessTokenInterface
*/
public function get($token);
/**
* Get the access token associated with an access token
* @param \League\OAuth2\Server\Entity\RefreshTokenEntity $refreshToken
* @return \League\OAuth2\Server\Entity\AccessTokenEntity
*/
public function getByRefreshToken(RefreshTokenEntity $refreshToken);
/**
* Get the scopes for an access token
* @param \League\OAuth2\Server\Entity\AbstractTokenEntity $token The access token

9
src/Storage/AuthCodeInterface.php
View File

@ -28,13 +28,14 @@ interface AuthCodeInterface
/**
* Create an auth code.
* @param string $token The token ID
* @param integer $expireTime Token expire time
* @param integer $sessionId Session identifier
* @param string $token The token ID
* @param integer $expireTime Token expire time
* @param integer $sessionId Session identifier
* @param string $redirectUri Client redirect uri
*
* @return void
*/
public function create($token, $expireTime, $sessionId);
public function create($token, $expireTime, $sessionId, $redirectUri);
/**
* Get the scopes for an access token

7
src/Storage/SessionInterface.php
View File

@ -21,13 +21,6 @@ use League\OAuth2\Server\Entity\ScopeEntity;
*/
interface SessionInterface
{
/**
* Get a session from it's identifier
* @param string $sessionId
* @return \League\OAuth2\Server\Entity\SessionEntity
*/
public function get($sessionId);
/**
* Get a session from an access token
* @param \League\OAuth2\Server\Entity\AccessTokenEntity $accessToken The access token

1
src/TokenType/Bearer.php
View File

@ -23,7 +23,6 @@ class Bearer extends AbstractTokenType implements TokenTypeInterface
$return = [
'access_token' => $this->get('access_token'),
'token_type' => 'Bearer',
'expires' => $this->get('expires'),
'expires_in' => $this->get('expires_in')
];

9
tests/fuzz/grant-authcode.yml Normal file
View File

@ -0,0 +1,9 @@
url: 'http://localhost:8000/authcode_grant.php/authorize?client_id=testclient&redirect_uri=http%3A%2F%2Fexample.com%2Fredirect&response_type=code&scope=basic'
request:
method: GET
response:
statusCode: 200
headers:
-
key: Location
valueRegex: /http:\/\/example.com\/redirect\?code=([a-zA-Z0-9]*)/

67
tests/fuzz/grant-client-credentials.yml Normal file
View File

@ -0,0 +1,67 @@
url: 'http://localhost:8000/other_grants.php/access_token'
request:
method: POST
body:
-
key: client_id
value: testclient
missing:
response.statusCode: 400
headers.content-type: "application/json"
body.error: invalid_request
body.message: "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the \"client_id\" parameter."
invalid:
response.statusCode: 401
headers.content-type: "application/json"
body.error: invalid_client
body.message: "Client authentication failed."
-
key: client_secret
value: secret
missing:
response.statusCode: 400
headers.content-type: "application/json"
body.error: invalid_request
body.message: "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the \"client_secret\" parameter."
invalid:
response.statusCode: 401
headers.content-type: "application/json"
body.error: invalid_client
body.message: "Client authentication failed."
-
key: grant_type
value: client_credentials
missing:
response.statusCode: 400
headers.content-type: "application/json"
body.error: invalid_request
body.message: "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the \"grant_type\" parameter."
invalid:
response.statusCode: 400
headers.content-type: "application/json"
body.error: unsupported_grant_type
#body.message: "The authorization grant type XXX is not supported by the authorization server."
-
key: scope
value: "basic"
invalid:
response.statusCode: 400
headers.content-type: "application/json"
body.error: invalid_scope
border.message: fooooooooo
response:
statusCode: 200
headers:
-
key: Content-type
value: application/json
body:
-
key: expires_in
valueType: integer
-
key: access_token
valueRegex: /([a-zA-Z0-9]*)/
-
key: token_type
value: Bearer

88
tests/fuzz/grant-password.yml Normal file
View File

@ -0,0 +1,88 @@
url: 'http://localhost:8000/other_grants.php/access_token'
request:
method: POST
body:
-
key: client_id
value: testclient
missing:
response.statusCode: 400
headers.content-type: "application/json"
body.error: invalid_request
body.message: "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the \"client_id\" parameter."
invalid:
response.statusCode: 401
headers.content-type: "application/json"
body.error: invalid_client
body.message: "Client authentication failed."
-
key: client_secret
value: secret
missing:
response.statusCode: 400
headers.content-type: "application/json"
body.error: invalid_request
body.message: "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the \"client_secret\" parameter."
invalid:
response.statusCode: 401
headers.content-type: "application/json"
body.error: invalid_client
body.message: "Client authentication failed."
-
key: username
value: alexbilbie
missing:
response.statusCode: 400
headers.content-type: "application/json"
body.error: invalid_request
body.message: "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the \"username\" parameter."
invalid:
response.statusCode: 401
headers.content-type: "application/json"
body.error: invalid_credentials
body.message: "The user credentials were incorrect."
-
key: password
value: whisky
missing:
response.statusCode: 400
headers.content-type: "application/json"
body.error: invalid_request
body.message: "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the \"password\" parameter."
invalid:
response.statusCode: 401
headers.content-type: "application/json"
body.error: invalid_credentials
body.message: "The user credentials were incorrect."
-
key: grant_type
value: password
missing:
response.statusCode: 400
headers.content-type: "application/json"
body.error: invalid_request
body.message: "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the \"grant_type\" parameter."
invalid:
response.statusCode: 400
headers.content-type: "application/json"
body.error: unsupported_grant_type
#body.message: "The authorization grant type XXX is not supported by the authorization server."
response:
statusCode: 200
headers:
-
key: Content-type
value: application/json
body:
-
key: expires_in
valueType: integer
-
key: access_token
valueRegex: /([a-zA-Z0-9]*)/
-
key: refresh_token
valueRegex: /([a-zA-Z0-9]*)/
-
key: token_type
value: Bearer

16
tests/fuzz/tokeninfo-no-access-token.yml Normal file
View File

@ -0,0 +1,16 @@
url: 'http://localhost:8000/api.php/tokeninfo'
request:
method: GET
response:
statusCode: 400
headers:
-
key: Content-type
value: application/json
body:
-
key: error
value: "invalid_request"
-
key: message
value: "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the \"access token\" parameter."

16
tests/fuzz/tokeninfo-no-invalid-token-query-string.yml Normal file
View File

@ -0,0 +1,16 @@
url: 'http://localhost:8000/api.php/tokeninfo?access_token=foobar'
request:
method: GET
response:
statusCode: 401
headers:
-
key: Content-type
value: application/json
body:
-
key: error
value: "access_denied"
-
key: message
value: "The resource owner or authorization server denied the request."

20
tests/fuzz/tokeninfo-no-invalid-token.yml Normal file
View File

@ -0,0 +1,20 @@
url: 'http://localhost:8000/api.php/tokeninfo'
request:
method: GET
headers:
-
key: Authorization
value: Bearer foobar
response:
statusCode: 401
headers:
-
key: Content-type
value: application/json
body:
-
key: error
value: "access_denied"
-
key: message
value: "The resource owner or authorization server denied the request."

26
tests/fuzz/tokeninfo-valid-token-header.yml Normal file
View File

@ -0,0 +1,26 @@
url: 'http://localhost:8000/api.php/tokeninfo'
request:
method: GET
headers:
-
key: Authorization
value: "Bearer iamgod"
response:
statusCode: 200
headers:
-
key: Content-type
value: application/json
body:
-
key: owner_id
value: testclient
-
key: owner_type
value: client
-
key: access_token
value: iamgod
-
key: client_id
value: testclient

22
tests/fuzz/tokeninfo-valid-token.yml Normal file
View File

@ -0,0 +1,22 @@
url: 'http://localhost:8000/api.php/tokeninfo?access_token=iamgod'
request:
method: GET
response:
statusCode: 200
headers:
-
key: Content-type
value: application/json
body:
-
key: owner_id
value: testclient
-
key: owner_type
value: client
-
key: access_token
value: iamgod
-
key: client_id
value: testclient

32
tests/fuzz/users-token-iamalex.yml Normal file
View File

@ -0,0 +1,32 @@
url: 'http://localhost:8000/api.php/users'
request:
method: GET
headers:
-
key: Authorization
value: Bearer iamalex
response:
statusCode: 200
headers:
-
key: Content-type
value: application/json
body:
-
key: 0.username
value: alexbilbie
-
key: 0.name
value: Alex Bilbie
-
key: 0.photo
valueType: string
-
key: 1.username
value: philsturgeon
-
key: 1.name
value: Phil Sturgeon
-
key: 1.photo
valueType: string

32
tests/fuzz/users-token-iamphil.yml Normal file
View File

@ -0,0 +1,32 @@
url: 'http://localhost:8000/api.php/users'
request:
method: GET
headers:
-
key: Authorization
value: Bearer iamphil
response:
statusCode: 200
headers:
-
key: Content-type
value: application/json
body:
-
key: 0.username
value: alexbilbie
-
key: 0.name
value: Alex Bilbie
-
key: 0.email
valueType: string
-
key: 1.username
value: philsturgeon
-
key: 1.name
value: Phil Sturgeon
-
key: 1.email
valueType: string

10
tests/AbstractServerTest.php → tests/unit/AbstractServerTest.php
View File

@ -9,11 +9,21 @@ class AbstractServerTest extends \PHPUnit_Framework_TestCase
public function testSetGet()
{
$server = new StubAbstractServer();
$var = 0;
$server->addEventListener('event.name', function() use ($var) {
$var++;
$this->assertSame(1, $var);
});
$server->getEventEmitter()->emit('event.name');
$this->assertTrue($server->getRequest() instanceof \Symfony\Component\HttpFoundation\Request);
$this->assertTrue($server->getEventEmitter() instanceof \League\Event\Emitter);
$server2 = new StubAbstractServer();
$server2->setRequest((new \Symfony\Component\HttpFoundation\Request));
$server2->setEventEmitter(1);
$this->assertTrue($server2->getRequest() instanceof \Symfony\Component\HttpFoundation\Request);
}
public function testGetStorageException()

0
tests/AuthorizationServerTest.php → tests/unit/AuthorizationServerTest.php
View File

2
tests/Bootstrap.php → tests/unit/Bootstrap.php
View File

@ -1,5 +1,5 @@
<?php
if (! @include_once __DIR__ . '/../vendor/autoload.php') {
if (! @include_once __DIR__ . '/../../vendor/autoload.php') {
exit("You must set up the project dependencies, run the following commands:\n> wget http://getcomposer.org/composer.phar\n> php composer.phar install\n");
}

22
tests/Entity/AbstractTokenEntityTest.php → tests/unit/Entity/AbstractTokenEntityTest.php
View File

@ -16,12 +16,12 @@ class AbstractTokenTest extends \PHPUnit_Framework_TestCase
$time = time();
$entity = new StubAbstractTokenEntity($server);
$entity->setToken('foobar');
$entity->setId('foobar');
$entity->setExpireTime($time);
$entity->setSession((new SessionEntity($server)));
$entity->associateScope((new ScopeEntity($server))->setId('foo'));
$entity->associateScope((new ScopeEntity($server))->hydrate(['id' => 'foo']));
$this->assertEquals('foobar', $entity->getToken());
$this->assertEquals('foobar', $entity->getId());
$this->assertEquals($time, $entity->getExpireTime());
// $this->assertTrue($entity->getSession() instanceof SessionEntity);
// $this->assertTrue($entity->hasScope('foo'));
@ -74,7 +74,7 @@ class AbstractTokenTest extends \PHPUnit_Framework_TestCase
$accessTokenStorage->shouldReceive('getScopes')->andReturn(
[]
);
$accessTokenStorage->shouldReceive('setServer');
$accessTokenStorage''>shouldReceive('setServer');
$server->setAccessTokenStorage($accessTokenStorage);
@ -92,8 +92,8 @@ class AbstractTokenTest extends \PHPUnit_Framework_TestCase
$method->setAccessible(true);
$scopes = [
(new ScopeEntity($server))->setId('scope1')->setDescription('foo'),
(new ScopeEntity($server))->setId('scope2')->setDescription('bar')
(new ScopeEntity($server))->hydrate(['id' => 'scope1', 'description' => 'foo']),
(new ScopeEntity($server))->hydrate(['id' => 'scope2', 'description' => 'bar'])
];
$result = $method->invokeArgs($entity, [$scopes]);
@ -103,4 +103,14 @@ class AbstractTokenTest extends \PHPUnit_Framework_TestCase
$this->assertTrue($result['scope1'] instanceof ScopeEntity);
$this->assertTrue($result['scope2'] instanceof ScopeEntity);
}
public function test__toString()
{
$server = M::mock('League\OAuth2\Server\AbstractServer');
$entity = new StubAbstractTokenEntity($server);
$this->assertEquals('', (string) $entity);
$entity->setId('foobar');
$this->assertEquals('foobar', (string) $entity);
}
}

2
tests/Entity/AccessTokenEntityTest.php → tests/unit/Entity/AccessTokenEntityTest.php
View File

@ -20,7 +20,7 @@ class AccessTokenTest extends \PHPUnit_Framework_TestCase
$accessTokenStorage->shouldReceive('associateScope');
$accessTokenStorage->shouldReceive('setServer');
$accessTokenStorage->shouldReceive('getScopes')->andReturn([
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
]);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');

4
tests/Entity/AuthCodeEntityTest.php → tests/unit/Entity/AuthCodeEntityTest.php
View File

@ -18,7 +18,7 @@ class AuthCodeTest extends \PHPUnit_Framework_TestCase
$code = new AuthCodeEntity($server);
$code->setRedirectUri('http://foo/bar');
$code->setToken('foobar');
$code->setId('foobar');
$code->setSession($session);
$this->assertEquals('http://foo/bar', $code->getRedirectUri());
@ -37,7 +37,7 @@ class AuthCodeTest extends \PHPUnit_Framework_TestCase
$authCodeStorage->shouldReceive('associateScope');
$authCodeStorage->shouldReceive('setServer');
$authCodeStorage->shouldReceive('getScopes')->andReturn([
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
]);
$server->shouldReceive('getStorage')->with('auth_code')->andReturn($authCodeStorage);

11
tests/Entity/ClientEntityTest.php → tests/unit/Entity/ClientEntityTest.php
View File

@ -10,11 +10,12 @@ class ClientTest extends \PHPUnit_Framework_TestCase
public function testSetGet()
{
$server = M::mock('League\OAuth2\Server\AbstractServer');
$client = new ClientEntity($server);
$client->setId('foobar');
$client->setSecret('barfoo');
$client->setName('Test Client');
$client->setRedirectUri('http://foo/bar');
$client = (new ClientEntity($server))->hydrate([
'id' => 'foobar',
'secret' => 'barfoo',
'name' => 'Test Client',
'redirectUri' => 'http://foo/bar'
]);
$this->assertEquals('foobar', $client->getId());
$this->assertEquals('barfoo', $client->getSecret());

23
tests/Entity/RefreshTokenEntityTest.php → tests/unit/Entity/RefreshTokenEntityTest.php
View File

@ -8,8 +8,21 @@ use League\OAuth2\Server\Entity\AccessTokenEntity;
use League\OAuth2\Server\Entity\RefreshTokenEntity;
use \Mockery as M;
class RefreshTokenTest extends \PHPUnit_Framework_TestCase
class RefreshTokenEntityTest extends \PHPUnit_Framework_TestCase
{
public function testSetAccessTokenId()
{
$server = M::mock('League\OAuth2\Server\AbstractServer');
$entity = new RefreshTokenEntity($server);
$entity->setAccessTokenId('foobar');
$reflector = new \ReflectionClass($entity);
$accessTokenProperty = $reflector->getProperty('accessTokenId');
$accessTokenProperty->setAccessible(true);
$this->assertSame($accessTokenProperty->getValue($entity), 'foobar');
}
public function testSetAccessToken()
{
$server = M::mock('League\OAuth2\Server\AbstractServer');
@ -17,7 +30,7 @@ class RefreshTokenTest extends \PHPUnit_Framework_TestCase
$entity->setAccessToken((new AccessTokenEntity($server)));
$reflector = new \ReflectionClass($entity);
$accessTokenProperty = $reflector->getProperty('accessToken');
$accessTokenProperty = $reflector->getProperty('accessTokenEntity');
$accessTokenProperty->setAccessible(true);
$this->assertTrue($accessTokenProperty->getValue($entity) instanceof AccessTokenEntity);
@ -38,11 +51,11 @@ class RefreshTokenTest extends \PHPUnit_Framework_TestCase
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
$accessTokenStorage->shouldReceive('setServer');
$accessTokenStorage->shouldReceive('getByRefreshToken')->andReturn(
(new AccessTokenEntity($server))->setToken('foobar')
$accessTokenStorage->shouldReceive('get')->andReturn(
(new AccessTokenEntity($server))->setId('foobar')
);
$accessTokenStorage->shouldReceive('getScopes')->andReturn([
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
]);
$server->shouldReceive('getStorage')->with('access_token')->andReturn($accessTokenStorage);

7
tests/Entity/ScopeEntityTest.php → tests/unit/Entity/ScopeEntityTest.php
View File

@ -10,9 +10,10 @@ class ScopeTest extends \PHPUnit_Framework_TestCase
public function testSetGet()
{
$server = M::mock('League\OAuth2\Server\AbstractServer');
$scope = new ScopeEntity($server);
$scope->setId('foobar');
$scope->setDescription('barfoo');
$scope = (new ScopeEntity($server))->hydrate([
'id' => 'foobar',
'description' => 'barfoo'
]);
$this->assertEquals('foobar', $scope->getId());
$this->assertEquals('barfoo', $scope->getDescription());

18
tests/Entity/SessionEntityTest.php → tests/unit/Entity/SessionEntityTest.php
View File

@ -14,14 +14,22 @@ class SessionTest extends \PHPUnit_Framework_TestCase
{
public function testSetGet()
{
$emitter = M::mock('League\Event\Emitter');
$emitter->shouldReceive('emit');
$server = M::mock('League\OAuth2\Server\AbstractServer');
$server->shouldReceive('setEventEmitter');
$server->shouldReceive('getEventEmitter')->andReturn($emitter);
$server->setEventEmitter($emitter);
$entity = new SessionEntity($server);
$entity->setId('foobar');
$entity->setOwner('user', 123);
$entity->associateAccessToken((new AccessTokenEntity($server)));
$entity->associateRefreshToken((new RefreshTokenEntity($server)));
$entity->associateClient((new ClientEntity($server)));
$entity->associateScope((new ScopeEntity($server))->setId('foo'));
$entity->associateScope(
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
);
// $entity->associateAuthCode((new AuthCode($server)));
$this->assertEquals('foobar', $entity->getId());
@ -51,8 +59,8 @@ class SessionTest extends \PHPUnit_Framework_TestCase
$method->setAccessible(true);
$scopes = [
(new ScopeEntity($server))->setId('scope1')->setDescription('foo'),
(new ScopeEntity($server))->setId('scope2')->setDescription('bar')
(new ScopeEntity($server))->hydrate(['id' => 'scope1']),
(new ScopeEntity($server))->hydrate(['id' => 'scope2'])
];
$result = $method->invokeArgs($entity, [$scopes]);
@ -124,14 +132,14 @@ class SessionTest extends \PHPUnit_Framework_TestCase
$sessionStorage->shouldReceive('associateScope');
$sessionStorage->shouldReceive('setServer');
$sessionStorage->shouldReceive('getScopes')->andReturn([
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
]);
$server->shouldReceive('getStorage')->with('session')->andReturn($sessionStorage);
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('getBySession')->andReturn(
(new ClientEntity($server))->setId('foo')
(new ClientEntity($server))->hydrate(['id' => 'foo'])
);
$clientStorage->shouldReceive('setServer');

0
tests/Exception/OAuthExceptionTest.php → tests/unit/Exception/OAuthExceptionTest.php
View File

13
tests/Grant/AbstractGrantTest.php → tests/unit/Grant/AbstractGrantTest.php
View File

@ -36,8 +36,8 @@ class AbstractGrantTest extends \PHPUnit_Framework_TestCase
$method->setAccessible(true);
$scopes = [
(new ScopeEntity($server))->setId('scope1')->setDescription('foo'),
(new ScopeEntity($server))->setId('scope2')->setDescription('bar')
(new ScopeEntity($server))->hydrate(['id' => 'scope1', 'description' => 'foo']),
(new ScopeEntity($server))->hydrate(['id' => 'scope2', 'description' => 'bar'])
];
$result = $method->invokeArgs($grant, [$scopes]);
@ -55,7 +55,7 @@ class AbstractGrantTest extends \PHPUnit_Framework_TestCase
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
$scopeStorage->shouldReceive('setServer');
$scopeStorage->shouldReceive('get')->andReturn(
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
);
$server->setScopeStorage($scopeStorage);
@ -65,9 +65,8 @@ class AbstractGrantTest extends \PHPUnit_Framework_TestCase
$this->assertEquals(
[
'foo' => (new ScopeEntity($server))->setId('foo')
'foo' => (new ScopeEntity($server))->hydrate(['id' => 'foo'])
],
$grant->validateScopes('foo')
);
}
@ -113,7 +112,7 @@ class AbstractGrantTest extends \PHPUnit_Framework_TestCase
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
$scopeStorage->shouldReceive('setServer');
$scopeStorage->shouldReceive('get')->andReturn(
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
);
$server->setScopeStorage($scopeStorage);
@ -134,7 +133,7 @@ class AbstractGrantTest extends \PHPUnit_Framework_TestCase
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
$scopeStorage->shouldReceive('setServer');
$scopeStorage->shouldReceive('get')->andReturn(
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
);
$server->setScopeStorage($scopeStorage);

71
tests/Grant/AuthCodeGrantTest.php → tests/unit/Grant/AuthCodeGrantTest.php
View File

@ -35,7 +35,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
$grant = new AuthCodeGrant;
$server->addGrantType($grant);
$grant->checkAuthoriseParams();
$grant->checkAuthorizeParams();
}
@ -51,7 +51,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
$grant = new AuthCodeGrant;
$server->addGrantType($grant);
$grant->checkAuthoriseParams();
$grant->checkAuthorizeParams();
}
public function testCheckAuthoriseParamsMissingStateParam()
@ -68,7 +68,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
$server->requireStateParam(true);
$server->addGrantType($grant);
$grant->checkAuthoriseParams();
$grant->checkAuthorizeParams();
}
public function testCheckAuthoriseParamsMissingResponseType()
@ -84,7 +84,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
$grant = new AuthCodeGrant;
$server->addGrantType($grant);
$grant->checkAuthoriseParams();
$grant->checkAuthorizeParams();
}
public function testCheckAuthoriseParamsInvalidResponseType()
@ -101,7 +101,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
$grant = new AuthCodeGrant;
$server->addGrantType($grant);
$grant->checkAuthoriseParams();
$grant->checkAuthorizeParams();
}
public function testCheckAuthoriseParamsInvalidClient()
@ -124,7 +124,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
$server->setClientStorage($clientStorage);
$server->addGrantType($grant);
$grant->checkAuthoriseParams();
$grant->checkAuthorizeParams();
}
public function testCheckAuthoriseParamsInvalidScope()
@ -144,7 +144,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new ClientEntity($server))->setId('testapp')
(new ClientEntity($server))->hydrate(['id' => 'testapp'])
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
@ -167,7 +167,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
$server->setAccessTokenStorage($accessTokenStorage);
$server->addGrantType($grant);
$grant->checkAuthoriseParams();
$grant->checkAuthorizeParams();
}
public function testCheckAuthoriseParams()
@ -185,14 +185,14 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new ClientEntity($server))->setId('testapp')
(new ClientEntity($server))->hydrate(['id' => 'testapp'])
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
$sessionStorage->shouldReceive('setServer');
$sessionStorage->shouldReceive('create')->andreturn(123);
$sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
]);
$sessionStorage->shouldReceive('associateScope');
@ -200,14 +200,14 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
$accessTokenStorage->shouldReceive('setServer');
$accessTokenStorage->shouldReceive('create');
$accessTokenStorage->shouldReceive('getScopes')->andReturn([
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
]);
$accessTokenStorage->shouldReceive('associateScope');
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
$scopeStorage->shouldReceive('setServer');
$scopeStorage->shouldReceive('get')->andReturn(
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
);
$server->setClientStorage($clientStorage);
@ -217,7 +217,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
$server->addGrantType($grant);
$result = $grant->checkAuthoriseParams();
$result = $grant->checkAuthorizeParams();
$this->assertTrue($result['client'] instanceof ClientEntity);
$this->assertTrue($result['redirect_uri'] === $_GET['redirect_uri']);
@ -229,9 +229,8 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
public function testNewAuthoriseRequest()
{
$server = new AuthorizationServer;
$client = (new ClientEntity($server))->setId('testapp');
$scope = (new ScopeEntity($server))->setId('foo');
$client = (new ClientEntity($server))->hydrate(['id' => 'testapp']);
$scope = (new ScopeEntity($server))->hydrate(['id' => 'foo']);
$grant = new AuthCodeGrant;
$server->addGrantType($grant);
@ -250,7 +249,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
$authCodeStorage->shouldReceive('associateScope');
$server->setAuthCodeStorage($authCodeStorage);
$grant->newAuthoriseRequest('user', 123, [
$grant->newAuthorizeRequest('user', 123, [
'client' => $client,
'redirect_uri' => 'http://foo/bar',
'scopes' => [$scope],
@ -346,7 +345,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new ClientEntity($server))->setId('testapp')
(new ClientEntity($server))->hydrate(['id' => 'testapp'])
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
@ -395,7 +394,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new ClientEntity($server))->setId('testapp')
(new ClientEntity($server))->hydrate(['id' => 'testapp'])
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
@ -444,7 +443,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new ClientEntity($server))->setId('testapp')
(new ClientEntity($server))->hydrate(['id' => 'testapp'])
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
@ -464,7 +463,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
$authCodeStorage = M::mock('League\OAuth2\Server\Storage\AuthCodeInterface');
$authCodeStorage->shouldReceive('setServer');
$authCodeStorage->shouldReceive('get')->andReturn(
(new AuthCodeEntity($server))->setToken('foobar')->setRedirectUri('http://fail/face')
(new AuthCodeEntity($server))->setId('foobar')->setRedirectUri('http://fail/face')
);
$server->setClientStorage($clientStorage);
@ -493,10 +492,10 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('getBySession')->andReturn(
(new ClientEntity($server))->setId('testapp')
(new ClientEntity($server))->hydrate(['id' => 'testapp'])
);
$clientStorage->shouldReceive('get')->andReturn(
(new ClientEntity($server))->setId('testapp')
(new ClientEntity($server))->hydrate(['id' => 'testapp'])
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
@ -506,29 +505,32 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
$sessionStorage->shouldReceive('getByAuthCode')->andReturn(
(new SessionEntity($server))->setId('foobar')
);
$sessionStorage->shouldReceive('getScopes')->andReturn([
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
]);
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
$accessTokenStorage->shouldReceive('setServer');
$accessTokenStorage->shouldReceive('create');
$accessTokenStorage->shouldReceive('associateScope');
$accessTokenStorage->shouldReceive('getScopes')->andReturn([
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
]);
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
$scopeStorage->shouldReceive('setServer');
$scopeStorage->shouldReceive('get')->andReturn(
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
);
$authCodeStorage = M::mock('League\OAuth2\Server\Storage\AuthCodeInterface');
$authCodeStorage->shouldReceive('setServer');
$authCodeStorage->shouldReceive('delete');
$authCodeStorage->shouldReceive('get')->andReturn(
(new AuthCodeEntity($server))->setToken('foobar')->setRedirectUri('http://foo/bar')
(new AuthCodeEntity($server))->setId('foobar')->setRedirectUri('http://foo/bar')
);
$authCodeStorage->shouldReceive('getScopes')->andReturn([
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
]);
$server->setClientStorage($clientStorage);
@ -558,10 +560,10 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('getBySession')->andReturn(
(new ClientEntity($server))->setId('testapp')
(new ClientEntity($server))->hydrate(['id' => 'testapp'])
);
$clientStorage->shouldReceive('get')->andReturn(
(new ClientEntity($server))->setId('testapp')
(new ClientEntity($server))->hydrate(['id' => 'testapp'])
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
@ -571,29 +573,32 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
$sessionStorage->shouldReceive('getByAuthCode')->andReturn(
(new SessionEntity($server))->setId('foobar')
);
$sessionStorage->shouldReceive('getScopes')->andReturn([
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
]);
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
$accessTokenStorage->shouldReceive('setServer');
$accessTokenStorage->shouldReceive('create');
$accessTokenStorage->shouldReceive('associateScope');
$accessTokenStorage->shouldReceive('getScopes')->andReturn([
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
]);
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
$scopeStorage->shouldReceive('setServer');
$scopeStorage->shouldReceive('get')->andReturn(
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
);
$authCodeStorage = M::mock('League\OAuth2\Server\Storage\AuthCodeInterface');
$authCodeStorage->shouldReceive('setServer');
$authCodeStorage->shouldReceive('delete');
$authCodeStorage->shouldReceive('get')->andReturn(
(new AuthCodeEntity($server))->setToken('foobar')->setRedirectUri('http://foo/bar')
(new AuthCodeEntity($server))->setId('foobar')->setRedirectUri('http://foo/bar')
);
$authCodeStorage->shouldReceive('getScopes')->andReturn([
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
]);
$refreshTokenStorage = M::mock('League\OAuth2\Server\Storage\RefreshTokenInterface');

55
tests/Grant/ClientCredentialsGrantTest.php → tests/unit/Grant/ClientCredentialsGrantTest.php
View File

@ -80,7 +80,7 @@ class ClientCredentialsGrantTest extends \PHPUnit_Framework_TestCase
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new ClientEntity($server))->setId('testapp')
(new ClientEntity($server))->hydrate(['id' => 'testapp'])
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
@ -120,7 +120,7 @@ class ClientCredentialsGrantTest extends \PHPUnit_Framework_TestCase
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new ClientEntity($server))->setId('testapp')
(new ClientEntity($server))->hydrate(['id' => 'testapp'])
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
@ -138,7 +138,7 @@ class ClientCredentialsGrantTest extends \PHPUnit_Framework_TestCase
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
$scopeStorage->shouldReceive('setServer');
// $scopeStorage->shouldReceive('get')->andReturn(
// // (new ScopeEntity($server))->setId('foo')
// // (new ScopeEntity($server))->hydrate(['id' => 'foo'])
// );
$server->setClientStorage($clientStorage);
@ -165,14 +165,14 @@ class ClientCredentialsGrantTest extends \PHPUnit_Framework_TestCase
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new ClientEntity($server))->setId('testapp')
(new ClientEntity($server))->hydrate(['id' => 'testapp'])
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
$sessionStorage->shouldReceive('setServer');
$sessionStorage->shouldReceive('create')->andreturn(123);
$sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
]);
$sessionStorage->shouldReceive('associateScope');
@ -180,14 +180,55 @@ class ClientCredentialsGrantTest extends \PHPUnit_Framework_TestCase
$accessTokenStorage->shouldReceive('setServer');
$accessTokenStorage->shouldReceive('create');
$accessTokenStorage->shouldReceive('getScopes')->andReturn([
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
]);
$accessTokenStorage->shouldReceive('associateScope');
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
$scopeStorage->shouldReceive('setServer');
$scopeStorage->shouldReceive('get')->andReturn(
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
);
$server->setClientStorage($clientStorage);
$server->setScopeStorage($scopeStorage);
$server->setSessionStorage($sessionStorage);
$server->setAccessTokenStorage($accessTokenStorage);
$server->addGrantType($grant);
$server->issueAccessToken();
}
public function testClientNotAuthorizedToUseGrant()
{
$this->setExpectedException('\League\OAuth2\Server\Exception\UnauthorizedClientException');
$_POST = [
'grant_type' => 'client_credentials',
'client_id' => 'testapp',
'client_secret' => 'foobar',
'scope' => 'foo'
];
$server = new AuthorizationServer;
$grant = new ClientCredentialsGrant;
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andThrow(
new \League\OAuth2\Server\Exception\UnauthorizedClientException
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
$sessionStorage->shouldReceive('setServer');
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
$accessTokenStorage->shouldReceive('setServer');
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
$scopeStorage->shouldReceive('setServer');
$scopeStorage->shouldReceive('get')->andReturn(
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
);
$server->setClientStorage($clientStorage);

36
tests/Grant/PasswordGrantTest.php → tests/unit/Grant/PasswordGrantTest.php
View File

@ -80,7 +80,7 @@ class PasswordGrantTest extends \PHPUnit_Framework_TestCase
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new ClientEntity($server))->setId('testapp')
(new ClientEntity($server))->hydrate(['id' => 'testapp'])
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
@ -123,7 +123,7 @@ class PasswordGrantTest extends \PHPUnit_Framework_TestCase
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new ClientEntity($server))->setId('testapp')
(new ClientEntity($server))->hydrate(['id' => 'testapp'])
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
@ -167,7 +167,7 @@ class PasswordGrantTest extends \PHPUnit_Framework_TestCase
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new ClientEntity($server))->setId('testapp')
(new ClientEntity($server))->hydrate(['id' => 'testapp'])
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
@ -212,7 +212,7 @@ class PasswordGrantTest extends \PHPUnit_Framework_TestCase
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new ClientEntity($server))->setId('testapp')
(new ClientEntity($server))->hydrate(['id' => 'testapp'])
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
@ -259,7 +259,7 @@ class PasswordGrantTest extends \PHPUnit_Framework_TestCase
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new ClientEntity($server))->setId('testapp')
(new ClientEntity($server))->hydrate(['id' => 'testapp'])
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
@ -309,14 +309,14 @@ class PasswordGrantTest extends \PHPUnit_Framework_TestCase
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new ClientEntity($server))->setId('testapp')
(new ClientEntity($server))->hydrate(['id' => 'testapp'])
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
$sessionStorage->shouldReceive('setServer');
$sessionStorage->shouldReceive('create')->andreturn(123);
$sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
]);
$sessionStorage->shouldReceive('associateScope');
@ -324,14 +324,14 @@ class PasswordGrantTest extends \PHPUnit_Framework_TestCase
$accessTokenStorage->shouldReceive('setServer');
$accessTokenStorage->shouldReceive('create');
$accessTokenStorage->shouldReceive('getScopes')->andReturn([
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
]);
$accessTokenStorage->shouldReceive('associateScope');
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
$scopeStorage->shouldReceive('setServer');
$scopeStorage->shouldReceive('get')->andReturn(
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
);
$server->setClientStorage($clientStorage);
@ -363,14 +363,14 @@ class PasswordGrantTest extends \PHPUnit_Framework_TestCase
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new ClientEntity($server))->setId('testapp')
(new ClientEntity($server))->hydrate(['id' => 'testapp'])
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
$sessionStorage->shouldReceive('setServer');
$sessionStorage->shouldReceive('create')->andreturn(123);
$sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
]);
$sessionStorage->shouldReceive('associateScope');
@ -378,14 +378,14 @@ class PasswordGrantTest extends \PHPUnit_Framework_TestCase
$accessTokenStorage->shouldReceive('setServer');
$accessTokenStorage->shouldReceive('create');
$accessTokenStorage->shouldReceive('getScopes')->andReturn([
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
]);
$accessTokenStorage->shouldReceive('associateScope');
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
$scopeStorage->shouldReceive('setServer');
$scopeStorage->shouldReceive('get')->andReturn(
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
);
$server->setClientStorage($clientStorage);
@ -402,7 +402,6 @@ class PasswordGrantTest extends \PHPUnit_Framework_TestCase
$this->assertTrue(array_key_exists('access_token', $response));
$this->assertTrue(array_key_exists('token_type', $response));
$this->assertTrue(array_key_exists('expires_in', $response));
$this->assertTrue(array_key_exists('expires', $response));
}
public function testCompleteFlowRefreshToken()
@ -422,14 +421,14 @@ class PasswordGrantTest extends \PHPUnit_Framework_TestCase
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new ClientEntity($server))->setId('testapp')
(new ClientEntity($server))->hydrate(['id' => 'testapp'])
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
$sessionStorage->shouldReceive('setServer');
$sessionStorage->shouldReceive('create')->andreturn(123);
$sessionStorage->shouldReceive('getScopes')->shouldReceive('getScopes')->andReturn([
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
]);
$sessionStorage->shouldReceive('associateScope');
@ -437,14 +436,14 @@ class PasswordGrantTest extends \PHPUnit_Framework_TestCase
$accessTokenStorage->shouldReceive('setServer');
$accessTokenStorage->shouldReceive('create');
$accessTokenStorage->shouldReceive('getScopes')->andReturn([
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
]);
$accessTokenStorage->shouldReceive('associateScope');
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
$scopeStorage->shouldReceive('setServer');
$scopeStorage->shouldReceive('get')->andReturn(
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
);
$refreshTokenStorage = M::mock('League\OAuth2\Server\Storage\RefreshTokenInterface');
@ -470,6 +469,5 @@ class PasswordGrantTest extends \PHPUnit_Framework_TestCase
// $this->assertTrue(array_key_exists('refresh_token', $response));
$this->assertTrue(array_key_exists('token_type', $response));
$this->assertTrue(array_key_exists('expires_in', $response));
$this->assertTrue(array_key_exists('expires', $response));
}
}

36
tests/Grant/RefreshTokenGrantTest.php → tests/unit/Grant/RefreshTokenGrantTest.php
View File

@ -11,7 +11,7 @@ use League\OAuth2\Server\Entity\RefreshTokenEntity;
use League\OAuth2\Server\AuthorizationServer;
use Mockery as M;
class RefreshTokenGreantTest extends \PHPUnit_Framework_TestCase
class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
{
public function testSetRefreshTokenTTL()
{
@ -92,7 +92,7 @@ class RefreshTokenGreantTest extends \PHPUnit_Framework_TestCase
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new ClientEntity($server))->setId('testapp')
(new ClientEntity($server))->hydrate(['id' => 'testapp'])
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
@ -127,7 +127,7 @@ class RefreshTokenGreantTest extends \PHPUnit_Framework_TestCase
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new ClientEntity($server))->setId('testapp')
(new ClientEntity($server))->hydrate(['id' => 'testapp'])
);
$refreshTokenStorage = M::mock('League\OAuth2\Server\Storage\RefreshTokenInterface');
@ -161,7 +161,7 @@ class RefreshTokenGreantTest extends \PHPUnit_Framework_TestCase
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new ClientEntity($server))->setId('testapp')
(new ClientEntity($server))->hydrate(['id' => 'testapp'])
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
@ -174,13 +174,13 @@ class RefreshTokenGreantTest extends \PHPUnit_Framework_TestCase
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
$accessTokenStorage->shouldReceive('setServer');
$accessTokenStorage->shouldReceive('getByRefreshToken')->andReturn(
$accessTokenStorage->shouldReceive('get')->andReturn(
(new AccessTokenEntity($server))
);
$accessTokenStorage->shouldReceive('delete');
$accessTokenStorage->shouldReceive('create');
$accessTokenStorage->shouldReceive('getScopes')->andReturn([
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
]);
$accessTokenStorage->shouldReceive('associateScope');
@ -196,7 +196,7 @@ class RefreshTokenGreantTest extends \PHPUnit_Framework_TestCase
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
$scopeStorage->shouldReceive('setServer');
$scopeStorage->shouldReceive('get')->andReturn(
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
);
$server->setClientStorage($clientStorage);
@ -212,7 +212,6 @@ class RefreshTokenGreantTest extends \PHPUnit_Framework_TestCase
$this->assertTrue(array_key_exists('refresh_token', $response));
$this->assertTrue(array_key_exists('token_type', $response));
$this->assertTrue(array_key_exists('expires_in', $response));
$this->assertTrue(array_key_exists('expires', $response));
}
public function testCompleteFlowRequestScopes()
@ -228,12 +227,12 @@ class RefreshTokenGreantTest extends \PHPUnit_Framework_TestCase
$server = new AuthorizationServer;
$grant = new RefreshTokenGrant;
$oldSession = (new SessionEntity($server))->associateScope((new ScopeEntity($server))->setId('foo'));
$oldSession = (new SessionEntity($server))->associateScope((new ScopeEntity($server))->hydrate(['id' => 'foo']));
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new ClientEntity($server))->setId('testapp')
(new ClientEntity($server))->hydrate(['id' => 'testapp'])
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
@ -246,13 +245,13 @@ class RefreshTokenGreantTest extends \PHPUnit_Framework_TestCase
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
$accessTokenStorage->shouldReceive('setServer');
$accessTokenStorage->shouldReceive('getByRefreshToken')->andReturn(
$accessTokenStorage->shouldReceive('get')->andReturn(
(new AccessTokenEntity($server))
);
$accessTokenStorage->shouldReceive('delete');
$accessTokenStorage->shouldReceive('create');
$accessTokenStorage->shouldReceive('getScopes')->andReturn([
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
]);
$accessTokenStorage->shouldReceive('associateScope');
@ -268,7 +267,7 @@ class RefreshTokenGreantTest extends \PHPUnit_Framework_TestCase
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
$scopeStorage->shouldReceive('setServer');
$scopeStorage->shouldReceive('get')->andReturn(
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
);
$server->setClientStorage($clientStorage);
@ -284,7 +283,6 @@ class RefreshTokenGreantTest extends \PHPUnit_Framework_TestCase
$this->assertTrue(isset($response['refresh_token']));
$this->assertTrue(isset($response['token_type']));
$this->assertTrue(isset($response['expires_in']));
$this->assertTrue(isset($response['expires']));
}
public function testCompleteFlowRequestScopesInvalid()
@ -300,12 +298,12 @@ class RefreshTokenGreantTest extends \PHPUnit_Framework_TestCase
$server = new AuthorizationServer;
$grant = new RefreshTokenGrant;
$oldSession = (new SessionEntity($server))->associateScope((new ScopeEntity($server))->setId('foo'));
$oldSession = (new SessionEntity($server))->associateScope((new ScopeEntity($server))->hydrate(['id' => 'foo']));
$clientStorage = M::mock('League\OAuth2\Server\Storage\ClientInterface');
$clientStorage->shouldReceive('setServer');
$clientStorage->shouldReceive('get')->andReturn(
(new ClientEntity($server))->setId('testapp')
(new ClientEntity($server))->hydrate(['id' => 'testapp'])
);
$sessionStorage = M::mock('League\OAuth2\Server\Storage\SessionInterface');
@ -318,13 +316,13 @@ class RefreshTokenGreantTest extends \PHPUnit_Framework_TestCase
$accessTokenStorage = M::mock('League\OAuth2\Server\Storage\AccessTokenInterface');
$accessTokenStorage->shouldReceive('setServer');
$accessTokenStorage->shouldReceive('getByRefreshToken')->andReturn(
$accessTokenStorage->shouldReceive('get')->andReturn(
(new AccessTokenEntity($server))
);
$accessTokenStorage->shouldReceive('delete');
$accessTokenStorage->shouldReceive('create');
$accessTokenStorage->shouldReceive('getScopes')->andReturn([
(new ScopeEntity($server))->setId('foo')
(new ScopeEntity($server))->hydrate(['id' => 'foo'])
]);
$accessTokenStorage->shouldReceive('associateScope');
@ -340,7 +338,7 @@ class RefreshTokenGreantTest extends \PHPUnit_Framework_TestCase
$scopeStorage = M::mock('League\OAuth2\Server\Storage\ScopeInterface');
$scopeStorage->shouldReceive('setServer');
$scopeStorage->shouldReceive('get')->andReturn(
(new ScopeEntity($server))->setId('blah')
(new ScopeEntity($server))->hydrate(['id' => 'blah'])
);
$server->setClientStorage($clientStorage);

16
tests/ResourceServerTest.php → tests/unit/ResourceServerTest.php
View File

@ -135,15 +135,19 @@ class ResourceServerTest extends \PHPUnit_Framework_TestCase
$scopeStorage
);
$server->setTokenKey('at');
$server->setIdKey('at');
$server->addEventListener('session.owner', function($event) {
$this->assertTrue($event->getSession() instanceof \League\OAuth2\Server\Entity\SessionEntity);
});
$accessTokenStorage->shouldReceive('get')->andReturn(
(new AccessTokenEntity($server))->setToken('abcdef')
(new AccessTokenEntity($server))->setId('abcdef')
);
$accessTokenStorage->shouldReceive('getScopes')->andReturn([
(new ScopeEntity($server))->setId('foo'),
(new ScopeEntity($server))->setId('bar')
(new ScopeEntity($server))->hydrate(['id' => 'foo']),
(new ScopeEntity($server))->hydrate(['id' => 'bar'])
]);
$sessionStorage->shouldReceive('getByAccessToken')->andReturn(
@ -151,7 +155,7 @@ class ResourceServerTest extends \PHPUnit_Framework_TestCase
);
$clientStorage->shouldReceive('getBySession')->andReturn(
(new ClientEntity($server))->setId('testapp')
(new ClientEntity($server))->hydrate(['id' => 'testapp'])
);
$request = new \Symfony\Component\HttpFoundation\Request();
@ -161,7 +165,7 @@ class ResourceServerTest extends \PHPUnit_Framework_TestCase
$server->setRequest($request);
$this->assertTrue($server->isValidRequest());
$this->assertEquals('at', $server->getTokenKey());
$this->assertEquals('at', $server->getIdKey());
$this->assertEquals(123, $server->getOwnerId());
$this->assertEquals('user', $server->getOwnerType());
$this->assertEquals('abcdef', $server->getAccessToken());

0
tests/Storage/AdapterTest.php → tests/unit/Storage/AdapterTest.php
View File

0
tests/Stubs/StubAbstractGrant.php → tests/unit/Stubs/StubAbstractGrant.php
View File

0
tests/Stubs/StubAbstractServer.php → tests/unit/Stubs/StubAbstractServer.php
View File

0
tests/Stubs/StubAbstractTokenEntity.php → tests/unit/Stubs/StubAbstractTokenEntity.php
View File

0
tests/util/RedirectUriTest.php → tests/unit/util/RedirectUriTest.php
View File

0
tests/util/SecureKeyTest.php → tests/unit/util/SecureKeyTest.php
View File