Merge latest version of 8 branch

2025-05-31 14:12:07 +05:30 · 2018-12-19 13:03:10 +00:00
parent 5ed8e59ef3 8e9368cf44
commit 16f37560d4
6 changed files with 98 additions and 28 deletions
--- a/src/Grant/AbstractGrant.php
+++ b/src/Grant/AbstractGrant.php
@@ -173,15 +173,7 @@ abstract class AbstractGrant implements GrantTypeInterface
     */
    protected function validateClient(ServerRequestInterface $request)
    {
-        list($basicAuthUser, $basicAuthPassword) = $this->getBasicAuthCredentials($request);
-
-        $clientId = $this->getRequestParameter('client_id', $request, $basicAuthUser);
-
-        if (is_null($clientId)) {
-            throw OAuthServerException::invalidRequest('client_id');
-        }
-
-        $clientSecret = $this->getRequestParameter('client_secret', $request, $basicAuthPassword);
+        list($clientId, $clientSecret) = $this->getClientCredentials($request);

        if ($this->clientRepository->validateClient($clientId, $clientSecret, $this->getIdentifier()) === false) {
            $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request));
@@ -201,6 +193,29 @@ abstract class AbstractGrant implements GrantTypeInterface
        return $client;
    }

+    /**
+     * Gets the client credentials from the request from the request body or
+     * the Http Basic Authorization header
+     *
+     * @param ServerRequestInterface $request
+     *
+     * @return array
+     */
+    protected function getClientCredentials(ServerRequestInterface $request)
+    {
+        list($basicAuthUser, $basicAuthPassword) = $this->getBasicAuthCredentials($request);
+
+        $clientId = $this->getRequestParameter('client_id', $request, $basicAuthUser);
+
+        if (is_null($clientId)) {
+            throw OAuthServerException::invalidRequest('client_id');
+        }
+
+        $clientSecret = $this->getRequestParameter('client_secret', $request, $basicAuthPassword);
+
+        return [$clientId, $clientSecret];
+    }
+
    /**
     * Validate redirectUri from the request.
     * If a redirect URI is provided ensure it matches what is pre-registered
--- a/src/Grant/AuthCodeGrant.php
+++ b/src/Grant/AuthCodeGrant.php
@@ -92,11 +92,7 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
        ResponseTypeInterface $responseType,
        DateInterval $accessTokenTTL
    ) {
-        $clientId = $this->getRequestParameter('client_id', $request, null);
-
-        if ($clientId === null) {
-            throw OAuthServerException::invalidRequest('client_id');
-        }
+        list($clientId) = $this->getClientCredentials($request);

        $client = $this->clientRepository->getClientEntity($clientId);

--- a/src/Grant/PasswordGrant.php
+++ b/src/Grant/PasswordGrant.php
@@ -82,11 +82,13 @@ class PasswordGrant extends AbstractGrant
    protected function validateUser(ServerRequestInterface $request, ClientEntityInterface $client)
    {
        $username = $this->getRequestParameter('username', $request);
+
        if (is_null($username)) {
            throw OAuthServerException::invalidRequest('username');
        }

        $password = $this->getRequestParameter('password', $request);
+
        if (is_null($password)) {
            throw OAuthServerException::invalidRequest('password');
        }
@@ -97,10 +99,11 @@ class PasswordGrant extends AbstractGrant
            $this->getIdentifier(),
            $client
        );
+
        if ($user instanceof UserEntityInterface === false) {
            $this->getEmitter()->emit(new RequestEvent(RequestEvent::USER_AUTHENTICATION_FAILED, $request));

-            throw OAuthServerException::invalidCredentials();
+            throw OAuthServerException::invalidGrant();
        }

        return $user;