From 94a064e2f46f9a1d6f35c6a7510844129c36dbb4 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Tue, 14 May 2013 09:44:12 +0100 Subject: [PATCH 01/54] Added fluent storage from #54 --- .../OAuth2/Server/Storage/Fluent/Client.php | 45 ++++ .../OAuth2/Server/Storage/Fluent/Scope.php | 25 +++ .../OAuth2/Server/Storage/Fluent/Session.php | 210 ++++++++++++++++++ 3 files changed, 280 insertions(+) create mode 100644 src/League/OAuth2/Server/Storage/Fluent/Client.php create mode 100644 src/League/OAuth2/Server/Storage/Fluent/Scope.php create mode 100644 src/League/OAuth2/Server/Storage/Fluent/Session.php diff --git a/src/League/OAuth2/Server/Storage/Fluent/Client.php b/src/League/OAuth2/Server/Storage/Fluent/Client.php new file mode 100644 index 00000000..8c8d5a2c --- /dev/null +++ b/src/League/OAuth2/Server/Storage/Fluent/Client.php @@ -0,0 +1,45 @@ +join('oauth_client_endpoints', 'oauth_clients.id', '=', 'oauth_client_endpoints.client_id') + ->where('oauth_clients.id', $clientId) + ->where('oauth_client_endpoints.redirect_uri', $redirectUri) + ->first(); + } + + elseif ( ! is_null($clientSecret) && is_null($redirectUri)) { + $result = DB::table('oauth_clients') + ->where('id', $clientId) + ->where('secret', $clientSecret) + ->first(); + } + + elseif ( ! is_null($clientSecret) && ! is_null($redirectUri)) { + $result = DB::table('oauth_clients') + ->join('oauth_client_endpoints', 'oauth_clients.id', '=', 'oauth_client_endpoints.client_id') + ->where('oauth_clients.id', $clientId) + ->where('oauth_clients.secret', $clientSecret) + ->where('oauth_client_endpoints.redirect_uri', $redirectUri) + ->first(); + } + + if (is_null($result)) { + return false; + } + + return array( + 'client_id' => $result->id, + 'client_secret' => $result->secret, + 'redirect_uri' => (isset($result->redirect_uri)) ? $result->redirect_uri : null, + 'name' => $result->name + ); + } + +} \ No newline at end of file diff --git a/src/League/OAuth2/Server/Storage/Fluent/Scope.php b/src/League/OAuth2/Server/Storage/Fluent/Scope.php new file mode 100644 index 00000000..ff99660b --- /dev/null +++ b/src/League/OAuth2/Server/Storage/Fluent/Scope.php @@ -0,0 +1,25 @@ +where('key', $scope) + ->first(); + + if (is_null($result)) { + return false; + } + + return array( + 'id' => $result->id, + 'scope' => $result->key, + 'name' => $result->name, + 'description' => $result->description + ); + } + +} \ No newline at end of file diff --git a/src/League/OAuth2/Server/Storage/Fluent/Session.php b/src/League/OAuth2/Server/Storage/Fluent/Session.php new file mode 100644 index 00000000..4a235614 --- /dev/null +++ b/src/League/OAuth2/Server/Storage/Fluent/Session.php @@ -0,0 +1,210 @@ +insertGetId([ + 'client_id' => $clientId, + 'owner_type' => $ownerType, + 'owner_id' => $ownerId + ]); + } + + /** + * Delete a session + * @param string $clientId The client ID + * @param string $ownerType The type of the session owner (e.g. "user") + * @param string $ownerId The ID of the session owner (e.g. "123") + * @return void + */ + public function deleteSession($clientId, $ownerType, $ownerId) + { + DB::table('oauth_sessions') + ->where('client_id', $clientId) + ->where('owner_type', $ownerType) + ->where('owner_id', $ownerId) + ->delete(); + } + + /** + * Associate a redirect URI with a session + * @param int $sessionId The session ID + * @param string $redirectUri The redirect URI + * @return void + */ + public function associateRedirectUri($sessionId, $redirectUri) + { + DB::table('oauth_session_redirects')->insert([ + 'session_id' => $sessionId, + 'redirect_uri' => $redirectUri, + ]); + } + + /** + * Associate an access token with a session + * @param int $sessionId The session ID + * @param string $accessToken The access token + * @param int $expireTime Unix timestamp of the access token expiry time + * @return int + */ + public function associateAccessToken($sessionId, $accessToken, $expireTime) + { + return DB::table('oauth_session_access_tokens')->insertGetId([ + 'session_id' => $sessionId, + 'access_token' => $accessToken, + 'access_token_expires' => $expireTime, + ]); + } + + /** + * Associate a refresh token with a session + * @param int $accessTokenId The access token ID + * @param string $refreshToken The refresh token + * @return void + */ + public function associateRefreshToken($accessTokenId, $refreshToken, $expireTime, $clientId) + { + DB::table('oauth_session_refresh_tokens')->insert([ + 'session_access_token_id' => $accessTokenId, + 'refresh_token' => $refreshToken, + 'refresh_token_expires' => $expireTime, + 'client_id' => $clientId, + ]); + } + + /** + * Assocate an authorization code with a session + * @param int $sessionId The session ID + * @param string $authCode The authorization code + * @param int $expireTime Unix timestamp of the access token expiry time + * @param string $scopeIds Comma seperated list of scope IDs to be later associated (default = null) + * @return void + */ + public function associateAuthCode($sessionId, $authCode, $expireTime, $scopeIds = null) + { + DB::table('oauth_session_authcodes')->insert([ + 'session_id' => $sessionId, + 'auth_code' => $authCode, + 'auth_code_expires' => $expireTime, + 'scope_ids' => $scopeIds, + ]); + } + + /** + * Remove an associated authorization token from a session + * @param int $sessionId The session ID + * @return void + */ + public function removeAuthCode($sessionId) + { + DB::table('oauth_session_authcodes') + ->where('session_id', $sessionId) + ->delete(); + } + + /** + * Validate an authorization code + * @param string $clientId The client ID + * @param string $redirectUri The redirect URI + * @param string $authCode The authorization code + * @return void + */ + public function validateAuthCode($clientId, $redirectUri, $authCode) + { + $result = DB::table('oauth_sessions') + ->select('oauth_sessions.id, oauth_session_authcodes.scope_ids') + ->join('oauth_session_authcodes', 'oauth_sessions.id', '=', 'oauth_session_authcodes.session_id') + ->join('oauth_session_redirects', 'oauth_sessions.id', '=', 'oauth_session_redirects.session_id') + ->where('oauth_sessions.client_id', $clientId) + ->where('oauth_session_authcodes.auth_code', $authCode) + ->where('oauth_session_authcodes.auth_code_expires', '>=', time()) + ->where('oauth_session_redirects.redirect_uri', $redirectUri) + ->first(); + + return (is_null($result)) ? false : (array) $result; + } + + /** + * Validate an access token + * @param string $accessToken The access token to be validated + * @return void + */ + public function validateAccessToken($accessToken) + { + $result = DB::table('oauth_session_access_tokens') + ->join('oauth_sessions', 'oauth_session_access_tokens.session_id', '=', 'oauth_sessions.id') + ->where('access_token', $accessToken) + ->where('access_token_expires', '>=', time()) + ->first(); + + return (is_null($result)) ? false : (array) $result; + } + + /** + * Validate a refresh token + * @param string $refreshToken The access token + * @return void + */ + public function validateRefreshToken($refreshToken, $clientId) + { + $result = DB::table('oauth_session_refresh_tokens') + ->where('refresh_token', $refreshToken) + ->where('client_id', $clientId) + ->where('refresh_token_expires', '>=', time()) + ->first(); + + return (is_null($result)) ? false : $result->session_access_token_id; + } + + /** + * Get an access token by ID + * @param int $accessTokenId The access token ID + * @return array + */ + public function getAccessToken($accessTokenId) + { + $result = DB::table('oauth_session_access_tokens') + ->where('id', $accessTokenId) + ->first(); + + return (is_null($result)) ? false : (array) $result; + } + + /** + * Associate a scope with an access token + * @param int $accessTokenId The ID of the access token + * @param int $scopeId The ID of the scope + * @return void + */ + public function associateScope($accessTokenId, $scopeId) + { + DB::table('oauth_session_token_scopes')->insert([ + 'session_access_token_id' => $accessTokenId, + 'scope_id' => $scopeId, + ]); + } + + /** + * Get all associated access tokens for an access token + * @param string $accessToken The access token + * @return array + */ + public function getScopes($accessToken) + { + return DB::table('oauth_session_token_scopes') + ->join('oauth_session_access_tokens', 'oauth_session_token_scopes.session_access_token_id', '=', 'oauth_session_access_tokens.id') + ->join('oauth_scopes', 'oauth_session_token_scopes.session_access_token_id', '=', 'oauth_scopes.id') + ->where('access_token', $accessToken) + ->get(); + } +} \ No newline at end of file From 1fcdbf45b2621f63960472ab9de49ff151efb966 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Tue, 14 May 2013 09:45:19 +0100 Subject: [PATCH 02/54] Removed docblocks --- .../OAuth2/Server/Storage/Fluent/Session.php | 81 +------------------ 1 file changed, 1 insertion(+), 80 deletions(-) diff --git a/src/League/OAuth2/Server/Storage/Fluent/Session.php b/src/League/OAuth2/Server/Storage/Fluent/Session.php index 4a235614..7f019bb1 100644 --- a/src/League/OAuth2/Server/Storage/Fluent/Session.php +++ b/src/League/OAuth2/Server/Storage/Fluent/Session.php @@ -4,13 +4,6 @@ use \League\OAuth2\Server\Storage\SessionInterface; class Session implements SessionInterface { - /** - * Create a new session - * @param string $clientId The client ID - * @param string $ownerType The type of the session owner (e.g. "user") - * @param string $ownerId The ID of the session owner (e.g. "123") - * @return int The session ID - */ public function createSession($clientId, $ownerType, $ownerId) { return DB::table('oauth_sessions')->insertGetId([ @@ -20,13 +13,6 @@ class Session implements SessionInterface ]); } - /** - * Delete a session - * @param string $clientId The client ID - * @param string $ownerType The type of the session owner (e.g. "user") - * @param string $ownerId The ID of the session owner (e.g. "123") - * @return void - */ public function deleteSession($clientId, $ownerType, $ownerId) { DB::table('oauth_sessions') @@ -36,12 +22,6 @@ class Session implements SessionInterface ->delete(); } - /** - * Associate a redirect URI with a session - * @param int $sessionId The session ID - * @param string $redirectUri The redirect URI - * @return void - */ public function associateRedirectUri($sessionId, $redirectUri) { DB::table('oauth_session_redirects')->insert([ @@ -50,13 +30,6 @@ class Session implements SessionInterface ]); } - /** - * Associate an access token with a session - * @param int $sessionId The session ID - * @param string $accessToken The access token - * @param int $expireTime Unix timestamp of the access token expiry time - * @return int - */ public function associateAccessToken($sessionId, $accessToken, $expireTime) { return DB::table('oauth_session_access_tokens')->insertGetId([ @@ -66,12 +39,6 @@ class Session implements SessionInterface ]); } - /** - * Associate a refresh token with a session - * @param int $accessTokenId The access token ID - * @param string $refreshToken The refresh token - * @return void - */ public function associateRefreshToken($accessTokenId, $refreshToken, $expireTime, $clientId) { DB::table('oauth_session_refresh_tokens')->insert([ @@ -82,14 +49,6 @@ class Session implements SessionInterface ]); } - /** - * Assocate an authorization code with a session - * @param int $sessionId The session ID - * @param string $authCode The authorization code - * @param int $expireTime Unix timestamp of the access token expiry time - * @param string $scopeIds Comma seperated list of scope IDs to be later associated (default = null) - * @return void - */ public function associateAuthCode($sessionId, $authCode, $expireTime, $scopeIds = null) { DB::table('oauth_session_authcodes')->insert([ @@ -100,11 +59,6 @@ class Session implements SessionInterface ]); } - /** - * Remove an associated authorization token from a session - * @param int $sessionId The session ID - * @return void - */ public function removeAuthCode($sessionId) { DB::table('oauth_session_authcodes') @@ -112,13 +66,6 @@ class Session implements SessionInterface ->delete(); } - /** - * Validate an authorization code - * @param string $clientId The client ID - * @param string $redirectUri The redirect URI - * @param string $authCode The authorization code - * @return void - */ public function validateAuthCode($clientId, $redirectUri, $authCode) { $result = DB::table('oauth_sessions') @@ -134,11 +81,6 @@ class Session implements SessionInterface return (is_null($result)) ? false : (array) $result; } - /** - * Validate an access token - * @param string $accessToken The access token to be validated - * @return void - */ public function validateAccessToken($accessToken) { $result = DB::table('oauth_session_access_tokens') @@ -150,11 +92,6 @@ class Session implements SessionInterface return (is_null($result)) ? false : (array) $result; } - /** - * Validate a refresh token - * @param string $refreshToken The access token - * @return void - */ public function validateRefreshToken($refreshToken, $clientId) { $result = DB::table('oauth_session_refresh_tokens') @@ -166,11 +103,6 @@ class Session implements SessionInterface return (is_null($result)) ? false : $result->session_access_token_id; } - /** - * Get an access token by ID - * @param int $accessTokenId The access token ID - * @return array - */ public function getAccessToken($accessTokenId) { $result = DB::table('oauth_session_access_tokens') @@ -180,13 +112,7 @@ class Session implements SessionInterface return (is_null($result)) ? false : (array) $result; } - /** - * Associate a scope with an access token - * @param int $accessTokenId The ID of the access token - * @param int $scopeId The ID of the scope - * @return void - */ - public function associateScope($accessTokenId, $scopeId) + public function associateScope($accessTokenId, $scopeId) { DB::table('oauth_session_token_scopes')->insert([ 'session_access_token_id' => $accessTokenId, @@ -194,11 +120,6 @@ class Session implements SessionInterface ]); } - /** - * Get all associated access tokens for an access token - * @param string $accessToken The access token - * @return array - */ public function getScopes($accessToken) { return DB::table('oauth_session_token_scopes') From 0b3a9dc88846c28a0223eb91ebdcdd79558b5415 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Tue, 14 May 2013 09:46:14 +0100 Subject: [PATCH 03/54] Converted PHP 5.4 array syntax to old-skool syntax --- .../OAuth2/Server/Storage/Fluent/Session.php | 24 +++++++++---------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/src/League/OAuth2/Server/Storage/Fluent/Session.php b/src/League/OAuth2/Server/Storage/Fluent/Session.php index 7f019bb1..f23d6ef6 100644 --- a/src/League/OAuth2/Server/Storage/Fluent/Session.php +++ b/src/League/OAuth2/Server/Storage/Fluent/Session.php @@ -6,11 +6,11 @@ class Session implements SessionInterface { public function createSession($clientId, $ownerType, $ownerId) { - return DB::table('oauth_sessions')->insertGetId([ + return DB::table('oauth_sessions')->insertGetId(array( 'client_id' => $clientId, 'owner_type' => $ownerType, 'owner_id' => $ownerId - ]); + )); } public function deleteSession($clientId, $ownerType, $ownerId) @@ -24,39 +24,39 @@ class Session implements SessionInterface public function associateRedirectUri($sessionId, $redirectUri) { - DB::table('oauth_session_redirects')->insert([ + DB::table('oauth_session_redirects')->insert(array( 'session_id' => $sessionId, 'redirect_uri' => $redirectUri, - ]); + )); } public function associateAccessToken($sessionId, $accessToken, $expireTime) { - return DB::table('oauth_session_access_tokens')->insertGetId([ + return DB::table('oauth_session_access_tokens')->insertGetId(array( 'session_id' => $sessionId, 'access_token' => $accessToken, 'access_token_expires' => $expireTime, - ]); + )); } public function associateRefreshToken($accessTokenId, $refreshToken, $expireTime, $clientId) { - DB::table('oauth_session_refresh_tokens')->insert([ + DB::table('oauth_session_refresh_tokens')->insert(array( 'session_access_token_id' => $accessTokenId, 'refresh_token' => $refreshToken, 'refresh_token_expires' => $expireTime, 'client_id' => $clientId, - ]); + )); } public function associateAuthCode($sessionId, $authCode, $expireTime, $scopeIds = null) { - DB::table('oauth_session_authcodes')->insert([ + DB::table('oauth_session_authcodes')->insert(array( 'session_id' => $sessionId, 'auth_code' => $authCode, 'auth_code_expires' => $expireTime, 'scope_ids' => $scopeIds, - ]); + )); } public function removeAuthCode($sessionId) @@ -114,10 +114,10 @@ class Session implements SessionInterface public function associateScope($accessTokenId, $scopeId) { - DB::table('oauth_session_token_scopes')->insert([ + DB::table('oauth_session_token_scopes')->insert(array( 'session_access_token_id' => $accessTokenId, 'scope_id' => $scopeId, - ]); + )); } public function getScopes($accessToken) From 4d36ebd3e7b9f6eb4775a97224b65c8f45cecb1f Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Tue, 14 May 2013 09:50:40 +0100 Subject: [PATCH 04/54] Added namespaces --- src/League/OAuth2/Server/Storage/Fluent/Client.php | 2 ++ src/League/OAuth2/Server/Storage/Fluent/Scope.php | 2 ++ src/League/OAuth2/Server/Storage/Fluent/Session.php | 2 ++ 3 files changed, 6 insertions(+) diff --git a/src/League/OAuth2/Server/Storage/Fluent/Client.php b/src/League/OAuth2/Server/Storage/Fluent/Client.php index 8c8d5a2c..b9e2dab4 100644 --- a/src/League/OAuth2/Server/Storage/Fluent/Client.php +++ b/src/League/OAuth2/Server/Storage/Fluent/Client.php @@ -1,5 +1,7 @@ Date: Sun, 2 Jun 2013 14:25:06 +0100 Subject: [PATCH 05/54] Added Doctrine/DBAL implementation of storage classes (thanks @inanimatt) --- composer.json | 3 +- .../OAuth2/Server/Storage/DBAL/Client.php | 52 ++++++ .../OAuth2/Server/Storage/DBAL/Scope.php | 38 ++++ .../OAuth2/Server/Storage/DBAL/Session.php | 176 ++++++++++++++++++ 4 files changed, 268 insertions(+), 1 deletion(-) create mode 100644 src/League/OAuth2/Server/Storage/DBAL/Client.php create mode 100644 src/League/OAuth2/Server/Storage/DBAL/Scope.php create mode 100644 src/League/OAuth2/Server/Storage/DBAL/Session.php diff --git a/composer.json b/composer.json index 40db4273..11ac8a95 100644 --- a/composer.json +++ b/composer.json @@ -43,6 +43,7 @@ } }, "suggest": { - "zetacomponents/database": "Allows use of the build in PDO storage classes" + "zetacomponents/database": "A PDO implementation of the storage classes", + "doctrine/dbal": "A Doctrine/DBAL implementation of the storage classes" } } \ No newline at end of file diff --git a/src/League/OAuth2/Server/Storage/DBAL/Client.php b/src/League/OAuth2/Server/Storage/DBAL/Client.php new file mode 100644 index 00000000..91e86f88 --- /dev/null +++ b/src/League/OAuth2/Server/Storage/DBAL/Client.php @@ -0,0 +1,52 @@ + + */ +namespace League\OAuth2\Server\Storage\DBAL; + +use League\OAuth2\Server\Storage\ClientInterface; + +class Client implements ClientInterface +{ + protected $db; + + public function __construct($db) + { + $this->db = $db; + } + + public function getClient($clientId, $clientSecret = null, $redirectUri = null, $grantType = null) + { + if ( ! is_null($redirectUri) && is_null($clientSecret)) { + $stmt = $this->db->prepare('SELECT oauth_clients.id, oauth_clients.secret, oauth_client_endpoints.redirect_uri, oauth_clients.name FROM oauth_clients LEFT JOIN oauth_client_endpoints ON oauth_client_endpoints.client_id = oauth_clients.id WHERE oauth_clients.id = :clientId AND oauth_client_endpoints.redirect_uri = :redirectUri'); + $stmt->bindValue(':redirectUri', $redirectUri); + } + + elseif ( ! is_null($clientSecret) && is_null($redirectUri)) { + $stmt = $this->db->prepare('SELECT oauth_clients.id, oauth_clients.secret, oauth_clients.name FROM oauth_clients WHERE oauth_clients.id = :clientId AND oauth_clients.secret = :clientSecret'); + $stmt->bindValue(':clientSecret', $clientSecret); + } + + elseif ( ! is_null($clientSecret) && ! is_null($redirectUri)) { + $stmt = $this->db->prepare('SELECT oauth_clients.id, oauth_clients.secret, oauth_client_endpoints.redirect_uri, oauth_clients.name FROM oauth_clients LEFT JOIN oauth_client_endpoints ON oauth_client_endpoints.client_id = oauth_clients.id WHERE oauth_clients.id = :clientId AND oauth_clients.secret = :clientSecret AND oauth_client_endpoints.redirect_uri = :redirectUri'); + $stmt->bindValue(':redirectUri', $redirectUri); + $stmt->bindValue(':clientSecret', $clientSecret); + } + + $stmt->bindValue(':clientId', $clientId); + $stmt->execute(); + + $row = $stmt->fetch(\PDO::FETCH_OBJ); + + if ($row === false) { + return false; + } + + return array( + 'client_id' => $row->id, + 'client_secret' => $row->secret, + 'redirect_uri' => (isset($row->redirect_uri)) ? $row->redirect_uri : null, + 'name' => $row->name + ); + } +} \ No newline at end of file diff --git a/src/League/OAuth2/Server/Storage/DBAL/Scope.php b/src/League/OAuth2/Server/Storage/DBAL/Scope.php new file mode 100644 index 00000000..3c5639ea --- /dev/null +++ b/src/League/OAuth2/Server/Storage/DBAL/Scope.php @@ -0,0 +1,38 @@ + + */ +namespace League\OAuth2\Server\Storage\DBAL; + +use League\OAuth2\Server\Storage\ScopeInterface; + +class Scope implements ScopeInterface +{ + protected $db; + + public function __construct($db) + { + $this->db = $db; + } + + public function getScope($scope, $clientId = null, $grantType = null) + { + $stmt = $this->db->prepare('SELECT * FROM oauth_scopes WHERE oauth_scopes.scope = :scope'); + $stmt->bindValue(':scope', $scope); + $stmt->execute(); + + $row = $stmt->fetch(\PDO::FETCH_OBJ); + + if ($row === false) { + return false; + } + + return array( + 'id' => $row->id, + 'scope' => $row->scope, + 'name' => $row->name, + 'description' => $row->description + ); + + } +} \ No newline at end of file diff --git a/src/League/OAuth2/Server/Storage/DBAL/Session.php b/src/League/OAuth2/Server/Storage/DBAL/Session.php new file mode 100644 index 00000000..58f8e515 --- /dev/null +++ b/src/League/OAuth2/Server/Storage/DBAL/Session.php @@ -0,0 +1,176 @@ + + */ +namespace League\OAuth2\Server\Storage\DBAL; + +use League\OAuth2\Server\Storage\SessionInterface; + +class Session implements SessionInterface +{ + protected $db; + + public function __construct($db) + { + $this->db = $db; + } + + public function createSession($clientId, $ownerType, $ownerId) + { + $this->db->insert('oauth_sessions', array( + 'client_id' => $clientId, + 'owner_type' => $ownerType, + 'owner_id' => $ownerId, + )); + + return $this->db->lastInsertId(); + } + + public function deleteSession($clientId, $ownerType, $ownerId) + { + $this->db->delete('oauth_sessions', array( + 'client_id' => $clientId, + 'owner_type' => $ownerType, + 'owner_id' => $ownerId, + )); + } + + public function associateRedirectUri($sessionId, $redirectUri) + { + $this->db->insert('oauth_session_redirects', array( + 'session_id' => $sessionId, + 'redirect_uri' => $redirectUri, + )); + } + + public function associateAccessToken($sessionId, $accessToken, $expireTime) + { + $this->db->insert('oauth_session_access_tokens', array( + 'session_id' => $sessionId, + 'access_token' => $accessToken, + 'access_token_expires' => $expireTime, + )); + + return $this->db->lastInsertId(); + } + + public function associateRefreshToken($accessTokenId, $refreshToken, $expireTime, $clientId) + { + $this->db->insert('oauth_session_refresh_tokens', array( + 'session_access_token_id' => $accessTokenId, + 'refresh_token' => $refreshToken, + 'refresh_token_expires' => $expireTime, + 'client_id' => $clientId, + )); + } + + public function associateAuthCode($sessionId, $authCode, $expireTime) + { + $this->db->insert('oauth_session_authcodes', array( + 'session_id' => $sessionId, + 'auth_code' => $authCode, + 'auth_code_expires' => $expireTime, + )); + + return $this->db->lastInsertId(); + } + + public function removeAuthCode($sessionId) + { + $this->db->delete('oauth_session_authcodes', array( + 'session_id' => $sessionId, + )); + } + + public function validateAuthCode($clientId, $redirectUri, $authCode) + { + $stmt = $this->db->prepare('SELECT oauth_sessions.id AS session_id, oauth_session_authcodes.id AS authcode_id + FROM oauth_sessions JOIN oauth_session_authcodes ON oauth_session_authcodes.`session_id` + = oauth_sessions.id JOIN oauth_session_redirects ON oauth_session_redirects.`session_id` + = oauth_sessions.id WHERE oauth_sessions.client_id = :clientId AND oauth_session_authcodes.`auth_code` + = :authCode AND `oauth_session_authcodes`.`auth_code_expires` >= :time AND + `oauth_session_redirects`.`redirect_uri` = :redirectUri'); + $stmt->bindValue(':clientId', $clientId); + $stmt->bindValue(':redirectUri', $redirectUri); + $stmt->bindValue(':authCode', $authCode); + $stmt->bindValue(':time', time()); + $stmt->execute(); + + $result = $stmt->fetch(\PDO::FETCH_OBJ); + + return ($result === false) ? false : (array) $result; + } + + public function validateAccessToken($accessToken) + { + $stmt = $this->db->prepare('SELECT session_id, oauth_sessions.`client_id`, oauth_sessions.`owner_id`, oauth_sessions.`owner_type` FROM `oauth_session_access_tokens` JOIN oauth_sessions ON oauth_sessions.`id` = session_id WHERE access_token = :accessToken AND access_token_expires >= ' . time()); + $stmt->bindValue(':accessToken', $accessToken); + $stmt->execute(); + + $result = $stmt->fetch(\PDO::FETCH_OBJ); + return ($result === false) ? false : (array) $result; + } + + public function removeRefreshToken($refreshToken) + { + $this->db->delete('oauth_session_refresh_tokens', array( + 'refresh_token' => $refreshToken, + )); + } + + public function validateRefreshToken($refreshToken, $clientId) + { + $stmt = $this->db->prepare('SELECT session_access_token_id FROM `oauth_session_refresh_tokens` WHERE + refresh_token = :refreshToken AND client_id = :clientId AND refresh_token_expires >= ' . time()); + $stmt->bindValue(':refreshToken', $refreshToken); + $stmt->bindValue(':clientId', $clientId); + $stmt->execute(); + + $result = $stmt->fetch(\PDO::FETCH_OBJ); + return ($result === false) ? false : $result->session_access_token_id; + } + + public function getAccessToken($accessTokenId) + { + $stmt = $this->db->prepare('SELECT * FROM `oauth_session_access_tokens` WHERE `id` = :accessTokenId'); + $stmt->bindValue(':accessTokenId', $accessTokenId); + $stmt->execute(); + + $result = $stmt->fetch(\PDO::FETCH_OBJ); + return ($result === false) ? false : (array) $result; + } + + public function associateAuthCodeScope($authCodeId, $scopeId) + { + $this->db->insert('oauth_session_authcode_scopes', array( + 'oauth_session_authcode_id' => $authCodeId, + 'scope_id' => $scopeId, + )); + } + + public function getAuthCodeScopes($oauthSessionAuthCodeId) + { + $stmt = $db->prepare('SELECT scope_id FROM `oauth_session_authcode_scopes` WHERE oauth_session_authcode_id = :authCodeId'); + $stmt->bindValue(':authCodeId', $oauthSessionAuthCodeId); + $stmt->execute(); + + return $stmt->fetchAll(); + } + + public function associateScope($accessTokenId, $scopeId) + { + $this->db->insert('oauth_session_token_scopes', array( + 'session_access_token_id' => $accessTokenId, + 'scope_id' => $scopeId, + )); + } + + public function getScopes($accessToken) + { + $stmt = $this->db->prepare('SELECT oauth_scopes.* FROM oauth_session_token_scopes JOIN oauth_session_access_tokens ON oauth_session_access_tokens.`id` = `oauth_session_token_scopes`.`session_access_token_id` JOIN oauth_scopes ON oauth_scopes.id = `oauth_session_token_scopes`.`scope_id` WHERE access_token = :accessToken'); + $stmt->bindValue(':accessToken', $accessToken); + $stmt->execute(); + + return $stmt->fetchAll(); + } +} \ No newline at end of file From 32a7ed38a9e738e4bb0840df77214a7675fe8ce1 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Sun, 2 Jun 2013 14:40:59 +0100 Subject: [PATCH 06/54] Updated PSR compliance. Added Illuminate\Support\Facades\DB namespace --- src/League/OAuth2/Server/Storage/Fluent/Client.php | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/src/League/OAuth2/Server/Storage/Fluent/Client.php b/src/League/OAuth2/Server/Storage/Fluent/Client.php index b9e2dab4..8b24811d 100644 --- a/src/League/OAuth2/Server/Storage/Fluent/Client.php +++ b/src/League/OAuth2/Server/Storage/Fluent/Client.php @@ -2,6 +2,7 @@ namespace League\OAuth2\Server\Storage\Fluent; +use \Illuminate\Support\Facades\DB as DB; use \League\OAuth2\Server\Storage\ClientInterface; class Client implements ClientInterface { @@ -14,16 +15,12 @@ class Client implements ClientInterface { ->where('oauth_clients.id', $clientId) ->where('oauth_client_endpoints.redirect_uri', $redirectUri) ->first(); - } - - elseif ( ! is_null($clientSecret) && is_null($redirectUri)) { + } elseif ( ! is_null($clientSecret) && is_null($redirectUri)) { $result = DB::table('oauth_clients') ->where('id', $clientId) ->where('secret', $clientSecret) ->first(); - } - - elseif ( ! is_null($clientSecret) && ! is_null($redirectUri)) { + } elseif ( ! is_null($clientSecret) && ! is_null($redirectUri)) { $result = DB::table('oauth_clients') ->join('oauth_client_endpoints', 'oauth_clients.id', '=', 'oauth_client_endpoints.client_id') ->where('oauth_clients.id', $clientId) From d901e90602f52302f87ef22adddd757a61c6142c Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Sun, 2 Jun 2013 14:41:38 +0100 Subject: [PATCH 07/54] Added \Illuminate\Support\Facades\DB namespace --- src/League/OAuth2/Server/Storage/Fluent/Scope.php | 1 + 1 file changed, 1 insertion(+) diff --git a/src/League/OAuth2/Server/Storage/Fluent/Scope.php b/src/League/OAuth2/Server/Storage/Fluent/Scope.php index db094243..22a2fe8a 100644 --- a/src/League/OAuth2/Server/Storage/Fluent/Scope.php +++ b/src/League/OAuth2/Server/Storage/Fluent/Scope.php @@ -2,6 +2,7 @@ namespace League\OAuth2\Server\Storage\Fluent; +use \Illuminate\Support\Facades\DB as DB; use \League\OAuth2\Server\Storage\ScopeInterface; class Scope implements ScopeInterface { From 4c4155fdacd770eff42211e254829ddca28eb420 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Sun, 2 Jun 2013 14:54:49 +0100 Subject: [PATCH 08/54] Added \Illuminate\Support\Facades\DB namespace --- src/League/OAuth2/Server/Storage/Fluent/Session.php | 1 + 1 file changed, 1 insertion(+) diff --git a/src/League/OAuth2/Server/Storage/Fluent/Session.php b/src/League/OAuth2/Server/Storage/Fluent/Session.php index e6f338b0..8af3a39f 100644 --- a/src/League/OAuth2/Server/Storage/Fluent/Session.php +++ b/src/League/OAuth2/Server/Storage/Fluent/Session.php @@ -2,6 +2,7 @@ namespace League\OAuth2\Server\Storage\Fluent; +use \Illuminate\Support\Facades\DB as DB; use \League\OAuth2\Server\Storage\SessionInterface; class Session implements SessionInterface From e442253e26f7e775a40de2c0a4d240692770b9ca Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Sun, 2 Jun 2013 14:58:52 +0100 Subject: [PATCH 09/54] Anal spacing fixes and removed PHP5.4+ specific array syntax --- .../OAuth2/Server/Storage/Fluent/Session.php | 81 +++++++++---------- 1 file changed, 40 insertions(+), 41 deletions(-) diff --git a/src/League/OAuth2/Server/Storage/Fluent/Session.php b/src/League/OAuth2/Server/Storage/Fluent/Session.php index 8af3a39f..dae2464a 100644 --- a/src/League/OAuth2/Server/Storage/Fluent/Session.php +++ b/src/League/OAuth2/Server/Storage/Fluent/Session.php @@ -5,14 +5,14 @@ namespace League\OAuth2\Server\Storage\Fluent; use \Illuminate\Support\Facades\DB as DB; use \League\OAuth2\Server\Storage\SessionInterface; -class Session implements SessionInterface -{ +class Session implements SessionInterface { + public function createSession($clientId, $ownerType, $ownerId) { return DB::table('oauth_sessions')->insertGetId(array( - 'client_id' => $clientId, - 'owner_type' => $ownerType, - 'owner_id' => $ownerId + 'client_id' => $clientId, + 'owner_type' => $ownerType, + 'owner_id' => $ownerId )); } @@ -28,37 +28,36 @@ class Session implements SessionInterface public function associateRedirectUri($sessionId, $redirectUri) { DB::table('oauth_session_redirects')->insert(array( - 'session_id' => $sessionId, - 'redirect_uri' => $redirectUri, + 'session_id' => $sessionId, + 'redirect_uri' => $redirectUri, )); } public function associateAccessToken($sessionId, $accessToken, $expireTime) { return DB::table('oauth_session_access_tokens')->insertGetId(array( - 'session_id' => $sessionId, - 'access_token' => $accessToken, - 'access_token_expires' => $expireTime, + 'session_id' => $sessionId, + 'access_token' => $accessToken, + 'access_token_expires' => $expireTime, )); } public function associateRefreshToken($accessTokenId, $refreshToken, $expireTime, $clientId) { DB::table('oauth_session_refresh_tokens')->insert(array( - 'session_access_token_id' => $accessTokenId, - 'refresh_token' => $refreshToken, - 'refresh_token_expires' => $expireTime, - 'client_id' => $clientId, + 'session_access_token_id' => $accessTokenId, + 'refresh_token' => $refreshToken, + 'refresh_token_expires' => $expireTime, + 'client_id' => $clientId, )); } - public function associateAuthCode($sessionId, $authCode, $expireTime, $scopeIds = null) + public function associateAuthCode($sessionId, $authCode, $expireTime) { DB::table('oauth_session_authcodes')->insert(array( 'session_id' => $sessionId, 'auth_code' => $authCode, - 'auth_code_expires' => $expireTime, - 'scope_ids' => $scopeIds, + 'auth_code_expires' => $expireTime )); } @@ -72,14 +71,14 @@ class Session implements SessionInterface public function validateAuthCode($clientId, $redirectUri, $authCode) { $result = DB::table('oauth_sessions') - ->select('oauth_sessions.id, oauth_session_authcodes.scope_ids') - ->join('oauth_session_authcodes', 'oauth_sessions.id', '=', 'oauth_session_authcodes.session_id') - ->join('oauth_session_redirects', 'oauth_sessions.id', '=', 'oauth_session_redirects.session_id') - ->where('oauth_sessions.client_id', $clientId) - ->where('oauth_session_authcodes.auth_code', $authCode) - ->where('oauth_session_authcodes.auth_code_expires', '>=', time()) - ->where('oauth_session_redirects.redirect_uri', $redirectUri) - ->first(); + ->select(array('oauth_sessions.id as session_id', 'oauth_session_authcodes.id as authcode_id')) + ->join('oauth_session_authcodes', 'oauth_sessions.id', '=', 'oauth_session_authcodes.session_id') + ->join('oauth_session_redirects', 'oauth_sessions.id', '=', 'oauth_session_redirects.session_id') + ->where('oauth_sessions.client_id', $clientId) + ->where('oauth_session_authcodes.auth_code', $authCode) + ->where('oauth_session_authcodes.auth_code_expires', '>=', time()) + ->where('oauth_session_redirects.redirect_uri', $redirectUri) + ->first(); return (is_null($result)) ? false : (array) $result; } @@ -87,10 +86,10 @@ class Session implements SessionInterface public function validateAccessToken($accessToken) { $result = DB::table('oauth_session_access_tokens') - ->join('oauth_sessions', 'oauth_session_access_tokens.session_id', '=', 'oauth_sessions.id') - ->where('access_token', $accessToken) - ->where('access_token_expires', '>=', time()) - ->first(); + ->join('oauth_sessions', 'oauth_session_access_tokens.session_id', '=', 'oauth_sessions.id') + ->where('access_token', $accessToken) + ->where('access_token_expires', '>=', time()) + ->first(); return (is_null($result)) ? false : (array) $result; } @@ -98,10 +97,10 @@ class Session implements SessionInterface public function validateRefreshToken($refreshToken, $clientId) { $result = DB::table('oauth_session_refresh_tokens') - ->where('refresh_token', $refreshToken) - ->where('client_id', $clientId) - ->where('refresh_token_expires', '>=', time()) - ->first(); + ->where('refresh_token', $refreshToken) + ->where('client_id', $clientId) + ->where('refresh_token_expires', '>=', time()) + ->first(); return (is_null($result)) ? false : $result->session_access_token_id; } @@ -109,8 +108,8 @@ class Session implements SessionInterface public function getAccessToken($accessTokenId) { $result = DB::table('oauth_session_access_tokens') - ->where('id', $accessTokenId) - ->first(); + ->where('id', $accessTokenId) + ->first(); return (is_null($result)) ? false : (array) $result; } @@ -118,17 +117,17 @@ class Session implements SessionInterface public function associateScope($accessTokenId, $scopeId) { DB::table('oauth_session_token_scopes')->insert(array( - 'session_access_token_id' => $accessTokenId, - 'scope_id' => $scopeId, + 'session_access_token_id' => $accessTokenId, + 'scope_id' => $scopeId, )); } public function getScopes($accessToken) { return DB::table('oauth_session_token_scopes') - ->join('oauth_session_access_tokens', 'oauth_session_token_scopes.session_access_token_id', '=', 'oauth_session_access_tokens.id') - ->join('oauth_scopes', 'oauth_session_token_scopes.session_access_token_id', '=', 'oauth_scopes.id') - ->where('access_token', $accessToken) - ->get(); + ->join('oauth_session_access_tokens', 'oauth_session_token_scopes.session_access_token_id', '=', 'oauth_session_access_tokens.id') + ->join('oauth_scopes', 'oauth_session_token_scopes.session_access_token_id', '=', 'oauth_scopes.id') + ->where('access_token', $accessToken) + ->get(); } } \ No newline at end of file From 0999bf4de3813eee699a650921d68e529db6906b Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Sun, 2 Jun 2013 14:58:59 +0100 Subject: [PATCH 10/54] Added missing functions --- .../OAuth2/Server/Storage/Fluent/Session.php | 23 +++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/src/League/OAuth2/Server/Storage/Fluent/Session.php b/src/League/OAuth2/Server/Storage/Fluent/Session.php index dae2464a..e188d2ee 100644 --- a/src/League/OAuth2/Server/Storage/Fluent/Session.php +++ b/src/League/OAuth2/Server/Storage/Fluent/Session.php @@ -130,4 +130,27 @@ class Session implements SessionInterface { ->where('access_token', $accessToken) ->get(); } + + public function associateAuthCodeScope($authCodeId, $scopeId) + { + DB::table('oauth_session_authcode_scopes')->insert(array( + 'oauth_session_authcode_id' => $authCodeId, + 'scope_id' => $scopeId + )); + } + + public function getAuthCodeScopes($oauthSessionAuthCodeId) + { + return DB::table('oauth_session_authcode_scopes') + ->where('oauth_session_authcode_id', '=', $oauthSessionAuthCodeId) + ->get(); + } + + public function removeRefreshToken($refreshToken) + { + DB::table('oauth_session_refresh_tokens') + ->where('refresh_token', '=', $refreshToken) + ->delete(); + } + } \ No newline at end of file From f78e05cb0821aa93713d635a722ca583b9e71f17 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Sun, 2 Jun 2013 14:59:05 +0100 Subject: [PATCH 11/54] Anal space fixes --- .../OAuth2/Server/Storage/Fluent/Client.php | 24 +++++++++---------- .../OAuth2/Server/Storage/Fluent/Scope.php | 19 +++++++-------- 2 files changed, 21 insertions(+), 22 deletions(-) diff --git a/src/League/OAuth2/Server/Storage/Fluent/Client.php b/src/League/OAuth2/Server/Storage/Fluent/Client.php index 8b24811d..b8adeb0a 100644 --- a/src/League/OAuth2/Server/Storage/Fluent/Client.php +++ b/src/League/OAuth2/Server/Storage/Fluent/Client.php @@ -11,22 +11,22 @@ class Client implements ClientInterface { { if ( ! is_null($redirectUri) && is_null($clientSecret)) { $result = DB::table('oauth_clients') - ->join('oauth_client_endpoints', 'oauth_clients.id', '=', 'oauth_client_endpoints.client_id') - ->where('oauth_clients.id', $clientId) - ->where('oauth_client_endpoints.redirect_uri', $redirectUri) - ->first(); + ->join('oauth_client_endpoints', 'oauth_clients.id', '=', 'oauth_client_endpoints.client_id') + ->where('oauth_clients.id', $clientId) + ->where('oauth_client_endpoints.redirect_uri', $redirectUri) + ->first(); } elseif ( ! is_null($clientSecret) && is_null($redirectUri)) { $result = DB::table('oauth_clients') - ->where('id', $clientId) - ->where('secret', $clientSecret) - ->first(); + ->where('id', $clientId) + ->where('secret', $clientSecret) + ->first(); } elseif ( ! is_null($clientSecret) && ! is_null($redirectUri)) { $result = DB::table('oauth_clients') - ->join('oauth_client_endpoints', 'oauth_clients.id', '=', 'oauth_client_endpoints.client_id') - ->where('oauth_clients.id', $clientId) - ->where('oauth_clients.secret', $clientSecret) - ->where('oauth_client_endpoints.redirect_uri', $redirectUri) - ->first(); + ->join('oauth_client_endpoints', 'oauth_clients.id', '=', 'oauth_client_endpoints.client_id') + ->where('oauth_clients.id', $clientId) + ->where('oauth_clients.secret', $clientSecret) + ->where('oauth_client_endpoints.redirect_uri', $redirectUri) + ->first(); } if (is_null($result)) { diff --git a/src/League/OAuth2/Server/Storage/Fluent/Scope.php b/src/League/OAuth2/Server/Storage/Fluent/Scope.php index 22a2fe8a..a68b7afd 100644 --- a/src/League/OAuth2/Server/Storage/Fluent/Scope.php +++ b/src/League/OAuth2/Server/Storage/Fluent/Scope.php @@ -8,21 +8,20 @@ use \League\OAuth2\Server\Storage\ScopeInterface; class Scope implements ScopeInterface { public function getScope($scope, $clientId = null, $grantType = null) - { - $result = DB::table('oauth_scopes') - ->where('key', $scope) - ->first(); + { + $result = DB::table('oauth_scopes') + ->where('key', $scope) + ->first(); if (is_null($result)) { return false; } return array( - 'id' => $result->id, - 'scope' => $result->key, - 'name' => $result->name, - 'description' => $result->description + 'id' => $result->id, + 'scope' => $result->key, + 'name' => $result->name, + 'description' => $result->description ); - } - + } } \ No newline at end of file From e5a48c929bd825f4f51e7a458502f8f4ab7699a3 Mon Sep 17 00:00:00 2001 From: Jason Grimes Date: Wed, 5 Jun 2013 23:59:29 -0400 Subject: [PATCH 12/54] Make determineAccessToken() public in order to check if an access token was sent before checking its validity. --- src/League/OAuth2/Server/Resource.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/League/OAuth2/Server/Resource.php b/src/League/OAuth2/Server/Resource.php index 49f149ee..bc02b961 100644 --- a/src/League/OAuth2/Server/Resource.php +++ b/src/League/OAuth2/Server/Resource.php @@ -242,7 +242,7 @@ class Resource * @throws Exception\MissingAccessTokenException Thrown if there is no access token presented * @return string */ - protected function determineAccessToken($headersOnly = false) + public function determineAccessToken($headersOnly = false) { if ($header = $this->getRequest()->header('Authorization')) { // Check for special case, because cURL sometimes does an From ca4e7499864f1ff1616432b7560c410ae207888c Mon Sep 17 00:00:00 2001 From: "Garrett St. John" Date: Thu, 6 Jun 2013 13:09:15 -0700 Subject: [PATCH 13/54] Fix to docblocks --- src/League/OAuth2/Server/Storage/SessionInterface.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/League/OAuth2/Server/Storage/SessionInterface.php b/src/League/OAuth2/Server/Storage/SessionInterface.php index 08cd4c53..0f2b8f25 100644 --- a/src/League/OAuth2/Server/Storage/SessionInterface.php +++ b/src/League/OAuth2/Server/Storage/SessionInterface.php @@ -74,7 +74,7 @@ interface SessionInterface * @param int $sessionId The session ID * @param string $accessToken The access token * @param int $expireTime Unix timestamp of the access token expiry time - * @return void + * @return int The access token ID */ public function associateAccessToken($sessionId, $accessToken, $expireTime); From 8f15158d1c94201842fdb14ad71cd1348e1e1284 Mon Sep 17 00:00:00 2001 From: "Garrett St. John" Date: Thu, 6 Jun 2013 14:00:17 -0700 Subject: [PATCH 14/54] Fix to docblocks --- src/League/OAuth2/Server/Storage/SessionInterface.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/League/OAuth2/Server/Storage/SessionInterface.php b/src/League/OAuth2/Server/Storage/SessionInterface.php index 0f2b8f25..051c4dbb 100644 --- a/src/League/OAuth2/Server/Storage/SessionInterface.php +++ b/src/League/OAuth2/Server/Storage/SessionInterface.php @@ -315,7 +315,8 @@ interface SessionInterface * * array ( * array( - * 'key' => (string), + * 'id' => (int), + * 'scope' => (string), * 'name' => (string), * 'description' => (string) * ), From 307964d571014706a0346c31255b7b3bbed98c0d Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Tue, 18 Jun 2013 18:27:34 +0100 Subject: [PATCH 15/54] Fixed missing $this --- src/League/OAuth2/Server/Storage/DBAL/Session.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/League/OAuth2/Server/Storage/DBAL/Session.php b/src/League/OAuth2/Server/Storage/DBAL/Session.php index 58f8e515..7423601f 100644 --- a/src/League/OAuth2/Server/Storage/DBAL/Session.php +++ b/src/League/OAuth2/Server/Storage/DBAL/Session.php @@ -150,7 +150,7 @@ class Session implements SessionInterface public function getAuthCodeScopes($oauthSessionAuthCodeId) { - $stmt = $db->prepare('SELECT scope_id FROM `oauth_session_authcode_scopes` WHERE oauth_session_authcode_id = :authCodeId'); + $stmt = $this->db->prepare('SELECT scope_id FROM `oauth_session_authcode_scopes` WHERE oauth_session_authcode_id = :authCodeId'); $stmt->bindValue(':authCodeId', $oauthSessionAuthCodeId); $stmt->execute(); From f1567df802094d510edf5efc57b33cfcfce7755e Mon Sep 17 00:00:00 2001 From: Philip Brown Date: Wed, 17 Jul 2013 11:40:06 +0100 Subject: [PATCH 16/54] Set $grantType default --- src/League/OAuth2/Server/Storage/Fluent/Client.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/League/OAuth2/Server/Storage/Fluent/Client.php b/src/League/OAuth2/Server/Storage/Fluent/Client.php index b8adeb0a..cf0544d3 100644 --- a/src/League/OAuth2/Server/Storage/Fluent/Client.php +++ b/src/League/OAuth2/Server/Storage/Fluent/Client.php @@ -7,7 +7,7 @@ use \League\OAuth2\Server\Storage\ClientInterface; class Client implements ClientInterface { - public function getClient($clientId, $clientSecret = null, $redirectUri = null, $grantType) + public function getClient($clientId, $clientSecret = null, $redirectUri = null, $grantType = null) { if ( ! is_null($redirectUri) && is_null($clientSecret)) { $result = DB::table('oauth_clients') @@ -41,4 +41,4 @@ class Client implements ClientInterface { ); } -} \ No newline at end of file +} From 5c21370691b43414da05d142c866eb66064be893 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Fri, 26 Jul 2013 10:55:56 +0100 Subject: [PATCH 17/54] Added `satooshi/php-coveralls` to composer.json [ci skip] --- composer.json | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/composer.json b/composer.json index 11ac8a95..df5056c5 100644 --- a/composer.json +++ b/composer.json @@ -8,7 +8,8 @@ "php": ">=5.3.0" }, "require-dev": { - "mockery/mockery": ">=0.7.2" + "mockery/mockery": ">=0.7.2", + "satooshi/php-coveralls": "dev-master" }, "repositories": [ { @@ -46,4 +47,4 @@ "zetacomponents/database": "A PDO implementation of the storage classes", "doctrine/dbal": "A Doctrine/DBAL implementation of the storage classes" } -} \ No newline at end of file +} From 4170f4e841af84a0315b44883ddafc1a47ff1643 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Fri, 26 Jul 2013 10:56:23 +0100 Subject: [PATCH 18/54] Update .travis.yml --- .travis.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 4f428b5f..10a78ac1 100644 --- a/.travis.yml +++ b/.travis.yml @@ -5,4 +5,7 @@ php: - 5.4 before_script: composer install --dev -script: phpunit \ No newline at end of file +script: phpunit + +after_script: + - php vendor/bin/coveralls -v From 6324a97118a3b5ebb43cde76bac755a2a9cdf07a Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Fri, 26 Jul 2013 11:08:24 +0100 Subject: [PATCH 19/54] Added badges [ci skip] --- README.md | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index efe36404..797e18f5 100644 --- a/README.md +++ b/README.md @@ -14,6 +14,17 @@ The framework is provided as a Composer package which can be installed by adding } ``` +#### Master branch + +Latest stable version - [![Latest Stable Version](https://poser.pugx.org/league/oauth2-server/v/stable.png)](https://packagist.org/packages/league/oauth2-server) +Code coverage - [![Coverage Status](https://coveralls.io/repos/php-loep/oauth2-server/badge.png?branch=master)](https://coveralls.io/r/php-loep/oauth2-server?branch=master) +Downloads - [![Total Downloads](https://poser.pugx.org/league/oauth2-server/downloads.png)](https://packagist.org/packages/league/oauth2-server) + +#### Develop branch + +Latest unstable version - [![Latest Unstable Version](https://poser.pugx.org/league/oauth2-server/v/unstable.png)](https://packagist.org/packages/league/oauth2-server) +Code coverage - [![Coverage Status](https://coveralls.io/repos/php-loep/oauth2-server/badge.png?branch=develop)](https://coveralls.io/r/php-loep/oauth2-server?branch=develop) + --- The library features 100% unit test code coverage. To run the tests yourself run `phpunit` from the project root. @@ -64,4 +75,4 @@ The initial code was developed as part of the [Linkey](http://linkey.blogs.linco This code is principally developed and maintained by [@alexbilbie](https://twitter.com/alexbilbie). -A list of contributors can be found at [https://github.com/php-loep/oauth2-server/contributors](https://github.com/php-loep/oauth2-server/contributors). \ No newline at end of file +A list of contributors can be found at [https://github.com/php-loep/oauth2-server/contributors](https://github.com/php-loep/oauth2-server/contributors). From cfc61147e1ca27296ed27e8253022b88184d839f Mon Sep 17 00:00:00 2001 From: toopay Date: Sat, 27 Jul 2013 06:29:46 +0700 Subject: [PATCH 20/54] Add phpunit coverage listener --- composer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/composer.json b/composer.json index df5056c5..9ddbb263 100644 --- a/composer.json +++ b/composer.json @@ -9,7 +9,7 @@ }, "require-dev": { "mockery/mockery": ">=0.7.2", - "satooshi/php-coveralls": "dev-master" + "league/phpunit-coverage-listener": "~1.0" }, "repositories": [ { From 84afff9ad2edf540d13a96f96e0eaef5d3b752a5 Mon Sep 17 00:00:00 2001 From: toopay Date: Sat, 27 Jul 2013 06:31:15 +0700 Subject: [PATCH 21/54] Default phpunit config that will be ignored if phpunit.xml exists --- phpunit.xml.dist | 55 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 55 insertions(+) create mode 100644 phpunit.xml.dist diff --git a/phpunit.xml.dist b/phpunit.xml.dist new file mode 100644 index 00000000..796f4c11 --- /dev/null +++ b/phpunit.xml.dist @@ -0,0 +1,55 @@ + + + + + tests/authorization + + + tests/resource + + + tests/util + + + + + PEAR_INSTALL_DIR + PHP_LIBDIR + vendor/composer + vendor/mockery + vendor/phpunit + tests + testing + + + + + + + + + + + + + + + + + + League\OAuth2\Server + + + DtNuuOrBh1QBXVyRqmVldC2Au11DVti9n + + + https://coveralls.io/api/v1/jobs + + + /tmp + + + + + + \ No newline at end of file From 701010b1299c5a916fe5d741fe8574f4967fe445 Mon Sep 17 00:00:00 2001 From: toopay Date: Sat, 27 Jul 2013 06:32:04 +0700 Subject: [PATCH 22/54] Update travis --- .travis.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.travis.yml b/.travis.yml index 10a78ac1..43b44f7c 100644 --- a/.travis.yml +++ b/.travis.yml @@ -5,7 +5,5 @@ php: - 5.4 before_script: composer install --dev -script: phpunit -after_script: - - php vendor/bin/coveralls -v +script: phpunit --configuration phpunit.xml.dist \ No newline at end of file From 78d65e102a77bfdbff7e97504b59de60396a5088 Mon Sep 17 00:00:00 2001 From: toopay Date: Sat, 27 Jul 2013 06:47:10 +0700 Subject: [PATCH 23/54] update travis --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 43b44f7c..fe433bfd 100644 --- a/.travis.yml +++ b/.travis.yml @@ -4,6 +4,6 @@ php: - 5.3 - 5.4 -before_script: composer install --dev +before_script: composer install --prefer-source script: phpunit --configuration phpunit.xml.dist \ No newline at end of file From 9a3a91760a1c0bd6a7d406cb8b5a50582f845f82 Mon Sep 17 00:00:00 2001 From: toopay Date: Sat, 27 Jul 2013 06:47:21 +0700 Subject: [PATCH 24/54] Update composer --- composer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/composer.json b/composer.json index 9ddbb263..5a396bd6 100644 --- a/composer.json +++ b/composer.json @@ -9,7 +9,7 @@ }, "require-dev": { "mockery/mockery": ">=0.7.2", - "league/phpunit-coverage-listener": "~1.0" + "league/phpunit-coverage-listener": "dev-master" }, "repositories": [ { From 1e28faabb96b9c71f753b99e76d55c4a2d242158 Mon Sep 17 00:00:00 2001 From: toopay Date: Sat, 27 Jul 2013 06:56:40 +0700 Subject: [PATCH 25/54] Blacklist all vendors --- phpunit.xml.dist | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/phpunit.xml.dist b/phpunit.xml.dist index 796f4c11..d4a74369 100644 --- a/phpunit.xml.dist +++ b/phpunit.xml.dist @@ -15,9 +15,7 @@ PEAR_INSTALL_DIR PHP_LIBDIR - vendor/composer - vendor/mockery - vendor/phpunit + vendor tests testing From e1f09db6af5892ab67ad1a58243d715c5c9c1eb2 Mon Sep 17 00:00:00 2001 From: toopay Date: Sat, 27 Jul 2013 07:34:46 +0700 Subject: [PATCH 26/54] update composer --- composer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/composer.json b/composer.json index 5a396bd6..9ddbb263 100644 --- a/composer.json +++ b/composer.json @@ -9,7 +9,7 @@ }, "require-dev": { "mockery/mockery": ">=0.7.2", - "league/phpunit-coverage-listener": "dev-master" + "league/phpunit-coverage-listener": "~1.0" }, "repositories": [ { From 55b86e26addf71f458db5dcc7619135e7de5a06a Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Tue, 30 Jul 2013 10:10:29 +0100 Subject: [PATCH 27/54] [ci skip] --- phpunit.xml.dist | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/phpunit.xml.dist b/phpunit.xml.dist index d4a74369..8e27895c 100644 --- a/phpunit.xml.dist +++ b/phpunit.xml.dist @@ -1,5 +1,5 @@ - + tests/authorization @@ -50,4 +50,4 @@ - \ No newline at end of file + From 8fa7b303fa4ac0d33f8a03ba14ae9c2123481a7f Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Tue, 30 Jul 2013 10:10:59 +0100 Subject: [PATCH 28/54] Added Nyan printer for the lolz --- composer.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/composer.json b/composer.json index 9ddbb263..96cb516d 100644 --- a/composer.json +++ b/composer.json @@ -9,7 +9,8 @@ }, "require-dev": { "mockery/mockery": ">=0.7.2", - "league/phpunit-coverage-listener": "~1.0" + "league/phpunit-coverage-listener": "~1.0", + "whatthejeff/nyancat-phpunit-resultprinter": "~1.1" }, "repositories": [ { From 8a42bc796f3f8a167bc86a6a2c85636e7cb2aaf2 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Tue, 30 Jul 2013 10:13:47 +0100 Subject: [PATCH 29/54] Removed printer [ci skip] --- phpunit.xml.dist | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpunit.xml.dist b/phpunit.xml.dist index 8e27895c..bc2e166c 100644 --- a/phpunit.xml.dist +++ b/phpunit.xml.dist @@ -1,5 +1,5 @@ - + tests/authorization From 56f63bb4c0e86ec35639c187c559296d73946306 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Tue, 30 Jul 2013 10:17:59 +0100 Subject: [PATCH 30/54] Added printer, don't test anything in vendor/ --- phpunit.xml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/phpunit.xml b/phpunit.xml index 219005bc..79822fea 100644 --- a/phpunit.xml +++ b/phpunit.xml @@ -1,5 +1,5 @@ - + tests/authorization @@ -15,9 +15,7 @@ PEAR_INSTALL_DIR PHP_LIBDIR - vendor/composer - vendor/mockery - vendor/phpunit + vendor tests testing @@ -28,4 +26,4 @@ - \ No newline at end of file + From f612e105bd93814a8c2306e413ebd8b8d3d0d6d8 Mon Sep 17 00:00:00 2001 From: nhorvath Date: Fri, 2 Aug 2013 14:51:13 -0400 Subject: [PATCH 31/54] Update Implicit.php Fix typo in class name. Change "Implict" to "Implicit" --- src/League/OAuth2/Server/Grant/Implicit.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/League/OAuth2/Server/Grant/Implicit.php b/src/League/OAuth2/Server/Grant/Implicit.php index c3f39c09..f8d1f7e7 100644 --- a/src/League/OAuth2/Server/Grant/Implicit.php +++ b/src/League/OAuth2/Server/Grant/Implicit.php @@ -22,7 +22,7 @@ use League\OAuth2\Server\Storage\ScopeInterface; /** * Client credentials grant class */ -class Implict implements GrantTypeInterface { +class Implicit implements GrantTypeInterface { /** * Grant identifier @@ -104,4 +104,4 @@ class Implict implements GrantTypeInterface { return $response; } -} \ No newline at end of file +} From 69710a5909edaece3bd55b2c559fe701c55086cf Mon Sep 17 00:00:00 2001 From: Dave Widmer Date: Tue, 20 Aug 2013 11:40:02 -0400 Subject: [PATCH 32/54] Normalizing headers to a Ucfirst-With-Dashes format. --- src/League/OAuth2/Server/Util/Request.php | 39 ++++++++++++++++++++++- tests/util/RequestTest.php | 14 ++++++++ 2 files changed, 52 insertions(+), 1 deletion(-) diff --git a/src/League/OAuth2/Server/Util/Request.php b/src/League/OAuth2/Server/Util/Request.php index 9f66a920..548bf252 100644 --- a/src/League/OAuth2/Server/Util/Request.php +++ b/src/League/OAuth2/Server/Util/Request.php @@ -39,6 +39,8 @@ class Request implements RequestInterface if (empty($headers)) { $this->headers = $this->readHeaders(); + } else { + $this->headers = $this->normalizeHeaders($headers); } } @@ -88,7 +90,7 @@ class Request implements RequestInterface } } - return $headers; + return $this->normalizeHeaders($headers); } protected function getPropertyValue($property, $index = null, $default = null) @@ -106,4 +108,39 @@ class Request implements RequestInterface return $this->{$property}[$index]; } + + /** + * Takes all of the headers and normalizes them in a canonical form. + * + * @param array $headers The request headers. + * @return array An arry of headers with the header name normalized + */ + protected function normalizeHeaders(array $headers) + { + $normalized = array(); + foreach ($headers as $key => $value) { + $normalized[$this->normalizeKey($key)] = $value; + } + + return $normalized; + } + + /** + * Transform header name into canonical form + * + * Taken from the Slim codebase... + * + * @param string $key + * @return string + */ + protected function normalizeKey($key) + { + $key = strtolower($key); + $key = str_replace(array('-', '_'), ' ', $key); + $key = preg_replace('#^http #', '', $key); + $key = ucwords($key); + $key = str_replace(' ', '-', $key); + + return $key; + } } \ No newline at end of file diff --git a/tests/util/RequestTest.php b/tests/util/RequestTest.php index 1b4f144b..205c70ad 100644 --- a/tests/util/RequestTest.php +++ b/tests/util/RequestTest.php @@ -59,6 +59,20 @@ class Request_test extends PHPUnit_Framework_TestCase $this->assertEquals(array('Host' => 'foobar.com'), $this->request->header()); } + function test_canonical_header() + { + $request = new League\OAuth2\Server\Util\Request( + array('foo' => 'bar'), + array('foo' => 'bar'), + array('foo' => 'bar'), + array('foo' => 'bar'), + array('HTTP_HOST' => 'foobar.com'), + array('authorization' => 'Bearer ajdfkljadslfjasdlkj') + ); + + $this->assertEquals('Bearer ajdfkljadslfjasdlkj', $request->header('Authorization')); + } + /** * @expectedException InvalidArgumentException */ From 69531c3eb5ebd0a923c2b8f6f4d1229c89ce1e43 Mon Sep 17 00:00:00 2001 From: Matthew Hailwood Date: Wed, 4 Sep 2013 12:38:45 +1200 Subject: [PATCH 33/54] Adding auto_approve field to client details array. --- src/League/OAuth2/Server/Storage/PDO/Client.php | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/src/League/OAuth2/Server/Storage/PDO/Client.php b/src/League/OAuth2/Server/Storage/PDO/Client.php index 1fcb3642..d56a540f 100644 --- a/src/League/OAuth2/Server/Storage/PDO/Client.php +++ b/src/League/OAuth2/Server/Storage/PDO/Client.php @@ -11,17 +11,17 @@ class Client implements ClientInterface $db = \ezcDbInstance::get(); if ( ! is_null($redirectUri) && is_null($clientSecret)) { - $stmt = $db->prepare('SELECT oauth_clients.id, oauth_clients.secret, oauth_client_endpoints.redirect_uri, oauth_clients.name FROM oauth_clients LEFT JOIN oauth_client_endpoints ON oauth_client_endpoints.client_id = oauth_clients.id WHERE oauth_clients.id = :clientId AND oauth_client_endpoints.redirect_uri = :redirectUri'); + $stmt = $db->prepare('SELECT oauth_clients.id, oauth_clients.secret, oauth_client_endpoints.redirect_uri, oauth_clients.name, oauth_clients.auto_approve FROM oauth_clients LEFT JOIN oauth_client_endpoints ON oauth_client_endpoints.client_id = oauth_clients.id WHERE oauth_clients.id = :clientId AND oauth_client_endpoints.redirect_uri = :redirectUri'); $stmt->bindValue(':redirectUri', $redirectUri); } elseif ( ! is_null($clientSecret) && is_null($redirectUri)) { - $stmt = $db->prepare('SELECT oauth_clients.id, oauth_clients.secret, oauth_clients.name FROM oauth_clients WHERE oauth_clients.id = :clientId AND oauth_clients.secret = :clientSecret'); + $stmt = $db->prepare('SELECT oauth_clients.id, oauth_clients.secret, oauth_clients.name, oauth_clients.auto_approve FROM oauth_clients WHERE oauth_clients.id = :clientId AND oauth_clients.secret = :clientSecret'); $stmt->bindValue(':clientSecret', $clientSecret); } elseif ( ! is_null($clientSecret) && ! is_null($redirectUri)) { - $stmt = $db->prepare('SELECT oauth_clients.id, oauth_clients.secret, oauth_client_endpoints.redirect_uri, oauth_clients.name FROM oauth_clients LEFT JOIN oauth_client_endpoints ON oauth_client_endpoints.client_id = oauth_clients.id WHERE oauth_clients.id = :clientId AND oauth_clients.secret = :clientSecret AND oauth_client_endpoints.redirect_uri = :redirectUri'); + $stmt = $db->prepare('SELECT oauth_clients.id, oauth_clients.secret, oauth_client_endpoints.redirect_uri, oauth_clients.name, oauth_clients.auto_approve FROM oauth_clients LEFT JOIN oauth_client_endpoints ON oauth_client_endpoints.client_id = oauth_clients.id WHERE oauth_clients.id = :clientId AND oauth_clients.secret = :clientSecret AND oauth_client_endpoints.redirect_uri = :redirectUri'); $stmt->bindValue(':redirectUri', $redirectUri); $stmt->bindValue(':clientSecret', $clientSecret); } @@ -39,7 +39,8 @@ class Client implements ClientInterface 'client_id' => $row->id, 'client_secret' => $row->secret, 'redirect_uri' => (isset($row->redirect_uri)) ? $row->redirect_uri : null, - 'name' => $row->name + 'name' => $row->name, + 'auto_approve' => $row->auto_approve ); } -} \ No newline at end of file +} From e5dc3001c4661b948d57f2bea80c3617c1722348 Mon Sep 17 00:00:00 2001 From: Matthew Hailwood Date: Wed, 4 Sep 2013 12:43:12 +1200 Subject: [PATCH 34/54] Update ClientInterface.php --- .../OAuth2/Server/Storage/ClientInterface.php | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/src/League/OAuth2/Server/Storage/ClientInterface.php b/src/League/OAuth2/Server/Storage/ClientInterface.php index 72538561..ac1a485c 100644 --- a/src/League/OAuth2/Server/Storage/ClientInterface.php +++ b/src/League/OAuth2/Server/Storage/ClientInterface.php @@ -20,19 +20,21 @@ interface ClientInterface * * * # Client ID + redirect URI - * SELECT oauth_clients.id, oauth_clients.secret, oauth_client_endpoints.redirect_uri, oauth_clients.name + * SELECT oauth_clients.id, oauth_clients.secret, oauth_client_endpoints.redirect_uri, oauth_clients.name, + * oauth_clients.auto_approve * FROM oauth_clients LEFT JOIN oauth_client_endpoints ON oauth_client_endpoints.client_id = oauth_clients.id * WHERE oauth_clients.id = :clientId AND oauth_client_endpoints.redirect_uri = :redirectUri * * # Client ID + client secret - * SELECT oauth_clients.id, oauth_clients.secret, oauth_clients.name FROM oauth_clients WHERE - * oauth_clients.id = :clientId AND oauth_clients.secret = :clientSecret + * SELECT oauth_clients.id, oauth_clients.secret, oauth_clients.name, oauth_clients.auto_approve FROM oauth_clients + * WHERE oauth_clients.id = :clientId AND oauth_clients.secret = :clientSecret * * # Client ID + client secret + redirect URI - * SELECT oauth_clients.id, oauth_clients.secret, oauth_client_endpoints.redirect_uri, oauth_clients.name FROM - * oauth_clients LEFT JOIN oauth_client_endpoints ON oauth_client_endpoints.client_id = oauth_clients.id - * WHERE oauth_clients.id = :clientId AND oauth_clients.secret = :clientSecret AND - * oauth_client_endpoints.redirect_uri = :redirectUri + * SELECT oauth_clients.id, oauth_clients.secret, oauth_client_endpoints.redirect_uri, oauth_clients.name, + * oauth_clients.auto_approve FROM oauth_clients LEFT JOIN oauth_client_endpoints + * ON oauth_client_endpoints.client_id = oauth_clients.id + * WHERE oauth_clients.id = :clientId AND oauth_clients.secret = :clientSecret AND + * oauth_client_endpoints.redirect_uri = :redirectUri * * * Response: @@ -44,6 +46,7 @@ interface ClientInterface * [client secret] => (string) The client secret * [redirect_uri] => (string) The redirect URI used in this request * [name] => (string) The name of the client + * [auto_approve] => (bool) Whether the client should auto approve * ) * * @@ -54,4 +57,4 @@ interface ClientInterface * @return bool|array Returns false if the validation fails, array on success */ public function getClient($clientId, $clientSecret = null, $redirectUri = null, $grantType = null); -} \ No newline at end of file +} From cfbb037e071d3f52c308e026f609ea6307da1b15 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Fri, 6 Sep 2013 10:39:08 +0100 Subject: [PATCH 35/54] Removed all code coverage output except text to stdout --- phpunit.xml | 3 --- 1 file changed, 3 deletions(-) diff --git a/phpunit.xml b/phpunit.xml index 79822fea..ba590a71 100644 --- a/phpunit.xml +++ b/phpunit.xml @@ -21,9 +21,6 @@ - - - From a2bf4e0dfb681754866670d8131c8c25f09c50e5 Mon Sep 17 00:00:00 2001 From: Dave Widmer Date: Fri, 6 Sep 2013 09:14:24 -0400 Subject: [PATCH 36/54] Removing constructor and buildFromGlobals from RequestInterface. Fixes: #88 --- src/League/OAuth2/Server/Util/RequestInterface.php | 4 ---- 1 file changed, 4 deletions(-) diff --git a/src/League/OAuth2/Server/Util/RequestInterface.php b/src/League/OAuth2/Server/Util/RequestInterface.php index 820ce911..00b8dc8e 100644 --- a/src/League/OAuth2/Server/Util/RequestInterface.php +++ b/src/League/OAuth2/Server/Util/RequestInterface.php @@ -14,10 +14,6 @@ namespace League\OAuth2\Server\Util; interface RequestInterface { - public static function buildFromGlobals(); - - public function __construct(array $get = array(), array $post = array(), array $cookies = array(), array $files = array(), array $server = array(), $headers = array()); - public function get($index = null); public function post($index = null); From 4985770d07bbe256df7048584aaa9763f13164f2 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Sat, 7 Sep 2013 17:59:34 +0100 Subject: [PATCH 37/54] Gave "bearer" a capital "B" --- src/League/OAuth2/Server/Grant/ClientCredentials.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/League/OAuth2/Server/Grant/ClientCredentials.php b/src/League/OAuth2/Server/Grant/ClientCredentials.php index 363dfb53..3d962ee9 100644 --- a/src/League/OAuth2/Server/Grant/ClientCredentials.php +++ b/src/League/OAuth2/Server/Grant/ClientCredentials.php @@ -163,7 +163,7 @@ class ClientCredentials implements GrantTypeInterface { $response = array( 'access_token' => $accessToken, - 'token_type' => 'bearer', + 'token_type' => 'Bearer', 'expires' => $accessTokenExpires, 'expires_in' => $accessTokenExpiresIn ); From 0b55dc4c019be63404477aecf67d0c8760f366bd Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Sat, 7 Sep 2013 17:59:44 +0100 Subject: [PATCH 38/54] Gave "bearer" a capital "B" --- src/League/OAuth2/Server/Grant/AuthCode.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/League/OAuth2/Server/Grant/AuthCode.php b/src/League/OAuth2/Server/Grant/AuthCode.php index 70447a41..08f1a7c2 100644 --- a/src/League/OAuth2/Server/Grant/AuthCode.php +++ b/src/League/OAuth2/Server/Grant/AuthCode.php @@ -276,7 +276,7 @@ class AuthCode implements GrantTypeInterface { $response = array( 'access_token' => $accessToken, - 'token_type' => 'bearer', + 'token_type' => 'Bearer', 'expires' => $accessTokenExpires, 'expires_in' => $accessTokenExpiresIn ); @@ -292,4 +292,4 @@ class AuthCode implements GrantTypeInterface { return $response; } -} \ No newline at end of file +} From ad97273455b747a953728ca43eb4617efdef827b Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Sat, 7 Sep 2013 18:00:13 +0100 Subject: [PATCH 39/54] Gave "bearer" a capital "B". Fixes #96 --- src/League/OAuth2/Server/Grant/Password.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/League/OAuth2/Server/Grant/Password.php b/src/League/OAuth2/Server/Grant/Password.php index 9cbb90e9..316f22c5 100644 --- a/src/League/OAuth2/Server/Grant/Password.php +++ b/src/League/OAuth2/Server/Grant/Password.php @@ -206,7 +206,7 @@ class Password implements GrantTypeInterface { $response = array( 'access_token' => $accessToken, - 'token_type' => 'bearer', + 'token_type' => 'Bearer', 'expires' => $accessTokenExpires, 'expires_in' => $accessTokenExpiresIn ); @@ -222,4 +222,4 @@ class Password implements GrantTypeInterface { return $response; } -} \ No newline at end of file +} From 23627c659e05da633619c2d846462ca55af1bcc0 Mon Sep 17 00:00:00 2001 From: Daniel Schniepp Date: Wed, 25 Sep 2013 16:59:45 +0200 Subject: [PATCH 40/54] Fixed issues with returns and columns --- .../OAuth2/Server/Storage/Fluent/Client.php | 49 +++--- .../OAuth2/Server/Storage/Fluent/Scope.php | 12 +- .../OAuth2/Server/Storage/Fluent/Session.php | 150 +++++++++--------- 3 files changed, 108 insertions(+), 103 deletions(-) diff --git a/src/League/OAuth2/Server/Storage/Fluent/Client.php b/src/League/OAuth2/Server/Storage/Fluent/Client.php index cf0544d3..4a26a513 100644 --- a/src/League/OAuth2/Server/Storage/Fluent/Client.php +++ b/src/League/OAuth2/Server/Storage/Fluent/Client.php @@ -7,26 +7,32 @@ use \League\OAuth2\Server\Storage\ClientInterface; class Client implements ClientInterface { - public function getClient($clientId, $clientSecret = null, $redirectUri = null, $grantType = null) - { - if ( ! is_null($redirectUri) && is_null($clientSecret)) { + public function getClient($clientId, $clientSecret = null, $redirectUri = null, $grantType = null) { + + + if (!is_null($redirectUri) && is_null($clientSecret)) { $result = DB::table('oauth_clients') - ->join('oauth_client_endpoints', 'oauth_clients.id', '=', 'oauth_client_endpoints.client_id') - ->where('oauth_clients.id', $clientId) - ->where('oauth_client_endpoints.redirect_uri', $redirectUri) - ->first(); - } elseif ( ! is_null($clientSecret) && is_null($redirectUri)) { + ->join('oauth_client_endpoints', 'oauth_clients.id', '=', 'oauth_client_endpoints.client_id') + ->where('oauth_clients.id', $clientId) + ->where('oauth_client_endpoints.redirect_uri', $redirectUri) + ->first(); + + } elseif (!is_null($clientSecret) && is_null($redirectUri)) { $result = DB::table('oauth_clients') - ->where('id', $clientId) - ->where('secret', $clientSecret) - ->first(); - } elseif ( ! is_null($clientSecret) && ! is_null($redirectUri)) { + ->where('id', $clientId) + ->where('secret', $clientSecret) + ->first(); + + } elseif (!is_null($clientSecret) && !is_null($redirectUri)) { + $queries = DB::getQueryLog(); + $result = DB::table('oauth_clients') - ->join('oauth_client_endpoints', 'oauth_clients.id', '=', 'oauth_client_endpoints.client_id') - ->where('oauth_clients.id', $clientId) - ->where('oauth_clients.secret', $clientSecret) - ->where('oauth_client_endpoints.redirect_uri', $redirectUri) - ->first(); + ->join('oauth_client_endpoints', 'oauth_clients.id', '=', 'oauth_client_endpoints.client_id') + ->where('oauth_clients.id', $clientId) + ->where('oauth_clients.secret', $clientSecret) + ->where('oauth_client_endpoints.redirect_uri', $redirectUri) + ->first(); + } if (is_null($result)) { @@ -34,10 +40,11 @@ class Client implements ClientInterface { } return array( - 'client_id' => $result->id, - 'client_secret' => $result->secret, - 'redirect_uri' => (isset($result->redirect_uri)) ? $result->redirect_uri : null, - 'name' => $result->name + 'client_id' => $result->id, + 'client_secret' => $result->secret, + 'redirect_uri' => (isset($result->redirect_uri)) ? $result->redirect_uri : null, + 'name' => $result->name, + 'auto_approve' => $result->auto_approve ); } diff --git a/src/League/OAuth2/Server/Storage/Fluent/Scope.php b/src/League/OAuth2/Server/Storage/Fluent/Scope.php index a68b7afd..636a59df 100644 --- a/src/League/OAuth2/Server/Storage/Fluent/Scope.php +++ b/src/League/OAuth2/Server/Storage/Fluent/Scope.php @@ -7,11 +7,10 @@ use \League\OAuth2\Server\Storage\ScopeInterface; class Scope implements ScopeInterface { - public function getScope($scope, $clientId = null, $grantType = null) - { - $result = DB::table('oauth_scopes') - ->where('key', $scope) - ->first(); + public function getScope($scope, $clientId = null, $grantType = null) { + $result = DB::table('oauth_scopes') + ->where('scope', $scope) + ->first(); if (is_null($result)) { return false; @@ -19,9 +18,10 @@ class Scope implements ScopeInterface { return array( 'id' => $result->id, - 'scope' => $result->key, + 'scope' => $result->scope, 'name' => $result->name, 'description' => $result->description ); } + } \ No newline at end of file diff --git a/src/League/OAuth2/Server/Storage/Fluent/Session.php b/src/League/OAuth2/Server/Storage/Fluent/Session.php index e188d2ee..5625ebb1 100644 --- a/src/League/OAuth2/Server/Storage/Fluent/Session.php +++ b/src/League/OAuth2/Server/Storage/Fluent/Session.php @@ -7,123 +7,118 @@ use \League\OAuth2\Server\Storage\SessionInterface; class Session implements SessionInterface { - public function createSession($clientId, $ownerType, $ownerId) - { - return DB::table('oauth_sessions')->insertGetId(array( + public function createSession($clientId, $ownerType, $ownerId) { + return DB::table('oauth_sessions')->insertGetId([ 'client_id' => $clientId, 'owner_type' => $ownerType, 'owner_id' => $ownerId - )); + ]); } - public function deleteSession($clientId, $ownerType, $ownerId) - { + public function deleteSession($clientId, $ownerType, $ownerId) { DB::table('oauth_sessions') - ->where('client_id', $clientId) - ->where('owner_type', $ownerType) - ->where('owner_id', $ownerId) - ->delete(); + ->where('client_id', $clientId) + ->where('owner_type', $ownerType) + ->where('owner_id', $ownerId) + ->delete(); } - public function associateRedirectUri($sessionId, $redirectUri) - { - DB::table('oauth_session_redirects')->insert(array( + public function associateRedirectUri($sessionId, $redirectUri) { + DB::table('oauth_session_redirects')->insert([ 'session_id' => $sessionId, 'redirect_uri' => $redirectUri, - )); + ]); } - public function associateAccessToken($sessionId, $accessToken, $expireTime) - { - return DB::table('oauth_session_access_tokens')->insertGetId(array( + public function associateAccessToken($sessionId, $accessToken, $expireTime) { + return DB::table('oauth_session_access_tokens')->insertGetId([ 'session_id' => $sessionId, 'access_token' => $accessToken, 'access_token_expires' => $expireTime, - )); + ]); } - public function associateRefreshToken($accessTokenId, $refreshToken, $expireTime, $clientId) - { - DB::table('oauth_session_refresh_tokens')->insert(array( + public function associateRefreshToken($accessTokenId, $refreshToken, $expireTime, $clientId) { + DB::table('oauth_session_refresh_tokens')->insert([ 'session_access_token_id' => $accessTokenId, 'refresh_token' => $refreshToken, 'refresh_token_expires' => $expireTime, 'client_id' => $clientId, - )); + ]); } - public function associateAuthCode($sessionId, $authCode, $expireTime) - { - DB::table('oauth_session_authcodes')->insert(array( + public function associateAuthCode($sessionId, $authCode, $expireTime) { + + + DB::table('oauth_session_authcodes')->insert([ 'session_id' => $sessionId, 'auth_code' => $authCode, 'auth_code_expires' => $expireTime - )); + ]); + + return DB::table('oauth_session_authcodes')->where('auth_code',$authCode)->first()->id; + } - public function removeAuthCode($sessionId) - { + public function removeAuthCode($sessionId) { DB::table('oauth_session_authcodes') - ->where('session_id', $sessionId) - ->delete(); + ->where('session_id', $sessionId) + ->delete(); } - public function validateAuthCode($clientId, $redirectUri, $authCode) - { + public function validateAuthCode($clientId, $redirectUri, $authCode) { $result = DB::table('oauth_sessions') - ->select(array('oauth_sessions.id as session_id', 'oauth_session_authcodes.id as authcode_id')) - ->join('oauth_session_authcodes', 'oauth_sessions.id', '=', 'oauth_session_authcodes.session_id') - ->join('oauth_session_redirects', 'oauth_sessions.id', '=', 'oauth_session_redirects.session_id') - ->where('oauth_sessions.client_id', $clientId) - ->where('oauth_session_authcodes.auth_code', $authCode) - ->where('oauth_session_authcodes.auth_code_expires', '>=', time()) - ->where('oauth_session_redirects.redirect_uri', $redirectUri) - ->first(); - + ->select(['oauth_sessions.id as session_id', 'oauth_session_authcodes.id as authcode_id']) + ->join('oauth_session_authcodes', 'oauth_sessions.id', '=', 'oauth_session_authcodes.session_id') + ->join('oauth_session_redirects', 'oauth_sessions.id', '=', 'oauth_session_redirects.session_id') + ->where('oauth_sessions.client_id', $clientId) + ->where('oauth_session_authcodes.auth_code', $authCode) + ->where('oauth_session_authcodes.auth_code_expires', '>=', time()) + ->where('oauth_session_redirects.redirect_uri', $redirectUri) + ->first(); + return (is_null($result)) ? false : (array) $result; } - public function validateAccessToken($accessToken) - { + public function validateAccessToken($accessToken) { $result = DB::table('oauth_session_access_tokens') - ->join('oauth_sessions', 'oauth_session_access_tokens.session_id', '=', 'oauth_sessions.id') - ->where('access_token', $accessToken) - ->where('access_token_expires', '>=', time()) - ->first(); + ->join('oauth_sessions', 'oauth_session_access_tokens.session_id', '=', 'oauth_sessions.id') + ->where('access_token', $accessToken) + ->where('access_token_expires', '>=', time()) + ->first(); return (is_null($result)) ? false : (array) $result; } - public function validateRefreshToken($refreshToken, $clientId) - { + public function validateRefreshToken($refreshToken, $clientId) { $result = DB::table('oauth_session_refresh_tokens') - ->where('refresh_token', $refreshToken) - ->where('client_id', $clientId) - ->where('refresh_token_expires', '>=', time()) - ->first(); + ->where('refresh_token', $refreshToken) + ->where('client_id', $clientId) + ->where('refresh_token_expires', '>=', time()) + ->first(); return (is_null($result)) ? false : $result->session_access_token_id; } - public function getAccessToken($accessTokenId) - { + public function getAccessToken($accessTokenId) { $result = DB::table('oauth_session_access_tokens') - ->where('id', $accessTokenId) - ->first(); + ->where('id', $accessTokenId) + ->first(); return (is_null($result)) ? false : (array) $result; } - public function associateScope($accessTokenId, $scopeId) - { - DB::table('oauth_session_token_scopes')->insert(array( + public function associateScope($accessTokenId, $scopeId) { + + + + DB::table('oauth_session_token_scopes')->insert([ 'session_access_token_id' => $accessTokenId, 'scope_id' => $scopeId, - )); + ]); } - public function getScopes($accessToken) - { + public function getScopes($accessToken) { return DB::table('oauth_session_token_scopes') ->join('oauth_session_access_tokens', 'oauth_session_token_scopes.session_access_token_id', '=', 'oauth_session_access_tokens.id') ->join('oauth_scopes', 'oauth_session_token_scopes.session_access_token_id', '=', 'oauth_scopes.id') @@ -131,26 +126,29 @@ class Session implements SessionInterface { ->get(); } - public function associateAuthCodeScope($authCodeId, $scopeId) - { - DB::table('oauth_session_authcode_scopes')->insert(array( + public function associateAuthCodeScope($authCodeId, $scopeId) { + + DB::table('oauth_session_authcode_scopes')->insert([ 'oauth_session_authcode_id' => $authCodeId, 'scope_id' => $scopeId - )); + ]); } - public function getAuthCodeScopes($oauthSessionAuthCodeId) - { - return DB::table('oauth_session_authcode_scopes') - ->where('oauth_session_authcode_id', '=', $oauthSessionAuthCodeId) - ->get(); + public function getAuthCodeScopes($oauthSessionAuthCodeId) { + $result = DB::table('oauth_session_authcode_scopes') + ->where('oauth_session_authcode_id', '=', $oauthSessionAuthCodeId) + ->get(); + + return array_map(function($val) + { + return json_decode(json_encode($val), true); + }, $result); } - public function removeRefreshToken($refreshToken) - { + public function removeRefreshToken($refreshToken) { DB::table('oauth_session_refresh_tokens') - ->where('refresh_token', '=', $refreshToken) - ->delete(); + ->where('refresh_token', '=', $refreshToken) + ->delete(); } } \ No newline at end of file From d3158a830b53413ffeb2b82a6bfda5e90113b3b1 Mon Sep 17 00:00:00 2001 From: jlehner Date: Thu, 26 Sep 2013 14:40:56 -0400 Subject: [PATCH 41/54] Update Implicit Grant Type with the following: - Added accessTokenTTL variable and setter method - Updated response in the completeFlow method to include all required parameters per OAuth2 spec - completeFlow function accounts for local grant TTL override --- src/League/OAuth2/Server/Grant/Implicit.php | 24 +++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) diff --git a/src/League/OAuth2/Server/Grant/Implicit.php b/src/League/OAuth2/Server/Grant/Implicit.php index f8d1f7e7..05809e28 100644 --- a/src/League/OAuth2/Server/Grant/Implicit.php +++ b/src/League/OAuth2/Server/Grant/Implicit.php @@ -42,6 +42,12 @@ class Implicit implements GrantTypeInterface { */ protected $authServer = null; + /** + * Access token expires in override + * @var int + */ + protected $accessTokenTTL = null; + /** * Constructor * @param Authorization $authServer Authorization server instance @@ -70,6 +76,16 @@ class Implicit implements GrantTypeInterface { return $this->responseType; } + /** + * Override the default access token expire time + * @param int $accessTokenTTL + * @return void + */ + public function setAccessTokenTTL($accessTokenTTL) + { + $this->accessTokenTTL = $accessTokenTTL; + } + /** * Complete the client credentials grant * @param null|array $inputParams @@ -84,7 +100,8 @@ class Implicit implements GrantTypeInterface { $accessToken = SecureKey::make(); // Compute expiry time - $accessTokenExpires = time() + $this->authServer->getAccessTokenTTL(); + $accessTokenExpiresIn = ($this->accessTokenTTL !== null) ? $this->accessTokenTTL : $this->authServer->getAccessTokenTTL(); + $accessTokenExpires = time() + $accessTokenExpiresIn; // Create a new session $sessionId = $this->authServer->getStorage('session')->createSession($authParams['client_id'], 'user', $authParams['user_id']); @@ -98,7 +115,10 @@ class Implicit implements GrantTypeInterface { } $response = array( - 'access_token' => $accessToken + 'access_token' => $accessToken, + 'token_type' => 'Bearer', + 'expires' => $accessTokenExpires, + 'expires_in' => $accessTokenExpiresIn, ); return $response; From 9c3c70a5fb53992db6601a9c8dc68636c2040cd2 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Mon, 25 Nov 2013 23:52:25 +0000 Subject: [PATCH 42/54] Removed old build script --- build.xml | 142 ------------------------------------------------------ 1 file changed, 142 deletions(-) delete mode 100644 build.xml diff --git a/build.xml b/build.xml deleted file mode 100644 index 8008f502..00000000 --- a/build.xml +++ /dev/null @@ -1,142 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file From b4bfa69c8890913885c51e9786a01ed1ffd885e9 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Mon, 25 Nov 2013 23:52:45 +0000 Subject: [PATCH 43/54] Removed nyan cat printer --- composer.json | 3 +-- phpunit.xml | 5 +++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/composer.json b/composer.json index 96cb516d..9ddbb263 100644 --- a/composer.json +++ b/composer.json @@ -9,8 +9,7 @@ }, "require-dev": { "mockery/mockery": ">=0.7.2", - "league/phpunit-coverage-listener": "~1.0", - "whatthejeff/nyancat-phpunit-resultprinter": "~1.1" + "league/phpunit-coverage-listener": "~1.0" }, "repositories": [ { diff --git a/phpunit.xml b/phpunit.xml index ba590a71..fc258d29 100644 --- a/phpunit.xml +++ b/phpunit.xml @@ -1,5 +1,5 @@ - + tests/authorization @@ -21,6 +21,7 @@ - + + From 44408b873f5c5eec873f6b61bc8e0177df5e3cc5 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Mon, 25 Nov 2013 23:58:42 +0000 Subject: [PATCH 44/54] Make sure $this is returned --- src/League/OAuth2/Server/Authorization.php | 13 +++++++++++-- src/League/OAuth2/Server/Resource.php | 2 ++ 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/src/League/OAuth2/Server/Authorization.php b/src/League/OAuth2/Server/Authorization.php index 32748d8a..4dec4695 100644 --- a/src/League/OAuth2/Server/Authorization.php +++ b/src/League/OAuth2/Server/Authorization.php @@ -261,6 +261,11 @@ class Authorization return (array_key_exists($identifier, $this->grantTypes)); } + /** + * Returns response types + * + * @return array + */ public function getResponseTypes() { return $this->responseTypes; @@ -287,11 +292,12 @@ class Authorization /** * Default scope to be used if none is provided and requireScopeParam is false - * @var string|array + * @param string|array $default */ public function setDefaultScope($default = null) { $this->defaultScope = $default; + return $this; } /** @@ -321,6 +327,7 @@ class Authorization public function requireStateParam($require = true) { $this->requireStateParam = $require; + return $this; } /** @@ -341,6 +348,7 @@ class Authorization public function setScopeDelimeter($scopeDelimeter = ' ') { $this->scopeDelimeter = $scopeDelimeter; + return $this; } /** @@ -359,6 +367,7 @@ class Authorization public function setAccessTokenTTL($accessTokenTTL = 3600) { $this->accessTokenTTL = $accessTokenTTL; + return $this; } /** @@ -369,6 +378,7 @@ class Authorization public function setRequest(Util\RequestInterface $request) { $this->request = $request; + return $this; } /** @@ -381,7 +391,6 @@ class Authorization if ($this->request === null) { // @codeCoverageIgnoreStart $this->request = Request::buildFromGlobals(); - } // @codeCoverageIgnoreEnd diff --git a/src/League/OAuth2/Server/Resource.php b/src/League/OAuth2/Server/Resource.php index bc02b961..55339567 100644 --- a/src/League/OAuth2/Server/Resource.php +++ b/src/League/OAuth2/Server/Resource.php @@ -93,6 +93,7 @@ class Resource public function setRequest(RequestInterface $request) { $this->request = $request; + return $this; } /** @@ -129,6 +130,7 @@ class Resource public function setTokenKey($key) { $this->tokenKey = $key; + return $this; } /** From 6cade987a2c0b9b78dbd766f5a14e452703c6d9c Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Mon, 25 Nov 2013 23:59:10 +0000 Subject: [PATCH 45/54] Added html coverage --- phpunit.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/phpunit.xml b/phpunit.xml index fc258d29..ec749a08 100644 --- a/phpunit.xml +++ b/phpunit.xml @@ -21,7 +21,7 @@ - - + + From ec9a08af637d8f878c15cbfa36074b8c0eeeea55 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Mon, 25 Nov 2013 23:59:37 +0000 Subject: [PATCH 46/54] Updated .gitignore --- .gitignore | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index 371a1385..ee1d55c7 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,5 @@ /vendor /composer.lock -/build/logs -/build/coverage +/tests/coverage /docs /testing \ No newline at end of file From 5ec2c24b5cbcfa86ff2239b8e3b5ed37ecb33df1 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Fri, 29 Nov 2013 12:23:05 +0000 Subject: [PATCH 47/54] Removed build in DB providers, will be included in separate repos --- .../OAuth2/Server/Storage/DBAL/Client.php | 52 ----- .../OAuth2/Server/Storage/DBAL/Scope.php | 38 ---- .../OAuth2/Server/Storage/DBAL/Session.php | 176 --------------- .../OAuth2/Server/Storage/Fluent/Client.php | 51 ----- .../OAuth2/Server/Storage/Fluent/Scope.php | 27 --- .../OAuth2/Server/Storage/Fluent/Session.php | 154 ------------- .../OAuth2/Server/Storage/PDO/Client.php | 46 ---- src/League/OAuth2/Server/Storage/PDO/Db.php | 17 -- .../OAuth2/Server/Storage/PDO/Scope.php | 31 --- .../OAuth2/Server/Storage/PDO/Session.php | 206 ------------------ 10 files changed, 798 deletions(-) delete mode 100644 src/League/OAuth2/Server/Storage/DBAL/Client.php delete mode 100644 src/League/OAuth2/Server/Storage/DBAL/Scope.php delete mode 100644 src/League/OAuth2/Server/Storage/DBAL/Session.php delete mode 100644 src/League/OAuth2/Server/Storage/Fluent/Client.php delete mode 100644 src/League/OAuth2/Server/Storage/Fluent/Scope.php delete mode 100644 src/League/OAuth2/Server/Storage/Fluent/Session.php delete mode 100644 src/League/OAuth2/Server/Storage/PDO/Client.php delete mode 100644 src/League/OAuth2/Server/Storage/PDO/Db.php delete mode 100644 src/League/OAuth2/Server/Storage/PDO/Scope.php delete mode 100644 src/League/OAuth2/Server/Storage/PDO/Session.php diff --git a/src/League/OAuth2/Server/Storage/DBAL/Client.php b/src/League/OAuth2/Server/Storage/DBAL/Client.php deleted file mode 100644 index 91e86f88..00000000 --- a/src/League/OAuth2/Server/Storage/DBAL/Client.php +++ /dev/null @@ -1,52 +0,0 @@ - - */ -namespace League\OAuth2\Server\Storage\DBAL; - -use League\OAuth2\Server\Storage\ClientInterface; - -class Client implements ClientInterface -{ - protected $db; - - public function __construct($db) - { - $this->db = $db; - } - - public function getClient($clientId, $clientSecret = null, $redirectUri = null, $grantType = null) - { - if ( ! is_null($redirectUri) && is_null($clientSecret)) { - $stmt = $this->db->prepare('SELECT oauth_clients.id, oauth_clients.secret, oauth_client_endpoints.redirect_uri, oauth_clients.name FROM oauth_clients LEFT JOIN oauth_client_endpoints ON oauth_client_endpoints.client_id = oauth_clients.id WHERE oauth_clients.id = :clientId AND oauth_client_endpoints.redirect_uri = :redirectUri'); - $stmt->bindValue(':redirectUri', $redirectUri); - } - - elseif ( ! is_null($clientSecret) && is_null($redirectUri)) { - $stmt = $this->db->prepare('SELECT oauth_clients.id, oauth_clients.secret, oauth_clients.name FROM oauth_clients WHERE oauth_clients.id = :clientId AND oauth_clients.secret = :clientSecret'); - $stmt->bindValue(':clientSecret', $clientSecret); - } - - elseif ( ! is_null($clientSecret) && ! is_null($redirectUri)) { - $stmt = $this->db->prepare('SELECT oauth_clients.id, oauth_clients.secret, oauth_client_endpoints.redirect_uri, oauth_clients.name FROM oauth_clients LEFT JOIN oauth_client_endpoints ON oauth_client_endpoints.client_id = oauth_clients.id WHERE oauth_clients.id = :clientId AND oauth_clients.secret = :clientSecret AND oauth_client_endpoints.redirect_uri = :redirectUri'); - $stmt->bindValue(':redirectUri', $redirectUri); - $stmt->bindValue(':clientSecret', $clientSecret); - } - - $stmt->bindValue(':clientId', $clientId); - $stmt->execute(); - - $row = $stmt->fetch(\PDO::FETCH_OBJ); - - if ($row === false) { - return false; - } - - return array( - 'client_id' => $row->id, - 'client_secret' => $row->secret, - 'redirect_uri' => (isset($row->redirect_uri)) ? $row->redirect_uri : null, - 'name' => $row->name - ); - } -} \ No newline at end of file diff --git a/src/League/OAuth2/Server/Storage/DBAL/Scope.php b/src/League/OAuth2/Server/Storage/DBAL/Scope.php deleted file mode 100644 index 3c5639ea..00000000 --- a/src/League/OAuth2/Server/Storage/DBAL/Scope.php +++ /dev/null @@ -1,38 +0,0 @@ - - */ -namespace League\OAuth2\Server\Storage\DBAL; - -use League\OAuth2\Server\Storage\ScopeInterface; - -class Scope implements ScopeInterface -{ - protected $db; - - public function __construct($db) - { - $this->db = $db; - } - - public function getScope($scope, $clientId = null, $grantType = null) - { - $stmt = $this->db->prepare('SELECT * FROM oauth_scopes WHERE oauth_scopes.scope = :scope'); - $stmt->bindValue(':scope', $scope); - $stmt->execute(); - - $row = $stmt->fetch(\PDO::FETCH_OBJ); - - if ($row === false) { - return false; - } - - return array( - 'id' => $row->id, - 'scope' => $row->scope, - 'name' => $row->name, - 'description' => $row->description - ); - - } -} \ No newline at end of file diff --git a/src/League/OAuth2/Server/Storage/DBAL/Session.php b/src/League/OAuth2/Server/Storage/DBAL/Session.php deleted file mode 100644 index 7423601f..00000000 --- a/src/League/OAuth2/Server/Storage/DBAL/Session.php +++ /dev/null @@ -1,176 +0,0 @@ - - */ -namespace League\OAuth2\Server\Storage\DBAL; - -use League\OAuth2\Server\Storage\SessionInterface; - -class Session implements SessionInterface -{ - protected $db; - - public function __construct($db) - { - $this->db = $db; - } - - public function createSession($clientId, $ownerType, $ownerId) - { - $this->db->insert('oauth_sessions', array( - 'client_id' => $clientId, - 'owner_type' => $ownerType, - 'owner_id' => $ownerId, - )); - - return $this->db->lastInsertId(); - } - - public function deleteSession($clientId, $ownerType, $ownerId) - { - $this->db->delete('oauth_sessions', array( - 'client_id' => $clientId, - 'owner_type' => $ownerType, - 'owner_id' => $ownerId, - )); - } - - public function associateRedirectUri($sessionId, $redirectUri) - { - $this->db->insert('oauth_session_redirects', array( - 'session_id' => $sessionId, - 'redirect_uri' => $redirectUri, - )); - } - - public function associateAccessToken($sessionId, $accessToken, $expireTime) - { - $this->db->insert('oauth_session_access_tokens', array( - 'session_id' => $sessionId, - 'access_token' => $accessToken, - 'access_token_expires' => $expireTime, - )); - - return $this->db->lastInsertId(); - } - - public function associateRefreshToken($accessTokenId, $refreshToken, $expireTime, $clientId) - { - $this->db->insert('oauth_session_refresh_tokens', array( - 'session_access_token_id' => $accessTokenId, - 'refresh_token' => $refreshToken, - 'refresh_token_expires' => $expireTime, - 'client_id' => $clientId, - )); - } - - public function associateAuthCode($sessionId, $authCode, $expireTime) - { - $this->db->insert('oauth_session_authcodes', array( - 'session_id' => $sessionId, - 'auth_code' => $authCode, - 'auth_code_expires' => $expireTime, - )); - - return $this->db->lastInsertId(); - } - - public function removeAuthCode($sessionId) - { - $this->db->delete('oauth_session_authcodes', array( - 'session_id' => $sessionId, - )); - } - - public function validateAuthCode($clientId, $redirectUri, $authCode) - { - $stmt = $this->db->prepare('SELECT oauth_sessions.id AS session_id, oauth_session_authcodes.id AS authcode_id - FROM oauth_sessions JOIN oauth_session_authcodes ON oauth_session_authcodes.`session_id` - = oauth_sessions.id JOIN oauth_session_redirects ON oauth_session_redirects.`session_id` - = oauth_sessions.id WHERE oauth_sessions.client_id = :clientId AND oauth_session_authcodes.`auth_code` - = :authCode AND `oauth_session_authcodes`.`auth_code_expires` >= :time AND - `oauth_session_redirects`.`redirect_uri` = :redirectUri'); - $stmt->bindValue(':clientId', $clientId); - $stmt->bindValue(':redirectUri', $redirectUri); - $stmt->bindValue(':authCode', $authCode); - $stmt->bindValue(':time', time()); - $stmt->execute(); - - $result = $stmt->fetch(\PDO::FETCH_OBJ); - - return ($result === false) ? false : (array) $result; - } - - public function validateAccessToken($accessToken) - { - $stmt = $this->db->prepare('SELECT session_id, oauth_sessions.`client_id`, oauth_sessions.`owner_id`, oauth_sessions.`owner_type` FROM `oauth_session_access_tokens` JOIN oauth_sessions ON oauth_sessions.`id` = session_id WHERE access_token = :accessToken AND access_token_expires >= ' . time()); - $stmt->bindValue(':accessToken', $accessToken); - $stmt->execute(); - - $result = $stmt->fetch(\PDO::FETCH_OBJ); - return ($result === false) ? false : (array) $result; - } - - public function removeRefreshToken($refreshToken) - { - $this->db->delete('oauth_session_refresh_tokens', array( - 'refresh_token' => $refreshToken, - )); - } - - public function validateRefreshToken($refreshToken, $clientId) - { - $stmt = $this->db->prepare('SELECT session_access_token_id FROM `oauth_session_refresh_tokens` WHERE - refresh_token = :refreshToken AND client_id = :clientId AND refresh_token_expires >= ' . time()); - $stmt->bindValue(':refreshToken', $refreshToken); - $stmt->bindValue(':clientId', $clientId); - $stmt->execute(); - - $result = $stmt->fetch(\PDO::FETCH_OBJ); - return ($result === false) ? false : $result->session_access_token_id; - } - - public function getAccessToken($accessTokenId) - { - $stmt = $this->db->prepare('SELECT * FROM `oauth_session_access_tokens` WHERE `id` = :accessTokenId'); - $stmt->bindValue(':accessTokenId', $accessTokenId); - $stmt->execute(); - - $result = $stmt->fetch(\PDO::FETCH_OBJ); - return ($result === false) ? false : (array) $result; - } - - public function associateAuthCodeScope($authCodeId, $scopeId) - { - $this->db->insert('oauth_session_authcode_scopes', array( - 'oauth_session_authcode_id' => $authCodeId, - 'scope_id' => $scopeId, - )); - } - - public function getAuthCodeScopes($oauthSessionAuthCodeId) - { - $stmt = $this->db->prepare('SELECT scope_id FROM `oauth_session_authcode_scopes` WHERE oauth_session_authcode_id = :authCodeId'); - $stmt->bindValue(':authCodeId', $oauthSessionAuthCodeId); - $stmt->execute(); - - return $stmt->fetchAll(); - } - - public function associateScope($accessTokenId, $scopeId) - { - $this->db->insert('oauth_session_token_scopes', array( - 'session_access_token_id' => $accessTokenId, - 'scope_id' => $scopeId, - )); - } - - public function getScopes($accessToken) - { - $stmt = $this->db->prepare('SELECT oauth_scopes.* FROM oauth_session_token_scopes JOIN oauth_session_access_tokens ON oauth_session_access_tokens.`id` = `oauth_session_token_scopes`.`session_access_token_id` JOIN oauth_scopes ON oauth_scopes.id = `oauth_session_token_scopes`.`scope_id` WHERE access_token = :accessToken'); - $stmt->bindValue(':accessToken', $accessToken); - $stmt->execute(); - - return $stmt->fetchAll(); - } -} \ No newline at end of file diff --git a/src/League/OAuth2/Server/Storage/Fluent/Client.php b/src/League/OAuth2/Server/Storage/Fluent/Client.php deleted file mode 100644 index 4a26a513..00000000 --- a/src/League/OAuth2/Server/Storage/Fluent/Client.php +++ /dev/null @@ -1,51 +0,0 @@ -join('oauth_client_endpoints', 'oauth_clients.id', '=', 'oauth_client_endpoints.client_id') - ->where('oauth_clients.id', $clientId) - ->where('oauth_client_endpoints.redirect_uri', $redirectUri) - ->first(); - - } elseif (!is_null($clientSecret) && is_null($redirectUri)) { - $result = DB::table('oauth_clients') - ->where('id', $clientId) - ->where('secret', $clientSecret) - ->first(); - - } elseif (!is_null($clientSecret) && !is_null($redirectUri)) { - $queries = DB::getQueryLog(); - - $result = DB::table('oauth_clients') - ->join('oauth_client_endpoints', 'oauth_clients.id', '=', 'oauth_client_endpoints.client_id') - ->where('oauth_clients.id', $clientId) - ->where('oauth_clients.secret', $clientSecret) - ->where('oauth_client_endpoints.redirect_uri', $redirectUri) - ->first(); - - } - - if (is_null($result)) { - return false; - } - - return array( - 'client_id' => $result->id, - 'client_secret' => $result->secret, - 'redirect_uri' => (isset($result->redirect_uri)) ? $result->redirect_uri : null, - 'name' => $result->name, - 'auto_approve' => $result->auto_approve - ); - } - -} diff --git a/src/League/OAuth2/Server/Storage/Fluent/Scope.php b/src/League/OAuth2/Server/Storage/Fluent/Scope.php deleted file mode 100644 index 636a59df..00000000 --- a/src/League/OAuth2/Server/Storage/Fluent/Scope.php +++ /dev/null @@ -1,27 +0,0 @@ -where('scope', $scope) - ->first(); - - if (is_null($result)) { - return false; - } - - return array( - 'id' => $result->id, - 'scope' => $result->scope, - 'name' => $result->name, - 'description' => $result->description - ); - } - -} \ No newline at end of file diff --git a/src/League/OAuth2/Server/Storage/Fluent/Session.php b/src/League/OAuth2/Server/Storage/Fluent/Session.php deleted file mode 100644 index 5625ebb1..00000000 --- a/src/League/OAuth2/Server/Storage/Fluent/Session.php +++ /dev/null @@ -1,154 +0,0 @@ -insertGetId([ - 'client_id' => $clientId, - 'owner_type' => $ownerType, - 'owner_id' => $ownerId - ]); - } - - public function deleteSession($clientId, $ownerType, $ownerId) { - DB::table('oauth_sessions') - ->where('client_id', $clientId) - ->where('owner_type', $ownerType) - ->where('owner_id', $ownerId) - ->delete(); - } - - public function associateRedirectUri($sessionId, $redirectUri) { - DB::table('oauth_session_redirects')->insert([ - 'session_id' => $sessionId, - 'redirect_uri' => $redirectUri, - ]); - } - - public function associateAccessToken($sessionId, $accessToken, $expireTime) { - return DB::table('oauth_session_access_tokens')->insertGetId([ - 'session_id' => $sessionId, - 'access_token' => $accessToken, - 'access_token_expires' => $expireTime, - ]); - } - - public function associateRefreshToken($accessTokenId, $refreshToken, $expireTime, $clientId) { - DB::table('oauth_session_refresh_tokens')->insert([ - 'session_access_token_id' => $accessTokenId, - 'refresh_token' => $refreshToken, - 'refresh_token_expires' => $expireTime, - 'client_id' => $clientId, - ]); - } - - public function associateAuthCode($sessionId, $authCode, $expireTime) { - - - DB::table('oauth_session_authcodes')->insert([ - 'session_id' => $sessionId, - 'auth_code' => $authCode, - 'auth_code_expires' => $expireTime - ]); - - return DB::table('oauth_session_authcodes')->where('auth_code',$authCode)->first()->id; - - } - - public function removeAuthCode($sessionId) { - DB::table('oauth_session_authcodes') - ->where('session_id', $sessionId) - ->delete(); - } - - public function validateAuthCode($clientId, $redirectUri, $authCode) { - $result = DB::table('oauth_sessions') - ->select(['oauth_sessions.id as session_id', 'oauth_session_authcodes.id as authcode_id']) - ->join('oauth_session_authcodes', 'oauth_sessions.id', '=', 'oauth_session_authcodes.session_id') - ->join('oauth_session_redirects', 'oauth_sessions.id', '=', 'oauth_session_redirects.session_id') - ->where('oauth_sessions.client_id', $clientId) - ->where('oauth_session_authcodes.auth_code', $authCode) - ->where('oauth_session_authcodes.auth_code_expires', '>=', time()) - ->where('oauth_session_redirects.redirect_uri', $redirectUri) - ->first(); - - return (is_null($result)) ? false : (array) $result; - } - - public function validateAccessToken($accessToken) { - $result = DB::table('oauth_session_access_tokens') - ->join('oauth_sessions', 'oauth_session_access_tokens.session_id', '=', 'oauth_sessions.id') - ->where('access_token', $accessToken) - ->where('access_token_expires', '>=', time()) - ->first(); - - return (is_null($result)) ? false : (array) $result; - } - - public function validateRefreshToken($refreshToken, $clientId) { - $result = DB::table('oauth_session_refresh_tokens') - ->where('refresh_token', $refreshToken) - ->where('client_id', $clientId) - ->where('refresh_token_expires', '>=', time()) - ->first(); - - return (is_null($result)) ? false : $result->session_access_token_id; - } - - public function getAccessToken($accessTokenId) { - $result = DB::table('oauth_session_access_tokens') - ->where('id', $accessTokenId) - ->first(); - - return (is_null($result)) ? false : (array) $result; - } - - public function associateScope($accessTokenId, $scopeId) { - - - - DB::table('oauth_session_token_scopes')->insert([ - 'session_access_token_id' => $accessTokenId, - 'scope_id' => $scopeId, - ]); - } - - public function getScopes($accessToken) { - return DB::table('oauth_session_token_scopes') - ->join('oauth_session_access_tokens', 'oauth_session_token_scopes.session_access_token_id', '=', 'oauth_session_access_tokens.id') - ->join('oauth_scopes', 'oauth_session_token_scopes.session_access_token_id', '=', 'oauth_scopes.id') - ->where('access_token', $accessToken) - ->get(); - } - - public function associateAuthCodeScope($authCodeId, $scopeId) { - - DB::table('oauth_session_authcode_scopes')->insert([ - 'oauth_session_authcode_id' => $authCodeId, - 'scope_id' => $scopeId - ]); - } - - public function getAuthCodeScopes($oauthSessionAuthCodeId) { - $result = DB::table('oauth_session_authcode_scopes') - ->where('oauth_session_authcode_id', '=', $oauthSessionAuthCodeId) - ->get(); - - return array_map(function($val) - { - return json_decode(json_encode($val), true); - }, $result); - } - - public function removeRefreshToken($refreshToken) { - DB::table('oauth_session_refresh_tokens') - ->where('refresh_token', '=', $refreshToken) - ->delete(); - } - -} \ No newline at end of file diff --git a/src/League/OAuth2/Server/Storage/PDO/Client.php b/src/League/OAuth2/Server/Storage/PDO/Client.php deleted file mode 100644 index d56a540f..00000000 --- a/src/League/OAuth2/Server/Storage/PDO/Client.php +++ /dev/null @@ -1,46 +0,0 @@ -prepare('SELECT oauth_clients.id, oauth_clients.secret, oauth_client_endpoints.redirect_uri, oauth_clients.name, oauth_clients.auto_approve FROM oauth_clients LEFT JOIN oauth_client_endpoints ON oauth_client_endpoints.client_id = oauth_clients.id WHERE oauth_clients.id = :clientId AND oauth_client_endpoints.redirect_uri = :redirectUri'); - $stmt->bindValue(':redirectUri', $redirectUri); - } - - elseif ( ! is_null($clientSecret) && is_null($redirectUri)) { - $stmt = $db->prepare('SELECT oauth_clients.id, oauth_clients.secret, oauth_clients.name, oauth_clients.auto_approve FROM oauth_clients WHERE oauth_clients.id = :clientId AND oauth_clients.secret = :clientSecret'); - $stmt->bindValue(':clientSecret', $clientSecret); - } - - elseif ( ! is_null($clientSecret) && ! is_null($redirectUri)) { - $stmt = $db->prepare('SELECT oauth_clients.id, oauth_clients.secret, oauth_client_endpoints.redirect_uri, oauth_clients.name, oauth_clients.auto_approve FROM oauth_clients LEFT JOIN oauth_client_endpoints ON oauth_client_endpoints.client_id = oauth_clients.id WHERE oauth_clients.id = :clientId AND oauth_clients.secret = :clientSecret AND oauth_client_endpoints.redirect_uri = :redirectUri'); - $stmt->bindValue(':redirectUri', $redirectUri); - $stmt->bindValue(':clientSecret', $clientSecret); - } - - $stmt->bindValue(':clientId', $clientId); - $stmt->execute(); - - $row = $stmt->fetchObject(); - - if ($row === false) { - return false; - } - - return array( - 'client_id' => $row->id, - 'client_secret' => $row->secret, - 'redirect_uri' => (isset($row->redirect_uri)) ? $row->redirect_uri : null, - 'name' => $row->name, - 'auto_approve' => $row->auto_approve - ); - } -} diff --git a/src/League/OAuth2/Server/Storage/PDO/Db.php b/src/League/OAuth2/Server/Storage/PDO/Db.php deleted file mode 100644 index 5922df19..00000000 --- a/src/League/OAuth2/Server/Storage/PDO/Db.php +++ /dev/null @@ -1,17 +0,0 @@ -prepare('SELECT * FROM oauth_scopes WHERE oauth_scopes.scope = :scope'); - $stmt->bindValue(':scope', $scope); - $stmt->execute(); - - $row = $stmt->fetchObject(); - - if ($row === false) { - return false; - } - - return array( - 'id' => $row->id, - 'scope' => $row->scope, - 'name' => $row->name, - 'description' => $row->description - ); - - } -} \ No newline at end of file diff --git a/src/League/OAuth2/Server/Storage/PDO/Session.php b/src/League/OAuth2/Server/Storage/PDO/Session.php deleted file mode 100644 index abde8b2b..00000000 --- a/src/League/OAuth2/Server/Storage/PDO/Session.php +++ /dev/null @@ -1,206 +0,0 @@ -prepare('INSERT INTO oauth_sessions (client_id, owner_type, owner_id) VALUE - (:clientId, :ownerType, :ownerId)'); - $stmt->bindValue(':clientId', $clientId); - $stmt->bindValue(':ownerType', $ownerType); - $stmt->bindValue(':ownerId', $ownerId); - $stmt->execute(); - - return $db->lastInsertId(); - } - - public function deleteSession($clientId, $ownerType, $ownerId) - { - $db = \ezcDbInstance::get(); - - $stmt = $db->prepare('DELETE FROM oauth_sessions WHERE client_id = :clientId AND - owner_type = :type AND owner_id = :typeId'); - $stmt->bindValue(':clientId', $clientId); - $stmt->bindValue(':type', $ownerType); - $stmt->bindValue(':typeId', $ownerId); - $stmt->execute(); - } - - public function associateRedirectUri($sessionId, $redirectUri) - { - $db = \ezcDbInstance::get(); - - $stmt = $db->prepare('INSERT INTO oauth_session_redirects (session_id, redirect_uri) - VALUE (:sessionId, :redirectUri)'); - $stmt->bindValue(':sessionId', $sessionId); - $stmt->bindValue(':redirectUri', $redirectUri); - $stmt->execute(); - } - - public function associateAccessToken($sessionId, $accessToken, $expireTime) - { - $db = \ezcDbInstance::get(); - - $stmt = $db->prepare('INSERT INTO oauth_session_access_tokens (session_id, access_token, access_token_expires) - VALUE (:sessionId, :accessToken, :accessTokenExpire)'); - $stmt->bindValue(':sessionId', $sessionId); - $stmt->bindValue(':accessToken', $accessToken); - $stmt->bindValue(':accessTokenExpire', $expireTime); - $stmt->execute(); - - return $db->lastInsertId(); - } - - public function associateRefreshToken($accessTokenId, $refreshToken, $expireTime, $clientId) - { - $db = \ezcDbInstance::get(); - - $stmt = $db->prepare('INSERT INTO oauth_session_refresh_tokens (session_access_token_id, refresh_token, refresh_token_expires, client_id) VALUE - (:accessTokenId, :refreshToken, :expireTime, :clientId)'); - $stmt->bindValue(':accessTokenId', $accessTokenId); - $stmt->bindValue(':refreshToken', $refreshToken); - $stmt->bindValue(':expireTime', $expireTime); - $stmt->bindValue(':clientId', $clientId); - $stmt->execute(); - } - - public function associateAuthCode($sessionId, $authCode, $expireTime) - { - $db = \ezcDbInstance::get(); - - $stmt = $db->prepare('INSERT INTO oauth_session_authcodes (session_id, auth_code, auth_code_expires) - VALUE (:sessionId, :authCode, :authCodeExpires)'); - $stmt->bindValue(':sessionId', $sessionId); - $stmt->bindValue(':authCode', $authCode); - $stmt->bindValue(':authCodeExpires', $expireTime); - $stmt->execute(); - - return $db->lastInsertId(); - } - - public function removeAuthCode($sessionId) - { - $db = \ezcDbInstance::get(); - - $stmt = $db->prepare('DELETE FROM oauth_session_authcodes WHERE session_id = :sessionId'); - $stmt->bindValue(':sessionId', $sessionId); - $stmt->execute(); - } - - public function validateAuthCode($clientId, $redirectUri, $authCode) - { - $db = \ezcDbInstance::get(); - - $stmt = $db->prepare('SELECT oauth_sessions.id AS session_id, oauth_session_authcodes.id AS authcode_id - FROM oauth_sessions JOIN oauth_session_authcodes ON oauth_session_authcodes.`session_id` - = oauth_sessions.id JOIN oauth_session_redirects ON oauth_session_redirects.`session_id` - = oauth_sessions.id WHERE oauth_sessions.client_id = :clientId AND oauth_session_authcodes.`auth_code` - = :authCode AND `oauth_session_authcodes`.`auth_code_expires` >= :time AND - `oauth_session_redirects`.`redirect_uri` = :redirectUri'); - $stmt->bindValue(':clientId', $clientId); - $stmt->bindValue(':redirectUri', $redirectUri); - $stmt->bindValue(':authCode', $authCode); - $stmt->bindValue(':time', time()); - $stmt->execute(); - - $result = $stmt->fetchObject(); - - return ($result === false) ? false : (array) $result; - } - - public function validateAccessToken($accessToken) - { - $db = \ezcDbInstance::get(); - - $stmt = $db->prepare('SELECT session_id, oauth_sessions.`client_id`, oauth_sessions.`owner_id`, oauth_sessions.`owner_type` FROM `oauth_session_access_tokens` JOIN oauth_sessions ON oauth_sessions.`id` = session_id WHERE access_token = :accessToken AND access_token_expires >= ' . time()); - $stmt->bindValue(':accessToken', $accessToken); - $stmt->execute(); - - $result = $stmt->fetchObject(); - return ($result === false) ? false : (array) $result; - } - - public function removeRefreshToken($refreshToken) - { - $db = \ezcDbInstance::get(); - - $stmt = $db->prepare('DELETE FROM `oauth_session_refresh_tokens` WHERE refresh_token = :refreshToken'); - $stmt->bindValue(':refreshToken', $refreshToken); - $stmt->execute(); - } - - public function validateRefreshToken($refreshToken, $clientId) - { - $db = \ezcDbInstance::get(); - - $stmt = $db->prepare('SELECT session_access_token_id FROM `oauth_session_refresh_tokens` WHERE - refresh_token = :refreshToken AND client_id = :clientId AND refresh_token_expires >= ' . time()); - $stmt->bindValue(':refreshToken', $refreshToken); - $stmt->bindValue(':clientId', $clientId); - $stmt->execute(); - - $result = $stmt->fetchObject(); - return ($result === false) ? false : $result->session_access_token_id; - } - - public function getAccessToken($accessTokenId) - { - $db = \ezcDbInstance::get(); - - $stmt = $db->prepare('SELECT * FROM `oauth_session_access_tokens` WHERE `id` = :accessTokenId'); - $stmt->bindValue(':accessTokenId', $accessTokenId); - $stmt->execute(); - - $result = $stmt->fetchObject(); - return ($result === false) ? false : (array) $result; - } - - public function associateAuthCodeScope($authCodeId, $scopeId) - { - $db = \ezcDbInstance::get(); - - $stmt = $db->prepare('INSERT INTO `oauth_session_authcode_scopes` (`oauth_session_authcode_id`, `scope_id`) VALUES (:authCodeId, :scopeId)'); - $stmt->bindValue(':authCodeId', $authCodeId); - $stmt->bindValue(':scopeId', $scopeId); - $stmt->execute(); - } - - public function getAuthCodeScopes($oauthSessionAuthCodeId) - { - $db = \ezcDbInstance::get(); - - $stmt = $db->prepare('SELECT scope_id FROM `oauth_session_authcode_scopes` WHERE oauth_session_authcode_id = :authCodeId'); - $stmt->bindValue(':authCodeId', $oauthSessionAuthCodeId); - $stmt->execute(); - - return $stmt->fetchAll(); - } - - public function associateScope($accessTokenId, $scopeId) - { - $db = \ezcDbInstance::get(); - - $stmt = $db->prepare('INSERT INTO `oauth_session_token_scopes` (`session_access_token_id`, `scope_id`) - VALUE (:accessTokenId, :scopeId)'); - $stmt->bindValue(':accessTokenId', $accessTokenId); - $stmt->bindValue(':scopeId', $scopeId); - $stmt->execute(); - } - - public function getScopes($accessToken) - { - $db = \ezcDbInstance::get(); - - $stmt = $db->prepare('SELECT oauth_scopes.* FROM oauth_session_token_scopes JOIN oauth_session_access_tokens ON oauth_session_access_tokens.`id` = `oauth_session_token_scopes`.`session_access_token_id` JOIN oauth_scopes ON oauth_scopes.id = `oauth_session_token_scopes`.`scope_id` WHERE access_token = :accessToken'); - $stmt->bindValue(':accessToken', $accessToken); - $stmt->execute(); - - return $stmt->fetchAll(); - } -} \ No newline at end of file From bacc9ce316445b0ad1d6f59bef462daa30a0c240 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Fri, 29 Nov 2013 12:23:35 +0000 Subject: [PATCH 48/54] Added some extra keywords --- composer.json | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/composer.json b/composer.json index 9ddbb263..3d7994ef 100644 --- a/composer.json +++ b/composer.json @@ -24,7 +24,10 @@ "authorization", "authentication", "resource", - "api" + "api", + "auth", + "protect", + "secure" ], "authors": [ { From 2bd61f040bf1f42fa974aa360d8428e1f3994777 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Fri, 29 Nov 2013 12:34:08 +0000 Subject: [PATCH 49/54] Updated minimum PHP requirement to 5.4+ to support future changes --- composer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/composer.json b/composer.json index 3d7994ef..4ea71305 100644 --- a/composer.json +++ b/composer.json @@ -5,7 +5,7 @@ "homepage": "https://github.com/php-loep/oauth2-server", "license": "MIT", "require": { - "php": ">=5.3.0" + "php": ">=5.4.0" }, "require-dev": { "mockery/mockery": ">=0.7.2", From 5bb1359ad79dd2007a1c267b6aa5b382c1b52fd6 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Fri, 29 Nov 2013 12:34:18 +0000 Subject: [PATCH 50/54] Added some initial changelogs --- CHANGELOG.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8da0979f..b0402b84 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,17 @@ # Changelog +## 3.0 (released 2013-11-29) + +* Fixed spelling of Implicit grant class (Issue #84) +* Travis CI now tests for PHP 5.5 +* Fixes for checking headers for resource server (Issues #79 and #) +* The word "bearer" now has a capital "B" in JSON output to match OAuth 2.0 spec +* All grants no longer remove old sessions by default +* All grants now support custom access token TTL (Issue #92) +* All methods which didn't before return a value now return `$this` to support method chaining +* Removed the build in DB providers - these will be put in their own repos to remove baggage in the main repository +* Removed support for PHP 5.3 because this library now uses traits and will use other modern PHP features going forward + ## 2.1.1 (released 2013-06-02) * Added conditional `isValid()` flag to check for Authorization header only (thanks @alexmcroberts) From 954ff1982301ca561374a1b8114f02fc3ab55ff2 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Fri, 29 Nov 2013 12:35:29 +0000 Subject: [PATCH 51/54] Removed suggested composer packages --- composer.json | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/composer.json b/composer.json index 4ea71305..38a21344 100644 --- a/composer.json +++ b/composer.json @@ -47,7 +47,6 @@ } }, "suggest": { - "zetacomponents/database": "A PDO implementation of the storage classes", - "doctrine/dbal": "A Doctrine/DBAL implementation of the storage classes" + } } From 031cf3064ae967658441f7e1e909b59994545961 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Mon, 2 Dec 2013 18:42:54 +0000 Subject: [PATCH 52/54] Moved some grant related functions into a trait to reduce duplicate code --- src/League/OAuth2/Server/Grant/AuthCode.php | 30 +------------ .../OAuth2/Server/Grant/ClientCredentials.php | 2 + src/League/OAuth2/Server/Grant/GrantTrait.php | 45 +++++++++++++++++++ .../Server/Grant/GrantTypeInterface.php | 12 ----- src/League/OAuth2/Server/Grant/Implicit.php | 30 +------------ src/League/OAuth2/Server/Grant/Password.php | 30 +------------ .../OAuth2/Server/Grant/RefreshToken.php | 30 +------------ 7 files changed, 55 insertions(+), 124 deletions(-) create mode 100644 src/League/OAuth2/Server/Grant/GrantTrait.php diff --git a/src/League/OAuth2/Server/Grant/AuthCode.php b/src/League/OAuth2/Server/Grant/AuthCode.php index 08f1a7c2..79a541af 100644 --- a/src/League/OAuth2/Server/Grant/AuthCode.php +++ b/src/League/OAuth2/Server/Grant/AuthCode.php @@ -24,6 +24,8 @@ use League\OAuth2\Server\Storage\ScopeInterface; */ class AuthCode implements GrantTypeInterface { + use GrantTrait; + /** * Grant identifier * @var string @@ -64,34 +66,6 @@ class AuthCode implements GrantTypeInterface { $this->authServer = $authServer; } - /** - * Return the identifier - * @return string - */ - public function getIdentifier() - { - return $this->identifier; - } - - /** - * Return the response type - * @return string - */ - public function getResponseType() - { - return $this->responseType; - } - - /** - * Override the default access token expire time - * @param int $accessTokenTTL - * @return void - */ - public function setAccessTokenTTL($accessTokenTTL) - { - $this->accessTokenTTL = $accessTokenTTL; - } - /** * Override the default access token expire time * @param int $authTokenTTL diff --git a/src/League/OAuth2/Server/Grant/ClientCredentials.php b/src/League/OAuth2/Server/Grant/ClientCredentials.php index 3d962ee9..4d53bf23 100644 --- a/src/League/OAuth2/Server/Grant/ClientCredentials.php +++ b/src/League/OAuth2/Server/Grant/ClientCredentials.php @@ -24,6 +24,8 @@ use League\OAuth2\Server\Storage\ScopeInterface; */ class ClientCredentials implements GrantTypeInterface { + use GrantTrait; + /** * Grant identifier * @var string diff --git a/src/League/OAuth2/Server/Grant/GrantTrait.php b/src/League/OAuth2/Server/Grant/GrantTrait.php new file mode 100644 index 00000000..e052ce57 --- /dev/null +++ b/src/League/OAuth2/Server/Grant/GrantTrait.php @@ -0,0 +1,45 @@ + + * @copyright Copyright (c) 2013 PHP League of Extraordinary Packages + * @license http://mit-license.org/ + * @link http://github.com/php-loep/oauth2-server + */ + +namespace League\OAuth2\Server\Grant; + +trait GrantTrait { + + /** + * Return the identifier + * @return string + */ + public function getIdentifier() + { + return $this->identifier; + } + + /** + * Return the response type + * @return string + */ + public function getResponseType() + { + return $this->responseType; + } + + /** + * Override the default access token expire time + * @param int $accessTokenTTL + * @return self + */ + public function setAccessTokenTTL($accessTokenTTL) + { + $this->accessTokenTTL = $accessTokenTTL; + return $this; + } + +} \ No newline at end of file diff --git a/src/League/OAuth2/Server/Grant/GrantTypeInterface.php b/src/League/OAuth2/Server/Grant/GrantTypeInterface.php index 2399c521..ec0b906b 100644 --- a/src/League/OAuth2/Server/Grant/GrantTypeInterface.php +++ b/src/League/OAuth2/Server/Grant/GrantTypeInterface.php @@ -28,18 +28,6 @@ interface GrantTypeInterface */ public function __construct(Authorization $authServer); - /** - * Returns the grant identifier (used to validate grant_type in League\OAuth2\Server\Authorization::issueAccessToken()) - * @return string - */ - public function getIdentifier(); - - /** - * Returns the response type (used to validate response_type in League\OAuth2\Server\Grant\AuthCode::checkAuthoriseParams()) - * @return null|string - */ - public function getResponseType(); - /** * Complete the grant flow * diff --git a/src/League/OAuth2/Server/Grant/Implicit.php b/src/League/OAuth2/Server/Grant/Implicit.php index 05809e28..a71afed5 100644 --- a/src/League/OAuth2/Server/Grant/Implicit.php +++ b/src/League/OAuth2/Server/Grant/Implicit.php @@ -24,6 +24,8 @@ use League\OAuth2\Server\Storage\ScopeInterface; */ class Implicit implements GrantTypeInterface { + use GrantTrait; + /** * Grant identifier * @var string @@ -58,34 +60,6 @@ class Implicit implements GrantTypeInterface { $this->authServer = $authServer; } - /** - * Return the identifier - * @return string - */ - public function getIdentifier() - { - return $this->identifier; - } - - /** - * Return the response type - * @return string - */ - public function getResponseType() - { - return $this->responseType; - } - - /** - * Override the default access token expire time - * @param int $accessTokenTTL - * @return void - */ - public function setAccessTokenTTL($accessTokenTTL) - { - $this->accessTokenTTL = $accessTokenTTL; - } - /** * Complete the client credentials grant * @param null|array $inputParams diff --git a/src/League/OAuth2/Server/Grant/Password.php b/src/League/OAuth2/Server/Grant/Password.php index 316f22c5..a81a62c3 100644 --- a/src/League/OAuth2/Server/Grant/Password.php +++ b/src/League/OAuth2/Server/Grant/Password.php @@ -24,6 +24,8 @@ use League\OAuth2\Server\Storage\ScopeInterface; */ class Password implements GrantTypeInterface { + use GrantTrait; + /** * Grant identifier * @var string @@ -64,34 +66,6 @@ class Password implements GrantTypeInterface { $this->authServer = $authServer; } - /** - * Return the identifier - * @return string - */ - public function getIdentifier() - { - return $this->identifier; - } - - /** - * Return the response type - * @return string - */ - public function getResponseType() - { - return $this->responseType; - } - - /** - * Override the default access token expire time - * @param int $accessTokenTTL - * @return void - */ - public function setAccessTokenTTL($accessTokenTTL) - { - $this->accessTokenTTL = $accessTokenTTL; - } - /** * Set the callback to verify a user's username and password * @param callable $callback The callback function diff --git a/src/League/OAuth2/Server/Grant/RefreshToken.php b/src/League/OAuth2/Server/Grant/RefreshToken.php index 99d759b0..4c4664f3 100644 --- a/src/League/OAuth2/Server/Grant/RefreshToken.php +++ b/src/League/OAuth2/Server/Grant/RefreshToken.php @@ -24,6 +24,8 @@ use League\OAuth2\Server\Storage\ScopeInterface; */ class RefreshToken implements GrantTypeInterface { + use GrantTrait; + /** * Grant identifier * @var string @@ -70,34 +72,6 @@ class RefreshToken implements GrantTypeInterface { $this->authServer = $authServer; } - /** - * Return the identifier - * @return string - */ - public function getIdentifier() - { - return $this->identifier; - } - - /** - * Return the response type - * @return string - */ - public function getResponseType() - { - return $this->responseType; - } - - /** - * Override the default access token expire time - * @param int $accessTokenTTL - * @return void - */ - public function setAccessTokenTTL($accessTokenTTL) - { - $this->accessTokenTTL = $accessTokenTTL; - } - /** * Set the TTL of the refresh token * @param int $refreshTokenTTL From 041104e2b15e2e9d8c58761cd729c132cfc6a4f9 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Mon, 2 Dec 2013 18:43:42 +0000 Subject: [PATCH 53/54] Updated changelog --- CHANGELOG.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b0402b84..56cabe6b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,6 @@ # Changelog -## 3.0 (released 2013-11-29) +## 3.0 (released 2013-12-02) * Fixed spelling of Implicit grant class (Issue #84) * Travis CI now tests for PHP 5.5 @@ -11,6 +11,7 @@ * All methods which didn't before return a value now return `$this` to support method chaining * Removed the build in DB providers - these will be put in their own repos to remove baggage in the main repository * Removed support for PHP 5.3 because this library now uses traits and will use other modern PHP features going forward +* Moved some grant related functions into a trait to reduce duplicate code ## 2.1.1 (released 2013-06-02) From 10a4bf41ede09981c4f4d8321bf3be6b57d968fe Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Mon, 2 Dec 2013 18:44:08 +0000 Subject: [PATCH 54/54] Version bump --- composer.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/composer.json b/composer.json index 38a21344..3335690a 100644 --- a/composer.json +++ b/composer.json @@ -1,7 +1,7 @@ { "name": "league/oauth2-server", "description": "A lightweight and powerful OAuth 2.0 authorization and resource server library with support for all the core specification grants. This library will allow you to secure your API with OAuth and allow your applications users to approve apps that want to access their data from your API.", - "version": "2.1.1", + "version": "3.0", "homepage": "https://github.com/php-loep/oauth2-server", "license": "MIT", "require": { @@ -49,4 +49,4 @@ "suggest": { } -} +} \ No newline at end of file