mirror of
https://github.com/elyby/oauth2-server.git
synced 2025-01-18 17:42:54 +05:30
Merge branch 'v4.0.0-relational-example' of github.com:thephpleague/oauth2-server into v4.0.0-relational-example
This commit is contained in:
commit
2637af87ec
@ -13,12 +13,16 @@
|
|||||||
"mockery/mockery": "~0.9",
|
"mockery/mockery": "~0.9",
|
||||||
"league/phpunit-coverage-listener": "~1.0",
|
"league/phpunit-coverage-listener": "~1.0",
|
||||||
"squizlabs/php_codesniffer": "1.*",
|
"squizlabs/php_codesniffer": "1.*",
|
||||||
"codeception/codeception": "2.0.*"
|
"codeception/codeception": "2.0.*",
|
||||||
|
"alexbilbie/fizzfuzz": "dev-develop"
|
||||||
},
|
},
|
||||||
"repositories": [
|
"repositories": [
|
||||||
{
|
{
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://github.com/thephpleague/oauth2-server.git"
|
"url": "https://github.com/thephpleague/oauth2-server.git"
|
||||||
|
},{
|
||||||
|
"type": "git",
|
||||||
|
"url": "https://github.com/alexbilbie/fizzfuzz.git"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"keywords": [
|
"keywords": [
|
||||||
|
@ -1,7 +1,4 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
namespace OAuth2Server\RelationalExample;
|
|
||||||
|
|
||||||
use \Orno\Http\Request;
|
use \Orno\Http\Request;
|
||||||
use \Orno\Http\Response;
|
use \Orno\Http\Response;
|
||||||
use \Orno\Http\JsonResponse;
|
use \Orno\Http\JsonResponse;
|
||||||
@ -32,26 +29,10 @@ $server = new ResourceServer(
|
|||||||
$scopeStorage
|
$scopeStorage
|
||||||
);
|
);
|
||||||
|
|
||||||
$server->setRequest($request);
|
// Routing setup
|
||||||
|
$request = (new Request)->createFromGlobals();
|
||||||
|
$router = new \Orno\Route\RouteCollection;
|
||||||
|
|
||||||
// Check that access token is present
|
|
||||||
try {
|
|
||||||
$server->isValidRequest(false);
|
|
||||||
} catch (\League\OAuth2\Server\Exception\OAuthException $e) {
|
|
||||||
|
|
||||||
foreach ($e->getHttpHeaders() as $header) {
|
|
||||||
header($header);
|
|
||||||
}
|
|
||||||
|
|
||||||
echo json_encode([
|
|
||||||
'error' => $e->errorType,
|
|
||||||
'message' => $e->getMessage()
|
|
||||||
]);
|
|
||||||
|
|
||||||
exit;
|
|
||||||
}
|
|
||||||
|
|
||||||
// GET /tokeninfo
|
|
||||||
$router->get('/tokeninfo', function (Request $request) use ($server) {
|
$router->get('/tokeninfo', function (Request $request) use ($server) {
|
||||||
|
|
||||||
$token = [
|
$token = [
|
||||||
@ -62,62 +43,50 @@ $router->get('/tokeninfo', function (Request $request) use ($server) {
|
|||||||
'scopes' => $server->getScopes()
|
'scopes' => $server->getScopes()
|
||||||
];
|
];
|
||||||
|
|
||||||
return new JsonResponse($token);
|
return new Response(json_encode($token));
|
||||||
|
|
||||||
});
|
});
|
||||||
|
|
||||||
// GET /users
|
|
||||||
$router->get('/users', function (Request $request) use ($server) {
|
|
||||||
|
|
||||||
$results = (new Model\Users())->get();
|
|
||||||
|
|
||||||
$users = [];
|
|
||||||
|
|
||||||
foreach ($results as $result) {
|
|
||||||
$user = [
|
|
||||||
'username' => $result['username'],
|
|
||||||
'name' => $result['name']
|
|
||||||
];
|
|
||||||
|
|
||||||
if ($server->hasScope('email')) {
|
|
||||||
$user['email'] = $result['email'];
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($server->hasScope('photo')) {
|
|
||||||
$user['photo'] = $result['photo'];
|
|
||||||
}
|
|
||||||
|
|
||||||
$users[] = $user;
|
|
||||||
}
|
|
||||||
|
|
||||||
return new JsonResponse($users);
|
|
||||||
});
|
|
||||||
|
|
||||||
// GET /users/{username}
|
|
||||||
$router->get('/users/{username}', function (Request $request, $args) use ($server) {
|
|
||||||
|
|
||||||
$result = (new Model\Users())->get($args['username']);
|
|
||||||
|
|
||||||
if (count($result) === 0) {
|
|
||||||
throw new NotFoundException();
|
|
||||||
}
|
|
||||||
|
|
||||||
$user = [
|
|
||||||
'username' => $result[0]['username'],
|
|
||||||
'name' => $result[0]['name']
|
|
||||||
];
|
|
||||||
|
|
||||||
if ($server->hasScope('email')) {
|
|
||||||
$user['email'] = $result[0]['email'];
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($server->hasScope('photo')) {
|
|
||||||
$user['photo'] = $result[0]['photo'];
|
|
||||||
}
|
|
||||||
|
|
||||||
return new JsonResponse($user);
|
|
||||||
});
|
|
||||||
|
|
||||||
$dispatcher = $router->getDispatcher();
|
$dispatcher = $router->getDispatcher();
|
||||||
$response = $dispatcher->dispatch($request->getMethod(), $request->getPathInfo());
|
|
||||||
|
try {
|
||||||
|
|
||||||
|
// Check that access token is present
|
||||||
|
$server->isValidRequest();
|
||||||
|
|
||||||
|
// A successful response
|
||||||
|
$response = $dispatcher->dispatch(
|
||||||
|
$request->getMethod(),
|
||||||
|
$request->getPathInfo()
|
||||||
|
);
|
||||||
|
|
||||||
|
} catch (\Orno\Http\Exception $e) {
|
||||||
|
|
||||||
|
// A failed response
|
||||||
|
$response = $e->getJsonResponse();
|
||||||
|
$response->setContent(json_encode(['status_code' => $e->getStatusCode(), 'message' => $e->getMessage()]));
|
||||||
|
|
||||||
|
} catch (\League\OAuth2\Server\Exception\OAuthException $e) {
|
||||||
|
|
||||||
|
$response = new Response(json_encode([
|
||||||
|
'error' => $e->errorType,
|
||||||
|
'message' => $e->getMessage()
|
||||||
|
]), $e->httpStatusCode);
|
||||||
|
|
||||||
|
foreach ($e->getHttpHeaders() as $header) {
|
||||||
|
$response->headers($header);
|
||||||
|
}
|
||||||
|
|
||||||
|
} catch (\Exception $e) {
|
||||||
|
|
||||||
|
$response = new Orno\Http\Response;
|
||||||
|
$response->setStatusCode(500);
|
||||||
|
$response->setContent(json_encode(['status_code' => 500, 'message' => $e->getMessage()]));
|
||||||
|
|
||||||
|
} finally {
|
||||||
|
|
||||||
|
// Return the response
|
||||||
|
$response->headers->set('Content-type', 'application/json');
|
||||||
$response->send();
|
$response->send();
|
||||||
|
|
||||||
|
}
|
@ -34,8 +34,7 @@ class InvalidGrantException extends OAuthException
|
|||||||
{
|
{
|
||||||
parent::__construct(
|
parent::__construct(
|
||||||
sprintf(
|
sprintf(
|
||||||
'The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used
|
'The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client. Check the "%s" parameter.',
|
||||||
in the authorization request, or was issued to another client. Check the "%s" parameter.',
|
|
||||||
$parameter
|
$parameter
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
|
@ -34,8 +34,7 @@ class InvalidRequestException extends OAuthException
|
|||||||
{
|
{
|
||||||
parent::__construct(
|
parent::__construct(
|
||||||
sprintf(
|
sprintf(
|
||||||
'The request is missing a required parameter, includes an invalid parameter value, includes a parameter
|
'The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the "%s" parameter.',
|
||||||
more than once, or is otherwise malformed. Check the "%s" parameter.',
|
|
||||||
$parameter
|
$parameter
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
|
@ -31,8 +31,7 @@ class ServerErrorException extends OAuthException
|
|||||||
*/
|
*/
|
||||||
public function __construct($parameter = null)
|
public function __construct($parameter = null)
|
||||||
{
|
{
|
||||||
$parameter = is_null($parameter) ? 'The authorization server encountered an unexpected condition which prevented
|
$parameter = is_null($parameter) ? 'The authorization server encountered an unexpected condition which prevented it from fulfilling the request.' : $parameter;
|
||||||
it from fulfilling the request.' : $parameter;
|
|
||||||
parent::__construct($parameter);
|
parent::__construct($parameter);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
14
tests/fuzz/tokeninfo-no-access-token.yml
Normal file
14
tests/fuzz/tokeninfo-no-access-token.yml
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
url: 'http://localhost:8000/api.php/tokeninfo'
|
||||||
|
request:
|
||||||
|
method: GET
|
||||||
|
response:
|
||||||
|
statusCode: 400
|
||||||
|
headers:
|
||||||
|
Content-type: application/json
|
||||||
|
body:
|
||||||
|
-
|
||||||
|
key: error
|
||||||
|
value: "invalid_request"
|
||||||
|
-
|
||||||
|
key: message
|
||||||
|
value: "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the \"access token\" parameter."
|
14
tests/fuzz/tokeninfo-no-invalid-token-query-string.yml
Normal file
14
tests/fuzz/tokeninfo-no-invalid-token-query-string.yml
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
url: 'http://localhost:8000/api.php/tokeninfo?access_token=foobar'
|
||||||
|
request:
|
||||||
|
method: GET
|
||||||
|
response:
|
||||||
|
statusCode: 400
|
||||||
|
headers:
|
||||||
|
Content-type: application/json
|
||||||
|
body:
|
||||||
|
-
|
||||||
|
key: error
|
||||||
|
value: "invalid_request"
|
||||||
|
-
|
||||||
|
key: message
|
||||||
|
value: "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the \"access token\" parameter."
|
18
tests/fuzz/tokeninfo-no-invalid-token.yml
Normal file
18
tests/fuzz/tokeninfo-no-invalid-token.yml
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
url: 'http://localhost:8000/api.php/tokeninfo'
|
||||||
|
request:
|
||||||
|
method: GET
|
||||||
|
headers:
|
||||||
|
-
|
||||||
|
key: Authorization
|
||||||
|
value: Bearer foobar
|
||||||
|
response:
|
||||||
|
statusCode: 401
|
||||||
|
headers:
|
||||||
|
Content-type: application/json
|
||||||
|
body:
|
||||||
|
-
|
||||||
|
key: error
|
||||||
|
value: "access_denied"
|
||||||
|
-
|
||||||
|
key: message
|
||||||
|
value: "The resource owner or authorization server denied the request."
|
24
tests/fuzz/tokeninfo-valid-token.yml
Normal file
24
tests/fuzz/tokeninfo-valid-token.yml
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
url: 'http://localhost:8000/api.php/tokeninfo'
|
||||||
|
request:
|
||||||
|
method: GET
|
||||||
|
headers:
|
||||||
|
-
|
||||||
|
key: Authorization
|
||||||
|
value: "Bearer iamgod"
|
||||||
|
response:
|
||||||
|
statusCode: 200
|
||||||
|
headers:
|
||||||
|
Content-type: application/json
|
||||||
|
body:
|
||||||
|
-
|
||||||
|
key: owner_id
|
||||||
|
value: testclient
|
||||||
|
-
|
||||||
|
key: owner_type
|
||||||
|
value: client
|
||||||
|
-
|
||||||
|
key: access_token
|
||||||
|
value: iamgod
|
||||||
|
-
|
||||||
|
key: client_id
|
||||||
|
value: testclient
|
Loading…
x
Reference in New Issue
Block a user