ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2025-01-08 21:14:00 +05:30
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'v4.0.0-relational-example' of github.com:thephpleague/oauth2-server into v4.0.0-relational-example

Browse Source
This commit is contained in:
Alex Bilbie 2014-08-04 10:54:50 +01:00
commit 2637af87ec
9 changed files with 124 additions and 84 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
composer.json
View File

@ -13,12 +13,16 @@
"mockery/mockery": "~0.9", "mockery/mockery": "~0.9",
"league/phpunit-coverage-listener": "~1.0", "league/phpunit-coverage-listener": "~1.0",
"squizlabs/php_codesniffer": "1.*", "squizlabs/php_codesniffer": "1.*",
"codeception/codeception": "2.0.*" "codeception/codeception": "2.0.*",
"alexbilbie/fizzfuzz": "dev-develop"
}, },
"repositories": [ "repositories": [
{ {
"type": "git", "type": "git",
"url": "https://github.com/thephpleague/oauth2-server.git" "url": "https://github.com/thephpleague/oauth2-server.git"
},{
"type": "git",
"url": "https://github.com/alexbilbie/fizzfuzz.git"
} }
], ],
"keywords": [ "keywords": [

123
examples/relational/api.php
View File

@ -1,7 +1,4 @@
<?php <?php
namespace OAuth2Server\RelationalExample;
use \Orno\Http\Request; use \Orno\Http\Request;
use \Orno\Http\Response; use \Orno\Http\Response;
use \Orno\Http\JsonResponse; use \Orno\Http\JsonResponse;
@ -32,26 +29,10 @@ $server = new ResourceServer(
$scopeStorage $scopeStorage
); );
$server->setRequest($request); // Routing setup
$request = (new Request)->createFromGlobals();
$router = new \Orno\Route\RouteCollection;
// Check that access token is present
try {
$server->isValidRequest(false);
} catch (\League\OAuth2\Server\Exception\OAuthException $e) {
foreach ($e->getHttpHeaders() as $header) {
header($header);
}
echo json_encode([
'error' => $e->errorType,
'message' => $e->getMessage()
]);
exit;
}
// GET /tokeninfo
$router->get('/tokeninfo', function (Request $request) use ($server) { $router->get('/tokeninfo', function (Request $request) use ($server) {
$token = [ $token = [
@ -62,62 +43,50 @@ $router->get('/tokeninfo', function (Request $request) use ($server) {
'scopes' => $server->getScopes() 'scopes' => $server->getScopes()
]; ];
return new JsonResponse($token); return new Response(json_encode($token));
}); });
// GET /users
$router->get('/users', function (Request $request) use ($server) {
$results = (new Model\Users())->get();
$users = [];
foreach ($results as $result) {
$user = [
'username' => $result['username'],
'name' => $result['name']
];
if ($server->hasScope('email')) {
$user['email'] = $result['email'];
}
if ($server->hasScope('photo')) {
$user['photo'] = $result['photo'];
}
$users[] = $user;
}
return new JsonResponse($users);
});
// GET /users/{username}
$router->get('/users/{username}', function (Request $request, $args) use ($server) {
$result = (new Model\Users())->get($args['username']);
if (count($result) === 0) {
throw new NotFoundException();
}
$user = [
'username' => $result[0]['username'],
'name' => $result[0]['name']
];
if ($server->hasScope('email')) {
$user['email'] = $result[0]['email'];
}
if ($server->hasScope('photo')) {
$user['photo'] = $result[0]['photo'];
}
return new JsonResponse($user);
});
$dispatcher = $router->getDispatcher(); $dispatcher = $router->getDispatcher();
$response = $dispatcher->dispatch($request->getMethod(), $request->getPathInfo());
$response->send(); try {
// Check that access token is present
$server->isValidRequest();
// A successful response
$response = $dispatcher->dispatch(
$request->getMethod(),
$request->getPathInfo()
);
} catch (\Orno\Http\Exception $e) {
// A failed response
$response = $e->getJsonResponse();
$response->setContent(json_encode(['status_code' => $e->getStatusCode(), 'message' => $e->getMessage()]));
} catch (\League\OAuth2\Server\Exception\OAuthException $e) {
$response = new Response(json_encode([
'error' => $e->errorType,
'message' => $e->getMessage()
]), $e->httpStatusCode);
foreach ($e->getHttpHeaders() as $header) {
$response->headers($header);
}
} catch (\Exception $e) {
$response = new Orno\Http\Response;
$response->setStatusCode(500);
$response->setContent(json_encode(['status_code' => 500, 'message' => $e->getMessage()]));
} finally {
// Return the response
$response->headers->set('Content-type', 'application/json');
$response->send();
}

3
src/Exception/InvalidGrantException.php
View File

@ -34,8 +34,7 @@ class InvalidGrantException extends OAuthException
{ {
parent::__construct( parent::__construct(
sprintf( sprintf(
'The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used 'The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client. Check the "%s" parameter.',
in the authorization request, or was issued to another client. Check the "%s" parameter.',
$parameter $parameter
) )
); );

3
src/Exception/InvalidRequestException.php
View File

@ -34,8 +34,7 @@ class InvalidRequestException extends OAuthException
{ {
parent::__construct( parent::__construct(
sprintf( sprintf(
'The request is missing a required parameter, includes an invalid parameter value, includes a parameter 'The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the "%s" parameter.',
more than once, or is otherwise malformed. Check the "%s" parameter.',
$parameter $parameter
) )
); );

3
src/Exception/ServerErrorException.php
View File

@ -31,8 +31,7 @@ class ServerErrorException extends OAuthException
*/ */
public function __construct($parameter = null) public function __construct($parameter = null)
{ {
$parameter = is_null($parameter) ? 'The authorization server encountered an unexpected condition which prevented $parameter = is_null($parameter) ? 'The authorization server encountered an unexpected condition which prevented it from fulfilling the request.' : $parameter;
it from fulfilling the request.' : $parameter;
parent::__construct($parameter); parent::__construct($parameter);
} }
} }

14
tests/fuzz/tokeninfo-no-access-token.yml Normal file
View File

@ -0,0 +1,14 @@
url: 'http://localhost:8000/api.php/tokeninfo'
request:
method: GET
response:
statusCode: 400
headers:
Content-type: application/json
body:
-
key: error
value: "invalid_request"
-
key: message
value: "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the \"access token\" parameter."

14
tests/fuzz/tokeninfo-no-invalid-token-query-string.yml Normal file
View File

@ -0,0 +1,14 @@
url: 'http://localhost:8000/api.php/tokeninfo?access_token=foobar'
request:
method: GET
response:
statusCode: 400
headers:
Content-type: application/json
body:
-
key: error
value: "invalid_request"
-
key: message
value: "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the \"access token\" parameter."

18
tests/fuzz/tokeninfo-no-invalid-token.yml Normal file
View File

@ -0,0 +1,18 @@
url: 'http://localhost:8000/api.php/tokeninfo'
request:
method: GET
headers:
-
key: Authorization
value: Bearer foobar
response:
statusCode: 401
headers:
Content-type: application/json
body:
-
key: error
value: "access_denied"
-
key: message
value: "The resource owner or authorization server denied the request."

24
tests/fuzz/tokeninfo-valid-token.yml Normal file
View File

@ -0,0 +1,24 @@
url: 'http://localhost:8000/api.php/tokeninfo'
request:
method: GET
headers:
-
key: Authorization
value: "Bearer iamgod"
response:
statusCode: 200
headers:
Content-type: application/json
body:
-
key: owner_id
value: testclient
-
key: owner_type
value: client
-
key: access_token
value: iamgod
-
key: client_id
value: testclient