ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2024-11-01 16:33:07 +05:30
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'v4.0.0-relational-example' of github.com:thephpleague/oauth2-server into v4.0.0-relational-example

Browse Source
This commit is contained in:
Alex Bilbie 2014-08-04 10:54:50 +01:00
commit 2637af87ec
9 changed files with 124 additions and 84 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
composer.json
View File

@ -13,12 +13,16 @@
"mockery/mockery": "~0.9",
"league/phpunit-coverage-listener": "~1.0",
"squizlabs/php_codesniffer": "1.*",
"codeception/codeception": "2.0.*"
"codeception/codeception": "2.0.*",
"alexbilbie/fizzfuzz": "dev-develop"
},
"repositories": [
{
"type": "git",
"url": "https://github.com/thephpleague/oauth2-server.git"
},{
"type": "git",
"url": "https://github.com/alexbilbie/fizzfuzz.git"
}
],
"keywords": [

121
examples/relational/api.php
View File

@ -1,7 +1,4 @@
<?php
namespace OAuth2Server\RelationalExample;
use \Orno\Http\Request;
use \Orno\Http\Response;
use \Orno\Http\JsonResponse;
@ -32,26 +29,10 @@ $server = new ResourceServer(
$scopeStorage
);
$server->setRequest($request);
// Routing setup
$request = (new Request)->createFromGlobals();
$router = new \Orno\Route\RouteCollection;
// Check that access token is present
try {
$server->isValidRequest(false);
} catch (\League\OAuth2\Server\Exception\OAuthException $e) {
foreach ($e->getHttpHeaders() as $header) {
header($header);
}
echo json_encode([
'error' => $e->errorType,
'message' => $e->getMessage()
]);
exit;
}
// GET /tokeninfo
$router->get('/tokeninfo', function (Request $request) use ($server) {
$token = [
@ -62,62 +43,50 @@ $router->get('/tokeninfo', function (Request $request) use ($server) {
'scopes' => $server->getScopes()
];
return new JsonResponse($token);
return new Response(json_encode($token));
});
// GET /users
$router->get('/users', function (Request $request) use ($server) {
$results = (new Model\Users())->get();
$users = [];
foreach ($results as $result) {
$user = [
'username' => $result['username'],
'name' => $result['name']
];
if ($server->hasScope('email')) {
$user['email'] = $result['email'];
}
if ($server->hasScope('photo')) {
$user['photo'] = $result['photo'];
}
$users[] = $user;
}
return new JsonResponse($users);
});
// GET /users/{username}
$router->get('/users/{username}', function (Request $request, $args) use ($server) {
$result = (new Model\Users())->get($args['username']);
if (count($result) === 0) {
throw new NotFoundException();
}
$user = [
'username' => $result[0]['username'],
'name' => $result[0]['name']
];
if ($server->hasScope('email')) {
$user['email'] = $result[0]['email'];
}
if ($server->hasScope('photo')) {
$user['photo'] = $result[0]['photo'];
}
return new JsonResponse($user);
});
$dispatcher = $router->getDispatcher();
$response = $dispatcher->dispatch($request->getMethod(), $request->getPathInfo());
try {
// Check that access token is present
$server->isValidRequest();
// A successful response
$response = $dispatcher->dispatch(
$request->getMethod(),
$request->getPathInfo()
);
} catch (\Orno\Http\Exception $e) {
// A failed response
$response = $e->getJsonResponse();
$response->setContent(json_encode(['status_code' => $e->getStatusCode(), 'message' => $e->getMessage()]));
} catch (\League\OAuth2\Server\Exception\OAuthException $e) {
$response = new Response(json_encode([
'error' => $e->errorType,
'message' => $e->getMessage()
]), $e->httpStatusCode);
foreach ($e->getHttpHeaders() as $header) {
$response->headers($header);
}
} catch (\Exception $e) {
$response = new Orno\Http\Response;
$response->setStatusCode(500);
$response->setContent(json_encode(['status_code' => 500, 'message' => $e->getMessage()]));
} finally {
// Return the response
$response->headers->set('Content-type', 'application/json');
$response->send();
}

3
src/Exception/InvalidGrantException.php
View File

@ -34,8 +34,7 @@ class InvalidGrantException extends OAuthException
{
parent::__construct(
sprintf(
'The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used
in the authorization request, or was issued to another client. Check the "%s" parameter.',
'The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client. Check the "%s" parameter.',
$parameter
)
);

3
src/Exception/InvalidRequestException.php
View File

@ -34,8 +34,7 @@ class InvalidRequestException extends OAuthException
{
parent::__construct(
sprintf(
'The request is missing a required parameter, includes an invalid parameter value, includes a parameter
more than once, or is otherwise malformed. Check the "%s" parameter.',
'The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the "%s" parameter.',
$parameter
)
);

3
src/Exception/ServerErrorException.php
View File

@ -31,8 +31,7 @@ class ServerErrorException extends OAuthException
*/
public function __construct($parameter = null)
{
$parameter = is_null($parameter) ? 'The authorization server encountered an unexpected condition which prevented
it from fulfilling the request.' : $parameter;
$parameter = is_null($parameter) ? 'The authorization server encountered an unexpected condition which prevented it from fulfilling the request.' : $parameter;
parent::__construct($parameter);
}
}

14
tests/fuzz/tokeninfo-no-access-token.yml Normal file
View File

@ -0,0 +1,14 @@
url: 'http://localhost:8000/api.php/tokeninfo'
request:
method: GET
response:
statusCode: 400
headers:
Content-type: application/json
body:
-
key: error
value: "invalid_request"
-
key: message
value: "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the \"access token\" parameter."

14
tests/fuzz/tokeninfo-no-invalid-token-query-string.yml Normal file
View File

@ -0,0 +1,14 @@
url: 'http://localhost:8000/api.php/tokeninfo?access_token=foobar'
request:
method: GET
response:
statusCode: 400
headers:
Content-type: application/json
body:
-
key: error
value: "invalid_request"
-
key: message
value: "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the \"access token\" parameter."

18
tests/fuzz/tokeninfo-no-invalid-token.yml Normal file
View File

@ -0,0 +1,18 @@
url: 'http://localhost:8000/api.php/tokeninfo'
request:
method: GET
headers:
-
key: Authorization
value: Bearer foobar
response:
statusCode: 401
headers:
Content-type: application/json
body:
-
key: error
value: "access_denied"
-
key: message
value: "The resource owner or authorization server denied the request."

24
tests/fuzz/tokeninfo-valid-token.yml Normal file
View File

@ -0,0 +1,24 @@
url: 'http://localhost:8000/api.php/tokeninfo'
request:
method: GET
headers:
-
key: Authorization
value: "Bearer iamgod"
response:
statusCode: 200
headers:
Content-type: application/json
body:
-
key: owner_id
value: testclient
-
key: owner_type
value: client
-
key: access_token
value: iamgod
-
key: client_id
value: testclient