ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2025-01-03 18:51:53 +05:30
Code Issues Packages Projects Releases Wiki Activity

Updates

Browse Source
This commit is contained in:
Alex Bilbie 2015-11-13 17:41:05 +00:00
parent 96a0c34d41
commit 32b451aa21
4 changed files with 58 additions and 100 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/Grant/AbstractGrant.php
View File

@ -11,10 +11,10 @@
namespace League\OAuth2\Server\Grant; namespace League\OAuth2\Server\Grant;
use League\Event\Emitter; use League\Event\EmitterInterface;
use League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface; use League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface;
use League\OAuth2\Server\Entities\ScopeEntity; use League\OAuth2\Server\Entities\ScopeEntity;
use League\OAuth2\Server\Exception; use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface; use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\ClientRepositoryInterface; use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
use League\OAuth2\Server\Repositories\ScopeRepositoryInterface; use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
@ -102,7 +102,7 @@ abstract class AbstractGrant implements GrantTypeInterface
* @param string $redirectUri * @param string $redirectUri
* *
* @return \League\OAuth2\Server\Entities\ScopeEntity[] * @return \League\OAuth2\Server\Entities\ScopeEntity[]
* @throws \League\OAuth2\Server\Exception\InvalidScopeException * @throws \League\OAuth2\Server\Exception\OAuthServerException
*/ */
public function validateScopes( public function validateScopes(
$scopeParamValue, $scopeParamValue,
@ -119,14 +119,14 @@ abstract class AbstractGrant implements GrantTypeInterface
$scopes = []; $scopes = [];
foreach ($scopesList as $scopeItem) { foreach ($scopesList as $scopeItem) {
$scope = $this->scopeRepository->get( $scope = $this->scopeRepository->getScopeEntityByIdentifier(
$scopeItem, $scopeItem,
$this->getIdentifier(), $this->getIdentifier(),
$client->getIdentifier() $client->getIdentifier()
); );
if (($scope instanceof ScopeEntity) === false) { if (($scope instanceof ScopeEntity) === false) {
throw new Exception\InvalidScopeException($scopeItem, $redirectUri); throw OAuthServerException::invalidScope($scopeItem, null, null, $redirectUri);
} }
$scopes[] = $scope; $scopes[] = $scope;
@ -136,9 +136,9 @@ abstract class AbstractGrant implements GrantTypeInterface
} }
/** /**
* @param Emitter $emitter * @inheritdoc
*/ */
public function setEmitter(Emitter $emitter) public function setEmitter(EmitterInterface $emitter)
{ {
$this->emitter = $emitter; $this->emitter = $emitter;
} }

40
src/Grant/ClientCredentialsGrant.php
View File

@ -15,8 +15,8 @@ use DateInterval;
use League\Event\Event; use League\Event\Event;
use League\OAuth2\Server\Entities\AccessTokenEntity; use League\OAuth2\Server\Entities\AccessTokenEntity;
use League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface; use League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface;
use League\OAuth2\Server\Exception; use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\TokenTypes\TokenTypeInterface; use League\OAuth2\Server\ResponseTypes\ResponseTypeInterface;
use League\OAuth2\Server\Utils\SecureKey; use League\OAuth2\Server\Utils\SecureKey;
use Psr\Http\Message\ServerRequestInterface; use Psr\Http\Message\ServerRequestInterface;
@ -33,47 +33,37 @@ class ClientCredentialsGrant extends AbstractGrant
protected $identifier = 'client_credentials'; protected $identifier = 'client_credentials';
/** /**
* Return an access token * @inheritdoc
*
* @param \Psr\Http\Message\ServerRequestInterface $request
* @param \League\OAuth2\Server\TokenTypes\TokenTypeInterface $tokenType
* @param \DateInterval $accessTokenTTL
* @param string $scopeDelimiter
*
* @return \League\OAuth2\Server\TokenTypes\TokenTypeInterface
* @throws \League\OAuth2\Server\Exception\InvalidClientException
* @throws \League\OAuth2\Server\Exception\InvalidRequestException
* @throws \League\OAuth2\Server\Exception\InvalidScopeException
*/ */
public function respondToRequest( public function respondToRequest(
ServerRequestInterface $request, ServerRequestInterface $request,
TokenTypeInterface $tokenType, ResponseTypeInterface $responseType,
DateInterval $accessTokenTTL, DateInterval $accessTokenTTL,
$scopeDelimiter = ' ' $scopeDelimiter = ' '
) { ) {
// Get the required params // Get the required params
$clientId = isset($request->getParsedBody()['client_id']) $clientId = isset($request->getParsedBody()['client_id'])
? $request->getParsedBody()['client_id'] // $_POST['client_id'] ? $request->getParsedBody()['client_id'] // $_POST['client_id']
: isset($request->getServerParams()['PHP_AUTH_USER']) : (isset($request->getServerParams()['PHP_AUTH_USER'])
? $request->getServerParams()['PHP_AUTH_USER'] // $_SERVER['PHP_AUTH_USER'] ? $request->getServerParams()['PHP_AUTH_USER'] // $_SERVER['PHP_AUTH_USER']
: null; : null);
if (is_null($clientId)) { if (is_null($clientId)) {
throw new Exception\InvalidRequestException('client_id'); throw OAuthServerException::invalidRequest('client_id', null, '`%s` parameter is missing');
} }
$clientSecret = isset($request->getParsedBody()['client_secret']) $clientSecret = isset($request->getParsedBody()['client_secret'])
? $request->getParsedBody()['client_secret'] // $_POST['client_id'] ? $request->getParsedBody()['client_secret'] // $_POST['client_id']
: isset($request->getServerParams()['PHP_AUTH_PW']) : (isset($request->getServerParams()['PHP_AUTH_PW'])
? $request->getServerParams()['PHP_AUTH_PW'] // $_SERVER['PHP_AUTH_USER'] ? $request->getServerParams()['PHP_AUTH_PW'] // $_SERVER['PHP_AUTH_USER']
: null; : null);
if (is_null($clientSecret)) { if (is_null($clientSecret)) {
throw new Exception\InvalidRequestException('client_secret'); throw OAuthServerException::invalidRequest('client_secret', null, '`%s` parameter is missing');
} }
// Validate client ID and client secret // Validate client ID and client secret
$client = $this->clientRepository->get( $client = $this->clientRepository->getClientEntity(
$clientId, $clientId,
$clientSecret, $clientSecret,
null, null,
@ -82,7 +72,7 @@ class ClientCredentialsGrant extends AbstractGrant
if (($client instanceof ClientEntityInterface) === false) { if (($client instanceof ClientEntityInterface) === false) {
$this->emitter->emit(new Event('client.authentication.failed', $request)); $this->emitter->emit(new Event('client.authentication.failed', $request));
throw new Exception\InvalidClientException(); throw OAuthServerException::invalidClient();
} }
// Validate any scopes that are in the request // Validate any scopes that are in the request
@ -104,12 +94,12 @@ class ClientCredentialsGrant extends AbstractGrant
} }
// Save the token // Save the token
$this->accessTokenRepository->create($accessToken); $this->accessTokenRepository->persistNewAccessToken($accessToken);
// Inject access token into token type // Inject access token into token type
$tokenType->setAccessToken($accessToken); $responseType->setAccessToken($accessToken);
return $tokenType; return $responseType;
} }
/** /**

20
src/Grant/GrantTypeInterface.php
View File

@ -12,8 +12,8 @@
namespace League\OAuth2\Server\Grant; namespace League\OAuth2\Server\Grant;
use DateInterval; use DateInterval;
use League\Event\Emitter; use League\Event\EmitterInterface;
use League\OAuth2\Server\TokenTypes\TokenTypeInterface; use League\OAuth2\Server\ResponseTypes\ResponseTypeInterface;
use Psr\Http\Message\ServerRequestInterface; use Psr\Http\Message\ServerRequestInterface;
/** /**
@ -38,16 +38,16 @@ interface GrantTypeInterface
/** /**
* Return an access token * Return an access token
* *
* @param \Psr\Http\Message\ServerRequestInterface $request * @param \Psr\Http\Message\ServerRequestInterface $request
* @param \League\OAuth2\Server\TokenTypes\TokenTypeInterface $tokenType * @param \League\OAuth2\Server\ResponseTypes\ResponseTypeInterface $tokenType
* @param \DateInterval $accessTokenTTL * @param \DateInterval $accessTokenTTL
* @param string $scopeDelimiter * @param string $scopeDelimiter
* *
* @return \League\OAuth2\Server\TokenTypes\TokenTypeInterface * @return \League\OAuth2\Server\ResponseTypes\ResponseTypeInterface
*/ */
public function respondToRequest( public function respondToRequest(
ServerRequestInterface $request, ServerRequestInterface $request,
TokenTypeInterface $tokenType, ResponseTypeInterface $tokenType,
DateInterval $accessTokenTTL, DateInterval $accessTokenTTL,
$scopeDelimiter = ' ' $scopeDelimiter = ' '
); );
@ -69,7 +69,7 @@ interface GrantTypeInterface
/** /**
* Set the event emitter * Set the event emitter
* *
* @param \League\Event\Emitter $emitter * @param \League\Event\EmitterInterface $emitter
*/ */
public function setEmitter(Emitter $emitter); public function setEmitter(EmitterInterface $emitter);
} }

84
src/Server.php
View File

@ -5,15 +5,10 @@ namespace League\OAuth2\Server;
use DateInterval; use DateInterval;
use League\Event\EmitterAwareInterface; use League\Event\EmitterAwareInterface;
use League\Event\EmitterAwareTrait; use League\Event\EmitterAwareTrait;
use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Grant\GrantTypeInterface; use League\OAuth2\Server\Grant\GrantTypeInterface;
//use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface; use League\OAuth2\Server\ResponseTypes\BearerTokenResponse;
//use League\OAuth2\Server\Repositories\AuthCodeRepositoryInterface; use League\OAuth2\Server\ResponseTypes\ResponseTypeInterface;
//use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
use League\OAuth2\Server\Repositories\RepositoryInterface;
//use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
//use League\OAuth2\Server\Repositories\UserRepositoryInterface;
use League\OAuth2\Server\TokenTypes\BearerTokenType;
use League\OAuth2\Server\TokenTypes\TokenTypeInterface;
use Psr\Http\Message\ServerRequestInterface; use Psr\Http\Message\ServerRequestInterface;
use Zend\Diactoros\ServerRequestFactory; use Zend\Diactoros\ServerRequestFactory;
@ -27,9 +22,9 @@ class Server implements EmitterAwareInterface
protected $enabledGrantTypes = []; protected $enabledGrantTypes = [];
/** /**
* @var TokenTypeInterface[] * @var ResponseTypeInterface[]
*/ */
protected $grantTypeTokenTypes = []; protected $grantResponseTypes = [];
/** /**
* @var DateInterval[] * @var DateInterval[]
@ -37,9 +32,9 @@ class Server implements EmitterAwareInterface
protected $grantTypeAccessTokenTTL = []; protected $grantTypeAccessTokenTTL = [];
/** /**
* @var TokenTypeInterface * @var ResponseTypeInterface
*/ */
protected $defaultTokenType; protected $defaultResponseType;
/** /**
* @var DateInterval * @var DateInterval
@ -51,28 +46,23 @@ class Server implements EmitterAwareInterface
*/ */
protected $scopeDelimiterString = ' '; protected $scopeDelimiterString = ' ';
/**
* @var RepositoryInterface[]
*/
// protected $repositories = [];
/** /**
* New server instance * New server instance
*/ */
public function __construct() public function __construct()
{ {
$this->setDefaultTokenType(new BearerTokenType()); $this->setDefaultResponseType(new BearerTokenResponse());
$this->setDefaultAccessTokenTTL(new DateInterval('PT01H')); // default of 1 hour $this->setDefaultAccessTokenTTL(new DateInterval('PT01H')); // default token TTL of 1 hour
} }
/** /**
* Set the default token type that grants will return * Set the default token type that grants will return
* *
* @param TokenTypeInterface $defaultTokenType * @param ResponseTypeInterface $defaultTokenType
*/ */
public function setDefaultTokenType(TokenTypeInterface $defaultTokenType) public function setDefaultResponseType(ResponseTypeInterface $defaultTokenType)
{ {
$this->defaultTokenType = $defaultTokenType; $this->defaultResponseType = $defaultTokenType;
} }
/** /**
@ -99,22 +89,22 @@ class Server implements EmitterAwareInterface
* Enable a grant type on the server * Enable a grant type on the server
* *
* @param \League\OAuth2\Server\Grant\GrantTypeInterface $grantType * @param \League\OAuth2\Server\Grant\GrantTypeInterface $grantType
* @param TokenTypeInterface $tokenType * @param ResponseTypeInterface $responseType
* @param DateInterval $accessTokenTTL * @param DateInterval $accessTokenTTL
*/ */
public function enableGrantType( public function enableGrantType(
GrantTypeInterface $grantType, GrantTypeInterface $grantType,
TokenTypeInterface $tokenType = null, ResponseTypeInterface $responseType = null,
DateInterval $accessTokenTTL = null DateInterval $accessTokenTTL = null
) { ) {
$grantType->setEmitter($this->getEmitter()); $grantType->setEmitter($this->getEmitter());
$this->enabledGrantTypes[$grantType->getIdentifier()] = $grantType; $this->enabledGrantTypes[$grantType->getIdentifier()] = $grantType;
// Set grant response type // Set grant response type
if ($tokenType instanceof TokenTypeInterface) { if ($responseType instanceof ResponseTypeInterface) {
$this->grantTypeTokenTypes[$grantType->getIdentifier()] = $tokenType; $this->grantResponseTypes[$grantType->getIdentifier()] = $responseType;
} else { } else {
$this->grantTypeTokenTypes[$grantType->getIdentifier()] = $this->defaultTokenType; $this->grantResponseTypes[$grantType->getIdentifier()] = $this->defaultResponseType;
} }
// Set grant access token TTL // Set grant access token TTL
@ -130,8 +120,8 @@ class Server implements EmitterAwareInterface
* *
* @param \Psr\Http\Message\ServerRequestInterface $request * @param \Psr\Http\Message\ServerRequestInterface $request
* *
* @return \League\OAuth2\Server\TokenTypes\TokenTypeInterface * @return \League\OAuth2\Server\ResponseTypes\ResponseTypeInterface
* @throws \League\OAuth2\Server\Exception\InvalidGrantException * @throws \League\OAuth2\Server\Exception\OAuthServerException
*/ */
public function respondToRequest(ServerRequestInterface $request = null) public function respondToRequest(ServerRequestInterface $request = null)
{ {
@ -139,46 +129,24 @@ class Server implements EmitterAwareInterface
$request = ServerRequestFactory::fromGlobals(); $request = ServerRequestFactory::fromGlobals();
} }
$response = null; $tokenResponse = null;
foreach ($this->enabledGrantTypes as $grantType) { foreach ($this->enabledGrantTypes as $grantType) {
if ($grantType->canRespondToRequest($request)) { if ($grantType->canRespondToRequest($request)) {
$response = $grantType->respondToRequest( $tokenResponse = $grantType->respondToRequest(
$request, $request,
$this->grantTypeTokenTypes[$grantType->getIdentifier()], $this->grantResponseTypes[$grantType->getIdentifier()],
$this->grantTypeAccessTokenTTL[$grantType->getIdentifier()], $this->grantTypeAccessTokenTTL[$grantType->getIdentifier()],
$this->scopeDelimiterString $this->scopeDelimiterString
); );
} }
} }
if ($response === null) { if ($tokenResponse instanceof ResponseTypeInterface) {
// do something here return $tokenResponse->generateHttpResponse();
} else {
$response = OAuthServerException::unsupportedGrantType()->generateHttpResponse();
} }
return $response; return $response;
} }
/**
* @param \League\OAuth2\Server\Repositories\RepositoryInterface $repository
*/
/*public function addRepository(RepositoryInterface $repository)
{
switch ($repository) {
case ($repository instanceof AccessTokenRepositoryInterface):
$this->repositories[AccessTokenRepositoryInterface::class] = $repository;
break;
case ($repository instanceof ClientRepositoryInterface):
$this->repositories[ClientRepositoryInterface::class] = $repository;
break;
case ($repository instanceof ScopeRepositoryInterface):
$this->repositories[ScopeRepositoryInterface::class] = $repository;
break;
case ($repository instanceof UserRepositoryInterface):
$this->repositories[UserRepositoryInterface::class] = $repository;
break;
case ($repository instanceof AuthCodeRepositoryInterface):
$this->repositories[AuthCodeRepositoryInterface::class] = $repository;
break;
}
}*/
} }