From 34a7d14557314465508c5882a86fc30fe48dd293 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Mon, 4 Mar 2013 13:15:12 +0000 Subject: [PATCH] Added requireStateParam() method. Fixes #9 --- src/OAuth2/AuthServer.php | 28 ++++++++++++++++++++++---- tests/authorization/AuthServerTest.php | 19 ++++++++++++++--- 2 files changed, 40 insertions(+), 7 deletions(-) diff --git a/src/OAuth2/AuthServer.php b/src/OAuth2/AuthServer.php index 96551343..995e1c75 100644 --- a/src/OAuth2/AuthServer.php +++ b/src/OAuth2/AuthServer.php @@ -61,7 +61,13 @@ class AuthServer * Require the "scope" parameter to be in checkAuthoriseParams() * @var boolean */ - protected $requireScopes = true; + protected $requireScopeParam = true; + + /** + * Require the "state" parameter to be in checkAuthoriseParams() + * @var boolean + */ + protected $requireStateParam = false; /** * The request object @@ -175,9 +181,19 @@ class AuthServer * @param boolean $require * @return void */ - public function requireScopes($require = true) + public function requireScopeParam($require = true) { - $this->requireScopes = $require; + $this->requireScopeParam = $require; + } + + /** + * Require the "state" paremter in checkAuthoriseParams() + * @param boolean $require + * @return void + */ + public function requireStateParam($require = false) + { + $this->requireStateParam = $require; } /** @@ -275,6 +291,10 @@ class AuthServer throw new Exception\ClientException(sprintf(self::$exceptionMessages['invalid_request'], 'redirect_uri'), 0); } + if ($this->requireStateParam === true && is_null($authParams['redirect_uri'])) { + throw new Exception\ClientException(sprintf(self::$exceptionMessages['invalid_request'], 'redirect_uri'), 0); + } + // Validate client ID and redirect URI $clientDetails = self::getStorage('client')->getClient($authParams['client_id'], null, $authParams['redirect_uri']); @@ -301,7 +321,7 @@ class AuthServer if ($scopes[$i] === '') unset($scopes[$i]); // Remove any junk scopes } - if ($this->requireScopes === true && count($scopes) === 0) { + if ($this->requireScopeParam === true && count($scopes) === 0) { throw new Exception\ClientException(sprintf(self::$exceptionMessages['invalid_request'], 'scope'), 0); } diff --git a/tests/authorization/AuthServerTest.php b/tests/authorization/AuthServerTest.php index 6fa2f9a3..6ab843f3 100644 --- a/tests/authorization/AuthServerTest.php +++ b/tests/authorization/AuthServerTest.php @@ -89,19 +89,32 @@ class Authorization_Server_test extends PHPUnit_Framework_TestCase $this->assertEquals(';', $a->getScopeDelimeter()); } - public function test_requireScopes() + public function test_requireScopeParam() { $a = $this->returnDefault(); - $a->requireScopes(false); + $a->requireScopeParam(false); $reflector = new ReflectionClass($a); - $requestProperty = $reflector->getProperty('requireScopes'); + $requestProperty = $reflector->getProperty('requireScopeParam'); $requestProperty->setAccessible(true); $v = $requestProperty->getValue($a); $this->assertFalse($v); } + public function test_requireStateParam() + { + $a = $this->returnDefault(); + $a->requireStateParam(true); + + $reflector = new ReflectionClass($a); + $requestProperty = $reflector->getProperty('requireStateParam'); + $requestProperty->setAccessible(true); + $v = $requestProperty->getValue($a); + + $this->assertTrue($v); + } + public function test_getExpiresIn() { $a = $this->returnDefault();