ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2024-12-22 21:19:46 +05:30
Code Issues Packages Projects Releases Wiki Activity

Use __toString() for access token

Browse Source
This commit is contained in:
Andrew Millington 2018-05-23 16:34:39 +01:00
parent 4b0383b16c
commit 61156ef8c7
No known key found for this signature in database
GPG Key ID: 077754CA23023F4F
11 changed files with 50 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/Entities/AccessTokenEntityInterface.php
View File

@ -14,7 +14,12 @@ use League\OAuth2\Server\CryptKey;
interface AccessTokenEntityInterface extends TokenInterface interface AccessTokenEntityInterface extends TokenInterface
{ {
/** /**
* Generate a string representation from the access token * Set a private key used to encrypt the access token.
*/ */
public function convertToAccessToken(CryptKey $privateKey); public function setPrivateKey(CryptKey $privateKey);
/**
* Generate a string representation of the access token.
*/
public function __toString();
} }

19
src/Entities/Traits/AccessTokenTrait.php
View File

@ -19,6 +19,19 @@ use League\OAuth2\Server\Entities\ScopeEntityInterface;
trait AccessTokenTrait trait AccessTokenTrait
{ {
/**
* @var CryptKey $privateKey
*/
private $privateKey;
/**
* Set the private key used to encrypt this access token.
*/
public function setPrivateKey(CryptKey $privateKey)
{
$this->privateKey = $privateKey;
}
/** /**
* Generate a JWT from the access token * Generate a JWT from the access token
* *
@ -26,7 +39,7 @@ trait AccessTokenTrait
* *
* @return Token * @return Token
*/ */
public function convertToJWT(CryptKey $privateKey) private function convertToJWT(CryptKey $privateKey)
{ {
return (new Builder()) return (new Builder())
->setAudience($this->getClient()->getIdentifier()) ->setAudience($this->getClient()->getIdentifier())
@ -43,9 +56,9 @@ trait AccessTokenTrait
/** /**
* Generate a string representation from the access token * Generate a string representation from the access token
*/ */
public function convertToAccessToken(CryptKey $privateKey) public function __toString()
{ {
return (string) $this->convertToJWT($privateKey); return (string) $this->convertToJWT($this->privateKey);
} }
/** /**

1
src/Grant/AbstractGrant.php
View File

@ -361,6 +361,7 @@ abstract class AbstractGrant implements GrantTypeInterface
$accessToken->setClient($client); $accessToken->setClient($client);
$accessToken->setUserIdentifier($userIdentifier); $accessToken->setUserIdentifier($userIdentifier);
$accessToken->setExpiryDateTime((new \DateTime())->add($accessTokenTTL)); $accessToken->setExpiryDateTime((new \DateTime())->add($accessTokenTTL));
$accessToken->setPrivateKey($this->privateKey);
foreach ($scopes as $scope) { foreach ($scopes as $scope) {
$accessToken->addScope($scope); $accessToken->addScope($scope);

2
src/Grant/ImplicitGrant.php
View File

@ -216,7 +216,7 @@ class ImplicitGrant extends AbstractAuthorizeGrant
$this->makeRedirectUri( $this->makeRedirectUri(
$finalRedirectUri, $finalRedirectUri,
[ [
'access_token' => $accessToken->convertToAccessToken($this->privateKey), 'access_token' => (string) $accessToken,
'token_type' => 'Bearer', 'token_type' => 'Bearer',
'expires_in' => $accessToken->getExpiryDateTime()->getTimestamp() - (new \DateTime())->getTimestamp(), 'expires_in' => $accessToken->getExpiryDateTime()->getTimestamp() - (new \DateTime())->getTimestamp(),
'state' => $authorizationRequest->getState(), 'state' => $authorizationRequest->getState(),

2
src/ResponseTypes/BearerTokenResponse.php
View File

@ -27,7 +27,7 @@ class BearerTokenResponse extends AbstractResponseType
$responseParams = [ $responseParams = [
'token_type' => 'Bearer', 'token_type' => 'Bearer',
'expires_in' => $expireDateTime - (new \DateTime())->getTimestamp(), 'expires_in' => $expireDateTime - (new \DateTime())->getTimestamp(),
'access_token' => $this->accessToken->convertToAccessToken($this->privateKey), 'access_token' => (string) $this->accessToken,
]; ];
if ($this->refreshToken instanceof RefreshTokenEntityInterface) { if ($this->refreshToken instanceof RefreshTokenEntityInterface) {

2
tests/Grant/AbstractGrantTest.php
View File

@ -3,6 +3,7 @@
namespace LeagueTests\Grant; namespace LeagueTests\Grant;
use League\Event\Emitter; use League\Event\Emitter;
use League\OAuth2\Server\CryptKey;
use League\OAuth2\Server\Entities\AccessTokenEntityInterface; use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
use League\OAuth2\Server\Entities\AuthCodeEntityInterface; use League\OAuth2\Server\Entities\AuthCodeEntityInterface;
use League\OAuth2\Server\Entities\RefreshTokenEntityInterface; use League\OAuth2\Server\Entities\RefreshTokenEntityInterface;
@ -353,6 +354,7 @@ class AbstractGrantTest extends TestCase
/** @var AbstractGrant $grantMock */ /** @var AbstractGrant $grantMock */
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class); $grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$grantMock->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
$grantMock->setAccessTokenRepository($accessTokenRepoMock); $grantMock->setAccessTokenRepository($accessTokenRepoMock);
$abstractGrantReflection = new \ReflectionClass($grantMock); $abstractGrantReflection = new \ReflectionClass($grantMock);

10
tests/Grant/AuthCodeGrantTest.php
View File

@ -2,6 +2,7 @@
namespace LeagueTests\Grant; namespace LeagueTests\Grant;
use League\OAuth2\Server\CryptKey;
use League\OAuth2\Server\Entities\AccessTokenEntityInterface; use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
use League\OAuth2\Server\Entities\RefreshTokenEntityInterface; use League\OAuth2\Server\Entities\RefreshTokenEntityInterface;
use League\OAuth2\Server\Exception\OAuthServerException; use League\OAuth2\Server\Exception\OAuthServerException;
@ -40,7 +41,7 @@ class AuthCodeGrantTest extends TestCase
public function setUp() public function setUp()
{ {
$this->cryptStub = new CryptTraitStub; $this->cryptStub = new CryptTraitStub();
} }
public function testGetIdentifier() public function testGetIdentifier()
@ -608,6 +609,7 @@ class AuthCodeGrantTest extends TestCase
$grant->setAccessTokenRepository($accessTokenRepositoryMock); $grant->setAccessTokenRepository($accessTokenRepositoryMock);
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock); $grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
$grant->setEncryptionKey($this->cryptStub->getKey()); $grant->setEncryptionKey($this->cryptStub->getKey());
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
$request = new ServerRequest( $request = new ServerRequest(
[], [],
@ -676,6 +678,7 @@ class AuthCodeGrantTest extends TestCase
$grant->setAccessTokenRepository($accessTokenRepositoryMock); $grant->setAccessTokenRepository($accessTokenRepositoryMock);
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock); $grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
$grant->setEncryptionKey($this->cryptStub->getKey()); $grant->setEncryptionKey($this->cryptStub->getKey());
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
$request = new ServerRequest( $request = new ServerRequest(
[], [],
@ -747,6 +750,7 @@ class AuthCodeGrantTest extends TestCase
$grant->setAccessTokenRepository($accessTokenRepositoryMock); $grant->setAccessTokenRepository($accessTokenRepositoryMock);
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock); $grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
$grant->setEncryptionKey($this->cryptStub->getKey()); $grant->setEncryptionKey($this->cryptStub->getKey());
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
$request = new ServerRequest( $request = new ServerRequest(
[], [],
@ -1537,6 +1541,7 @@ class AuthCodeGrantTest extends TestCase
new \DateInterval('PT10M') new \DateInterval('PT10M')
); );
$grant->setEncryptionKey($this->cryptStub->getKey()); $grant->setEncryptionKey($this->cryptStub->getKey());
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
$this->assertInstanceOf(RedirectResponse::class, $grant->completeAuthorizationRequest($authRequest)); $this->assertInstanceOf(RedirectResponse::class, $grant->completeAuthorizationRequest($authRequest));
} }
@ -1624,6 +1629,7 @@ class AuthCodeGrantTest extends TestCase
$grant->setAccessTokenRepository($accessTokenRepositoryMock); $grant->setAccessTokenRepository($accessTokenRepositoryMock);
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock); $grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
$grant->setEncryptionKey($this->cryptStub->getKey()); $grant->setEncryptionKey($this->cryptStub->getKey());
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
$request = new ServerRequest( $request = new ServerRequest(
[], [],
@ -1695,6 +1701,7 @@ class AuthCodeGrantTest extends TestCase
$grant->setAccessTokenRepository($accessTokenRepositoryMock); $grant->setAccessTokenRepository($accessTokenRepositoryMock);
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock); $grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
$grant->setEncryptionKey($this->cryptStub->getKey()); $grant->setEncryptionKey($this->cryptStub->getKey());
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
$request = new ServerRequest( $request = new ServerRequest(
[], [],
@ -1766,6 +1773,7 @@ class AuthCodeGrantTest extends TestCase
$grant->setAccessTokenRepository($accessTokenRepositoryMock); $grant->setAccessTokenRepository($accessTokenRepositoryMock);
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock); $grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
$grant->setEncryptionKey($this->cryptStub->getKey()); $grant->setEncryptionKey($this->cryptStub->getKey());
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
$request = new ServerRequest( $request = new ServerRequest(
[], [],

2
tests/Grant/ClientCredentialsGrantTest.php
View File

@ -2,6 +2,7 @@
namespace LeagueTests\Grant; namespace LeagueTests\Grant;
use League\OAuth2\Server\CryptKey;
use League\OAuth2\Server\Entities\AccessTokenEntityInterface; use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
use League\OAuth2\Server\Grant\ClientCredentialsGrant; use League\OAuth2\Server\Grant\ClientCredentialsGrant;
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface; use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
@ -44,6 +45,7 @@ class ClientCredentialsGrantTest extends TestCase
$grant->setAccessTokenRepository($accessTokenRepositoryMock); $grant->setAccessTokenRepository($accessTokenRepositoryMock);
$grant->setScopeRepository($scopeRepositoryMock); $grant->setScopeRepository($scopeRepositoryMock);
$grant->setDefaultScope(self::DEFAULT_SCOPE); $grant->setDefaultScope(self::DEFAULT_SCOPE);
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
$serverRequest = new ServerRequest(); $serverRequest = new ServerRequest();
$serverRequest = $serverRequest->withParsedBody( $serverRequest = $serverRequest->withParsedBody(

2
tests/Grant/PasswordGrantTest.php
View File

@ -2,6 +2,7 @@
namespace LeagueTests\Grant; namespace LeagueTests\Grant;
use League\OAuth2\Server\CryptKey;
use League\OAuth2\Server\Entities\AccessTokenEntityInterface; use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
use League\OAuth2\Server\Entities\RefreshTokenEntityInterface; use League\OAuth2\Server\Entities\RefreshTokenEntityInterface;
use League\OAuth2\Server\Grant\PasswordGrant; use League\OAuth2\Server\Grant\PasswordGrant;
@ -60,6 +61,7 @@ class PasswordGrantTest extends TestCase
$grant->setAccessTokenRepository($accessTokenRepositoryMock); $grant->setAccessTokenRepository($accessTokenRepositoryMock);
$grant->setScopeRepository($scopeRepositoryMock); $grant->setScopeRepository($scopeRepositoryMock);
$grant->setDefaultScope(self::DEFAULT_SCOPE); $grant->setDefaultScope(self::DEFAULT_SCOPE);
$grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
$serverRequest = new ServerRequest(); $serverRequest = new ServerRequest();
$serverRequest = $serverRequest->withParsedBody( $serverRequest = $serverRequest->withParsedBody(

6
tests/Middleware/ResourceServerMiddlewareTest.php
View File

@ -29,8 +29,9 @@ class ResourceServerMiddlewareTest extends TestCase
$accessToken->setUserIdentifier(123); $accessToken->setUserIdentifier(123);
$accessToken->setExpiryDateTime((new \DateTime())->add(new \DateInterval('PT1H'))); $accessToken->setExpiryDateTime((new \DateTime())->add(new \DateInterval('PT1H')));
$accessToken->setClient($client); $accessToken->setClient($client);
$accessToken->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
$token = $accessToken->convertToAccessToken(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); $token = (string) $accessToken;
$request = new ServerRequest(); $request = new ServerRequest();
$request = $request->withHeader('authorization', sprintf('Bearer %s', $token)); $request = $request->withHeader('authorization', sprintf('Bearer %s', $token));
@ -64,8 +65,9 @@ class ResourceServerMiddlewareTest extends TestCase
$accessToken->setUserIdentifier(123); $accessToken->setUserIdentifier(123);
$accessToken->setExpiryDateTime((new \DateTime())->sub(new \DateInterval('PT1H'))); $accessToken->setExpiryDateTime((new \DateTime())->sub(new \DateInterval('PT1H')));
$accessToken->setClient($client); $accessToken->setClient($client);
$accessToken->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
$token = $accessToken->convertToAccessToken(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); $token = (string) $accessToken;
$request = new ServerRequest(); $request = new ServerRequest();
$request = $request->withHeader('authorization', sprintf('Bearer %s', $token)); $request = $request->withHeader('authorization', sprintf('Bearer %s', $token));

5
tests/ResponseTypes/BearerResponseTypeTest.php
View File

@ -35,6 +35,7 @@ class BearerResponseTypeTest extends TestCase
$accessToken->setExpiryDateTime((new \DateTime())->add(new \DateInterval('PT1H'))); $accessToken->setExpiryDateTime((new \DateTime())->add(new \DateInterval('PT1H')));
$accessToken->setClient($client); $accessToken->setClient($client);
$accessToken->addScope($scope); $accessToken->addScope($scope);
$accessToken->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
$refreshToken = new RefreshTokenEntity(); $refreshToken = new RefreshTokenEntity();
$refreshToken->setIdentifier('abcdef'); $refreshToken->setIdentifier('abcdef');
@ -77,6 +78,7 @@ class BearerResponseTypeTest extends TestCase
$accessToken->setExpiryDateTime((new \DateTime())->add(new \DateInterval('PT1H'))); $accessToken->setExpiryDateTime((new \DateTime())->add(new \DateInterval('PT1H')));
$accessToken->setClient($client); $accessToken->setClient($client);
$accessToken->addScope($scope); $accessToken->addScope($scope);
$accessToken->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
$refreshToken = new RefreshTokenEntity(); $refreshToken = new RefreshTokenEntity();
$refreshToken->setIdentifier('abcdef'); $refreshToken->setIdentifier('abcdef');
@ -119,6 +121,7 @@ class BearerResponseTypeTest extends TestCase
$accessToken->setUserIdentifier(123); $accessToken->setUserIdentifier(123);
$accessToken->setExpiryDateTime((new \DateTime())->add(new \DateInterval('PT1H'))); $accessToken->setExpiryDateTime((new \DateTime())->add(new \DateInterval('PT1H')));
$accessToken->setClient($client); $accessToken->setClient($client);
$accessToken->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
$refreshToken = new RefreshTokenEntity(); $refreshToken = new RefreshTokenEntity();
$refreshToken->setIdentifier('abcdef'); $refreshToken->setIdentifier('abcdef');
@ -164,6 +167,7 @@ class BearerResponseTypeTest extends TestCase
$accessToken->setUserIdentifier(123); $accessToken->setUserIdentifier(123);
$accessToken->setExpiryDateTime((new \DateTime())->add(new \DateInterval('PT1H'))); $accessToken->setExpiryDateTime((new \DateTime())->add(new \DateInterval('PT1H')));
$accessToken->setClient($client); $accessToken->setClient($client);
$accessToken->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
$refreshToken = new RefreshTokenEntity(); $refreshToken = new RefreshTokenEntity();
$refreshToken->setIdentifier('abcdef'); $refreshToken->setIdentifier('abcdef');
@ -206,6 +210,7 @@ class BearerResponseTypeTest extends TestCase
$accessToken->setUserIdentifier(123); $accessToken->setUserIdentifier(123);
$accessToken->setExpiryDateTime((new \DateTime())->add(new \DateInterval('PT1H'))); $accessToken->setExpiryDateTime((new \DateTime())->add(new \DateInterval('PT1H')));
$accessToken->setClient($client); $accessToken->setClient($client);
$accessToken->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key'));
$refreshToken = new RefreshTokenEntity(); $refreshToken = new RefreshTokenEntity();
$refreshToken->setIdentifier('abcdef'); $refreshToken->setIdentifier('abcdef');