From 647de842ff0f2773611680b42953ba8c804abfc0 Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Fri, 25 Apr 2014 10:01:01 +0100 Subject: [PATCH] Updated exceptions --- src/Exception/AccessDeniedException.php | 36 ++++++++ src/Exception/ClientException.php | 20 ---- src/Exception/InvalidAccessTokenException.php | 20 ---- src/Exception/InvalidClientException.php | 36 ++++++++ src/Exception/InvalidCredentialsException.php | 36 ++++++++ src/Exception/InvalidGrantException.php | 37 ++++++++ src/Exception/InvalidGrantTypeException.php | 20 ---- src/Exception/InvalidRefreshException.php | 36 ++++++++ src/Exception/InvalidRequestException.php | 37 ++++++++ src/Exception/InvalidScopeException.php | 37 ++++++++ src/Exception/OAuth2Exception.php | 20 ---- src/Exception/OAuthException.php | 92 +++++++++++++++++++ src/Exception/ServerErrorException.php | 36 ++++++++ src/Exception/ServerException.php | 20 ---- src/Exception/UnauthorizedClientException.php | 36 ++++++++ .../UnsupportedGrantTypeException.php | 37 ++++++++ .../UnsupportedResponseTypeException.php | 36 ++++++++ 17 files changed, 492 insertions(+), 100 deletions(-) create mode 100644 src/Exception/AccessDeniedException.php delete mode 100644 src/Exception/ClientException.php delete mode 100644 src/Exception/InvalidAccessTokenException.php create mode 100644 src/Exception/InvalidClientException.php create mode 100644 src/Exception/InvalidCredentialsException.php create mode 100644 src/Exception/InvalidGrantException.php delete mode 100644 src/Exception/InvalidGrantTypeException.php create mode 100644 src/Exception/InvalidRefreshException.php create mode 100644 src/Exception/InvalidRequestException.php create mode 100644 src/Exception/InvalidScopeException.php delete mode 100644 src/Exception/OAuth2Exception.php create mode 100644 src/Exception/OAuthException.php create mode 100644 src/Exception/ServerErrorException.php delete mode 100644 src/Exception/ServerException.php create mode 100644 src/Exception/UnauthorizedClientException.php create mode 100644 src/Exception/UnsupportedGrantTypeException.php create mode 100644 src/Exception/UnsupportedResponseTypeException.php diff --git a/src/Exception/AccessDeniedException.php b/src/Exception/AccessDeniedException.php new file mode 100644 index 00000000..b8516ba3 --- /dev/null +++ b/src/Exception/AccessDeniedException.php @@ -0,0 +1,36 @@ + + * @copyright Copyright (c) Alex Bilbie + * @license http://mit-license.org/ + * @link https://github.com/thephpleague/oauth2-server + */ + +namespace League\OAuth2\Server\Exception; + +/** + * Exception class + */ +class AccessDeniedException extends OAuthException +{ + /** + * {@inheritdoc} + */ + public $httpStatusCode = 401; + + /** + * {@inheritdoc} + */ + public $errorType = 'access_denied'; + + /** + * {@inheritdoc} + */ + public function __construct($parameter) + { + parent::__construct('The resource owner or authorization server denied the request.'); + } +} diff --git a/src/Exception/ClientException.php b/src/Exception/ClientException.php deleted file mode 100644 index 40e4bf43..00000000 --- a/src/Exception/ClientException.php +++ /dev/null @@ -1,20 +0,0 @@ - - * @copyright Copyright (c) Alex Bilbie - * @license http://mit-license.org/ - * @link https://github.com/thephpleague/oauth2-server - */ - -namespace League\OAuth2\Server\Exception; - -/** - * ClientException Exception - */ -class ClientException extends OAuth2Exception -{ - -} \ No newline at end of file diff --git a/src/Exception/InvalidAccessTokenException.php b/src/Exception/InvalidAccessTokenException.php deleted file mode 100644 index e32d67f4..00000000 --- a/src/Exception/InvalidAccessTokenException.php +++ /dev/null @@ -1,20 +0,0 @@ - - * @copyright Copyright (c) Alex Bilbie - * @license http://mit-license.org/ - * @link https://github.com/thephpleague/oauth2-server - */ - -namespace League\OAuth2\Server\Exception; - -/** - * InvalidAccessToken Exception - */ -class InvalidAccessTokenException extends OAuth2Exception -{ - -} diff --git a/src/Exception/InvalidClientException.php b/src/Exception/InvalidClientException.php new file mode 100644 index 00000000..c09b70b5 --- /dev/null +++ b/src/Exception/InvalidClientException.php @@ -0,0 +1,36 @@ + + * @copyright Copyright (c) Alex Bilbie + * @license http://mit-license.org/ + * @link https://github.com/thephpleague/oauth2-server + */ + +namespace League\OAuth2\Server\Exception; + +/** + * Exception class + */ +class InvalidClientException extends OAuthException +{ + /** + * {@inheritdoc} + */ + public $httpStatusCode = 401; + + /** + * {@inheritdoc} + */ + public $errorType = 'invalid_client'; + + /** + * {@inheritdoc} + */ + public function __construct($parameter) + { + parent::__construct('Client authentication failed.'); + } +} diff --git a/src/Exception/InvalidCredentialsException.php b/src/Exception/InvalidCredentialsException.php new file mode 100644 index 00000000..0aae7431 --- /dev/null +++ b/src/Exception/InvalidCredentialsException.php @@ -0,0 +1,36 @@ + + * @copyright Copyright (c) Alex Bilbie + * @license http://mit-license.org/ + * @link https://github.com/thephpleague/oauth2-server + */ + +namespace League\OAuth2\Server\Exception; + +/** + * Exception class + */ +class InvalidCredentialsException extends OAuthException +{ + /** + * {@inheritdoc} + */ + public $httpStatusCode = 401; + + /** + * {@inheritdoc} + */ + public $errorType = 'invalid_credentials'; + + /** + * {@inheritdoc} + */ + public function __construct($parameter) + { + parent::__construct('The user credentials were incorrect..'); + } +} diff --git a/src/Exception/InvalidGrantException.php b/src/Exception/InvalidGrantException.php new file mode 100644 index 00000000..1fde9dee --- /dev/null +++ b/src/Exception/InvalidGrantException.php @@ -0,0 +1,37 @@ + + * @copyright Copyright (c) Alex Bilbie + * @license http://mit-license.org/ + * @link https://github.com/thephpleague/oauth2-server + */ + +namespace League\OAuth2\Server\Exception; + +/** + * Exception class + */ +class InvalidGrantException extends OAuthException +{ + /** + * {@inheritdoc} + */ + public $httpStatusCode = 400; + + /** + * {@inheritdoc} + */ + public $errorType = 'invalid_grant'; + + /** + * {@inheritdoc} + */ + + public function __construct($parameter) + { + parent::__construct(sprintf('The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client. Check the "%s" parameter.', $parameter)); + } +} diff --git a/src/Exception/InvalidGrantTypeException.php b/src/Exception/InvalidGrantTypeException.php deleted file mode 100644 index 8a4a462e..00000000 --- a/src/Exception/InvalidGrantTypeException.php +++ /dev/null @@ -1,20 +0,0 @@ - - * @copyright Copyright (c) Alex Bilbie - * @license http://mit-license.org/ - * @link https://github.com/thephpleague/oauth2-server - */ - -namespace League\OAuth2\Server\Exception; - -/** - * InvalidGrantTypeException Exception - */ -class InvalidGrantTypeException extends OAuth2Exception -{ - -} diff --git a/src/Exception/InvalidRefreshException.php b/src/Exception/InvalidRefreshException.php new file mode 100644 index 00000000..c1fd1bd5 --- /dev/null +++ b/src/Exception/InvalidRefreshException.php @@ -0,0 +1,36 @@ + + * @copyright Copyright (c) Alex Bilbie + * @license http://mit-license.org/ + * @link https://github.com/thephpleague/oauth2-server + */ + +namespace League\OAuth2\Server\Exception; + +/** + * Exception class + */ +class InvalidRefreshException extends OAuthException +{ + /** + * {@inheritdoc} + */ + public $httpStatusCode = 401; + + /** + * {@inheritdoc} + */ + public $errorType = 'invalid_client'; + + /** + * {@inheritdoc} + */ + public function __construct($parameter) + { + parent::__construct('The refresh token is invalid.'); + } +} diff --git a/src/Exception/InvalidRequestException.php b/src/Exception/InvalidRequestException.php new file mode 100644 index 00000000..b42a90fa --- /dev/null +++ b/src/Exception/InvalidRequestException.php @@ -0,0 +1,37 @@ + + * @copyright Copyright (c) Alex Bilbie + * @license http://mit-license.org/ + * @link https://github.com/thephpleague/oauth2-server + */ + +namespace League\OAuth2\Server\Exception; + +/** + * Exception class + */ +class InvalidRequestException extends OAuthException +{ + /** + * {@inheritdoc} + */ + public $httpStatusCode = 400; + + /** + * {@inheritdoc} + */ + public $errorType = 'invalid_request'; + + /** + * {@inheritdoc} + */ + + public function __construct($parameter) + { + parent::__construct(sprintf('The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the "%s" parameter.', $parameter)); + } +} diff --git a/src/Exception/InvalidScopeException.php b/src/Exception/InvalidScopeException.php new file mode 100644 index 00000000..613ed6c6 --- /dev/null +++ b/src/Exception/InvalidScopeException.php @@ -0,0 +1,37 @@ + + * @copyright Copyright (c) Alex Bilbie + * @license http://mit-license.org/ + * @link https://github.com/thephpleague/oauth2-server + */ + +namespace League\OAuth2\Server\Exception; + +/** + * Exception class + */ +class InvalidScopeException extends OAuthException +{ + /** + * {@inheritdoc} + */ + public $httpStatusCode = 400; + + /** + * {@inheritdoc} + */ + public $errorType = 'invalid_scope'; + + /** + * {@inheritdoc} + */ + + public function __construct($parameter) + { + parent::__construct(sprintf('The requested scope is invalid, unknown, or malformed. Check the "%s" scope.', $parameter)); + } +} diff --git a/src/Exception/OAuth2Exception.php b/src/Exception/OAuth2Exception.php deleted file mode 100644 index 586c7fd5..00000000 --- a/src/Exception/OAuth2Exception.php +++ /dev/null @@ -1,20 +0,0 @@ - - * @copyright Copyright (c) Alex Bilbie - * @license http://mit-license.org/ - * @link https://github.com/thephpleague/oauth2-server - */ - -namespace League\OAuth2\Server\Exception; - -/** - * Exception class - */ -class OAuth2Exception extends \Exception -{ - -} diff --git a/src/Exception/OAuthException.php b/src/Exception/OAuthException.php new file mode 100644 index 00000000..bee1bce4 --- /dev/null +++ b/src/Exception/OAuthException.php @@ -0,0 +1,92 @@ + + * @copyright Copyright (c) Alex Bilbie + * @license http://mit-license.org/ + * @link https://github.com/thephpleague/oauth2-server + */ + +namespace League\OAuth2\Server\Exception; + +/** + * Exception class + */ +class OAuthException extends \Exception +{ + /** + * The HTTP status code for this exception that should be sent in the response + */ + public $httpStatusCode = 400; + + /** + * The exception type + */ + public $errorType = ''; + + /** + * Throw a new exception + */ + public function __construct() + { + parent::__construct('An error occured'); + } + + /** + * Get all headers that have to be send with the error response + * @return array Array with header values + */ + public function getHttpHeaders() + { + $headers = []; + switch ($this->httpStatusCode) { + case 401: + $headers[] = 'HTTP/1.1 401 Unauthorized'; + break; + case 500: + $headers[] = 'HTTP/1.1 500 Internal Server Error'; + break; + case 501: + $headers[] = 'HTTP/1.1 501 Not Implemented'; + break; + case 400: + default: + $headers[] = 'HTTP/1.1 400 Bad Request'; + break; + } + + // Add "WWW-Authenticate" header + // + // RFC 6749, section 5.2.: + // "If the client attempted to authenticate via the 'Authorization' + // request header field, the authorization server MUST + // respond with an HTTP 401 (Unauthorized) status code and + // include the "WWW-Authenticate" response header field + // matching the authentication scheme used by the client. + // @codeCoverageIgnoreStart + if ($error === 'invalid_client') { + $authScheme = null; + $request = new Request(); + if ($request->server('PHP_AUTH_USER') !== null) { + $authScheme = 'Basic'; + } else { + $authHeader = $request->header('Authorization'); + if ($authHeader !== null) { + if (strpos($authHeader, 'Bearer') === 0) { + $authScheme = 'Bearer'; + } elseif (strpos($authHeader, 'Basic') === 0) { + $authScheme = 'Basic'; + } + } + } + if ($authScheme !== null) { + $headers[] = 'WWW-Authenticate: '.$authScheme.' realm=""'; + } + } + // @codeCoverageIgnoreEnd + + return $headers; + } +} diff --git a/src/Exception/ServerErrorException.php b/src/Exception/ServerErrorException.php new file mode 100644 index 00000000..13a7cd63 --- /dev/null +++ b/src/Exception/ServerErrorException.php @@ -0,0 +1,36 @@ + + * @copyright Copyright (c) Alex Bilbie + * @license http://mit-license.org/ + * @link https://github.com/thephpleague/oauth2-server + */ + +namespace League\OAuth2\Server\Exception; + +/** + * Exception class + */ +class ServerErrorException extends OAuthException +{ + /** + * {@inheritdoc} + */ + public $httpStatusCode = 500; + + /** + * {@inheritdoc} + */ + public $errorType = 'server_error'; + + /** + * {@inheritdoc} + */ + public function __construct($parameter = 'The authorization server encountered an unexpected condition which prevented it from fulfilling the request.') + { + parent::__construct($parameter); + } +} diff --git a/src/Exception/ServerException.php b/src/Exception/ServerException.php deleted file mode 100644 index 2b5879e2..00000000 --- a/src/Exception/ServerException.php +++ /dev/null @@ -1,20 +0,0 @@ - - * @copyright Copyright (c) Alex Bilbie - * @license http://mit-license.org/ - * @link https://github.com/thephpleague/oauth2-server - */ - -namespace League\OAuth2\Server\Exception; - -/** - * Server Exception - */ -class ServerException extends OAuth2Exception -{ - -} \ No newline at end of file diff --git a/src/Exception/UnauthorizedClientException.php b/src/Exception/UnauthorizedClientException.php new file mode 100644 index 00000000..ac3485c7 --- /dev/null +++ b/src/Exception/UnauthorizedClientException.php @@ -0,0 +1,36 @@ + + * @copyright Copyright (c) Alex Bilbie + * @license http://mit-license.org/ + * @link https://github.com/thephpleague/oauth2-server + */ + +namespace League\OAuth2\Server\Exception; + +/** + * Exception class + */ +class UnauthorizedClientException extends OAuthException +{ + /** + * {@inheritdoc} + */ + public $httpStatusCode = 400; + + /** + * {@inheritdoc} + */ + public $errorType = 'unauthorized_client'; + + /** + * {@inheritdoc} + */ + public function __construct($parameter) + { + parent::__construct('The client is not authorized to request an access token using this method.'); + } +} diff --git a/src/Exception/UnsupportedGrantTypeException.php b/src/Exception/UnsupportedGrantTypeException.php new file mode 100644 index 00000000..c79aa367 --- /dev/null +++ b/src/Exception/UnsupportedGrantTypeException.php @@ -0,0 +1,37 @@ + + * @copyright Copyright (c) Alex Bilbie + * @license http://mit-license.org/ + * @link https://github.com/thephpleague/oauth2-server + */ + +namespace League\OAuth2\Server\Exception; + +/** + * Exception class + */ +class UnsupportedGrantTypeException extends OAuthException +{ + /** + * {@inheritdoc} + */ + public $httpStatusCode = 400; + + /** + * {@inheritdoc} + */ + public $errorType = 'unsupported_grant_type'; + + /** + * {@inheritdoc} + */ + + public function __construct($parameter) + { + parent::__construct(sprintf('The authorization grant type "%s" is not supported by the authorization server.', $parameter)); + } +} diff --git a/src/Exception/UnsupportedResponseTypeException.php b/src/Exception/UnsupportedResponseTypeException.php new file mode 100644 index 00000000..05677686 --- /dev/null +++ b/src/Exception/UnsupportedResponseTypeException.php @@ -0,0 +1,36 @@ + + * @copyright Copyright (c) Alex Bilbie + * @license http://mit-license.org/ + * @link https://github.com/thephpleague/oauth2-server + */ + +namespace League\OAuth2\Server\Exception; + +/** + * Exception class + */ +class UnsupportedResponseTypeException extends OAuthException +{ + /** + * {@inheritdoc} + */ + public $httpStatusCode = 400; + + /** + * {@inheritdoc} + */ + public $errorType = 'unsupported_response_type'; + + /** + * {@inheritdoc} + */ + public function __construct($parameter) + { + parent::__construct('The authorization server does not support obtaining an access token using this method.'); + } +}