ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2024-11-01 16:33:07 +05:30
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #445 from juliangut/abstract_token_validation

Browse Source 
V5 - Abstract access token validation
This commit is contained in:
Alex Bilbie 2016-02-12 14:31:18 +00:00
commit 655f6b9771
4 changed files with 28 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
examples/public/middleware_authentication.php
View File

@ -1,5 +1,7 @@
<?php <?php
use League\OAuth2\Server\Grant\PasswordGrant;
use League\OAuth2\Server\Grant\RefreshTokenGrant;
use League\OAuth2\Server\Middleware\AuthenticationServerMiddleware; use League\OAuth2\Server\Middleware\AuthenticationServerMiddleware;
use League\OAuth2\Server\Server; use League\OAuth2\Server\Server;
@ -10,8 +12,6 @@ use OAuth2ServerExamples\Repositories\ScopeRepository;
use OAuth2ServerExamples\Repositories\UserRepository; use OAuth2ServerExamples\Repositories\UserRepository;
use Slim\App; use Slim\App;
use Slim\Http\Request;
use Slim\Http\Response;
include(__DIR__ . '/../vendor/autoload.php'); include(__DIR__ . '/../vendor/autoload.php');

6
src/Middleware/AuthenticationServerMiddleware.php
View File

@ -6,6 +6,7 @@ use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Server; use League\OAuth2\Server\Server;
use Psr\Http\Message\ResponseInterface; use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface; use Psr\Http\Message\ServerRequestInterface;
use Zend\Diactoros\Stream;
class AuthenticationServerMiddleware class AuthenticationServerMiddleware
{ {
@ -38,9 +39,10 @@ class AuthenticationServerMiddleware
} catch (OAuthServerException $exception) { } catch (OAuthServerException $exception) {
return $exception->generateHttpResponse($response); return $exception->generateHttpResponse($response);
} catch (\Exception $exception) { } catch (\Exception $exception) {
$response->getBody()->write($exception->getMessage()); $body = new Stream('php://temp', 'r+');
$body->write($exception->getMessage());
return $response->withStatus(500); return $response->withStatus(500)->withBody($body);
} }
if (in_array($response->getStatusCode(), [400, 401, 500])) { if (in_array($response->getStatusCode(), [400, 401, 500])) {

8
src/Middleware/ResourceServerMiddleware.php
View File

@ -6,6 +6,7 @@ use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Server; use League\OAuth2\Server\Server;
use Psr\Http\Message\ResponseInterface; use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface; use Psr\Http\Message\ServerRequestInterface;
use Zend\Diactoros\Stream;
class ResourceServerMiddleware class ResourceServerMiddleware
{ {
@ -34,13 +35,14 @@ class ResourceServerMiddleware
public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next) public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next)
{ {
try { try {
$request = $this->server->getResponseType()->determineAccessTokenInHeader($request); $request = $this->server->validateRequest($request);
} catch (OAuthServerException $exception) { } catch (OAuthServerException $exception) {
return $exception->generateHttpResponse($response); return $exception->generateHttpResponse($response);
} catch (\Exception $exception) { } catch (\Exception $exception) {
$response->getBody()->write($exception->getMessage()); $body = new Stream('php://temp', 'r+');
$body->write($exception->getMessage());
return $response->withStatus(500); return $response->withStatus(500)->withBody($body);
} }
// Pass the request and response on to the next responder in the chain // Pass the request and response on to the next responder in the chain

20
src/Server.php
View File

@ -27,7 +27,7 @@ class Server implements EmitterAwareInterface
protected $enabledGrantTypes = []; protected $enabledGrantTypes = [];
/** /**
* @var DateInterval[] * @var \DateInterval[]
*/ */
protected $grantTypeAccessTokenTTL = []; protected $grantTypeAccessTokenTTL = [];
@ -91,7 +91,7 @@ class Server implements EmitterAwareInterface
* Enable a grant type on the server * Enable a grant type on the server
* *
* @param \League\OAuth2\Server\Grant\GrantTypeInterface $grantType * @param \League\OAuth2\Server\Grant\GrantTypeInterface $grantType
* @param DateInterval $accessTokenTTL * @param \DateInterval $accessTokenTTL
*/ */
public function enableGrantType(GrantTypeInterface $grantType, DateInterval $accessTokenTTL) public function enableGrantType(GrantTypeInterface $grantType, DateInterval $accessTokenTTL)
{ {
@ -148,12 +148,26 @@ class Server implements EmitterAwareInterface
return $tokenResponse->generateHttpResponse($response); return $tokenResponse->generateHttpResponse($response);
} }
/**
* Determine the access token validity
*
* @param \Psr\Http\Message\ServerRequestInterface $request
*
* @return \Psr\Http\Message\ServerRequestInterface
*
* @throws \League\OAuth2\Server\Exception\OAuthServerException
*/
public function validateRequest(ServerRequestInterface $request)
{
return $this->getResponseType()->determineAccessTokenInHeader($request);
}
/** /**
* Get the token type that grants will return in the HTTP response * Get the token type that grants will return in the HTTP response
* *
* @return ResponseTypeInterface * @return ResponseTypeInterface
*/ */
public function getResponseType() protected function getResponseType()
{ {
if (!$this->responseType instanceof ResponseTypeInterface) { if (!$this->responseType instanceof ResponseTypeInterface) {
$this->responseType = new BearerTokenResponse( $this->responseType = new BearerTokenResponse(