allow middleware use

This commit is contained in:
Julián Gutiérrez 2016-01-15 14:02:47 +01:00
parent 0fbe447862
commit 65d981ad32
7 changed files with 63 additions and 35 deletions

View File

@ -32,9 +32,9 @@ $app->post('/access_token', function (Request $request, Response $response) {
/** @var Server $server */ /** @var Server $server */
$server = $this->get(Server::class); $server = $this->get(Server::class);
try { try {
return $server->respondToRequest($request); return $server->respondToRequest($request, $response);
} catch (OAuthServerException $e) { } catch (OAuthServerException $e) {
return $e->generateHttpResponse(); return $e->generateHttpResponse($response);
} catch (\Exception $e) { } catch (\Exception $e) {
return $response->withStatus(500)->write($e->getMessage()); return $response->withStatus(500)->write($e->getMessage());
} }

View File

@ -43,9 +43,9 @@ $app->post('/access_token', function (Request $request, Response $response) {
/** @var Server $server */ /** @var Server $server */
$server = $this->get(Server::class); $server = $this->get(Server::class);
try { try {
return $server->respondToRequest($request); return $server->respondToRequest($request, $response);
} catch (OAuthServerException $e) { } catch (OAuthServerException $e) {
return $e->generateHttpResponse(); return $e->generateHttpResponse($response);
} catch (\Exception $e) { } catch (\Exception $e) {
return $response->withStatus(500)->write($e->getMessage()); return $response->withStatus(500)->write($e->getMessage());
} }

View File

@ -43,9 +43,9 @@ $app->post('/access_token', function (Request $request, Response $response) {
/** @var Server $server */ /** @var Server $server */
$server = $this->get(Server::class); $server = $this->get(Server::class);
try { try {
return $server->respondToRequest($request); return $server->respondToRequest($request, $response);
} catch (OAuthServerException $e) { } catch (OAuthServerException $e) {
return $e->generateHttpResponse(); return $e->generateHttpResponse($response);
} catch (\Exception $e) { } catch (\Exception $e) {
return $response->withStatus(500)->write( return $response->withStatus(500)->write(
sprintf('<h1>%s</h1><p>%s</p>', get_class($e), $e->getMessage()) sprintf('<h1>%s</h1><p>%s</p>', get_class($e), $e->getMessage())

View File

@ -204,8 +204,12 @@ class OAuthServerException extends \Exception
* *
* @return ResponseInterface * @return ResponseInterface
*/ */
public function generateHttpResponse() public function generateHttpResponse(ResponseInterface $response = null)
{ {
if (!$response instanceof ResponseInterface) {
$response = new Response();
}
$headers = $this->getHttpHeaders(); $headers = $this->getHttpHeaders();
$payload = [ $payload = [
@ -221,12 +225,13 @@ class OAuthServerException extends \Exception
$headers['Location'] = RedirectUri::make($this->redirectUri, $payload); $headers['Location'] = RedirectUri::make($this->redirectUri, $payload);
} }
$response = new Response( foreach ($headers as $header => $content) {
'php://memory', $response->withHeader($header, $content);
$this->getHttpStatusCode(), }
$headers
); $response
$response->getBody()->write(json_encode($payload)); ->withStatus($this->getHttpStatusCode())
->getBody()->write(json_encode($payload));
return $response; return $response;
} }
@ -254,8 +259,7 @@ class OAuthServerException extends \Exception
if ($this->errorType === 'invalid_client') { if ($this->errorType === 'invalid_client') {
$authScheme = null; $authScheme = null;
$request = new ServerRequest(); $request = new ServerRequest();
if ( if (isset($request->getServerParams()['PHP_AUTH_USER']) &&
isset($request->getServerParams()['PHP_AUTH_USER']) &&
$request->getServerParams()['PHP_AUTH_USER'] !== null $request->getServerParams()['PHP_AUTH_USER'] !== null
) { ) {
$authScheme = 'Basic'; $authScheme = 'Basic';

View File

@ -16,6 +16,7 @@ use Lcobucci\JWT\Signer\Key;
use Lcobucci\JWT\Signer\Rsa\Sha256; use Lcobucci\JWT\Signer\Rsa\Sha256;
use League\OAuth2\Server\Entities\Interfaces\RefreshTokenEntityInterface; use League\OAuth2\Server\Entities\Interfaces\RefreshTokenEntityInterface;
use League\OAuth2\Server\Utils\KeyCrypt; use League\OAuth2\Server\Utils\KeyCrypt;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface; use Psr\Http\Message\ServerRequestInterface;
use Zend\Diactoros\Response; use Zend\Diactoros\Response;
@ -24,7 +25,7 @@ class BearerTokenResponse extends AbstractResponseType
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function generateHttpResponse() public function generateHttpResponse(ResponseInterface $response)
{ {
$jwtAccessToken = (new Builder()) $jwtAccessToken = (new Builder())
->setAudience($this->accessToken->getClient()->getIdentifier()) ->setAudience($this->accessToken->getClient()->getIdentifier())
@ -61,16 +62,12 @@ class BearerTokenResponse extends AbstractResponseType
$responseParams['refresh_token'] = $refreshToken; $responseParams['refresh_token'] = $refreshToken;
} }
$response = new Response( $response
'php://memory', ->withStatus(200)
200, ->withHeader('pragma', 'no-cache')
[ ->withHeader('cache-control', 'no-store')
'pragma' => 'no-cache', ->withHeader('content-type', 'application/json;charset=UTF-8')
'cache-control' => 'no-store', ->getBody()->write(json_encode($responseParams));
'content-type' => 'application/json;charset=UTF-8'
]
);
$response->getBody()->write(json_encode($responseParams));
return $response; return $response;
} }

View File

@ -38,7 +38,9 @@ interface ResponseTypeInterface
public function determineAccessTokenInHeader(ServerRequestInterface $request); public function determineAccessTokenInHeader(ServerRequestInterface $request);
/** /**
* @param ResponseInterface $response
*
* @return ResponseInterface * @return ResponseInterface
*/ */
public function generateHttpResponse(); public function generateHttpResponse(ResponseInterface $response);
} }

View File

@ -9,7 +9,9 @@ use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Grant\GrantTypeInterface; use League\OAuth2\Server\Grant\GrantTypeInterface;
use League\OAuth2\Server\ResponseTypes\BearerTokenResponse; use League\OAuth2\Server\ResponseTypes\BearerTokenResponse;
use League\OAuth2\Server\ResponseTypes\ResponseTypeInterface; use League\OAuth2\Server\ResponseTypes\ResponseTypeInterface;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface; use Psr\Http\Message\ServerRequestInterface;
use Zend\Diactoros\Response;
use Zend\Diactoros\ServerRequestFactory; use Zend\Diactoros\ServerRequestFactory;
class Server implements EmitterAwareInterface class Server implements EmitterAwareInterface
@ -121,16 +123,21 @@ class Server implements EmitterAwareInterface
* Return an access token response * Return an access token response
* *
* @param \Psr\Http\Message\ServerRequestInterface $request * @param \Psr\Http\Message\ServerRequestInterface $request
* @param \Psr\Http\Message\ResponseInterface $response
* *
* @return \League\OAuth2\Server\ResponseTypes\ResponseTypeInterface * @return \Psr\Http\Message\ResponseInterface
* @throws \League\OAuth2\Server\Exception\OAuthServerException * @throws \League\OAuth2\Server\Exception\OAuthServerException
*/ */
public function respondToRequest(ServerRequestInterface $request = null) public function respondToRequest(ServerRequestInterface $request = null, ResponseInterface $response = null)
{ {
if ($request === null) { if (!$request instanceof ServerRequestInterface) {
$request = ServerRequestFactory::fromGlobals(); $request = ServerRequestFactory::fromGlobals();
} }
if (!$response instanceof ResponseInterface) {
$response = new Response();
}
$tokenResponse = null; $tokenResponse = null;
foreach ($this->enabledGrantTypes as $grantType) { foreach ($this->enabledGrantTypes as $grantType) {
if ($grantType->canRespondToRequest($request)) { if ($grantType->canRespondToRequest($request)) {
@ -143,12 +150,30 @@ class Server implements EmitterAwareInterface
} }
} }
if ($tokenResponse instanceof ResponseTypeInterface) { if (!$tokenResponse instanceof ResponseTypeInterface) {
return $tokenResponse->generateHttpResponse(); return OAuthServerException::unsupportedGrantType()->generateHttpResponse($response);
} else {
$response = OAuthServerException::unsupportedGrantType()->generateHttpResponse();
} }
return $tokenResponse->generateHttpResponse($response);
}
/**
* PSR7 middleware callable
*
* @param \Psr\Http\Message\ServerRequestInterface $request
* @param \Psr\Http\Message\ResponseInterface $response
*
* @return \Psr\Http\Message\ResponseInterface
* @throws \League\OAuth2\Server\Exception\OAuthServerException
*/
public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next)
{
$response = $this->respondToRequest($request, $response);
if (in_array($response->getStatusCode(), [400, 401, 500])) {
return $response; return $response;
} }
return $next($request, $response);
}
} }