mirror of
https://github.com/elyby/oauth2-server.git
synced 2025-01-05 11:41:53 +05:30
Allow multiple client redirect URIs. Fixes #511
This commit is contained in:
parent
9533595394
commit
8274c56fc2
@ -40,9 +40,11 @@ interface ClientEntityInterface
|
|||||||
public function setRedirectUri($redirectUri);
|
public function setRedirectUri($redirectUri);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns the registered redirect URI.
|
* Returns the registered redirect URI (as a string).
|
||||||
*
|
*
|
||||||
* @return string
|
* Alternatively return an indexed array of redirect URIs.
|
||||||
|
*
|
||||||
|
* @return string|string[]
|
||||||
*/
|
*/
|
||||||
public function getRedirectUri();
|
public function getRedirectUri();
|
||||||
}
|
}
|
||||||
|
@ -173,8 +173,18 @@ abstract class AbstractGrant implements GrantTypeInterface
|
|||||||
|
|
||||||
// If a redirect URI is provided ensure it matches what is pre-registered
|
// If a redirect URI is provided ensure it matches what is pre-registered
|
||||||
$redirectUri = $this->getRequestParameter('redirect_uri', $request, null);
|
$redirectUri = $this->getRequestParameter('redirect_uri', $request, null);
|
||||||
if ($redirectUri !== null && (strcmp($client->getRedirectUri(), $redirectUri) !== 0)) {
|
if ($redirectUri !== null) {
|
||||||
|
if (
|
||||||
|
is_string($client->getRedirectUri())
|
||||||
|
&& (strcmp($client->getRedirectUri(), $redirectUri) !== 0)
|
||||||
|
) {
|
||||||
throw OAuthServerException::invalidClient();
|
throw OAuthServerException::invalidClient();
|
||||||
|
} elseif (
|
||||||
|
is_array($client->getRedirectUri())
|
||||||
|
&& in_array($redirectUri, $client->getRedirectUri()) === false
|
||||||
|
) {
|
||||||
|
throw OAuthServerException::invalidClient();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return $client;
|
return $client;
|
||||||
|
@ -185,6 +185,34 @@ class AbstractGrantTest extends \PHPUnit_Framework_TestCase
|
|||||||
$validateClientMethod->invoke($grantMock, $serverRequest, true, true);
|
$validateClientMethod->invoke($grantMock, $serverRequest, true, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||||
|
*/
|
||||||
|
public function testValidateClientInvalidRedirectUriArray()
|
||||||
|
{
|
||||||
|
$client = new ClientEntity();
|
||||||
|
$client->setRedirectUri(['http://foo/bar']);
|
||||||
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
||||||
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
||||||
|
|
||||||
|
/** @var AbstractGrant $grantMock */
|
||||||
|
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
|
||||||
|
$grantMock->setClientRepository($clientRepositoryMock);
|
||||||
|
|
||||||
|
$abstractGrantReflection = new \ReflectionClass($grantMock);
|
||||||
|
|
||||||
|
$serverRequest = new ServerRequest();
|
||||||
|
$serverRequest = $serverRequest->withParsedBody([
|
||||||
|
'client_id' => 'foo',
|
||||||
|
'redirect_uri' => 'http://bar/foo',
|
||||||
|
]);
|
||||||
|
|
||||||
|
$validateClientMethod = $abstractGrantReflection->getMethod('validateClient');
|
||||||
|
$validateClientMethod->setAccessible(true);
|
||||||
|
|
||||||
|
$validateClientMethod->invoke($grantMock, $serverRequest, true, true);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
|
||||||
*/
|
*/
|
||||||
|
Loading…
Reference in New Issue
Block a user