Allow multiple client redirect URIs. Fixes #511

This commit is contained in:
Alex Bilbie 2016-04-09 13:36:08 +01:00
parent 9533595394
commit 8274c56fc2
3 changed files with 44 additions and 4 deletions

View File

@ -40,9 +40,11 @@ interface ClientEntityInterface
public function setRedirectUri($redirectUri); public function setRedirectUri($redirectUri);
/** /**
* Returns the registered redirect URI. * Returns the registered redirect URI (as a string).
* *
* @return string * Alternatively return an indexed array of redirect URIs.
*
* @return string|string[]
*/ */
public function getRedirectUri(); public function getRedirectUri();
} }

View File

@ -173,8 +173,18 @@ abstract class AbstractGrant implements GrantTypeInterface
// If a redirect URI is provided ensure it matches what is pre-registered // If a redirect URI is provided ensure it matches what is pre-registered
$redirectUri = $this->getRequestParameter('redirect_uri', $request, null); $redirectUri = $this->getRequestParameter('redirect_uri', $request, null);
if ($redirectUri !== null && (strcmp($client->getRedirectUri(), $redirectUri) !== 0)) { if ($redirectUri !== null) {
if (
is_string($client->getRedirectUri())
&& (strcmp($client->getRedirectUri(), $redirectUri) !== 0)
) {
throw OAuthServerException::invalidClient(); throw OAuthServerException::invalidClient();
} elseif (
is_array($client->getRedirectUri())
&& in_array($redirectUri, $client->getRedirectUri()) === false
) {
throw OAuthServerException::invalidClient();
}
} }
return $client; return $client;

View File

@ -185,6 +185,34 @@ class AbstractGrantTest extends \PHPUnit_Framework_TestCase
$validateClientMethod->invoke($grantMock, $serverRequest, true, true); $validateClientMethod->invoke($grantMock, $serverRequest, true, true);
} }
/**
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException
*/
public function testValidateClientInvalidRedirectUriArray()
{
$client = new ClientEntity();
$client->setRedirectUri(['http://foo/bar']);
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
/** @var AbstractGrant $grantMock */
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$grantMock->setClientRepository($clientRepositoryMock);
$abstractGrantReflection = new \ReflectionClass($grantMock);
$serverRequest = new ServerRequest();
$serverRequest = $serverRequest->withParsedBody([
'client_id' => 'foo',
'redirect_uri' => 'http://bar/foo',
]);
$validateClientMethod = $abstractGrantReflection->getMethod('validateClient');
$validateClientMethod->setAccessible(true);
$validateClientMethod->invoke($grantMock, $serverRequest, true, true);
}
/** /**
* @expectedException \League\OAuth2\Server\Exception\OAuthServerException * @expectedException \League\OAuth2\Server\Exception\OAuthServerException
*/ */