diff --git a/src/Entities/Interfaces/ClientEntityInterface.php b/src/Entities/Interfaces/ClientEntityInterface.php index 180719b1..4ca55442 100644 --- a/src/Entities/Interfaces/ClientEntityInterface.php +++ b/src/Entities/Interfaces/ClientEntityInterface.php @@ -32,18 +32,6 @@ interface ClientEntityInterface */ public function setName($name); - /** - * @param string $secret - */ - public function setSecret($secret); - - /** - * Get the hashed client secret - * - * @return string - */ - public function getSecret(); - /** * Set the client's redirect uri. * diff --git a/src/Grant/AbstractGrant.php b/src/Grant/AbstractGrant.php index 49b03741..92a55a1f 100644 --- a/src/Grant/AbstractGrant.php +++ b/src/Grant/AbstractGrant.php @@ -153,15 +153,6 @@ abstract class AbstractGrant implements GrantTypeInterface throw OAuthServerException::invalidRequest('client_id', '`%s` parameter is missing'); } - $client = $this->clientRepository->getClientEntity( - $clientId, - $this->getIdentifier() - ); - - if (!$client instanceof ClientEntityInterface) { - throw OAuthServerException::invalidClient(); - } - // If the client is confidential require the client secret $clientSecret = $this->getRequestParameter( 'client_secret', @@ -169,11 +160,13 @@ abstract class AbstractGrant implements GrantTypeInterface $this->getServerParameter('PHP_AUTH_PW', $request) ); - if ($client->canKeepASecret() && is_null($clientSecret)) { - throw OAuthServerException::invalidRequest('client_secret', '`%s` parameter is missing'); - } + $client = $this->clientRepository->getClientEntity( + $clientId, + $this->getIdentifier(), + $clientSecret + ); - if ($client->canKeepASecret() && password_verify($clientSecret, $client->getSecret()) === false) { + if (!$client instanceof ClientEntityInterface) { $this->getEmitter()->emit(new Event('client.authentication.failed', $request)); throw OAuthServerException::invalidClient(); } diff --git a/src/Grant/AuthCodeGrant.php b/src/Grant/AuthCodeGrant.php index b08bf965..d804b191 100644 --- a/src/Grant/AuthCodeGrant.php +++ b/src/Grant/AuthCodeGrant.php @@ -73,7 +73,6 @@ class AuthCodeGrant extends AbstractAuthorizeGrant if ($client instanceof ClientEntityInterface === false) { $this->getEmitter()->emit(new Event('client.authentication.failed', $request)); - throw OAuthServerException::invalidClient(); } diff --git a/src/Repositories/ClientRepositoryInterface.php b/src/Repositories/ClientRepositoryInterface.php index 0c7ebe4f..a742b366 100644 --- a/src/Repositories/ClientRepositoryInterface.php +++ b/src/Repositories/ClientRepositoryInterface.php @@ -18,10 +18,11 @@ interface ClientRepositoryInterface extends RepositoryInterface /** * Get a client. * - * @param string $clientIdentifier The client's identifier - * @param string $grantType The grant type used + * @param string $clientIdentifier The client's identifier + * @param string $grantType The grant type used + * @param null|string $clientSecret The client's secret (if sent) * * @return \League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface */ - public function getClientEntity($clientIdentifier, $grantType); + public function getClientEntity($clientIdentifier, $grantType, $clientSecret = null); } diff --git a/tests/Grant/AbstractGrantTest.php b/tests/Grant/AbstractGrantTest.php index 5e71bdf7..1161ebc4 100644 --- a/tests/Grant/AbstractGrantTest.php +++ b/tests/Grant/AbstractGrantTest.php @@ -111,10 +111,8 @@ class AbstractGrantTest extends \PHPUnit_Framework_TestCase */ public function testValidateClientMissingClientSecret() { - $client = new ClientEntity(); - $client->setSecret('bar'); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); - $clientRepositoryMock->method('getClientEntity')->willReturn($client); + $clientRepositoryMock->method('getClientEntity')->willReturn(null); /** @var AbstractGrant $grantMock */ $grantMock = $this->getMockForAbstractClass(AbstractGrant::class); @@ -138,10 +136,8 @@ class AbstractGrantTest extends \PHPUnit_Framework_TestCase */ public function testValidateClientInvalidClientSecret() { - $client = new ClientEntity(); - $client->setSecret('bar'); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); - $clientRepositoryMock->method('getClientEntity')->willReturn($client); + $clientRepositoryMock->method('getClientEntity')->willReturn(null); /** @var AbstractGrant $grantMock */ $grantMock = $this->getMockForAbstractClass(AbstractGrant::class);