normalize validatescopes

2024-11-01 16:33:07 +05:30 · 2016-01-17 14:35:43 +01:00 · 2016-01-17 14:35:43 +01:00 · 8d8dbaea0c
commit 8d8dbaea0c
parent 9e4fd82763
4 changed files with 53 additions and 51 deletions
--- a/src/Grant/AbstractGrant.php
+++ b/src/Grant/AbstractGrant.php
@ -99,6 +99,14 @@ abstract class AbstractGrant implements GrantTypeInterface
        return $this->respondsWith;
    }

+    /**
+     * @inheritdoc
+     */
+    public function setEmitter(EmitterInterface $emitter)
+    {
+        $this->emitter = $emitter;
+    }
+
    /**
     * @param \Psr\Http\Message\ServerRequestInterface $request
     *
@ -142,6 +150,48 @@ abstract class AbstractGrant implements GrantTypeInterface
        return $client;
    }

+    /**
+     * @param \Psr\Http\Message\ServerRequestInterface                        $request
+     * @param string                                                          $scopeDelimiterString
+     * @param \League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface $client
+     * @param string                                                          $redirectUri
+     *
+     * @return \League\OAuth2\Server\Entities\ScopeEntity[]
+     *
+     * @throws \League\OAuth2\Server\Exception\OAuthServerException
+     */
+    public function validateScopes(
+        ServerRequestInterface $request,
+        $scopeDelimiterString,
+        ClientEntityInterface $client,
+        $redirectUri = null
+    ) {
+        $requestedScopes = $this->getRequestParameter('scope', $request);
+        $scopesList = array_filter(
+            explode($scopeDelimiterString, trim($requestedScopes)),
+            function ($scope) {
+                return !empty($scope);
+            }
+        );
+
+        $scopes = [];
+        foreach ($scopesList as $scopeItem) {
+            $scope = $this->scopeRepository->getScopeEntityByIdentifier(
+                $scopeItem,
+                $this->getIdentifier(),
+                $client->getIdentifier()
+            );
+
+            if (($scope instanceof ScopeEntity) === false) {
+                throw OAuthServerException::invalidScope($scopeItem, null, null, $redirectUri);
+            }
+
+            $scopes[] = $scope;
+        }
+
+        return $scopes;
+    }
+
    /**
     * Retrieve request parameter.
     *
@ -170,54 +220,6 @@ abstract class AbstractGrant implements GrantTypeInterface
        return (isset($request->getServerParams()[$parameter])) ? $request->getServerParams()[$parameter] : $default;
    }

-    /**
-     * @param string                $scopeParamValue      A string containing a delimited set of scope identifiers
-     * @param string                $scopeDelimiterString The delimiter between the scopes in the value string
-     * @param ClientEntityInterface $client
-     * @param string                $redirectUri
-     *
-     * @return \League\OAuth2\Server\Entities\ScopeEntity[]
-     * @throws \League\OAuth2\Server\Exception\OAuthServerException
-     */
-    public function validateScopes(
-        $scopeParamValue,
-        $scopeDelimiterString,
-        ClientEntityInterface $client,
-        $redirectUri = null
-    ) {
-        $scopesList = array_filter(
-            explode($scopeDelimiterString, trim($scopeParamValue)),
-            function ($scope) {
-                return !empty($scope);
-            }
-        );
-
-        $scopes = [];
-        foreach ($scopesList as $scopeItem) {
-            $scope = $this->scopeRepository->getScopeEntityByIdentifier(
-                $scopeItem,
-                $this->getIdentifier(),
-                $client->getIdentifier()
-            );
-
-            if (($scope instanceof ScopeEntity) === false) {
-                throw OAuthServerException::invalidScope($scopeItem, null, null, $redirectUri);
-            }
-
-            $scopes[] = $scope;
-        }
-
-        return $scopes;
-    }
-
-    /**
-     * @inheritdoc
-     */
-    public function setEmitter(EmitterInterface $emitter)
-    {
-        $this->emitter = $emitter;
-    }
-
    /**
     * @param \DateInterval                                                   $tokenTTL
     * @param \League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface $client
--- a/src/Grant/ClientCredentialsGrant.php
+++ b/src/Grant/ClientCredentialsGrant.php
@ -39,7 +39,7 @@ class ClientCredentialsGrant extends AbstractGrant
    ) {
        // Validate request
        $client = $this->validateClient($request);
-        $scopes = $this->validateScopes($this->getRequestParameter('scope', $request), $scopeDelimiter, $client);
+        $scopes = $this->validateScopes($request, $scopeDelimiter, $client);

        // Issue and persist access token
        $accessToken = $this->issueAccessToken($tokenTTL, $client, $client->getIdentifier(), $scopes);
--- a/src/Grant/PasswordGrant.php
+++ b/src/Grant/PasswordGrant.php
@ -77,7 +77,7 @@ class PasswordGrant extends AbstractGrant
        // Validate request
        $client = $this->validateClient($request);
        $user = $this->validateUser($request);
-        $scopes = $this->validateScopes($this->getRequestParameter('scope', $request), $scopeDelimiter, $client);
+        $scopes = $this->validateScopes($request, $scopeDelimiter, $client);

        // Issue and persist new tokens
        $accessToken = $this->issueAccessToken($tokenTTL, $client, $user->getIdentifier(), $scopes);
--- a/src/Grant/RefreshTokenGrant.php
+++ b/src/Grant/RefreshTokenGrant.php
@ -74,7 +74,7 @@ class RefreshTokenGrant extends AbstractGrant
    ) {
        $client = $this->validateClient($request);
        $oldRefreshToken = $this->validateOldRefreshToken($request, $client->getIdentifier());
-        $scopes = $this->validateScopes($this->getRequestParameter('scope', $request), $scopeDelimiter, $client);
+        $scopes = $this->validateScopes($request, $scopeDelimiter, $client);

        // If no new scopes are requested then give the access token the original session scopes
        if (count($scopes) === 0) {