diff --git a/src/Entities/Interfaces/AccessTokenEntityInterface.php b/src/Entities/Interfaces/AccessTokenEntityInterface.php index 242bc8da..2f62f045 100644 --- a/src/Entities/Interfaces/AccessTokenEntityInterface.php +++ b/src/Entities/Interfaces/AccessTokenEntityInterface.php @@ -4,4 +4,4 @@ namespace League\OAuth2\Server\Entities\Interfaces; interface AccessTokenEntityInterface extends TokenInterface { -} \ No newline at end of file +} diff --git a/src/Entities/ScopeEntity.php b/src/Entities/ScopeEntity.php index 09fd0227..5c21e55e 100644 --- a/src/Entities/ScopeEntity.php +++ b/src/Entities/ScopeEntity.php @@ -15,7 +15,7 @@ class ScopeEntity implements ScopeEntityInterface /** * @inheritdoc */ - function jsonSerialize() + public function jsonSerialize() { return $this->getIdentifier(); } diff --git a/src/Entities/Traits/ClientEntityTrait.php b/src/Entities/Traits/ClientEntityTrait.php index fee28e0e..80e61b93 100644 --- a/src/Entities/Traits/ClientEntityTrait.php +++ b/src/Entities/Traits/ClientEntityTrait.php @@ -25,4 +25,4 @@ trait ClientEntityTrait { $this->name = $name; } -} \ No newline at end of file +} diff --git a/src/Entities/Traits/RefreshTokenTrait.php b/src/Entities/Traits/RefreshTokenTrait.php index 71e39225..0e0a3500 100644 --- a/src/Entities/Traits/RefreshTokenTrait.php +++ b/src/Entities/Traits/RefreshTokenTrait.php @@ -50,4 +50,4 @@ trait RefreshTokenTrait { $this->expiryDateTime = $dateTime; } -} \ No newline at end of file +} diff --git a/src/Entities/Traits/TokenEntityTrait.php b/src/Entities/Traits/TokenEntityTrait.php index d16e6f8d..324de912 100644 --- a/src/Entities/Traits/TokenEntityTrait.php +++ b/src/Entities/Traits/TokenEntityTrait.php @@ -123,4 +123,4 @@ trait TokenEntityTrait { return (new DateTime()) > $this->getExpiryDateTime(); } -} \ No newline at end of file +} diff --git a/src/Exception/OAuthServerException.php b/src/Exception/OAuthServerException.php index 09ef4ec5..35c38dd2 100644 --- a/src/Exception/OAuthServerException.php +++ b/src/Exception/OAuthServerException.php @@ -60,7 +60,8 @@ class OAuthServerException extends \Exception $localizedHint = null ) { $errorMessage = (is_null($localizedError)) - ? 'The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.' + ? 'The provided authorization grant is invalid, expired, revoked, does not match ' . + 'the redirection URI used in the authorization request, or was issued to another client.' : $localizedError; $hint = (is_null($localizedHint)) ? 'Check the `grant_type` parameter' @@ -106,7 +107,8 @@ class OAuthServerException extends \Exception $localizedHint = null ) { $errorMessage = (is_null($localizedError)) - ? 'The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed.' + ? 'The request is missing a required parameter, includes an invalid parameter value, ' . + 'includes a parameter more than once, or is otherwise malformed.' : $localizedError; $hint = (is_null($localizedHint)) ? sprintf('Check the `%s` parameter', $parameter) diff --git a/src/Grant/AbstractGrant.php b/src/Grant/AbstractGrant.php index c6ffc760..01917c91 100644 --- a/src/Grant/AbstractGrant.php +++ b/src/Grant/AbstractGrant.php @@ -11,6 +11,7 @@ namespace League\OAuth2\Server\Grant; +use League\Event\EmitterAwareTrait; use League\Event\EmitterInterface; use League\Event\Event; use League\OAuth2\Server\Entities\AccessTokenEntity; @@ -29,6 +30,8 @@ use Psr\Http\Message\ServerRequestInterface; */ abstract class AbstractGrant implements GrantTypeInterface { + use EmitterAwareTrait; + const SCOPE_DELIMITER_STRING = ' '; /** @@ -60,11 +63,6 @@ abstract class AbstractGrant implements GrantTypeInterface */ protected $accessTokenRepository; - /** - * @var \League\Event\Emitter - */ - protected $emitter; - /** * @var ScopeRepositoryInterface */ @@ -128,7 +126,7 @@ abstract class AbstractGrant implements GrantTypeInterface /** * @inheritdoc */ - public function setEmitter(EmitterInterface $emitter) + public function setEmitter(EmitterInterface $emitter = null) { $this->emitter = $emitter; } @@ -185,14 +183,14 @@ abstract class AbstractGrant implements GrantTypeInterface } $client = $this->clientRepository->getClientEntity( + $this->getIdentifier(), $clientId, $clientSecret, - null, - $this->getIdentifier() + null ); if (!$client instanceof ClientEntityInterface) { - $this->emitter->emit(new Event('client.authentication.failed', $request)); + $this->getEmitter()->emit(new Event('client.authentication.failed', $request)); throw OAuthServerException::invalidClient(); } diff --git a/src/Grant/GrantTypeInterface.php b/src/Grant/GrantTypeInterface.php index a6a5c63a..ece1d752 100644 --- a/src/Grant/GrantTypeInterface.php +++ b/src/Grant/GrantTypeInterface.php @@ -11,7 +11,7 @@ namespace League\OAuth2\Server\Grant; -use League\Event\EmitterInterface; +use League\Event\EmitterAwareInterface; use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface; use League\OAuth2\Server\Repositories\ClientRepositoryInterface; use League\OAuth2\Server\Repositories\ScopeRepositoryInterface; @@ -21,7 +21,7 @@ use Psr\Http\Message\ServerRequestInterface; /** * Grant type interface */ -interface GrantTypeInterface +interface GrantTypeInterface extends EmitterAwareInterface { /** * Set refresh token TTL @@ -73,13 +73,6 @@ interface GrantTypeInterface */ public function canRespondToRequest(ServerRequestInterface $request); - /** - * Set the event emitter - * - * @param \League\Event\EmitterInterface $emitter - */ - public function setEmitter(EmitterInterface $emitter); - /** * Set the client repository * diff --git a/src/Grant/PasswordGrant.php b/src/Grant/PasswordGrant.php index 9f4f41e8..852dedb2 100644 --- a/src/Grant/PasswordGrant.php +++ b/src/Grant/PasswordGrant.php @@ -102,7 +102,7 @@ class PasswordGrant extends AbstractGrant $user = $this->userRepository->getUserEntityByUserCredentials($username, $password); if (!$user instanceof UserEntityInterface) { - $this->emitter->emit(new Event('user.authentication.failed', $request)); + $this->getEmitter()->emit(new Event('user.authentication.failed', $request)); throw OAuthServerException::invalidCredentials(); } diff --git a/src/Grant/RefreshTokenGrant.php b/src/Grant/RefreshTokenGrant.php index cf3286c8..d5c7e854 100644 --- a/src/Grant/RefreshTokenGrant.php +++ b/src/Grant/RefreshTokenGrant.php @@ -38,9 +38,8 @@ class RefreshTokenGrant extends AbstractGrant /** * @param \League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface $refreshTokenRepository */ - public function __construct( - RefreshTokenRepositoryInterface $refreshTokenRepository - ) { + public function __construct(RefreshTokenRepositoryInterface $refreshTokenRepository) + { $this->refreshTokenRepository = $refreshTokenRepository; $this->refreshTokenTTL = new \DateInterval('P1M'); @@ -67,7 +66,7 @@ class RefreshTokenGrant extends AbstractGrant // the request doesn't include any new scopes foreach ($scopes as $scope) { if (in_array($scope->getIdentifier(), $oldRefreshToken['scopes']) === false) { - $this->emitter->emit(new Event('scope.selection.failed', $request)); + $this->getEmitter()->emit(new Event('scope.selection.failed', $request)); throw OAuthServerException::invalidScope($scope->getIdentifier()); } @@ -115,7 +114,7 @@ class RefreshTokenGrant extends AbstractGrant $refreshTokenData = json_decode($refreshToken, true); if ($refreshTokenData['client_id'] !== $clientId) { - $this->emitter->emit(new Event('refresh_token.client.failed', $request)); + $this->getEmitter()->emit(new Event('refresh_token.client.failed', $request)); throw OAuthServerException::invalidRefreshToken( 'Token is not linked to client,' . diff --git a/src/Repositories/AuthCodeRepositoryInterface.php b/src/Repositories/AuthCodeRepositoryInterface.php index 85852ef3..481106d3 100644 --- a/src/Repositories/AuthCodeRepositoryInterface.php +++ b/src/Repositories/AuthCodeRepositoryInterface.php @@ -33,8 +33,6 @@ interface AuthCodeRepositoryInterface extends RepositoryInterface * @param string $code The authorization code string * @param integer $expireTime Token expire time * @param string $redirectUri Client redirect uri - * - * @return void */ public function persistNewAuthCode($code, $expireTime, $redirectUri); diff --git a/src/Repositories/ClientRepositoryInterface.php b/src/Repositories/ClientRepositoryInterface.php index b9b9aa3a..3bec9452 100644 --- a/src/Repositories/ClientRepositoryInterface.php +++ b/src/Repositories/ClientRepositoryInterface.php @@ -19,12 +19,12 @@ interface ClientRepositoryInterface extends RepositoryInterface /** * Get a client * + * @param string $grantType The grant type used * @param string $clientIdentifier The client's identifier * @param string|null $clientSecret The client's secret * @param string|null $redirectUri The client's redirect URI - * @param string|null $grantType The grant type used * * @return \League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface */ - public function getClientEntity($clientIdentifier, $grantType, $clientSecret = null, $redirectUri = null); + public function getClientEntity($grantType, $clientIdentifier, $clientSecret = null, $redirectUri = null); } diff --git a/src/Repositories/MacTokenInterface.php b/src/Repositories/MacTokenInterface.php index 4b84b147..833a0d7b 100644 --- a/src/Repositories/MacTokenInterface.php +++ b/src/Repositories/MacTokenInterface.php @@ -13,7 +13,6 @@ namespace League\OAuth2\Server\Storage; use League\OAuth2\Server\Repositories\RepositoryInterface; - /** * MacTokenInterface */ @@ -21,15 +20,17 @@ interface MacTokenInterface extends RepositoryInterface { /** * Create a MAC key linked to an access token - * @param string $macKey - * @param string $accessToken - * @return void + * + * @param string $macKey + * @param string $accessToken */ public function persistMacTokenEntity($macKey, $accessToken); /** * Get a MAC key by access token + * * @param string $accessToken + * * @return string */ public function getMacKeyByAccessTokenString($accessToken); diff --git a/src/Repositories/RefreshTokenRepositoryInterface.php b/src/Repositories/RefreshTokenRepositoryInterface.php index 1ac9a0d1..533351d8 100644 --- a/src/Repositories/RefreshTokenRepositoryInterface.php +++ b/src/Repositories/RefreshTokenRepositoryInterface.php @@ -21,9 +21,9 @@ interface RefreshTokenRepositoryInterface extends RepositoryInterface /** * Create a new refresh token_name * - * @param \League\OAuth2\Server\Entities\Interfaces\RefreshTokenEntityInterface $refreshTokenEntityInterface + * @param \League\OAuth2\Server\Entities\Interfaces\RefreshTokenEntityInterface $refreshTokenEntity */ - public function persistNewRefreshToken(RefreshTokenEntityInterface $refreshTokenEntityInterface); + public function persistNewRefreshToken(RefreshTokenEntityInterface $refreshTokenEntity); /** * Revoke the refresh token diff --git a/src/Repositories/ScopeRepositoryInterface.php b/src/Repositories/ScopeRepositoryInterface.php index 276ce264..0b45efe9 100644 --- a/src/Repositories/ScopeRepositoryInterface.php +++ b/src/Repositories/ScopeRepositoryInterface.php @@ -19,9 +19,9 @@ interface ScopeRepositoryInterface extends RepositoryInterface /** * Return information about a scope * - * @param string $identifier The scope identifier - * @param string $grantType The grant type used in the request - * @param string $clientId The client sending the request + * @param string $identifier The scope identifier + * @param string $grantType The grant type used in the request + * @param string|null $clientId The client sending the request * * @return \League\OAuth2\Server\Entities\Interfaces\ScopeEntityInterface */ diff --git a/src/ResponseTypes/BearerTokenResponse.php b/src/ResponseTypes/BearerTokenResponse.php index c67bc990..df30e94e 100644 --- a/src/ResponseTypes/BearerTokenResponse.php +++ b/src/ResponseTypes/BearerTokenResponse.php @@ -28,12 +28,14 @@ class BearerTokenResponse extends AbstractResponseType */ public function generateHttpResponse(ResponseInterface $response) { + $expireDateTime = $this->accessToken->getExpiryDateTime()->getTimestamp(); + $jwtAccessToken = (new Builder()) ->setAudience($this->accessToken->getClient()->getIdentifier()) ->setId($this->accessToken->getIdentifier(), true) ->setIssuedAt(time()) ->setNotBefore(time()) - ->setExpiration($this->accessToken->getExpiryDateTime()->getTimestamp()) + ->setExpiration($expireDateTime) ->setSubject($this->accessToken->getUserIdentifier()) ->set('scopes', $this->accessToken->getScopes()) ->sign(new Sha256(), new Key($this->pathToPrivateKey)) @@ -41,7 +43,7 @@ class BearerTokenResponse extends AbstractResponseType $responseParams = [ 'token_type' => 'Bearer', - 'expires_in' => $this->accessToken->getExpiryDateTime()->getTimestamp() - (new \DateTime())->getTimestamp(), + 'expires_in' => $expireDateTime - (new \DateTime)->getTimestamp(), 'access_token' => (string) $jwtAccessToken, ]; @@ -54,7 +56,7 @@ class BearerTokenResponse extends AbstractResponseType 'access_token_id' => $this->accessToken->getIdentifier(), 'scopes' => $this->accessToken->getScopes(), 'user_id' => $this->accessToken->getUserIdentifier(), - 'expire_time' => $this->refreshToken->getExpiryDateTime()->getTimestamp(), + 'expire_time' => $expireDateTime, ] ), $this->pathToPrivateKey diff --git a/src/Server.php b/src/Server.php index cc7eb320..b63ad6ed 100644 --- a/src/Server.php +++ b/src/Server.php @@ -2,7 +2,6 @@ namespace League\OAuth2\Server; -use DateInterval; use League\Event\EmitterAwareInterface; use League\Event\EmitterAwareTrait; use League\OAuth2\Server\Exception\OAuthServerException;