ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2025-01-09 05:23:53 +05:30
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'release/2.1.1'

Browse Source
This commit is contained in:
Alex Bilbie 2013-06-02 13:55:01 +01:00
commit 98be9ab252
8 changed files with 26 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
CHANGELOG.md
View File

@ -1,5 +1,12 @@
# Changelog
## 2.1.1 (released 2013-06-02)
* Added conditional `isValid()` flag to check for Authorization header only (thanks @alexmcroberts)
* Fixed semantic meaning of `requireScopeParam()` and `requireStateParam()` by changing their default value to true
* Updated some duff docblocks
* Corrected array key call in Resource.php (Issue #63)
## 2.1 (released 2013-05-10)
* Moved zetacomponents/database to "suggest" in composer.json. If you rely on this feature you now need to include " zetacomponents/database" into "require" key in your own composer.json. (Issue #51)

2
composer.json
View File

@ -1,7 +1,7 @@
{
"name": "league/oauth2-server",
"description": "A lightweight and powerful OAuth 2.0 authorization and resource server library with support for all the core specification grants. This library will allow you to secure your API with OAuth and allow your applications users to approve apps that want to access their data from your API.",
"version": "2.1",
"version": "2.1.1",
"homepage": "https://github.com/php-loep/oauth2-server",
"license": "MIT",
"require": {

4
src/League/OAuth2/Server/Authorization.php
View File

@ -271,7 +271,7 @@ class Authorization
* @param boolean $require
* @return void
*/
public function requireScopeParam($require = false)
public function requireScopeParam($require = true)
{
$this->requireScopeParam = $require;
}
@ -318,7 +318,7 @@ class Authorization
* @param boolean $require
* @return void
*/
public function requireStateParam($require = false)
public function requireStateParam($require = true)
{
$this->requireStateParam = $require;
}

16
src/League/OAuth2/Server/Resource.php
View File

@ -173,12 +173,13 @@ class Resource
/**
* Checks if the access token is valid or not.
*
* @param $headersOnly Limit Access Token to Authorization header only
* @throws Exception\InvalidAccessTokenException Thrown if the presented access token is not valid
* @return bool
*/
public function isValid()
public function isValid($headersOnly = false)
{
$accessToken = $this->determineAccessToken();
$accessToken = $this->determineAccessToken($headersOnly);
$result = $this->storages['session']->validateAccessToken($accessToken);
@ -194,7 +195,7 @@ class Resource
$sessionScopes = $this->storages['session']->getScopes($this->accessToken);
foreach ($sessionScopes as $scope) {
$this->sessionScopes[] = $scope['key'];
$this->sessionScopes[] = $scope['scope'];
}
return true;
@ -237,10 +238,11 @@ class Resource
/**
* Reads in the access token from the headers.
*
* @param $headersOnly Limit Access Token to Authorization header only
* @throws Exception\MissingAccessTokenException Thrown if there is no access token presented
* @return string
*/
protected function determineAccessToken()
protected function determineAccessToken($headersOnly = false)
{
if ($header = $this->getRequest()->header('Authorization')) {
// Check for special case, because cURL sometimes does an
@ -251,12 +253,12 @@ class Resource
// 2nd request: Authorization: Bearer XXX, Bearer XXX
if (strpos($header, ',') !== false) {
$headerPart = explode(',', $header);
$accessToken = preg_replace('/^(?:\s+)?Bearer(\s{1})/', '', $headerPart[0]);
$accessToken = trim(preg_replace('/^(?:\s+)?Bearer\s/', '', $headerPart[0]));
} else {
$accessToken = preg_replace('/^(?:\s+)?Bearer(\s{1})/', '', $header);
$accessToken = trim(preg_replace('/^(?:\s+)?Bearer\s/', '', $header));
}
$accessToken = ($accessToken === 'Bearer') ? '' : $accessToken;
} else {
} elseif ($headersOnly === false) {
$method = $this->getRequest()->server('REQUEST_METHOD');
$accessToken = $this->getRequest()->{$method}($this->tokenKey);
}

4
src/League/OAuth2/Server/Storage/ClientInterface.php
View File

@ -50,8 +50,8 @@ interface ClientInterface
* @param string $clientId The client's ID
* @param string $clientSecret The client's secret (default = "null")
* @param string $redirectUri The client's redirect URI (default = "null")
* @param string $grantType The grant type used in the request
* @param string $grantType The grant type used in the request (default = "null")
* @return bool|array Returns false if the validation fails, array on success
*/
public function getClient($clientId, $clientSecret = null, $redirectUri = null, $grantType);
public function getClient($clientId, $clientSecret = null, $redirectUri = null, $grantType = null);
}

2
src/League/OAuth2/Server/Storage/PDO/Client.php
View File

@ -6,7 +6,7 @@ use League\OAuth2\Server\Storage\ClientInterface;
class Client implements ClientInterface
{
public function getClient($clientId, $clientSecret = null, $redirectUri = null, $grantType)
public function getClient($clientId, $clientSecret = null, $redirectUri = null, $grantType = null)
{
$db = \ezcDbInstance::get();

4
src/League/OAuth2/Server/Storage/ScopeInterface.php
View File

@ -35,8 +35,8 @@ interface ScopeInterface
* </code>
*
* @param string $scope The scope
* @param string $clientId The client ID
* @param string $grantType The grant type used in the request
* @param string $clientId The client ID (default = "null")
* @param string $grantType The grant type used in the request (default = "null")
* @return bool|array If the scope doesn't exist return false
*/
public function getScope($scope, $clientId = null, $grantType = null);

4
tests/resource/ResourceServerTest.php
View File

@ -196,8 +196,8 @@ class Resource_Server_test extends PHPUnit_Framework_TestCase
));
$this->session->shouldReceive('getScopes')->andReturn(array(
array('key' => 'foo'),
array('key' => 'bar')
array('scope' => 'foo'),
array('scope' => 'bar')
));
$request = new League\OAuth2\Server\Util\Request();