diff --git a/src/Grant/ClientCredentialsGrant.php b/src/Grant/ClientCredentialsGrant.php index 3c1db5e0..5b80d02f 100644 --- a/src/Grant/ClientCredentialsGrant.php +++ b/src/Grant/ClientCredentialsGrant.php @@ -32,7 +32,7 @@ class ClientCredentialsGrant extends AbstractGrant // Finalize the requested scopes $scopes = $this->scopeRepository->finalizeScopes($scopes, $client); - + // Issue and persist access token $accessToken = $this->issueAccessToken($accessTokenTTL, $client, $client->getIdentifier(), $scopes); diff --git a/src/Grant/ImplicitGrant.php b/src/Grant/ImplicitGrant.php index 076cd582..62aacb06 100644 --- a/src/Grant/ImplicitGrant.php +++ b/src/Grant/ImplicitGrant.php @@ -123,8 +123,7 @@ class ImplicitGrant extends AbstractAuthorizeGrant $usernameParameter, $passwordParameter, $this->getIdentifier(), - $client, - $scopes + $client ); if ($userEntity instanceof UserEntityInterface) { diff --git a/src/Repositories/ScopeRepositoryInterface.php b/src/Repositories/ScopeRepositoryInterface.php index 5b44c615..1f933426 100644 --- a/src/Repositories/ScopeRepositoryInterface.php +++ b/src/Repositories/ScopeRepositoryInterface.php @@ -30,7 +30,7 @@ interface ScopeRepositoryInterface extends RepositoryInterface public function getScopeEntityByIdentifier($identifier, $grantType, $clientId = null); /** - * Given a client and user validate the set of scopes requested are valid and optionally + * Given a client (and optional user identifier) validate the set of scopes requested are valid and optionally * append additional scopes or remove requested scopes. * * @param ScopeEntityInterface[] $scopes diff --git a/tests/Grant/AuthCodeGrantTest.php b/tests/Grant/AuthCodeGrantTest.php index 44bba0fc..1dfb6974 100644 --- a/tests/Grant/AuthCodeGrantTest.php +++ b/tests/Grant/AuthCodeGrantTest.php @@ -87,6 +87,9 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock(); $accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf(); + $scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock(); + $scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0); + $grant = new AuthCodeGrant( $this->getMock(AuthCodeRepositoryInterface::class), $this->getMock(RefreshTokenRepositoryInterface::class), @@ -95,6 +98,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase ); $grant->setClientRepository($clientRepositoryMock); $grant->setAccessTokenRepository($accessTokenRepositoryMock); + $grant->setScopeRepository($scopeRepositoryMock); $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key'); $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key'); @@ -410,6 +414,9 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock(); $accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf(); + $scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock(); + $scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0); + $grant = new AuthCodeGrant( $this->getMock(AuthCodeRepositoryInterface::class), $this->getMock(RefreshTokenRepositoryInterface::class), @@ -418,6 +425,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase ); $grant->setClientRepository($clientRepositoryMock); $grant->setAccessTokenRepository($accessTokenRepositoryMock); + $grant->setScopeRepository($scopeRepositoryMock); $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key'); $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key'); diff --git a/tests/Grant/ClientCredentialsGrantTest.php b/tests/Grant/ClientCredentialsGrantTest.php index 7ca1487d..c41528c5 100644 --- a/tests/Grant/ClientCredentialsGrantTest.php +++ b/tests/Grant/ClientCredentialsGrantTest.php @@ -6,6 +6,7 @@ use League\OAuth2\Server\Entities\Interfaces\AccessTokenEntityInterface; use League\OAuth2\Server\Grant\ClientCredentialsGrant; use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface; use League\OAuth2\Server\Repositories\ClientRepositoryInterface; +use League\OAuth2\Server\Repositories\ScopeRepositoryInterface; use LeagueTests\Stubs\ClientEntity; use LeagueTests\Stubs\StubResponseType; use Zend\Diactoros\ServerRequest; @@ -28,9 +29,13 @@ class ClientCredentialsGrantTest extends \PHPUnit_Framework_TestCase $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock(); $accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf(); + $scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock(); + $scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0); + $grant = new ClientCredentialsGrant(); $grant->setClientRepository($clientRepositoryMock); $grant->setAccessTokenRepository($accessTokenRepositoryMock); + $grant->setScopeRepository($scopeRepositoryMock); $serverRequest = new ServerRequest(); $serverRequest = $serverRequest->withParsedBody( diff --git a/tests/Grant/ImplicitGrantTest.php b/tests/Grant/ImplicitGrantTest.php index e4e10db0..680b55ac 100644 --- a/tests/Grant/ImplicitGrantTest.php +++ b/tests/Grant/ImplicitGrantTest.php @@ -6,6 +6,7 @@ use League\OAuth2\Server\Exception\OAuthServerException; use League\OAuth2\Server\Grant\ImplicitGrant; use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface; use League\OAuth2\Server\Repositories\ClientRepositoryInterface; +use League\OAuth2\Server\Repositories\ScopeRepositoryInterface; use League\OAuth2\Server\Repositories\UserRepositoryInterface; use League\OAuth2\Server\ResponseTypes\HtmlResponse; use LeagueTests\Stubs\ClientEntity; @@ -72,9 +73,13 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock(); $accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf(); + $scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock(); + $scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0); + $grant = new ImplicitGrant($userRepositoryMock); $grant->setClientRepository($clientRepositoryMock); $grant->setAccessTokenRepository($accessTokenRepositoryMock); + $grant->setScopeRepository($scopeRepositoryMock); $grant->setPublicKeyPath('file://' . __DIR__ . '/../Stubs/public.key'); $grant->setPrivateKeyPath('file://' . __DIR__ . '/../Stubs/private.key'); diff --git a/tests/Grant/PasswordGrantTest.php b/tests/Grant/PasswordGrantTest.php index d7938b94..31043d1a 100644 --- a/tests/Grant/PasswordGrantTest.php +++ b/tests/Grant/PasswordGrantTest.php @@ -8,6 +8,7 @@ use League\OAuth2\Server\Grant\PasswordGrant; use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface; use League\OAuth2\Server\Repositories\ClientRepositoryInterface; use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface; +use League\OAuth2\Server\Repositories\ScopeRepositoryInterface; use League\OAuth2\Server\Repositories\UserRepositoryInterface; use LeagueTests\Stubs\ClientEntity; use LeagueTests\Stubs\StubResponseType; @@ -42,9 +43,13 @@ class PasswordGrantTest extends \PHPUnit_Framework_TestCase $refreshTokenRepositoryMock = $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(); $refreshTokenRepositoryMock->method('persistNewRefreshToken')->willReturnSelf(); + $scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock(); + $scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0); + $grant = new PasswordGrant($userRepositoryMock, $refreshTokenRepositoryMock); $grant->setClientRepository($clientRepositoryMock); $grant->setAccessTokenRepository($accessTokenRepositoryMock); + $grant->setScopeRepository($scopeRepositoryMock); $serverRequest = new ServerRequest(); $serverRequest = $serverRequest->withParsedBody( diff --git a/tests/Middleware/AuthenticationServerMiddlewareTest.php b/tests/Middleware/AuthenticationServerMiddlewareTest.php index 8fb8a553..4acd5c89 100644 --- a/tests/Middleware/AuthenticationServerMiddlewareTest.php +++ b/tests/Middleware/AuthenticationServerMiddlewareTest.php @@ -20,10 +20,13 @@ class AuthenticationServerMiddlewareTest extends \PHPUnit_Framework_TestCase $clientRepository = $this->getMock(ClientRepositoryInterface::class); $clientRepository->method('getClientEntity')->willReturn(new ClientEntity()); + $scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock(); + $scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0); + $server = new Server( $clientRepository, $this->getMock(AccessTokenRepositoryInterface::class), - $this->getMock(ScopeRepositoryInterface::class), + $scopeRepositoryMock, '', '', new StubResponseType() diff --git a/tests/ServerTest.php b/tests/ServerTest.php index cf52cf8f..f61818cf 100644 --- a/tests/ServerTest.php +++ b/tests/ServerTest.php @@ -48,10 +48,13 @@ class ServerTest extends \PHPUnit_Framework_TestCase $clientRepository = $this->getMock(ClientRepositoryInterface::class); $clientRepository->method('getClientEntity')->willReturn(new ClientEntity()); + $scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock(); + $scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0); + $server = new Server( $clientRepository, $this->getMock(AccessTokenRepositoryInterface::class), - $this->getMock(ScopeRepositoryInterface::class), + $scopeRepositoryMock, '', '', new StubResponseType() @@ -75,10 +78,13 @@ class ServerTest extends \PHPUnit_Framework_TestCase $clientRepository = $this->getMock(ClientRepositoryInterface::class); $clientRepository->method('getClientEntity')->willReturn($client); + $scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock(); + $scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0); + $server = new Server( $clientRepository, $this->getMock(AccessTokenRepositoryInterface::class), - $this->getMock(ScopeRepositoryInterface::class), + $scopeRepositoryMock, 'file://' . __DIR__ . '/Stubs/private.key', 'file://' . __DIR__ . '/Stubs/public.key', new StubResponseType()