ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2025-05-31 14:12:07 +05:30
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'V5-WIP' into move_identifier_generation

Browse Source
This commit is contained in:
Julián Gutiérrez
2016-02-18 18:14:59 +01:00
parent 5d6634aa9f 13baa0bb26
commit a644eacea7
15 changed files with 628 additions and 101 deletions
Download Patch File Download Diff File Expand all files Collapse all files

92
src/Grant/AbstractGrant.php
View File

@@ -21,8 +21,11 @@ use League\OAuth2\Server\Entities\RefreshTokenEntity;
use League\OAuth2\Server\Entities\ScopeEntity;
use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\AuthCodeRepositoryInterface;
use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
use OAuth2ServerExamples\Repositories\AuthCodeRepository;
use Psr\Http\Message\ServerRequestInterface;
/**
@@ -54,6 +57,16 @@ abstract class AbstractGrant implements GrantTypeInterface
*/
protected $scopeRepository;
/**
* @var \League\OAuth2\Server\Repositories\AuthCodeRepositoryInterface
*/
private $authCodeRepository;
/**
* @var \League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface
*/
private $refreshTokenRepository;
/**
* @var string
*/
@@ -93,6 +106,22 @@ abstract class AbstractGrant implements GrantTypeInterface
$this->scopeRepository = $scopeRepository;
}
/**
* @param \League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface $refreshTokenRepository
*/
public function setRefreshTokenRepository(RefreshTokenRepositoryInterface $refreshTokenRepository)
{
$this->refreshTokenRepository = $refreshTokenRepository;
}
/**
* @param \League\OAuth2\Server\Repositories\AuthCodeRepositoryInterface $authCodeRepository
*/
public function setAuthCodeRepository(AuthCodeRepositoryInterface $authCodeRepository)
{
$this->authCodeRepository = $authCodeRepository;
}
/**
* @param string $pathToPrivateKey
*/
@@ -125,21 +154,32 @@ abstract class AbstractGrant implements GrantTypeInterface
$this->refreshTokenTTL = $refreshTokenTTL;
}
/**
* @return AuthCodeRepositoryInterface
*/
protected function getAuthCodeRepository()
{
return $this->authCodeRepository;
}
/**
* @return RefreshTokenRepositoryInterface
*/
protected function getRefreshTokenRepository()
{
return $this->refreshTokenRepository;
}
/**
* Validate the client
*
* @param \Psr\Http\Message\ServerRequestInterface $request
* @param bool $validateSecret
* @param bool $validateRedirectUri
*
* @return \League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface
* @throws \League\OAuth2\Server\Exception\OAuthServerException
*/
protected function validateClient(
ServerRequestInterface $request,
$validateSecret = true,
$validateRedirectUri = false
) {
protected function validateClient(ServerRequestInterface $request)
{
$clientId = $this->getRequestParameter(
'client_id',
$request,
@@ -149,30 +189,34 @@ abstract class AbstractGrant implements GrantTypeInterface
throw OAuthServerException::invalidRequest('client_id', null, '`%s` parameter is missing');
}
$client = $this->clientRepository->getClientEntity(
$clientId,
$this->getIdentifier()
);
if (!$client instanceof ClientEntityInterface) {
throw OAuthServerException::invalidClient();
}
// If the client is confidential require the client secret
$clientSecret = $this->getRequestParameter(
'client_secret',
$request,
$this->getServerParameter('PHP_AUTH_PW', $request)
);
if (is_null($clientSecret) && $validateSecret === true) {
if ($client->canKeepASecret() && is_null($clientSecret)) {
throw OAuthServerException::invalidRequest('client_secret', null, '`%s` parameter is missing');
}
$redirectUri = $this->getRequestParameter('redirect_uri', $request, null);
if (is_null($redirectUri) && $validateRedirectUri === true) {
throw OAuthServerException::invalidRequest('redirect_uri', null, '`%s` parameter is missing');
if ($client->canKeepASecret() && $client->validateSecret($clientSecret) === false) {
$this->getEmitter()->emit(new Event('client.authentication.failed', $request));
throw OAuthServerException::invalidClient();
}
$client = $this->clientRepository->getClientEntity(
$clientId,
$clientSecret,
$redirectUri,
$this->getIdentifier()
);
if (!$client instanceof ClientEntityInterface) {
$this->getEmitter()->emit(new Event('client.authentication.failed', $request));
// If a redirect URI is provided ensure it matches what is pre-registered
$redirectUri = $this->getRequestParameter('redirect_uri', $request, null);
if ($redirectUri !== null && (strcmp($client->getRedirectUri(), $redirectUri) !== 0)) {
throw OAuthServerException::invalidClient();
}
@@ -303,6 +347,8 @@ abstract class AbstractGrant implements GrantTypeInterface
$accessToken->addScope($scope);
}
$this->accessTokenRepository->persistNewAccessToken($accessToken);
return $accessToken;
}
@@ -336,6 +382,8 @@ abstract class AbstractGrant implements GrantTypeInterface
$authCode->addScope($scope);
}
$this->authCodeRepository->persistNewAuthCode($authCode);
return $authCode;
}
@@ -351,6 +399,8 @@ abstract class AbstractGrant implements GrantTypeInterface
$refreshToken->setExpiryDateTime((new \DateTime())->add($this->refreshTokenTTL));
$refreshToken->setAccessToken($accessToken);
$this->refreshTokenRepository->persistNewRefreshToken($refreshToken);
return $refreshToken;
}