Merge branch 'V5-WIP' of github.com:thephpleague/oauth2-server into V5-WIP

This commit is contained in:
Alex Bilbie 2016-03-15 21:21:08 +00:00
commit a70bc2360a
20 changed files with 130 additions and 147 deletions

View File

@ -1,15 +0,0 @@
<?php
namespace League\OAuth2\Server\Entities;
use League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface;
use League\OAuth2\Server\Entities\Traits\ClientEntityTrait;
use League\OAuth2\Server\Entities\Traits\EntityTrait;
/**
* Class ClientEntity.
*/
class ClientEntity implements ClientEntityInterface
{
use EntityTrait, ClientEntityTrait;
}

View File

@ -11,20 +11,19 @@
namespace League\OAuth2\Server\Grant; namespace League\OAuth2\Server\Grant;
use League\Event\EmitterAwareTrait; use League\Event\EmitterAwareTrait;
use League\Event\EmitterInterface;
use League\Event\Event; use League\Event\Event;
use League\OAuth2\Server\Entities\AccessTokenEntity; use League\OAuth2\Server\Entities\AccessTokenEntity;
use League\OAuth2\Server\Entities\AuthCodeEntity; use League\OAuth2\Server\Entities\AuthCodeEntity;
use League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface; use League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface;
use League\OAuth2\Server\Entities\Interfaces\ScopeEntityInterface;
use League\OAuth2\Server\Entities\RefreshTokenEntity; use League\OAuth2\Server\Entities\RefreshTokenEntity;
use League\OAuth2\Server\Entities\ScopeEntity;
use League\OAuth2\Server\Exception\OAuthServerException; use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface; use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\AuthCodeRepositoryInterface; use League\OAuth2\Server\Repositories\AuthCodeRepositoryInterface;
use League\OAuth2\Server\Repositories\ClientRepositoryInterface; use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface; use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\ScopeRepositoryInterface; use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
use OAuth2ServerExamples\Repositories\AuthCodeRepository; use League\OAuth2\Server\Repositories\UserRepositoryInterface;
use Psr\Http\Message\ServerRequestInterface; use Psr\Http\Message\ServerRequestInterface;
/** /**
@ -59,12 +58,17 @@ abstract class AbstractGrant implements GrantTypeInterface
/** /**
* @var \League\OAuth2\Server\Repositories\AuthCodeRepositoryInterface * @var \League\OAuth2\Server\Repositories\AuthCodeRepositoryInterface
*/ */
private $authCodeRepository; protected $authCodeRepository;
/** /**
* @var \League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface * @var \League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface
*/ */
private $refreshTokenRepository; protected $refreshTokenRepository;
/**
* @var \League\OAuth2\Server\Repositories\UserRepositoryInterface
*/
protected $userRepository;
/** /**
* @var string * @var string
@ -121,6 +125,14 @@ abstract class AbstractGrant implements GrantTypeInterface
$this->authCodeRepository = $authCodeRepository; $this->authCodeRepository = $authCodeRepository;
} }
/**
* @param \League\OAuth2\Server\Repositories\UserRepositoryInterface $userRepository
*/
public function setUserRepository(UserRepositoryInterface $userRepository)
{
$this->userRepository = $userRepository;
}
/** /**
* @param string $pathToPrivateKey * @param string $pathToPrivateKey
*/ */
@ -137,14 +149,6 @@ abstract class AbstractGrant implements GrantTypeInterface
$this->pathToPublicKey = $pathToPublicKey; $this->pathToPublicKey = $pathToPublicKey;
} }
/**
* {@inheritdoc}
*/
public function setEmitter(EmitterInterface $emitter = null)
{
$this->emitter = $emitter;
}
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
@ -153,22 +157,6 @@ abstract class AbstractGrant implements GrantTypeInterface
$this->refreshTokenTTL = $refreshTokenTTL; $this->refreshTokenTTL = $refreshTokenTTL;
} }
/**
* @return AuthCodeRepositoryInterface
*/
protected function getAuthCodeRepository()
{
return $this->authCodeRepository;
}
/**
* @return RefreshTokenRepositoryInterface
*/
protected function getRefreshTokenRepository()
{
return $this->refreshTokenRepository;
}
/** /**
* Validate the client. * Validate the client.
* *
@ -226,22 +214,21 @@ abstract class AbstractGrant implements GrantTypeInterface
/** /**
* Validate scopes in the request. * Validate scopes in the request.
* *
* @param \Psr\Http\Message\ServerRequestInterface $request * @param string $scopes
* @param \League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface $client * @param \League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface $client
* @param string $redirectUri * @param string $redirectUri
* *
* @throws \League\OAuth2\Server\Exception\OAuthServerException * @throws \League\OAuth2\Server\Exception\OAuthServerException
* *
* @return \League\OAuth2\Server\Entities\ScopeEntity[] * @return \League\OAuth2\Server\Entities\Interfaces\ScopeEntityInterface[]
*/ */
public function validateScopes( public function validateScopes(
ServerRequestInterface $request, $scopes,
ClientEntityInterface $client, ClientEntityInterface $client,
$redirectUri = null $redirectUri = null
) { ) {
$requestedScopes = $this->getRequestParameter('scope', $request);
$scopesList = array_filter( $scopesList = array_filter(
explode(self::SCOPE_DELIMITER_STRING, trim($requestedScopes)), explode(self::SCOPE_DELIMITER_STRING, trim($scopes)),
function ($scope) { function ($scope) {
return !empty($scope); return !empty($scope);
} }
@ -255,7 +242,7 @@ abstract class AbstractGrant implements GrantTypeInterface
$client->getIdentifier() $client->getIdentifier()
); );
if (($scope instanceof ScopeEntity) === false) { if (($scope instanceof ScopeEntityInterface) === false) {
throw OAuthServerException::invalidScope($scopeItem, $redirectUri); throw OAuthServerException::invalidScope($scopeItem, $redirectUri);
} }
@ -326,10 +313,10 @@ abstract class AbstractGrant implements GrantTypeInterface
/** /**
* Issue an access token. * Issue an access token.
* *
* @param \DateInterval $tokenTTL * @param \DateInterval $tokenTTL
* @param \League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface $client * @param \League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface $client
* @param string $userIdentifier * @param string $userIdentifier
* @param array $scopes * @param \League\OAuth2\Server\Entities\Interfaces\ScopeEntityInterface[] $scopes
* *
* @return \League\OAuth2\Server\Entities\AccessTokenEntity * @return \League\OAuth2\Server\Entities\AccessTokenEntity
*/ */
@ -346,11 +333,6 @@ abstract class AbstractGrant implements GrantTypeInterface
$accessToken->setUserIdentifier($userIdentifier); $accessToken->setUserIdentifier($userIdentifier);
foreach ($scopes as $scope) { foreach ($scopes as $scope) {
if (is_string($scope)) {
$s = new ScopeEntity();
$s->setIdentifier($scope);
$scope = $s;
}
$accessToken->addScope($scope); $accessToken->addScope($scope);
} }
@ -362,11 +344,11 @@ abstract class AbstractGrant implements GrantTypeInterface
/** /**
* Issue an auth code. * Issue an auth code.
* *
* @param \DateInterval $tokenTTL * @param \DateInterval $tokenTTL
* @param \League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface $client * @param \League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface $client
* @param string $userIdentifier * @param string $userIdentifier
* @param string $redirectUri * @param string $redirectUri
* @param array $scopes * @param \League\OAuth2\Server\Entities\Interfaces\ScopeEntityInterface[] $scopes
* *
* @throws \League\OAuth2\Server\Exception\OAuthServerException * @throws \League\OAuth2\Server\Exception\OAuthServerException
* *

View File

@ -24,11 +24,6 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
*/ */
private $authCodeTTL; private $authCodeTTL;
/**
* @var \League\OAuth2\Server\Repositories\UserRepositoryInterface
*/
private $userRepository;
/** /**
* @param \League\OAuth2\Server\Repositories\AuthCodeRepositoryInterface $authCodeRepository * @param \League\OAuth2\Server\Repositories\AuthCodeRepositoryInterface $authCodeRepository
* @param \League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface $refreshTokenRepository * @param \League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface $refreshTokenRepository
@ -49,7 +44,7 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
) { ) {
$this->setAuthCodeRepository($authCodeRepository); $this->setAuthCodeRepository($authCodeRepository);
$this->setRefreshTokenRepository($refreshTokenRepository); $this->setRefreshTokenRepository($refreshTokenRepository);
$this->userRepository = $userRepository; $this->setUserRepository($userRepository);
$this->authCodeTTL = $authCodeTTL; $this->authCodeTTL = $authCodeTTL;
$this->refreshTokenTTL = new \DateInterval('P1M'); $this->refreshTokenTTL = new \DateInterval('P1M');
$this->loginTemplate = $loginTemplate; $this->loginTemplate = $loginTemplate;
@ -94,7 +89,11 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
throw OAuthServerException::invalidClient(); throw OAuthServerException::invalidClient();
} }
$scopes = $this->validateScopes($request, $client, $client->getRedirectUri()); $scopes = $this->validateScopes(
$this->getQueryStringParameter('scope', $request),
$client,
$client->getRedirectUri()
);
$queryString = http_build_query($request->getQueryParams()); $queryString = http_build_query($request->getQueryParams());
$postbackUri = new Uri( $postbackUri = new Uri(
sprintf( sprintf(
@ -258,7 +257,7 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
throw OAuthServerException::invalidRequest('code', 'Authorization code has expired'); throw OAuthServerException::invalidRequest('code', 'Authorization code has expired');
} }
if ($this->getAuthCodeRepository()->isAuthCodeRevoked($authCodePayload->auth_code_id) === true) { if ($this->authCodeRepository->isAuthCodeRevoked($authCodePayload->auth_code_id) === true) {
throw OAuthServerException::invalidRequest('code', 'Authorization code has been revoked'); throw OAuthServerException::invalidRequest('code', 'Authorization code has been revoked');
} }
@ -269,17 +268,27 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
if ($authCodePayload->redirect_uri !== $redirectUri) { if ($authCodePayload->redirect_uri !== $redirectUri) {
throw OAuthServerException::invalidRequest('redirect_uri', 'Invalid redirect URI'); throw OAuthServerException::invalidRequest('redirect_uri', 'Invalid redirect URI');
} }
$scopes = [];
foreach ($authCodePayload->scopes as $scopeId) {
$scope = $this->scopeRepository->getScopeEntityByIdentifier(
$scopeId,
$this->getIdentifier(),
$client->getIdentifier()
);
if (!$scope) {
throw OAuthServerException::invalidScope($scopeId);
}
$scopes[] = $scope;
}
} catch (\LogicException $e) { } catch (\LogicException $e) {
throw OAuthServerException::invalidRequest('code', 'Cannot decrypt the authorization code'); throw OAuthServerException::invalidRequest('code', 'Cannot decrypt the authorization code');
} }
// Issue and persist access + refresh tokens // Issue and persist access + refresh tokens
$accessToken = $this->issueAccessToken( $accessToken = $this->issueAccessToken($accessTokenTTL, $client, $authCodePayload->user_id, $scopes);
$accessTokenTTL,
$client,
$authCodePayload->user_id,
$authCodePayload->scopes
);
$refreshToken = $this->issueRefreshToken($accessToken); $refreshToken = $this->issueRefreshToken($accessToken);
// Inject tokens into response type // Inject tokens into response type

View File

@ -28,7 +28,7 @@ class ClientCredentialsGrant extends AbstractGrant
) { ) {
// Validate request // Validate request
$client = $this->validateClient($request); $client = $this->validateClient($request);
$scopes = $this->validateScopes($request, $client); $scopes = $this->validateScopes($this->getRequestParameter('scope', $request), $client);
// Issue and persist access token // Issue and persist access token
$accessToken = $this->issueAccessToken($accessTokenTTL, $client, $client->getIdentifier(), $scopes); $accessToken = $this->issueAccessToken($accessTokenTTL, $client, $client->getIdentifier(), $scopes);

View File

@ -16,11 +16,6 @@ use Zend\Diactoros\Uri;
class ImplicitGrant extends AbstractAuthorizeGrant class ImplicitGrant extends AbstractAuthorizeGrant
{ {
/**
* @var \League\OAuth2\Server\Repositories\UserRepositoryInterface
*/
private $userRepository;
/** /**
* @param \League\OAuth2\Server\Repositories\UserRepositoryInterface $userRepository * @param \League\OAuth2\Server\Repositories\UserRepositoryInterface $userRepository
* @param string|null $loginTemplate * @param string|null $loginTemplate
@ -33,7 +28,7 @@ class ImplicitGrant extends AbstractAuthorizeGrant
$authorizeTemplate = null, $authorizeTemplate = null,
RendererInterface $templateRenderer = null RendererInterface $templateRenderer = null
) { ) {
$this->userRepository = $userRepository; $this->setUserRepository($userRepository);
$this->refreshTokenTTL = new \DateInterval('P1M'); $this->refreshTokenTTL = new \DateInterval('P1M');
$this->loginTemplate = $loginTemplate; $this->loginTemplate = $loginTemplate;
$this->authorizeTemplate = $authorizeTemplate; $this->authorizeTemplate = $authorizeTemplate;
@ -94,7 +89,11 @@ class ImplicitGrant extends AbstractAuthorizeGrant
throw OAuthServerException::invalidClient(); throw OAuthServerException::invalidClient();
} }
$scopes = $this->validateScopes($request, $client, $client->getRedirectUri()); $scopes = $this->validateScopes(
$this->getQueryStringParameter('scope', $request),
$client,
$client->getRedirectUri()
);
$queryString = http_build_query($request->getQueryParams()); $queryString = http_build_query($request->getQueryParams());
$postbackUri = new Uri( $postbackUri = new Uri(
sprintf( sprintf(
@ -197,7 +196,7 @@ class ImplicitGrant extends AbstractAuthorizeGrant
$scopes $scopes
); );
$redirectPayload['access_token'] = $accessToken->convertToJWT($this->pathToPrivateKey); $redirectPayload['access_token'] = (string) $accessToken->convertToJWT($this->pathToPrivateKey);
$redirectPayload['token_type'] = 'bearer'; $redirectPayload['token_type'] = 'bearer';
$redirectPayload['expires_in'] = time() - $accessToken->getExpiryDateTime()->getTimestamp(); $redirectPayload['expires_in'] = time() - $accessToken->getExpiryDateTime()->getTimestamp();

View File

@ -23,11 +23,6 @@ use Psr\Http\Message\ServerRequestInterface;
*/ */
class PasswordGrant extends AbstractGrant class PasswordGrant extends AbstractGrant
{ {
/**
* @var \League\OAuth2\Server\Repositories\UserRepositoryInterface
*/
private $userRepository;
/** /**
* @param \League\OAuth2\Server\Repositories\UserRepositoryInterface $userRepository * @param \League\OAuth2\Server\Repositories\UserRepositoryInterface $userRepository
* @param \League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface $refreshTokenRepository * @param \League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface $refreshTokenRepository
@ -36,7 +31,7 @@ class PasswordGrant extends AbstractGrant
UserRepositoryInterface $userRepository, UserRepositoryInterface $userRepository,
RefreshTokenRepositoryInterface $refreshTokenRepository RefreshTokenRepositoryInterface $refreshTokenRepository
) { ) {
$this->userRepository = $userRepository; $this->setUserRepository($userRepository);
$this->setRefreshTokenRepository($refreshTokenRepository); $this->setRefreshTokenRepository($refreshTokenRepository);
$this->refreshTokenTTL = new \DateInterval('P1M'); $this->refreshTokenTTL = new \DateInterval('P1M');
@ -53,7 +48,7 @@ class PasswordGrant extends AbstractGrant
// Validate request // Validate request
$client = $this->validateClient($request); $client = $this->validateClient($request);
$user = $this->validateUser($request); $user = $this->validateUser($request);
$scopes = $this->validateScopes($request, $client); $scopes = $this->validateScopes($this->getRequestParameter('scope', $request), $client);
// Issue and persist new tokens // Issue and persist new tokens
$accessToken = $this->issueAccessToken($accessTokenTTL, $client, $user->getIdentifier(), $scopes); $accessToken = $this->issueAccessToken($accessTokenTTL, $client, $user->getIdentifier(), $scopes);

View File

@ -11,7 +11,6 @@
namespace League\OAuth2\Server\Grant; namespace League\OAuth2\Server\Grant;
use League\Event\Event; use League\Event\Event;
use League\OAuth2\Server\Entities\ScopeEntity;
use League\OAuth2\Server\Exception\OAuthServerException; use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface; use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
use League\OAuth2\Server\ResponseTypes\ResponseTypeInterface; use League\OAuth2\Server\ResponseTypes\ResponseTypeInterface;
@ -44,13 +43,20 @@ class RefreshTokenGrant extends AbstractGrant
// Validate request // Validate request
$client = $this->validateClient($request); $client = $this->validateClient($request);
$oldRefreshToken = $this->validateOldRefreshToken($request, $client->getIdentifier()); $oldRefreshToken = $this->validateOldRefreshToken($request, $client->getIdentifier());
$scopes = $this->validateScopes($request, $client); $scopes = $this->validateScopes($this->getRequestParameter('scope', $request), $client);
// If no new scopes are requested then give the access token the original session scopes // If no new scopes are requested then give the access token the original session scopes
if (count($scopes) === 0) { if (count($scopes) === 0) {
$scopes = array_map(function ($scopeId) { $scopes = array_map(function ($scopeId) use ($client) {
$scope = new ScopeEntity(); $scope = $this->scopeRepository->getScopeEntityByIdentifier(
$scope->setIdentifier($scopeId); $scopeId,
$this->getIdentifier(),
$client->getIdentifier()
);
if (!$scope) {
throw OAuthServerException::invalidScope($scopeId);
}
return $scope; return $scope;
}, $oldRefreshToken['scopes']); }, $oldRefreshToken['scopes']);
@ -68,13 +74,13 @@ class RefreshTokenGrant extends AbstractGrant
// Expire old tokens // Expire old tokens
$this->accessTokenRepository->revokeAccessToken($oldRefreshToken['access_token_id']); $this->accessTokenRepository->revokeAccessToken($oldRefreshToken['access_token_id']);
$this->getRefreshTokenRepository()->revokeRefreshToken($oldRefreshToken['refresh_token_id']); $this->refreshTokenRepository->revokeRefreshToken($oldRefreshToken['refresh_token_id']);
// Issue and persist new tokens // Issue and persist new tokens
$accessToken = $this->issueAccessToken($accessTokenTTL, $client, $oldRefreshToken['user_id'], $scopes); $accessToken = $this->issueAccessToken($accessTokenTTL, $client, $oldRefreshToken['user_id'], $scopes);
$refreshToken = $this->issueRefreshToken($accessToken); $refreshToken = $this->issueRefreshToken($accessToken);
$this->accessTokenRepository->persistNewAccessToken($accessToken); $this->accessTokenRepository->persistNewAccessToken($accessToken);
$this->getRefreshTokenRepository()->persistNewRefreshToken($refreshToken); $this->refreshTokenRepository->persistNewRefreshToken($refreshToken);
// Inject tokens into response // Inject tokens into response
$responseType->setAccessToken($accessToken); $responseType->setAccessToken($accessToken);
@ -120,7 +126,7 @@ class RefreshTokenGrant extends AbstractGrant
throw OAuthServerException::invalidRefreshToken('Token has expired'); throw OAuthServerException::invalidRefreshToken('Token has expired');
} }
if ($this->getRefreshTokenRepository()->isRefreshTokenRevoked($refreshTokenData['refresh_token_id']) === true) { if ($this->refreshTokenRepository->isRefreshTokenRevoked($refreshTokenData['refresh_token_id']) === true) {
throw OAuthServerException::invalidRefreshToken('Token has been revoked'); throw OAuthServerException::invalidRefreshToken('Token has been revoked');
} }

View File

@ -128,7 +128,8 @@ class Server implements EmitterAwareInterface
} }
$tokenResponse = null; $tokenResponse = null;
foreach ($this->enabledGrantTypes as $grantType) { while ($tokenResponse === null && $grantType = array_shift($this->enabledGrantTypes)) {
/** @var \League\OAuth2\Server\Grant\GrantTypeInterface $grantType */
if ($grantType->canRespondToRequest($request)) { if ($grantType->canRespondToRequest($request)) {
$tokenResponse = $grantType->respondToRequest( $tokenResponse = $grantType->respondToRequest(
$request, $request,
@ -142,11 +143,11 @@ class Server implements EmitterAwareInterface
return $tokenResponse; return $tokenResponse;
} }
if ($tokenResponse instanceof ResponseTypeInterface === false) { if ($tokenResponse instanceof ResponseTypeInterface) {
return OAuthServerException::unsupportedGrantType()->generateHttpResponse($response); return $tokenResponse->generateHttpResponse($response);
} }
return $tokenResponse->generateHttpResponse($response); throw OAuthServerException::unsupportedGrantType();
} }
/** /**

View File

@ -1,5 +1,11 @@
<?php <?php
if (!@include_once __DIR__ . '/../vendor/autoload.php') { if (!@include_once __DIR__ . '/../vendor/autoload.php') {
exit("You must set up the project dependencies, run the following commands:\n> wget http://getcomposer.org/composer.phar\n> php composer.phar install\n"); $message = <<<MSG
You must set up the project dependencies, run the following commands:
> wget http://getcomposer.org/composer.phar
> php composer.phar install
MSG;
exit($message);
} }

View File

@ -4,17 +4,17 @@ namespace LeagueTests\Grant;
use League\Event\Emitter; use League\Event\Emitter;
use League\OAuth2\Server\Entities\AccessTokenEntity; use League\OAuth2\Server\Entities\AccessTokenEntity;
use League\OAuth2\Server\Entities\ClientEntity;
use League\OAuth2\Server\Entities\Interfaces\AccessTokenEntityInterface; use League\OAuth2\Server\Entities\Interfaces\AccessTokenEntityInterface;
use League\OAuth2\Server\Entities\Interfaces\AuthCodeEntityInterface; use League\OAuth2\Server\Entities\Interfaces\AuthCodeEntityInterface;
use League\OAuth2\Server\Entities\Interfaces\RefreshTokenEntityInterface; use League\OAuth2\Server\Entities\Interfaces\RefreshTokenEntityInterface;
use League\OAuth2\Server\Entities\ScopeEntity;
use League\OAuth2\Server\Grant\AbstractGrant; use League\OAuth2\Server\Grant\AbstractGrant;
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface; use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\AuthCodeRepositoryInterface; use League\OAuth2\Server\Repositories\AuthCodeRepositoryInterface;
use League\OAuth2\Server\Repositories\ClientRepositoryInterface; use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface; use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\ScopeRepositoryInterface; use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
use LeagueTests\Stubs\ClientEntity;
use LeagueTests\Stubs\ScopeEntity;
use Zend\Diactoros\ServerRequest; use Zend\Diactoros\ServerRequest;
class AbstractGrantTest extends \PHPUnit_Framework_TestCase class AbstractGrantTest extends \PHPUnit_Framework_TestCase
@ -343,14 +343,7 @@ class AbstractGrantTest extends \PHPUnit_Framework_TestCase
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class); $grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$grantMock->setScopeRepository($scopeRepositoryMock); $grantMock->setScopeRepository($scopeRepositoryMock);
$serverRequest = new ServerRequest(); $this->assertEquals([$scope], $grantMock->validateScopes('basic ', new ClientEntity()));
$serverRequest = $serverRequest->withParsedBody(
[
'scope' => 'basic ',
]
);
$this->assertEquals([$scope], $grantMock->validateScopes($serverRequest, new ClientEntity()));
} }
/** /**
@ -365,14 +358,7 @@ class AbstractGrantTest extends \PHPUnit_Framework_TestCase
$grantMock = $this->getMockForAbstractClass(AbstractGrant::class); $grantMock = $this->getMockForAbstractClass(AbstractGrant::class);
$grantMock->setScopeRepository($scopeRepositoryMock); $grantMock->setScopeRepository($scopeRepositoryMock);
$serverRequest = new ServerRequest(); $grantMock->validateScopes('basic ', new ClientEntity());
$serverRequest = $serverRequest->withParsedBody(
[
'scope' => 'basic ',
]
);
$grantMock->validateScopes($serverRequest, new ClientEntity());
} }
public function testGenerateUniqueIdentifier() public function testGenerateUniqueIdentifier()

View File

@ -2,7 +2,6 @@
namespace LeagueTests\Grant; namespace LeagueTests\Grant;
use League\OAuth2\Server\Entities\ClientEntity;
use League\OAuth2\Server\Entities\Interfaces\AccessTokenEntityInterface; use League\OAuth2\Server\Entities\Interfaces\AccessTokenEntityInterface;
use League\OAuth2\Server\Entities\Interfaces\RefreshTokenEntityInterface; use League\OAuth2\Server\Entities\Interfaces\RefreshTokenEntityInterface;
use League\OAuth2\Server\Exception\OAuthServerException; use League\OAuth2\Server\Exception\OAuthServerException;
@ -11,8 +10,11 @@ use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\AuthCodeRepositoryInterface; use League\OAuth2\Server\Repositories\AuthCodeRepositoryInterface;
use League\OAuth2\Server\Repositories\ClientRepositoryInterface; use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface; use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
use League\OAuth2\Server\Repositories\UserRepositoryInterface; use League\OAuth2\Server\Repositories\UserRepositoryInterface;
use League\OAuth2\Server\Utils\KeyCrypt; use League\OAuth2\Server\Utils\KeyCrypt;
use LeagueTests\Stubs\ClientEntity;
use LeagueTests\Stubs\ScopeEntity;
use LeagueTests\Stubs\StubResponseType; use LeagueTests\Stubs\StubResponseType;
use LeagueTests\Stubs\UserEntity; use LeagueTests\Stubs\UserEntity;
use Psr\Http\Message\ResponseInterface; use Psr\Http\Message\ResponseInterface;
@ -577,6 +579,10 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
$userEntity = new UserEntity(); $userEntity = new UserEntity();
$userRepositoryMock->method('getUserEntityByUserCredentials')->willReturn($userEntity); $userRepositoryMock->method('getUserEntityByUserCredentials')->willReturn($userEntity);
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
$scopeEntity = new ScopeEntity();
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scopeEntity);
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock(); $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
$accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf(); $accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();
@ -590,6 +596,7 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
new \DateInterval('PT10M') new \DateInterval('PT10M')
); );
$grant->setClientRepository($clientRepositoryMock); $grant->setClientRepository($clientRepositoryMock);
$grant->setScopeRepository($scopeRepositoryMock);
$grant->setAccessTokenRepository($accessTokenRepositoryMock); $grant->setAccessTokenRepository($accessTokenRepositoryMock);
$grant->setRefreshTokenRepository($refreshTokenRepositoryMock); $grant->setRefreshTokenRepository($refreshTokenRepositoryMock);
$grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key'); $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');

View File

@ -2,11 +2,11 @@
namespace LeagueTests\Grant; namespace LeagueTests\Grant;
use League\OAuth2\Server\Entities\ClientEntity;
use League\OAuth2\Server\Entities\Interfaces\AccessTokenEntityInterface; use League\OAuth2\Server\Entities\Interfaces\AccessTokenEntityInterface;
use League\OAuth2\Server\Grant\ClientCredentialsGrant; use League\OAuth2\Server\Grant\ClientCredentialsGrant;
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface; use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\ClientRepositoryInterface; use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
use LeagueTests\Stubs\ClientEntity;
use LeagueTests\Stubs\StubResponseType; use LeagueTests\Stubs\StubResponseType;
use Zend\Diactoros\ServerRequest; use Zend\Diactoros\ServerRequest;

View File

@ -2,13 +2,13 @@
namespace LeagueTests\Grant; namespace LeagueTests\Grant;
use League\OAuth2\Server\Entities\ClientEntity;
use League\OAuth2\Server\Exception\OAuthServerException; use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Grant\ImplicitGrant; use League\OAuth2\Server\Grant\ImplicitGrant;
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface; use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\ClientRepositoryInterface; use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
use League\OAuth2\Server\Repositories\UserRepositoryInterface; use League\OAuth2\Server\Repositories\UserRepositoryInterface;
use League\OAuth2\Server\Utils\KeyCrypt; use League\OAuth2\Server\Utils\KeyCrypt;
use LeagueTests\Stubs\ClientEntity;
use LeagueTests\Stubs\StubResponseType; use LeagueTests\Stubs\StubResponseType;
use LeagueTests\Stubs\UserEntity; use LeagueTests\Stubs\UserEntity;
use Psr\Http\Message\ResponseInterface; use Psr\Http\Message\ResponseInterface;

View File

@ -2,7 +2,6 @@
namespace LeagueTests\Grant; namespace LeagueTests\Grant;
use League\OAuth2\Server\Entities\ClientEntity;
use League\OAuth2\Server\Entities\Interfaces\AccessTokenEntityInterface; use League\OAuth2\Server\Entities\Interfaces\AccessTokenEntityInterface;
use League\OAuth2\Server\Entities\Interfaces\RefreshTokenEntityInterface; use League\OAuth2\Server\Entities\Interfaces\RefreshTokenEntityInterface;
use League\OAuth2\Server\Grant\PasswordGrant; use League\OAuth2\Server\Grant\PasswordGrant;
@ -10,6 +9,7 @@ use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\ClientRepositoryInterface; use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface; use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\UserRepositoryInterface; use League\OAuth2\Server\Repositories\UserRepositoryInterface;
use LeagueTests\Stubs\ClientEntity;
use LeagueTests\Stubs\StubResponseType; use LeagueTests\Stubs\StubResponseType;
use LeagueTests\Stubs\UserEntity; use LeagueTests\Stubs\UserEntity;
use Zend\Diactoros\ServerRequest; use Zend\Diactoros\ServerRequest;

View File

@ -2,16 +2,16 @@
namespace LeagueTests\Grant; namespace LeagueTests\Grant;
use League\OAuth2\Server\Entities\ClientEntity;
use League\OAuth2\Server\Entities\Interfaces\AccessTokenEntityInterface; use League\OAuth2\Server\Entities\Interfaces\AccessTokenEntityInterface;
use League\OAuth2\Server\Entities\Interfaces\RefreshTokenEntityInterface; use League\OAuth2\Server\Entities\Interfaces\RefreshTokenEntityInterface;
use League\OAuth2\Server\Entities\ScopeEntity;
use League\OAuth2\Server\Grant\RefreshTokenGrant; use League\OAuth2\Server\Grant\RefreshTokenGrant;
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface; use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\ClientRepositoryInterface; use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface; use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\ScopeRepositoryInterface; use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
use League\OAuth2\Server\Utils\KeyCrypt; use League\OAuth2\Server\Utils\KeyCrypt;
use LeagueTests\Stubs\ClientEntity;
use LeagueTests\Stubs\ScopeEntity;
use LeagueTests\Stubs\StubResponseType; use LeagueTests\Stubs\StubResponseType;
use Zend\Diactoros\ServerRequest; use Zend\Diactoros\ServerRequest;
@ -33,6 +33,10 @@ class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
$clientRepositoryMock->method('getClientEntity')->willReturn($client); $clientRepositoryMock->method('getClientEntity')->willReturn($client);
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
$scopeEntity = new ScopeEntity();
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scopeEntity);
$accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock(); $accessTokenRepositoryMock = $this->getMockBuilder(AccessTokenRepositoryInterface::class)->getMock();
$accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf(); $accessTokenRepositoryMock->method('persistNewAccessToken')->willReturnSelf();
@ -41,6 +45,7 @@ class RefreshTokenGrantTest extends \PHPUnit_Framework_TestCase
$grant = new RefreshTokenGrant($refreshTokenRepositoryMock); $grant = new RefreshTokenGrant($refreshTokenRepositoryMock);
$grant->setClientRepository($clientRepositoryMock); $grant->setClientRepository($clientRepositoryMock);
$grant->setScopeRepository($scopeRepositoryMock);
$grant->setAccessTokenRepository($accessTokenRepositoryMock); $grant->setAccessTokenRepository($accessTokenRepositoryMock);
$grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key'); $grant->setPathToPublicKey('file://' . __DIR__ . '/../Utils/public.key');
$grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key'); $grant->setPathToPrivateKey('file://' . __DIR__ . '/../Utils/private.key');

View File

@ -2,13 +2,13 @@
namespace LeagueTests\Middleware; namespace LeagueTests\Middleware;
use League\OAuth2\Server\Entities\ClientEntity;
use League\OAuth2\Server\Grant\ClientCredentialsGrant; use League\OAuth2\Server\Grant\ClientCredentialsGrant;
use League\OAuth2\Server\Middleware\AuthenticationServerMiddleware; use League\OAuth2\Server\Middleware\AuthenticationServerMiddleware;
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface; use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\ClientRepositoryInterface; use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
use League\OAuth2\Server\Repositories\ScopeRepositoryInterface; use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
use League\OAuth2\Server\Server; use League\OAuth2\Server\Server;
use LeagueTests\Stubs\ClientEntity;
use LeagueTests\Stubs\StubResponseType; use LeagueTests\Stubs\StubResponseType;
use Zend\Diactoros\Response; use Zend\Diactoros\Response;
use Zend\Diactoros\ServerRequestFactory; use Zend\Diactoros\ServerRequestFactory;

View File

@ -3,12 +3,12 @@
namespace LeagueTests\ResponseTypes; namespace LeagueTests\ResponseTypes;
use League\OAuth2\Server\Entities\AccessTokenEntity; use League\OAuth2\Server\Entities\AccessTokenEntity;
use League\OAuth2\Server\Entities\ClientEntity;
use League\OAuth2\Server\Entities\RefreshTokenEntity; use League\OAuth2\Server\Entities\RefreshTokenEntity;
use League\OAuth2\Server\Entities\ScopeEntity;
use League\OAuth2\Server\Exception\OAuthServerException; use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface; use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
use League\OAuth2\Server\ResponseTypes\BearerTokenResponse; use League\OAuth2\Server\ResponseTypes\BearerTokenResponse;
use LeagueTests\Stubs\ClientEntity;
use LeagueTests\Stubs\ScopeEntity;
use Psr\Http\Message\ResponseInterface; use Psr\Http\Message\ResponseInterface;
use Zend\Diactoros\Response; use Zend\Diactoros\Response;
use Zend\Diactoros\ServerRequest; use Zend\Diactoros\ServerRequest;

View File

@ -2,7 +2,6 @@
namespace LeagueTests; namespace LeagueTests;
use League\OAuth2\Server\Entities\ClientEntity;
use League\OAuth2\Server\Exception\OAuthServerException; use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Grant\AuthCodeGrant; use League\OAuth2\Server\Grant\AuthCodeGrant;
use League\OAuth2\Server\Grant\ClientCredentialsGrant; use League\OAuth2\Server\Grant\ClientCredentialsGrant;
@ -14,6 +13,7 @@ use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
use League\OAuth2\Server\Repositories\UserRepositoryInterface; use League\OAuth2\Server\Repositories\UserRepositoryInterface;
use League\OAuth2\Server\ResponseTypes\BearerTokenResponse; use League\OAuth2\Server\ResponseTypes\BearerTokenResponse;
use League\OAuth2\Server\Server; use League\OAuth2\Server\Server;
use LeagueTests\Stubs\ClientEntity;
use LeagueTests\Stubs\StubResponseType; use LeagueTests\Stubs\StubResponseType;
use Psr\Http\Message\ResponseInterface; use Psr\Http\Message\ResponseInterface;
use Zend\Diactoros\ServerRequest; use Zend\Diactoros\ServerRequest;
@ -33,9 +33,12 @@ class ServerTest extends \PHPUnit_Framework_TestCase
$server->enableGrantType(new ClientCredentialsGrant(), new \DateInterval('PT1M')); $server->enableGrantType(new ClientCredentialsGrant(), new \DateInterval('PT1M'));
$response = $server->respondToRequest(); try {
$this->assertTrue($response instanceof ResponseInterface); $server->respondToRequest();
$this->assertEquals(400, $response->getStatusCode()); } catch (OAuthServerException $e) {
$this->assertEquals('unsupported_grant_type', $e->getErrorType());
$this->assertEquals(400, $e->getHttpStatusCode());
}
} }
public function testRespondToRequest() public function testRespondToRequest()

View File

@ -1,9 +1,14 @@
<?php <?php
namespace League\OAuth2\Server\Entities\Traits; namespace LeagueTests\Stubs;
trait ClientEntityTrait use League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface;
use League\OAuth2\Server\Entities\Traits\EntityTrait;
class ClientEntity implements ClientEntityInterface
{ {
use EntityTrait;
/** /**
* @var string * @var string
*/ */

View File

@ -1,20 +1,14 @@
<?php <?php
namespace League\OAuth2\Server\Entities; namespace LeagueTests\Stubs;
use League\OAuth2\Server\Entities\Interfaces\ScopeEntityInterface; use League\OAuth2\Server\Entities\Interfaces\ScopeEntityInterface;
use League\OAuth2\Server\Entities\Traits\EntityTrait; use League\OAuth2\Server\Entities\Traits\EntityTrait;
/**
* Class ScopeEntity.
*/
class ScopeEntity implements ScopeEntityInterface class ScopeEntity implements ScopeEntityInterface
{ {
use EntityTrait; use EntityTrait;
/**
* {@inheritdoc}
*/
public function jsonSerialize() public function jsonSerialize()
{ {
return $this->getIdentifier(); return $this->getIdentifier();