From e36ff17ad9ed91b8401302766446474cbe76e17d Mon Sep 17 00:00:00 2001
From: Ilya Bulah <ilya.bulah@gmail.com>
Date: Thu, 14 Jun 2018 17:59:09 +0300
Subject: [PATCH 1/5] Fix psr2

---
 src/Grant/AbstractGrant.php | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/src/Grant/AbstractGrant.php b/src/Grant/AbstractGrant.php
index 79a1ac47..30061d60 100644
--- a/src/Grant/AbstractGrant.php
+++ b/src/Grant/AbstractGrant.php
@@ -196,14 +196,12 @@ abstract class AbstractGrant implements GrantTypeInterface
         // If a redirect URI is provided ensure it matches what is pre-registered
         $redirectUri = $this->getRequestParameter('redirect_uri', $request, null);
         if ($redirectUri !== null) {
-            if (
-                is_string($client->getRedirectUri())
+            if (is_string($client->getRedirectUri())
                 && (strcmp($client->getRedirectUri(), $redirectUri) !== 0)
             ) {
                 $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request));
                 throw OAuthServerException::invalidClient();
-            } elseif (
-                is_array($client->getRedirectUri())
+            } elseif (is_array($client->getRedirectUri())
                 && in_array($redirectUri, $client->getRedirectUri(), true) === false
             ) {
                 $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request));

From 0d20c755d40bbfc39556f742ae585bd4862a2684 Mon Sep 17 00:00:00 2001
From: Ilya Bulah <ilya.bulah@gmail.com>
Date: Thu, 14 Jun 2018 23:33:58 +0300
Subject: [PATCH 2/5] Formatting

---
 src/Grant/ImplicitGrant.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/Grant/ImplicitGrant.php b/src/Grant/ImplicitGrant.php
index b4157883..51a2f32c 100644
--- a/src/Grant/ImplicitGrant.php
+++ b/src/Grant/ImplicitGrant.php
@@ -118,6 +118,7 @@ class ImplicitGrant extends AbstractAuthorizeGrant
             $request,
             $this->getServerParameter('PHP_AUTH_USER', $request)
         );
+
         if (is_null($clientId)) {
             throw OAuthServerException::invalidRequest('client_id');
         }
@@ -135,6 +136,7 @@ class ImplicitGrant extends AbstractAuthorizeGrant
         }
 
         $redirectUri = $this->getQueryStringParameter('redirect_uri', $request);
+
         if ($redirectUri !== null) {
             if (
                 is_string($client->getRedirectUri())

From a31bc7d4cc6bf9e1832fcd46b020d54ac54b1133 Mon Sep 17 00:00:00 2001
From: Ilya Bulah <ilya.bulah@gmail.com>
Date: Thu, 14 Jun 2018 23:12:32 +0300
Subject: [PATCH 3/5] Extract validateRedirectUri()

---
 src/Grant/AbstractGrant.php | 44 +++++++++++++++++++++++++++----------
 src/Grant/AuthCodeGrant.php | 14 +-----------
 src/Grant/ImplicitGrant.php | 14 +-----------
 3 files changed, 34 insertions(+), 38 deletions(-)

diff --git a/src/Grant/AbstractGrant.php b/src/Grant/AbstractGrant.php
index 30061d60..6fb621f6 100644
--- a/src/Grant/AbstractGrant.php
+++ b/src/Grant/AbstractGrant.php
@@ -193,25 +193,45 @@ abstract class AbstractGrant implements GrantTypeInterface
             throw OAuthServerException::invalidClient();
         }
 
-        // If a redirect URI is provided ensure it matches what is pre-registered
         $redirectUri = $this->getRequestParameter('redirect_uri', $request, null);
+
         if ($redirectUri !== null) {
-            if (is_string($client->getRedirectUri())
-                && (strcmp($client->getRedirectUri(), $redirectUri) !== 0)
-            ) {
-                $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request));
-                throw OAuthServerException::invalidClient();
-            } elseif (is_array($client->getRedirectUri())
-                && in_array($redirectUri, $client->getRedirectUri(), true) === false
-            ) {
-                $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request));
-                throw OAuthServerException::invalidClient();
-            }
+            $this->validateRedirectUri($redirectUri, $client, $request);
         }
 
         return $client;
     }
 
+    /**
+     * Validate redirectUri from the request.
+     * If a redirect URI is provided ensure it matches what is pre-registered
+     *
+     * @param string $redirectUri
+     * @param ClientEntityInterface $client
+     * @param ServerRequestInterface $request
+     *
+     * @throws OAuthServerException
+     *
+     * @return void
+     */
+    protected function validateRedirectUri(
+        string $redirectUri,
+        ClientEntityInterface $client,
+        ServerRequestInterface $request
+    ) {
+        if (is_string($client->getRedirectUri())
+            && (strcmp($client->getRedirectUri(), $redirectUri) !== 0)
+        ) {
+            $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request));
+            throw OAuthServerException::invalidClient();
+        } elseif (is_array($client->getRedirectUri())
+            && in_array($redirectUri, $client->getRedirectUri(), true) === false
+        ) {
+            $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request));
+            throw OAuthServerException::invalidClient();
+        }
+    }
+
     /**
      * Validate scopes in the request.
      *
diff --git a/src/Grant/AuthCodeGrant.php b/src/Grant/AuthCodeGrant.php
index 80e1cd0f..cfa8309b 100644
--- a/src/Grant/AuthCodeGrant.php
+++ b/src/Grant/AuthCodeGrant.php
@@ -242,19 +242,7 @@ class AuthCodeGrant extends AbstractAuthorizeGrant
         $redirectUri = $this->getQueryStringParameter('redirect_uri', $request);
 
         if ($redirectUri !== null) {
-            if (
-                is_string($client->getRedirectUri())
-                && (strcmp($client->getRedirectUri(), $redirectUri) !== 0)
-            ) {
-                $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request));
-                throw OAuthServerException::invalidClient();
-            } elseif (
-                is_array($client->getRedirectUri())
-                && in_array($redirectUri, $client->getRedirectUri(), true) === false
-            ) {
-                $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request));
-                throw OAuthServerException::invalidClient();
-            }
+            $this->validateRedirectUri($redirectUri, $client, $request);
         } elseif (is_array($client->getRedirectUri()) && count($client->getRedirectUri()) !== 1
             || empty($client->getRedirectUri())) {
             $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request));
diff --git a/src/Grant/ImplicitGrant.php b/src/Grant/ImplicitGrant.php
index 51a2f32c..9810c30a 100644
--- a/src/Grant/ImplicitGrant.php
+++ b/src/Grant/ImplicitGrant.php
@@ -138,19 +138,7 @@ class ImplicitGrant extends AbstractAuthorizeGrant
         $redirectUri = $this->getQueryStringParameter('redirect_uri', $request);
 
         if ($redirectUri !== null) {
-            if (
-                is_string($client->getRedirectUri())
-                && (strcmp($client->getRedirectUri(), $redirectUri) !== 0)
-            ) {
-                $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request));
-                throw OAuthServerException::invalidClient();
-            } elseif (
-                is_array($client->getRedirectUri())
-                && in_array($redirectUri, $client->getRedirectUri(), true) === false
-            ) {
-                $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request));
-                throw OAuthServerException::invalidClient();
-            }
+            $this->validateRedirectUri($redirectUri, $client, $request);
         } elseif (is_array($client->getRedirectUri()) && count($client->getRedirectUri()) !== 1
             || empty($client->getRedirectUri())) {
             $this->getEmitter()->emit(new RequestEvent(RequestEvent::CLIENT_AUTHENTICATION_FAILED, $request));

From 224763cda662f17be7f34b5a236d6466f2bbda74 Mon Sep 17 00:00:00 2001
From: Ilya Bulah <ilya.bulah@gmail.com>
Date: Fri, 15 Jun 2018 00:06:33 +0300
Subject: [PATCH 4/5] Fix docblock

---
 src/Grant/AbstractGrant.php | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/src/Grant/AbstractGrant.php b/src/Grant/AbstractGrant.php
index 6fb621f6..99f1626a 100644
--- a/src/Grant/AbstractGrant.php
+++ b/src/Grant/AbstractGrant.php
@@ -206,13 +206,11 @@ abstract class AbstractGrant implements GrantTypeInterface
      * Validate redirectUri from the request.
      * If a redirect URI is provided ensure it matches what is pre-registered
      *
-     * @param string $redirectUri
-     * @param ClientEntityInterface $client
+     * @param string                 $redirectUri
+     * @param ClientEntityInterface  $client
      * @param ServerRequestInterface $request
      *
      * @throws OAuthServerException
-     *
-     * @return void
      */
     protected function validateRedirectUri(
         string $redirectUri,

From 614bba2c11e9dda5a3ed5bc9597230d8c89066d6 Mon Sep 17 00:00:00 2001
From: Ilya Bulah <ilya.bulah@gmail.com>
Date: Fri, 15 Jun 2018 15:57:01 +0300
Subject: [PATCH 5/5] update changelog

---
 CHANGELOG.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3d36285c..e2fe02fb 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,9 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ## [Unreleased]
 
+### Changed
+- Refactoring: extracted `validateRedirectUri` method to remove 3 code duplicates (PR #912)
+
 ### Added
 - Function `hasRedirect()` added to `OAuthServerException` (PR #703)