mirror of
https://github.com/elyby/oauth2-server.git
synced 2025-01-03 10:41:51 +05:30
commit
a798cfdc5d
@ -31,7 +31,6 @@ $app->add(
|
|||||||
$app->get(
|
$app->get(
|
||||||
'/users',
|
'/users',
|
||||||
function (ServerRequestInterface $request, ResponseInterface $response) use ($app) {
|
function (ServerRequestInterface $request, ResponseInterface $response) use ($app) {
|
||||||
|
|
||||||
$users = [
|
$users = [
|
||||||
[
|
[
|
||||||
'id' => 123,
|
'id' => 123,
|
||||||
@ -70,4 +69,4 @@ $app->get(
|
|||||||
}
|
}
|
||||||
);
|
);
|
||||||
|
|
||||||
$app->run();
|
$app->run();
|
||||||
|
@ -30,9 +30,9 @@ $app = new App([
|
|||||||
$accessTokenRepository = new AccessTokenRepository(); // instance of AccessTokenRepositoryInterface
|
$accessTokenRepository = new AccessTokenRepository(); // instance of AccessTokenRepositoryInterface
|
||||||
|
|
||||||
// Path to public and private keys
|
// Path to public and private keys
|
||||||
$privateKey = 'file://'.__DIR__.'/../private.key';
|
$privateKey = 'file://' . __DIR__ . '/../private.key';
|
||||||
//$privateKey = new CryptKey('file://path/to/private.key', 'passphrase'); // if private key has a pass phrase
|
//$privateKey = new CryptKey('file://path/to/private.key', 'passphrase'); // if private key has a pass phrase
|
||||||
$publicKey = 'file://'.__DIR__.'/../public.key';
|
$publicKey = 'file://' . __DIR__ . '/../public.key';
|
||||||
|
|
||||||
// Setup the authorization server
|
// Setup the authorization server
|
||||||
$server = new AuthorizationServer(
|
$server = new AuthorizationServer(
|
||||||
|
@ -23,8 +23,8 @@ $app = new App([
|
|||||||
new ClientRepository(), // instance of ClientRepositoryInterface
|
new ClientRepository(), // instance of ClientRepositoryInterface
|
||||||
new AccessTokenRepository(), // instance of AccessTokenRepositoryInterface
|
new AccessTokenRepository(), // instance of AccessTokenRepositoryInterface
|
||||||
new ScopeRepository(), // instance of ScopeRepositoryInterface
|
new ScopeRepository(), // instance of ScopeRepositoryInterface
|
||||||
'file://'.__DIR__.'/../private.key', // path to private key
|
'file://' . __DIR__ . '/../private.key', // path to private key
|
||||||
'file://'.__DIR__.'/../public.key' // path to public key
|
'file://' . __DIR__ . '/../public.key' // path to public key
|
||||||
);
|
);
|
||||||
|
|
||||||
$grant = new PasswordGrant(
|
$grant = new PasswordGrant(
|
||||||
@ -54,19 +54,17 @@ $app->post(
|
|||||||
|
|
||||||
// Try to respond to the access token request
|
// Try to respond to the access token request
|
||||||
return $server->respondToAccessTokenRequest($request, $response);
|
return $server->respondToAccessTokenRequest($request, $response);
|
||||||
|
|
||||||
} catch (OAuthServerException $exception) {
|
} catch (OAuthServerException $exception) {
|
||||||
|
|
||||||
// All instances of OAuthServerException can be converted to a PSR-7 response
|
// All instances of OAuthServerException can be converted to a PSR-7 response
|
||||||
return $exception->generateHttpResponse($response);
|
return $exception->generateHttpResponse($response);
|
||||||
|
|
||||||
} catch (\Exception $exception) {
|
} catch (\Exception $exception) {
|
||||||
|
|
||||||
// Catch unexpected exceptions
|
// Catch unexpected exceptions
|
||||||
$body = $response->getBody();
|
$body = $response->getBody();
|
||||||
$body->write($exception->getMessage());
|
$body->write($exception->getMessage());
|
||||||
return $response->withStatus(500)->withBody($body);
|
|
||||||
|
|
||||||
|
return $response->withStatus(500)->withBody($body);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
|
@ -54,7 +54,7 @@ class ScopeRepository implements ScopeRepositoryInterface
|
|||||||
$scope->setIdentifier('email');
|
$scope->setIdentifier('email');
|
||||||
$scopes[] = $scope;
|
$scopes[] = $scope;
|
||||||
}
|
}
|
||||||
|
|
||||||
return $scopes;
|
return $scopes;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -75,7 +75,7 @@ class BearerTokenValidator implements AuthorizationValidatorInterface
|
|||||||
} catch (\InvalidArgumentException $exception) {
|
} catch (\InvalidArgumentException $exception) {
|
||||||
// JWT couldn't be parsed so return the request as is
|
// JWT couldn't be parsed so return the request as is
|
||||||
throw OAuthServerException::accessDenied($exception->getMessage());
|
throw OAuthServerException::accessDenied($exception->getMessage());
|
||||||
} catch(\RuntimeException $exception){
|
} catch (\RuntimeException $exception) {
|
||||||
//JWR couldn't be parsed so return the request as is
|
//JWR couldn't be parsed so return the request as is
|
||||||
throw OAuthServerException::accessDenied('Error while decoding to JSON');
|
throw OAuthServerException::accessDenied('Error while decoding to JSON');
|
||||||
}
|
}
|
||||||
|
@ -9,7 +9,6 @@
|
|||||||
|
|
||||||
namespace League\OAuth2\Server\Exception;
|
namespace League\OAuth2\Server\Exception;
|
||||||
|
|
||||||
|
|
||||||
class UniqueTokenIdentifierConstraintViolationException extends OAuthServerException
|
class UniqueTokenIdentifierConstraintViolationException extends OAuthServerException
|
||||||
{
|
{
|
||||||
public static function create()
|
public static function create()
|
||||||
|
@ -345,6 +345,7 @@ abstract class AbstractGrant implements GrantTypeInterface
|
|||||||
$accessToken->setIdentifier($this->generateUniqueIdentifier());
|
$accessToken->setIdentifier($this->generateUniqueIdentifier());
|
||||||
try {
|
try {
|
||||||
$this->accessTokenRepository->persistNewAccessToken($accessToken);
|
$this->accessTokenRepository->persistNewAccessToken($accessToken);
|
||||||
|
|
||||||
return $accessToken;
|
return $accessToken;
|
||||||
} catch (UniqueTokenIdentifierConstraintViolationException $e) {
|
} catch (UniqueTokenIdentifierConstraintViolationException $e) {
|
||||||
if ($maxGenerationAttempts === 0) {
|
if ($maxGenerationAttempts === 0) {
|
||||||
@ -391,6 +392,7 @@ abstract class AbstractGrant implements GrantTypeInterface
|
|||||||
$authCode->setIdentifier($this->generateUniqueIdentifier());
|
$authCode->setIdentifier($this->generateUniqueIdentifier());
|
||||||
try {
|
try {
|
||||||
$this->authCodeRepository->persistNewAuthCode($authCode);
|
$this->authCodeRepository->persistNewAuthCode($authCode);
|
||||||
|
|
||||||
return $authCode;
|
return $authCode;
|
||||||
} catch (UniqueTokenIdentifierConstraintViolationException $e) {
|
} catch (UniqueTokenIdentifierConstraintViolationException $e) {
|
||||||
if ($maxGenerationAttempts === 0) {
|
if ($maxGenerationAttempts === 0) {
|
||||||
@ -420,6 +422,7 @@ abstract class AbstractGrant implements GrantTypeInterface
|
|||||||
$refreshToken->setIdentifier($this->generateUniqueIdentifier());
|
$refreshToken->setIdentifier($this->generateUniqueIdentifier());
|
||||||
try {
|
try {
|
||||||
$this->refreshTokenRepository->persistNewRefreshToken($refreshToken);
|
$this->refreshTokenRepository->persistNewRefreshToken($refreshToken);
|
||||||
|
|
||||||
return $refreshToken;
|
return $refreshToken;
|
||||||
} catch (UniqueTokenIdentifierConstraintViolationException $e) {
|
} catch (UniqueTokenIdentifierConstraintViolationException $e) {
|
||||||
if ($maxGenerationAttempts === 0) {
|
if ($maxGenerationAttempts === 0) {
|
||||||
|
@ -151,6 +151,13 @@ class ImplicitGrant extends AbstractAuthorizeGrant
|
|||||||
: $client->getRedirectUri()
|
: $client->getRedirectUri()
|
||||||
);
|
);
|
||||||
|
|
||||||
|
// Finalize the requested scopes
|
||||||
|
$scopes = $this->scopeRepository->finalizeScopes(
|
||||||
|
$scopes,
|
||||||
|
$this->getIdentifier(),
|
||||||
|
$client
|
||||||
|
);
|
||||||
|
|
||||||
$stateParameter = $this->getQueryStringParameter('state', $request);
|
$stateParameter = $this->getQueryStringParameter('state', $request);
|
||||||
|
|
||||||
$authorizationRequest = new AuthorizationRequest();
|
$authorizationRequest = new AuthorizationRequest();
|
||||||
|
@ -66,12 +66,14 @@ class AuthorizationRequest
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* The code challenge (if provided)
|
* The code challenge (if provided)
|
||||||
|
*
|
||||||
* @var string
|
* @var string
|
||||||
*/
|
*/
|
||||||
protected $codeChallenge;
|
protected $codeChallenge;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The code challenge method (if provided)
|
* The code challenge method (if provided)
|
||||||
|
*
|
||||||
* @var string
|
* @var string
|
||||||
*/
|
*/
|
||||||
protected $codeChallengeMethod;
|
protected $codeChallengeMethod;
|
||||||
|
@ -68,6 +68,7 @@ class BearerTokenResponse extends AbstractResponseType
|
|||||||
* this class rather than the default.
|
* this class rather than the default.
|
||||||
*
|
*
|
||||||
* @param AccessTokenEntityInterface $accessToken
|
* @param AccessTokenEntityInterface $accessToken
|
||||||
|
*
|
||||||
* @return array
|
* @return array
|
||||||
*/
|
*/
|
||||||
protected function getExtraParams(AccessTokenEntityInterface $accessToken)
|
protected function getExtraParams(AccessTokenEntityInterface $accessToken)
|
||||||
|
@ -137,7 +137,6 @@ class AuthCodeGrantTest extends \PHPUnit_Framework_TestCase
|
|||||||
$this->assertTrue($grant->validateAuthorizationRequest($request) instanceof AuthorizationRequest);
|
$this->assertTrue($grant->validateAuthorizationRequest($request) instanceof AuthorizationRequest);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
public function testValidateAuthorizationRequestCodeChallenge()
|
public function testValidateAuthorizationRequestCodeChallenge()
|
||||||
{
|
{
|
||||||
$client = new ClientEntity();
|
$client = new ClientEntity();
|
||||||
|
@ -9,11 +9,13 @@ use League\OAuth2\Server\Grant\ImplicitGrant;
|
|||||||
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
|
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
|
||||||
use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
|
use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
|
||||||
use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
|
use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
|
||||||
|
use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
|
||||||
use League\OAuth2\Server\RequestTypes\AuthorizationRequest;
|
use League\OAuth2\Server\RequestTypes\AuthorizationRequest;
|
||||||
use League\OAuth2\Server\ResponseTypes\RedirectResponse;
|
use League\OAuth2\Server\ResponseTypes\RedirectResponse;
|
||||||
use LeagueTests\Stubs\AccessTokenEntity;
|
use LeagueTests\Stubs\AccessTokenEntity;
|
||||||
use LeagueTests\Stubs\ClientEntity;
|
use LeagueTests\Stubs\ClientEntity;
|
||||||
use LeagueTests\Stubs\CryptTraitStub;
|
use LeagueTests\Stubs\CryptTraitStub;
|
||||||
|
use LeagueTests\Stubs\ScopeEntity;
|
||||||
use LeagueTests\Stubs\StubResponseType;
|
use LeagueTests\Stubs\StubResponseType;
|
||||||
use LeagueTests\Stubs\UserEntity;
|
use LeagueTests\Stubs\UserEntity;
|
||||||
use Zend\Diactoros\ServerRequest;
|
use Zend\Diactoros\ServerRequest;
|
||||||
@ -86,8 +88,14 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
|
|||||||
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
||||||
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
||||||
|
|
||||||
|
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
|
||||||
|
$scopeEntity = new ScopeEntity();
|
||||||
|
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scopeEntity);
|
||||||
|
$scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);
|
||||||
|
|
||||||
$grant = new ImplicitGrant(new \DateInterval('PT10M'));
|
$grant = new ImplicitGrant(new \DateInterval('PT10M'));
|
||||||
$grant->setClientRepository($clientRepositoryMock);
|
$grant->setClientRepository($clientRepositoryMock);
|
||||||
|
$grant->setScopeRepository($scopeRepositoryMock);
|
||||||
|
|
||||||
$request = new ServerRequest(
|
$request = new ServerRequest(
|
||||||
[],
|
[],
|
||||||
@ -114,8 +122,14 @@ class ImplicitGrantTest extends \PHPUnit_Framework_TestCase
|
|||||||
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
$clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock();
|
||||||
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
$clientRepositoryMock->method('getClientEntity')->willReturn($client);
|
||||||
|
|
||||||
|
$scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock();
|
||||||
|
$scopeEntity = new ScopeEntity();
|
||||||
|
$scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scopeEntity);
|
||||||
|
$scopeRepositoryMock->method('finalizeScopes')->willReturnArgument(0);
|
||||||
|
|
||||||
$grant = new ImplicitGrant(new \DateInterval('PT10M'));
|
$grant = new ImplicitGrant(new \DateInterval('PT10M'));
|
||||||
$grant->setClientRepository($clientRepositoryMock);
|
$grant->setClientRepository($clientRepositoryMock);
|
||||||
|
$grant->setScopeRepository($scopeRepositoryMock);
|
||||||
|
|
||||||
$request = new ServerRequest(
|
$request = new ServerRequest(
|
||||||
[],
|
[],
|
||||||
|
Loading…
Reference in New Issue
Block a user