ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2025-05-31 14:12:07 +05:30
Code Issues Packages Projects Releases Wiki Activity

Added abstract server

Browse Source
This commit is contained in:
Alex Bilbie
2014-01-10 17:30:12 +00:00
parent ac2beb08d6
commit ca3b7d51df
3 changed files with 109 additions and 199 deletions
Download Patch File Download Diff File Expand all files Collapse all files

73
src/League/OAuth2/Server/AbstractServer.php Normal file
View File

@@ -0,0 +1,73 @@
<?php
/**
* OAuth 2.0 Abstract Server
*
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/
namespace League\OAuth2\Server;
use Symfony\Component\HttpFoundation\Request;
/**
* OAuth 2.0 Resource Server
*/
abstract class AbstractServer
{
/**
* The request object
*
* @var Util\RequestInterface
*/
protected $request;
/**
* Storage classes
* @var array
*/
protected $storages = [];
/**
* Sets the Request Object
* @param \Symfony\Component\HttpFoundation\Request The Request Object
* @return self
*/
public function setRequest(Request $request)
{
$this->request = $request;
return $this;
}
/**
* Gets the Request object. It will create one from the globals if one is not set.
* @return \Symfony\Component\HttpFoundation\Request
*/
public function getRequest()
{
if ($this->request === null) {
$this->request = \Symfony\Component\HttpFoundation\Request::createFromGlobals();
}
return $this->request;
}
/**
* Return a storage class
* @param string $obj The class required
* @return Storage\ClientInterface|Storage\ScopeInterface|Storage\SessionInterface
*/
public function getStorage($obj)
{
if (!isset($this->storages[$obj])) {
throw new ServerException(
'The `'.$obj.'` storage interface has not been registered with the authorization server'
);
}
return $this->storages[$obj];
}
}

55
src/League/OAuth2/Server/Authorization.php
View File

@@ -28,7 +28,7 @@ use Symfony\Component\HttpFoundation\Request;
/** /**
* OAuth 2.0 authorization server class * OAuth 2.0 authorization server class
*/ */
class Authorization class Authorization extends AbstractServer
{ {
/** /**
* The delimeter between scopes specified in the scope query string parameter * The delimeter between scopes specified in the scope query string parameter
@@ -49,12 +49,6 @@ class Authorization
*/ */
protected $responseTypes = []; protected $responseTypes = [];
/**
* The client, scope and session storage classes
* @var array
*/
protected $storages = [];
/** /**
* The registered grant types * The registered grant types
* @var array * @var array
@@ -71,7 +65,7 @@ class Authorization
* Default scope(s) to be used if none is provided * Default scope(s) to be used if none is provided
* @var string|array * @var string|array
*/ */
protected $defaultScope = null; protected $defaultScope;
/** /**
* Require the "state" parameter to be in checkAuthoriseParams() * Require the "state" parameter to be in checkAuthoriseParams()
@@ -79,12 +73,6 @@ class Authorization
*/ */
protected $requireStateParam = false; protected $requireStateParam = false;
/**
* The request object
* @var Util\RequestInterface
*/
protected $request = null;
/** /**
* Exception error codes * Exception error codes
* @var array * @var array
@@ -444,45 +432,6 @@ class Authorization
return $this; return $this;
} }
/**
* Sets the Request Object
* @param \Symfony\Component\HttpFoundation\Request The Request Object
* @return self
*/
public function setRequest(Request $request)
{
$this->request = $request;
return $this;
}
/**
* Gets the Request object. It will create one from the globals if one is not set.
* @return \Symfony\Component\HttpFoundation\Request
*/
public function getRequest()
{
if ($this->request === null) {
$this->request = \Symfony\Component\HttpFoundation\Request::createFromGlobals();
}
return $this->request;
}
/**
* Return a storage class
* @param string $obj The class required
* @return Storage\ClientInterface|Storage\ScopeInterface|Storage\SessionInterface
*/
public function getStorage($obj)
{
if (!isset($this->storages[$obj])) {
throw new ServerException(
'The `'.$obj.'` storage interface has not been registered with the authorization server'
);
}
return $this->storages[$obj];
}
/** /**
* Issue an access token * Issue an access token
* @return array Authorise request parameters * @return array Authorise request parameters

178
src/League/OAuth2/Server/Resource.php
View File

@@ -11,134 +11,78 @@
namespace League\OAuth2\Server; namespace League\OAuth2\Server;
use League\OAuth2\Server\Storage\SessionInterface; use League\OAuth2\Server\Storage\StorageWrapper;
use League\OAuth2\Server\Storage\AccessTokenInterface;
use League\OAuth2\Server\Storage\ClientInterface; use League\OAuth2\Server\Storage\ClientInterface;
use League\OAuth2\Server\Storage\AccessTokenInterface;
use League\OAuth2\Server\Storage\AuthCodeInterface;
use League\OAuth2\Server\Storage\SessionInterface;
use League\OAuth2\Server\Storage\ScopeInterface;
use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Request;
/** /**
* OAuth 2.0 Resource Server * OAuth 2.0 Resource Server
*/ */
class Resource class Resource extends AbstractServer
{ {
/** /**
* The access token * The access token
*
* @var League\OAuth2\Server\AccessToken * @var League\OAuth2\Server\AccessToken
*/ */
protected $accessToken = null; protected $accessToken;
/**
* The session
*
* @var \League\OAuth2\Server\Session
*/
protected $session = null;
/**
* The request object
*
* @var Util\RequestInterface
*/
protected $request = null;
/** /**
* The query string key which is used by clients to present the access token (default: access_token) * The query string key which is used by clients to present the access token (default: access_token)
*
* @var string * @var string
*/ */
protected $tokenKey = 'access_token'; protected $tokenKey = 'access_token';
/**
* The client ID
*
* @var League\OAuth2\Server\Client
*/
protected $client = null;
/**
* Session storage
*
* @var League\OAuth2\Server\Storage\SessionInterface
*/
protected $sessionStorage = null;
/**
* Access token storage
*
* @var League\OAuth2\Server\Storage\AccessTokenInterface
*/
protected $accessTokenStorage = null;
/**
* Client storage
*
* @var League\OAuth2\Server\Storage\ClientInterface
*/
protected $clientStorage = null;
/** /**
* Initialise the resource server * Initialise the resource server
* * @param SessionInterface $sessionStorage
* @param SessionInterface $sessionStorage [description] * @param AccessTokenInteface $accessTokenStorage
* @param AccessTokenInteface $accessTokenStorage [description] * @param ClientInterface $clientStorage
* @param ClientInterface $clientStorage [description] * @param ScopeInterface $scopeStorage
*
* @return self * @return self
*/ */
public function __construct( public function __construct(
SessionInterface $sessionStorage, SessionInterface $sessionStorage,
AccessTokenInteface $accessTokenStorage, AccessTokenInterface $accessTokenStorage,
ClientInterface $clientStorage ClientInterface $clientStorage,
ScopeInterface $scopeStorage
) { ) {
$this->sessionStorage = $sessionStorage; $this->setStorage('session', $sessionStorage);
$this->accessTokenStorage = $accessTokenStorage; $this->setStorage('access_token', $accessTokenStorage);
$this->clientStorage = $clientStorage; $this->setStorage('client', $clientStorage);
$this->setStorage('scope', $scopeStorage);
return $this; return $this;
} }
/** /**
* Sets the Request Object * Set the storage
* * @param string $type Storage type
* @param \Symfony\Component\HttpFoundation\Request The Request Object * @param mixed $storage Storage class
*
* @return self * @return self
*/ */
public function setRequest(Request $request) protected function setStorage($type, $storage)
{ {
$this->request = $request; $storage->setServer($this);
$this->storages[$type] = $storage;
return $this; return $this;
} }
/**
* Gets the Request object. It will create one from the globals if one is not set.
*
* @return \Symfony\Component\HttpFoundation\Request
*/
public function getRequest()
{
if ($this->request = null) {
return Symfony\Component\HttpFoundation\Request::createFromGlobals();
}
return $this->request;
}
/** /**
* Returns the query string key for the access token. * Returns the query string key for the access token.
*
* @return string * @return string
*/ */
public function getTokenKey() public function getTokenKey()
{ {
return $this->tokenKey; return $this->accessToken->getToken();
} }
/** /**
* Sets the query string key for the access token. * Sets the query string key for the access token.
*
* @param $key The new query string key * @param $key The new query string key
*
* @return self * @return self
*/ */
public function setTokenKey($key) public function setTokenKey($key)
@@ -149,105 +93,61 @@ class Resource
/** /**
* Gets the access token owner ID * Gets the access token owner ID
*
* @return string * @return string
*/ */
public function getOwnerId() public function getOwnerId()
{ {
return $this->session->getOwnerId(); return $this->accessToken->getSession()->getOwnerId();
} }
/** /**
* Gets the owner type * Gets the owner type
*
* @return string * @return string
*/ */
public function getOwnerType() public function getOwnerType()
{ {
return $this->session->getOwnerType(); return $this->accessToken->getSession()->getOwnerType();
} }
/** /**
* Gets the access token * Gets the access token
*
* @return string * @return string
*/ */
public function getAccessToken() public function getAccessToken()
{ {
return $this->accessToken->getId(); return $this->accessToken->getToken();
} }
/** /**
* Gets the client ID that created the session * Gets the client ID that created the session
*
* @return string * @return string
*/ */
public function getClientId() public function getClientId()
{ {
return $this->client->getId(); return $this->accessToken->getSession()->getClient()->getId();
} }
/** /**
* Checks if the access token is valid or not * Checks if the access token is valid or not
*
* @param $headersOnly Limit Access Token to Authorization header only * @param $headersOnly Limit Access Token to Authorization header only
*
* @return bool * @return bool
*/ */
public function isValid($headersOnly = false) public function isValid($headersOnly = false)
{ {
try { try {
$accessToken = $this->determineAccessToken($headersOnly); $accessTokenString = $this->determineAccessToken($headersOnly);
} catch (Exception $e) { } catch (Exception $e) {
return false; return false;
} }
// Set the access token // Set the access token
$tokenResult = $this->accessTokenStorage->getToken($accessToken); $this->accessToken = $this->storages['access_token']->get($accessTokenString);
if ($tokenResult === null) {
return false;
}
$accessToken = new AccessToken; return ($this->accessToken instanceof AccessToken);
$accessToken->setId($token);
$accessToken->setTTL($tokenResult['ttl']);
$accessToken->setTimestamp($tokenResult['created']);
$scopes = $this->accessTokenStorage->getTokenScopes($token);
foreach ($scopes as $scope => $details) {
$accessToken->associateScope($scope, $details);
}
$this->accessToken = $accessToken;
// Set the session
$sessionResult = $this->sessionStorage->getSession($tokenResult['session_id']);
if ($sessionResult === null) {
return false;
}
$session = new Session();
$session->setOwner($sessionResult['owner_type'], $sessionResult['owner_id']);
$this->session = $session;
// Set the client
$clientResult = $this->clientStorage->getClient($sessionResult['client_id']);
if ($clientResult === null) {
return false;
}
$client = new Client();
$client->setCredentials($clientResult['client_id'], $clientResult['client_secret']);
$this->client = $client;
return true;
} }
/** /**
* Get the session scopes * Get the session scopes
*
* @return array * @return array
*/ */
public function getScopes() public function getScopes()
@@ -262,25 +162,13 @@ class Resource
*/ */
public function hasScope($scopes) public function hasScope($scopes)
{ {
if (is_string($scopes)) {
return $this->accessToken->hasScope($scopes); return $this->accessToken->hasScope($scopes);
} elseif (is_array($scopes)) {
foreach ($scopes as $scope) {
if (!$this->accessToken->hasScope($scope)) {
return false;
}
}
return true;
}
} }
/** /**
* Reads in the access token from the headers * Reads in the access token from the headers
*
* @param $headersOnly Limit Access Token to Authorization header only * @param $headersOnly Limit Access Token to Authorization header only
*
* @throws Exception\MissingAccessTokenException Thrown if there is no access token presented * @throws Exception\MissingAccessTokenException Thrown if there is no access token presented
*
* @return string * @return string
*/ */
public function determineAccessToken($headersOnly = false) public function determineAccessToken($headersOnly = false)