From fd72d79ad3fb2b491e319d0c8aac7e7056b3ffd5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Unger?= Date: Thu, 15 Mar 2018 14:27:37 +0100 Subject: [PATCH 01/10] Generalized access token format --- src/Entities/AccessTokenEntityInterface.php | 9 +++++++++ src/Entities/Traits/AccessTokenTrait.php | 12 ++++++++++++ src/Grant/ImplicitGrant.php | 2 +- src/ResponseTypes/BearerTokenResponse.php | 4 +--- tests/Middleware/ResourceServerMiddlewareTest.php | 4 ++-- 5 files changed, 25 insertions(+), 6 deletions(-) diff --git a/src/Entities/AccessTokenEntityInterface.php b/src/Entities/AccessTokenEntityInterface.php index 4da7600e..c30a51f9 100644 --- a/src/Entities/AccessTokenEntityInterface.php +++ b/src/Entities/AccessTokenEntityInterface.php @@ -22,4 +22,13 @@ interface AccessTokenEntityInterface extends TokenInterface * @return Token */ public function convertToJWT(CryptKey $privateKey); + + /** + * Generate a string representation from the access token + * + * @param CryptKey $privateKey + * + * @return string + */ + public function getResponseString(CryptKey $privateKey); } diff --git a/src/Entities/Traits/AccessTokenTrait.php b/src/Entities/Traits/AccessTokenTrait.php index 81fc1bfd..71b87732 100644 --- a/src/Entities/Traits/AccessTokenTrait.php +++ b/src/Entities/Traits/AccessTokenTrait.php @@ -40,6 +40,18 @@ trait AccessTokenTrait ->getToken(); } + /** + * Generate a string representation from the access token + * + * @param CryptKey $privateKey + * + * @return string + */ + public function getResponseString(CryptKey $privateKey) + { + return (string) $this->convertToJWT($privateKey); + } + /** * @return ClientEntityInterface */ diff --git a/src/Grant/ImplicitGrant.php b/src/Grant/ImplicitGrant.php index b4157883..d915f61d 100644 --- a/src/Grant/ImplicitGrant.php +++ b/src/Grant/ImplicitGrant.php @@ -216,7 +216,7 @@ class ImplicitGrant extends AbstractAuthorizeGrant $this->makeRedirectUri( $finalRedirectUri, [ - 'access_token' => (string) $accessToken->convertToJWT($this->privateKey), + 'access_token' => $accessToken->getResponseString($this->privateKey), 'token_type' => 'Bearer', 'expires_in' => $accessToken->getExpiryDateTime()->getTimestamp() - (new \DateTime())->getTimestamp(), 'state' => $authorizationRequest->getState(), diff --git a/src/ResponseTypes/BearerTokenResponse.php b/src/ResponseTypes/BearerTokenResponse.php index a57573a0..980965ed 100644 --- a/src/ResponseTypes/BearerTokenResponse.php +++ b/src/ResponseTypes/BearerTokenResponse.php @@ -24,12 +24,10 @@ class BearerTokenResponse extends AbstractResponseType { $expireDateTime = $this->accessToken->getExpiryDateTime()->getTimestamp(); - $jwtAccessToken = $this->accessToken->convertToJWT($this->privateKey); - $responseParams = [ 'token_type' => 'Bearer', 'expires_in' => $expireDateTime - (new \DateTime())->getTimestamp(), - 'access_token' => (string) $jwtAccessToken, + 'access_token' => $this->accessToken->getResponseString($this->privateKey), ]; if ($this->refreshToken instanceof RefreshTokenEntityInterface) { diff --git a/tests/Middleware/ResourceServerMiddlewareTest.php b/tests/Middleware/ResourceServerMiddlewareTest.php index 2269c45a..dbb507e2 100644 --- a/tests/Middleware/ResourceServerMiddlewareTest.php +++ b/tests/Middleware/ResourceServerMiddlewareTest.php @@ -30,7 +30,7 @@ class ResourceServerMiddlewareTest extends TestCase $accessToken->setExpiryDateTime((new \DateTime())->add(new \DateInterval('PT1H'))); $accessToken->setClient($client); - $token = $accessToken->convertToJWT(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); + $token = $accessToken->getResponseString(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); $request = new ServerRequest(); $request = $request->withHeader('authorization', sprintf('Bearer %s', $token)); @@ -65,7 +65,7 @@ class ResourceServerMiddlewareTest extends TestCase $accessToken->setExpiryDateTime((new \DateTime())->sub(new \DateInterval('PT1H'))); $accessToken->setClient($client); - $token = $accessToken->convertToJWT(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); + $token = $accessToken->getResponseString(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); $request = new ServerRequest(); $request = $request->withHeader('authorization', sprintf('Bearer %s', $token)); From 48ce5f36cf8c7a2d8a243872928181826315f963 Mon Sep 17 00:00:00 2001 From: Andrew Millington Date: Sat, 31 Mar 2018 10:45:15 +0100 Subject: [PATCH 02/10] Change function name to be less technically specific --- src/Entities/AccessTokenEntityInterface.php | 2 +- src/Entities/Traits/AccessTokenTrait.php | 2 +- src/Grant/ImplicitGrant.php | 2 +- src/ResponseTypes/BearerTokenResponse.php | 2 +- tests/Middleware/ResourceServerMiddlewareTest.php | 4 ++-- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/src/Entities/AccessTokenEntityInterface.php b/src/Entities/AccessTokenEntityInterface.php index c30a51f9..3849512c 100644 --- a/src/Entities/AccessTokenEntityInterface.php +++ b/src/Entities/AccessTokenEntityInterface.php @@ -30,5 +30,5 @@ interface AccessTokenEntityInterface extends TokenInterface * * @return string */ - public function getResponseString(CryptKey $privateKey); + public function convertToAccessToken(CryptKey $privateKey); } diff --git a/src/Entities/Traits/AccessTokenTrait.php b/src/Entities/Traits/AccessTokenTrait.php index 71b87732..08231784 100644 --- a/src/Entities/Traits/AccessTokenTrait.php +++ b/src/Entities/Traits/AccessTokenTrait.php @@ -47,7 +47,7 @@ trait AccessTokenTrait * * @return string */ - public function getResponseString(CryptKey $privateKey) + public function convertToAccessToken(CryptKey $privateKey) { return (string) $this->convertToJWT($privateKey); } diff --git a/src/Grant/ImplicitGrant.php b/src/Grant/ImplicitGrant.php index d915f61d..e5504151 100644 --- a/src/Grant/ImplicitGrant.php +++ b/src/Grant/ImplicitGrant.php @@ -216,7 +216,7 @@ class ImplicitGrant extends AbstractAuthorizeGrant $this->makeRedirectUri( $finalRedirectUri, [ - 'access_token' => $accessToken->getResponseString($this->privateKey), + 'access_token' => $accessToken->convertToAccessToken($this->privateKey), 'token_type' => 'Bearer', 'expires_in' => $accessToken->getExpiryDateTime()->getTimestamp() - (new \DateTime())->getTimestamp(), 'state' => $authorizationRequest->getState(), diff --git a/src/ResponseTypes/BearerTokenResponse.php b/src/ResponseTypes/BearerTokenResponse.php index 980965ed..b630685c 100644 --- a/src/ResponseTypes/BearerTokenResponse.php +++ b/src/ResponseTypes/BearerTokenResponse.php @@ -27,7 +27,7 @@ class BearerTokenResponse extends AbstractResponseType $responseParams = [ 'token_type' => 'Bearer', 'expires_in' => $expireDateTime - (new \DateTime())->getTimestamp(), - 'access_token' => $this->accessToken->getResponseString($this->privateKey), + 'access_token' => $this->accessToken->convertToAccessToken($this->privateKey), ]; if ($this->refreshToken instanceof RefreshTokenEntityInterface) { diff --git a/tests/Middleware/ResourceServerMiddlewareTest.php b/tests/Middleware/ResourceServerMiddlewareTest.php index dbb507e2..0db71cdd 100644 --- a/tests/Middleware/ResourceServerMiddlewareTest.php +++ b/tests/Middleware/ResourceServerMiddlewareTest.php @@ -30,7 +30,7 @@ class ResourceServerMiddlewareTest extends TestCase $accessToken->setExpiryDateTime((new \DateTime())->add(new \DateInterval('PT1H'))); $accessToken->setClient($client); - $token = $accessToken->getResponseString(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); + $token = $accessToken->convertToAccessToken(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); $request = new ServerRequest(); $request = $request->withHeader('authorization', sprintf('Bearer %s', $token)); @@ -65,7 +65,7 @@ class ResourceServerMiddlewareTest extends TestCase $accessToken->setExpiryDateTime((new \DateTime())->sub(new \DateInterval('PT1H'))); $accessToken->setClient($client); - $token = $accessToken->getResponseString(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); + $token = $accessToken->convertToAccessToken(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); $request = new ServerRequest(); $request = $request->withHeader('authorization', sprintf('Bearer %s', $token)); From a1da9beb92e30150382beab19806b66b5eb23a96 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Unger?= Date: Thu, 19 Apr 2018 17:08:10 +0200 Subject: [PATCH 03/10] Removed convertToJWT() method from AccessTokenEntityInterface --- src/Entities/AccessTokenEntityInterface.php | 9 --------- 1 file changed, 9 deletions(-) diff --git a/src/Entities/AccessTokenEntityInterface.php b/src/Entities/AccessTokenEntityInterface.php index 3849512c..8cc20dd2 100644 --- a/src/Entities/AccessTokenEntityInterface.php +++ b/src/Entities/AccessTokenEntityInterface.php @@ -14,15 +14,6 @@ use League\OAuth2\Server\CryptKey; interface AccessTokenEntityInterface extends TokenInterface { - /** - * Generate a JWT from the access token - * - * @param CryptKey $privateKey - * - * @return Token - */ - public function convertToJWT(CryptKey $privateKey); - /** * Generate a string representation from the access token * From 577065c270ad67ea4cf06c4c9713e0691bf7d493 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Unger?= Date: Tue, 8 May 2018 11:34:42 +0200 Subject: [PATCH 04/10] Use native typehints --- src/Entities/AccessTokenEntityInterface.php | 7 +------ src/Entities/Traits/AccessTokenTrait.php | 6 +----- 2 files changed, 2 insertions(+), 11 deletions(-) diff --git a/src/Entities/AccessTokenEntityInterface.php b/src/Entities/AccessTokenEntityInterface.php index 8cc20dd2..5d69eefd 100644 --- a/src/Entities/AccessTokenEntityInterface.php +++ b/src/Entities/AccessTokenEntityInterface.php @@ -9,17 +9,12 @@ namespace League\OAuth2\Server\Entities; -use Lcobucci\JWT\Token; use League\OAuth2\Server\CryptKey; interface AccessTokenEntityInterface extends TokenInterface { /** * Generate a string representation from the access token - * - * @param CryptKey $privateKey - * - * @return string */ - public function convertToAccessToken(CryptKey $privateKey); + public function convertToAccessToken(CryptKey $privateKey): string; } diff --git a/src/Entities/Traits/AccessTokenTrait.php b/src/Entities/Traits/AccessTokenTrait.php index 08231784..fab41c46 100644 --- a/src/Entities/Traits/AccessTokenTrait.php +++ b/src/Entities/Traits/AccessTokenTrait.php @@ -42,12 +42,8 @@ trait AccessTokenTrait /** * Generate a string representation from the access token - * - * @param CryptKey $privateKey - * - * @return string */ - public function convertToAccessToken(CryptKey $privateKey) + public function convertToAccessToken(CryptKey $privateKey): string { return (string) $this->convertToJWT($privateKey); } From b182389395599df2890f27dbc47d24ed80222746 Mon Sep 17 00:00:00 2001 From: Andrew Millington Date: Mon, 21 May 2018 15:45:09 +0100 Subject: [PATCH 05/10] Remove native type hints --- src/Entities/AccessTokenEntityInterface.php | 2 +- src/Entities/Traits/AccessTokenTrait.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/Entities/AccessTokenEntityInterface.php b/src/Entities/AccessTokenEntityInterface.php index 5d69eefd..5729c3fc 100644 --- a/src/Entities/AccessTokenEntityInterface.php +++ b/src/Entities/AccessTokenEntityInterface.php @@ -16,5 +16,5 @@ interface AccessTokenEntityInterface extends TokenInterface /** * Generate a string representation from the access token */ - public function convertToAccessToken(CryptKey $privateKey): string; + public function convertToAccessToken(CryptKey $privateKey); } diff --git a/src/Entities/Traits/AccessTokenTrait.php b/src/Entities/Traits/AccessTokenTrait.php index fab41c46..c2ee70a6 100644 --- a/src/Entities/Traits/AccessTokenTrait.php +++ b/src/Entities/Traits/AccessTokenTrait.php @@ -43,7 +43,7 @@ trait AccessTokenTrait /** * Generate a string representation from the access token */ - public function convertToAccessToken(CryptKey $privateKey): string + public function convertToAccessToken(CryptKey $privateKey) { return (string) $this->convertToJWT($privateKey); } From 4b0383b16c948b9339d6ff6c65e411a7e0c5a447 Mon Sep 17 00:00:00 2001 From: Andrew Millington Date: Mon, 21 May 2018 16:20:48 +0100 Subject: [PATCH 06/10] Updated changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 20a54fb0..20b11e8d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. ## [Unreleased] ### Changed +- Replace `convertToJWT()` interface with a more generic `convertToAccessToken` to improve extensibility (PR #874) - The `invalidClient()` function accepts a PSR-7 compliant `$serverRequest` argument to avoid accessing the `$_SERVER` global variable and improve testing (PR #899) ## [7.1.1] - released 2018-05-21 From 61156ef8c7a8f79e45c5c19ff2f35b18e7b82dd6 Mon Sep 17 00:00:00 2001 From: Andrew Millington Date: Wed, 23 May 2018 16:34:39 +0100 Subject: [PATCH 07/10] Use __toString() for access token --- src/Entities/AccessTokenEntityInterface.php | 9 +++++++-- src/Entities/Traits/AccessTokenTrait.php | 19 ++++++++++++++++--- src/Grant/AbstractGrant.php | 1 + src/Grant/ImplicitGrant.php | 2 +- src/ResponseTypes/BearerTokenResponse.php | 2 +- tests/Grant/AbstractGrantTest.php | 2 ++ tests/Grant/AuthCodeGrantTest.php | 10 +++++++++- tests/Grant/ClientCredentialsGrantTest.php | 2 ++ tests/Grant/PasswordGrantTest.php | 2 ++ .../ResourceServerMiddlewareTest.php | 6 ++++-- .../ResponseTypes/BearerResponseTypeTest.php | 5 +++++ 11 files changed, 50 insertions(+), 10 deletions(-) diff --git a/src/Entities/AccessTokenEntityInterface.php b/src/Entities/AccessTokenEntityInterface.php index 5729c3fc..fd459914 100644 --- a/src/Entities/AccessTokenEntityInterface.php +++ b/src/Entities/AccessTokenEntityInterface.php @@ -14,7 +14,12 @@ use League\OAuth2\Server\CryptKey; interface AccessTokenEntityInterface extends TokenInterface { /** - * Generate a string representation from the access token + * Set a private key used to encrypt the access token. */ - public function convertToAccessToken(CryptKey $privateKey); + public function setPrivateKey(CryptKey $privateKey); + + /** + * Generate a string representation of the access token. + */ + public function __toString(); } diff --git a/src/Entities/Traits/AccessTokenTrait.php b/src/Entities/Traits/AccessTokenTrait.php index c2ee70a6..cbed3122 100644 --- a/src/Entities/Traits/AccessTokenTrait.php +++ b/src/Entities/Traits/AccessTokenTrait.php @@ -19,6 +19,19 @@ use League\OAuth2\Server\Entities\ScopeEntityInterface; trait AccessTokenTrait { + /** + * @var CryptKey $privateKey + */ + private $privateKey; + + /** + * Set the private key used to encrypt this access token. + */ + public function setPrivateKey(CryptKey $privateKey) + { + $this->privateKey = $privateKey; + } + /** * Generate a JWT from the access token * @@ -26,7 +39,7 @@ trait AccessTokenTrait * * @return Token */ - public function convertToJWT(CryptKey $privateKey) + private function convertToJWT(CryptKey $privateKey) { return (new Builder()) ->setAudience($this->getClient()->getIdentifier()) @@ -43,9 +56,9 @@ trait AccessTokenTrait /** * Generate a string representation from the access token */ - public function convertToAccessToken(CryptKey $privateKey) + public function __toString() { - return (string) $this->convertToJWT($privateKey); + return (string) $this->convertToJWT($this->privateKey); } /** diff --git a/src/Grant/AbstractGrant.php b/src/Grant/AbstractGrant.php index 05b73faa..d020c6ad 100644 --- a/src/Grant/AbstractGrant.php +++ b/src/Grant/AbstractGrant.php @@ -361,6 +361,7 @@ abstract class AbstractGrant implements GrantTypeInterface $accessToken->setClient($client); $accessToken->setUserIdentifier($userIdentifier); $accessToken->setExpiryDateTime((new \DateTime())->add($accessTokenTTL)); + $accessToken->setPrivateKey($this->privateKey); foreach ($scopes as $scope) { $accessToken->addScope($scope); diff --git a/src/Grant/ImplicitGrant.php b/src/Grant/ImplicitGrant.php index 0aedaa55..5d6035e4 100644 --- a/src/Grant/ImplicitGrant.php +++ b/src/Grant/ImplicitGrant.php @@ -216,7 +216,7 @@ class ImplicitGrant extends AbstractAuthorizeGrant $this->makeRedirectUri( $finalRedirectUri, [ - 'access_token' => $accessToken->convertToAccessToken($this->privateKey), + 'access_token' => (string) $accessToken, 'token_type' => 'Bearer', 'expires_in' => $accessToken->getExpiryDateTime()->getTimestamp() - (new \DateTime())->getTimestamp(), 'state' => $authorizationRequest->getState(), diff --git a/src/ResponseTypes/BearerTokenResponse.php b/src/ResponseTypes/BearerTokenResponse.php index b630685c..2e658215 100644 --- a/src/ResponseTypes/BearerTokenResponse.php +++ b/src/ResponseTypes/BearerTokenResponse.php @@ -27,7 +27,7 @@ class BearerTokenResponse extends AbstractResponseType $responseParams = [ 'token_type' => 'Bearer', 'expires_in' => $expireDateTime - (new \DateTime())->getTimestamp(), - 'access_token' => $this->accessToken->convertToAccessToken($this->privateKey), + 'access_token' => (string) $this->accessToken, ]; if ($this->refreshToken instanceof RefreshTokenEntityInterface) { diff --git a/tests/Grant/AbstractGrantTest.php b/tests/Grant/AbstractGrantTest.php index 5da2776e..a5916de7 100644 --- a/tests/Grant/AbstractGrantTest.php +++ b/tests/Grant/AbstractGrantTest.php @@ -3,6 +3,7 @@ namespace LeagueTests\Grant; use League\Event\Emitter; +use League\OAuth2\Server\CryptKey; use League\OAuth2\Server\Entities\AccessTokenEntityInterface; use League\OAuth2\Server\Entities\AuthCodeEntityInterface; use League\OAuth2\Server\Entities\RefreshTokenEntityInterface; @@ -353,6 +354,7 @@ class AbstractGrantTest extends TestCase /** @var AbstractGrant $grantMock */ $grantMock = $this->getMockForAbstractClass(AbstractGrant::class); + $grantMock->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); $grantMock->setAccessTokenRepository($accessTokenRepoMock); $abstractGrantReflection = new \ReflectionClass($grantMock); diff --git a/tests/Grant/AuthCodeGrantTest.php b/tests/Grant/AuthCodeGrantTest.php index 6a319234..589e488c 100644 --- a/tests/Grant/AuthCodeGrantTest.php +++ b/tests/Grant/AuthCodeGrantTest.php @@ -2,6 +2,7 @@ namespace LeagueTests\Grant; +use League\OAuth2\Server\CryptKey; use League\OAuth2\Server\Entities\AccessTokenEntityInterface; use League\OAuth2\Server\Entities\RefreshTokenEntityInterface; use League\OAuth2\Server\Exception\OAuthServerException; @@ -40,7 +41,7 @@ class AuthCodeGrantTest extends TestCase public function setUp() { - $this->cryptStub = new CryptTraitStub; + $this->cryptStub = new CryptTraitStub(); } public function testGetIdentifier() @@ -608,6 +609,7 @@ class AuthCodeGrantTest extends TestCase $grant->setAccessTokenRepository($accessTokenRepositoryMock); $grant->setRefreshTokenRepository($refreshTokenRepositoryMock); $grant->setEncryptionKey($this->cryptStub->getKey()); + $grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); $request = new ServerRequest( [], @@ -676,6 +678,7 @@ class AuthCodeGrantTest extends TestCase $grant->setAccessTokenRepository($accessTokenRepositoryMock); $grant->setRefreshTokenRepository($refreshTokenRepositoryMock); $grant->setEncryptionKey($this->cryptStub->getKey()); + $grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); $request = new ServerRequest( [], @@ -747,6 +750,7 @@ class AuthCodeGrantTest extends TestCase $grant->setAccessTokenRepository($accessTokenRepositoryMock); $grant->setRefreshTokenRepository($refreshTokenRepositoryMock); $grant->setEncryptionKey($this->cryptStub->getKey()); + $grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); $request = new ServerRequest( [], @@ -1537,6 +1541,7 @@ class AuthCodeGrantTest extends TestCase new \DateInterval('PT10M') ); $grant->setEncryptionKey($this->cryptStub->getKey()); + $grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); $this->assertInstanceOf(RedirectResponse::class, $grant->completeAuthorizationRequest($authRequest)); } @@ -1624,6 +1629,7 @@ class AuthCodeGrantTest extends TestCase $grant->setAccessTokenRepository($accessTokenRepositoryMock); $grant->setRefreshTokenRepository($refreshTokenRepositoryMock); $grant->setEncryptionKey($this->cryptStub->getKey()); + $grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); $request = new ServerRequest( [], @@ -1695,6 +1701,7 @@ class AuthCodeGrantTest extends TestCase $grant->setAccessTokenRepository($accessTokenRepositoryMock); $grant->setRefreshTokenRepository($refreshTokenRepositoryMock); $grant->setEncryptionKey($this->cryptStub->getKey()); + $grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); $request = new ServerRequest( [], @@ -1766,6 +1773,7 @@ class AuthCodeGrantTest extends TestCase $grant->setAccessTokenRepository($accessTokenRepositoryMock); $grant->setRefreshTokenRepository($refreshTokenRepositoryMock); $grant->setEncryptionKey($this->cryptStub->getKey()); + $grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); $request = new ServerRequest( [], diff --git a/tests/Grant/ClientCredentialsGrantTest.php b/tests/Grant/ClientCredentialsGrantTest.php index 6c7b5a36..dfd78b41 100644 --- a/tests/Grant/ClientCredentialsGrantTest.php +++ b/tests/Grant/ClientCredentialsGrantTest.php @@ -2,6 +2,7 @@ namespace LeagueTests\Grant; +use League\OAuth2\Server\CryptKey; use League\OAuth2\Server\Entities\AccessTokenEntityInterface; use League\OAuth2\Server\Grant\ClientCredentialsGrant; use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface; @@ -44,6 +45,7 @@ class ClientCredentialsGrantTest extends TestCase $grant->setAccessTokenRepository($accessTokenRepositoryMock); $grant->setScopeRepository($scopeRepositoryMock); $grant->setDefaultScope(self::DEFAULT_SCOPE); + $grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); $serverRequest = new ServerRequest(); $serverRequest = $serverRequest->withParsedBody( diff --git a/tests/Grant/PasswordGrantTest.php b/tests/Grant/PasswordGrantTest.php index 2ee700f8..c90a83db 100644 --- a/tests/Grant/PasswordGrantTest.php +++ b/tests/Grant/PasswordGrantTest.php @@ -2,6 +2,7 @@ namespace LeagueTests\Grant; +use League\OAuth2\Server\CryptKey; use League\OAuth2\Server\Entities\AccessTokenEntityInterface; use League\OAuth2\Server\Entities\RefreshTokenEntityInterface; use League\OAuth2\Server\Grant\PasswordGrant; @@ -60,6 +61,7 @@ class PasswordGrantTest extends TestCase $grant->setAccessTokenRepository($accessTokenRepositoryMock); $grant->setScopeRepository($scopeRepositoryMock); $grant->setDefaultScope(self::DEFAULT_SCOPE); + $grant->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); $serverRequest = new ServerRequest(); $serverRequest = $serverRequest->withParsedBody( diff --git a/tests/Middleware/ResourceServerMiddlewareTest.php b/tests/Middleware/ResourceServerMiddlewareTest.php index 0db71cdd..d1a96042 100644 --- a/tests/Middleware/ResourceServerMiddlewareTest.php +++ b/tests/Middleware/ResourceServerMiddlewareTest.php @@ -29,8 +29,9 @@ class ResourceServerMiddlewareTest extends TestCase $accessToken->setUserIdentifier(123); $accessToken->setExpiryDateTime((new \DateTime())->add(new \DateInterval('PT1H'))); $accessToken->setClient($client); + $accessToken->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); - $token = $accessToken->convertToAccessToken(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); + $token = (string) $accessToken; $request = new ServerRequest(); $request = $request->withHeader('authorization', sprintf('Bearer %s', $token)); @@ -64,8 +65,9 @@ class ResourceServerMiddlewareTest extends TestCase $accessToken->setUserIdentifier(123); $accessToken->setExpiryDateTime((new \DateTime())->sub(new \DateInterval('PT1H'))); $accessToken->setClient($client); + $accessToken->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); - $token = $accessToken->convertToAccessToken(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); + $token = (string) $accessToken; $request = new ServerRequest(); $request = $request->withHeader('authorization', sprintf('Bearer %s', $token)); diff --git a/tests/ResponseTypes/BearerResponseTypeTest.php b/tests/ResponseTypes/BearerResponseTypeTest.php index 31245b07..2eb87238 100644 --- a/tests/ResponseTypes/BearerResponseTypeTest.php +++ b/tests/ResponseTypes/BearerResponseTypeTest.php @@ -35,6 +35,7 @@ class BearerResponseTypeTest extends TestCase $accessToken->setExpiryDateTime((new \DateTime())->add(new \DateInterval('PT1H'))); $accessToken->setClient($client); $accessToken->addScope($scope); + $accessToken->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); $refreshToken = new RefreshTokenEntity(); $refreshToken->setIdentifier('abcdef'); @@ -77,6 +78,7 @@ class BearerResponseTypeTest extends TestCase $accessToken->setExpiryDateTime((new \DateTime())->add(new \DateInterval('PT1H'))); $accessToken->setClient($client); $accessToken->addScope($scope); + $accessToken->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); $refreshToken = new RefreshTokenEntity(); $refreshToken->setIdentifier('abcdef'); @@ -119,6 +121,7 @@ class BearerResponseTypeTest extends TestCase $accessToken->setUserIdentifier(123); $accessToken->setExpiryDateTime((new \DateTime())->add(new \DateInterval('PT1H'))); $accessToken->setClient($client); + $accessToken->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); $refreshToken = new RefreshTokenEntity(); $refreshToken->setIdentifier('abcdef'); @@ -164,6 +167,7 @@ class BearerResponseTypeTest extends TestCase $accessToken->setUserIdentifier(123); $accessToken->setExpiryDateTime((new \DateTime())->add(new \DateInterval('PT1H'))); $accessToken->setClient($client); + $accessToken->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); $refreshToken = new RefreshTokenEntity(); $refreshToken->setIdentifier('abcdef'); @@ -206,6 +210,7 @@ class BearerResponseTypeTest extends TestCase $accessToken->setUserIdentifier(123); $accessToken->setExpiryDateTime((new \DateTime())->add(new \DateInterval('PT1H'))); $accessToken->setClient($client); + $accessToken->setPrivateKey(new CryptKey('file://' . __DIR__ . '/../Stubs/private.key')); $refreshToken = new RefreshTokenEntity(); $refreshToken->setIdentifier('abcdef'); From aac64e49cf67367e0f3c7ea77c657914aa3be24a Mon Sep 17 00:00:00 2001 From: Andrew Millington Date: Wed, 23 May 2018 16:36:43 +0100 Subject: [PATCH 08/10] Fix style issue --- src/Entities/Traits/AccessTokenTrait.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Entities/Traits/AccessTokenTrait.php b/src/Entities/Traits/AccessTokenTrait.php index cbed3122..501233e9 100644 --- a/src/Entities/Traits/AccessTokenTrait.php +++ b/src/Entities/Traits/AccessTokenTrait.php @@ -20,7 +20,7 @@ use League\OAuth2\Server\Entities\ScopeEntityInterface; trait AccessTokenTrait { /** - * @var CryptKey $privateKey + * @var CryptKey */ private $privateKey; From bd741e9203df090a20a5b06e8249b73833bbdc5f Mon Sep 17 00:00:00 2001 From: Andrew Millington Date: Wed, 23 May 2018 16:39:55 +0100 Subject: [PATCH 09/10] Update travis to check 8.0.0 branch --- .travis.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.travis.yml b/.travis.yml index f900228a..22b7fc4f 100644 --- a/.travis.yml +++ b/.travis.yml @@ -30,3 +30,4 @@ after_script: branches: only: - master + - 8.0.0 From ef75d1325511c42834a0e96392b199b86cadf653 Mon Sep 17 00:00:00 2001 From: Andrew Millington Date: Wed, 23 May 2018 16:44:00 +0100 Subject: [PATCH 10/10] Update changelog --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 20b11e8d..cfdfbcad 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,7 +7,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. ## [Unreleased] ### Changed -- Replace `convertToJWT()` interface with a more generic `convertToAccessToken` to improve extensibility (PR #874) +- Replace `convertToJWT()` interface with a more generic `__toString()` to improve extensibility (PR #874) - The `invalidClient()` function accepts a PSR-7 compliant `$serverRequest` argument to avoid accessing the `$_SERVER` global variable and improve testing (PR #899) ## [7.1.1] - released 2018-05-21