From f49cc65c1353589720f3d5e67def75d6cf499a3d Mon Sep 17 00:00:00 2001 From: Andrew Millington Date: Sun, 29 Jul 2018 19:56:30 +0100 Subject: [PATCH] Change to store code challenge and method whenever sent for PKCE --- src/Grant/AuthCodeGrant.php | 7 ++--- tests/Grant/AuthCodeGrantTest.php | 45 +------------------------------ 2 files changed, 3 insertions(+), 49 deletions(-) diff --git a/src/Grant/AuthCodeGrant.php b/src/Grant/AuthCodeGrant.php index 790315af..14aac2a3 100644 --- a/src/Grant/AuthCodeGrant.php +++ b/src/Grant/AuthCodeGrant.php @@ -271,12 +271,9 @@ class AuthCodeGrant extends AbstractAuthorizeGrant $authorizationRequest->setScopes($scopes); - if ($this->enableCodeExchangeProof === true) { - $codeChallenge = $this->getQueryStringParameter('code_challenge', $request); - if ($codeChallenge === null) { - throw OAuthServerException::invalidRequest('code_challenge'); - } + $codeChallenge = $this->getQueryStringParameter('code_challenge', $request); + if ($codeChallenge !== null) { $codeChallengeMethod = $this->getQueryStringParameter('code_challenge_method', $request, 'plain'); if (in_array($codeChallengeMethod, ['plain', 'S256'], true) === false) { diff --git a/tests/Grant/AuthCodeGrantTest.php b/tests/Grant/AuthCodeGrantTest.php index 589e488c..6bc2dd7a 100644 --- a/tests/Grant/AuthCodeGrantTest.php +++ b/tests/Grant/AuthCodeGrantTest.php @@ -212,7 +212,7 @@ class AuthCodeGrantTest extends TestCase $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(), new \DateInterval('PT10M') ); - $grant->enableCodeExchangeProof(); + $grant->setClientRepository($clientRepositoryMock); $request = new ServerRequest( @@ -444,49 +444,6 @@ class AuthCodeGrantTest extends TestCase $grant->validateAuthorizationRequest($request); } - /** - * @expectedException \League\OAuth2\Server\Exception\OAuthServerException - * @expectedExceptionCode 3 - */ - public function testValidateAuthorizationRequestMissingCodeChallenge() - { - $client = new ClientEntity(); - $client->setRedirectUri('http://foo/bar'); - $clientRepositoryMock = $this->getMockBuilder(ClientRepositoryInterface::class)->getMock(); - $clientRepositoryMock->method('getClientEntity')->willReturn($client); - - $scope = new ScopeEntity(); - $scopeRepositoryMock = $this->getMockBuilder(ScopeRepositoryInterface::class)->getMock(); - $scopeRepositoryMock->method('getScopeEntityByIdentifier')->willReturn($scope); - - $grant = new AuthCodeGrant( - $this->getMockBuilder(AuthCodeRepositoryInterface::class)->getMock(), - $this->getMockBuilder(RefreshTokenRepositoryInterface::class)->getMock(), - new \DateInterval('PT10M') - ); - $grant->enableCodeExchangeProof(); - $grant->setClientRepository($clientRepositoryMock); - $grant->setScopeRepository($scopeRepositoryMock); - $grant->setDefaultScope(self::DEFAULT_SCOPE); - - $request = new ServerRequest( - [], - [], - null, - null, - 'php://input', - [], - [], - [ - 'response_type' => 'code', - 'client_id' => 'foo', - 'redirect_uri' => 'http://foo/bar', - ] - ); - - $grant->validateAuthorizationRequest($request); - } - /** * @expectedException \League\OAuth2\Server\Exception\OAuthServerException * @expectedExceptionCode 3