Commit Graph

1172 Commits

Author SHA1 Message Date
Alex Bilbie
400eae153b Added grant and scopes to UserRepository getUserEntityByUserCredentials method 2016-03-22 14:18:02 +00:00
Julián Gutiérrez
4b775fe241 include CryptTrait tests, allow Server::respondToRequest trhow exceptions and fix ResposeType tests 2016-03-18 00:25:32 +01:00
Julián Gutiérrez
8196f5c832 code against interface 2016-03-17 21:33:04 +01:00
Julián Gutiérrez
890fdeba16 CryptTrait tests 2016-03-17 21:18:28 +01:00
Alex Bilbie
51a1a75d37 Applied fixes from StyleCI 2016-03-17 10:37:48 -04:00
Alex Bilbie
251190d828 Fix #468 and #473 2016-03-17 14:37:21 +00:00
Alex Bilbie
3af75729b8 Applied fixes from StyleCI 2016-03-17 07:22:59 -04:00
Alex Bilbie
7b8d9c9af3 Added missing RendererInterface 2016-03-17 11:22:04 +00:00
Alex Bilbie
15b6506644 No need to use Zend\Diactoros\Stream 2016-03-17 11:21:53 +00:00
Alex Bilbie
bd12c8b1a9 Fix exception usage 2016-03-17 11:18:59 +00:00
Alex Bilbie
c3c49c83f9 Merge pull request #472 from juliangut/templating
V5 - Template renderer holds template related information
2016-03-17 10:49:14 +01:00
Alex Bilbie
2f459b6470 Merge pull request #470 from juliangut/clarify
V5 - Clarify names and return types
2016-03-16 17:35:39 +01:00
Julián Gutiérrez
ee91072455 template renderer holds template related information 2016-03-16 12:32:21 +01:00
Alex Bilbie
d635b3484b Fix broken code 2016-03-15 21:30:18 +00:00
Alex Bilbie
3365f3d733 Moved client secret validation to abstract grant. Fixes #460 2016-03-15 21:30:13 +00:00
Alex Bilbie
c7a5a57304 Added getSecret method to ClientEntityInterface 2016-03-15 21:29:35 +00:00
Julián Gutiérrez
ae0edc40aa clarify names and return types 2016-03-15 22:25:28 +01:00
Alex Bilbie
7159352108 Applied fixes from StyleCI 2016-03-15 17:21:21 -04:00
Alex Bilbie
a70bc2360a Merge branch 'V5-WIP' of github.com:thephpleague/oauth2-server into V5-WIP 2016-03-15 21:21:08 +00:00
Alex Bilbie
472ec68bbe Removed validateAccessToken from abstract response type 2016-03-15 21:20:59 +00:00
Alex Bilbie
e946c1e106 Remove old MAC output type 2016-03-15 21:20:46 +00:00
Julián Gutiérrez
66e473b1f0 clean use statment 2016-03-15 20:57:32 +01:00
Julián Gutiérrez
91c8daeb99 normalize repositories visibility 2016-03-15 20:54:59 +01:00
Julián Gutiérrez
9e04da01de unused use statements 2016-03-15 01:18:54 +01:00
Julián Gutiérrez
592f60de70 allways extract scopes from repository 2016-03-15 01:10:47 +01:00
Alex Bilbie
5ae9827d67 Merge pull request #461 from juliangut/extract_scopes
V5 - scopes extraction from querystring on auth_code and implicit grants
2016-03-14 12:36:17 +01:00
Julián Gutiérrez
9b665f494f convert JWT to string for http_build_query 2016-03-14 01:00:06 +01:00
Julián Gutiérrez
ced63e2051 allow scopes extraction on GET requests for auth_code and implicit grants 2016-03-14 00:12:14 +01:00
Julián Gutiérrez
a0402f1994 throw exception instead of return Response 2016-03-11 00:01:19 +01:00
Alex Bilbie
4ab9c52767 Merge pull request #448 from juliangut/validate_authenticated_request
V5 - rename validateRequest
2016-03-10 17:47:28 +00:00
Alex Bilbie
2b2d4a3df7 Merge pull request #444 from juliangut/secure_body_params_access
V5 - Secure access to body params
2016-03-10 17:47:20 +00:00
Alex Bilbie
4c55b6879d Merge pull request #457 from juliangut/renderer
V5 - Allow different template engines
2016-03-10 17:43:20 +00:00
Alex Bilbie
edf0ee8622 Removed unused code 2016-03-10 17:34:25 +00:00
Alex Bilbie
3b4a8cf5f3 Added code coverage ignore comments 2016-03-10 17:22:10 +00:00
Alex Bilbie
5074ad9a6c Fixed request attribute 2016-03-10 15:50:04 +00:00
Alex Bilbie
01517bb57a Added missing namespace 2016-03-10 15:09:56 +00:00
Julián Gutiérrez
320d9e65d5 StyleCI always watching upon us 2016-03-09 12:44:47 +01:00
Julián Gutiérrez
1218cede79 allow different template engines 2016-03-09 12:32:01 +01:00
Julián Gutiérrez
1bdeb71efb make StyleCI happy 2016-03-08 21:59:10 +01:00
Julián Gutiérrez
1632b80631 Merge branch 'V5-WIP' into secure_body_params_access 2016-03-08 21:57:43 +01:00
Alex Bilbie
997d390f3d Applied fixes from StyleCI 2016-02-22 03:00:50 -05:00
Alex Bilbie
e2794c47af First commit of the implicit grant 2016-02-22 07:59:17 +00:00
Alex Bilbie
0d0aaa8764 Use the new access token covertToJWT method 2016-02-22 07:58:59 +00:00
Alex Bilbie
ad270f7d9d Redirect either with query string parameters or fragment parameters 2016-02-22 07:58:44 +00:00
Alex Bilbie
a1bdaae9a9 Access token can now return a JWT from itself 2016-02-22 07:58:25 +00:00
Alex Bilbie
e08669d50c Doc improvements 2016-02-22 07:58:12 +00:00
Alex Bilbie
d02437dd73 Improved testing 2016-02-21 18:13:39 +00:00
Alex Bilbie
eedcfe115c Bug fixes 2016-02-21 17:09:12 +00:00
Alex Bilbie
2488cbd55d Bug fixes 2016-02-21 17:08:49 +00:00
Alex Bilbie
7f539f8736 Removed unused exception parameters 2016-02-21 16:40:01 +00:00
Alex Bilbie
d0878300d0 Bug fix for AuthCodeGrant 2016-02-21 14:32:16 +00:00
Alex Bilbie
97c138bb0b Removed unused SecureKey class 2016-02-20 10:05:15 +00:00
Alex Bilbie
a2460886f6 Applied fixes from StyleCI 2016-02-19 18:09:39 -05:00
Julián Gutiérrez
a644eacea7 Merge branch 'V5-WIP' into move_identifier_generation 2016-02-18 18:14:59 +01:00
Alex Bilbie
e8a01c3bcd Fix for logic 2016-02-18 12:07:36 +00:00
Alex Bilbie
064eb85f4e AbstractGrant now handles persisting tokens 2016-02-18 12:07:23 +00:00
Alex Bilbie
704e114568 Updated AuthCodeGrant 2016-02-18 10:49:39 +00:00
Alex Bilbie
3b36ae9000 Rewrote validateClient method to progressively test client secret and redirect URI 2016-02-18 10:49:05 +00:00
Alex Bilbie
7f67000d53 Provided implementation of new client entity methods 2016-02-18 10:48:23 +00:00
Alex Bilbie
de000b72a4 Updated ClientEntityInterface with additional methods 2016-02-18 10:48:12 +00:00
Alex Bilbie
0d8cb0d06f Fixes for RefreshTokenGrant 2016-02-18 10:47:30 +00:00
Alex Bilbie
fc53d636f5 Updated getClientEntity now just requires the client ID and the grant type 2016-02-18 10:47:06 +00:00
Julián Gutiérrez
dbcaaa1f35 rename determineAccessTokenInHeader 2016-02-13 14:38:23 +01:00
Julián Gutiérrez
5d6634aa9f Merge branch 'V5-WIP' into move_identifier_generation 2016-02-13 14:11:38 +01:00
Julián Gutiérrez
099c9ce41b move token identifier generation 2016-02-13 14:07:09 +01:00
Alex Bilbie
335630f150 Added code coverage ignore docblocks 2016-02-12 18:08:27 +00:00
Alex Bilbie
e20c529f39 Added isExpired method to refresh token 2016-02-12 17:53:42 +00:00
Alex Bilbie
7f2fd69d0a Removed respondsWith from interface 2016-02-12 17:52:37 +00:00
Alex Bilbie
29068dd84c Removed responseWith method 2016-02-12 17:51:59 +00:00
Alex Bilbie
9a8b7ec898 Removed old codecept tests 2016-02-12 17:46:30 +00:00
Julián Gutiérrez
1f6bb40952 correcting param access mistake 2016-02-12 18:45:47 +01:00
Julián Gutiérrez
2f914a0aa3 secure params access on authcode grant 2016-02-12 18:32:09 +01:00
Julián Gutiérrez
95e3c1d1a2 Merge branch 'V5-WIP' into secure_body_params_access 2016-02-12 17:10:52 +01:00
Alex Bilbie
655f6b9771 Merge pull request #445 from juliangut/abstract_token_validation
V5 - Abstract access token validation
2016-02-12 14:31:18 +00:00
Alex Bilbie
d95958bae4 Small fixes 2016-02-12 14:28:24 +00:00
Alex Bilbie
85b9412813 Multiple fixes 2016-02-12 14:18:52 +00:00
Alex Bilbie
1a5030200a The response may be a PSR response which is valid 2016-02-12 14:18:45 +00:00
Alex Bilbie
796106b6c1 Fix for non-imported namespace 2016-02-12 14:18:34 +00:00
Alex Bilbie
4234b69f3a Fix for method calls 2016-02-12 14:18:10 +00:00
Alex Bilbie
0115c41eea Numerous bug fixes 2016-02-12 13:32:58 +00:00
Julián Gutiérrez
f314154216 abstract access token validation 2016-02-12 14:19:47 +01:00
Alex Bilbie
5e326d9e45 First commit of respondToAccessTokenRequest 2016-02-12 13:01:25 +00:00
Julián Gutiérrez
d2760e4ec7 secure access to body params 2016-02-12 13:56:14 +01:00
Alex Bilbie
2025749fa4 Updated respondToAuthorizationRequest to use Plates templates instead of custom ResponseType 2016-02-12 11:55:41 +00:00
Alex Bilbie
1c913fe75e Added default basic HTML login + authorise templates 2016-02-12 11:32:09 +00:00
Alex Bilbie
ac9955b393 Removed response type interfaces for auth code login + authorize because they were a stupid idea 2016-02-12 11:30:59 +00:00
Alex Bilbie
fccb06ed67 First commit of updated AuthCodeGrant with respondToAuthorizationRequest method completed 2016-02-12 10:01:15 +00:00
Alex Bilbie
f29703ea24 Updated Docblock 2016-02-12 10:00:41 +00:00
Alex Bilbie
dcc3f5d856 First commit of new ResponseTypes 2016-02-12 10:00:32 +00:00
Alex Bilbie
264eba9f20 Updated AuthCodeRepositoryInterface 2016-02-12 10:00:22 +00:00
Alex Bilbie
c2c199cf98 Added issueAuthCode method 2016-02-12 10:00:10 +00:00
Alex Bilbie
0b6bcad9fb Added getCookieParameter method 2016-02-12 09:59:59 +00:00
Alex Bilbie
38a7e53cb5 Added optional redirectUri parameter to accessDenied method 2016-02-12 09:59:47 +00:00
Alex Bilbie
f4b83baf74 Fix getClientEntity method call 2016-02-12 09:09:39 +00:00
Alex Bilbie
5a08a0cbe2 Merge branch 'V5-WIP' into V5-AuthCode
# Conflicts:
#	src/Grant/AbstractGrant.php
2016-02-12 09:06:28 +00:00
Alex Bilbie
7a628409db Validate client can now optionally validate secret + redirectUri, and actually validate the redirectUri 2016-02-12 09:03:35 +00:00
Alex Bilbie
c6d806d3f7 Docblock updates 2016-02-12 09:02:33 +00:00
Alex Bilbie
bfcf7af4d8 Added getQueryStringParameter method 2016-02-12 09:02:17 +00:00
Alex Bilbie
d96f57d27f Got rid of mystery $identifier class property, moved it to the getIdentifier method 2016-02-12 08:33:59 +00:00
Julián Gutiérrez
8b185e0580 Merge branch 'V5-WIP' into minor_merge 2016-02-12 00:12:56 +01:00
Alex Bilbie
ca776e83a2 Fix for header writing 2016-02-11 17:58:35 +00:00
Alex Bilbie
ddf3f1b890 Merge branch 'V5-WIP' into V5-AuthCode 2016-02-11 17:50:08 +00:00
Alex Bilbie
a40ac5d77b Minor fixes 2016-02-11 17:49:41 +00:00
Alex Bilbie
4bc89f3fc2 Removed unused import 2016-02-11 17:49:31 +00:00
Alex Bilbie
11d25eb5a1 Removed old exceptions 2016-02-11 17:49:24 +00:00
Alex Bilbie
770bda8f10 Merge pull request #431 from juliangut/redirectUri
V5 - use Psr\Http\Message\UriInterface
2016-02-11 17:35:33 +00:00
Alex Bilbie
7a8c92b3d9 Merge pull request #435 from juliangut/exception_middleware
V5 - Exception based access token check
2016-02-11 17:34:31 +00:00
Alex Bilbie
92a101f263 First commit of AuthCode rewrite 2016-02-11 17:30:01 +00:00
Julián Gutiérrez
b85f81c429 configurable refresh token TTL per grant 2016-01-21 18:11:53 +01:00
Julián Gutiérrez
8fb64041df client secret can be null 2016-01-20 12:50:23 +01:00
Julián Gutiérrez
44155a8efc allow refresh token ttl assign 2016-01-20 12:21:44 +01:00
Julián Gutiérrez
b7b1f56d0c stream write fix 2016-01-20 10:58:45 +01:00
Julián Gutiérrez
3e5889e93b minor improvements and documentation fixes 2016-01-20 10:36:16 +01:00
Julián Gutiérrez
ef5904ab1a exception based determineAccessTokenInHeader 2016-01-20 00:32:59 +01:00
Julián Gutiérrez
94cc7c2bc7 fix server reference 2016-01-20 00:16:12 +01:00
Alex Bilbie
1e1043c04f Merge pull request #432 from juliangut/middleware
V5 - authentication middleware
2016-01-17 19:33:38 +00:00
Julián Gutiérrez
8591fc7686 moved to authentication middleware 2016-01-17 18:40:26 +01:00
Alex Bilbie
86b75edca0 Merge pull request #430 from juliangut/scopedelimiter
V5 - remove scopedelimiter parameter
2016-01-17 16:40:55 +00:00
Alex Bilbie
13ddec3283 Fix for PasswordGrant 2016-01-17 16:38:25 +00:00
Alex Bilbie
322caa77af Fixes for RefreshTokenGrant 2016-01-17 16:35:52 +00:00
Julián Gutiérrez
95634fb390 compound redirect uri with Psr\Http\Message\UriInterface 2016-01-17 17:28:27 +01:00
Alex Bilbie
6beb8d42ff Replaced SecureKey::generate with random_bytes method 2016-01-17 16:16:01 +00:00
Julián Gutiérrez
6cffbfe33b remove scopedelimiter parameter 2016-01-17 17:01:08 +01:00
Alex Bilbie
5fcb47d66a Merge pull request #425 from juliangut/scopes_extraction
V5 - normalize validatescopes
2016-01-17 14:59:37 +00:00
Alex Bilbie
8566a128c8 Pass errors back up the chain 2016-01-17 14:56:42 +00:00
Alex Bilbie
419cb6d149 Use first array result 2016-01-17 14:56:35 +00:00
Alex Bilbie
f1d06e7c33 Use the error returned from the response type 2016-01-17 14:56:06 +00:00
Alex Bilbie
212938d1e2 Fixed call to static 2016-01-17 14:55:48 +00:00
Alex Bilbie
cd19f11799 Fixed conversion to response object 2016-01-17 14:55:36 +00:00
Julián Gutiérrez
4862ca7d60 fix conflicts 2016-01-17 15:49:55 +01:00
Alex Bilbie
660378c7b3 Added MAC auth scheme to 401 header 2016-01-17 14:28:13 +00:00
Alex Bilbie
3d08051cbb Removed default wording as there is no override 2016-01-17 14:23:18 +00:00
Alex Bilbie
0486d93fa3 Removed default wording as there are no overrides 2016-01-17 14:23:02 +00:00
Alex Bilbie
5a8659471c Public key is set in abstract grant now 2016-01-17 14:21:53 +00:00
Alex Bilbie
f6664c6917 Private and public key paths are injected into grants now 2016-01-17 14:21:35 +00:00
Alex Bilbie
5f22ead287 Updated access denied hint 2016-01-17 14:11:21 +00:00
Alex Bilbie
19b12cda8e Made getDefaultResponseType public 2016-01-17 14:08:53 +00:00
Alex Bilbie
6c787c374c First commit of ResourceServerMiddleware 2016-01-17 14:08:42 +00:00
Alex Bilbie
cd68103267 New server constructor 2016-01-17 14:03:41 +00:00
Alex Bilbie
6332ecfa0b Removed default overrides 2016-01-17 14:03:33 +00:00
Alex Bilbie
e43d95415b Inject required params into grant type 2016-01-17 14:03:07 +00:00
Alex Bilbie
d755a8c01d Updated the validation to BearerTokenResponse 2016-01-17 13:57:07 +00:00
Alex Bilbie
c7a904ca40 Added access token repository and public key path as required params to response type constructor 2016-01-17 13:56:46 +00:00
Alex Bilbie
8ee4dc7eb9 Fixed docblock 2016-01-17 13:56:14 +00:00
Alex Bilbie
645f719ee9 Added new repository setter methods to GrantTypeInterface 2016-01-17 13:55:12 +00:00
Alex Bilbie
0cc13630cc Cody tidy 2016-01-17 13:54:55 +00:00
Alex Bilbie
e21a13c82c Access token TTL is now configured on a per grant basis 2016-01-17 13:54:39 +00:00
Alex Bilbie
a4ce1e510e Scope delimiter string is no longer configurable 2016-01-17 13:53:18 +00:00
Alex Bilbie
ad05a5cae6 Scope delimiter is no longer a required parameter 2016-01-17 13:51:56 +00:00
Alex Bilbie
e6cc6c35ec Scope delimiter string is now a constant 2016-01-17 13:49:53 +00:00
Alex Bilbie
f74bca33ab Removed parameters that are no longer required 2016-01-17 13:48:40 +00:00
Alex Bilbie
90d9d7bdd6 Required repositories are now set by the server 2016-01-17 13:47:44 +00:00
Julián Gutiérrez
8d8dbaea0c normalize validatescopes 2016-01-17 14:35:43 +01:00
Alex Bilbie
03391e9630 Removed old access denied exception 2016-01-17 12:58:15 +00:00
Alex Bilbie
7242a8db31 Added access denied exception 2016-01-17 12:58:00 +00:00
Alex Bilbie
f44b618531 Docblock tidy 2016-01-17 12:57:50 +00:00
Alex Bilbie
9e4fd82763 Rewrote RefreshTokenGrant to understand encrypted tokens 2016-01-17 12:56:52 +00:00
Alex Bilbie
0744d8e926 Tidy up 2016-01-17 12:43:20 +00:00
Julián Gutiérrez
44ff8692dc abstract common grants tasks 2016-01-17 00:41:55 +01:00
Alex Bilbie
dce1620f60 Removed unused imports 2016-01-15 18:37:46 +00:00
Alex Bilbie
bcd84320da Updated docblocks 2016-01-15 18:37:26 +00:00
Alex Bilbie
a40374e6ec Merge branch 'V5-WIP' of github.com:thephpleague/oauth2-server into V5-WIP 2016-01-15 18:36:38 +00:00
Alex Bilbie
748ae15376 Updated docblock 2016-01-15 18:36:34 +00:00
Alex Bilbie
7811721d28 Merge pull request #421 from juliangut/deferred_creation
V5 - deferred default objects creation
2016-01-15 18:35:49 +00:00
Alex Bilbie
8f724bb720 Fix immutability issues 2016-01-15 18:32:53 +00:00
Julián Gutiérrez
65d981ad32 allow middleware use 2016-01-15 14:02:47 +01:00
Julián Gutiérrez
3de1b5917a deferred default objects creation 2016-01-15 12:41:48 +01:00
Alex Bilbie
0fbe447862 Removed old exceptions 2016-01-15 00:17:13 +00:00
Alex Bilbie
84a9802a67 Removed ServerAwareTrait 2016-01-15 00:14:41 +00:00
Alex Bilbie
f7b3c018c5 Removed old authorization server 2016-01-15 00:05:59 +00:00
Alex Bilbie
a88c30cb53 Added invalid refresh token exception 2016-01-14 23:47:49 +00:00
Alex Bilbie
5e6f0fc6a3 Code tidy 2016-01-14 23:47:41 +00:00
Alex Bilbie
b57b497cb7 Revoke both refresh token and access token 2016-01-14 23:47:19 +00:00
Alex Bilbie
0b061e3086 Refresh token is encrypted payload now instead of JWT 2016-01-14 23:47:06 +00:00
Alex Bilbie
304ea2baf4 Encrypt refresh token parameters instead of using JWT 2016-01-14 23:46:24 +00:00
Alex Bilbie
56060b2c16 Code tidy 2016-01-14 23:45:36 +00:00
Alex Bilbie
633746b02e Added KeyCrypt class 2016-01-14 23:44:39 +00:00
Alex Bilbie
936b8f93ec Addititonal refresh token validation 2016-01-13 00:38:23 +00:00
Alex Bilbie
c1d15aa15c Uset sub instead of uid 2016-01-13 00:38:08 +00:00
Alex Bilbie
79791e5848 Code tidy 2016-01-13 00:13:34 +00:00
Alex Bilbie
0efa7cd7ea Set the uid on the refresh token 2016-01-13 00:13:16 +00:00
Alex Bilbie
eef5cf39d4 Fixes to refresh grant 2016-01-13 00:12:10 +00:00
Alex Bilbie
6fb3fb5110 Updated refresh token grant 2016-01-12 23:53:03 +00:00
Alex Bilbie
a2bbb17483 Updated repository method names 2016-01-12 23:52:08 +00:00
Alex Bilbie
3135f1796e Generate a refresh token in password grant 2016-01-12 23:05:19 +00:00
Alex Bilbie
d565665ccb Code tidy 2016-01-12 23:05:07 +00:00
Alex Bilbie
13a1ea6db8 Updated token interface to drop owner concept for simple user identifier 2016-01-12 23:04:33 +00:00
Alex Bilbie
6358be90c2 Token is now linked to a user identifier instead of owner concept 2016-01-12 23:04:03 +00:00
Alex Bilbie
de89a6bc89 Code tidy 2016-01-12 23:03:38 +00:00
Alex Bilbie
e03ad0d52f Server constructor expects path to private key 2016-01-12 23:03:24 +00:00
Alex Bilbie
2a20de991b Docblock update 2016-01-12 23:02:54 +00:00
Alex Bilbie
b8732a2f83 BearerTokenResponse now outputs JWTs. Fixes #209 2016-01-12 23:02:45 +00:00
Alex Bilbie
1bdad3ad14 Updated AbstractResponseType with interface methods 2016-01-12 23:01:55 +00:00
Alex Bilbie
fd47712060 Removed unused methods 2016-01-12 23:01:19 +00:00
Alex Bilbie
6339524c86 Updated RefreshToken methods 2016-01-12 23:00:05 +00:00
Alex Bilbie
5f9feda80c ScopeEntity is JsonSerializable 2016-01-12 22:59:33 +00:00
Alex Bilbie
9958e1bf80 Added serverError exception 2016-01-12 22:59:14 +00:00
Alex Bilbie
758471ec16 Fixed docblock 2016-01-12 22:59:00 +00:00
Alex Bilbie
a9313e76d4 Removed old JsonWebTokenType response as all tokens are JWTs now 2016-01-12 22:56:10 +00:00
Alex Bilbie
e7e4892408 Fixed method parameter name 2015-11-16 12:58:38 +00:00
Alex Bilbie
46648f3e80 Updated password grant 2015-11-16 12:58:11 +00:00
Alex Bilbie
6f2e2a0071 Updated exceptions 2015-11-16 12:57:59 +00:00
Alex Bilbie
32b451aa21 Updates 2015-11-13 17:41:05 +00:00
Alex Bilbie
da8efa20cd Updated repository method names to be more explicit 2015-11-13 17:39:07 +00:00
Alex Bilbie
03e4ac7ea6 Removed service providers 2015-11-13 17:38:48 +00:00
Alex Bilbie
1442842da9 TokenType -> ResponseType 2015-11-13 17:38:23 +00:00
Alex Bilbie
b479cb7912 New OAuthServerException class 2015-11-13 17:37:37 +00:00
Alex Bilbie
41c7a6e731 Removed old exceptions 2015-11-13 17:37:28 +00:00
Alex Bilbie
82413513e8 Checkin 2015-10-14 09:51:53 +01:00
Alex Bilbie
2e3c6b4f3a Refactored constructor to set defaults, added new setter methods for default token TTL and default token type 2015-04-06 08:32:44 +01:00
Alex Bilbie
8e9b12fefd Code readability 2015-04-06 08:23:35 +01:00
Alex Bilbie
95a2308ff6 Added @todo 2015-04-06 08:23:24 +01:00
Alex Bilbie
9985f3eee2 Fixed docblock 2015-04-06 08:23:18 +01:00
Alex Bilbie
39df4ff9b1 Clarified docblock 2015-04-06 08:21:25 +01:00
Alex Bilbie
90d18c553d Broke expiration DateTime out into seperate variable for readability 2015-04-06 08:13:41 +01:00
Alex Bilbie
385b03db6f Import DateTime instead of using root namespace 2015-04-06 08:08:18 +01:00
Alex Bilbie
a15995c126 First commit of updated auth code grant 2015-04-05 21:57:29 +01:00
Alex Bilbie
f4cfd37745 Added isExpired method 2015-04-05 21:57:17 +01:00
Alex Bilbie
a0d5d5817b Updated AuthCodeEntity 2015-04-05 21:57:04 +01:00
Alex Bilbie
d468cbf600 Updated AuthCodeRepositoryInterface 2015-04-05 21:56:42 +01:00
Alex Bilbie
be14b3a2df Updated namespace 2015-04-05 21:14:22 +01:00
Alex Bilbie
1f1f0d8f15 Added PasswordGrantProvider to container 2015-04-05 21:14:06 +01:00
Alex Bilbie
8fcf93c489 Removed unused method 2015-04-05 21:13:53 +01:00
Alex Bilbie
bdd71743cd Added knowledge of UserRepository 2015-04-05 21:13:45 +01:00
Alex Bilbie
77b5282b46 Namespace updates 2015-04-05 21:13:15 +01:00
Alex Bilbie
e88d802918 Added UserEntityInterface 2015-04-05 21:13:04 +01:00
Alex Bilbie
61ab070692 Renamed ClientCredentialsGrantServerProvider to ClientCredentialsGrantProvider 2015-04-05 21:12:55 +01:00
Alex Bilbie
d3ed454881 Added PasswordGrantProvider 2015-04-05 21:12:26 +01:00
Alex Bilbie
b5bbf8332f Added JsonWebTokenType 2015-04-05 21:12:05 +01:00
Alex Bilbie
110d5ce76f Respond with json content-type header 2015-04-05 21:11:51 +01:00
Alex Bilbie
eabcf82268 Added UserRepositoryInterface 2015-04-05 21:10:50 +01:00
Alex Bilbie
6a78d53d03 Updated grants 2015-04-05 21:10:41 +01:00
Alex Bilbie
b831d19f8d Renamed interface 2015-04-05 21:10:18 +01:00
Alex Bilbie
721e52c5d9 Renamed response types to token types 2015-04-05 21:10:06 +01:00
Alex Bilbie
15cef6ba16 Code tidy 2015-04-05 18:16:26 +01:00
Alex Bilbie
72b741d7c9 Added generateHttpResponse method to exception 2015-04-05 18:16:21 +01:00
Alex Bilbie
26c1abdd3c Remove client secret propety on entity 2015-04-05 17:13:55 +01:00
Alex Bilbie
d63efc8dbf Updated grant type interface 2015-04-05 17:05:57 +01:00
Alex Bilbie
1e39f1d84a Updated abstract server 2015-04-05 17:03:13 +01:00
Alex Bilbie
0b66fd1948 First commit of new server class 2015-04-05 17:03:06 +01:00
Alex Bilbie
f1da0d2943 Added ClientCredentialsGrantServerProvider 2015-04-05 17:01:41 +01:00
Alex Bilbie
f964fd2962 Updated abstract grant and client credentials grant 2015-04-05 17:01:19 +01:00
Alex Bilbie
36a1a430b5 Updated response types 2015-04-05 17:01:00 +01:00
Alex Bilbie
3721ecb40a Updated repository interfaces 2015-04-05 17:00:43 +01:00
Alex Bilbie
f357602090 Removed old traits 2015-04-05 14:03:34 +01:00
Alex Bilbie
a48630c837 New entities, traits and interfaces 2015-04-05 14:03:25 +01:00
Alex Bilbie
171be1c422 Updated .gitignore and .gitattributes 2015-04-05 13:59:38 +01:00
Alex Bilbie
a73322fb43 Renamed namespace Util > Utils 2015-04-04 15:42:12 +01:00
Alex Bilbie
027971776b Namespace renamed TokenType > TokenTypes 2015-04-04 15:41:53 +01:00
Alex Bilbie
5d7eeb0512 Spelling fix 2015-03-01 21:29:52 +00:00
Alex Bilbie
742b51c2cd Removed domain events 2015-03-01 21:29:47 +00:00
Alex Bilbie
cc7596f3b3 Renamed storage to repository 2015-02-22 19:44:26 +00:00
Hannes Van De Vreken
dd795a82f4 Changed the order and added missing throws 2015-01-23 11:21:12 +01:00
Hannes Van De Vreken
166362d3cd Boyscouting the php docs to always use FQCNs 2015-01-23 11:17:19 +01:00
Scott Arciszewski
612775466c Remove side-effects in hash_equals()
This is functionally identical, but without the side-effect of defining a function in the current namespace.

Also, it uses absolute function reference (`\hash_equals` instead of `hash_equals`) because if someone defined `League\OAuth2\Server\TokenType\hash_equals()` elsewhere, it would try that first.

Kudos for using `hash_equals()` in your original design for this feature. Many OAuth2 implementations neglect this nuance :)
2015-01-01 01:34:22 -05:00
Alex Bilbie
282bb20cc8 Fix docblocks + method name 2014-12-27 23:00:11 +00:00
Alex Bilbie
b727be55a2 Merge branch 'master' of https://github.com/Symplicity/oauth2-server into Symplicity-master 2014-12-27 22:57:08 +00:00
Alex Bilbie
72a5c1794a Remove unused namespace 2014-12-27 22:50:13 +00:00
Alex Bilbie
707c85b0d6 Fixes and tests 2014-12-27 22:26:31 +00:00
Alex Bilbie
c56562b0b8 PSR fixes 2014-12-27 21:38:01 +00:00
Alex Bilbie
17be6f4549 Added MacTokenInterface 2014-12-27 21:35:45 +00:00
Alex Bilbie
b50fbff1e3 Update docblock 2014-12-27 21:35:45 +00:00
Alex Bilbie
7375a348c6 PHP code fix 2014-12-27 21:35:45 +00:00
Alex Bilbie
ae5dd9ce65 Added MAC TokenType 2014-12-27 21:35:45 +00:00
Alex Bilbie
f9e56ff62a Added MAC storage getter and setter 2014-12-27 21:35:45 +00:00
Dave Walker
851c7c0eb1 Per the spec:
The authorization server MAY issue a new refresh token, in which case
   the client MUST discard the old refresh token and replace it with the
   new refresh token.  The authorization server MAY revoke the old
   refresh token after issuing a new refresh token to the client.  If a
   new refresh token is issued, the refresh token scope MUST be
   identical to that of the refresh token included by the client in the
   request.

This commit allows users to specifiy the time before the Refresh Token
expire time to issue a new Refresh Token.

alter method names, naming convention(?)
2014-12-21 18:51:52 -05:00
mortenhauberg
60bd334b46 Changed "paremter" to "parameter" 2014-12-16 19:04:03 +01:00
Regan
d32bfaa757 Prevent duplicate session in auth code grant
The session already exists in the database, so we don't need to save it again. Doing so results in the session used for the auth code hanging around in the database with nothing associated to it, while the access token is associated to a new session caused by the `save()` method creating a duplicate. Fixes #266.
2014-12-15 15:09:36 +13:00
Graham Campbell
a12786cbd5 Removed an extra new line 2014-12-10 15:18:49 +00:00
Graham Campbell
a1726903b5 CS fixes 2014-12-10 13:10:35 +00:00
Ivan Enderlin
3b176fe220 Fix API CS. 2014-12-09 14:40:39 +01:00
Ivan Enderlin
986dc59627 The create method returns void. 2014-12-09 14:40:39 +01:00
Ivan Enderlin
0878897969 Fix API CS. 2014-12-09 14:15:36 +01:00
Scott Arciszewski
7a63f42462 Update DefaultAlgorithm.php
Prevent edge-case whereby, if the majority of `base64_encode($bytes)` consists of `/` or `+` characters, the resulting key will be shorter and less unpredictable (due to a smaller keyspace) than anticipated.

As a result, the `$len * 2` hack has been removed. Although it is highly probable that `$len * 2` will stop most edge cases from occurring, it does not actually guarantee the end result will be at least 40 characters long.
2014-12-08 18:40:31 -05:00
Alex Bilbie
f8b61b47b9 Ensure Refresh Token Entity hasn't expired 2014-12-03 23:22:14 +00:00
Alex Bilbie
b8331d12e4 Syntax improvements 2014-12-03 23:21:54 +00:00
Alex Bilbie
e1c0ff2685 Code coverage improvements in grant classes 2014-11-23 23:32:50 +00:00
Alex Bilbie
76de634f2b Added setSession on TokenTypeInterface as per #255 2014-11-21 00:06:17 +00:00
Alex Bilbie
cfada388db Declared methods from AbstractGrant on GrantTypeInterface as per #255 2014-11-21 00:06:01 +00:00
Alex Bilbie
2f971dc77f Declared all of the methods in AbstractTokenType in TokenTypeInterface as per #255 2014-11-20 23:54:52 +00:00
Alex Bilbie
ae7b7e9aa9 Fixed namespace includes 2014-11-20 23:54:14 +00:00
Alex Bilbie
bed6c3287e Spelling fixes 2014-11-20 23:53:14 +00:00
Alex Bilbie
f83e5a8731 Learnt how to spell delimiter 2014-11-20 23:52:29 +00:00
Brooke Bryan
6a1f927a6c Check refreshToken isset before attempting to call methods on it 2014-11-13 12:20:59 +00:00
Brooke Bryan
b2c0933ee6 Docbloc improvements 2014-11-12 18:10:29 +00:00
Luca Degasperi
001c15bfad Update ResourceServer.php 2014-11-09 09:45:20 +01:00
Graham Campbell
4c1cd04a24 CS fixes 2014-11-08 18:26:12 +00:00
Alex Bilbie
6b29b7450e If the client should redirect during AuthCodeGrant authorisation then provide a redirect uri 2014-11-08 17:03:15 +00:00
Alex Bilbie
b9debaab26 Fix #231 2014-11-08 16:44:39 +00:00
Alex Bilbie
856051bfb3 Fix #232 2014-11-08 16:20:13 +00:00
Alex Bilbie
a2a768b6e6 All interfaces extend StorageInterface 2014-11-07 02:31:37 +00:00
Alex Bilbie
4bbbc72035 Added StorageInterface 2014-11-07 02:29:04 +00:00
Alex Bilbie
3815355489 Removed generic getStorage method and replaced with distinct calls to getters 2014-11-07 02:20:06 +00:00
Alex Bilbie
9bb7af6f83 More docblock fixes 2014-11-07 01:48:23 +00:00
Alex Bilbie
d16b1b72ba Docblock fix 2014-11-07 01:36:17 +00:00
Alex Bilbie
e37289231d Removed dead code 2014-11-07 01:36:12 +00:00
Alex Bilbie
1c2ec943e9 Missing parameter 2014-11-07 01:35:59 +00:00
Alex Bilbie
17dfc897b4 Docfix 2014-11-07 01:30:54 +00:00
Alex Bilbie
7586e62da1 Dead code 2014-11-07 01:30:50 +00:00
Alex Bilbie
a1c3746a5a Another docblock fix 2014-11-07 01:26:42 +00:00