260 Commits

Author	SHA1	Message	Date
Alex Bilbie	1af4012df4	New property on AuthorizationServer to receive an encryption key which is used for future encryption/decryption instead of keybased encryption/decryption	2017-07-01 16:45:29 +01:00
Alex Bilbie	57d199b889	Stricter validation of code challenge value to match RFC 7636 requirements	2017-07-01 16:44:43 +01:00
Alex Bilbie	56e8d374fb	Fix broken tests	2016-09-19 10:06:00 +01:00
Alex Bilbie	11ccc305d0	Applied fixes from StyleCI	2016-09-13 14:17:09 +00:00
Alex Bilbie	0ebdcd2ab8	Merge pull request #614 from lookyman/better-tests ... Improved tests	2016-07-25 12:17:28 -04:00
Julián Gutiérrez	065ef5db99	CryptKey tests	2016-07-19 17:15:36 +02:00
Ian Littman	090c01d3d1	Allow easy addition of custom fields to Bearer token response	2016-07-16 10:27:33 -05:00
Lukáš Unger	17b6e2a207	tests: Fix missing redirect uri test, add redirect uri mismatch test	2016-07-08 16:04:14 +02:00
Lukáš Unger	54422a244f	tests: AuthCodeGrantTest additional tests	2016-07-08 15:31:29 +02:00
Lukáš Unger	9899aa1f99	tests: ImplicitGrantTest additional tests	2016-07-08 15:30:59 +02:00
Lukáš Unger	32efd091a1	tests: use MockBuilder everywhere	2016-07-08 15:29:21 +02:00
Alex Bilbie	66de05a395	Merge pull request #605 from jfilla/master ... Added catch Runtime exception when parsing JWT string	2016-06-28 08:49:29 +01:00
Alex Bilbie	df20da1235	Merge pull request #601 from zerkms/ISSUE-596_UNIQUE_ACCESS_TOKEN ... Added a check for unique access token constraint violation	2016-06-28 08:48:38 +01:00
Jakub Filla	9eccc40eb6	Added catch Runtime exception when parsing JWT string	2016-06-22 12:38:03 +02:00
Ian Littman	9775c0076b	Look at Authorization header directly for HTTP Basic auth check ... Should allow for better compatibility with server implementations that aren't sitting on top of a standard SAPI (e.g. persistent web servers building a PSR-7 compatible request from a socket-received message). One catch here is that I've seen Apache hijack the HTTP Authorization header in the past, though that would probably impact the other aspects of the server just as much as it would this, so I think that risk is manageable. Added tests to cover all paths through the new code, so the AbstractGrant type still has 100% coverage :) Did notice that, as of the latest versions of PHPUnit, the mock creation method is deprecated. Maybe that needs to be updated? Haven't checked to see whether the replacements are PHPUnit 4.8 compatible though, so maybe they need to stay in order to test on older PHP versions?	2016-06-21 21:08:38 -05:00
Ivan Kurnosov	b68ef973df	Added a check for unique access token constraint violation	2016-06-20 20:19:03 +12:00
Ivan Kurnosov	6b88cbeb13	Removed isExpired() from interfaces and traits	2016-06-17 19:50:04 +12:00
Alex Bilbie	8e8aed1a50	Implemented RFC7636. Fixes #574	2016-05-06 15:23:16 +01:00
Alex Bilbie	77737e7894	Applied fixes from StyleCI	2016-04-17 08:06:17 -04:00
Alex Bilbie	7c35778316	Added tests for resource server middleware	2016-04-17 12:54:39 +01:00
Alex Bilbie	f6f39698d9	Renamed Server to AuthorizationServer	2016-04-17 12:54:25 +01:00
Alex Bilbie	103b0cc50d	Fixed broken test	2016-04-10 17:15:48 +01:00
Alex Bilbie	495b55d1e8	Applied fixes from StyleCI	2016-04-10 11:14:08 -04:00
Alex Bilbie	92a483b3bd	Improved tests	2016-04-10 16:14:01 +01:00
Alex Bilbie	5969082963	Fix tests and improve code coverate	2016-04-10 15:58:01 +01:00
Alex Bilbie	7a6d9a4510	Fixed broken AuthCodeGrant tests	2016-04-10 15:15:29 +01:00
Alex Bilbie	a0c4900ee7	Client is not required here because of finalizeScopes method	2016-04-10 13:53:16 +01:00
Alex Bilbie	5d3516c7b4	Applied fixes from StyleCI	2016-04-10 06:48:46 -04:00
Alex Bilbie	5410a42bb6	Fix to broken methods	2016-04-10 10:28:12 +01:00
Alex Bilbie	4689802c30	Renamed server respondToRequest to respondToAccessTokenRequest	2016-04-09 16:20:30 +01:00
Alex Bilbie	0ca2511d1e	Applied fixes from StyleCI	2016-04-09 10:46:46 -04:00
Alex Bilbie	2c2ef800d4	Applied fixes from StyleCI	2016-04-09 10:46:40 -04:00
Alex Bilbie	47656cd9b5	Fix broken tests	2016-04-09 15:44:38 +01:00
Alex Bilbie	c6faa228fe	Updated references to interfaces	2016-04-09 15:25:45 +01:00
Alex Bilbie	3c0a7f14ab	Fixed broken tests	2016-04-09 14:15:10 +01:00
Alex Bilbie	198f4c4b6f	Merge branch 'token_from_repo' of https://github.com/frederikbosch/oauth2-server into frederikbosch-token_from_repo ... # Conflicts: # tests/Grant/AuthCodeGrantTest.php # tests/Grant/ImplicitGrantTest.php # tests/Grant/RefreshTokenGrantTest.php	2016-04-09 14:12:06 +01:00
Alex Bilbie	fc9e912e06	Fixed broken test	2016-04-09 13:45:38 +01:00
Alex Bilbie	39281a6f38	Merge branch 'repository_on_response' of https://github.com/juliangut/oauth2-server into juliangut-repository_on_response ... # Conflicts: # tests/ResponseTypes/BearerResponseTypeTest.php	2016-04-09 13:43:33 +01:00
Alex Bilbie	656a8d7a56	Merge pull request #502 from juliangut/passphrase ... V5 - Handle RSA key passphrase	2016-04-09 13:40:28 +01:00
Alex Bilbie	8274c56fc2	Allow multiple client redirect URIs. Fixes #511	2016-04-09 13:36:08 +01:00
Frederik Bosch	de8f6ff539	add getNewAccessToken getNewRefreshToken and getNewAuthCode to repositories	2016-04-04 10:37:06 +02:00
Julián Gutiérrez	a38b7f97f9	include keys in Server tests	2016-03-28 17:10:41 +02:00
Julián Gutiérrez	197657f2b9	handle RSA key passphrase	2016-03-28 16:42:34 +02:00
Julián Gutiérrez	e513b42117	remove access token repository from response types	2016-03-28 12:10:51 +02:00
Frederik Bosch	fbf4388b01	prevent double persist of token when doing refresh grant	2016-03-24 17:24:17 +01:00
Alex Bilbie	2b76e2bf6e	Fix for broken test which wasn't actually broken but was	2016-03-24 10:07:09 +00:00
Alex Bilbie	a18b8c57b2	Fix broken tests	2016-03-23 18:50:14 +00:00
Alex Bilbie	878afeb9f9	ClientRepository implementations are now responsible for dealing with client secret	2016-03-22 16:29:04 +00:00
Julián Gutiérrez	b629b5e53f	styleCI request	2016-03-18 00:38:37 +01:00
Julián Gutiérrez	4b775fe241	include CryptTrait tests, allow Server::respondToRequest trhow exceptions and fix ResposeType tests	2016-03-18 00:25:32 +01:00