Commit Graph

514 Commits

Author SHA1 Message Date
Alex Bilbie
2552b73b17 Added rotateRefreshTokens() method 2013-05-10 16:00:40 -07:00
Alex Bilbie
8c4019693b Updated @ziege's patch to overcome awkward access token definition requirement (i.e. access token can have a space in it) and also optimised code. Fixes #52 2013-05-10 12:57:34 -07:00
ziege
b88ef82563 Fixed two probems in access token check
1) The method returned the wrong result in case when the access token itself contained the string "Bearer".

2) When using cURL, the request is sometimes send twice (in my case when the first request returned a 404 error), and the Authorization header of the second request is doubled, so that you get a "Authorization: Bearer XXX, Bearer XXX". This case is checked now. (BTW: Tested with the current PHP version 5.4.15 on Windows.)
2013-05-10 20:00:01 +02:00
Alex Bilbie
41a7125370 Accidentally used PHP 5.4 style bracket 2013-05-09 11:48:21 -07:00
Alex Bilbie
f4bcfee687 Update associated scopes if requested in refresh access token. Fixes #47 2013-05-09 11:42:28 -07:00
Alex Bilbie
6d8eb9d05e Added removeRefreshToken method to SessionInterface 2013-05-09 11:40:29 -07:00
Alex Bilbie
76f2f6a5e1 Don't delete old sessions when issuing new access tokens using the Password or Client Credential grants. Fixes #32 2013-05-09 10:43:44 -07:00
Alex Bilbie
d677b765b2 Renamed scopes.key to scopes.scope. Updated ScopeInterface and PDO/Scope. Fixes #45 2013-05-09 10:23:41 -07:00
Alex Bilbie
7035792325 Allow for multiple default scopes. Fixes #42 2013-05-09 10:15:36 -07:00
Alex Bilbie
351c2e97ea If scope parameter is required and there are not requested scopes AND there is no default scope set then fail
Should have been included in with previous commit
2013-05-09 10:06:44 -07:00
Alex Bilbie
ddefb2ee16 Set the scope parameter to not be required by default. Fixes #43 2013-05-09 10:02:41 -07:00
Alex Bilbie
69af252844 Fixed docblock 2013-05-09 09:45:10 -07:00
Alex Bilbie
77fbb2a851 Removed docblocks from session PDO class 2013-05-09 07:55:54 -07:00
Alex Bilbie
c0683586e2 A refresh token should be bound to a client ID 2013-05-09 07:55:10 -07:00
Alex Bilbie
dbe21cc5a7 Removed null as default for parameters 2013-05-08 19:36:00 -07:00
Alex Bilbie
972e517280 Added example queries and expected responses 2013-05-08 18:37:34 -07:00
Alex Bilbie
ca9760cd36 Updated docblocks and example queries in scope and client storage interfaces 2013-05-08 18:16:24 -07:00
Alex Bilbie
1e57533127 Added getClientId method 2013-05-08 18:06:18 -07:00
Alex Bilbie
92e217d0ac Show default parameters 2013-05-08 18:06:09 -07:00
Alex Bilbie
707354348a Changed scope to be a delimiter to a space as required by the spec 2013-05-08 17:42:15 -07:00
Alex Bilbie
46f0e6c84d Updated docblocks 2013-05-08 17:04:01 -07:00
Alex Bilbie
1dd768545a Updated more docblocks 2013-05-08 14:10:58 -07:00
Alex Bilbie
787c8c566f Updated docblocks 2013-05-08 14:10:48 -07:00
Alex Bilbie
fd10861065 Added missing docblock 2013-05-08 14:10:15 -07:00
Alex Bilbie
0812ca2927 Added missing clientId variable, fixed docblock 2013-05-08 13:59:17 -07:00
Alex Bilbie
a8a375ed1f Anal code style fix 2013-05-08 13:40:15 -07:00
Alex Bilbie
e2350a65b1 Removed unused functions 2013-05-08 13:24:29 -07:00
Alex Bilbie
437833cd32 Renamed AuthServer to Authorization, renamed ResourceServer to Resource. Updated all tests and other files 2013-05-08 11:42:23 -07:00
Alex Bilbie
1df524ae6e Added missing docblocks 2013-05-08 11:31:38 -07:00
Alex Bilbie
9d1693cf78 Fixed incorrect @link 2013-05-08 11:30:53 -07:00
Alex Bilbie
5524e9b9c8 Moved files into server namespace/folder and updated docblock copyright statements 2013-05-08 11:29:24 -07:00
Alex Bilbie
850473ce40 Renamed namespace to League\OAuth2\ 2013-05-08 11:06:09 -07:00
Alex Bilbie
56b8b7c64e Updated associateRefreshToken to use expire time 2013-05-08 10:38:16 -07:00
Alex Bilbie
d6932cbb5e Renamed get/setExpiresIn to get/setAccessTokenTTL 2013-05-08 10:35:13 -07:00
Alex Bilbie
c77484e97b Added refresh token TTL 2013-05-08 10:34:25 -07:00
Alex Bilbie
9f90cd2635 Added method to set the auth token TTL 2013-05-07 15:20:32 -07:00
Alex Bilbie
8fd9e3f312 Renamed setExpiresIn method to accessTokenTTL 2013-05-07 15:16:30 -07:00
Alex Bilbie
fdebbac2df Allow grant access token expiresIn override 2013-05-06 15:04:00 -07:00
Alex Bilbie
a561a9d98a Throw an exception if a grant can't be loaded when called in getGrantType 2013-05-06 13:57:46 -07:00
Alex Bilbie
38f6be2aa0 Removed unnecessary methods 2013-05-05 18:22:03 +01:00
Alex Bilbie
d0abd8c295 Fixed getting of session scopes 2013-05-05 18:18:55 +01:00
Alex Bilbie
9be23cf222 Added session scopes 2013-05-05 18:16:28 +01:00
Alex Bilbie
90508a191d Get scopes by access token instead of session ID 2013-05-05 18:14:27 +01:00
Alex Bilbie
10d7d3cb3d Updated response params 2013-05-05 18:11:01 +01:00
Alex Bilbie
89850420f6 Updated query to return session details 2013-05-05 18:09:47 +01:00
Alex Bilbie
9b73eab07c SQL query fix 2013-05-05 18:06:00 +01:00
Alex Bilbie
6897e233d4 Changed variable syntax style to be PSR2 2013-05-05 18:05:46 +01:00
Alex Bilbie
acfadc8993 Actually fixed the bug in validateAccessToken this time 2013-05-05 18:01:00 +01:00
Alex Bilbie
cc81e20206 Bug fix in validateAccessToken 2013-05-05 18:00:08 +01:00
Alex Bilbie
92303c7b26 Implemented validateAccessToken in PDO 2013-05-05 17:58:40 +01:00
Alex Bilbie
2866185349 Updated implicit grant 2013-04-30 15:51:55 +01:00
Alex Bilbie
b9570ac6b0 Fixed getScopes 2013-04-30 15:48:11 +01:00
Alex Bilbie
2a3ae641ab Added getAccessToken, fixed validateRefreshToken docblock 2013-04-30 15:38:48 +01:00
Alex Bilbie
d149490c78 Updated getScopes 2013-04-30 15:32:07 +01:00
Alex Bilbie
c0d8a2c4fb Lots of updated functions 2013-04-30 15:08:20 +01:00
Alex Bilbie
5b03859467 Removed unnecessary code 2013-04-30 15:08:03 +01:00
Alex Bilbie
a661634194 Updated refresh token grant 2013-04-30 15:07:44 +01:00
Alex Bilbie
c73d45fc07 PSR-2 fix 2013-04-30 14:33:30 +01:00
Alex Bilbie
85a53d7470 Fixed Password grant to match past updates 2013-04-30 14:28:59 +01:00
Alex Bilbie
18eea191ed Fixed docblock 2013-04-30 14:28:40 +01:00
Alex Bilbie
14cff9ea44 Added missing db init 2013-04-29 11:59:45 +01:00
Alex Bilbie
1696903b8b Removed extra bracket 2013-04-29 11:53:20 +01:00
Alex Bilbie
13c67c9a40 Updated completeFlow 2013-04-29 11:31:07 +01:00
Alex Bilbie
2dcb81d93c Updated newAuthoriseRequest 2013-04-29 11:25:23 +01:00
Alex Bilbie
b39a9a5edc Added missing DB instance::get() calls 2013-04-29 11:13:31 +01:00
Alex Bilbie
325242e3aa Added missing third parameter 2013-04-29 11:12:35 +01:00
Alex Bilbie
757d2a4fd9 Removed scalar type hinting because it isn't supported 2013-04-29 11:11:16 +01:00
Alex Bilbie
725ab74e5c Updated PDO session 2013-04-29 11:02:32 +01:00
Alex Bilbie
b7ca5d330b Updated associateRefreshToken 2013-04-29 11:02:03 +01:00
Alex Bilbie
4034bea6d1 Updated client credentials grant 2013-04-29 10:36:35 +01:00
Alex Bilbie
6751c4d2fe Fixed mistake from previous commit 2013-04-29 10:35:47 +01:00
Alex Bilbie
53a55d4946 Completely scrapped the old SessionInterface and simplified it 2013-04-29 10:34:11 +01:00
Alex Bilbie
79338d0d75 Delete an associated auth code 2013-04-29 00:02:00 +01:00
Alex Bilbie
17bc6a1512 Comment update 2013-04-29 00:01:51 +01:00
Alex Bilbie
6543ebcd4d Updated updateSession code 2013-04-29 00:01:34 +01:00
Alex Bilbie
351bec6019 Don't associate a scope with a session, we associate it with an access token later 2013-04-29 00:01:07 +01:00
Alex Bilbie
a4715bfc3b Updated create a new session 2013-04-29 00:00:04 +01:00
Alex Bilbie
4ef8030a93 First commit of PDO storage class 2013-04-28 23:58:01 +01:00
Alex Bilbie
7bfbe81f61 Started PDO storage classes 2013-04-28 23:57:50 +01:00
Alex Bilbie
81d6bcf00a Changed params around and removed line breaks 2013-04-28 23:57:29 +01:00
Alex Bilbie
a265b027cc Removed stage parameter 2013-04-23 13:52:21 +01:00
Alex Bilbie
4727a83d84 Removed stage parameter 2013-04-23 13:29:33 +01:00
Alex Bilbie
645d412c02 Removed die(var_dump()) 2013-03-31 13:57:35 +01:00
Alex Bilbie
5f1609577e Added stateParamRequired method 2013-03-31 13:57:24 +01:00
Alex Bilbie
351580d9d8 Added getResponseTypes() method 2013-03-31 13:37:12 +01:00
Alex Bilbie
9c9db978c6 Move authorisation code grant stuff into own grant 2013-03-31 13:37:02 +01:00
Alex Bilbie
a18b4184f5 getScopes() now have the grant type and client ID passed 2013-03-28 10:44:45 +00:00
Alex Bilbie
a7b4f7d66b Added grant to getClient calls. Fixes #21 2013-03-27 14:47:07 +00:00
Alex Bilbie
3481ec8aa2 Variable name fixes + little changes to support unit tests 2013-03-27 14:26:46 +00:00
ziege
e563230f10 Method to get all headers for the error response
Method added to get all required headers for the error response, according to the RFC - the correct HTTP status code and the "WWW-Authenticate" header in special cases.
2013-03-27 13:33:09 +00:00
ziege
4cb4d5ba21 Refresh token removed in Client Credentials Grant
As defined in RFC: http://tools.ietf.org/html/rfc6749#section-4.4.3
2013-03-27 13:25:58 +00:00
ziege
74d9946db3 Storage corrected
Wrong client storage replaced with session storage
2013-03-22 17:24:36 +01:00
Alex Bilbie
85312f6995 Updated ClientCredentials to properly include scopes 2013-03-22 12:36:18 +00:00
Alex Bilbie
f463eb9db1 Style fixes 2013-03-22 11:44:53 +00:00
Alex Bilbie
f4cdfa91c1 Updated Password grant 2013-03-22 11:41:04 +00:00
Alex Bilbie
105a5b2a31 Fixed client_id and client_secret retrieval from request in conformity with the RFC 2013-03-22 10:40:47 +00:00
Alex Bilbie
493834fcbf Removed base64 decoding of token when present in authorization header. Fixes #23 2013-03-22 10:35:42 +00:00
Alex Bilbie
fce24aa74d Added getDefaultScope method 2013-03-21 16:22:44 +00:00
Alex Bilbie
0c30b9ca66 Added scopeParamRequired method 2013-03-21 16:22:29 +00:00
Alex Bilbie
03aa81450e Renamed method to setDefaultScope 2013-03-21 16:22:16 +00:00
Michael Gooden
5bd62fe942 Add optional default scope parameter.
Signed-off-by: Michael Gooden <me@michaelgooden.net>
2013-03-21 14:47:29 +00:00
lapause
26781d2c38 Corrected wrong return documentation for SessionInterface::validateAuthCode() method 2013-03-21 14:42:51 +00:00
lapause
18e1bb33de Added missing details (return values on failure) to methods of SessionInterface 2013-03-21 14:42:47 +00:00
lapause
3a6468897f Removed obsolete namespace inclusion 2013-03-21 14:42:43 +00:00
lapause
97484eea6a Typo correction in inline doc 2013-03-21 14:42:38 +00:00
Alex Bilbie
3341728eb2 Added implicit grant 2013-03-06 18:01:44 +00:00
Alex Bilbie
6b172d4c27 Made getGrantType public for use with implicit grant 2013-03-06 18:01:34 +00:00
Alex Bilbie
4962762c28 Change from static calls 2013-03-06 18:01:12 +00:00
Alex Bilbie
56b559894c Spelling fix 2013-03-06 17:57:48 +00:00
Alex Bilbie
a9a68a5cc8 Added scope parameter association for clientcredentials and password scope
TODO: Unit tests
2013-03-06 17:18:48 +00:00
Alex Bilbie
542ca52d49 Set a default parameter for getParam 2013-03-06 17:18:13 +00:00
Alex Bilbie
7d0c075b36 It ain't static anymore Jim 2013-03-06 17:18:04 +00:00
Alex Bilbie
07c07ccb5e Removed static functions, inject authserver instance into grants 2013-03-06 16:59:18 +00:00
Michael Gooden
f70c039275 Fix state parameter check typo 2013-03-04 17:31:59 +02:00
Alex Bilbie
34a7d14557 Added requireStateParam() method. Fixes #9 2013-03-04 13:15:12 +00:00
Alex Bilbie
f5b6b43bef Added requireScopes() method 2013-03-04 13:10:00 +00:00
Michael Gooden
3be3794311 Normalise long function definition.
Signed-off-by: Michael Gooden <michael@bluepointweb.com>
2013-03-04 12:20:11 +00:00
Michael Gooden
710c65aa42 Fix typo in SessionInterface::validateAuthCode. 2013-03-04 12:20:11 +00:00
Alex Bilbie
ffac434bcc Added missing state parameter 2013-02-22 15:38:47 +00:00
Alex Bilbie
822669fc0c Update getScopes 2013-02-21 17:51:01 +00:00
Alex Bilbie
22dcef33da Fixed SQL to get a session\'s scopes 2013-02-21 17:42:30 +00:00
Alex Bilbie
43d064733f Changed all mentions of authentication to authorization server 2013-02-20 12:40:42 +00:00
Alex Bilbie
e3f13bf545 Use self::getParam 2013-02-19 00:40:30 +00:00
Alex Bilbie
4b63c20a58 Updated docblocks with correct SQL 2013-02-19 00:26:28 +00:00
Alex Bilbie
92d9435bba Added method to get the exception type 2013-02-15 16:29:00 +00:00
Alex Bilbie
f818bdf40e Updated docblocks 2013-02-13 19:59:08 +00:00
Alex Bilbie
246732153c Updated grantTypes to use AuthServer::getParam() 2013-02-13 19:39:43 +00:00
Alex Bilbie
4506037bda Docblock updates 2013-02-13 19:36:56 +00:00
Alex Bilbie
d99002ef2f Renamed variable as $authParams is no longer used 2013-02-13 19:36:10 +00:00
Alex Bilbie
1e2d2b3d25 Added AuthServer::getParam() function to reduce repetitive code 2013-02-13 18:25:10 +00:00
Alex Bilbie
0f4546db47 Changed 'oauth_token' to 'access_token' 2013-02-13 17:10:44 +00:00
Alex Bilbie
1cfe10105a Updated docblocks for the two main classes 2013-02-12 20:33:23 +00:00
Alex Bilbie
e771099568 Removed unnecessary functions 2013-02-12 17:22:15 +00:00
Alex Bilbie
61d1685e84 Minor fixes to password grant 2013-02-12 16:45:33 +00:00
Alex Bilbie
d2267dbd24 Added Password grant 2013-02-12 16:22:14 +00:00
Alex Bilbie
87186d73b7 Removed old client code which can be now be found at lncd/oauth2-client 2013-02-12 16:01:02 +00:00
Alex Bilbie
e76111c2b7 Fixed silliness with access token verification 2013-02-08 11:45:51 +00:00
Alex Bilbie
60b2caf41d Various fixes and tweaks 2013-02-08 11:40:33 +00:00
Alex Bilbie
89f3c35466 Authorization header fixes 2013-02-07 16:16:09 +00:00
Alex Bilbie
55d68bd105 Import namespace for util\request 2013-02-07 14:54:56 +00:00
Alex Bilbie
562c257596 Various bug fixes 2013-02-05 16:20:45 +00:00
Alex Bilbie
322eb15bb5 Revert "Removed unnecessary code"
This reverts commit c89a2346a8.
2013-02-05 15:57:24 +00:00
Alex Bilbie
6b4e51b3a3 Removed unnecessary interfaces 2013-02-05 15:56:03 +00:00
Alex Bilbie
e903cbee68 Update request class namespace 2013-02-05 15:55:38 +00:00
Alex Bilbie
920fd9344f Moved request class to util folder 2013-02-05 15:55:04 +00:00
Alex Bilbie
7a646d3a84 Renamed client get function 2013-02-05 14:47:54 +00:00
Alex Bilbie
66bea97e8c Bug fixes based on previous code changes 2013-02-05 10:07:36 +00:00
Alex Bilbie
4a50af333d Added code coverage blocks 2013-02-04 19:46:06 +00:00
Alex Bilbie
c89a2346a8 Removed unnecessary code 2013-02-04 19:45:58 +00:00
Alex Bilbie
22f793a16f Fixed getClient call 2013-02-04 19:45:47 +00:00