Alex Bilbie
8e8aed1a50
Implemented RFC7636. Fixes #574
2016-05-06 15:23:16 +01:00
İsmail BASKIN
7285ede563
Include redirect_uri check on authorization endpoint
2016-05-04 13:34:37 +03:00
Alex Bilbie
db055f790d
Revert "Remove redundant parameters in example" #553
...
This reverts commit 9a93dca05c
.
2016-05-04 09:10:05 +01:00
Alex Bilbie
cf63403585
Merge branch 'master' of github.com:thephpleague/oauth2-server
2016-05-04 08:56:04 +01:00
Alex Bilbie
cdf43e498e
Use constant for event name instead of explicit string. Fixes #563
2016-05-04 08:55:57 +01:00
Alex Bilbie
a12fc98b0d
Merge pull request #569 from ismailbaskin/patch-2
...
Correct wrong phpdoc
2016-05-04 08:45:58 +01:00
Lee
0bb968f413
Fixed typo in exception string
2016-05-04 15:13:48 +08:00
ismail BASKIN
88b19ad2d0
Correct wrong phpdoc
2016-05-04 00:54:36 +03:00
ismail BASKIN
72cd9a62e1
Remove unused request property
2016-04-30 05:08:28 +03:00
Alex Bilbie
acf262f879
Merge pull request #553 from markinjapan/patch-1
...
Remove redundant parameters in getNewToken()
2016-04-27 20:58:29 +01:00
Alex Bilbie
5241309bdb
Fixes #560
2016-04-27 20:53:12 +01:00
Mark
a6b7a5cedc
Remove use of redundant parameters
2016-04-20 16:52:36 +09:00
Mark
78b6bddc4d
Remove redundant parameters
2016-04-20 16:29:37 +09:00
Alex Bilbie
7bfd5b7d0d
Added abstract methods for required methods
2016-04-18 12:22:15 +01:00
Alex Bilbie
143a2e32f7
Client may return an array of redirect URIs
2016-04-18 12:21:42 +01:00
Alex Bilbie
8f418cff08
Added missing state parameter in redirect response
2016-04-18 12:19:54 +01:00
Alex Bilbie
fcec1f3442
Cody tidy
2016-04-18 12:19:36 +01:00
Alex Bilbie
46e7eef14e
Client could potentially return an array of redirect URIs
2016-04-18 12:12:36 +01:00
Alex Bilbie
51f44fdf17
Code tidy
2016-04-18 12:12:06 +01:00
Alex Bilbie
f8b2e80ef3
Removed unnecessary parameter usage
2016-04-18 12:10:57 +01:00
Alex Bilbie
fb8f47e868
Added $mustValidateSecret parameter to ClientRepositoryInterface:: getClientEntity(). Fixes #550
2016-04-18 08:32:49 +01:00
Alex Bilbie
78c2067698
Merge pull request #548 from thephpleague/analysis-z9mQxo
...
Applied fixes from StyleCI
2016-04-17 13:07:15 +01:00
Alex Bilbie
257318e524
Merge pull request #547 from lookyman/scope-fixes
...
Fix scope loading in grants
2016-04-17 13:06:57 +01:00
Alex Bilbie
77737e7894
Applied fixes from StyleCI
2016-04-17 08:06:17 -04:00
Alex Bilbie
f007e25070
Added copyright docblocks
2016-04-17 13:06:05 +01:00
Alex Bilbie
f6f39698d9
Renamed Server to AuthorizationServer
2016-04-17 12:54:25 +01:00
Lukáš Unger
3904767873
Fix scope loading in grants
2016-04-17 13:50:56 +02:00
Alex Bilbie
6205611a71
Removed unused methods
2016-04-17 12:42:42 +01:00
Alex Bilbie
08c356a1e1
Added ResourceServer class
2016-04-17 12:33:29 +01:00
Alex Bilbie
94a1c18fa9
Implict grant does not return return refresh tokens
2016-04-17 12:12:49 +01:00
Luca Degasperi
de635f826f
Update AbstractGrant.php
...
The hint is not necessary since it gets created by the exception with the parameter.
2016-04-11 15:59:47 +02:00
Alex Bilbie
3e8577f889
Merge pull request #536 from Bobselp/V5-WIP
...
less verbose exceptions for RefreshTokenGrant
2016-04-11 08:24:31 +01:00
ivyhjk
f7413c2f15
Update BearerTokenResponse.php
2016-04-10 19:05:32 -03:00
Bobselp
6e583fdf8a
less verbose exceptions for RefreshTokenGrant
...
For the LogicException you could also use `throw OAuthServerException::invalidRequest('refresh_token', 'Cannot decrypt the authorization code');`, to get the exact same error AuthCodeGrant-php throws if decryption of `code` fails there.
The second error hint provides information which doesn't help users of the API, although it is next to impossible to trigger this error due to the encryption.
2016-04-10 22:19:42 +02:00
Alex Bilbie
2328f59601
Applied fixes from StyleCI
2016-04-10 12:16:40 -04:00
Bobselp
eb7526ae97
finalize scopes for AuthCodeGrant
2016-04-10 18:07:18 +02:00
Bobselp
03e8eb6157
revoke an used auth code
2016-04-10 18:05:16 +02:00
Alex Bilbie
92a483b3bd
Improved tests
2016-04-10 16:14:01 +01:00
Alex Bilbie
5969082963
Fix tests and improve code coverate
2016-04-10 15:58:01 +01:00
Alex Bilbie
7c86d3b848
Merge branch 'V5-authorization-request-flow' of github.com:thephpleague/oauth2-server into V5-authorization-request-flow
2016-04-10 14:31:25 +01:00
Alex Bilbie
ba30e34511
Lazy set $accessTokenTTL
2016-04-10 14:31:05 +01:00
Alex Bilbie
e24dff2723
Fixed expires_in
2016-04-10 14:30:44 +01:00
Alex Bilbie
1512960d92
Applied fixes from StyleCI
2016-04-10 09:23:10 -04:00
Alex Bilbie
273ea0ba68
Updated implicit grant to use the new auth request flow
2016-04-10 14:22:56 +01:00
Alex Bilbie
096a4a2883
Remove unused params
2016-04-10 14:22:32 +01:00
Alex Bilbie
a0c4900ee7
Client is not required here because of finalizeScopes method
2016-04-10 13:53:16 +01:00
Alex Bilbie
c034c3b13c
Merge pull request #524 from thephpleague/analysis-qJ2LoW
...
Applied fixes from StyleCI
2016-04-10 11:56:33 +01:00
Alex Bilbie
634578997f
Merge pull request #523 from thephpleague/analysis-XajbB0
...
Applied fixes from StyleCI
2016-04-10 11:56:17 +01:00
Alex Bilbie
79aa1988d8
Removed HtmlResponse
2016-04-10 11:55:17 +01:00
Alex Bilbie
7c35985c1e
Applied fixes from StyleCI
2016-04-10 06:52:27 -04:00
Alex Bilbie
c75d0e0f0e
Removed templating code
2016-04-10 11:52:18 +01:00
Alex Bilbie
5d3516c7b4
Applied fixes from StyleCI
2016-04-10 06:48:46 -04:00
Alex Bilbie
d4fb00628e
Updated server methods
2016-04-10 11:48:32 +01:00
Alex Bilbie
4bc835c007
Updated AuthCodeGrant with new methods to validate and complete an authorization request
2016-04-10 11:48:21 +01:00
Alex Bilbie
fdb1d70874
Updated header key
2016-04-10 11:47:41 +01:00
Alex Bilbie
5410a42bb6
Fix to broken methods
2016-04-10 10:28:12 +01:00
Alex Bilbie
b7064befe4
Checkin
2016-04-10 10:07:08 +01:00
Alex Bilbie
44937f3600
Updated method calls
2016-04-09 16:22:22 +01:00
Alex Bilbie
76ea6b5a6c
Renamed grant type canRespondToRequest
to canRespondToAccessTokenRequest
2016-04-09 16:22:00 +01:00
Alex Bilbie
4689802c30
Renamed server respondToRequest
to respondToAccessTokenRequest
2016-04-09 16:20:30 +01:00
Alex Bilbie
2c2ef800d4
Applied fixes from StyleCI
2016-04-09 10:46:40 -04:00
Alex Bilbie
d8d49f742e
Removed unnecessary abstract classes
2016-04-09 15:46:30 +01:00
Alex Bilbie
b59106dc64
Added ClientTrait
2016-04-09 15:27:44 +01:00
Alex Bilbie
c6faa228fe
Updated references to interfaces
2016-04-09 15:25:45 +01:00
Alex Bilbie
4eee48ca4e
Moved entity interfaces into parent folder. Fixes #504
2016-04-09 15:25:32 +01:00
Alex Bilbie
00518dded7
Removed built-in entities, all functinality available using traits
2016-04-09 15:21:15 +01:00
Alex Bilbie
5ca2152313
Updated examples
2016-04-09 15:17:11 +01:00
Alex Bilbie
be9bd76f35
Added AccessTokenTrait
2016-04-09 15:09:13 +01:00
Alex Bilbie
198f4c4b6f
Merge branch 'token_from_repo' of https://github.com/frederikbosch/oauth2-server into frederikbosch-token_from_repo
...
# Conflicts:
# tests/Grant/AuthCodeGrantTest.php
# tests/Grant/ImplicitGrantTest.php
# tests/Grant/RefreshTokenGrantTest.php
2016-04-09 14:12:06 +01:00
Alex Bilbie
6f0a0cca4e
Merge pull request #498 from frederikbosch/client_user_id_replaced
...
Client identifier passed where user identifier is expected
2016-04-09 13:55:16 +01:00
Alex Bilbie
1ccfd9be32
Applied fixes from StyleCI
2016-04-09 08:53:29 -04:00
Alex Bilbie
a83c56f570
Comment improvement
2016-04-09 13:53:14 +01:00
Alex Bilbie
d7dd07cf18
Merge branch 'v5-fix' of https://github.com/assembledadam/oauth2-server into assembledadam-v5-fix
2016-04-09 13:51:57 +01:00
Alex Bilbie
0fed56a265
Merge branch 'V5-WIP' of https://github.com/frederikbosch/oauth2-server into frederikbosch-V5-WIP
...
# Conflicts:
# src/Entities/Interfaces/ClientEntityInterface.php
2016-04-09 13:48:53 +01:00
Alex Bilbie
39281a6f38
Merge branch 'repository_on_response' of https://github.com/juliangut/oauth2-server into juliangut-repository_on_response
...
# Conflicts:
# tests/ResponseTypes/BearerResponseTypeTest.php
2016-04-09 13:43:33 +01:00
Alex Bilbie
656a8d7a56
Merge pull request #502 from juliangut/passphrase
...
V5 - Handle RSA key passphrase
2016-04-09 13:40:28 +01:00
Alex Bilbie
6c942f25f4
Merge pull request #503 from juliangut/mac_token_interface
...
V5 - Remove unused mac token interface
2016-04-09 13:37:54 +01:00
Alex Bilbie
8274c56fc2
Allow multiple client redirect URIs. Fixes #511
2016-04-09 13:36:08 +01:00
Frederik Bosch
de8f6ff539
add getNewAccessToken getNewRefreshToken and getNewAuthCode to repositories
2016-04-04 10:37:06 +02:00
Adam McCann
8f69f4f9a9
Access denied on token expiry (or value before nbf/not before) - issue #506
2016-03-31 18:50:36 +01:00
Julián Gutiérrez
4d2ccac8ed
remove unused mac token interface
2016-03-29 09:31:34 +02:00
Julián Gutiérrez
197657f2b9
handle RSA key passphrase
2016-03-28 16:42:34 +02:00
Julián Gutiérrez
e513b42117
remove access token repository from response types
2016-03-28 12:10:51 +02:00
Frederik Bosch
b1ce1f872b
client identifier passed where user identifier is expected
2016-03-25 17:11:13 +01:00
Alex Bilbie
1c47ec51f8
Merge pull request #494 from frederikbosch/double_persis
...
prevent double persist of token when doing refresh grant
2016-03-24 17:34:47 +00:00
Frederik Bosch
fbf4388b01
prevent double persist of token when doing refresh grant
2016-03-24 17:24:17 +01:00
Alex Bilbie
b1cf6a8436
Fix for bad hint
2016-03-24 14:51:44 +00:00
Frederik Bosch
d8e1e0e00e
remove unnecessary methods from interfaces
2016-03-24 15:01:55 +01:00
Alex Bilbie
fe0ed765a5
Added setTemplateRenderer method
2016-03-24 13:56:31 +00:00
Alex Bilbie
630a92b45f
Applied fixes from StyleCI
2016-03-24 06:07:20 -04:00
Alex Bilbie
115237bc1a
Added missing return statement
2016-03-24 10:04:48 +00:00
Alex Bilbie
6383a58755
Updated scope validation
2016-03-24 10:04:15 +00:00
Alex Bilbie
267bd3c5d4
Applied fixes from StyleCI
2016-03-23 14:50:27 -04:00
Alex Bilbie
a18b8c57b2
Fix broken tests
2016-03-23 18:50:14 +00:00
Alex Bilbie
55ff59edf4
Merge branch 'V5-WIP' of github.com:thephpleague/oauth2-server into V5-WIP
2016-03-23 18:36:49 +00:00
Alex Bilbie
a49c762683
Remove injected array of scopes
2016-03-23 18:36:43 +00:00
Alex Bilbie
b5b5d9f347
Added finalizeScopes method to ScopeRepositoryInterface
2016-03-23 18:36:23 +00:00
Alex Bilbie
864a27f2c8
Applied fixes from StyleCI
2016-03-23 08:54:30 -04:00
Alex Bilbie
a698a4da7e
Added RequestEvent
2016-03-23 12:54:17 +00:00
Alex Bilbie
95cdaae17f
Removed unused method
2016-03-22 17:07:30 +00:00
Alex Bilbie
61986db5ee
Merge branch 'V5-WIP' of github.com:thephpleague/oauth2-server into V5-WIP
2016-03-22 16:29:08 +00:00
Alex Bilbie
878afeb9f9
ClientRepository implementations are now responsible for dealing with client secret
2016-03-22 16:29:04 +00:00
Alex Bilbie
945731cb39
Applied fixes from StyleCI
2016-03-22 11:11:39 -04:00
Alex Bilbie
09770dc537
Inject client into getUserEntityByUserCredentials method
2016-03-22 15:11:20 +00:00
Alex Bilbie
ca54a387c8
Merge branch 'V5-WIP' of github.com:thephpleague/oauth2-server into V5-WIP
2016-03-22 14:45:14 +00:00
Alex Bilbie
e27b13ee7d
Accept scopes as reference
2016-03-22 14:44:21 +00:00
Alex Bilbie
8685006743
Applied fixes from StyleCI
2016-03-22 10:18:21 -04:00
Alex Bilbie
400eae153b
Added grant and scopes to UserRepository getUserEntityByUserCredentials method
2016-03-22 14:18:02 +00:00
Julián Gutiérrez
4b775fe241
include CryptTrait tests, allow Server::respondToRequest trhow exceptions and fix ResposeType tests
2016-03-18 00:25:32 +01:00
Julián Gutiérrez
8196f5c832
code against interface
2016-03-17 21:33:04 +01:00
Julián Gutiérrez
890fdeba16
CryptTrait tests
2016-03-17 21:18:28 +01:00
Alex Bilbie
51a1a75d37
Applied fixes from StyleCI
2016-03-17 10:37:48 -04:00
Alex Bilbie
251190d828
Fix #468 and #473
2016-03-17 14:37:21 +00:00
Alex Bilbie
3af75729b8
Applied fixes from StyleCI
2016-03-17 07:22:59 -04:00
Alex Bilbie
7b8d9c9af3
Added missing RendererInterface
2016-03-17 11:22:04 +00:00
Alex Bilbie
15b6506644
No need to use Zend\Diactoros\Stream
2016-03-17 11:21:53 +00:00
Alex Bilbie
bd12c8b1a9
Fix exception usage
2016-03-17 11:18:59 +00:00
Alex Bilbie
c3c49c83f9
Merge pull request #472 from juliangut/templating
...
V5 - Template renderer holds template related information
2016-03-17 10:49:14 +01:00
Alex Bilbie
2f459b6470
Merge pull request #470 from juliangut/clarify
...
V5 - Clarify names and return types
2016-03-16 17:35:39 +01:00
Julián Gutiérrez
ee91072455
template renderer holds template related information
2016-03-16 12:32:21 +01:00
Alex Bilbie
d635b3484b
Fix broken code
2016-03-15 21:30:18 +00:00
Alex Bilbie
3365f3d733
Moved client secret validation to abstract grant. Fixes #460
2016-03-15 21:30:13 +00:00
Alex Bilbie
c7a5a57304
Added getSecret method to ClientEntityInterface
2016-03-15 21:29:35 +00:00
Julián Gutiérrez
ae0edc40aa
clarify names and return types
2016-03-15 22:25:28 +01:00
Alex Bilbie
7159352108
Applied fixes from StyleCI
2016-03-15 17:21:21 -04:00
Alex Bilbie
a70bc2360a
Merge branch 'V5-WIP' of github.com:thephpleague/oauth2-server into V5-WIP
2016-03-15 21:21:08 +00:00
Alex Bilbie
472ec68bbe
Removed validateAccessToken from abstract response type
2016-03-15 21:20:59 +00:00
Alex Bilbie
e946c1e106
Remove old MAC output type
2016-03-15 21:20:46 +00:00
Julián Gutiérrez
66e473b1f0
clean use statment
2016-03-15 20:57:32 +01:00
Julián Gutiérrez
91c8daeb99
normalize repositories visibility
2016-03-15 20:54:59 +01:00
Julián Gutiérrez
9e04da01de
unused use statements
2016-03-15 01:18:54 +01:00
Julián Gutiérrez
592f60de70
allways extract scopes from repository
2016-03-15 01:10:47 +01:00
Alex Bilbie
5ae9827d67
Merge pull request #461 from juliangut/extract_scopes
...
V5 - scopes extraction from querystring on auth_code and implicit grants
2016-03-14 12:36:17 +01:00
Julián Gutiérrez
9b665f494f
convert JWT to string for http_build_query
2016-03-14 01:00:06 +01:00
Julián Gutiérrez
ced63e2051
allow scopes extraction on GET requests for auth_code and implicit grants
2016-03-14 00:12:14 +01:00
Julián Gutiérrez
a0402f1994
throw exception instead of return Response
2016-03-11 00:01:19 +01:00
Alex Bilbie
4ab9c52767
Merge pull request #448 from juliangut/validate_authenticated_request
...
V5 - rename validateRequest
2016-03-10 17:47:28 +00:00
Alex Bilbie
2b2d4a3df7
Merge pull request #444 from juliangut/secure_body_params_access
...
V5 - Secure access to body params
2016-03-10 17:47:20 +00:00
Alex Bilbie
4c55b6879d
Merge pull request #457 from juliangut/renderer
...
V5 - Allow different template engines
2016-03-10 17:43:20 +00:00
Alex Bilbie
edf0ee8622
Removed unused code
2016-03-10 17:34:25 +00:00
Alex Bilbie
3b4a8cf5f3
Added code coverage ignore comments
2016-03-10 17:22:10 +00:00
Alex Bilbie
5074ad9a6c
Fixed request attribute
2016-03-10 15:50:04 +00:00
Alex Bilbie
01517bb57a
Added missing namespace
2016-03-10 15:09:56 +00:00
Julián Gutiérrez
320d9e65d5
StyleCI always watching upon us
2016-03-09 12:44:47 +01:00
Julián Gutiérrez
1218cede79
allow different template engines
2016-03-09 12:32:01 +01:00
Julián Gutiérrez
1bdeb71efb
make StyleCI happy
2016-03-08 21:59:10 +01:00
Julián Gutiérrez
1632b80631
Merge branch 'V5-WIP' into secure_body_params_access
2016-03-08 21:57:43 +01:00
Alex Bilbie
997d390f3d
Applied fixes from StyleCI
2016-02-22 03:00:50 -05:00
Alex Bilbie
e2794c47af
First commit of the implicit grant
2016-02-22 07:59:17 +00:00
Alex Bilbie
0d0aaa8764
Use the new access token covertToJWT method
2016-02-22 07:58:59 +00:00
Alex Bilbie
ad270f7d9d
Redirect either with query string parameters or fragment parameters
2016-02-22 07:58:44 +00:00
Alex Bilbie
a1bdaae9a9
Access token can now return a JWT from itself
2016-02-22 07:58:25 +00:00
Alex Bilbie
e08669d50c
Doc improvements
2016-02-22 07:58:12 +00:00
Alex Bilbie
d02437dd73
Improved testing
2016-02-21 18:13:39 +00:00
Alex Bilbie
eedcfe115c
Bug fixes
2016-02-21 17:09:12 +00:00
Alex Bilbie
2488cbd55d
Bug fixes
2016-02-21 17:08:49 +00:00
Alex Bilbie
7f539f8736
Removed unused exception parameters
2016-02-21 16:40:01 +00:00
Alex Bilbie
d0878300d0
Bug fix for AuthCodeGrant
2016-02-21 14:32:16 +00:00
Alex Bilbie
97c138bb0b
Removed unused SecureKey class
2016-02-20 10:05:15 +00:00
Alex Bilbie
a2460886f6
Applied fixes from StyleCI
2016-02-19 18:09:39 -05:00
Julián Gutiérrez
a644eacea7
Merge branch 'V5-WIP' into move_identifier_generation
2016-02-18 18:14:59 +01:00
Alex Bilbie
e8a01c3bcd
Fix for logic
2016-02-18 12:07:36 +00:00
Alex Bilbie
064eb85f4e
AbstractGrant now handles persisting tokens
2016-02-18 12:07:23 +00:00
Alex Bilbie
704e114568
Updated AuthCodeGrant
2016-02-18 10:49:39 +00:00
Alex Bilbie
3b36ae9000
Rewrote validateClient method to progressively test client secret and redirect URI
2016-02-18 10:49:05 +00:00
Alex Bilbie
7f67000d53
Provided implementation of new client entity methods
2016-02-18 10:48:23 +00:00
Alex Bilbie
de000b72a4
Updated ClientEntityInterface with additional methods
2016-02-18 10:48:12 +00:00
Alex Bilbie
0d8cb0d06f
Fixes for RefreshTokenGrant
2016-02-18 10:47:30 +00:00
Alex Bilbie
fc53d636f5
Updated getClientEntity now just requires the client ID and the grant type
2016-02-18 10:47:06 +00:00
Julián Gutiérrez
dbcaaa1f35
rename determineAccessTokenInHeader
2016-02-13 14:38:23 +01:00
Julián Gutiérrez
5d6634aa9f
Merge branch 'V5-WIP' into move_identifier_generation
2016-02-13 14:11:38 +01:00
Julián Gutiérrez
099c9ce41b
move token identifier generation
2016-02-13 14:07:09 +01:00
Alex Bilbie
335630f150
Added code coverage ignore docblocks
2016-02-12 18:08:27 +00:00
Alex Bilbie
e20c529f39
Added isExpired method to refresh token
2016-02-12 17:53:42 +00:00
Alex Bilbie
7f2fd69d0a
Removed respondsWith from interface
2016-02-12 17:52:37 +00:00
Alex Bilbie
29068dd84c
Removed responseWith method
2016-02-12 17:51:59 +00:00
Alex Bilbie
9a8b7ec898
Removed old codecept tests
2016-02-12 17:46:30 +00:00
Julián Gutiérrez
1f6bb40952
correcting param access mistake
2016-02-12 18:45:47 +01:00
Julián Gutiérrez
2f914a0aa3
secure params access on authcode grant
2016-02-12 18:32:09 +01:00
Julián Gutiérrez
95e3c1d1a2
Merge branch 'V5-WIP' into secure_body_params_access
2016-02-12 17:10:52 +01:00
Alex Bilbie
655f6b9771
Merge pull request #445 from juliangut/abstract_token_validation
...
V5 - Abstract access token validation
2016-02-12 14:31:18 +00:00
Alex Bilbie
d95958bae4
Small fixes
2016-02-12 14:28:24 +00:00
Alex Bilbie
85b9412813
Multiple fixes
2016-02-12 14:18:52 +00:00
Alex Bilbie
1a5030200a
The response may be a PSR response which is valid
2016-02-12 14:18:45 +00:00
Alex Bilbie
796106b6c1
Fix for non-imported namespace
2016-02-12 14:18:34 +00:00
Alex Bilbie
4234b69f3a
Fix for method calls
2016-02-12 14:18:10 +00:00
Alex Bilbie
0115c41eea
Numerous bug fixes
2016-02-12 13:32:58 +00:00
Julián Gutiérrez
f314154216
abstract access token validation
2016-02-12 14:19:47 +01:00
Alex Bilbie
5e326d9e45
First commit of respondToAccessTokenRequest
2016-02-12 13:01:25 +00:00
Julián Gutiérrez
d2760e4ec7
secure access to body params
2016-02-12 13:56:14 +01:00
Alex Bilbie
2025749fa4
Updated respondToAuthorizationRequest
to use Plates templates instead of custom ResponseType
2016-02-12 11:55:41 +00:00
Alex Bilbie
1c913fe75e
Added default basic HTML login + authorise templates
2016-02-12 11:32:09 +00:00
Alex Bilbie
ac9955b393
Removed response type interfaces for auth code login + authorize because they were a stupid idea
2016-02-12 11:30:59 +00:00
Alex Bilbie
fccb06ed67
First commit of updated AuthCodeGrant with respondToAuthorizationRequest method completed
2016-02-12 10:01:15 +00:00
Alex Bilbie
f29703ea24
Updated Docblock
2016-02-12 10:00:41 +00:00
Alex Bilbie
dcc3f5d856
First commit of new ResponseTypes
2016-02-12 10:00:32 +00:00
Alex Bilbie
264eba9f20
Updated AuthCodeRepositoryInterface
2016-02-12 10:00:22 +00:00
Alex Bilbie
c2c199cf98
Added issueAuthCode method
2016-02-12 10:00:10 +00:00
Alex Bilbie
0b6bcad9fb
Added getCookieParameter method
2016-02-12 09:59:59 +00:00
Alex Bilbie
38a7e53cb5
Added optional redirectUri parameter to accessDenied method
2016-02-12 09:59:47 +00:00
Alex Bilbie
f4b83baf74
Fix getClientEntity method call
2016-02-12 09:09:39 +00:00
Alex Bilbie
5a08a0cbe2
Merge branch 'V5-WIP' into V5-AuthCode
...
# Conflicts:
# src/Grant/AbstractGrant.php
2016-02-12 09:06:28 +00:00
Alex Bilbie
7a628409db
Validate client can now optionally validate secret + redirectUri, and actually validate the redirectUri
2016-02-12 09:03:35 +00:00
Alex Bilbie
c6d806d3f7
Docblock updates
2016-02-12 09:02:33 +00:00
Alex Bilbie
bfcf7af4d8
Added getQueryStringParameter method
2016-02-12 09:02:17 +00:00
Alex Bilbie
d96f57d27f
Got rid of mystery $identifier class property, moved it to the getIdentifier method
2016-02-12 08:33:59 +00:00
Julián Gutiérrez
8b185e0580
Merge branch 'V5-WIP' into minor_merge
2016-02-12 00:12:56 +01:00
Alex Bilbie
ca776e83a2
Fix for header writing
2016-02-11 17:58:35 +00:00
Alex Bilbie
ddf3f1b890
Merge branch 'V5-WIP' into V5-AuthCode
2016-02-11 17:50:08 +00:00
Alex Bilbie
a40ac5d77b
Minor fixes
2016-02-11 17:49:41 +00:00
Alex Bilbie
4bc89f3fc2
Removed unused import
2016-02-11 17:49:31 +00:00
Alex Bilbie
11d25eb5a1
Removed old exceptions
2016-02-11 17:49:24 +00:00
Alex Bilbie
770bda8f10
Merge pull request #431 from juliangut/redirectUri
...
V5 - use Psr\Http\Message\UriInterface
2016-02-11 17:35:33 +00:00
Alex Bilbie
7a8c92b3d9
Merge pull request #435 from juliangut/exception_middleware
...
V5 - Exception based access token check
2016-02-11 17:34:31 +00:00
Alex Bilbie
92a101f263
First commit of AuthCode rewrite
2016-02-11 17:30:01 +00:00
Julián Gutiérrez
b85f81c429
configurable refresh token TTL per grant
2016-01-21 18:11:53 +01:00
Julián Gutiérrez
8fb64041df
client secret can be null
2016-01-20 12:50:23 +01:00
Julián Gutiérrez
44155a8efc
allow refresh token ttl assign
2016-01-20 12:21:44 +01:00
Julián Gutiérrez
b7b1f56d0c
stream write fix
2016-01-20 10:58:45 +01:00
Julián Gutiérrez
3e5889e93b
minor improvements and documentation fixes
2016-01-20 10:36:16 +01:00
Julián Gutiérrez
ef5904ab1a
exception based determineAccessTokenInHeader
2016-01-20 00:32:59 +01:00
Julián Gutiérrez
94cc7c2bc7
fix server reference
2016-01-20 00:16:12 +01:00
Alex Bilbie
1e1043c04f
Merge pull request #432 from juliangut/middleware
...
V5 - authentication middleware
2016-01-17 19:33:38 +00:00
Julián Gutiérrez
8591fc7686
moved to authentication middleware
2016-01-17 18:40:26 +01:00
Alex Bilbie
86b75edca0
Merge pull request #430 from juliangut/scopedelimiter
...
V5 - remove scopedelimiter parameter
2016-01-17 16:40:55 +00:00
Alex Bilbie
13ddec3283
Fix for PasswordGrant
2016-01-17 16:38:25 +00:00
Alex Bilbie
322caa77af
Fixes for RefreshTokenGrant
2016-01-17 16:35:52 +00:00
Julián Gutiérrez
95634fb390
compound redirect uri with Psr\Http\Message\UriInterface
2016-01-17 17:28:27 +01:00
Alex Bilbie
6beb8d42ff
Replaced SecureKey::generate with random_bytes method
2016-01-17 16:16:01 +00:00
Julián Gutiérrez
6cffbfe33b
remove scopedelimiter parameter
2016-01-17 17:01:08 +01:00
Alex Bilbie
5fcb47d66a
Merge pull request #425 from juliangut/scopes_extraction
...
V5 - normalize validatescopes
2016-01-17 14:59:37 +00:00
Alex Bilbie
8566a128c8
Pass errors back up the chain
2016-01-17 14:56:42 +00:00
Alex Bilbie
419cb6d149
Use first array result
2016-01-17 14:56:35 +00:00
Alex Bilbie
f1d06e7c33
Use the error returned from the response type
2016-01-17 14:56:06 +00:00
Alex Bilbie
212938d1e2
Fixed call to static
2016-01-17 14:55:48 +00:00
Alex Bilbie
cd19f11799
Fixed conversion to response object
2016-01-17 14:55:36 +00:00
Julián Gutiérrez
4862ca7d60
fix conflicts
2016-01-17 15:49:55 +01:00
Alex Bilbie
660378c7b3
Added MAC auth scheme to 401 header
2016-01-17 14:28:13 +00:00
Alex Bilbie
3d08051cbb
Removed default wording as there is no override
2016-01-17 14:23:18 +00:00
Alex Bilbie
0486d93fa3
Removed default wording as there are no overrides
2016-01-17 14:23:02 +00:00
Alex Bilbie
5a8659471c
Public key is set in abstract grant now
2016-01-17 14:21:53 +00:00
Alex Bilbie
f6664c6917
Private and public key paths are injected into grants now
2016-01-17 14:21:35 +00:00
Alex Bilbie
5f22ead287
Updated access denied hint
2016-01-17 14:11:21 +00:00
Alex Bilbie
19b12cda8e
Made getDefaultResponseType public
2016-01-17 14:08:53 +00:00
Alex Bilbie
6c787c374c
First commit of ResourceServerMiddleware
2016-01-17 14:08:42 +00:00
Alex Bilbie
cd68103267
New server constructor
2016-01-17 14:03:41 +00:00
Alex Bilbie
6332ecfa0b
Removed default overrides
2016-01-17 14:03:33 +00:00
Alex Bilbie
e43d95415b
Inject required params into grant type
2016-01-17 14:03:07 +00:00
Alex Bilbie
d755a8c01d
Updated the validation to BearerTokenResponse
2016-01-17 13:57:07 +00:00
Alex Bilbie
c7a904ca40
Added access token repository and public key path as required params to response type constructor
2016-01-17 13:56:46 +00:00
Alex Bilbie
8ee4dc7eb9
Fixed docblock
2016-01-17 13:56:14 +00:00
Alex Bilbie
645f719ee9
Added new repository setter methods to GrantTypeInterface
2016-01-17 13:55:12 +00:00
Alex Bilbie
0cc13630cc
Cody tidy
2016-01-17 13:54:55 +00:00
Alex Bilbie
e21a13c82c
Access token TTL is now configured on a per grant basis
2016-01-17 13:54:39 +00:00
Alex Bilbie
a4ce1e510e
Scope delimiter string is no longer configurable
2016-01-17 13:53:18 +00:00
Alex Bilbie
ad05a5cae6
Scope delimiter is no longer a required parameter
2016-01-17 13:51:56 +00:00
Alex Bilbie
e6cc6c35ec
Scope delimiter string is now a constant
2016-01-17 13:49:53 +00:00
Alex Bilbie
f74bca33ab
Removed parameters that are no longer required
2016-01-17 13:48:40 +00:00
Alex Bilbie
90d9d7bdd6
Required repositories are now set by the server
2016-01-17 13:47:44 +00:00
Julián Gutiérrez
8d8dbaea0c
normalize validatescopes
2016-01-17 14:35:43 +01:00
Alex Bilbie
03391e9630
Removed old access denied exception
2016-01-17 12:58:15 +00:00
Alex Bilbie
7242a8db31
Added access denied exception
2016-01-17 12:58:00 +00:00
Alex Bilbie
f44b618531
Docblock tidy
2016-01-17 12:57:50 +00:00
Alex Bilbie
9e4fd82763
Rewrote RefreshTokenGrant to understand encrypted tokens
2016-01-17 12:56:52 +00:00
Alex Bilbie
0744d8e926
Tidy up
2016-01-17 12:43:20 +00:00
Julián Gutiérrez
44ff8692dc
abstract common grants tasks
2016-01-17 00:41:55 +01:00
Alex Bilbie
dce1620f60
Removed unused imports
2016-01-15 18:37:46 +00:00
Alex Bilbie
bcd84320da
Updated docblocks
2016-01-15 18:37:26 +00:00
Alex Bilbie
a40374e6ec
Merge branch 'V5-WIP' of github.com:thephpleague/oauth2-server into V5-WIP
2016-01-15 18:36:38 +00:00
Alex Bilbie
748ae15376
Updated docblock
2016-01-15 18:36:34 +00:00
Alex Bilbie
7811721d28
Merge pull request #421 from juliangut/deferred_creation
...
V5 - deferred default objects creation
2016-01-15 18:35:49 +00:00
Alex Bilbie
8f724bb720
Fix immutability issues
2016-01-15 18:32:53 +00:00
Julián Gutiérrez
65d981ad32
allow middleware use
2016-01-15 14:02:47 +01:00
Julián Gutiérrez
3de1b5917a
deferred default objects creation
2016-01-15 12:41:48 +01:00
Alex Bilbie
0fbe447862
Removed old exceptions
2016-01-15 00:17:13 +00:00
Alex Bilbie
84a9802a67
Removed ServerAwareTrait
2016-01-15 00:14:41 +00:00
Alex Bilbie
f7b3c018c5
Removed old authorization server
2016-01-15 00:05:59 +00:00
Alex Bilbie
a88c30cb53
Added invalid refresh token exception
2016-01-14 23:47:49 +00:00
Alex Bilbie
5e6f0fc6a3
Code tidy
2016-01-14 23:47:41 +00:00
Alex Bilbie
b57b497cb7
Revoke both refresh token and access token
2016-01-14 23:47:19 +00:00
Alex Bilbie
0b061e3086
Refresh token is encrypted payload now instead of JWT
2016-01-14 23:47:06 +00:00
Alex Bilbie
304ea2baf4
Encrypt refresh token parameters instead of using JWT
2016-01-14 23:46:24 +00:00
Alex Bilbie
56060b2c16
Code tidy
2016-01-14 23:45:36 +00:00
Alex Bilbie
633746b02e
Added KeyCrypt class
2016-01-14 23:44:39 +00:00
Alex Bilbie
936b8f93ec
Addititonal refresh token validation
2016-01-13 00:38:23 +00:00
Alex Bilbie
c1d15aa15c
Uset sub instead of uid
2016-01-13 00:38:08 +00:00
Alex Bilbie
79791e5848
Code tidy
2016-01-13 00:13:34 +00:00
Alex Bilbie
0efa7cd7ea
Set the uid on the refresh token
2016-01-13 00:13:16 +00:00
Alex Bilbie
eef5cf39d4
Fixes to refresh grant
2016-01-13 00:12:10 +00:00
Alex Bilbie
6fb3fb5110
Updated refresh token grant
2016-01-12 23:53:03 +00:00
Alex Bilbie
a2bbb17483
Updated repository method names
2016-01-12 23:52:08 +00:00
Alex Bilbie
3135f1796e
Generate a refresh token in password grant
2016-01-12 23:05:19 +00:00
Alex Bilbie
d565665ccb
Code tidy
2016-01-12 23:05:07 +00:00
Alex Bilbie
13a1ea6db8
Updated token interface to drop owner concept for simple user identifier
2016-01-12 23:04:33 +00:00
Alex Bilbie
6358be90c2
Token is now linked to a user identifier instead of owner concept
2016-01-12 23:04:03 +00:00
Alex Bilbie
de89a6bc89
Code tidy
2016-01-12 23:03:38 +00:00
Alex Bilbie
e03ad0d52f
Server constructor expects path to private key
2016-01-12 23:03:24 +00:00
Alex Bilbie
2a20de991b
Docblock update
2016-01-12 23:02:54 +00:00
Alex Bilbie
b8732a2f83
BearerTokenResponse now outputs JWTs. Fixes #209
2016-01-12 23:02:45 +00:00
Alex Bilbie
1bdad3ad14
Updated AbstractResponseType with interface methods
2016-01-12 23:01:55 +00:00