Commit Graph

1279 Commits

Author SHA1 Message Date
Alex Bilbie
8e8aed1a50 Implemented RFC7636. Fixes #574 2016-05-06 15:23:16 +01:00
İsmail BASKIN
7285ede563
Include redirect_uri check on authorization endpoint 2016-05-04 13:34:37 +03:00
Alex Bilbie
db055f790d Revert "Remove redundant parameters in example" #553
This reverts commit 9a93dca05c.
2016-05-04 09:10:05 +01:00
Alex Bilbie
cf63403585 Merge branch 'master' of github.com:thephpleague/oauth2-server 2016-05-04 08:56:04 +01:00
Alex Bilbie
cdf43e498e Use constant for event name instead of explicit string. Fixes #563 2016-05-04 08:55:57 +01:00
Alex Bilbie
a12fc98b0d Merge pull request #569 from ismailbaskin/patch-2
Correct wrong phpdoc
2016-05-04 08:45:58 +01:00
Lee
0bb968f413 Fixed typo in exception string 2016-05-04 15:13:48 +08:00
ismail BASKIN
88b19ad2d0 Correct wrong phpdoc 2016-05-04 00:54:36 +03:00
ismail BASKIN
72cd9a62e1 Remove unused request property 2016-04-30 05:08:28 +03:00
Alex Bilbie
acf262f879 Merge pull request #553 from markinjapan/patch-1
Remove redundant parameters in getNewToken()
2016-04-27 20:58:29 +01:00
Alex Bilbie
5241309bdb Fixes #560 2016-04-27 20:53:12 +01:00
Mark
a6b7a5cedc Remove use of redundant parameters 2016-04-20 16:52:36 +09:00
Mark
78b6bddc4d Remove redundant parameters 2016-04-20 16:29:37 +09:00
Alex Bilbie
7bfd5b7d0d Added abstract methods for required methods 2016-04-18 12:22:15 +01:00
Alex Bilbie
143a2e32f7 Client may return an array of redirect URIs 2016-04-18 12:21:42 +01:00
Alex Bilbie
8f418cff08 Added missing state parameter in redirect response 2016-04-18 12:19:54 +01:00
Alex Bilbie
fcec1f3442 Cody tidy 2016-04-18 12:19:36 +01:00
Alex Bilbie
46e7eef14e Client could potentially return an array of redirect URIs 2016-04-18 12:12:36 +01:00
Alex Bilbie
51f44fdf17 Code tidy 2016-04-18 12:12:06 +01:00
Alex Bilbie
f8b2e80ef3 Removed unnecessary parameter usage 2016-04-18 12:10:57 +01:00
Alex Bilbie
fb8f47e868 Added $mustValidateSecret parameter to ClientRepositoryInterface:: getClientEntity(). Fixes #550 2016-04-18 08:32:49 +01:00
Alex Bilbie
78c2067698 Merge pull request #548 from thephpleague/analysis-z9mQxo
Applied fixes from StyleCI
2016-04-17 13:07:15 +01:00
Alex Bilbie
257318e524 Merge pull request #547 from lookyman/scope-fixes
Fix scope loading in grants
2016-04-17 13:06:57 +01:00
Alex Bilbie
77737e7894 Applied fixes from StyleCI 2016-04-17 08:06:17 -04:00
Alex Bilbie
f007e25070 Added copyright docblocks 2016-04-17 13:06:05 +01:00
Alex Bilbie
f6f39698d9 Renamed Server to AuthorizationServer 2016-04-17 12:54:25 +01:00
Lukáš Unger
3904767873 Fix scope loading in grants 2016-04-17 13:50:56 +02:00
Alex Bilbie
6205611a71 Removed unused methods 2016-04-17 12:42:42 +01:00
Alex Bilbie
08c356a1e1 Added ResourceServer class 2016-04-17 12:33:29 +01:00
Alex Bilbie
94a1c18fa9 Implict grant does not return return refresh tokens 2016-04-17 12:12:49 +01:00
Luca Degasperi
de635f826f Update AbstractGrant.php
The hint is not necessary since it gets created by the exception with the parameter.
2016-04-11 15:59:47 +02:00
Alex Bilbie
3e8577f889 Merge pull request #536 from Bobselp/V5-WIP
less verbose exceptions for RefreshTokenGrant
2016-04-11 08:24:31 +01:00
ivyhjk
f7413c2f15 Update BearerTokenResponse.php 2016-04-10 19:05:32 -03:00
Bobselp
6e583fdf8a less verbose exceptions for RefreshTokenGrant
For the LogicException you could also use `throw OAuthServerException::invalidRequest('refresh_token', 'Cannot decrypt the authorization code');`, to get the exact same error AuthCodeGrant-php throws if decryption of `code` fails there.
The second error hint provides information which doesn't help users of the API, although it is next to impossible to trigger this error due to the encryption.
2016-04-10 22:19:42 +02:00
Alex Bilbie
2328f59601 Applied fixes from StyleCI 2016-04-10 12:16:40 -04:00
Bobselp
eb7526ae97 finalize scopes for AuthCodeGrant 2016-04-10 18:07:18 +02:00
Bobselp
03e8eb6157 revoke an used auth code 2016-04-10 18:05:16 +02:00
Alex Bilbie
92a483b3bd Improved tests 2016-04-10 16:14:01 +01:00
Alex Bilbie
5969082963 Fix tests and improve code coverate 2016-04-10 15:58:01 +01:00
Alex Bilbie
7c86d3b848 Merge branch 'V5-authorization-request-flow' of github.com:thephpleague/oauth2-server into V5-authorization-request-flow 2016-04-10 14:31:25 +01:00
Alex Bilbie
ba30e34511 Lazy set $accessTokenTTL 2016-04-10 14:31:05 +01:00
Alex Bilbie
e24dff2723 Fixed expires_in 2016-04-10 14:30:44 +01:00
Alex Bilbie
1512960d92 Applied fixes from StyleCI 2016-04-10 09:23:10 -04:00
Alex Bilbie
273ea0ba68 Updated implicit grant to use the new auth request flow 2016-04-10 14:22:56 +01:00
Alex Bilbie
096a4a2883 Remove unused params 2016-04-10 14:22:32 +01:00
Alex Bilbie
a0c4900ee7 Client is not required here because of finalizeScopes method 2016-04-10 13:53:16 +01:00
Alex Bilbie
c034c3b13c Merge pull request #524 from thephpleague/analysis-qJ2LoW
Applied fixes from StyleCI
2016-04-10 11:56:33 +01:00
Alex Bilbie
634578997f Merge pull request #523 from thephpleague/analysis-XajbB0
Applied fixes from StyleCI
2016-04-10 11:56:17 +01:00
Alex Bilbie
79aa1988d8 Removed HtmlResponse 2016-04-10 11:55:17 +01:00
Alex Bilbie
7c35985c1e Applied fixes from StyleCI 2016-04-10 06:52:27 -04:00
Alex Bilbie
c75d0e0f0e Removed templating code 2016-04-10 11:52:18 +01:00
Alex Bilbie
5d3516c7b4 Applied fixes from StyleCI 2016-04-10 06:48:46 -04:00
Alex Bilbie
d4fb00628e Updated server methods 2016-04-10 11:48:32 +01:00
Alex Bilbie
4bc835c007 Updated AuthCodeGrant with new methods to validate and complete an authorization request 2016-04-10 11:48:21 +01:00
Alex Bilbie
fdb1d70874 Updated header key 2016-04-10 11:47:41 +01:00
Alex Bilbie
5410a42bb6 Fix to broken methods 2016-04-10 10:28:12 +01:00
Alex Bilbie
b7064befe4 Checkin 2016-04-10 10:07:08 +01:00
Alex Bilbie
44937f3600 Updated method calls 2016-04-09 16:22:22 +01:00
Alex Bilbie
76ea6b5a6c Renamed grant type canRespondToRequest to canRespondToAccessTokenRequest 2016-04-09 16:22:00 +01:00
Alex Bilbie
4689802c30 Renamed server respondToRequest to respondToAccessTokenRequest 2016-04-09 16:20:30 +01:00
Alex Bilbie
2c2ef800d4 Applied fixes from StyleCI 2016-04-09 10:46:40 -04:00
Alex Bilbie
d8d49f742e Removed unnecessary abstract classes 2016-04-09 15:46:30 +01:00
Alex Bilbie
b59106dc64 Added ClientTrait 2016-04-09 15:27:44 +01:00
Alex Bilbie
c6faa228fe Updated references to interfaces 2016-04-09 15:25:45 +01:00
Alex Bilbie
4eee48ca4e Moved entity interfaces into parent folder. Fixes #504 2016-04-09 15:25:32 +01:00
Alex Bilbie
00518dded7 Removed built-in entities, all functinality available using traits 2016-04-09 15:21:15 +01:00
Alex Bilbie
5ca2152313 Updated examples 2016-04-09 15:17:11 +01:00
Alex Bilbie
be9bd76f35 Added AccessTokenTrait 2016-04-09 15:09:13 +01:00
Alex Bilbie
198f4c4b6f Merge branch 'token_from_repo' of https://github.com/frederikbosch/oauth2-server into frederikbosch-token_from_repo
# Conflicts:
#	tests/Grant/AuthCodeGrantTest.php
#	tests/Grant/ImplicitGrantTest.php
#	tests/Grant/RefreshTokenGrantTest.php
2016-04-09 14:12:06 +01:00
Alex Bilbie
6f0a0cca4e Merge pull request #498 from frederikbosch/client_user_id_replaced
Client identifier passed where user identifier is expected
2016-04-09 13:55:16 +01:00
Alex Bilbie
1ccfd9be32 Applied fixes from StyleCI 2016-04-09 08:53:29 -04:00
Alex Bilbie
a83c56f570 Comment improvement 2016-04-09 13:53:14 +01:00
Alex Bilbie
d7dd07cf18 Merge branch 'v5-fix' of https://github.com/assembledadam/oauth2-server into assembledadam-v5-fix 2016-04-09 13:51:57 +01:00
Alex Bilbie
0fed56a265 Merge branch 'V5-WIP' of https://github.com/frederikbosch/oauth2-server into frederikbosch-V5-WIP
# Conflicts:
#	src/Entities/Interfaces/ClientEntityInterface.php
2016-04-09 13:48:53 +01:00
Alex Bilbie
39281a6f38 Merge branch 'repository_on_response' of https://github.com/juliangut/oauth2-server into juliangut-repository_on_response
# Conflicts:
#	tests/ResponseTypes/BearerResponseTypeTest.php
2016-04-09 13:43:33 +01:00
Alex Bilbie
656a8d7a56 Merge pull request #502 from juliangut/passphrase
V5 - Handle RSA key passphrase
2016-04-09 13:40:28 +01:00
Alex Bilbie
6c942f25f4 Merge pull request #503 from juliangut/mac_token_interface
V5 - Remove unused mac token interface
2016-04-09 13:37:54 +01:00
Alex Bilbie
8274c56fc2 Allow multiple client redirect URIs. Fixes #511 2016-04-09 13:36:08 +01:00
Frederik Bosch
de8f6ff539 add getNewAccessToken getNewRefreshToken and getNewAuthCode to repositories 2016-04-04 10:37:06 +02:00
Adam McCann
8f69f4f9a9 Access denied on token expiry (or value before nbf/not before) - issue #506 2016-03-31 18:50:36 +01:00
Julián Gutiérrez
4d2ccac8ed remove unused mac token interface 2016-03-29 09:31:34 +02:00
Julián Gutiérrez
197657f2b9 handle RSA key passphrase 2016-03-28 16:42:34 +02:00
Julián Gutiérrez
e513b42117 remove access token repository from response types 2016-03-28 12:10:51 +02:00
Frederik Bosch
b1ce1f872b client identifier passed where user identifier is expected 2016-03-25 17:11:13 +01:00
Alex Bilbie
1c47ec51f8 Merge pull request #494 from frederikbosch/double_persis
prevent double persist of token when doing refresh grant
2016-03-24 17:34:47 +00:00
Frederik Bosch
fbf4388b01 prevent double persist of token when doing refresh grant 2016-03-24 17:24:17 +01:00
Alex Bilbie
b1cf6a8436 Fix for bad hint 2016-03-24 14:51:44 +00:00
Frederik Bosch
d8e1e0e00e remove unnecessary methods from interfaces 2016-03-24 15:01:55 +01:00
Alex Bilbie
fe0ed765a5 Added setTemplateRenderer method 2016-03-24 13:56:31 +00:00
Alex Bilbie
630a92b45f Applied fixes from StyleCI 2016-03-24 06:07:20 -04:00
Alex Bilbie
115237bc1a Added missing return statement 2016-03-24 10:04:48 +00:00
Alex Bilbie
6383a58755 Updated scope validation 2016-03-24 10:04:15 +00:00
Alex Bilbie
267bd3c5d4 Applied fixes from StyleCI 2016-03-23 14:50:27 -04:00
Alex Bilbie
a18b8c57b2 Fix broken tests 2016-03-23 18:50:14 +00:00
Alex Bilbie
55ff59edf4 Merge branch 'V5-WIP' of github.com:thephpleague/oauth2-server into V5-WIP 2016-03-23 18:36:49 +00:00
Alex Bilbie
a49c762683 Remove injected array of scopes 2016-03-23 18:36:43 +00:00
Alex Bilbie
b5b5d9f347 Added finalizeScopes method to ScopeRepositoryInterface 2016-03-23 18:36:23 +00:00
Alex Bilbie
864a27f2c8 Applied fixes from StyleCI 2016-03-23 08:54:30 -04:00
Alex Bilbie
a698a4da7e Added RequestEvent 2016-03-23 12:54:17 +00:00
Alex Bilbie
95cdaae17f Removed unused method 2016-03-22 17:07:30 +00:00
Alex Bilbie
61986db5ee Merge branch 'V5-WIP' of github.com:thephpleague/oauth2-server into V5-WIP 2016-03-22 16:29:08 +00:00
Alex Bilbie
878afeb9f9 ClientRepository implementations are now responsible for dealing with client secret 2016-03-22 16:29:04 +00:00
Alex Bilbie
945731cb39 Applied fixes from StyleCI 2016-03-22 11:11:39 -04:00
Alex Bilbie
09770dc537 Inject client into getUserEntityByUserCredentials method 2016-03-22 15:11:20 +00:00
Alex Bilbie
ca54a387c8 Merge branch 'V5-WIP' of github.com:thephpleague/oauth2-server into V5-WIP 2016-03-22 14:45:14 +00:00
Alex Bilbie
e27b13ee7d Accept scopes as reference 2016-03-22 14:44:21 +00:00
Alex Bilbie
8685006743 Applied fixes from StyleCI 2016-03-22 10:18:21 -04:00
Alex Bilbie
400eae153b Added grant and scopes to UserRepository getUserEntityByUserCredentials method 2016-03-22 14:18:02 +00:00
Julián Gutiérrez
4b775fe241 include CryptTrait tests, allow Server::respondToRequest trhow exceptions and fix ResposeType tests 2016-03-18 00:25:32 +01:00
Julián Gutiérrez
8196f5c832 code against interface 2016-03-17 21:33:04 +01:00
Julián Gutiérrez
890fdeba16 CryptTrait tests 2016-03-17 21:18:28 +01:00
Alex Bilbie
51a1a75d37 Applied fixes from StyleCI 2016-03-17 10:37:48 -04:00
Alex Bilbie
251190d828 Fix #468 and #473 2016-03-17 14:37:21 +00:00
Alex Bilbie
3af75729b8 Applied fixes from StyleCI 2016-03-17 07:22:59 -04:00
Alex Bilbie
7b8d9c9af3 Added missing RendererInterface 2016-03-17 11:22:04 +00:00
Alex Bilbie
15b6506644 No need to use Zend\Diactoros\Stream 2016-03-17 11:21:53 +00:00
Alex Bilbie
bd12c8b1a9 Fix exception usage 2016-03-17 11:18:59 +00:00
Alex Bilbie
c3c49c83f9 Merge pull request #472 from juliangut/templating
V5 - Template renderer holds template related information
2016-03-17 10:49:14 +01:00
Alex Bilbie
2f459b6470 Merge pull request #470 from juliangut/clarify
V5 - Clarify names and return types
2016-03-16 17:35:39 +01:00
Julián Gutiérrez
ee91072455 template renderer holds template related information 2016-03-16 12:32:21 +01:00
Alex Bilbie
d635b3484b Fix broken code 2016-03-15 21:30:18 +00:00
Alex Bilbie
3365f3d733 Moved client secret validation to abstract grant. Fixes #460 2016-03-15 21:30:13 +00:00
Alex Bilbie
c7a5a57304 Added getSecret method to ClientEntityInterface 2016-03-15 21:29:35 +00:00
Julián Gutiérrez
ae0edc40aa clarify names and return types 2016-03-15 22:25:28 +01:00
Alex Bilbie
7159352108 Applied fixes from StyleCI 2016-03-15 17:21:21 -04:00
Alex Bilbie
a70bc2360a Merge branch 'V5-WIP' of github.com:thephpleague/oauth2-server into V5-WIP 2016-03-15 21:21:08 +00:00
Alex Bilbie
472ec68bbe Removed validateAccessToken from abstract response type 2016-03-15 21:20:59 +00:00
Alex Bilbie
e946c1e106 Remove old MAC output type 2016-03-15 21:20:46 +00:00
Julián Gutiérrez
66e473b1f0 clean use statment 2016-03-15 20:57:32 +01:00
Julián Gutiérrez
91c8daeb99 normalize repositories visibility 2016-03-15 20:54:59 +01:00
Julián Gutiérrez
9e04da01de unused use statements 2016-03-15 01:18:54 +01:00
Julián Gutiérrez
592f60de70 allways extract scopes from repository 2016-03-15 01:10:47 +01:00
Alex Bilbie
5ae9827d67 Merge pull request #461 from juliangut/extract_scopes
V5 - scopes extraction from querystring on auth_code and implicit grants
2016-03-14 12:36:17 +01:00
Julián Gutiérrez
9b665f494f convert JWT to string for http_build_query 2016-03-14 01:00:06 +01:00
Julián Gutiérrez
ced63e2051 allow scopes extraction on GET requests for auth_code and implicit grants 2016-03-14 00:12:14 +01:00
Julián Gutiérrez
a0402f1994 throw exception instead of return Response 2016-03-11 00:01:19 +01:00
Alex Bilbie
4ab9c52767 Merge pull request #448 from juliangut/validate_authenticated_request
V5 - rename validateRequest
2016-03-10 17:47:28 +00:00
Alex Bilbie
2b2d4a3df7 Merge pull request #444 from juliangut/secure_body_params_access
V5 - Secure access to body params
2016-03-10 17:47:20 +00:00
Alex Bilbie
4c55b6879d Merge pull request #457 from juliangut/renderer
V5 - Allow different template engines
2016-03-10 17:43:20 +00:00
Alex Bilbie
edf0ee8622 Removed unused code 2016-03-10 17:34:25 +00:00
Alex Bilbie
3b4a8cf5f3 Added code coverage ignore comments 2016-03-10 17:22:10 +00:00
Alex Bilbie
5074ad9a6c Fixed request attribute 2016-03-10 15:50:04 +00:00
Alex Bilbie
01517bb57a Added missing namespace 2016-03-10 15:09:56 +00:00
Julián Gutiérrez
320d9e65d5 StyleCI always watching upon us 2016-03-09 12:44:47 +01:00
Julián Gutiérrez
1218cede79 allow different template engines 2016-03-09 12:32:01 +01:00
Julián Gutiérrez
1bdeb71efb make StyleCI happy 2016-03-08 21:59:10 +01:00
Julián Gutiérrez
1632b80631 Merge branch 'V5-WIP' into secure_body_params_access 2016-03-08 21:57:43 +01:00
Alex Bilbie
997d390f3d Applied fixes from StyleCI 2016-02-22 03:00:50 -05:00
Alex Bilbie
e2794c47af First commit of the implicit grant 2016-02-22 07:59:17 +00:00
Alex Bilbie
0d0aaa8764 Use the new access token covertToJWT method 2016-02-22 07:58:59 +00:00
Alex Bilbie
ad270f7d9d Redirect either with query string parameters or fragment parameters 2016-02-22 07:58:44 +00:00
Alex Bilbie
a1bdaae9a9 Access token can now return a JWT from itself 2016-02-22 07:58:25 +00:00
Alex Bilbie
e08669d50c Doc improvements 2016-02-22 07:58:12 +00:00
Alex Bilbie
d02437dd73 Improved testing 2016-02-21 18:13:39 +00:00
Alex Bilbie
eedcfe115c Bug fixes 2016-02-21 17:09:12 +00:00
Alex Bilbie
2488cbd55d Bug fixes 2016-02-21 17:08:49 +00:00
Alex Bilbie
7f539f8736 Removed unused exception parameters 2016-02-21 16:40:01 +00:00
Alex Bilbie
d0878300d0 Bug fix for AuthCodeGrant 2016-02-21 14:32:16 +00:00
Alex Bilbie
97c138bb0b Removed unused SecureKey class 2016-02-20 10:05:15 +00:00
Alex Bilbie
a2460886f6 Applied fixes from StyleCI 2016-02-19 18:09:39 -05:00
Julián Gutiérrez
a644eacea7 Merge branch 'V5-WIP' into move_identifier_generation 2016-02-18 18:14:59 +01:00
Alex Bilbie
e8a01c3bcd Fix for logic 2016-02-18 12:07:36 +00:00
Alex Bilbie
064eb85f4e AbstractGrant now handles persisting tokens 2016-02-18 12:07:23 +00:00
Alex Bilbie
704e114568 Updated AuthCodeGrant 2016-02-18 10:49:39 +00:00
Alex Bilbie
3b36ae9000 Rewrote validateClient method to progressively test client secret and redirect URI 2016-02-18 10:49:05 +00:00
Alex Bilbie
7f67000d53 Provided implementation of new client entity methods 2016-02-18 10:48:23 +00:00
Alex Bilbie
de000b72a4 Updated ClientEntityInterface with additional methods 2016-02-18 10:48:12 +00:00
Alex Bilbie
0d8cb0d06f Fixes for RefreshTokenGrant 2016-02-18 10:47:30 +00:00
Alex Bilbie
fc53d636f5 Updated getClientEntity now just requires the client ID and the grant type 2016-02-18 10:47:06 +00:00
Julián Gutiérrez
dbcaaa1f35 rename determineAccessTokenInHeader 2016-02-13 14:38:23 +01:00
Julián Gutiérrez
5d6634aa9f Merge branch 'V5-WIP' into move_identifier_generation 2016-02-13 14:11:38 +01:00
Julián Gutiérrez
099c9ce41b move token identifier generation 2016-02-13 14:07:09 +01:00
Alex Bilbie
335630f150 Added code coverage ignore docblocks 2016-02-12 18:08:27 +00:00
Alex Bilbie
e20c529f39 Added isExpired method to refresh token 2016-02-12 17:53:42 +00:00
Alex Bilbie
7f2fd69d0a Removed respondsWith from interface 2016-02-12 17:52:37 +00:00
Alex Bilbie
29068dd84c Removed responseWith method 2016-02-12 17:51:59 +00:00
Alex Bilbie
9a8b7ec898 Removed old codecept tests 2016-02-12 17:46:30 +00:00
Julián Gutiérrez
1f6bb40952 correcting param access mistake 2016-02-12 18:45:47 +01:00
Julián Gutiérrez
2f914a0aa3 secure params access on authcode grant 2016-02-12 18:32:09 +01:00
Julián Gutiérrez
95e3c1d1a2 Merge branch 'V5-WIP' into secure_body_params_access 2016-02-12 17:10:52 +01:00
Alex Bilbie
655f6b9771 Merge pull request #445 from juliangut/abstract_token_validation
V5 - Abstract access token validation
2016-02-12 14:31:18 +00:00
Alex Bilbie
d95958bae4 Small fixes 2016-02-12 14:28:24 +00:00
Alex Bilbie
85b9412813 Multiple fixes 2016-02-12 14:18:52 +00:00
Alex Bilbie
1a5030200a The response may be a PSR response which is valid 2016-02-12 14:18:45 +00:00
Alex Bilbie
796106b6c1 Fix for non-imported namespace 2016-02-12 14:18:34 +00:00
Alex Bilbie
4234b69f3a Fix for method calls 2016-02-12 14:18:10 +00:00
Alex Bilbie
0115c41eea Numerous bug fixes 2016-02-12 13:32:58 +00:00
Julián Gutiérrez
f314154216 abstract access token validation 2016-02-12 14:19:47 +01:00
Alex Bilbie
5e326d9e45 First commit of respondToAccessTokenRequest 2016-02-12 13:01:25 +00:00
Julián Gutiérrez
d2760e4ec7 secure access to body params 2016-02-12 13:56:14 +01:00
Alex Bilbie
2025749fa4 Updated respondToAuthorizationRequest to use Plates templates instead of custom ResponseType 2016-02-12 11:55:41 +00:00
Alex Bilbie
1c913fe75e Added default basic HTML login + authorise templates 2016-02-12 11:32:09 +00:00
Alex Bilbie
ac9955b393 Removed response type interfaces for auth code login + authorize because they were a stupid idea 2016-02-12 11:30:59 +00:00
Alex Bilbie
fccb06ed67 First commit of updated AuthCodeGrant with respondToAuthorizationRequest method completed 2016-02-12 10:01:15 +00:00
Alex Bilbie
f29703ea24 Updated Docblock 2016-02-12 10:00:41 +00:00
Alex Bilbie
dcc3f5d856 First commit of new ResponseTypes 2016-02-12 10:00:32 +00:00
Alex Bilbie
264eba9f20 Updated AuthCodeRepositoryInterface 2016-02-12 10:00:22 +00:00
Alex Bilbie
c2c199cf98 Added issueAuthCode method 2016-02-12 10:00:10 +00:00
Alex Bilbie
0b6bcad9fb Added getCookieParameter method 2016-02-12 09:59:59 +00:00
Alex Bilbie
38a7e53cb5 Added optional redirectUri parameter to accessDenied method 2016-02-12 09:59:47 +00:00
Alex Bilbie
f4b83baf74 Fix getClientEntity method call 2016-02-12 09:09:39 +00:00
Alex Bilbie
5a08a0cbe2 Merge branch 'V5-WIP' into V5-AuthCode
# Conflicts:
#	src/Grant/AbstractGrant.php
2016-02-12 09:06:28 +00:00
Alex Bilbie
7a628409db Validate client can now optionally validate secret + redirectUri, and actually validate the redirectUri 2016-02-12 09:03:35 +00:00
Alex Bilbie
c6d806d3f7 Docblock updates 2016-02-12 09:02:33 +00:00
Alex Bilbie
bfcf7af4d8 Added getQueryStringParameter method 2016-02-12 09:02:17 +00:00
Alex Bilbie
d96f57d27f Got rid of mystery $identifier class property, moved it to the getIdentifier method 2016-02-12 08:33:59 +00:00
Julián Gutiérrez
8b185e0580 Merge branch 'V5-WIP' into minor_merge 2016-02-12 00:12:56 +01:00
Alex Bilbie
ca776e83a2 Fix for header writing 2016-02-11 17:58:35 +00:00
Alex Bilbie
ddf3f1b890 Merge branch 'V5-WIP' into V5-AuthCode 2016-02-11 17:50:08 +00:00
Alex Bilbie
a40ac5d77b Minor fixes 2016-02-11 17:49:41 +00:00
Alex Bilbie
4bc89f3fc2 Removed unused import 2016-02-11 17:49:31 +00:00
Alex Bilbie
11d25eb5a1 Removed old exceptions 2016-02-11 17:49:24 +00:00
Alex Bilbie
770bda8f10 Merge pull request #431 from juliangut/redirectUri
V5 - use Psr\Http\Message\UriInterface
2016-02-11 17:35:33 +00:00
Alex Bilbie
7a8c92b3d9 Merge pull request #435 from juliangut/exception_middleware
V5 - Exception based access token check
2016-02-11 17:34:31 +00:00
Alex Bilbie
92a101f263 First commit of AuthCode rewrite 2016-02-11 17:30:01 +00:00
Julián Gutiérrez
b85f81c429 configurable refresh token TTL per grant 2016-01-21 18:11:53 +01:00
Julián Gutiérrez
8fb64041df client secret can be null 2016-01-20 12:50:23 +01:00
Julián Gutiérrez
44155a8efc allow refresh token ttl assign 2016-01-20 12:21:44 +01:00
Julián Gutiérrez
b7b1f56d0c stream write fix 2016-01-20 10:58:45 +01:00
Julián Gutiérrez
3e5889e93b minor improvements and documentation fixes 2016-01-20 10:36:16 +01:00
Julián Gutiérrez
ef5904ab1a exception based determineAccessTokenInHeader 2016-01-20 00:32:59 +01:00
Julián Gutiérrez
94cc7c2bc7 fix server reference 2016-01-20 00:16:12 +01:00
Alex Bilbie
1e1043c04f Merge pull request #432 from juliangut/middleware
V5 - authentication middleware
2016-01-17 19:33:38 +00:00
Julián Gutiérrez
8591fc7686 moved to authentication middleware 2016-01-17 18:40:26 +01:00
Alex Bilbie
86b75edca0 Merge pull request #430 from juliangut/scopedelimiter
V5 - remove scopedelimiter parameter
2016-01-17 16:40:55 +00:00
Alex Bilbie
13ddec3283 Fix for PasswordGrant 2016-01-17 16:38:25 +00:00
Alex Bilbie
322caa77af Fixes for RefreshTokenGrant 2016-01-17 16:35:52 +00:00
Julián Gutiérrez
95634fb390 compound redirect uri with Psr\Http\Message\UriInterface 2016-01-17 17:28:27 +01:00
Alex Bilbie
6beb8d42ff Replaced SecureKey::generate with random_bytes method 2016-01-17 16:16:01 +00:00
Julián Gutiérrez
6cffbfe33b remove scopedelimiter parameter 2016-01-17 17:01:08 +01:00
Alex Bilbie
5fcb47d66a Merge pull request #425 from juliangut/scopes_extraction
V5 - normalize validatescopes
2016-01-17 14:59:37 +00:00
Alex Bilbie
8566a128c8 Pass errors back up the chain 2016-01-17 14:56:42 +00:00
Alex Bilbie
419cb6d149 Use first array result 2016-01-17 14:56:35 +00:00
Alex Bilbie
f1d06e7c33 Use the error returned from the response type 2016-01-17 14:56:06 +00:00
Alex Bilbie
212938d1e2 Fixed call to static 2016-01-17 14:55:48 +00:00
Alex Bilbie
cd19f11799 Fixed conversion to response object 2016-01-17 14:55:36 +00:00
Julián Gutiérrez
4862ca7d60 fix conflicts 2016-01-17 15:49:55 +01:00
Alex Bilbie
660378c7b3 Added MAC auth scheme to 401 header 2016-01-17 14:28:13 +00:00
Alex Bilbie
3d08051cbb Removed default wording as there is no override 2016-01-17 14:23:18 +00:00
Alex Bilbie
0486d93fa3 Removed default wording as there are no overrides 2016-01-17 14:23:02 +00:00
Alex Bilbie
5a8659471c Public key is set in abstract grant now 2016-01-17 14:21:53 +00:00
Alex Bilbie
f6664c6917 Private and public key paths are injected into grants now 2016-01-17 14:21:35 +00:00
Alex Bilbie
5f22ead287 Updated access denied hint 2016-01-17 14:11:21 +00:00
Alex Bilbie
19b12cda8e Made getDefaultResponseType public 2016-01-17 14:08:53 +00:00
Alex Bilbie
6c787c374c First commit of ResourceServerMiddleware 2016-01-17 14:08:42 +00:00
Alex Bilbie
cd68103267 New server constructor 2016-01-17 14:03:41 +00:00
Alex Bilbie
6332ecfa0b Removed default overrides 2016-01-17 14:03:33 +00:00
Alex Bilbie
e43d95415b Inject required params into grant type 2016-01-17 14:03:07 +00:00
Alex Bilbie
d755a8c01d Updated the validation to BearerTokenResponse 2016-01-17 13:57:07 +00:00
Alex Bilbie
c7a904ca40 Added access token repository and public key path as required params to response type constructor 2016-01-17 13:56:46 +00:00
Alex Bilbie
8ee4dc7eb9 Fixed docblock 2016-01-17 13:56:14 +00:00
Alex Bilbie
645f719ee9 Added new repository setter methods to GrantTypeInterface 2016-01-17 13:55:12 +00:00
Alex Bilbie
0cc13630cc Cody tidy 2016-01-17 13:54:55 +00:00
Alex Bilbie
e21a13c82c Access token TTL is now configured on a per grant basis 2016-01-17 13:54:39 +00:00
Alex Bilbie
a4ce1e510e Scope delimiter string is no longer configurable 2016-01-17 13:53:18 +00:00
Alex Bilbie
ad05a5cae6 Scope delimiter is no longer a required parameter 2016-01-17 13:51:56 +00:00
Alex Bilbie
e6cc6c35ec Scope delimiter string is now a constant 2016-01-17 13:49:53 +00:00
Alex Bilbie
f74bca33ab Removed parameters that are no longer required 2016-01-17 13:48:40 +00:00
Alex Bilbie
90d9d7bdd6 Required repositories are now set by the server 2016-01-17 13:47:44 +00:00
Julián Gutiérrez
8d8dbaea0c normalize validatescopes 2016-01-17 14:35:43 +01:00
Alex Bilbie
03391e9630 Removed old access denied exception 2016-01-17 12:58:15 +00:00
Alex Bilbie
7242a8db31 Added access denied exception 2016-01-17 12:58:00 +00:00
Alex Bilbie
f44b618531 Docblock tidy 2016-01-17 12:57:50 +00:00
Alex Bilbie
9e4fd82763 Rewrote RefreshTokenGrant to understand encrypted tokens 2016-01-17 12:56:52 +00:00
Alex Bilbie
0744d8e926 Tidy up 2016-01-17 12:43:20 +00:00
Julián Gutiérrez
44ff8692dc abstract common grants tasks 2016-01-17 00:41:55 +01:00
Alex Bilbie
dce1620f60 Removed unused imports 2016-01-15 18:37:46 +00:00
Alex Bilbie
bcd84320da Updated docblocks 2016-01-15 18:37:26 +00:00
Alex Bilbie
a40374e6ec Merge branch 'V5-WIP' of github.com:thephpleague/oauth2-server into V5-WIP 2016-01-15 18:36:38 +00:00
Alex Bilbie
748ae15376 Updated docblock 2016-01-15 18:36:34 +00:00
Alex Bilbie
7811721d28 Merge pull request #421 from juliangut/deferred_creation
V5 - deferred default objects creation
2016-01-15 18:35:49 +00:00
Alex Bilbie
8f724bb720 Fix immutability issues 2016-01-15 18:32:53 +00:00
Julián Gutiérrez
65d981ad32 allow middleware use 2016-01-15 14:02:47 +01:00
Julián Gutiérrez
3de1b5917a deferred default objects creation 2016-01-15 12:41:48 +01:00
Alex Bilbie
0fbe447862 Removed old exceptions 2016-01-15 00:17:13 +00:00
Alex Bilbie
84a9802a67 Removed ServerAwareTrait 2016-01-15 00:14:41 +00:00
Alex Bilbie
f7b3c018c5 Removed old authorization server 2016-01-15 00:05:59 +00:00
Alex Bilbie
a88c30cb53 Added invalid refresh token exception 2016-01-14 23:47:49 +00:00
Alex Bilbie
5e6f0fc6a3 Code tidy 2016-01-14 23:47:41 +00:00
Alex Bilbie
b57b497cb7 Revoke both refresh token and access token 2016-01-14 23:47:19 +00:00
Alex Bilbie
0b061e3086 Refresh token is encrypted payload now instead of JWT 2016-01-14 23:47:06 +00:00
Alex Bilbie
304ea2baf4 Encrypt refresh token parameters instead of using JWT 2016-01-14 23:46:24 +00:00
Alex Bilbie
56060b2c16 Code tidy 2016-01-14 23:45:36 +00:00
Alex Bilbie
633746b02e Added KeyCrypt class 2016-01-14 23:44:39 +00:00
Alex Bilbie
936b8f93ec Addititonal refresh token validation 2016-01-13 00:38:23 +00:00
Alex Bilbie
c1d15aa15c Uset sub instead of uid 2016-01-13 00:38:08 +00:00
Alex Bilbie
79791e5848 Code tidy 2016-01-13 00:13:34 +00:00
Alex Bilbie
0efa7cd7ea Set the uid on the refresh token 2016-01-13 00:13:16 +00:00
Alex Bilbie
eef5cf39d4 Fixes to refresh grant 2016-01-13 00:12:10 +00:00
Alex Bilbie
6fb3fb5110 Updated refresh token grant 2016-01-12 23:53:03 +00:00
Alex Bilbie
a2bbb17483 Updated repository method names 2016-01-12 23:52:08 +00:00
Alex Bilbie
3135f1796e Generate a refresh token in password grant 2016-01-12 23:05:19 +00:00
Alex Bilbie
d565665ccb Code tidy 2016-01-12 23:05:07 +00:00
Alex Bilbie
13a1ea6db8 Updated token interface to drop owner concept for simple user identifier 2016-01-12 23:04:33 +00:00
Alex Bilbie
6358be90c2 Token is now linked to a user identifier instead of owner concept 2016-01-12 23:04:03 +00:00
Alex Bilbie
de89a6bc89 Code tidy 2016-01-12 23:03:38 +00:00
Alex Bilbie
e03ad0d52f Server constructor expects path to private key 2016-01-12 23:03:24 +00:00
Alex Bilbie
2a20de991b Docblock update 2016-01-12 23:02:54 +00:00
Alex Bilbie
b8732a2f83 BearerTokenResponse now outputs JWTs. Fixes #209 2016-01-12 23:02:45 +00:00
Alex Bilbie
1bdad3ad14 Updated AbstractResponseType with interface methods 2016-01-12 23:01:55 +00:00