oauth2-server

mirror of https://github.com/elyby/oauth2-server.git synced 2024-11-01 16:33:07 +05:30

Author	SHA1	Message	Date
Sephster	65789e0f39	Fix tests to support default scopes for authorization requests	2017-11-13 22:20:42 +00:00
Sephster	512d4898e2	Revert previous change	2017-11-13 22:20:16 +00:00
Sephster	c895885700	Modify grants so only auth requests use default scopes	2017-11-13 22:19:44 +00:00
Andrew Millington	ce8248c10f	Remove erroneous character	2017-11-06 22:56:54 +00:00
Andrew Millington	13be557825	Re-add the complete testCompleteAuthorizationRequestNoUser()	2017-11-06 22:51:11 +00:00
Andrew Millington	0f08063864	Fixed use of default scope so it is only for authorization requests	2017-11-06 22:33:28 +00:00
Andrew Millington	cc6eb63dd8	Remove default scope from the Refresh Token Grant	2017-11-06 21:23:52 +00:00
Andrew Millington	093c7755fa	Remove default scope from the Password Grant	2017-11-06 21:23:14 +00:00
Andrew Millington	82b81c7f6f	Remove setDefaultScope function from the grant interface	2017-11-06 21:22:09 +00:00
Andrew Millington	9cd86a9154	Remove default scope for the ClientCredentialsGrant	2017-11-06 21:21:14 +00:00
Andrew Millington	42ea0de9fb	Add default scope to the AbstractAuthorizeGrant	2017-11-06 21:19:38 +00:00
Andrew Millington	ab760a805c	Remove default scope from abstract grant This should be added to the AbstractAuthorizeGrant instead as it is only used for an authorization request	2017-11-06 21:19:07 +00:00
Andrew Millington	bd2cdaf5da	Change missing scope test to check for invalid_scope exception	2017-10-31 23:01:19 +00:00
Andrew Millington	4806eda45a	Change to throw invalid scope instead of missing scope exception	2017-10-31 22:59:01 +00:00
Andrew Millington	b2fe909a71	Removed the missing scope exception as should be using invalid_scope	2017-10-31 22:58:07 +00:00
Andrew Millington	d0619385b8	Add a basic test to ensure we throw an exception when no scope is given	2017-10-31 21:00:14 +00:00
Andrew Millington	3828f87b19	Fix tests as no longer set the default scope in the constructor Use new setDefaultScope() method instead. Also changed default scope to be a blank string instead of null	2017-10-30 23:48:02 +00:00
Andrew Millington	a49f6ff80d	Remove setting default scope in the constructor	2017-10-30 23:36:19 +00:00
Andrew Millington	1161ceda0d	Fix the authorization server middleware test	2017-10-30 23:26:49 +00:00
Andrew Millington	f9143b5163	Fix the refresh token grant test	2017-10-30 23:26:11 +00:00
Andrew Millington	24f29b6382	Fix more tests to support default scope setting	2017-10-19 22:37:19 +01:00
Andrew Millington	8c788e9fc8	Update tests so they don't trigger missing or invalid scope exceptions	2017-10-18 22:11:13 +01:00
Andrew Millington	4d28eadf93	Update tests so they don't trigger missing or invalid scope exceptions	2017-10-18 22:11:02 +01:00
Andrew Millington	5a28fb8af4	Set a default scope for the authorization server	2017-10-18 22:09:53 +01:00
Andrew Millington	c996b66528	Add means to set default scopes for grants	2017-10-18 22:08:41 +01:00
Andrew Millington	c70451abd5	Add an exception for a missing scope	2017-10-18 22:08:11 +01:00
Andrew Millington	e7ee483d11	Changed function comment to reflect we are setting the public, instead of private key	2017-10-13 23:02:29 +01:00
Alex Bilbie	5b223a9501	Update README.md	2017-10-11 10:33:10 +01:00
Alex Bilbie	3b58ab1df2	Merge pull request #724 from davedevelopment/change-token-type-case Change case for implict grant token_type	2017-08-11 08:16:08 +01:00
Alex Bilbie	925776958f	Updated changelog	2017-08-03 16:09:23 +01:00
Alex Bilbie	c86c7dde70	Fix #759	2017-08-03 16:07:11 +01:00
Alex Bilbie	e184691ded	Merge pull request #776 from yannickl88/fix/perm-key-check Removed chmod from CryptKey and add toggle to disable checking	2017-08-03 16:04:08 +01:00
Alex Bilbie	b2648218f1	Merge pull request #777 from hhamon/hhamon-patch-1 [BC Break] Fixes invalid code challenge method payload key name	2017-08-03 16:03:48 +01:00
Yannick de Lange	2aca909d20	Removed chmod from CryptKey and add toggle to disable checking	2017-08-03 15:57:39 +02:00
Hugo Hamon	79038ced78	[BC Break] Fixes invalid code challenge method payload key name I guess this change might be a BC break for existing and active authorization tokens when they're validated by the server. The good thing is that an authorization token has a very short expiration time and is used once to request an access token.	2017-08-02 17:55:11 +02:00
Alex Bilbie	7c2218fdcc	Merge pull request #773 from kumy/issue-772 Fix #772 - PR should be based on master branch	2017-07-30 08:32:30 +01:00
Alex Bilbie	935fff8308	Merge pull request #770 from benito103e/master Updated PHPDoc about the unicity violation exception throwing	2017-07-30 08:31:50 +01:00
Mathieu Alorent	0f1ddaaacf	Fix #772 - PR should be based on master branch	2017-07-29 17:41:44 +02:00
Benjamin Dieleman	ecc07abb33	Updated PHPDoc about the unicity violation exception throwing UniqueTokenIdentifierConstraintViolationException can be thrown when persisting tokens	2017-07-27 17:31:01 +02:00
Alex Bilbie	a1b8d87b47	Updated changelog	2017-07-19 07:58:56 +01:00
Alex Bilbie	80fc8e654b	Trigger E_USER_NOTICE instead of throwing an exception if key cannot be chmod to 600	2017-07-19 07:57:47 +01:00
Alex Bilbie	317f46b7ae	Merge pull request #754 from Lctrs/fix/missing-sprintf Fix missing sprintf() calls	2017-07-07 16:50:08 +01:00
Jérôme Parmentier	88bf8b2367	Fix missing sprintf	2017-07-03 20:28:28 +02:00
Alex Bilbie	315d079033	Added link to security release information page	2017-07-02 18:44:55 +01:00
Alex Bilbie	2824f7d27e	Fixed examples	2017-07-01 18:46:48 +01:00
Alex Bilbie	0a6a4deca6	5.1.4 not 5.1.14	2017-07-01 18:38:35 +01:00
Alex Bilbie	00c645545a	Updated changelog	2017-07-01 18:33:17 +01:00
Alex Bilbie	417a64ad43	Added security notice	2017-07-01 18:33:03 +01:00
Alex Bilbie	f5c3ba0b24	Removed dead code	2017-07-01 18:22:51 +01:00
Alex Bilbie	e1ef133067	Dropped PHP 5.5 compatability	2017-07-01 18:22:44 +01:00

1 2 3 4 5 ...

2038 Commits