sephster
521ed9a8cb
Merge master into 8.0.0 branch
2019-05-14 15:46:01 +01:00
Andrew Millington
1bbcb57d63
Merge pull request #1009 from iansltx/skip-s256-if-not-installed
...
Skip SHA256 verifier if system doesn't support sha256
2019-05-14 14:55:39 +01:00
Andrew Millington
93d4b947d8
Merge pull request #1008 from iansltx/typehints-and-exts
...
Typehint ServerRequestInterface on OAuthServerException, explicitly require ext-json
2019-05-13 10:25:32 +01:00
Ian Littman
27d5c5ed8d
Ensure unvalidated ClientEntity gets throw/emit if they return null
...
In many cases, we validate client info before pulling from client itself
from the repository, in which case it's safe to assume that you can grab
the client once validation passes. However on implicit/auth code grants
we don't have this guarantee due to non-confidential clients that just
reference the client ID. In those cases the client may supply a client
ID that doesn't exist, and we don't do a validation step before pulling
it from the repo.
The issue with that is that ClientRepository doesn't actually enforce
returning a ClientInterface via typehint, nor does it even suggest an
exception to throw if the client doesn't exist. So in most places we
do an instanceof check after the repository returns and throw/emit an
error event if the client doesn't exist.
This approach ends up being a bit error-prone; we missed one case where
we should've been doing this check: in the access token request on an
auth code grant. We don't do enough validation beforehand to assume that
the incoming request has an accurate client ID, so L96 could absolutely
be a method call on a non-object.
This commit centralizes the return-check-emit-throw logic so it's a
one-liner for wherever we need it, including the access token request
processor for auth code grants.
2019-05-11 14:35:59 -05:00
Ian Littman
4ecd3131c1
Skip SHA256 verifier if system doesn't support sha256
2019-05-11 14:23:56 -05:00
Ian Littman
3fdfbe11f6
Explicitly require ext-json
...
Makes phpstorm happier; take or leave
2019-05-11 13:37:22 -05:00
Ian Littman
42df2d9c47
Add typehints to OAuthServerException calls
2019-05-11 13:35:24 -05:00
Andrew Millington
2eb1cf79e5
Update changelog for version 7.4.0
2019-05-05 10:22:01 +01:00
Andrew Millington
382b6f5fbf
Merge pull request #1000 from filecage/master
...
Optional Refresh Tokens
2019-05-05 09:48:53 +01:00
sephster
86869eafbb
Add whitespace around control blocks
2019-05-05 09:03:13 +01:00
sephster
9236e842d9
Clarify changelog message
2019-05-05 08:58:34 +01:00
filecage
9bc7f6c8c5
removing simplified_null_return
2019-04-29 19:13:26 +02:00
David
1e9a468e66
Merge branch 'master' into master
2019-04-12 11:17:37 +02:00
Andrew Millington
c7f4998497
Update links
2019-03-29 18:19:35 +00:00
Andrew Millington
0a78236f17
Update changelog for version 7.3.3
2019-03-29 18:18:35 +00:00
Andrew Millington
a68f8001a4
Merge pull request #1006 from marc-mabe/fix-958-error_description
...
spec compliant 'error_description' but keep 'message' for BC
2019-03-29 16:28:33 +00:00
Marc Bennewitz
b88198a9a4
spec compliant 'error_description' but keep 'message' for BC
2019-03-29 16:00:26 +01:00
filecage
8cf39fd9cd
applies style CI diff
2019-03-16 13:15:38 +01:00
filecage
6f6820f629
removes @var hints
...
the @var hints make PHP stan fail together with PHPUnit 6.3
2019-03-16 13:12:34 +01:00
filecage
0742d5150c
explicit is better than implicit :)
2019-03-13 10:08:57 +01:00
filecage
64f0d89fad
getNewRefreshToken()
can also return NULL
2019-03-11 23:28:47 +01:00
filecage
ebf78132d7
refreshTokenRepository
parameter can not be null, condition is obsolete
2019-03-11 23:28:20 +01:00
filecage
aa5bbe5f06
boyscout: style CI tweaks
2019-03-11 23:26:35 +01:00
filecage
66d4ce6de8
Update CHANGELOG.md
2019-03-08 18:21:55 +01:00
filecage
2ea76ca4fd
Adds handling for null
issued refresh token to Grant implementations
2019-03-08 18:19:16 +01:00
filecage
b2840474fd
AbstractGrant no longer tries to issue a refresh token if the Repository returned null
2019-03-08 18:16:16 +01:00
Andrew Millington
0227f14b7b
Merge pull request #988 from lordrhodos/feature/test-cleanup
...
Cleanup: remove unused local variable $scopeEntity from ImplicitGrantTest
2019-01-22 20:59:33 +00:00
Patrick Rodacker
fad42a88fd
removes unused local variable $scopeEntity from ImplicitGrantTest
2019-01-20 22:11:22 +01:00
Andrew Millington
d7defafd83
Merge pull request #963 from marc-mabe/date-time-handling
...
BC-Break: cleanup DateTime handline for 8.0.0
2018-12-19 13:10:20 +00:00
sephster
16f37560d4
Merge latest version of 8 branch
2018-12-19 13:03:10 +00:00
sephster
5ed8e59ef3
Update changelog
2018-12-19 12:58:11 +00:00
sephster
c2cd12e0b8
Remove return types
2018-12-19 12:54:26 +00:00
Andrew Millington
8e9368cf44
Merge pull request #978 from Devristo/fix-http-basic-respond-to-access-token-request
...
Fixed respondToAccessTokenRequest using Http Basic Auth
2018-12-10 23:07:58 +00:00
sephster
894724c45b
Remove invalid commenting
2018-12-10 23:01:45 +00:00
sephster
fd65bf9e54
Streamline tests
2018-12-10 22:51:58 +00:00
Andrew Millington
2a16dbeb7f
Merge pull request #981 from Sephster/support-php-7.3
...
Add support for PHP 7.3
2018-12-06 23:53:55 +00:00
sephster
faa350792a
Add support for PHP 7.3
2018-12-06 23:46:28 +00:00
Chris Tanaskoski
b6955a6c65
Fixed respondToAccessTokenRequest such that it accepts client_id through request body and Http Basic Auth
2018-11-30 10:19:06 +01:00
Chris Tanaskoski
ec8a663a81
Added test for respondToAccessTokenRequest using Http Basic Auth for client credentials
2018-11-29 09:28:36 +01:00
Andrew Millington
dc3181bbb0
Merge pull request #977 from spideyfusion/symfony-community-integration
...
Add Symfony community integration to README.md
2018-11-28 12:47:30 +00:00
Petar Obradović
1e3a7adb19
Add Symfony community integration to README.md
2018-11-28 12:24:16 +01:00
sephster
b71f382cd7
Update changelog
2018-11-21 21:42:43 +00:00
Andrew Millington
9783388523
Merge pull request #969 from ceeram/fix-bc-break
...
Fix bc breaking change
2018-11-21 21:38:37 +00:00
sephster
46493c461e
Update changelog for 7.3.2 release
2018-11-21 21:29:55 +00:00
sephster
8b421818f2
Add blank line to better format
2018-11-21 21:26:54 +00:00
Marc Ypes
b09154af33
Add test to prove bc break
2018-11-16 13:29:47 +01:00
Marc Ypes
f1454cde36
Fix bc breaking change
2018-11-16 12:44:41 +01:00
Andrew Millington
f2cd3646ff
Merge pull request #970 from Sephster/interface-revert
...
Revert Interface Change
2018-11-15 22:37:18 +00:00
sephster
7839a61170
Update changelog
2018-11-15 22:33:34 +00:00
sephster
443d7c485a
Revert interface change so class can be extende
2018-11-15 22:22:08 +00:00