Commit Graph

2035 Commits

Author SHA1 Message Date
Andrew Millington
ce8248c10f Remove erroneous character 2017-11-06 22:56:54 +00:00
Andrew Millington
13be557825 Re-add the complete testCompleteAuthorizationRequestNoUser() 2017-11-06 22:51:11 +00:00
Andrew Millington
0f08063864 Fixed use of default scope so it is only for authorization requests 2017-11-06 22:33:28 +00:00
Andrew Millington
cc6eb63dd8 Remove default scope from the Refresh Token Grant 2017-11-06 21:23:52 +00:00
Andrew Millington
093c7755fa Remove default scope from the Password Grant 2017-11-06 21:23:14 +00:00
Andrew Millington
82b81c7f6f Remove setDefaultScope function from the grant interface 2017-11-06 21:22:09 +00:00
Andrew Millington
9cd86a9154 Remove default scope for the ClientCredentialsGrant 2017-11-06 21:21:14 +00:00
Andrew Millington
42ea0de9fb Add default scope to the AbstractAuthorizeGrant 2017-11-06 21:19:38 +00:00
Andrew Millington
ab760a805c Remove default scope from abstract grant
This should be added to the AbstractAuthorizeGrant instead as it is 
only used for an authorization request
2017-11-06 21:19:07 +00:00
Andrew Millington
bd2cdaf5da Change missing scope test to check for invalid_scope exception 2017-10-31 23:01:19 +00:00
Andrew Millington
4806eda45a Change to throw invalid scope instead of missing scope exception 2017-10-31 22:59:01 +00:00
Andrew Millington
b2fe909a71 Removed the missing scope exception as should be using invalid_scope 2017-10-31 22:58:07 +00:00
Andrew Millington
d0619385b8 Add a basic test to ensure we throw an exception when no scope is given 2017-10-31 21:00:14 +00:00
Andrew Millington
3828f87b19 Fix tests as no longer set the default scope in the constructor
Use new setDefaultScope() method instead. Also changed default scope to
be a blank string instead of null
2017-10-30 23:48:02 +00:00
Andrew Millington
a49f6ff80d Remove setting default scope in the constructor 2017-10-30 23:36:19 +00:00
Andrew Millington
1161ceda0d Fix the authorization server middleware test 2017-10-30 23:26:49 +00:00
Andrew Millington
f9143b5163 Fix the refresh token grant test 2017-10-30 23:26:11 +00:00
Andrew Millington
24f29b6382 Fix more tests to support default scope setting 2017-10-19 22:37:19 +01:00
Andrew Millington
8c788e9fc8 Update tests so they don't trigger missing or invalid scope exceptions 2017-10-18 22:11:13 +01:00
Andrew Millington
4d28eadf93 Update tests so they don't trigger missing or invalid scope exceptions 2017-10-18 22:11:02 +01:00
Andrew Millington
5a28fb8af4 Set a default scope for the authorization server 2017-10-18 22:09:53 +01:00
Andrew Millington
c996b66528 Add means to set default scopes for grants 2017-10-18 22:08:41 +01:00
Andrew Millington
c70451abd5 Add an exception for a missing scope 2017-10-18 22:08:11 +01:00
Andrew Millington
e7ee483d11 Changed function comment to reflect we are setting the public, instead of private key 2017-10-13 23:02:29 +01:00
Alex Bilbie
5b223a9501 Update README.md 2017-10-11 10:33:10 +01:00
Alex Bilbie
3b58ab1df2 Merge pull request #724 from davedevelopment/change-token-type-case
Change case for implict grant token_type
2017-08-11 08:16:08 +01:00
Alex Bilbie
925776958f Updated changelog 2017-08-03 16:09:23 +01:00
Alex Bilbie
c86c7dde70 Fix #759 2017-08-03 16:07:11 +01:00
Alex Bilbie
e184691ded Merge pull request #776 from yannickl88/fix/perm-key-check
Removed chmod from CryptKey and add toggle to disable checking
2017-08-03 16:04:08 +01:00
Alex Bilbie
b2648218f1 Merge pull request #777 from hhamon/hhamon-patch-1
[BC Break] Fixes invalid code challenge method payload key name
2017-08-03 16:03:48 +01:00
Yannick de Lange
2aca909d20 Removed chmod from CryptKey and add toggle to disable checking 2017-08-03 15:57:39 +02:00
Hugo Hamon
79038ced78 [BC Break] Fixes invalid code challenge method payload key name
I guess this change might be a BC break for existing and active authorization tokens when they're validated by the server. The good thing is that an authorization token has a very short expiration time and is used once to request an access token.
2017-08-02 17:55:11 +02:00
Alex Bilbie
7c2218fdcc Merge pull request #773 from kumy/issue-772
Fix #772 - PR should be based on master branch
2017-07-30 08:32:30 +01:00
Alex Bilbie
935fff8308 Merge pull request #770 from benito103e/master
Updated PHPDoc about the unicity violation exception throwing
2017-07-30 08:31:50 +01:00
Mathieu Alorent
0f1ddaaacf
Fix #772 - PR should be based on master branch 2017-07-29 17:41:44 +02:00
Benjamin Dieleman
ecc07abb33 Updated PHPDoc about the unicity violation exception throwing
UniqueTokenIdentifierConstraintViolationException can be thrown when persisting tokens
2017-07-27 17:31:01 +02:00
Alex Bilbie
a1b8d87b47 Updated changelog 2017-07-19 07:58:56 +01:00
Alex Bilbie
80fc8e654b Trigger E_USER_NOTICE instead of throwing an exception if key cannot be chmod to 600 2017-07-19 07:57:47 +01:00
Alex Bilbie
317f46b7ae Merge pull request #754 from Lctrs/fix/missing-sprintf
Fix missing sprintf() calls
2017-07-07 16:50:08 +01:00
Jérôme Parmentier
88bf8b2367 Fix missing sprintf 2017-07-03 20:28:28 +02:00
Alex Bilbie
315d079033 Added link to security release information page 2017-07-02 18:44:55 +01:00
Alex Bilbie
2824f7d27e Fixed examples 2017-07-01 18:46:48 +01:00
Alex Bilbie
0a6a4deca6 5.1.4 not 5.1.14 2017-07-01 18:38:35 +01:00
Alex Bilbie
00c645545a Updated changelog 2017-07-01 18:33:17 +01:00
Alex Bilbie
417a64ad43 Added security notice 2017-07-01 18:33:03 +01:00
Alex Bilbie
f5c3ba0b24 Removed dead code 2017-07-01 18:22:51 +01:00
Alex Bilbie
e1ef133067 Dropped PHP 5.5 compatability 2017-07-01 18:22:44 +01:00
Alex Bilbie
523434902c Removed dead code 2017-07-01 18:15:41 +01:00
Alex Bilbie
aac467e616 Fixed broken tests 2017-07-01 18:11:19 +01:00
Alex Bilbie
76c2b6f88c AuthorizationServer no longer needs to know about the public key 2017-07-01 18:11:10 +01:00