mirror of
https://github.com/elyby/oauth2-server.git
synced 2025-05-31 14:12:07 +05:30
Compare commits
2 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
a2f87f20b7 | ||
|
|
b6ba08813d |
12
.gitignore
vendored
12
.gitignore
vendored
@@ -1,6 +1,8 @@
|
||||
/vendor
|
||||
/vendor/
|
||||
/composer.lock
|
||||
/build/logs
|
||||
/build/coverage
|
||||
/docs
|
||||
/testing
|
||||
/docs/build/
|
||||
/build/logs/
|
||||
/build/coverage/
|
||||
test
|
||||
/docs/
|
||||
/testing/
|
||||
@@ -5,4 +5,4 @@ php:
|
||||
- 5.4
|
||||
|
||||
before_script: composer install --dev
|
||||
script: phpunit
|
||||
script: phpunit -c build/phpunit.xml
|
||||
@@ -1,5 +1,10 @@
|
||||
# Changelog
|
||||
|
||||
## 1.0.8 (released 2013-03-18)
|
||||
|
||||
* Fixed check for required state parameter
|
||||
* Fixed check that user's credentials are correct in Password grant
|
||||
|
||||
## 1.0.7 (released 2013-03-04)
|
||||
|
||||
* Added method `requireStateParam()`
|
||||
|
||||
8
build/phpcs.xml
Normal file
8
build/phpcs.xml
Normal file
@@ -0,0 +1,8 @@
|
||||
<?xml version="1.0"?>
|
||||
<ruleset name="PHP_CodeSniffer">
|
||||
|
||||
<description>PHP_CodeSniffer configuration</description>
|
||||
|
||||
<rule ref="PSR2"/>
|
||||
|
||||
</ruleset>
|
||||
14
build/phpmd.xml
Normal file
14
build/phpmd.xml
Normal file
@@ -0,0 +1,14 @@
|
||||
<ruleset name="OAuth 2.0 Server"
|
||||
xmlns="http://pmd.sf.net/ruleset/1.0.0"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://pmd.sf.net/ruleset/1.0.0
|
||||
http://pmd.sf.net/ruleset_xml_schema.xsd"
|
||||
xsi:noNamespaceSchemaLocation="http://pmd.sf.net/ruleset_xml_schema.xsd">
|
||||
|
||||
<description>
|
||||
Ruleset for OAuth 2.0 server
|
||||
</description>
|
||||
|
||||
<!-- Import the entire unused code rule set -->
|
||||
<rule ref="rulesets/unusedcode.xml" />
|
||||
</ruleset>
|
||||
31
build/phpunit.xml
Normal file
31
build/phpunit.xml
Normal file
@@ -0,0 +1,31 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<phpunit colors="true" convertNoticesToExceptions="true" convertWarningsToExceptions="true" stopOnError="false" stopOnFailure="false" stopOnIncomplete="false" stopOnSkipped="false" bootstrap="../tests/Bootstrap.php">
|
||||
<testsuites>
|
||||
<testsuite name="Authorization Server">
|
||||
<directory suffix="Test.php">../tests/authorization</directory>
|
||||
</testsuite>
|
||||
<testsuite name="Resource Server">
|
||||
<directory suffix="Test.php">../tests/resource</directory>
|
||||
</testsuite>
|
||||
<testsuite name="Utility Methods">
|
||||
<directory suffix="Test.php">../tests/util</directory>
|
||||
</testsuite>
|
||||
</testsuites>
|
||||
<filter>
|
||||
<blacklist>
|
||||
<directory suffix=".php">PEAR_INSTALL_DIR</directory>
|
||||
<directory suffix=".php">PHP_LIBDIR</directory>
|
||||
<directory suffix=".php">../vendor/composer</directory>
|
||||
<directory suffix=".php">../vendor/mockery</directory>
|
||||
<directory suffix=".php">../vendor/phpunit</directory>
|
||||
<directory suffix=".php">../tests</directory>
|
||||
<directory suffix=".php">../testing</directory>
|
||||
</blacklist>
|
||||
</filter>
|
||||
<logging>
|
||||
<log type="coverage-html" target="coverage" title="lncd/OAuth" charset="UTF-8" yui="true" highlight="true" lowUpperBound="50" highLowerBound="90"/>
|
||||
<log type="coverage-text" target="php://stdout" title="lncd/OAuth" charset="UTF-8" yui="true" highlight="true" lowUpperBound="50" highLowerBound="90"/>
|
||||
<log type="coverage-clover" target="logs/clover.xml"/>
|
||||
<log type="junit" target="logs/junit.xml" logIncompleteSkipped="false"/>
|
||||
</logging>
|
||||
</phpunit>
|
||||
@@ -1,15 +1,22 @@
|
||||
{
|
||||
"name": "league/oauth2-server",
|
||||
"name": "lncd/oauth2",
|
||||
"description": "A lightweight and powerful OAuth 2.0 authorization and resource server library with support for all the core specification grants",
|
||||
"version": "1.0.9",
|
||||
"homepage": "https://github.com/php-loep/oauth2-server",
|
||||
"version": "1.0.8",
|
||||
"homepage": "https://github.com/lncd/OAuth2",
|
||||
"license": "MIT",
|
||||
"require": {
|
||||
"php": ">=5.3.0"
|
||||
},
|
||||
"require-dev": {
|
||||
"mockery/mockery": ">=0.7.2"
|
||||
"phpunit/phpunit": "*",
|
||||
"mockery/mockery": ">=0.7.2"
|
||||
},
|
||||
"repositories": [
|
||||
{
|
||||
"type": "git",
|
||||
"url": "https://github.com/lncd/OAuth2"
|
||||
}
|
||||
],
|
||||
"keywords": [
|
||||
"oauth",
|
||||
"oauth2",
|
||||
@@ -27,10 +34,6 @@
|
||||
"role": "Developer"
|
||||
}
|
||||
],
|
||||
"replace": {
|
||||
"lncd/oauth2": "*",
|
||||
"league/oauth2server": "*"
|
||||
},
|
||||
"autoload": {
|
||||
"psr-0": {
|
||||
"OAuth2": "src/"
|
||||
|
||||
31
phpunit.xml
31
phpunit.xml
@@ -1,31 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<phpunit colors="true" convertNoticesToExceptions="true" convertWarningsToExceptions="true" stopOnError="false" stopOnFailure="false" stopOnIncomplete="false" stopOnSkipped="false" bootstrap="tests/Bootstrap.php">
|
||||
<testsuites>
|
||||
<testsuite name="Authorization Server">
|
||||
<directory suffix="Test.php">tests/authorization</directory>
|
||||
</testsuite>
|
||||
<testsuite name="Resource Server">
|
||||
<directory suffix="Test.php">tests/resource</directory>
|
||||
</testsuite>
|
||||
<testsuite name="Utility Methods">
|
||||
<directory suffix="Test.php">tests/util</directory>
|
||||
</testsuite>
|
||||
</testsuites>
|
||||
<filter>
|
||||
<blacklist>
|
||||
<directory suffix=".php">PEAR_INSTALL_DIR</directory>
|
||||
<directory suffix=".php">PHP_LIBDIR</directory>
|
||||
<directory suffix=".php">vendor/composer</directory>
|
||||
<directory suffix=".php">vendor/mockery</directory>
|
||||
<directory suffix=".php">vendor/phpunit</directory>
|
||||
<directory suffix=".php">tests</directory>
|
||||
<directory suffix=".php">testing</directory>
|
||||
</blacklist>
|
||||
</filter>
|
||||
<logging>
|
||||
<log type="coverage-html" target="build/coverage" title="lncd/OAuth" charset="UTF-8" yui="true" highlight="true" lowUpperBound="50" highLowerBound="90"/>
|
||||
<log type="coverage-text" target="php://stdout" title="lncd/OAuth" charset="UTF-8" yui="true" highlight="true" lowUpperBound="50" highLowerBound="90"/>
|
||||
<log type="coverage-clover" target="build/logs/clover.xml"/>
|
||||
<log type="junit" target="build/logs/junit.xml" logIncompleteSkipped="false"/>
|
||||
</logging>
|
||||
</phpunit>
|
||||
@@ -37,7 +37,7 @@ class AuthServer
|
||||
* The TTL (time to live) of an access token in seconds (default: 3600)
|
||||
* @var integer
|
||||
*/
|
||||
protected $expiresIn = 3600;
|
||||
static protected $expiresIn = 3600;
|
||||
|
||||
/**
|
||||
* The registered grant response types
|
||||
@@ -49,13 +49,13 @@ class AuthServer
|
||||
* The client, scope and session storage classes
|
||||
* @var array
|
||||
*/
|
||||
protected $storages = array();
|
||||
static protected $storages = array();
|
||||
|
||||
/**
|
||||
* The registered grant types
|
||||
* @var array
|
||||
*/
|
||||
protected $grantTypes = array();
|
||||
static protected $grantTypes = array();
|
||||
|
||||
/**
|
||||
* Require the "scope" parameter to be in checkAuthoriseParams()
|
||||
@@ -63,12 +63,6 @@ class AuthServer
|
||||
*/
|
||||
protected $requireScopeParam = true;
|
||||
|
||||
/**
|
||||
* Default scope to be used if none is provided and requireScopeParam is false
|
||||
* @var string
|
||||
*/
|
||||
protected $defaultScope = null;
|
||||
|
||||
/**
|
||||
* Require the "state" parameter to be in checkAuthoriseParams()
|
||||
* @var boolean
|
||||
@@ -79,7 +73,7 @@ class AuthServer
|
||||
* The request object
|
||||
* @var Util\RequestInterface
|
||||
*/
|
||||
protected $request = null;
|
||||
static protected $request = null;
|
||||
|
||||
/**
|
||||
* Exception error codes
|
||||
@@ -102,7 +96,7 @@ class AuthServer
|
||||
* Exception error messages
|
||||
* @var array
|
||||
*/
|
||||
protected static $exceptionMessages = array(
|
||||
static protected $exceptionMessages = array(
|
||||
'invalid_request' => 'The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Check the "%s" parameter.',
|
||||
'unauthorized_client' => 'The client is not authorized to request an access token using this method.',
|
||||
'access_denied' => 'The resource owner or authorization server denied the request.',
|
||||
@@ -148,7 +142,7 @@ class AuthServer
|
||||
*/
|
||||
public function __construct(ClientInterface $client, SessionInterface $session, ScopeInterface $scope)
|
||||
{
|
||||
$this->storages = array(
|
||||
self::$storages = array(
|
||||
'client' => $client,
|
||||
'session' => $session,
|
||||
'scope' => $scope
|
||||
@@ -165,7 +159,7 @@ class AuthServer
|
||||
if (is_null($identifier)) {
|
||||
$identifier = $grantType->getIdentifier();
|
||||
}
|
||||
$this->grantTypes[$identifier] = $grantType;
|
||||
self::$grantTypes[$identifier] = $grantType;
|
||||
|
||||
if ( ! is_null($grantType->getResponseType())) {
|
||||
$this->responseTypes[] = $grantType->getResponseType();
|
||||
@@ -177,9 +171,9 @@ class AuthServer
|
||||
* @param string $identifier The grant type identifier
|
||||
* @return boolean Returns "true" if enabled, "false" if not
|
||||
*/
|
||||
public function hasGrantType($identifier)
|
||||
public static function hasGrantType($identifier)
|
||||
{
|
||||
return (array_key_exists($identifier, $this->grantTypes));
|
||||
return (array_key_exists($identifier, self::$grantTypes));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -192,33 +186,6 @@ class AuthServer
|
||||
$this->requireScopeParam = $require;
|
||||
}
|
||||
|
||||
/**
|
||||
* Is the scope parameter required?
|
||||
* @return bool
|
||||
*/
|
||||
public function scopeParamRequired()
|
||||
{
|
||||
return $this->requireScopeParam;
|
||||
}
|
||||
|
||||
/**
|
||||
* Default scope to be used if none is provided and requireScopeParam is false
|
||||
* @var string
|
||||
*/
|
||||
public function setDefaultScope($default = null)
|
||||
{
|
||||
$this->defaultScope = $default;
|
||||
}
|
||||
|
||||
/**
|
||||
* Default scope to be used if none is provided and requireScopeParam is false
|
||||
* @return string|null
|
||||
*/
|
||||
public function getDefaultScope()
|
||||
{
|
||||
return $this->defaultScope;
|
||||
}
|
||||
|
||||
/**
|
||||
* Require the "state" paremter in checkAuthoriseParams()
|
||||
* @param boolean $require
|
||||
@@ -253,9 +220,9 @@ class AuthServer
|
||||
* Get the TTL for an access token
|
||||
* @return int The TTL
|
||||
*/
|
||||
public function getExpiresIn()
|
||||
public static function getExpiresIn()
|
||||
{
|
||||
return $this->expiresIn;
|
||||
return self::$expiresIn;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -264,7 +231,7 @@ class AuthServer
|
||||
*/
|
||||
public function setExpiresIn($expiresIn)
|
||||
{
|
||||
$this->expiresIn = $expiresIn;
|
||||
self::$expiresIn = $expiresIn;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -274,7 +241,7 @@ class AuthServer
|
||||
*/
|
||||
public function setRequest(Util\RequestInterface $request)
|
||||
{
|
||||
$this->request = $request;
|
||||
self::$request = $request;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -282,16 +249,16 @@ class AuthServer
|
||||
*
|
||||
* @return Util\RequestInterface
|
||||
*/
|
||||
public function getRequest()
|
||||
public static function getRequest()
|
||||
{
|
||||
if ($this->request === null) {
|
||||
if (self::$request === null) {
|
||||
// @codeCoverageIgnoreStart
|
||||
$this->request = Request::buildFromGlobals();
|
||||
self::$request = Request::buildFromGlobals();
|
||||
|
||||
}
|
||||
// @codeCoverageIgnoreEnd
|
||||
|
||||
return $this->request;
|
||||
return self::$request;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -299,9 +266,9 @@ class AuthServer
|
||||
* @param string $obj The class required
|
||||
* @return Storage\ClientInterface|Storage\ScopeInterface|Storage\SessionInterface
|
||||
*/
|
||||
public function getStorage($obj)
|
||||
public static function getStorage($obj)
|
||||
{
|
||||
return $this->storages[$obj];
|
||||
return self::$storages[$obj];
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -314,7 +281,7 @@ class AuthServer
|
||||
public function checkAuthoriseParams($inputParams = array())
|
||||
{
|
||||
// Auth params
|
||||
$authParams = $this->getParam(array('client_id', 'redirect_uri', 'response_type', 'scope', 'state'), 'get', $inputParams);
|
||||
$authParams = self::getParam(array('client_id', 'redirect_uri', 'response_type', 'scope', 'state'), 'get', $inputParams);
|
||||
|
||||
if (is_null($authParams['client_id'])) {
|
||||
throw new Exception\ClientException(sprintf(self::$exceptionMessages['invalid_request'], 'client_id'), 0);
|
||||
@@ -329,7 +296,7 @@ class AuthServer
|
||||
}
|
||||
|
||||
// Validate client ID and redirect URI
|
||||
$clientDetails = $this->getStorage('client')->getClient($authParams['client_id'], null, $authParams['redirect_uri']);
|
||||
$clientDetails = self::getStorage('client')->getClient($authParams['client_id'], null, $authParams['redirect_uri']);
|
||||
|
||||
if ($clientDetails === false) {
|
||||
throw new Exception\ClientException(self::$exceptionMessages['invalid_client'], 8);
|
||||
@@ -356,14 +323,12 @@ class AuthServer
|
||||
|
||||
if ($this->requireScopeParam === true && count($scopes) === 0) {
|
||||
throw new Exception\ClientException(sprintf(self::$exceptionMessages['invalid_request'], 'scope'), 0);
|
||||
} elseif (count($scopes) === 0 && $this->defaultScope) {
|
||||
$scopes = array($this->defaultScope);
|
||||
}
|
||||
|
||||
$authParams['scopes'] = array();
|
||||
|
||||
foreach ($scopes as $scope) {
|
||||
$scopeDetails = $this->getStorage('scope')->getScope($scope);
|
||||
$scopeDetails = self::getStorage('scope')->getScope($scope);
|
||||
|
||||
if ($scopeDetails === false) {
|
||||
throw new Exception\ClientException(sprintf(self::$exceptionMessages['invalid_scope'], $scope), 4);
|
||||
@@ -389,15 +354,15 @@ class AuthServer
|
||||
$authCode = SecureKey::make();
|
||||
|
||||
// Remove any old sessions the user might have
|
||||
$this->getStorage('session')->deleteSession($authParams['client_id'], $type, $typeId);
|
||||
self::getStorage('session')->deleteSession($authParams['client_id'], $type, $typeId);
|
||||
|
||||
// Create a new session
|
||||
$sessionId = $this->getStorage('session')->createSession($authParams['client_id'], $authParams['redirect_uri'], $type, $typeId, $authCode);
|
||||
$sessionId = self::getStorage('session')->createSession($authParams['client_id'], $authParams['redirect_uri'], $type, $typeId, $authCode);
|
||||
|
||||
// Associate scopes with the new session
|
||||
foreach ($authParams['scopes'] as $scope)
|
||||
{
|
||||
$this->getStorage('session')->associateScope($sessionId, $scope['id']);
|
||||
self::getStorage('session')->associateScope($sessionId, $scope['id']);
|
||||
}
|
||||
|
||||
return $authCode;
|
||||
@@ -411,14 +376,14 @@ class AuthServer
|
||||
*/
|
||||
public function issueAccessToken($inputParams = array())
|
||||
{
|
||||
$grantType = $this->getParam('grant_type', 'post', $inputParams);
|
||||
$grantType = self::getParam('grant_type', 'post', $inputParams);
|
||||
|
||||
if (is_null($grantType)) {
|
||||
throw new Exception\ClientException(sprintf(self::$exceptionMessages['invalid_request'], 'grant_type'), 0);
|
||||
}
|
||||
|
||||
// Ensure grant type is one that is recognised and is enabled
|
||||
if ( ! in_array($grantType, array_keys($this->grantTypes))) {
|
||||
if ( ! in_array($grantType, array_keys(self::$grantTypes))) {
|
||||
throw new Exception\ClientException(sprintf(self::$exceptionMessages['unsupported_grant_type'], $grantType), 7);
|
||||
}
|
||||
|
||||
@@ -431,34 +396,26 @@ class AuthServer
|
||||
* @param string $grantType The grant type identifer
|
||||
* @return class
|
||||
*/
|
||||
public function getGrantType($grantType)
|
||||
protected function getGrantType($grantType)
|
||||
{
|
||||
return $this->grantTypes[$grantType];
|
||||
return self::$grantTypes[$grantType];
|
||||
}
|
||||
|
||||
/**
|
||||
* Get a parameter from passed input parameters or the Request class
|
||||
* @param string|array $param Required parameter
|
||||
* @param string|array $param Requried parameter
|
||||
* @param string $method Get/put/post/delete
|
||||
* @param array $inputParams Passed input parameters
|
||||
* @return mixed 'Null' if parameter is missing
|
||||
*/
|
||||
public function getParam($param = '', $method = 'get', $inputParams = array(), $default = null)
|
||||
public static function getParam($param = '', $method = 'get', $inputParams = array())
|
||||
{
|
||||
if (is_string($param)) {
|
||||
if (isset($inputParams[$param])) {
|
||||
return $inputParams[$param];
|
||||
} elseif ($param === 'client_id' && ! is_null($client_id = $this->getRequest()->server('PHP_AUTH_USER'))) {
|
||||
return $client_id;
|
||||
} elseif ($param === 'client_secret' && ! is_null($client_secret = $this->getRequest()->server('PHP_AUTH_PW'))) {
|
||||
return $client_secret;
|
||||
} else {
|
||||
return $this->getRequest()->{$method}($param, $default);
|
||||
}
|
||||
return (isset($inputParams[$param])) ? $inputParams[$param] : self::getRequest()->{$method}($param);
|
||||
} else {
|
||||
$response = array();
|
||||
foreach ($param as $p) {
|
||||
$response[$p] = $this->getParam($p, $method, $inputParams);
|
||||
$response[$p] = self::getParam($p, $method, $inputParams);
|
||||
}
|
||||
return $response;
|
||||
}
|
||||
|
||||
@@ -36,22 +36,6 @@ class AuthCode implements GrantTypeInterface {
|
||||
*/
|
||||
protected $responseType = 'code';
|
||||
|
||||
/**
|
||||
* AuthServer instance
|
||||
* @var AuthServer
|
||||
*/
|
||||
protected $authServer = null;
|
||||
|
||||
/**
|
||||
* Constructor
|
||||
* @param AuthServer $authServer AuthServer instance
|
||||
* @return void
|
||||
*/
|
||||
public function __construct(AuthServer $authServer)
|
||||
{
|
||||
$this->authServer = $authServer;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the identifier
|
||||
* @return string
|
||||
@@ -78,51 +62,51 @@ class AuthCode implements GrantTypeInterface {
|
||||
public function completeFlow($inputParams = null)
|
||||
{
|
||||
// Get the required params
|
||||
$authParams = $this->authServer->getParam(array('client_id', 'client_secret', 'redirect_uri', 'code'), 'post', $inputParams);
|
||||
$authParams = AuthServer::getParam(array('client_id', 'client_secret', 'redirect_uri', 'code'), 'post', $inputParams);
|
||||
|
||||
if (is_null($authParams['client_id'])) {
|
||||
throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'client_id'), 0);
|
||||
throw new Exception\ClientException(sprintf(AuthServer::getExceptionMessage('invalid_request'), 'client_id'), 0);
|
||||
}
|
||||
|
||||
if (is_null($authParams['client_secret'])) {
|
||||
throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'client_secret'), 0);
|
||||
throw new Exception\ClientException(sprintf(AuthServer::getExceptionMessage('invalid_request'), 'client_secret'), 0);
|
||||
}
|
||||
|
||||
if (is_null($authParams['redirect_uri'])) {
|
||||
throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'redirect_uri'), 0);
|
||||
throw new Exception\ClientException(sprintf(AuthServer::getExceptionMessage('invalid_request'), 'redirect_uri'), 0);
|
||||
}
|
||||
|
||||
// Validate client ID and redirect URI
|
||||
$clientDetails = $this->authServer->getStorage('client')->getClient($authParams['client_id'], $authParams['client_secret'], $authParams['redirect_uri']);
|
||||
$clientDetails = AuthServer::getStorage('client')->getClient($authParams['client_id'], $authParams['client_secret'], $authParams['redirect_uri']);
|
||||
|
||||
if ($clientDetails === false) {
|
||||
throw new Exception\ClientException($this->authServer->getExceptionMessage('invalid_client'), 8);
|
||||
throw new Exception\ClientException(AuthServer::getExceptionMessage('invalid_client'), 8);
|
||||
}
|
||||
|
||||
$authParams['client_details'] = $clientDetails;
|
||||
|
||||
// Validate the authorization code
|
||||
if (is_null($authParams['code'])) {
|
||||
throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'code'), 0);
|
||||
throw new Exception\ClientException(sprintf(AuthServer::getExceptionMessage('invalid_request'), 'code'), 0);
|
||||
}
|
||||
|
||||
// Verify the authorization code matches the client_id and the request_uri
|
||||
$session = $this->authServer->getStorage('session')->validateAuthCode($authParams['client_id'], $authParams['redirect_uri'], $authParams['code']);
|
||||
$session = AuthServer::getStorage('session')->validateAuthCode($authParams['client_id'], $authParams['redirect_uri'], $authParams['code']);
|
||||
|
||||
if ( ! $session) {
|
||||
throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_grant'), 'code'), 9);
|
||||
throw new Exception\ClientException(sprintf(AuthServer::getExceptionMessage('invalid_grant'), 'code'), 9);
|
||||
}
|
||||
|
||||
// A session ID was returned so update it with an access token,
|
||||
// remove the authorisation code, change the stage to 'granted'
|
||||
|
||||
$accessToken = SecureKey::make();
|
||||
$refreshToken = ($this->authServer->hasGrantType('refresh_token')) ? SecureKey::make() : null;
|
||||
$refreshToken = (AuthServer::hasGrantType('refresh_token')) ? SecureKey::make() : null;
|
||||
|
||||
$accessTokenExpires = time() + $this->authServer->getExpiresIn();
|
||||
$accessTokenExpiresIn = $this->authServer->getExpiresIn();
|
||||
$accessTokenExpires = time() + AuthServer::getExpiresIn();
|
||||
$accessTokenExpiresIn = AuthServer::getExpiresIn();
|
||||
|
||||
$this->authServer->getStorage('session')->updateSession(
|
||||
AuthServer::getStorage('session')->updateSession(
|
||||
$session['id'],
|
||||
null,
|
||||
$accessToken,
|
||||
@@ -138,7 +122,7 @@ class AuthCode implements GrantTypeInterface {
|
||||
'expires_in' => $accessTokenExpiresIn
|
||||
);
|
||||
|
||||
if ($this->authServer->hasGrantType('refresh_token')) {
|
||||
if (AuthServer::hasGrantType('refresh_token')) {
|
||||
$response['refresh_token'] = $refreshToken;
|
||||
}
|
||||
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
<?php
|
||||
/**
|
||||
* OAuth 2.0 Client credentials grant
|
||||
* OAuth 2.0 Auth code grant
|
||||
*
|
||||
* @package lncd/oauth2
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
@@ -36,22 +36,6 @@ class ClientCredentials implements GrantTypeInterface {
|
||||
*/
|
||||
protected $responseType = null;
|
||||
|
||||
/**
|
||||
* AuthServer instance
|
||||
* @var AuthServer
|
||||
*/
|
||||
protected $authServer = null;
|
||||
|
||||
/**
|
||||
* Constructor
|
||||
* @param AuthServer $authServer AuthServer instance
|
||||
* @return void
|
||||
*/
|
||||
public function __construct(AuthServer $authServer)
|
||||
{
|
||||
$this->authServer = $authServer;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the identifier
|
||||
* @return string
|
||||
@@ -78,7 +62,7 @@ class ClientCredentials implements GrantTypeInterface {
|
||||
public function completeFlow($inputParams = null)
|
||||
{
|
||||
// Get the required params
|
||||
$authParams = $this->authServer->getParam(array('client_id', 'client_secret'), 'post', $inputParams);
|
||||
$authParams = AuthServer::getParam(array('client_id', 'client_secret'), 'post', $inputParams);
|
||||
|
||||
if (is_null($authParams['client_id'])) {
|
||||
throw new Exception\ClientException(sprintf(AuthServer::getExceptionMessage('invalid_request'), 'client_id'), 0);
|
||||
@@ -89,7 +73,7 @@ class ClientCredentials implements GrantTypeInterface {
|
||||
}
|
||||
|
||||
// Validate client ID and client secret
|
||||
$clientDetails = $this->authServer->getStorage('client')->getClient($authParams['client_id'], $authParams['client_secret']);
|
||||
$clientDetails = AuthServer::getStorage('client')->getClient($authParams['client_id'], $authParams['client_secret']);
|
||||
|
||||
if ($clientDetails === false) {
|
||||
throw new Exception\ClientException(AuthServer::getExceptionMessage('invalid_client'), 8);
|
||||
@@ -97,45 +81,18 @@ class ClientCredentials implements GrantTypeInterface {
|
||||
|
||||
$authParams['client_details'] = $clientDetails;
|
||||
|
||||
// Validate any scopes that are in the request
|
||||
$scope = $this->authServer->getParam('scope', 'post', $inputParams, '');
|
||||
$scopes = explode($this->authServer->getScopeDelimeter(), $scope);
|
||||
|
||||
for ($i = 0; $i < count($scopes); $i++) {
|
||||
$scopes[$i] = trim($scopes[$i]);
|
||||
if ($scopes[$i] === '') unset($scopes[$i]); // Remove any junk scopes
|
||||
}
|
||||
|
||||
if ($this->authServer->scopeParamRequired() === true && count($scopes) === 0) {
|
||||
throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'scope'), 0);
|
||||
} elseif (count($scopes) === 0 && $this->authServer->getDefaultScope()) {
|
||||
$scopes = array($this->authServer->getDefaultScope());
|
||||
}
|
||||
|
||||
$authParams['scopes'] = array();
|
||||
|
||||
foreach ($scopes as $scope) {
|
||||
$scopeDetails = $this->authServer->getStorage('scope')->getScope($scope);
|
||||
|
||||
if ($scopeDetails === false) {
|
||||
throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_scope'), $scope), 4);
|
||||
}
|
||||
|
||||
$authParams['scopes'][] = $scopeDetails;
|
||||
}
|
||||
|
||||
// Generate an access token
|
||||
$accessToken = SecureKey::make();
|
||||
$refreshToken = ($this->authServer->hasGrantType('refresh_token')) ? SecureKey::make() : null;
|
||||
$refreshToken = (AuthServer::hasGrantType('refresh_token')) ? SecureKey::make() : null;
|
||||
|
||||
$accessTokenExpires = time() + $this->authServer->getExpiresIn();
|
||||
$accessTokenExpiresIn = $this->authServer->getExpiresIn();
|
||||
$accessTokenExpires = time() + AuthServer::getExpiresIn();
|
||||
$accessTokenExpiresIn = AuthServer::getExpiresIn();
|
||||
|
||||
// Delete any existing sessions just to be sure
|
||||
$this->authServer->getStorage('session')->deleteSession($authParams['client_id'], 'client', $authParams['client_id']);
|
||||
AuthServer::getStorage('session')->deleteSession($authParams['client_id'], 'client', $authParams['client_id']);
|
||||
|
||||
// Create a new session
|
||||
$sessionId = $this->authServer->getStorage('session')->createSession(
|
||||
AuthServer::getStorage('session')->createSession(
|
||||
$authParams['client_id'],
|
||||
null,
|
||||
'client',
|
||||
@@ -147,12 +104,6 @@ class ClientCredentials implements GrantTypeInterface {
|
||||
'granted'
|
||||
);
|
||||
|
||||
// Associate scopes with the new session
|
||||
foreach ($authParams['scopes'] as $scope)
|
||||
{
|
||||
$this->authServer->getStorage('session')->associateScope($sessionId, $scope['id']);
|
||||
}
|
||||
|
||||
$response = array(
|
||||
'access_token' => $accessToken,
|
||||
'token_type' => 'bearer',
|
||||
@@ -160,7 +111,7 @@ class ClientCredentials implements GrantTypeInterface {
|
||||
'expires_in' => $accessTokenExpiresIn
|
||||
);
|
||||
|
||||
if ($this->authServer->hasGrantType('refresh_token')) {
|
||||
if (AuthServer::hasGrantType('refresh_token')) {
|
||||
$response['refresh_token'] = $refreshToken;
|
||||
}
|
||||
|
||||
|
||||
@@ -21,17 +21,10 @@ use OAuth2\Storage\ScopeInterface;
|
||||
|
||||
interface GrantTypeInterface
|
||||
{
|
||||
/**
|
||||
* Constructor
|
||||
* @param AuthServer $authServer AuthServer instance
|
||||
* @return void
|
||||
*/
|
||||
public function __construct(AuthServer $authServer);
|
||||
|
||||
/**
|
||||
* Returns the grant identifier (used to validate grant_type in OAuth2\AuthServer\issueAccessToken())
|
||||
* @return string
|
||||
*/
|
||||
/**
|
||||
* Returns the grant identifier (used to validate grant_type in OAuth2\AuthServer\issueAccessToken())
|
||||
* @return string
|
||||
*/
|
||||
public function getIdentifier();
|
||||
|
||||
/**
|
||||
|
||||
@@ -1,116 +0,0 @@
|
||||
<?php
|
||||
/**
|
||||
* OAuth 2.0 implicit grant
|
||||
*
|
||||
* @package lncd/oauth2
|
||||
* @author Alex Bilbie <hello@alexbilbie.com>
|
||||
* @copyright Copyright (c) 2013 University of Lincoln
|
||||
* @license http://mit-license.org/
|
||||
* @link http://github.com/lncd/oauth2
|
||||
*/
|
||||
|
||||
namespace OAuth2\Grant;
|
||||
|
||||
use OAuth2\Request;
|
||||
use OAuth2\AuthServer;
|
||||
use OAuth2\Exception;
|
||||
use OAuth2\Util\SecureKey;
|
||||
use OAuth2\Storage\SessionInterface;
|
||||
use OAuth2\Storage\ClientInterface;
|
||||
use OAuth2\Storage\ScopeInterface;
|
||||
|
||||
/**
|
||||
* Client credentials grant class
|
||||
*/
|
||||
class Implict implements GrantTypeInterface {
|
||||
|
||||
/**
|
||||
* Grant identifier
|
||||
* @var string
|
||||
*/
|
||||
protected $identifier = 'implicit';
|
||||
|
||||
/**
|
||||
* Response type
|
||||
* @var string
|
||||
*/
|
||||
protected $responseType = 'token';
|
||||
|
||||
/**
|
||||
* AuthServer instance
|
||||
* @var AuthServer
|
||||
*/
|
||||
protected $authServer = null;
|
||||
|
||||
/**
|
||||
* Constructor
|
||||
* @param AuthServer $authServer AuthServer instance
|
||||
* @return void
|
||||
*/
|
||||
public function __construct(AuthServer $authServer)
|
||||
{
|
||||
$this->authServer = $authServer;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the identifier
|
||||
* @return string
|
||||
*/
|
||||
public function getIdentifier()
|
||||
{
|
||||
return $this->identifier;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the response type
|
||||
* @return string
|
||||
*/
|
||||
public function getResponseType()
|
||||
{
|
||||
return $this->responseType;
|
||||
}
|
||||
|
||||
/**
|
||||
* Complete the client credentials grant
|
||||
* @param null|array $inputParams
|
||||
* @return array
|
||||
*/
|
||||
public function completeFlow($authParams = null)
|
||||
{
|
||||
// Remove any old sessions the user might have
|
||||
$this->authServer->getStorage('session')->deleteSession($authParams['client_id'], 'user', $authParams['user_id']);
|
||||
|
||||
// Generate a new access token
|
||||
$accessToken = SecureKey::make();
|
||||
|
||||
// Compute expiry time
|
||||
$accessTokenExpires = time() + $this->authServer->getExpiresIn();
|
||||
|
||||
// Create a new session
|
||||
$sessionId = $this->authServer->getStorage('session')->createSession(
|
||||
$authParams['client_id'],
|
||||
$authParams['redirect_uri'],
|
||||
'user',
|
||||
$authParams['user_id'],
|
||||
null,
|
||||
$accessToken,
|
||||
null,
|
||||
$accessTokenExpires,
|
||||
'granted'
|
||||
);
|
||||
|
||||
// Associate scopes with the new session
|
||||
foreach ($authParams['scopes'] as $scope)
|
||||
{
|
||||
$this->authServer->getStorage('session')->associateScope($sessionId, $scope['id']);
|
||||
}
|
||||
|
||||
$response = array(
|
||||
'access_token' => $accessToken
|
||||
);
|
||||
|
||||
return $response;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
@@ -42,22 +42,6 @@ class Password implements GrantTypeInterface {
|
||||
*/
|
||||
protected $callback = null;
|
||||
|
||||
/**
|
||||
* AuthServer instance
|
||||
* @var AuthServer
|
||||
*/
|
||||
protected $authServer = null;
|
||||
|
||||
/**
|
||||
* Constructor
|
||||
* @param AuthServer $authServer AuthServer instance
|
||||
* @return void
|
||||
*/
|
||||
public function __construct(AuthServer $authServer)
|
||||
{
|
||||
$this->authServer = $authServer;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the identifier
|
||||
* @return string
|
||||
@@ -106,79 +90,52 @@ class Password implements GrantTypeInterface {
|
||||
public function completeFlow($inputParams = null)
|
||||
{
|
||||
// Get the required params
|
||||
$authParams = $this->authServer->getParam(array('client_id', 'client_secret', 'username', 'password'), 'post', $inputParams);
|
||||
$authParams = AuthServer::getParam(array('client_id', 'client_secret', 'username', 'password'), 'post', $inputParams);
|
||||
|
||||
if (is_null($authParams['client_id'])) {
|
||||
throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'client_id'), 0);
|
||||
throw new Exception\ClientException(sprintf(AuthServer::getExceptionMessage('invalid_request'), 'client_id'), 0);
|
||||
}
|
||||
|
||||
if (is_null($authParams['client_secret'])) {
|
||||
throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'client_secret'), 0);
|
||||
throw new Exception\ClientException(sprintf(AuthServer::getExceptionMessage('invalid_request'), 'client_secret'), 0);
|
||||
}
|
||||
|
||||
// Validate client ID and redirect URI
|
||||
$clientDetails = $this->authServer->getStorage('client')->getClient($authParams['client_id'], $authParams['client_secret']);
|
||||
$clientDetails = AuthServer::getStorage('client')->getClient($authParams['client_id'], $authParams['client_secret']);
|
||||
|
||||
if ($clientDetails === false) {
|
||||
throw new Exception\ClientException($this->authServer->getExceptionMessage('invalid_client'), 8);
|
||||
throw new Exception\ClientException(AuthServer::getExceptionMessage('invalid_client'), 8);
|
||||
}
|
||||
|
||||
$authParams['client_details'] = $clientDetails;
|
||||
|
||||
if (is_null($authParams['username'])) {
|
||||
throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'username'), 0);
|
||||
throw new Exception\ClientException(sprintf(AuthServer::getExceptionMessage('invalid_request'), 'username'), 0);
|
||||
}
|
||||
|
||||
if (is_null($authParams['password'])) {
|
||||
throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'password'), 0);
|
||||
throw new Exception\ClientException(sprintf(AuthServer::getExceptionMessage('invalid_request'), 'password'), 0);
|
||||
}
|
||||
|
||||
// Check if user's username and password are correct
|
||||
$userId = call_user_func($this->getVerifyCredentialsCallback(), $authParams['username'], $authParams['password']);
|
||||
|
||||
if ($userId === false) {
|
||||
throw new Exception\ClientException($this->authServer->getExceptionMessage('invalid_credentials'), 0);
|
||||
}
|
||||
|
||||
// Validate any scopes that are in the request
|
||||
$scope = $this->authServer->getParam('scope', 'post', $inputParams, '');
|
||||
$scopes = explode($this->authServer->getScopeDelimeter(), $scope);
|
||||
|
||||
for ($i = 0; $i < count($scopes); $i++) {
|
||||
$scopes[$i] = trim($scopes[$i]);
|
||||
if ($scopes[$i] === '') unset($scopes[$i]); // Remove any junk scopes
|
||||
}
|
||||
|
||||
if ($this->authServer->scopeParamRequired() === true && count($scopes) === 0) {
|
||||
throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'scope'), 0);
|
||||
} elseif (count($scopes) === 0 && $this->authServer->getDefaultScope()) {
|
||||
$scopes = array($this->authServer->getDefaultScope());
|
||||
}
|
||||
|
||||
$authParams['scopes'] = array();
|
||||
|
||||
foreach ($scopes as $scope) {
|
||||
$scopeDetails = $this->authServer->getStorage('scope')->getScope($scope);
|
||||
|
||||
if ($scopeDetails === false) {
|
||||
throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_scope'), $scope), 4);
|
||||
}
|
||||
|
||||
$authParams['scopes'][] = $scopeDetails;
|
||||
if ($userId === false || $userId === null) {
|
||||
throw new Exception\ClientException(AuthServer::getExceptionMessage('invalid_credentials'), 0);
|
||||
}
|
||||
|
||||
// Generate an access token
|
||||
$accessToken = SecureKey::make();
|
||||
$refreshToken = ($this->authServer->hasGrantType('refresh_token')) ? SecureKey::make() : null;
|
||||
$refreshToken = (AuthServer::hasGrantType('refresh_token')) ? SecureKey::make() : null;
|
||||
|
||||
$accessTokenExpires = time() + $this->authServer->getExpiresIn();
|
||||
$accessTokenExpiresIn = $this->authServer->getExpiresIn();
|
||||
$accessTokenExpires = time() + AuthServer::getExpiresIn();
|
||||
$accessTokenExpiresIn = AuthServer::getExpiresIn();
|
||||
|
||||
// Delete any existing sessions just to be sure
|
||||
$this->authServer->getStorage('session')->deleteSession($authParams['client_id'], 'user', $userId);
|
||||
AuthServer::getStorage('session')->deleteSession($authParams['client_id'], 'user', $userId);
|
||||
|
||||
// Create a new session
|
||||
$sessionId = $this->authServer->getStorage('session')->createSession(
|
||||
AuthServer::getStorage('session')->createSession(
|
||||
$authParams['client_id'],
|
||||
null,
|
||||
'user',
|
||||
@@ -190,12 +147,6 @@ class Password implements GrantTypeInterface {
|
||||
'granted'
|
||||
);
|
||||
|
||||
// Associate scopes with the new session
|
||||
foreach ($authParams['scopes'] as $scope)
|
||||
{
|
||||
$this->authServer->getStorage('session')->associateScope($sessionId, $scope['id']);
|
||||
}
|
||||
|
||||
$response = array(
|
||||
'access_token' => $accessToken,
|
||||
'token_type' => 'bearer',
|
||||
@@ -203,7 +154,7 @@ class Password implements GrantTypeInterface {
|
||||
'expires_in' => $accessTokenExpiresIn
|
||||
);
|
||||
|
||||
if ($this->authServer->hasGrantType('refresh_token')) {
|
||||
if (AuthServer::hasGrantType('refresh_token')) {
|
||||
$response['refresh_token'] = $refreshToken;
|
||||
}
|
||||
|
||||
|
||||
@@ -36,22 +36,6 @@ class RefreshToken implements GrantTypeInterface {
|
||||
*/
|
||||
protected $responseType = null;
|
||||
|
||||
/**
|
||||
* AuthServer instance
|
||||
* @var AuthServer
|
||||
*/
|
||||
protected $authServer = null;
|
||||
|
||||
/**
|
||||
* Constructor
|
||||
* @param AuthServer $authServer AuthServer instance
|
||||
* @return void
|
||||
*/
|
||||
public function __construct(AuthServer $authServer)
|
||||
{
|
||||
$this->authServer = $authServer;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the identifier
|
||||
* @return string
|
||||
@@ -78,47 +62,47 @@ class RefreshToken implements GrantTypeInterface {
|
||||
public function completeFlow($inputParams = null)
|
||||
{
|
||||
// Get the required params
|
||||
$authParams = $this->authServer->getParam(array('client_id', 'client_secret', 'refresh_token'), 'post', $inputParams);
|
||||
$authParams = AuthServer::getParam(array('client_id', 'client_secret', 'refresh_token'), 'post', $inputParams);
|
||||
|
||||
if (is_null($authParams['client_id'])) {
|
||||
throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'client_id'), 0);
|
||||
throw new Exception\ClientException(sprintf(AuthServer::getExceptionMessage('invalid_request'), 'client_id'), 0);
|
||||
}
|
||||
|
||||
if (is_null($authParams['client_secret'])) {
|
||||
throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'client_secret'), 0);
|
||||
throw new Exception\ClientException(sprintf(AuthServer::getExceptionMessage('invalid_request'), 'client_secret'), 0);
|
||||
}
|
||||
|
||||
// Validate client ID and client secret
|
||||
$clientDetails = $this->authServer->getStorage('client')->getClient($authParams['client_id'], $authParams['client_secret']);
|
||||
$clientDetails = AuthServer::getStorage('client')->getClient($authParams['client_id'], $authParams['client_secret']);
|
||||
|
||||
if ($clientDetails === false) {
|
||||
throw new Exception\ClientException($this->authServer->getExceptionMessage('invalid_client'), 8);
|
||||
throw new Exception\ClientException(AuthServer::getExceptionMessage('invalid_client'), 8);
|
||||
}
|
||||
|
||||
$authParams['client_details'] = $clientDetails;
|
||||
|
||||
if (is_null($authParams['refresh_token'])) {
|
||||
throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'refresh_token'), 0);
|
||||
throw new Exception\ClientException(sprintf(AuthServer::getExceptionMessage('invalid_request'), 'refresh_token'), 0);
|
||||
}
|
||||
|
||||
// Validate refresh token
|
||||
$sessionId = $this->authServer->getStorage('client')->validateRefreshToken(
|
||||
$sessionId = AuthServer::getStorage('client')->validateRefreshToken(
|
||||
$authParams['refresh_token'],
|
||||
$authParams['client_id']
|
||||
);
|
||||
|
||||
if ($sessionId === false) {
|
||||
throw new Exception\ClientException($this->authServer->getExceptionMessage('invalid_refresh'), 0);
|
||||
throw new Exception\ClientException(AuthServer::getExceptionMessage('invalid_refresh'), 0);
|
||||
}
|
||||
|
||||
// Generate new tokens
|
||||
$accessToken = SecureKey::make();
|
||||
$refreshToken = ($this->authServer->hasGrantType('refresh_token')) ? SecureKey::make() : null;
|
||||
$refreshToken = (AuthServer::hasGrantType('refresh_token')) ? SecureKey::make() : null;
|
||||
|
||||
$accessTokenExpires = time() + $this->authServer->getExpiresIn();
|
||||
$accessTokenExpiresIn = $this->authServer->getExpiresIn();
|
||||
$accessTokenExpires = time() + AuthServer::getExpiresIn();
|
||||
$accessTokenExpiresIn = AuthServer::getExpiresIn();
|
||||
|
||||
$this->authServer->getStorage('session')->updateRefreshToken($sessionId, $accessToken, $refreshToken, $accessTokenExpires);
|
||||
AuthServer::getStorage('session')->updateRefreshToken($sessionId, $accessToken, $refreshToken, $accessTokenExpires);
|
||||
|
||||
return array(
|
||||
'access_token' => $accessToken,
|
||||
|
||||
@@ -13,6 +13,7 @@ namespace OAuth2;
|
||||
|
||||
use OutOfBoundsException;
|
||||
use OAuth2\Storage\SessionInterface;
|
||||
use OAuth2\Storage\SessionScopeInterface;
|
||||
use OAuth2\Util\RequestInterface;
|
||||
use OAuth2\Util\Request;
|
||||
|
||||
@@ -215,7 +216,7 @@ class ResourceServer
|
||||
protected function determineAccessToken()
|
||||
{
|
||||
if ($header = $this->getRequest()->header('Authorization')) {
|
||||
$access_token = trim(str_replace('Bearer', '', $header));
|
||||
$access_token = base64_decode(trim(str_replace('Bearer', '', $header)));
|
||||
} else {
|
||||
$method = $this->getRequest()->server('REQUEST_METHOD');
|
||||
$access_token = $this->getRequest()->{$method}($this->tokenKey);
|
||||
|
||||
@@ -108,7 +108,7 @@ interface SessionInterface
|
||||
* @param string $clientId The client ID
|
||||
* @param string $redirectUri The redirect URI
|
||||
* @param string $authCode The authorisation code
|
||||
* @return array|bool Returns an array with the session ID in the 'id' key if the auth code
|
||||
* @return int|bool Returns the session ID if the auth code
|
||||
* is valid otherwise returns false
|
||||
*/
|
||||
public function validateAuthCode(
|
||||
@@ -137,8 +137,8 @@ interface SessionInterface
|
||||
* )
|
||||
* </code>
|
||||
*
|
||||
* @param string $accessToken The access token
|
||||
* @return bool|array Returns false if the validation fails, array on success
|
||||
* @param [type] $accessToken [description]
|
||||
* @return [type] [description]
|
||||
*/
|
||||
public function validateAccessToken($accessToken);
|
||||
|
||||
@@ -161,7 +161,7 @@ interface SessionInterface
|
||||
* Validate a refresh token
|
||||
* @param string $refreshToken The refresh token
|
||||
* @param string $clientId The client ID
|
||||
* @return bool|int The session ID, or false on failure
|
||||
* @return int The session ID
|
||||
*/
|
||||
public function validateRefreshToken($refreshToken, $clientId);
|
||||
|
||||
|
||||
@@ -52,8 +52,7 @@ class Authorization_Server_test extends PHPUnit_Framework_TestCase
|
||||
|
||||
public function test_hasGrantType()
|
||||
{
|
||||
$a = $this->returnDefault();
|
||||
$this->assertFalse($a->hasGrantType('test'));
|
||||
$this->assertFalse(OAuth2\AuthServer::hasGrantType('test'));
|
||||
}
|
||||
|
||||
public function test_addGrantType()
|
||||
@@ -63,7 +62,7 @@ class Authorization_Server_test extends PHPUnit_Framework_TestCase
|
||||
$grant->shouldReceive('getResponseType')->andReturn('test');
|
||||
$a->addGrantType($grant, 'test');
|
||||
|
||||
$this->assertTrue($a->hasGrantType('test'));
|
||||
$this->assertTrue(OAuth2\AuthServer::hasGrantType('test'));
|
||||
}
|
||||
|
||||
public function test_addGrantType_noIdentifier()
|
||||
@@ -74,7 +73,7 @@ class Authorization_Server_test extends PHPUnit_Framework_TestCase
|
||||
$grant->shouldReceive('getResponseType')->andReturn('test');
|
||||
$a->addGrantType($grant);
|
||||
|
||||
$this->assertTrue($a->hasGrantType('test'));
|
||||
$this->assertTrue(OAuth2\AuthServer::hasGrantType('test'));
|
||||
}
|
||||
|
||||
public function test_getScopeDelimeter()
|
||||
@@ -103,34 +102,6 @@ class Authorization_Server_test extends PHPUnit_Framework_TestCase
|
||||
$this->assertFalse($v);
|
||||
}
|
||||
|
||||
public function test_scopeParamRequired()
|
||||
{
|
||||
$a = $this->returnDefault();
|
||||
$a->requireScopeParam(false);
|
||||
|
||||
$this->assertFalse($a->scopeParamRequired());
|
||||
}
|
||||
|
||||
public function test_setDefaultScope()
|
||||
{
|
||||
$a = $this->returnDefault();
|
||||
$a->setDefaultScope('test.default');
|
||||
|
||||
$reflector = new ReflectionClass($a);
|
||||
$requestProperty = $reflector->getProperty('defaultScope');
|
||||
$requestProperty->setAccessible(true);
|
||||
$v = $requestProperty->getValue($a);
|
||||
|
||||
$this->assertEquals('test.default', $v);
|
||||
}
|
||||
|
||||
public function test_getDefaultScope()
|
||||
{
|
||||
$a = $this->returnDefault();
|
||||
$a->setDefaultScope('test.default');
|
||||
$this->assertEquals('test.default', $a->getDefaultScope());
|
||||
}
|
||||
|
||||
public function test_requireStateParam()
|
||||
{
|
||||
$a = $this->returnDefault();
|
||||
@@ -148,7 +119,7 @@ class Authorization_Server_test extends PHPUnit_Framework_TestCase
|
||||
{
|
||||
$a = $this->returnDefault();
|
||||
$a->setExpiresIn(7200);
|
||||
$this->assertEquals(7200, $a->getExpiresIn());
|
||||
$this->assertEquals(7200, $a::getExpiresIn());
|
||||
}
|
||||
|
||||
public function test_setExpiresIn()
|
||||
@@ -167,7 +138,7 @@ class Authorization_Server_test extends PHPUnit_Framework_TestCase
|
||||
$reflector = new ReflectionClass($a);
|
||||
$requestProperty = $reflector->getProperty('request');
|
||||
$requestProperty->setAccessible(true);
|
||||
$v = $requestProperty->getValue($a);
|
||||
$v = $requestProperty->getValue();
|
||||
|
||||
$this->assertTrue($v instanceof OAuth2\Util\RequestInterface);
|
||||
}
|
||||
@@ -177,7 +148,7 @@ class Authorization_Server_test extends PHPUnit_Framework_TestCase
|
||||
$a = $this->returnDefault();
|
||||
$request = new OAuth2\Util\Request();
|
||||
$a->setRequest($request);
|
||||
$v = $a->getRequest();
|
||||
$v = $a::getRequest();
|
||||
|
||||
$this->assertTrue($v instanceof OAuth2\Util\RequestInterface);
|
||||
}
|
||||
@@ -210,20 +181,6 @@ class Authorization_Server_test extends PHPUnit_Framework_TestCase
|
||||
));
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException OAuth2\Exception\ClientException
|
||||
* @expectedExceptionCode 0
|
||||
*/
|
||||
public function test_checkAuthoriseParams_noRequiredState()
|
||||
{
|
||||
$a = $this->returnDefault();
|
||||
$a->requireStateParam(true);
|
||||
$a->checkAuthoriseParams(array(
|
||||
'client_id' => 1234,
|
||||
'redirect_uri' => 'http://foo/redirect'
|
||||
));
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException OAuth2\Exception\ClientException
|
||||
* @expectedExceptionCode 8
|
||||
@@ -294,7 +251,7 @@ class Authorization_Server_test extends PHPUnit_Framework_TestCase
|
||||
));
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode($a));
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode());
|
||||
|
||||
$a->checkAuthoriseParams(array(
|
||||
'client_id' => 1234,
|
||||
@@ -304,37 +261,6 @@ class Authorization_Server_test extends PHPUnit_Framework_TestCase
|
||||
));
|
||||
}
|
||||
|
||||
public function test_checkAuthoriseParams_defaultScope()
|
||||
{
|
||||
$this->client->shouldReceive('getClient')->andReturn(array(
|
||||
'client_id' => 1234,
|
||||
'client_secret' => 5678,
|
||||
'redirect_uri' => 'http://foo/redirect',
|
||||
'name' => 'Example Client'
|
||||
));
|
||||
|
||||
$this->scope->shouldReceive('getScope')->andReturn(array(
|
||||
'id' => 1,
|
||||
'scope' => 'foo',
|
||||
'name' => 'Foo Name',
|
||||
'description' => 'Foo Name Description'
|
||||
));
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode($a));
|
||||
$a->setDefaultScope('test.scope');
|
||||
$a->requireScopeParam(false);
|
||||
|
||||
$params = $a->checkAuthoriseParams(array(
|
||||
'client_id' => 1234,
|
||||
'redirect_uri' => 'http://foo/redirect',
|
||||
'response_type' => 'code',
|
||||
'scope' => ''
|
||||
));
|
||||
|
||||
$this->assertArrayHasKey('scopes', $params);
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException OAuth2\Exception\ClientException
|
||||
* @expectedExceptionCode 4
|
||||
@@ -351,7 +277,7 @@ class Authorization_Server_test extends PHPUnit_Framework_TestCase
|
||||
$this->scope->shouldReceive('getScope')->andReturn(false);
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode($a));
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode());
|
||||
|
||||
$a->checkAuthoriseParams(array(
|
||||
'client_id' => 1234,
|
||||
@@ -364,7 +290,7 @@ class Authorization_Server_test extends PHPUnit_Framework_TestCase
|
||||
public function test_checkAuthoriseParams_passedInput()
|
||||
{
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode($a));
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode());
|
||||
|
||||
$this->client->shouldReceive('getClient')->andReturn(array(
|
||||
'client_id' => 1234,
|
||||
@@ -428,7 +354,7 @@ class Authorization_Server_test extends PHPUnit_Framework_TestCase
|
||||
));
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode($a));
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode());
|
||||
|
||||
$_GET['client_id'] = 1234;
|
||||
$_GET['redirect_uri'] = 'http://foo/redirect';
|
||||
@@ -500,7 +426,7 @@ class Authorization_Server_test extends PHPUnit_Framework_TestCase
|
||||
public function test_getGrantType()
|
||||
{
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode($a));
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode());
|
||||
|
||||
$reflector = new ReflectionClass($a);
|
||||
$method = $reflector->getMethod('getGrantType');
|
||||
@@ -518,7 +444,7 @@ class Authorization_Server_test extends PHPUnit_Framework_TestCase
|
||||
public function test_issueAccessToken_missingGrantType()
|
||||
{
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode($a));
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode());
|
||||
|
||||
$v = $a->issueAccessToken();
|
||||
}
|
||||
@@ -530,7 +456,7 @@ class Authorization_Server_test extends PHPUnit_Framework_TestCase
|
||||
public function test_issueAccessToken_badGrantType()
|
||||
{
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode($a));
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode());
|
||||
|
||||
$v = $a->issueAccessToken(array('grant_type' => 'foo'));
|
||||
}
|
||||
@@ -542,7 +468,7 @@ class Authorization_Server_test extends PHPUnit_Framework_TestCase
|
||||
public function test_issueAccessToken_missingClientId()
|
||||
{
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode($a));
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode());
|
||||
|
||||
$v = $a->issueAccessToken(array(
|
||||
'grant_type' => 'authorization_code'
|
||||
@@ -556,7 +482,7 @@ class Authorization_Server_test extends PHPUnit_Framework_TestCase
|
||||
public function test_issueAccessToken_missingClientSecret()
|
||||
{
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode($a));
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode());
|
||||
|
||||
$v = $a->issueAccessToken(array(
|
||||
'grant_type' => 'authorization_code',
|
||||
@@ -571,7 +497,7 @@ class Authorization_Server_test extends PHPUnit_Framework_TestCase
|
||||
public function test_issueAccessToken_missingRedirectUri()
|
||||
{
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode($a));
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode());
|
||||
|
||||
$v = $a->issueAccessToken(array(
|
||||
'grant_type' => 'authorization_code',
|
||||
@@ -589,7 +515,7 @@ class Authorization_Server_test extends PHPUnit_Framework_TestCase
|
||||
$this->client->shouldReceive('getClient')->andReturn(false);
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode($a));
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode());
|
||||
|
||||
$v = $a->issueAccessToken(array(
|
||||
'grant_type' => 'authorization_code',
|
||||
@@ -608,7 +534,7 @@ class Authorization_Server_test extends PHPUnit_Framework_TestCase
|
||||
$this->client->shouldReceive('getClient')->andReturn(array());
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode($a));
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode());
|
||||
|
||||
$v = $a->issueAccessToken(array(
|
||||
'grant_type' => 'authorization_code',
|
||||
@@ -628,7 +554,7 @@ class Authorization_Server_test extends PHPUnit_Framework_TestCase
|
||||
$this->session->shouldReceive('validateAuthCode')->andReturn(false);
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode($a));
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode());
|
||||
|
||||
$v = $a->issueAccessToken(array(
|
||||
'grant_type' => 'authorization_code',
|
||||
@@ -652,7 +578,7 @@ class Authorization_Server_test extends PHPUnit_Framework_TestCase
|
||||
$this->session->shouldReceive('updateSession')->andReturn(null);
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode($a));
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode());
|
||||
|
||||
$v = $a->issueAccessToken(array(
|
||||
'grant_type' => 'authorization_code',
|
||||
@@ -667,8 +593,8 @@ class Authorization_Server_test extends PHPUnit_Framework_TestCase
|
||||
$this->assertArrayHasKey('expires', $v);
|
||||
$this->assertArrayHasKey('expires_in', $v);
|
||||
|
||||
$this->assertEquals($a->getExpiresIn(), $v['expires_in']);
|
||||
$this->assertEquals(time()+$a->getExpiresIn(), $v['expires']);
|
||||
$this->assertEquals($a::getExpiresIn(), $v['expires_in']);
|
||||
$this->assertEquals(time()+$a::getExpiresIn(), $v['expires']);
|
||||
}
|
||||
|
||||
public function test_issueAccessToken()
|
||||
@@ -684,7 +610,7 @@ class Authorization_Server_test extends PHPUnit_Framework_TestCase
|
||||
$this->session->shouldReceive('updateSession')->andReturn(null);
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode($a));
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode());
|
||||
|
||||
$_POST['grant_type'] = 'authorization_code';
|
||||
$_POST['client_id'] = 1234;
|
||||
@@ -702,43 +628,8 @@ class Authorization_Server_test extends PHPUnit_Framework_TestCase
|
||||
$this->assertArrayHasKey('expires', $v);
|
||||
$this->assertArrayHasKey('expires_in', $v);
|
||||
|
||||
$this->assertEquals($a->getExpiresIn(), $v['expires_in']);
|
||||
$this->assertEquals(time()+$a->getExpiresIn(), $v['expires']);
|
||||
}
|
||||
|
||||
public function test_issueAccessToken_HTTP_auth()
|
||||
{
|
||||
$this->client->shouldReceive('getClient')->andReturn(array(
|
||||
'client_id' => 1234,
|
||||
'client_secret' => 5678,
|
||||
'redirect_uri' => 'http://foo/redirect',
|
||||
'name' => 'Example Client'
|
||||
));
|
||||
|
||||
$this->session->shouldReceive('validateAuthCode')->andReturn(1);
|
||||
$this->session->shouldReceive('updateSession')->andReturn(null);
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode($a));
|
||||
|
||||
$_POST['grant_type'] = 'authorization_code';
|
||||
$_SERVER['PHP_AUTH_USER'] = 1234;
|
||||
$_SERVER['PHP_AUTH_PW'] = 5678;
|
||||
$_POST['redirect_uri'] = 'http://foo/redirect';
|
||||
$_POST['code'] = 'foobar';
|
||||
|
||||
$request = new OAuth2\Util\Request(array(), $_POST, array(), array(), $_SERVER);
|
||||
$a->setRequest($request);
|
||||
|
||||
$v = $a->issueAccessToken();
|
||||
|
||||
$this->assertArrayHasKey('access_token', $v);
|
||||
$this->assertArrayHasKey('token_type', $v);
|
||||
$this->assertArrayHasKey('expires', $v);
|
||||
$this->assertArrayHasKey('expires_in', $v);
|
||||
|
||||
$this->assertEquals($a->getExpiresIn(), $v['expires_in']);
|
||||
$this->assertEquals(time()+$a->getExpiresIn(), $v['expires']);
|
||||
$this->assertEquals($a::getExpiresIn(), $v['expires_in']);
|
||||
$this->assertEquals(time()+$a::getExpiresIn(), $v['expires']);
|
||||
}
|
||||
|
||||
public function tearDown() {
|
||||
|
||||
@@ -27,7 +27,7 @@ class Client_Credentials_Grant_Test extends PHPUnit_Framework_TestCase
|
||||
public function test_issueAccessToken_clientCredentialsGrant_missingClientId()
|
||||
{
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\ClientCredentials($a));
|
||||
$a->addGrantType(new OAuth2\Grant\ClientCredentials());
|
||||
|
||||
$request = new OAuth2\Util\Request(array(), $_POST);
|
||||
$a->setRequest($request);
|
||||
@@ -44,7 +44,7 @@ class Client_Credentials_Grant_Test extends PHPUnit_Framework_TestCase
|
||||
public function test_issueAccessToken_clientCredentialsGrant_missingClientPassword()
|
||||
{
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\ClientCredentials($a));
|
||||
$a->addGrantType(new OAuth2\Grant\ClientCredentials());
|
||||
|
||||
$request = new OAuth2\Util\Request(array(), $_POST);
|
||||
$a->setRequest($request);
|
||||
@@ -64,7 +64,7 @@ class Client_Credentials_Grant_Test extends PHPUnit_Framework_TestCase
|
||||
$this->client->shouldReceive('getClient')->andReturn(false);
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\ClientCredentials($a));
|
||||
$a->addGrantType(new OAuth2\Grant\ClientCredentials());
|
||||
|
||||
$request = new OAuth2\Util\Request(array(), $_POST);
|
||||
$a->setRequest($request);
|
||||
@@ -93,7 +93,7 @@ class Client_Credentials_Grant_Test extends PHPUnit_Framework_TestCase
|
||||
$this->session->shouldReceive('updateRefreshToken')->andReturn(null);
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\ClientCredentials($a));
|
||||
$a->addGrantType(new OAuth2\Grant\ClientCredentials());
|
||||
|
||||
$v = $a->issueAccessToken(array(
|
||||
'grant_type' => 'client_credentials',
|
||||
@@ -106,8 +106,8 @@ class Client_Credentials_Grant_Test extends PHPUnit_Framework_TestCase
|
||||
$this->assertArrayHasKey('expires', $v);
|
||||
$this->assertArrayHasKey('expires_in', $v);
|
||||
|
||||
$this->assertEquals($a->getExpiresIn(), $v['expires_in']);
|
||||
$this->assertEquals(time()+$a->getExpiresIn(), $v['expires']);
|
||||
$this->assertEquals($a::getExpiresIn(), $v['expires_in']);
|
||||
$this->assertEquals(time()+$a::getExpiresIn(), $v['expires']);
|
||||
}
|
||||
|
||||
function test_issueAccessToken_clientCredentialsGrant()
|
||||
@@ -127,7 +127,7 @@ class Client_Credentials_Grant_Test extends PHPUnit_Framework_TestCase
|
||||
$this->session->shouldReceive('updateRefreshToken')->andReturn(null);
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\ClientCredentials($a));
|
||||
$a->addGrantType(new OAuth2\Grant\ClientCredentials());
|
||||
|
||||
$_POST['grant_type'] = 'client_credentials';
|
||||
$_POST['client_id'] = 1234;
|
||||
@@ -143,8 +143,8 @@ class Client_Credentials_Grant_Test extends PHPUnit_Framework_TestCase
|
||||
$this->assertArrayHasKey('expires', $v);
|
||||
$this->assertArrayHasKey('expires_in', $v);
|
||||
|
||||
$this->assertEquals($a->getExpiresIn(), $v['expires_in']);
|
||||
$this->assertEquals(time()+$a->getExpiresIn(), $v['expires']);
|
||||
$this->assertEquals($a::getExpiresIn(), $v['expires_in']);
|
||||
$this->assertEquals(time()+$a::getExpiresIn(), $v['expires']);
|
||||
}
|
||||
|
||||
function test_issueAccessToken_clientCredentialsGrant_withRefreshToken()
|
||||
@@ -164,8 +164,8 @@ class Client_Credentials_Grant_Test extends PHPUnit_Framework_TestCase
|
||||
$this->session->shouldReceive('updateRefreshToken')->andReturn(null);
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\ClientCredentials($a));
|
||||
$a->addGrantType(new OAuth2\Grant\RefreshToken($a));
|
||||
$a->addGrantType(new OAuth2\Grant\ClientCredentials());
|
||||
$a->addGrantType(new OAuth2\Grant\RefreshToken());
|
||||
|
||||
$_POST['grant_type'] = 'client_credentials';
|
||||
$_POST['client_id'] = 1234;
|
||||
@@ -182,8 +182,8 @@ class Client_Credentials_Grant_Test extends PHPUnit_Framework_TestCase
|
||||
$this->assertArrayHasKey('expires_in', $v);
|
||||
$this->assertArrayHasKey('refresh_token', $v);
|
||||
|
||||
$this->assertEquals($a->getExpiresIn(), $v['expires_in']);
|
||||
$this->assertEquals(time()+$a->getExpiresIn(), $v['expires']);
|
||||
$this->assertEquals($a::getExpiresIn(), $v['expires_in']);
|
||||
$this->assertEquals(time()+$a::getExpiresIn(), $v['expires']);
|
||||
}
|
||||
|
||||
}
|
||||
@@ -27,7 +27,7 @@ class Password_Grant_Test extends PHPUnit_Framework_TestCase
|
||||
public function test_issueAccessToken_passwordGrant_missingClientId()
|
||||
{
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\Password($a));
|
||||
$a->addGrantType(new OAuth2\Grant\Password());
|
||||
|
||||
$request = new OAuth2\Util\Request(array(), $_POST);
|
||||
$a->setRequest($request);
|
||||
@@ -44,7 +44,7 @@ class Password_Grant_Test extends PHPUnit_Framework_TestCase
|
||||
public function test_issueAccessToken_passwordGrant_missingClientPassword()
|
||||
{
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\Password($a));
|
||||
$a->addGrantType(new OAuth2\Grant\Password());
|
||||
|
||||
$request = new OAuth2\Util\Request(array(), $_POST);
|
||||
$a->setRequest($request);
|
||||
@@ -64,7 +64,7 @@ class Password_Grant_Test extends PHPUnit_Framework_TestCase
|
||||
$this->client->shouldReceive('getClient')->andReturn(false);
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\Password($a));
|
||||
$a->addGrantType(new OAuth2\Grant\Password());
|
||||
|
||||
$request = new OAuth2\Util\Request(array(), $_POST);
|
||||
$a->setRequest($request);
|
||||
@@ -98,7 +98,7 @@ class Password_Grant_Test extends PHPUnit_Framework_TestCase
|
||||
$testCredentials = null;
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$pgrant = new OAuth2\Grant\Password($a);
|
||||
$pgrant = new OAuth2\Grant\Password();
|
||||
$pgrant->setVerifyCredentialsCallback($testCredentials);
|
||||
$a->addGrantType($pgrant);
|
||||
|
||||
@@ -134,7 +134,7 @@ class Password_Grant_Test extends PHPUnit_Framework_TestCase
|
||||
$testCredentials = function($u, $p) { return false; };
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$pgrant = new OAuth2\Grant\Password($a);
|
||||
$pgrant = new OAuth2\Grant\Password();
|
||||
$pgrant->setVerifyCredentialsCallback($testCredentials);
|
||||
$a->addGrantType($pgrant);
|
||||
|
||||
@@ -168,7 +168,7 @@ class Password_Grant_Test extends PHPUnit_Framework_TestCase
|
||||
$testCredentials = function($u, $p) { return false; };
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$pgrant = new OAuth2\Grant\Password($a);
|
||||
$pgrant = new OAuth2\Grant\Password();
|
||||
$pgrant->setVerifyCredentialsCallback($testCredentials);
|
||||
$a->addGrantType($pgrant);
|
||||
|
||||
@@ -203,7 +203,7 @@ class Password_Grant_Test extends PHPUnit_Framework_TestCase
|
||||
$testCredentials = function($u, $p) { return false; };
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$pgrant = new OAuth2\Grant\Password($a);
|
||||
$pgrant = new OAuth2\Grant\Password();
|
||||
$pgrant->setVerifyCredentialsCallback($testCredentials);
|
||||
$a->addGrantType($pgrant);
|
||||
|
||||
@@ -216,162 +216,6 @@ class Password_Grant_Test extends PHPUnit_Framework_TestCase
|
||||
));
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException OAuth2\Exception\ClientException
|
||||
* @expectedExceptionCode 4
|
||||
*/
|
||||
public function test_issueAccessToken_passwordGrant_badScopes()
|
||||
{
|
||||
$this->scope->shouldReceive('getScope')->andReturn(false);
|
||||
|
||||
$this->client->shouldReceive('getClient')->andReturn(array(
|
||||
'client_id' => 1234,
|
||||
'client_secret' => 5678,
|
||||
'redirect_uri' => 'http://foo/redirect',
|
||||
'name' => 'Example Client'
|
||||
));
|
||||
|
||||
$this->client->shouldReceive('validateRefreshToken')->andReturn(1);
|
||||
$this->session->shouldReceive('validateAuthCode')->andReturn(1);
|
||||
$this->session->shouldReceive('createSession')->andReturn(1);
|
||||
$this->session->shouldReceive('deleteSession')->andReturn(null);
|
||||
$this->session->shouldReceive('updateRefreshToken')->andReturn(null);
|
||||
|
||||
$testCredentials = function($u, $p) { return 1; };
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$pgrant = new OAuth2\Grant\Password($a);
|
||||
$pgrant->setVerifyCredentialsCallback($testCredentials);
|
||||
$a->addGrantType($pgrant);
|
||||
|
||||
$v = $a->issueAccessToken(array(
|
||||
'grant_type' => 'password',
|
||||
'client_id' => 1234,
|
||||
'client_secret' => 5678,
|
||||
'username' => 'foo',
|
||||
'password' => 'bar',
|
||||
'scope' => 'blah'
|
||||
));
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException OAuth2\Exception\ClientException
|
||||
* @expectedExceptionCode 0
|
||||
*/
|
||||
public function test_issueAccessToken_passwordGrant_missingScopes()
|
||||
{
|
||||
$this->client->shouldReceive('getClient')->andReturn(array(
|
||||
'client_id' => 1234,
|
||||
'client_secret' => 5678,
|
||||
'redirect_uri' => 'http://foo/redirect',
|
||||
'name' => 'Example Client'
|
||||
));
|
||||
|
||||
$this->client->shouldReceive('validateRefreshToken')->andReturn(1);
|
||||
$this->session->shouldReceive('validateAuthCode')->andReturn(1);
|
||||
$this->session->shouldReceive('createSession')->andReturn(1);
|
||||
$this->session->shouldReceive('deleteSession')->andReturn(null);
|
||||
$this->session->shouldReceive('updateRefreshToken')->andReturn(null);
|
||||
|
||||
$testCredentials = function($u, $p) { return 1; };
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$pgrant = new OAuth2\Grant\Password($a);
|
||||
$pgrant->setVerifyCredentialsCallback($testCredentials);
|
||||
$a->addGrantType($pgrant);
|
||||
$a->requireScopeParam(true);
|
||||
|
||||
$v = $a->issueAccessToken(array(
|
||||
'grant_type' => 'password',
|
||||
'client_id' => 1234,
|
||||
'client_secret' => 5678,
|
||||
'username' => 'foo',
|
||||
'password' => 'bar'
|
||||
));
|
||||
}
|
||||
|
||||
public function test_issueAccessToken_passwordGrant_defaultScope()
|
||||
{
|
||||
$this->scope->shouldReceive('getScope')->andReturn(array(
|
||||
'id' => 1,
|
||||
'scope' => 'foo',
|
||||
'name' => 'Foo Name',
|
||||
'description' => 'Foo Name Description'
|
||||
));
|
||||
|
||||
$this->client->shouldReceive('getClient')->andReturn(array(
|
||||
'client_id' => 1234,
|
||||
'client_secret' => 5678,
|
||||
'redirect_uri' => 'http://foo/redirect',
|
||||
'name' => 'Example Client'
|
||||
));
|
||||
|
||||
$this->client->shouldReceive('validateRefreshToken')->andReturn(1);
|
||||
$this->session->shouldReceive('validateAuthCode')->andReturn(1);
|
||||
$this->session->shouldReceive('createSession')->andReturn(1);
|
||||
$this->session->shouldReceive('deleteSession')->andReturn(null);
|
||||
$this->session->shouldReceive('updateRefreshToken')->andReturn(null);
|
||||
$this->session->shouldReceive('associateScope')->andReturn(null);
|
||||
|
||||
$testCredentials = function($u, $p) { return 1; };
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$pgrant = new OAuth2\Grant\Password($a);
|
||||
$pgrant->setVerifyCredentialsCallback($testCredentials);
|
||||
$a->addGrantType($pgrant);
|
||||
$a->requireScopeParam(false);
|
||||
$a->setDefaultScope('foobar');
|
||||
|
||||
$v = $a->issueAccessToken(array(
|
||||
'grant_type' => 'password',
|
||||
'client_id' => 1234,
|
||||
'client_secret' => 5678,
|
||||
'username' => 'foo',
|
||||
'password' => 'bar',
|
||||
'scope' => ''
|
||||
));
|
||||
}
|
||||
|
||||
public function test_issueAccessToken_passwordGrant_goodScope()
|
||||
{
|
||||
$this->scope->shouldReceive('getScope')->andReturn(array(
|
||||
'id' => 1,
|
||||
'scope' => 'foo',
|
||||
'name' => 'Foo Name',
|
||||
'description' => 'Foo Name Description'
|
||||
));
|
||||
|
||||
$this->client->shouldReceive('getClient')->andReturn(array(
|
||||
'client_id' => 1234,
|
||||
'client_secret' => 5678,
|
||||
'redirect_uri' => 'http://foo/redirect',
|
||||
'name' => 'Example Client'
|
||||
));
|
||||
|
||||
$this->client->shouldReceive('validateRefreshToken')->andReturn(1);
|
||||
$this->session->shouldReceive('validateAuthCode')->andReturn(1);
|
||||
$this->session->shouldReceive('createSession')->andReturn(1);
|
||||
$this->session->shouldReceive('deleteSession')->andReturn(null);
|
||||
$this->session->shouldReceive('updateRefreshToken')->andReturn(null);
|
||||
$this->session->shouldReceive('associateScope')->andReturn(null);
|
||||
|
||||
$testCredentials = function($u, $p) { return 1; };
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$pgrant = new OAuth2\Grant\Password($a);
|
||||
$pgrant->setVerifyCredentialsCallback($testCredentials);
|
||||
$a->addGrantType($pgrant);
|
||||
|
||||
$v = $a->issueAccessToken(array(
|
||||
'grant_type' => 'password',
|
||||
'client_id' => 1234,
|
||||
'client_secret' => 5678,
|
||||
'username' => 'foo',
|
||||
'password' => 'bar',
|
||||
'scope' => 'blah'
|
||||
));
|
||||
}
|
||||
|
||||
function test_issueAccessToken_passwordGrant_passedInput()
|
||||
{
|
||||
$this->client->shouldReceive('getClient')->andReturn(array(
|
||||
@@ -391,10 +235,9 @@ class Password_Grant_Test extends PHPUnit_Framework_TestCase
|
||||
$testCredentials = function($u, $p) { return 1; };
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$pgrant = new OAuth2\Grant\Password($a);
|
||||
$pgrant = new OAuth2\Grant\Password();
|
||||
$pgrant->setVerifyCredentialsCallback($testCredentials);
|
||||
$a->addGrantType($pgrant);
|
||||
$a->requireScopeParam(false);
|
||||
|
||||
$v = $a->issueAccessToken(array(
|
||||
'grant_type' => 'password',
|
||||
@@ -409,8 +252,8 @@ class Password_Grant_Test extends PHPUnit_Framework_TestCase
|
||||
$this->assertArrayHasKey('expires', $v);
|
||||
$this->assertArrayHasKey('expires_in', $v);
|
||||
|
||||
$this->assertEquals($a->getExpiresIn(), $v['expires_in']);
|
||||
$this->assertEquals(time()+$a->getExpiresIn(), $v['expires']);
|
||||
$this->assertEquals($a::getExpiresIn(), $v['expires_in']);
|
||||
$this->assertEquals(time()+$a::getExpiresIn(), $v['expires']);
|
||||
}
|
||||
|
||||
function test_issueAccessToken_passwordGrant()
|
||||
@@ -432,10 +275,9 @@ class Password_Grant_Test extends PHPUnit_Framework_TestCase
|
||||
$testCredentials = function($u, $p) { return 1; };
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$pgrant = new OAuth2\Grant\Password($a);
|
||||
$pgrant = new OAuth2\Grant\Password();
|
||||
$pgrant->setVerifyCredentialsCallback($testCredentials);
|
||||
$a->addGrantType($pgrant);
|
||||
$a->requireScopeParam(false);
|
||||
|
||||
$_POST['grant_type'] = 'password';
|
||||
$_POST['client_id'] = 1234;
|
||||
@@ -453,8 +295,8 @@ class Password_Grant_Test extends PHPUnit_Framework_TestCase
|
||||
$this->assertArrayHasKey('expires', $v);
|
||||
$this->assertArrayHasKey('expires_in', $v);
|
||||
|
||||
$this->assertEquals($a->getExpiresIn(), $v['expires_in']);
|
||||
$this->assertEquals(time()+$a->getExpiresIn(), $v['expires']);
|
||||
$this->assertEquals($a::getExpiresIn(), $v['expires_in']);
|
||||
$this->assertEquals(time()+$a::getExpiresIn(), $v['expires']);
|
||||
}
|
||||
|
||||
function test_issueAccessToken_passwordGrant_withRefreshToken()
|
||||
@@ -476,11 +318,10 @@ class Password_Grant_Test extends PHPUnit_Framework_TestCase
|
||||
$testCredentials = function($u, $p) { return 1; };
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$pgrant = new OAuth2\Grant\Password($a);
|
||||
$pgrant = new OAuth2\Grant\Password();
|
||||
$pgrant->setVerifyCredentialsCallback($testCredentials);
|
||||
$a->addGrantType($pgrant);
|
||||
$a->addGrantType(new OAuth2\Grant\RefreshToken($a));
|
||||
$a->requireScopeParam(false);
|
||||
$a->addGrantType(new OAuth2\Grant\RefreshToken());
|
||||
|
||||
$_POST['grant_type'] = 'password';
|
||||
$_POST['client_id'] = 1234;
|
||||
@@ -499,8 +340,8 @@ class Password_Grant_Test extends PHPUnit_Framework_TestCase
|
||||
$this->assertArrayHasKey('expires_in', $v);
|
||||
$this->assertArrayHasKey('refresh_token', $v);
|
||||
|
||||
$this->assertEquals($a->getExpiresIn(), $v['expires_in']);
|
||||
$this->assertEquals(time()+$a->getExpiresIn(), $v['expires']);
|
||||
$this->assertEquals($a::getExpiresIn(), $v['expires_in']);
|
||||
$this->assertEquals(time()+$a::getExpiresIn(), $v['expires']);
|
||||
}
|
||||
|
||||
}
|
||||
@@ -33,8 +33,8 @@ class Refresh_Token_test extends PHPUnit_Framework_TestCase
|
||||
$this->session->shouldReceive('updateSession')->andReturn(null);
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode($a));
|
||||
$a->addGrantType(new OAuth2\Grant\RefreshToken($a));
|
||||
$a->addGrantType(new OAuth2\Grant\AuthCode());
|
||||
$a->addGrantType(new OAuth2\Grant\RefreshToken());
|
||||
|
||||
$_POST['grant_type'] = 'authorization_code';
|
||||
$_POST['client_id'] = 1234;
|
||||
@@ -53,8 +53,8 @@ class Refresh_Token_test extends PHPUnit_Framework_TestCase
|
||||
$this->assertArrayHasKey('expires_in', $v);
|
||||
$this->assertArrayHasKey('refresh_token', $v);
|
||||
|
||||
$this->assertEquals($a->getExpiresIn(), $v['expires_in']);
|
||||
$this->assertEquals(time()+$a->getExpiresIn(), $v['expires']);
|
||||
$this->assertEquals($a::getExpiresIn(), $v['expires_in']);
|
||||
$this->assertEquals(time()+$a::getExpiresIn(), $v['expires']);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -64,7 +64,7 @@ class Refresh_Token_test extends PHPUnit_Framework_TestCase
|
||||
public function test_issueAccessToken_refreshTokenGrant_missingClientId()
|
||||
{
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\RefreshToken($a));
|
||||
$a->addGrantType(new OAuth2\Grant\RefreshToken());
|
||||
|
||||
$request = new OAuth2\Util\Request(array(), $_POST);
|
||||
$a->setRequest($request);
|
||||
@@ -81,7 +81,7 @@ class Refresh_Token_test extends PHPUnit_Framework_TestCase
|
||||
public function test_issueAccessToken_refreshTokenGrant_missingClientSecret()
|
||||
{
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\RefreshToken($a));
|
||||
$a->addGrantType(new OAuth2\Grant\RefreshToken());
|
||||
|
||||
$request = new OAuth2\Util\Request(array(), $_POST);
|
||||
$a->setRequest($request);
|
||||
@@ -101,7 +101,7 @@ class Refresh_Token_test extends PHPUnit_Framework_TestCase
|
||||
$this->client->shouldReceive('getClient')->andReturn(false);
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\RefreshToken($a));
|
||||
$a->addGrantType(new OAuth2\Grant\RefreshToken());
|
||||
|
||||
$request = new OAuth2\Util\Request(array(), $_POST);
|
||||
$a->setRequest($request);
|
||||
@@ -122,7 +122,7 @@ class Refresh_Token_test extends PHPUnit_Framework_TestCase
|
||||
$this->client->shouldReceive('getClient')->andReturn(array());
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\RefreshToken($a));
|
||||
$a->addGrantType(new OAuth2\Grant\RefreshToken());
|
||||
|
||||
$request = new OAuth2\Util\Request(array(), $_POST);
|
||||
$a->setRequest($request);
|
||||
@@ -145,7 +145,7 @@ class Refresh_Token_test extends PHPUnit_Framework_TestCase
|
||||
$this->client->shouldReceive('validateRefreshToken')->andReturn(false);
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\RefreshToken($a));
|
||||
$a->addGrantType(new OAuth2\Grant\RefreshToken());
|
||||
|
||||
$request = new OAuth2\Util\Request(array(), $_POST);
|
||||
$a->setRequest($request);
|
||||
@@ -174,7 +174,7 @@ class Refresh_Token_test extends PHPUnit_Framework_TestCase
|
||||
$this->session->shouldReceive('updateRefreshToken')->andReturn(null);
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\RefreshToken($a));
|
||||
$a->addGrantType(new OAuth2\Grant\RefreshToken());
|
||||
|
||||
$_POST['grant_type'] = 'refresh_token';
|
||||
$_POST['client_id'] = 1234;
|
||||
@@ -192,8 +192,8 @@ class Refresh_Token_test extends PHPUnit_Framework_TestCase
|
||||
$this->assertArrayHasKey('expires_in', $v);
|
||||
$this->assertArrayHasKey('refresh_token', $v);
|
||||
|
||||
$this->assertEquals($a->getExpiresIn(), $v['expires_in']);
|
||||
$this->assertEquals(time()+$a->getExpiresIn(), $v['expires']);
|
||||
$this->assertEquals($a::getExpiresIn(), $v['expires_in']);
|
||||
$this->assertEquals(time()+$a::getExpiresIn(), $v['expires']);
|
||||
}
|
||||
|
||||
public function test_issueAccessToken_refreshTokenGrant()
|
||||
@@ -212,7 +212,7 @@ class Refresh_Token_test extends PHPUnit_Framework_TestCase
|
||||
$this->session->shouldReceive('updateRefreshToken')->andReturn(null);
|
||||
|
||||
$a = $this->returnDefault();
|
||||
$a->addGrantType(new OAuth2\Grant\RefreshToken($a));
|
||||
$a->addGrantType(new OAuth2\Grant\RefreshToken());
|
||||
|
||||
$v = $a->issueAccessToken(array(
|
||||
'grant_type' => 'refresh_token',
|
||||
@@ -227,7 +227,7 @@ class Refresh_Token_test extends PHPUnit_Framework_TestCase
|
||||
$this->assertArrayHasKey('expires_in', $v);
|
||||
$this->assertArrayHasKey('refresh_token', $v);
|
||||
|
||||
$this->assertEquals($a->getExpiresIn(), $v['expires_in']);
|
||||
$this->assertEquals(time()+$a->getExpiresIn(), $v['expires']);
|
||||
$this->assertEquals($a::getExpiresIn(), $v['expires_in']);
|
||||
$this->assertEquals(time()+$a::getExpiresIn(), $v['expires']);
|
||||
}
|
||||
}
|
||||
@@ -85,7 +85,7 @@ class Resource_Server_test extends PHPUnit_Framework_TestCase
|
||||
$param = $requestReflector->getProperty('headers');
|
||||
$param->setAccessible(true);
|
||||
$param->setValue($request, array(
|
||||
'Authorization' => 'Bearer abcdef'
|
||||
'Authorization' => 'Bearer YWJjZGVm'
|
||||
));
|
||||
$s = $this->returnDefault();
|
||||
$s->setRequest($request);
|
||||
@@ -131,7 +131,7 @@ class Resource_Server_test extends PHPUnit_Framework_TestCase
|
||||
$param = $requestReflector->getProperty('headers');
|
||||
$param->setAccessible(true);
|
||||
$param->setValue($request, array(
|
||||
'Authorization' => 'Bearer abcdef'
|
||||
'Authorization' => 'Bearer YWJjZGVm'
|
||||
));
|
||||
$s = $this->returnDefault();
|
||||
$s->setRequest($request);
|
||||
@@ -153,7 +153,7 @@ class Resource_Server_test extends PHPUnit_Framework_TestCase
|
||||
$param = $requestReflector->getProperty('headers');
|
||||
$param->setAccessible(true);
|
||||
$param->setValue($request, array(
|
||||
'Authorization' => 'Bearer abcdef'
|
||||
'Authorization' => 'Bearer YWJjZGVm'
|
||||
));
|
||||
$s = $this->returnDefault();
|
||||
$s->setRequest($request);
|
||||
|
||||
Reference in New Issue
Block a user