Code Coverage for /home/travis/build/thephpleague/oauth2-server/src/ResourceServer.php

	Code Coverage
	Classes and Traits			Functions and Methods				Lines
Total	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	5 / 5	CRAP	100.00% covered (success)	100.00%	29 / 29
ResourceServer	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	5 / 5	12	100.00% covered (success)	100.00%	29 / 29
__construct( SessionInterface $sessionStorage, AccessTokenInterface $accessTokenStorage, ClientInterface $clientStorage, ScopeInterface $scopeStorage )				100.00% covered (success)	100.00%	1 / 1	1	100.00% covered (success)	100.00%	7 / 7
setIdKey($key)				100.00% covered (success)	100.00%	1 / 1	1	100.00% covered (success)	100.00%	2 / 2
getAccessToken()				100.00% covered (success)	100.00%	1 / 1	1	100.00% covered (success)	100.00%	1 / 1
isValidRequest($headersOnly = true, $accessToken = null)				100.00% covered (success)	100.00%	1 / 1	4	100.00% covered (success)	100.00%	9 / 9
determineAccessToken($headersOnly = false)				100.00% covered (success)	100.00%	1 / 1	5	100.00% covered (success)	100.00%	10 / 10

1	<?php
2	/**
3	* OAuth 2.0 Resource Server
4	*
5	* @package league/oauth2-server
6	* @author Alex Bilbie <hello@alexbilbie.com>
7	* @copyright Copyright (c) Alex Bilbie
8	* @license http://mit-license.org/
9	* @link https://github.com/thephpleague/oauth2-server
10	*/
11
12	namespace League\OAuth2\Server;
13
14	use League\OAuth2\Server\Entity\AccessTokenEntity;
15	use League\OAuth2\Server\Storage\AccessTokenInterface;
16	use League\OAuth2\Server\Storage\ClientInterface;
17	use League\OAuth2\Server\Storage\ScopeInterface;
18	use League\OAuth2\Server\Storage\SessionInterface;
19	use League\OAuth2\Server\TokenType\Bearer;
20
21	/**
22	* OAuth 2.0 Resource Server
23	*/
24	class ResourceServer extends AbstractServer
25	{
26	/**
27	* The access token
28	*
29	* @var \League\OAuth2\Server\Entity\AccessTokenEntity
30	*/
31	protected $accessToken;
32
33	/**
34	* The query string key which is used by clients to present the access token (default: access_token)
35	*
36	* @var string
37	*/
38	protected $tokenKey = 'access_token';
39
40	/**
41	* Initialise the resource server
42	*
43	* @param SessionInterface $sessionStorage
44	* @param AccessTokenInterface $accessTokenStorage
45	* @param ClientInterface $clientStorage
46	* @param ScopeInterface $scopeStorage
47	*
48	* @return self
49	*/
50	public function __construct(
51	SessionInterface $sessionStorage,
52	AccessTokenInterface $accessTokenStorage,
53	ClientInterface $clientStorage,
54	ScopeInterface $scopeStorage
55	) {
56	$this->setSessionStorage($sessionStorage);
57	$this->setAccessTokenStorage($accessTokenStorage);
58	$this->setClientStorage($clientStorage);
59	$this->setScopeStorage($scopeStorage);
60
61	// Set Bearer as the default token type
62	$this->setTokenType(new Bearer());
63
64	parent::__construct();
65
66	return $this;
67	}
68
69	/**
70	* Sets the query string key for the access token.
71	*
72	* @param string $key The new query string key
73	*
74	* @return self
75	*/
76	public function setIdKey($key)
77	{
78	$this->tokenKey = $key;
79
80	return $this;
81	}
82
83	/**
84	* Gets the access token
85	*
86	* @return \League\OAuth2\Server\Entity\AccessTokenEntity
87	*/
88	public function getAccessToken()
89	{
90	return $this->accessToken;
91	}
92
93	/**
94	* Checks if the access token is valid or not
95	*
96	* @param bool $headersOnly Limit Access Token to Authorization header only
97	* @param AccessTokenEntity\|null $accessToken Access Token
98	*
99	* @return bool
100	*
101	* @throws
102	*/
103	public function isValidRequest($headersOnly = true, $accessToken = null)
104	{
105	$accessTokenString = ($accessToken !== null)
106	? $accessToken
107	: $this->determineAccessToken($headersOnly);
108
109	// Set the access token
110	$this->accessToken = $this->getAccessTokenStorage()->get($accessTokenString);
111
112	// Ensure the access token exists
113	if (!$this->accessToken instanceof AccessTokenEntity) {
114	throw new Exception\AccessDeniedException();
115	}
116
117	// Check the access token hasn't expired
118	// Ensure the auth code hasn't expired
119	if ($this->accessToken->isExpired() === true) {
120	throw new Exception\AccessDeniedException();
121	}
122
123	return true;
124	}
125
126	/**
127	* Reads in the access token from the headers
128	*
129	* @param bool $headersOnly Limit Access Token to Authorization header only
130	*
131	* @throws Exception\InvalidRequestException Thrown if there is no access token presented
132	*
133	* @return string
134	*/
135	public function determineAccessToken($headersOnly = false)
136	{
137	if ($this->getRequest()->headers->get('Authorization') !== null) {
138	$accessToken = $this->getTokenType()->determineAccessTokenInHeader($this->getRequest());
139	} elseif ($headersOnly === false) {
140	$accessToken = ($this->getRequest()->server->get('REQUEST_METHOD') === 'GET')
141	? $this->getRequest()->query->get($this->tokenKey)
142	: $this->getRequest()->request->get($this->tokenKey);
143	}
144
145	if (empty($accessToken)) {
146	throw new Exception\InvalidRequestException('access token');
147	}
148
149	return $accessToken;
150	}
151	}