Code Coverage for /home/travis/build/thephpleague/oauth2-server/src/Grant/PasswordGrant.php

	Code Coverage
	Classes and Traits			Functions and Methods				Lines
Total	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	3 / 3	CRAP	100.00% covered (success)	100.00%	55 / 55
PasswordGrant	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	3 / 3	15	100.00% covered (success)	100.00%	55 / 55
setVerifyCredentialsCallback				100.00% covered (success)	100.00%	1 / 1	1	100.00% covered (success)	100.00%	2 / 2
getVerifyCredentialsCallback				100.00% covered (success)	100.00%	1 / 1	3	100.00% covered (success)	100.00%	3 / 3
completeFlow				100.00% covered (success)	100.00%	1 / 1	11	100.00% covered (success)	100.00%	50 / 50

1	<?php
2	/**
3	* OAuth 2.0 Password grant
4	*
5	* @package league/oauth2-server
6	* @author Alex Bilbie <hello@alexbilbie.com>
7	* @copyright Copyright (c) Alex Bilbie
8	* @license http://mit-license.org/
9	* @link https://github.com/thephpleague/oauth2-server
10	*/
11
12	namespace League\OAuth2\Server\Grant;
13
14	use League\OAuth2\Server\Entity\AccessTokenEntity;
15	use League\OAuth2\Server\Entity\ClientEntity;
16	use League\OAuth2\Server\Entity\RefreshTokenEntity;
17	use League\OAuth2\Server\Entity\SessionEntity;
18	use League\OAuth2\Server\Event;
19	use League\OAuth2\Server\Exception;
20	use League\OAuth2\Server\Util\SecureKey;
21
22	/**
23	* Password grant class
24	*/
25	class PasswordGrant extends AbstractGrant
26	{
27	/**
28	* Grant identifier
29	*
30	* @var string
31	*/
32	protected $identifier = 'password';
33
34	/**
35	* Response type
36	*
37	* @var string
38	*/
39	protected $responseType;
40
41	/**
42	* Callback to authenticate a user's name and password
43	*
44	* @var callable
45	*/
46	protected $callback;
47
48	/**
49	* Access token expires in override
50	*
51	* @var int
52	*/
53	protected $accessTokenTTL;
54
55	/**
56	* Set the callback to verify a user's username and password
57	*
58	* @param callable $callback The callback function
59	*
60	* @return void
61	*/
62	public function setVerifyCredentialsCallback(callable $callback)
63	{
64	$this->callback = $callback;
65	}
66
67	/**
68	* Return the callback function
69	*
70	* @return callable
71	*
72	* @throws
73	*/
74	protected function getVerifyCredentialsCallback()
75	{
76	if (is_null($this->callback) \|\| !is_callable($this->callback)) {
77	throw new Exception\ServerErrorException('Null or non-callable callback set on Password grant');
78	}
79
80	return $this->callback;
81	}
82
83	/**
84	* Complete the password grant
85	*
86	* @return array
87	*
88	* @throws
89	*/
90	public function completeFlow()
91	{
92	// Get the required params
93	$clientId = $this->server->getRequest()->request->get('client_id', $this->server->getRequest()->getUser());
94	if (is_null($clientId)) {
95	throw new Exception\InvalidRequestException('client_id');
96	}
97
98	$clientSecret = $this->server->getRequest()->request->get('client_secret',
99	$this->server->getRequest()->getPassword());
100	if (is_null($clientSecret)) {
101	throw new Exception\InvalidRequestException('client_secret');
102	}
103
104	// Validate client ID and client secret
105	$client = $this->server->getClientStorage()->get(
106	$clientId,
107	$clientSecret,
108	null,
109	$this->getIdentifier()
110	);
111
112	if (($client instanceof ClientEntity) === false) {
113	$this->server->getEventEmitter()->emit(new Event\ClientAuthenticationFailedEvent($this->server->getRequest()));
114	throw new Exception\InvalidClientException();
115	}
116
117	$username = $this->server->getRequest()->request->get('username', null);
118	if (is_null($username)) {
119	throw new Exception\InvalidRequestException('username');
120	}
121
122	$password = $this->server->getRequest()->request->get('password', null);
123	if (is_null($password)) {
124	throw new Exception\InvalidRequestException('password');
125	}
126
127	// Check if user's username and password are correct
128	$userId = call_user_func($this->getVerifyCredentialsCallback(), $username, $password);
129
130	if ($userId === false) {
131	$this->server->getEventEmitter()->emit(new Event\UserAuthenticationFailedEvent($this->server->getRequest()));
132	throw new Exception\InvalidCredentialsException();
133	}
134
135	// Validate any scopes that are in the request
136	$scopeParam = $this->server->getRequest()->request->get('scope', '');
137	$scopes = $this->validateScopes($scopeParam, $client);
138
139	// Create a new session
140	$session = new SessionEntity($this->server);
141	$session->setOwner('user', $userId);
142	$session->associateClient($client);
143
144	// Generate an access token
145	$accessToken = new AccessTokenEntity($this->server);
146	$accessToken->setId(SecureKey::generate());
147	$accessToken->setExpireTime($this->getAccessTokenTTL() + time());
148
149	// Associate scopes with the session and access token
150	foreach ($scopes as $scope) {
151	$session->associateScope($scope);
152	}
153
154	foreach ($session->getScopes() as $scope) {
155	$accessToken->associateScope($scope);
156	}
157
158	$this->server->getTokenType()->setSession($session);
159	$this->server->getTokenType()->setParam('access_token', $accessToken->getId());
160	$this->server->getTokenType()->setParam('expires_in', $this->getAccessTokenTTL());
161
162	// Associate a refresh token if set
163	if ($this->server->hasGrantType('refresh_token')) {
164	$refreshToken = new RefreshTokenEntity($this->server);
165	$refreshToken->setId(SecureKey::generate());
166	$refreshToken->setExpireTime($this->server->getGrantType('refresh_token')->getRefreshTokenTTL() + time());
167	$this->server->getTokenType()->setParam('refresh_token', $refreshToken->getId());
168	}
169
170	// Save everything
171	$session->save();
172	$accessToken->setSession($session);
173	$accessToken->save();
174
175	if ($this->server->hasGrantType('refresh_token')) {
176	$refreshToken->setAccessToken($accessToken);
177	$refreshToken->save();
178	}
179
180	return $this->server->getTokenType()->generateResponse();
181	}
182	}