ElyBy-Mirror/accounts
1
0
Fork 0
mirror of https://github.com/elyby/accounts.git synced 2024-12-28 08:00:25 +05:30
Code Issues Packages Projects Releases Wiki Activity

Исправлен баг с выдачей наружу внутренних названий пермишенов

Browse Source
This commit is contained in:
ErickSkrauch 2017-10-18 02:37:01 +03:00
parent d32849a85b
commit 58d3fd57a8
2 changed files with 21 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
api/models/OauthProcess.php
View File

@ -7,6 +7,7 @@ use api\components\OAuth2\Grants\AuthCodeGrant;
use api\components\OAuth2\Grants\AuthorizeParams; use api\components\OAuth2\Grants\AuthorizeParams;
use common\models\Account; use common\models\Account;
use common\models\OauthClient; use common\models\OauthClient;
use common\rbac\Permissions as P;
use League\OAuth2\Server\AuthorizationServer; use League\OAuth2\Server\AuthorizationServer;
use League\OAuth2\Server\Exception\InvalidGrantException; use League\OAuth2\Server\Exception\InvalidGrantException;
use League\OAuth2\Server\Exception\OAuthException; use League\OAuth2\Server\Exception\OAuthException;
@ -16,6 +17,11 @@ use yii\helpers\ArrayHelper;
class OauthProcess { class OauthProcess {
private const INTERNAL_PERMISSIONS_TO_PUBLIC_SCOPES = [
P::OBTAIN_OWN_ACCOUNT_INFO => 'account_info',
P::OBTAIN_ACCOUNT_EMAIL => 'account_email',
];
/** /**
* @var AuthorizationServer * @var AuthorizationServer
*/ */
@ -196,11 +202,21 @@ class OauthProcess {
'description' => ArrayHelper::getValue($queryParams, 'description', $client->description), 'description' => ArrayHelper::getValue($queryParams, 'description', $client->description),
], ],
'session' => [ 'session' => [
'scopes' => array_keys($scopes), 'scopes' => $this->fixScopesNames(array_keys($scopes)),
], ],
]; ];
} }
private function fixScopesNames(array $scopes): array {
foreach ($scopes as &$scope) {
if (isset(self::INTERNAL_PERMISSIONS_TO_PUBLIC_SCOPES[$scope])) {
$scope = self::INTERNAL_PERMISSIONS_TO_PUBLIC_SCOPES[$scope];
}
}
return $scopes;
}
private function buildErrorResponse(OAuthException $e): array { private function buildErrorResponse(OAuthException $e): array {
$response = [ $response = [
'success' => false, 'success' => false,

6
tests/codeception/api/functional/oauth/AuthCodeCest.php
View File

@ -24,7 +24,7 @@ class AuthCodeCest {
'ely', 'ely',
'http://ely.by', 'http://ely.by',
'code', 'code',
[P::MINECRAFT_SERVER_SESSION], [P::MINECRAFT_SERVER_SESSION, 'account_info', 'account_email'],
'test-state' 'test-state'
)); ));
$I->canSeeResponseCodeIs(200); $I->canSeeResponseCodeIs(200);
@ -35,7 +35,7 @@ class AuthCodeCest {
'client_id' => 'ely', 'client_id' => 'ely',
'redirect_uri' => 'http://ely.by', 'redirect_uri' => 'http://ely.by',
'response_type' => 'code', 'response_type' => 'code',
'scope' => 'minecraft_server_session', 'scope' => 'minecraft_server_session,account_info,account_email',
'state' => 'test-state', 'state' => 'test-state',
], ],
'client' => [ 'client' => [
@ -46,6 +46,8 @@ class AuthCodeCest {
'session' => [ 'session' => [
'scopes' => [ 'scopes' => [
'minecraft_server_session', 'minecraft_server_session',
'account_info',
'account_email',
], ],
], ],
]); ]);