oauth2-server/src/Grant/AbstractGrant.php

<?php
/**
 * OAuth 2.0 Abstract grant
 *
 * @package     league/oauth2-server
 * @author      Alex Bilbie <hello@alexbilbie.com>
 * @copyright   Copyright (c) Alex Bilbie
 * @license     http://mit-license.org/
 * @link        https://github.com/thephpleague/oauth2-server
 */

namespace League\OAuth2\Server\Grant;

use League\Event\EmitterAwareTrait;
use League\Event\EmitterInterface;
use League\Event\Event;
use League\OAuth2\Server\Entities\AccessTokenEntity;
use League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface;
use League\OAuth2\Server\Entities\RefreshTokenEntity;
use League\OAuth2\Server\Entities\ScopeEntity;
use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
use League\OAuth2\Server\Utils\SecureKey;
use Psr\Http\Message\ServerRequestInterface;

/**
 * Abstract grant class
 */
abstract class AbstractGrant implements GrantTypeInterface
{
    use EmitterAwareTrait;

    const SCOPE_DELIMITER_STRING = ' ';

    /**
     * Grant responds with
     *
     * @var string
     */
    protected $respondsWith = 'token';

    /**
     * @var ServerRequestInterface
     */
    protected $request;

    /**
     * @var ClientRepositoryInterface
     */
    protected $clientRepository;

    /**
     * @var AccessTokenRepositoryInterface
     */
    protected $accessTokenRepository;

    /**
     * @var ScopeRepositoryInterface
     */
    protected $scopeRepository;

    /**
     * @var string
     */
    protected $pathToPrivateKey;

    /**
     * @var string
     */
    protected $pathToPublicKey;

    /**
     * @var \DateInterval
     */
    protected $refreshTokenTTL;

    /**
     * @param ClientRepositoryInterface $clientRepository
     */
    public function setClientRepository(ClientRepositoryInterface $clientRepository)
    {
        $this->clientRepository = $clientRepository;
    }

    /**
     * @param AccessTokenRepositoryInterface $accessTokenRepository
     */
    public function setAccessTokenRepository(AccessTokenRepositoryInterface $accessTokenRepository)
    {
        $this->accessTokenRepository = $accessTokenRepository;
    }

    /**
     * @param ScopeRepositoryInterface $scopeRepository
     */
    public function setScopeRepository(ScopeRepositoryInterface $scopeRepository)
    {
        $this->scopeRepository = $scopeRepository;
    }

    /**
     * @param string $pathToPrivateKey
     */
    public function setPathToPrivateKey($pathToPrivateKey)
    {
        $this->pathToPrivateKey = $pathToPrivateKey;
    }

    /**
     * @param string $pathToPublicKey
     */
    public function setPathToPublicKey($pathToPublicKey)
    {
        $this->pathToPublicKey = $pathToPublicKey;
    }

    /**
     * @inheritdoc
     */
    public function setEmitter(EmitterInterface $emitter = null)
    {
        $this->emitter = $emitter;
    }

    /**
     * @inheritdoc
     */
    public function setRefreshTokenTTL(\DateInterval $refreshTokenTTL)
    {
        $this->refreshTokenTTL = $refreshTokenTTL;
    }

    /**
     * {@inheritdoc}
     */
    public function respondsWith()
    {
        return $this->respondsWith;
    }

    /**
     * Validate the client
     *
     * @param \Psr\Http\Message\ServerRequestInterface $request
     * @param bool                                     $validateSecret
     * @param bool                                     $validateRedirectUri
     *
     * @return \League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface
     * @throws \League\OAuth2\Server\Exception\OAuthServerException
     */
    protected function validateClient(
        ServerRequestInterface $request,
        $validateSecret = true,
        $validateRedirectUri = false
    ) {
        $clientId = $this->getRequestParameter(
            'client_id',
            $request,
            $this->getServerParameter('PHP_AUTH_USER', $request)
        );
        if (is_null($clientId)) {
            throw OAuthServerException::invalidRequest('client_id', null, '`%s` parameter is missing');
        }

        $clientSecret = $this->getRequestParameter(
            'client_secret',
            $request,
            $this->getServerParameter('PHP_AUTH_PW', $request)
        );
        if (is_null($clientSecret) && $validateSecret === true) {
            throw OAuthServerException::invalidRequest('client_secret', null, '`%s` parameter is missing');
        }

        $redirectUri = $this->getRequestParameter('redirect_uri', $request, null);
        if (is_null($redirectUri) && $validateRedirectUri === true) {
            throw OAuthServerException::invalidRequest('redirect_uri', null, '`%s` parameter is missing');
        }

        $client = $this->clientRepository->getClientEntity(
            $clientId,
            $clientSecret,
            $redirectUri,
            $this->getIdentifier()
        );

        if (!$client instanceof ClientEntityInterface) {
            $this->getEmitter()->emit(new Event('client.authentication.failed', $request));

            throw OAuthServerException::invalidClient();
        }

        return $client;
    }

    /**
     * Validate scopes in the request
     *
     * @param \Psr\Http\Message\ServerRequestInterface                        $request
     * @param \League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface $client
     * @param string                                                          $redirectUri
     *
     * @return \League\OAuth2\Server\Entities\ScopeEntity[]
     *
     * @throws \League\OAuth2\Server\Exception\OAuthServerException
     */
    public function validateScopes(
        ServerRequestInterface $request,
        ClientEntityInterface $client,
        $redirectUri = null
    ) {
        $requestedScopes = $this->getRequestParameter('scope', $request);
        $scopesList = array_filter(
            explode(self::SCOPE_DELIMITER_STRING, trim($requestedScopes)),
            function ($scope) {
                return !empty($scope);
            }
        );

        $scopes = [];
        foreach ($scopesList as $scopeItem) {
            $scope = $this->scopeRepository->getScopeEntityByIdentifier(
                $scopeItem,
                $this->getIdentifier(),
                $client->getIdentifier()
            );

            if (($scope instanceof ScopeEntity) === false) {
                throw OAuthServerException::invalidScope($scopeItem, null, null, $redirectUri);
            }

            $scopes[] = $scope;
        }

        return $scopes;
    }

    /**
     * Retrieve request parameter.
     *
     * @param string                                   $parameter
     * @param \Psr\Http\Message\ServerRequestInterface $request
     * @param mixed                                    $default
     *
     * @return null|string
     */
    protected function getRequestParameter($parameter, ServerRequestInterface $request, $default = null)
    {
        return (isset($request->getParsedBody()[$parameter])) ? $request->getParsedBody()[$parameter] : $default;
    }

    /**
     * Retrieve query string parameter.
     *
     * @param string                                   $parameter
     * @param \Psr\Http\Message\ServerRequestInterface $request
     * @param mixed                                    $default
     *
     * @return null|string
     */
    protected function getQueryStringParameter($parameter, ServerRequestInterface $request, $default = null)
    {
        return (isset($request->getQueryParams()[$parameter])) ? $request->getQueryParams()[$parameter] : $default;
    }

    /**
     * Retrieve cookie parameter.
     *
     * @param string                                   $parameter
     * @param \Psr\Http\Message\ServerRequestInterface $request
     * @param mixed                                    $default
     *
     * @return null|string
     */
    protected function getCookieParameter($parameter, ServerRequestInterface $request, $default = null)
    {
        return (isset($request->getCookieParams()[$parameter])) ? $request->getCookieParams()[$parameter] : $default;
    }

    /**
     * Retrieve server parameter.
     *
     * @param string|array                             $parameter
     * @param \Psr\Http\Message\ServerRequestInterface $request
     * @param mixed                                    $default
     *
     * @return null|string
     */
    protected function getServerParameter($parameter, ServerRequestInterface $request, $default = null)
    {
        return (isset($request->getServerParams()[$parameter])) ? $request->getServerParams()[$parameter] : $default;
    }

    /**
     * Issue an access token
     *
     * @param \DateInterval                                                   $tokenTTL
     * @param \League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface $client
     * @param string                                                          $userIdentifier
     * @param array                                                           $scopes
     *
     * @return \League\OAuth2\Server\Entities\AccessTokenEntity
     */
    protected function issueAccessToken(
        \DateInterval $tokenTTL,
        ClientEntityInterface $client,
        $userIdentifier,
        array $scopes = []
    ) {
        $accessToken = new AccessTokenEntity();
        $accessToken->setIdentifier(SecureKey::generate());
        $accessToken->setExpiryDateTime((new \DateTime())->add($tokenTTL));
        $accessToken->setClient($client);
        $accessToken->setUserIdentifier($userIdentifier);

        foreach ($scopes as $scope) {
            $accessToken->addScope($scope);
        }

        return $accessToken;
    }

    /**
     * @param \League\OAuth2\Server\Entities\AccessTokenEntity $accessToken
     *
     * @return \League\OAuth2\Server\Entities\RefreshTokenEntity
     */
    protected function issueRefreshToken(AccessTokenEntity $accessToken)
    {
        $refreshToken = new RefreshTokenEntity();
        $refreshToken->setIdentifier(SecureKey::generate());
        $refreshToken->setExpiryDateTime((new \DateTime())->add($this->refreshTokenTTL));
        $refreshToken->setAccessToken($accessToken);

        return $refreshToken;
    }

    /**
     * @inheritdoc
     */
    public function canRespondToRequest(ServerRequestInterface $request)
    {
        return (
            isset($request->getParsedBody()['grant_type'])
            && $request->getParsedBody()['grant_type'] === $this->getIdentifier()
        );
    }
}
Moved some grant related functions into a trait to reduce duplicate code 2013-12-02 18:42:54 +00:00			`<?php`
			`/**`
Too many changes to describe 2014-01-08 16:15:29 +00:00			`* OAuth 2.0 Abstract grant`
Moved some grant related functions into a trait to reduce duplicate code 2013-12-02 18:42:54 +00:00			`*`
Too many changes to describe 2014-01-08 16:15:29 +00:00			`* @package league/oauth2-server`
Moved some grant related functions into a trait to reduce duplicate code 2013-12-02 18:42:54 +00:00			`* @author Alex Bilbie <hello@alexbilbie.com>`
Updated copyright 2014-03-09 19:34:23 +00:00			`* @copyright Copyright (c) Alex Bilbie`
Moved some grant related functions into a trait to reduce duplicate code 2013-12-02 18:42:54 +00:00			`* @license http://mit-license.org/`
Updated @link 2014-03-09 20:05:38 +00:00			`* @link https://github.com/thephpleague/oauth2-server`
Moved some grant related functions into a trait to reduce duplicate code 2013-12-02 18:42:54 +00:00			`*/`

			`namespace League\OAuth2\Server\Grant;`

minor improvements and documentation fixes 2016-01-20 10:36:16 +01:00			`use League\Event\EmitterAwareTrait;`
Updates 2015-11-13 17:41:05 +00:00			`use League\Event\EmitterInterface;`
abstract common grants tasks 2016-01-17 00:41:55 +01:00			`use League\Event\Event;`
			`use League\OAuth2\Server\Entities\AccessTokenEntity;`
Updated abstract grant and client credentials grant 2015-04-05 17:01:19 +01:00			`use League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface;`
abstract common grants tasks 2016-01-17 00:41:55 +01:00			`use League\OAuth2\Server\Entities\RefreshTokenEntity;`
Updated abstract grant and client credentials grant 2015-04-05 17:01:19 +01:00			`use League\OAuth2\Server\Entities\ScopeEntity;`
Updates 2015-11-13 17:41:05 +00:00			`use League\OAuth2\Server\Exception\OAuthServerException;`
Updated abstract grant and client credentials grant 2015-04-05 17:01:19 +01:00			`use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;`
			`use League\OAuth2\Server\Repositories\ClientRepositoryInterface;`
			`use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;`
abstract common grants tasks 2016-01-17 00:41:55 +01:00			`use League\OAuth2\Server\Utils\SecureKey;`
Checkin 2015-10-14 09:51:53 +01:00			`use Psr\Http\Message\ServerRequestInterface;`
No longer need to inject auth server into grant 2013-12-05 20:25:50 +00:00
Too many changes to describe 2014-01-08 16:15:29 +00:00			`/**`
			`* Abstract grant class`
			`*/`
			`abstract class AbstractGrant implements GrantTypeInterface`
			`{`
minor improvements and documentation fixes 2016-01-20 10:36:16 +01:00			`use EmitterAwareTrait;`

Scope delimiter string is now a constant 2016-01-17 13:49:53 +00:00			`const SCOPE_DELIMITER_STRING = ' ';`

No longer need to inject auth server into grant 2013-12-05 20:25:50 +00:00			`/**`
Updated abstract grant and client credentials grant 2015-04-05 17:01:19 +01:00			`* Grant responds with`
CS fixes 2014-12-10 13:10:35 +00:00			`*`
Too many changes to describe 2014-01-08 16:15:29 +00:00			`* @var string`
No longer need to inject auth server into grant 2013-12-05 20:25:50 +00:00			`*/`
Updated abstract grant and client credentials grant 2015-04-05 17:01:19 +01:00			`protected $respondsWith = 'token';`
Too many changes to describe 2014-01-08 16:15:29 +00:00
			`/**`
Checkin 2015-10-14 09:51:53 +01:00			`* @var ServerRequestInterface`
Too many changes to describe 2014-01-08 16:15:29 +00:00			`*/`
Updated abstract grant and client credentials grant 2015-04-05 17:01:19 +01:00			`protected $request;`
Too many changes to describe 2014-01-08 16:15:29 +00:00
			`/**`
Updated abstract grant and client credentials grant 2015-04-05 17:01:19 +01:00			`* @var ClientRepositoryInterface`
Too many changes to describe 2014-01-08 16:15:29 +00:00			`*/`
Updated abstract grant and client credentials grant 2015-04-05 17:01:19 +01:00			`protected $clientRepository;`
No longer need to inject auth server into grant 2013-12-05 20:25:50 +00:00
Moved some grant related functions into a trait to reduce duplicate code 2013-12-02 18:42:54 +00:00			`/**`
Updated abstract grant and client credentials grant 2015-04-05 17:01:19 +01:00			`* @var AccessTokenRepositoryInterface`
Moved some grant related functions into a trait to reduce duplicate code 2013-12-02 18:42:54 +00:00			`*/`
Updated abstract grant and client credentials grant 2015-04-05 17:01:19 +01:00			`protected $accessTokenRepository;`
Moved some grant related functions into a trait to reduce duplicate code 2013-12-02 18:42:54 +00:00
			`/**`
Updated abstract grant and client credentials grant 2015-04-05 17:01:19 +01:00			`* @var ScopeRepositoryInterface`
Moved some grant related functions into a trait to reduce duplicate code 2013-12-02 18:42:54 +00:00			`*/`
Updated abstract grant and client credentials grant 2015-04-05 17:01:19 +01:00			`protected $scopeRepository;`
Moved some grant related functions into a trait to reduce duplicate code 2013-12-02 18:42:54 +00:00
support grant specific access token ttl 2014-09-11 13:39:50 +01:00			`/**`
Private and public key paths are injected into grants now 2016-01-17 14:21:35 +00:00			`* @var string`
support grant specific access token ttl 2014-09-11 13:39:50 +01:00			`*/`
Private and public key paths are injected into grants now 2016-01-17 14:21:35 +00:00			`protected $pathToPrivateKey;`

			`/**`
			`* @var string`
			`*/`
			`protected $pathToPublicKey;`

configurable refresh token TTL per grant 2016-01-21 18:11:53 +01:00			`/**`
			`* @var \DateInterval`
			`*/`
			`protected $refreshTokenTTL;`

support grant specific access token ttl 2014-09-11 13:39:50 +01:00			`/**`
Required repositories are now set by the server 2016-01-17 13:47:44 +00:00			`* @param ClientRepositoryInterface $clientRepository`
support grant specific access token ttl 2014-09-11 13:39:50 +01:00			`*/`
Required repositories are now set by the server 2016-01-17 13:47:44 +00:00			`public function setClientRepository(ClientRepositoryInterface $clientRepository)`
			`{`
Updated abstract grant and client credentials grant 2015-04-05 17:01:19 +01:00			`$this->clientRepository = $clientRepository;`
Required repositories are now set by the server 2016-01-17 13:47:44 +00:00			`}`

			`/**`
			`* @param AccessTokenRepositoryInterface $accessTokenRepository`
			`*/`
			`public function setAccessTokenRepository(AccessTokenRepositoryInterface $accessTokenRepository)`
			`{`
Updated abstract grant and client credentials grant 2015-04-05 17:01:19 +01:00			`$this->accessTokenRepository = $accessTokenRepository;`
support grant specific access token ttl 2014-09-11 13:39:50 +01:00			`}`

Moved some grant related functions into a trait to reduce duplicate code 2013-12-02 18:42:54 +00:00			`/**`
Required repositories are now set by the server 2016-01-17 13:47:44 +00:00			`* @param ScopeRepositoryInterface $scopeRepository`
Moved some grant related functions into a trait to reduce duplicate code 2013-12-02 18:42:54 +00:00			`*/`
Required repositories are now set by the server 2016-01-17 13:47:44 +00:00			`public function setScopeRepository(ScopeRepositoryInterface $scopeRepository)`
Moved some grant related functions into a trait to reduce duplicate code 2013-12-02 18:42:54 +00:00			`{`
Required repositories are now set by the server 2016-01-17 13:47:44 +00:00			`$this->scopeRepository = $scopeRepository;`
Moved some grant related functions into a trait to reduce duplicate code 2013-12-02 18:42:54 +00:00			`}`

No longer need to inject auth server into grant 2013-12-05 20:25:50 +00:00			`/**`
Private and public key paths are injected into grants now 2016-01-17 14:21:35 +00:00			`* @param string $pathToPrivateKey`
No longer need to inject auth server into grant 2013-12-05 20:25:50 +00:00			`*/`
Private and public key paths are injected into grants now 2016-01-17 14:21:35 +00:00			`public function setPathToPrivateKey($pathToPrivateKey)`
No longer need to inject auth server into grant 2013-12-05 20:25:50 +00:00			`{`
Private and public key paths are injected into grants now 2016-01-17 14:21:35 +00:00			`$this->pathToPrivateKey = $pathToPrivateKey;`
			`}`

			`/**`
			`* @param string $pathToPublicKey`
			`*/`
			`public function setPathToPublicKey($pathToPublicKey)`
			`{`
			`$this->pathToPublicKey = $pathToPublicKey;`
No longer need to inject auth server into grant 2013-12-05 20:25:50 +00:00			`}`

normalize validatescopes 2016-01-17 14:35:43 +01:00			`/**`
			`* @inheritdoc`
			`*/`
Merge branch 'V5-WIP' into minor_merge 2016-02-12 00:12:56 +01:00			`public function setEmitter(EmitterInterface $emitter = null)`
normalize validatescopes 2016-01-17 14:35:43 +01:00			`{`
			`$this->emitter = $emitter;`
			`}`

configurable refresh token TTL per grant 2016-01-21 18:11:53 +01:00			`/**`
			`* @inheritdoc`
			`*/`
			`public function setRefreshTokenTTL(\DateInterval $refreshTokenTTL)`
			`{`
			`$this->refreshTokenTTL = $refreshTokenTTL;`
			`}`

No longer need to inject auth server into grant 2013-12-05 20:25:50 +00:00			`/**`
Declared methods from AbstractGrant on GrantTypeInterface as per #255 2014-11-21 00:06:01 +00:00			`* {@inheritdoc}`
No longer need to inject auth server into grant 2013-12-05 20:25:50 +00:00			`*/`
Updated abstract grant and client credentials grant 2015-04-05 17:01:19 +01:00			`public function respondsWith()`
No longer need to inject auth server into grant 2013-12-05 20:25:50 +00:00			`{`
Updated abstract grant and client credentials grant 2015-04-05 17:01:19 +01:00			`return $this->respondsWith;`
No longer need to inject auth server into grant 2013-12-05 20:25:50 +00:00			`}`

abstract common grants tasks 2016-01-17 00:41:55 +01:00			`/**`
Validate client can now optionally validate secret + redirectUri, and actually validate the redirectUri 2016-02-12 09:03:35 +00:00			`* Validate the client`
			`*`
abstract common grants tasks 2016-01-17 00:41:55 +01:00			`* @param \Psr\Http\Message\ServerRequestInterface $request`
Validate client can now optionally validate secret + redirectUri, and actually validate the redirectUri 2016-02-12 09:03:35 +00:00			`* @param bool $validateSecret`
			`* @param bool $validateRedirectUri`
abstract common grants tasks 2016-01-17 00:41:55 +01:00			`*`
			`* @return \League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface`
			`* @throws \League\OAuth2\Server\Exception\OAuthServerException`
			`*/`
Validate client can now optionally validate secret + redirectUri, and actually validate the redirectUri 2016-02-12 09:03:35 +00:00			`protected function validateClient(`
			`ServerRequestInterface $request,`
			`$validateSecret = true,`
			`$validateRedirectUri = false`
			`) {`
Tidy up 2016-01-17 12:43:20 +00:00			`$clientId = $this->getRequestParameter(`
			`'client_id',`
			`$request,`
			`$this->getServerParameter('PHP_AUTH_USER', $request)`
			`);`
abstract common grants tasks 2016-01-17 00:41:55 +01:00			`if (is_null($clientId)) {`
			throw OAuthServerException::invalidRequest('client_id', null, '`%s` parameter is missing');
			`}`

Tidy up 2016-01-17 12:43:20 +00:00			`$clientSecret = $this->getRequestParameter(`
			`'client_secret',`
			`$request,`
			`$this->getServerParameter('PHP_AUTH_PW', $request)`
			`);`
Validate client can now optionally validate secret + redirectUri, and actually validate the redirectUri 2016-02-12 09:03:35 +00:00			`if (is_null($clientSecret) && $validateSecret === true) {`
abstract common grants tasks 2016-01-17 00:41:55 +01:00			throw OAuthServerException::invalidRequest('client_secret', null, '`%s` parameter is missing');
			`}`

Validate client can now optionally validate secret + redirectUri, and actually validate the redirectUri 2016-02-12 09:03:35 +00:00			`$redirectUri = $this->getRequestParameter('redirect_uri', $request, null);`
			`if (is_null($redirectUri) && $validateRedirectUri === true) {`
			throw OAuthServerException::invalidRequest('redirect_uri', null, '`%s` parameter is missing');
			`}`

abstract common grants tasks 2016-01-17 00:41:55 +01:00			`$client = $this->clientRepository->getClientEntity(`
			`$clientId,`
			`$clientSecret,`
Fix getClientEntity method call 2016-02-12 09:09:39 +00:00			`$redirectUri,`
			`$this->getIdentifier()`
abstract common grants tasks 2016-01-17 00:41:55 +01:00			`);`

			`if (!$client instanceof ClientEntityInterface) {`
minor improvements and documentation fixes 2016-01-20 10:36:16 +01:00			`$this->getEmitter()->emit(new Event('client.authentication.failed', $request));`
abstract common grants tasks 2016-01-17 00:41:55 +01:00
			`throw OAuthServerException::invalidClient();`
			`}`

			`return $client;`
			`}`

			`/**`
Docblock updates 2016-02-12 09:02:33 +00:00			`* Validate scopes in the request`
			`*`
normalize validatescopes 2016-01-17 14:35:43 +01:00			`* @param \Psr\Http\Message\ServerRequestInterface $request`
			`* @param \League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface $client`
			`* @param string $redirectUri`
CS fixes 2014-12-10 13:10:35 +00:00			`*`
Updated abstract grant and client credentials grant 2015-04-05 17:01:19 +01:00			`* @return \League\OAuth2\Server\Entities\ScopeEntity[]`
normalize validatescopes 2016-01-17 14:35:43 +01:00			`*`
Updates 2015-11-13 17:41:05 +00:00			`* @throws \League\OAuth2\Server\Exception\OAuthServerException`
Too many changes to describe 2014-01-08 16:15:29 +00:00			`*/`
Updated abstract grant and client credentials grant 2015-04-05 17:01:19 +01:00			`public function validateScopes(`
normalize validatescopes 2016-01-17 14:35:43 +01:00			`ServerRequestInterface $request,`
Updated abstract grant and client credentials grant 2015-04-05 17:01:19 +01:00			`ClientEntityInterface $client,`
			`$redirectUri = null`
			`) {`
normalize validatescopes 2016-01-17 14:35:43 +01:00			`$requestedScopes = $this->getRequestParameter('scope', $request);`
Checkin 2015-10-14 09:51:53 +01:00			`$scopesList = array_filter(`
fix conflicts 2016-01-17 15:49:55 +01:00			`explode(self::SCOPE_DELIMITER_STRING, trim($requestedScopes)),`
Checkin 2015-10-14 09:51:53 +01:00			`function ($scope) {`
			`return !empty($scope);`
PHPCS fixes 2014-05-03 11:08:33 +01:00			`}`
Checkin 2015-10-14 09:51:53 +01:00			`);`
Updated grants 2013-12-24 17:01:56 +00:00
			`$scopes = [];`
			`foreach ($scopesList as $scopeItem) {`
Updates 2015-11-13 17:41:05 +00:00			`$scope = $this->scopeRepository->getScopeEntityByIdentifier(`
Updated grants 2013-12-24 17:01:56 +00:00			`$scopeItem,`
Fix #213 2014-09-30 23:55:21 +01:00			`$this->getIdentifier(),`
Updated abstract grant and client credentials grant 2015-04-05 17:01:19 +01:00			`$client->getIdentifier()`
Updated grants 2013-12-24 17:01:56 +00:00			`);`

Updated with new entity names 2014-05-02 17:21:53 +01:00			`if (($scope instanceof ScopeEntity) === false) {`
Updates 2015-11-13 17:41:05 +00:00			`throw OAuthServerException::invalidScope($scopeItem, null, null, $redirectUri);`
Updated grants 2013-12-24 17:01:56 +00:00			`}`

Updated abstract grant and client credentials grant 2015-04-05 17:01:19 +01:00			`$scopes[] = $scope;`
Lots of logic implementation fixes 2014-01-10 12:30:13 +00:00			`}`
CS fixer changes 2014-05-03 10:53:43 +01:00
Lots of logic implementation fixes 2014-01-10 12:30:13 +00:00			`return $scopes;`
			`}`
Checkin 2015-10-14 09:51:53 +01:00
			`/**`
normalize validatescopes 2016-01-17 14:35:43 +01:00			`* Retrieve request parameter.`
			`*`
			`* @param string $parameter`
			`* @param \Psr\Http\Message\ServerRequestInterface $request`
			`* @param mixed $default`
			`*`
			`* @return null\|string`
Checkin 2015-10-14 09:51:53 +01:00			`*/`
normalize validatescopes 2016-01-17 14:35:43 +01:00			`protected function getRequestParameter($parameter, ServerRequestInterface $request, $default = null)`
Checkin 2015-10-14 09:51:53 +01:00			`{`
normalize validatescopes 2016-01-17 14:35:43 +01:00			`return (isset($request->getParsedBody()[$parameter])) ? $request->getParsedBody()[$parameter] : $default;`
			`}`

Added getQueryStringParameter method 2016-02-12 09:02:17 +00:00			`/**`
			`* Retrieve query string parameter.`
			`*`
			`* @param string $parameter`
			`* @param \Psr\Http\Message\ServerRequestInterface $request`
			`* @param mixed $default`
			`*`
			`* @return null\|string`
			`*/`
			`protected function getQueryStringParameter($parameter, ServerRequestInterface $request, $default = null)`
			`{`
			`return (isset($request->getQueryParams()[$parameter])) ? $request->getQueryParams()[$parameter] : $default;`
			`}`

Added getCookieParameter method 2016-02-12 09:59:59 +00:00			`/**`
			`* Retrieve cookie parameter.`
			`*`
			`* @param string $parameter`
			`* @param \Psr\Http\Message\ServerRequestInterface $request`
			`* @param mixed $default`
			`*`
			`* @return null\|string`
			`*/`
			`protected function getCookieParameter($parameter, ServerRequestInterface $request, $default = null)`
			`{`
			`return (isset($request->getCookieParams()[$parameter])) ? $request->getCookieParams()[$parameter] : $default;`
			`}`

normalize validatescopes 2016-01-17 14:35:43 +01:00			`/**`
			`* Retrieve server parameter.`
			`*`
			`* @param string\|array $parameter`
			`* @param \Psr\Http\Message\ServerRequestInterface $request`
			`* @param mixed $default`
			`*`
			`* @return null\|string`
			`*/`
			`protected function getServerParameter($parameter, ServerRequestInterface $request, $default = null)`
			`{`
			`return (isset($request->getServerParams()[$parameter])) ? $request->getServerParams()[$parameter] : $default;`
Checkin 2015-10-14 09:51:53 +01:00			`}`
abstract common grants tasks 2016-01-17 00:41:55 +01:00
			`/**`
Docblock updates 2016-02-12 09:02:33 +00:00			`* Issue an access token`
			`*`
abstract common grants tasks 2016-01-17 00:41:55 +01:00			`* @param \DateInterval $tokenTTL`
			`* @param \League\OAuth2\Server\Entities\Interfaces\ClientEntityInterface $client`
			`* @param string $userIdentifier`
			`* @param array $scopes`
			`*`
			`* @return \League\OAuth2\Server\Entities\AccessTokenEntity`
			`*/`
			`protected function issueAccessToken(`
			`\DateInterval $tokenTTL,`
			`ClientEntityInterface $client,`
			`$userIdentifier,`
			`array $scopes = []`
			`) {`
			`$accessToken = new AccessTokenEntity();`
			`$accessToken->setIdentifier(SecureKey::generate());`
			`$accessToken->setExpiryDateTime((new \DateTime())->add($tokenTTL));`
			`$accessToken->setClient($client);`
			`$accessToken->setUserIdentifier($userIdentifier);`

			`foreach ($scopes as $scope) {`
			`$accessToken->addScope($scope);`
			`}`

			`return $accessToken;`
			`}`

			`/**`
			`* @param \League\OAuth2\Server\Entities\AccessTokenEntity $accessToken`
			`*`
			`* @return \League\OAuth2\Server\Entities\RefreshTokenEntity`
			`*/`
configurable refresh token TTL per grant 2016-01-21 18:11:53 +01:00			`protected function issueRefreshToken(AccessTokenEntity $accessToken)`
abstract common grants tasks 2016-01-17 00:41:55 +01:00			`{`
			`$refreshToken = new RefreshTokenEntity();`
			`$refreshToken->setIdentifier(SecureKey::generate());`
configurable refresh token TTL per grant 2016-01-21 18:11:53 +01:00			`$refreshToken->setExpiryDateTime((new \DateTime())->add($this->refreshTokenTTL));`
abstract common grants tasks 2016-01-17 00:41:55 +01:00			`$refreshToken->setAccessToken($accessToken);`

			`return $refreshToken;`
			`}`

			`/**`
			`* @inheritdoc`
			`*/`
			`public function canRespondToRequest(ServerRequestInterface $request)`
			`{`
			`return (`
			`isset($request->getParsedBody()['grant_type'])`
Got rid of mystery $identifier class property, moved it to the getIdentifier method 2016-02-12 08:33:59 +00:00			`&& $request->getParsedBody()['grant_type'] === $this->getIdentifier()`
abstract common grants tasks 2016-01-17 00:41:55 +01:00			`);`
			`}`
Added GrantTrait::setIdentifier I found it useful to be able to set the identifier so I could "alias" one for deprecation. Hopefully no issues here @alexbilbie 2013-12-04 17:23:19 -05:00			`}`