oauth2-server/src/AuthorizationServer.php

<?php

namespace League\OAuth2\Server;

use DateInterval;
use League\Event\EmitterAwareInterface;
use League\Event\EmitterAwareTrait;
use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Grant\GrantTypeInterface;
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
use League\OAuth2\Server\RequestTypes\AuthorizationRequest;
use League\OAuth2\Server\ResponseTypes\BearerTokenResponse;
use League\OAuth2\Server\ResponseTypes\ResponseTypeInterface;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;

class AuthorizationServer implements EmitterAwareInterface
{
    use EmitterAwareTrait;

    /**
     * @var \League\OAuth2\Server\Grant\GrantTypeInterface[]
     */
    protected $enabledGrantTypes = [];

    /**
     * @var \DateInterval[]
     */
    protected $grantTypeAccessTokenTTL = [];

    /**
     * @var \League\OAuth2\Server\CryptKey
     */
    protected $privateKey;

    /**
     * @var \League\OAuth2\Server\CryptKey
     */
    protected $publicKey;

    /**
     * @var ResponseTypeInterface
     */
    protected $responseType;

    /**
     * @var \League\OAuth2\Server\Repositories\ClientRepositoryInterface
     */
    private $clientRepository;

    /**
     * @var \League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface
     */
    private $accessTokenRepository;

    /**
     * @var \League\OAuth2\Server\Repositories\ScopeRepositoryInterface
     */
    private $scopeRepository;

    /**
     * New server instance.
     *
     * @param \League\OAuth2\Server\Repositories\ClientRepositoryInterface                       $clientRepository
     * @param \League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface                  $accessTokenRepository
     * @param \League\OAuth2\Server\Repositories\ScopeRepositoryInterface                        $scopeRepository
     * @param \League\OAuth2\Server\CryptKey|string                                              $privateKey
     * @param \League\OAuth2\Server\CryptKey|string                                              $publicKey
     * @param null|\League\OAuth2\Server\ResponseTypes\ResponseTypeInterface                     $responseType
     */
    public function __construct(
        ClientRepositoryInterface $clientRepository,
        AccessTokenRepositoryInterface $accessTokenRepository,
        ScopeRepositoryInterface $scopeRepository,
        $privateKey,
        $publicKey,
        ResponseTypeInterface $responseType = null
    ) {
        $this->clientRepository = $clientRepository;
        $this->accessTokenRepository = $accessTokenRepository;
        $this->scopeRepository = $scopeRepository;

        if (!$privateKey instanceof CryptKey) {
            $privateKey = new CryptKey($privateKey);
        }
        $this->privateKey = $privateKey;

        if (!$publicKey instanceof CryptKey) {
            $publicKey = new CryptKey($publicKey);
        }
        $this->publicKey = $publicKey;

        $this->responseType = $responseType;
    }

    /**
     * Enable a grant type on the server.
     *
     * @param \League\OAuth2\Server\Grant\GrantTypeInterface $grantType
     * @param \DateInterval                                  $accessTokenTTL
     */
    public function enableGrantType(GrantTypeInterface $grantType, DateInterval $accessTokenTTL = null)
    {
        if ($accessTokenTTL instanceof DateInterval === false) {
            $accessTokenTTL = new \DateInterval('PT1H');
        }

        $grantType->setAccessTokenRepository($this->accessTokenRepository);
        $grantType->setClientRepository($this->clientRepository);
        $grantType->setScopeRepository($this->scopeRepository);
        $grantType->setPrivateKey($this->privateKey);
        $grantType->setPublicKey($this->publicKey);
        $grantType->setEmitter($this->getEmitter());

        $this->enabledGrantTypes[$grantType->getIdentifier()] = $grantType;
        $this->grantTypeAccessTokenTTL[$grantType->getIdentifier()] = $accessTokenTTL;
    }

    /**
     * Validate an authorization request
     *
     * @param \Psr\Http\Message\ServerRequestInterface $request
     *
     * @throws \League\OAuth2\Server\Exception\OAuthServerException
     *
     * @return \League\OAuth2\Server\RequestTypes\AuthorizationRequest|null
     */
    public function validateAuthorizationRequest(ServerRequestInterface $request)
    {
        $authRequest = null;
        $enabledGrantTypes = $this->enabledGrantTypes;
        while ($authRequest === null && $grantType = array_shift($enabledGrantTypes)) {
            /** @var \League\OAuth2\Server\Grant\GrantTypeInterface $grantType */
            if ($grantType->canRespondToAuthorizationRequest($request)) {
                $authRequest = $grantType->validateAuthorizationRequest($request);

                return $authRequest;
            }
        }

        throw OAuthServerException::unsupportedGrantType();
    }

    /**
     * Complete an authorization request
     *
     * @param \League\OAuth2\Server\RequestTypes\AuthorizationRequest $authRequest
     * @param \Psr\Http\Message\ResponseInterface                     $response
     *
     * @return \League\OAuth2\Server\ResponseTypes\ResponseTypeInterface
     */
    public function completeAuthorizationRequest(AuthorizationRequest $authRequest, ResponseInterface $response)
    {
        return $this->enabledGrantTypes[$authRequest->getGrantTypeId()]
            ->completeAuthorizationRequest($authRequest)
            ->generateHttpResponse($response);
    }

    /**
     * Return an access token response.
     *
     * @param \Psr\Http\Message\ServerRequestInterface $request
     * @param \Psr\Http\Message\ResponseInterface      $response
     *
     * @throws \League\OAuth2\Server\Exception\OAuthServerException
     *
     * @return \Psr\Http\Message\ResponseInterface
     */
    public function respondToAccessTokenRequest(ServerRequestInterface $request, ResponseInterface $response)
    {
        $tokenResponse = null;
        while ($tokenResponse === null && $grantType = array_shift($this->enabledGrantTypes)) {
            /** @var \League\OAuth2\Server\Grant\GrantTypeInterface $grantType */
            if ($grantType->canRespondToAccessTokenRequest($request)) {
                $tokenResponse = $grantType->respondToAccessTokenRequest(
                    $request,
                    $this->getResponseType(),
                    $this->grantTypeAccessTokenTTL[$grantType->getIdentifier()]
                );
            }
        }

        if ($tokenResponse instanceof ResponseTypeInterface) {
            return $tokenResponse->generateHttpResponse($response);
        }

        throw OAuthServerException::unsupportedGrantType();
    }

    /**
     * Get the token type that grants will return in the HTTP response.
     *
     * @return ResponseTypeInterface
     */
    protected function getResponseType()
    {
        if (!$this->responseType instanceof ResponseTypeInterface) {
            $this->responseType = new BearerTokenResponse($this->accessTokenRepository);
        }

        $this->responseType->setPrivateKey($this->privateKey);

        return $this->responseType;
    }
}
First commit of new server class 2015-04-05 21:33:06 +05:30			`<?php`
Refactored constructor to set defaults, added new setter methods for default token TTL and default token type 2015-04-06 13:02:44 +05:30
First commit of new server class 2015-04-05 21:33:06 +05:30			`namespace League\OAuth2\Server;`

Fix for non-imported namespace 2016-02-12 19:48:34 +05:30			`use DateInterval;`
Checkin 2015-10-14 14:21:53 +05:30			`use League\Event\EmitterAwareInterface;`
			`use League\Event\EmitterAwareTrait;`
Updates 2015-11-13 23:11:05 +05:30			`use League\OAuth2\Server\Exception\OAuthServerException;`
Checkin 2015-10-14 14:21:53 +05:30			`use League\OAuth2\Server\Grant\GrantTypeInterface;`
New server constructor 2016-01-17 19:33:41 +05:30			`use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;`
			`use League\OAuth2\Server\Repositories\ClientRepositoryInterface;`
			`use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;`
Updated server methods 2016-04-10 16:18:32 +05:30			`use League\OAuth2\Server\RequestTypes\AuthorizationRequest;`
Updates 2015-11-13 23:11:05 +05:30			`use League\OAuth2\Server\ResponseTypes\BearerTokenResponse;`
			`use League\OAuth2\Server\ResponseTypes\ResponseTypeInterface;`
allow middleware use 2016-01-15 18:32:47 +05:30			`use Psr\Http\Message\ResponseInterface;`
Checkin 2015-10-14 14:21:53 +05:30			`use Psr\Http\Message\ServerRequestInterface;`
First commit of new server class 2015-04-05 21:33:06 +05:30
Renamed Server to AuthorizationServer 2016-04-17 17:24:25 +05:30			`class AuthorizationServer implements EmitterAwareInterface`
First commit of new server class 2015-04-05 21:33:06 +05:30			`{`
Checkin 2015-10-14 14:21:53 +05:30			`use EmitterAwareTrait;`

First commit of new server class 2015-04-05 21:33:06 +05:30			`/**`
			`* @var \League\OAuth2\Server\Grant\GrantTypeInterface[]`
			`*/`
			`protected $enabledGrantTypes = [];`

			`/**`
abstract access token validation 2016-02-12 18:49:47 +05:30			`* @var \DateInterval[]`
First commit of new server class 2015-04-05 21:33:06 +05:30			`*/`
			`protected $grantTypeAccessTokenTTL = [];`

deferred default objects creation 2016-01-15 17:11:48 +05:30			`/**`
handle RSA key passphrase 2016-03-28 20:12:34 +05:30			`* @var \League\OAuth2\Server\CryptKey`
deferred default objects creation 2016-01-15 17:11:48 +05:30			`*/`
handle RSA key passphrase 2016-03-28 20:12:34 +05:30			`protected $privateKey;`
deferred default objects creation 2016-01-15 17:11:48 +05:30
First commit of new server class 2015-04-05 21:33:06 +05:30			`/**`
handle RSA key passphrase 2016-03-28 20:12:34 +05:30			`* @var \League\OAuth2\Server\CryptKey`
First commit of new server class 2015-04-05 21:33:06 +05:30			`*/`
handle RSA key passphrase 2016-03-28 20:12:34 +05:30			`protected $publicKey;`
First commit of new server class 2015-04-05 21:33:06 +05:30
			`/**`
handle RSA key passphrase 2016-03-28 20:12:34 +05:30			`* @var ResponseTypeInterface`
First commit of new server class 2015-04-05 21:33:06 +05:30			`*/`
handle RSA key passphrase 2016-03-28 20:12:34 +05:30			`protected $responseType;`
First commit of new server class 2015-04-05 21:33:06 +05:30
Checkin 2015-10-14 14:21:53 +05:30			`/**`
New server constructor 2016-01-17 19:33:41 +05:30			`* @var \League\OAuth2\Server\Repositories\ClientRepositoryInterface`
Checkin 2015-10-14 14:21:53 +05:30			`*/`
New server constructor 2016-01-17 19:33:41 +05:30			`private $clientRepository;`

			`/**`
			`* @var \League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface`
			`*/`
			`private $accessTokenRepository;`

			`/**`
			`* @var \League\OAuth2\Server\Repositories\ScopeRepositoryInterface`
			`*/`
			`private $scopeRepository;`
Refactored constructor to set defaults, added new setter methods for default token TTL and default token type 2015-04-06 13:02:44 +05:30
			`/**`
Applied fixes from StyleCI 2016-02-20 04:39:39 +05:30			`* New server instance.`
First commit of new server class 2015-04-05 21:33:06 +05:30			`*`
Applied fixes from StyleCI 2016-03-17 20:07:48 +05:30			`* @param \League\OAuth2\Server\Repositories\ClientRepositoryInterface $clientRepository`
			`* @param \League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface $accessTokenRepository`
			`* @param \League\OAuth2\Server\Repositories\ScopeRepositoryInterface $scopeRepository`
handle RSA key passphrase 2016-03-28 20:12:34 +05:30			`* @param \League\OAuth2\Server\CryptKey\|string $privateKey`
			`* @param \League\OAuth2\Server\CryptKey\|string $publicKey`
Applied fixes from StyleCI 2016-03-17 20:07:48 +05:30			`* @param null\|\League\OAuth2\Server\ResponseTypes\ResponseTypeInterface $responseType`
First commit of new server class 2015-04-05 21:33:06 +05:30			`*/`
New server constructor 2016-01-17 19:33:41 +05:30			`public function __construct(`
			`ClientRepositoryInterface $clientRepository,`
			`AccessTokenRepositoryInterface $accessTokenRepository,`
			`ScopeRepositoryInterface $scopeRepository,`
handle RSA key passphrase 2016-03-28 20:12:34 +05:30			`$privateKey,`
			`$publicKey,`
Removed unused methods 2016-04-17 17:12:42 +05:30			`ResponseTypeInterface $responseType = null`
New server constructor 2016-01-17 19:33:41 +05:30			`) {`
			`$this->clientRepository = $clientRepository;`
			`$this->accessTokenRepository = $accessTokenRepository;`
			`$this->scopeRepository = $scopeRepository;`
handle RSA key passphrase 2016-03-28 20:12:34 +05:30
			`if (!$privateKey instanceof CryptKey) {`
			`$privateKey = new CryptKey($privateKey);`
			`}`
			`$this->privateKey = $privateKey;`

			`if (!$publicKey instanceof CryptKey) {`
			`$publicKey = new CryptKey($publicKey);`
			`}`
			`$this->publicKey = $publicKey;`

Removed default wording as there is no override 2016-01-17 19:53:18 +05:30			`$this->responseType = $responseType;`
Refactored constructor to set defaults, added new setter methods for default token TTL and default token type 2015-04-06 13:02:44 +05:30			`}`
First commit of new server class 2015-04-05 21:33:06 +05:30
			`/**`
Applied fixes from StyleCI 2016-02-20 04:39:39 +05:30			`* Enable a grant type on the server.`
First commit of new server class 2015-04-05 21:33:06 +05:30			`*`
Checkin 2015-10-14 14:21:53 +05:30			`* @param \League\OAuth2\Server\Grant\GrantTypeInterface $grantType`
abstract access token validation 2016-02-12 18:49:47 +05:30			`* @param \DateInterval $accessTokenTTL`
First commit of new server class 2015-04-05 21:33:06 +05:30			`*/`
Lazy set $accessTokenTTL 2016-04-10 19:01:05 +05:30			`public function enableGrantType(GrantTypeInterface $grantType, DateInterval $accessTokenTTL = null)`
configurable refresh token TTL per grant 2016-01-21 22:41:53 +05:30			`{`
Lazy set $accessTokenTTL 2016-04-10 19:01:05 +05:30			`if ($accessTokenTTL instanceof DateInterval === false) {`
			`$accessTokenTTL = new \DateInterval('PT1H');`
			`}`

Inject required params into grant type 2016-01-17 19:33:07 +05:30			`$grantType->setAccessTokenRepository($this->accessTokenRepository);`
			`$grantType->setClientRepository($this->clientRepository);`
			`$grantType->setScopeRepository($this->scopeRepository);`
handle RSA key passphrase 2016-03-28 20:12:34 +05:30			`$grantType->setPrivateKey($this->privateKey);`
			`$grantType->setPublicKey($this->publicKey);`
Checkin 2015-10-14 14:21:53 +05:30			`$grantType->setEmitter($this->getEmitter());`
First commit of new server class 2015-04-05 21:33:06 +05:30
allow refresh token ttl assign 2016-01-20 16:51:44 +05:30			`$this->enabledGrantTypes[$grantType->getIdentifier()] = $grantType;`
Removed default overrides 2016-01-17 19:33:33 +05:30			`$this->grantTypeAccessTokenTTL[$grantType->getIdentifier()] = $accessTokenTTL;`
First commit of new server class 2015-04-05 21:33:06 +05:30			`}`

Checkin 2016-04-10 14:37:08 +05:30			`/**`
Updated server methods 2016-04-10 16:18:32 +05:30			`* Validate an authorization request`
			`*`
Checkin 2016-04-10 14:37:08 +05:30			`* @param \Psr\Http\Message\ServerRequestInterface $request`
			`*`
			`* @throws \League\OAuth2\Server\Exception\OAuthServerException`
Applied fixes from StyleCI 2016-04-10 16:18:46 +05:30			`*`
			`* @return \League\OAuth2\Server\RequestTypes\AuthorizationRequest\|null`
Checkin 2016-04-10 14:37:08 +05:30			`*/`
Updated server methods 2016-04-10 16:18:32 +05:30			`public function validateAuthorizationRequest(ServerRequestInterface $request)`
Checkin 2016-04-10 14:37:08 +05:30			`{`
			`$authRequest = null;`
Updated server methods 2016-04-10 16:18:32 +05:30			`$enabledGrantTypes = $this->enabledGrantTypes;`
			`while ($authRequest === null && $grantType = array_shift($enabledGrantTypes)) {`
Checkin 2016-04-10 14:37:08 +05:30			`/** @var \League\OAuth2\Server\Grant\GrantTypeInterface $grantType */`
Updated server methods 2016-04-10 16:18:32 +05:30			`if ($grantType->canRespondToAuthorizationRequest($request)) {`
			`$authRequest = $grantType->validateAuthorizationRequest($request);`

			`return $authRequest;`
Checkin 2016-04-10 14:37:08 +05:30			`}`
			`}`
Updated server methods 2016-04-10 16:18:32 +05:30
Checkin 2016-04-10 14:37:08 +05:30			`throw OAuthServerException::unsupportedGrantType();`
			`}`

Updated server methods 2016-04-10 16:18:32 +05:30			`/**`
			`* Complete an authorization request`
			`*`
			`* @param \League\OAuth2\Server\RequestTypes\AuthorizationRequest $authRequest`
			`* @param \Psr\Http\Message\ResponseInterface $response`
			`*`
			`* @return \League\OAuth2\Server\ResponseTypes\ResponseTypeInterface`
			`*/`
			`public function completeAuthorizationRequest(AuthorizationRequest $authRequest, ResponseInterface $response)`
			`{`
			`return $this->enabledGrantTypes[$authRequest->getGrantTypeId()]`
			`->completeAuthorizationRequest($authRequest)`
			`->generateHttpResponse($response);`
			`}`

First commit of new server class 2015-04-05 21:33:06 +05:30			`/**`
Applied fixes from StyleCI 2016-02-20 04:39:39 +05:30			`* Return an access token response.`
First commit of new server class 2015-04-05 21:33:06 +05:30			`*`
handle RSA key passphrase 2016-03-28 20:12:34 +05:30			`* @param \Psr\Http\Message\ServerRequestInterface $request`
			`* @param \Psr\Http\Message\ResponseInterface $response`
First commit of new server class 2015-04-05 21:33:06 +05:30			`*`
Updates 2015-11-13 23:11:05 +05:30			`* @throws \League\OAuth2\Server\Exception\OAuthServerException`
Applied fixes from StyleCI 2016-02-20 04:39:39 +05:30			`*`
			`* @return \Psr\Http\Message\ResponseInterface`
First commit of new server class 2015-04-05 21:33:06 +05:30			`*/`
Renamed server `respondToRequest` to `respondToAccessTokenRequest` 2016-04-09 20:50:30 +05:30			`public function respondToAccessTokenRequest(ServerRequestInterface $request, ResponseInterface $response)`
First commit of new server class 2015-04-05 21:33:06 +05:30			`{`
include CryptTrait tests, allow Server::respondToRequest trhow exceptions and fix ResposeType tests 2016-03-18 04:55:32 +05:30			`$tokenResponse = null;`
			`while ($tokenResponse === null && $grantType = array_shift($this->enabledGrantTypes)) {`
			`/** @var \League\OAuth2\Server\Grant\GrantTypeInterface $grantType */`
Updated method calls 2016-04-09 20:52:22 +05:30			`if ($grantType->canRespondToAccessTokenRequest($request)) {`
Updated server methods 2016-04-10 16:18:32 +05:30			`$tokenResponse = $grantType->respondToAccessTokenRequest(`
include CryptTrait tests, allow Server::respondToRequest trhow exceptions and fix ResposeType tests 2016-03-18 04:55:32 +05:30			`$request,`
			`$this->getResponseType(),`
			`$this->grantTypeAccessTokenTTL[$grantType->getIdentifier()]`
			`);`
Fix #468 and #473 2016-03-17 20:07:21 +05:30			`}`
include CryptTrait tests, allow Server::respondToRequest trhow exceptions and fix ResposeType tests 2016-03-18 04:55:32 +05:30			`}`
The response may be a PSR response which is valid 2016-02-12 19:48:45 +05:30
include CryptTrait tests, allow Server::respondToRequest trhow exceptions and fix ResposeType tests 2016-03-18 04:55:32 +05:30			`if ($tokenResponse instanceof ResponseTypeInterface) {`
			`return $tokenResponse->generateHttpResponse($response);`
allow middleware use 2016-01-15 18:32:47 +05:30			`}`
include CryptTrait tests, allow Server::respondToRequest trhow exceptions and fix ResposeType tests 2016-03-18 04:55:32 +05:30
			`throw OAuthServerException::unsupportedGrantType();`
allow middleware use 2016-01-15 18:32:47 +05:30			`}`
allow refresh token ttl assign 2016-01-20 16:51:44 +05:30
			`/**`
Applied fixes from StyleCI 2016-02-20 04:39:39 +05:30			`* Get the token type that grants will return in the HTTP response.`
allow refresh token ttl assign 2016-01-20 16:51:44 +05:30			`*`
			`* @return ResponseTypeInterface`
			`*/`
abstract access token validation 2016-02-12 18:49:47 +05:30			`protected function getResponseType()`
allow refresh token ttl assign 2016-01-20 16:51:44 +05:30			`{`
			`if (!$this->responseType instanceof ResponseTypeInterface) {`
Fix #468 and #473 2016-03-17 20:07:21 +05:30			`$this->responseType = new BearerTokenResponse($this->accessTokenRepository);`
allow refresh token ttl assign 2016-01-20 16:51:44 +05:30			`}`

handle RSA key passphrase 2016-03-28 20:12:34 +05:30			`$this->responseType->setPrivateKey($this->privateKey);`
Fix #468 and #473 2016-03-17 20:07:21 +05:30
allow refresh token ttl assign 2016-01-20 16:51:44 +05:30			`return $this->responseType;`
			`}`
First commit of new server class 2015-04-05 21:33:06 +05:30			`}`