oauth2-server/src/Server.php

<?php

namespace League\OAuth2\Server;

use DateInterval;
use League\Event\EmitterAwareInterface;
use League\Event\EmitterAwareTrait;
use League\OAuth2\Server\AuthorizationValidators\AuthorizationValidatorInterface;
use League\OAuth2\Server\AuthorizationValidators\BearerTokenValidator;
use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Grant\GrantTypeInterface;
use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
use League\OAuth2\Server\Repositories\ClientRepositoryInterface;
use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;
use League\OAuth2\Server\ResponseTypes\BearerTokenResponse;
use League\OAuth2\Server\ResponseTypes\ResponseTypeInterface;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;

class Server implements EmitterAwareInterface
{
    use EmitterAwareTrait;

    /**
     * @var \League\OAuth2\Server\Grant\GrantTypeInterface[]
     */
    protected $enabledGrantTypes = [];

    /**
     * @var \DateInterval[]
     */
    protected $grantTypeAccessTokenTTL = [];

    /**
     * @var \League\OAuth2\Server\CryptKey
     */
    protected $privateKey;

    /**
     * @var \League\OAuth2\Server\CryptKey
     */
    protected $publicKey;

    /**
     * @var ResponseTypeInterface
     */
    protected $responseType;

    /**
     * @var \League\OAuth2\Server\Repositories\ClientRepositoryInterface
     */
    private $clientRepository;

    /**
     * @var \League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface
     */
    private $accessTokenRepository;

    /**
     * @var \League\OAuth2\Server\Repositories\ScopeRepositoryInterface
     */
    private $scopeRepository;

    /**
     * @var \League\OAuth2\Server\AuthorizationValidators\AuthorizationValidatorInterface
     */
    private $authorizationValidator;

    /**
     * New server instance.
     *
     * @param \League\OAuth2\Server\Repositories\ClientRepositoryInterface                       $clientRepository
     * @param \League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface                  $accessTokenRepository
     * @param \League\OAuth2\Server\Repositories\ScopeRepositoryInterface                        $scopeRepository
     * @param \League\OAuth2\Server\CryptKey|string                                              $privateKey
     * @param \League\OAuth2\Server\CryptKey|string                                              $publicKey
     * @param null|\League\OAuth2\Server\ResponseTypes\ResponseTypeInterface                     $responseType
     * @param null|\League\OAuth2\Server\AuthorizationValidators\AuthorizationValidatorInterface $authorizationValidator
     */
    public function __construct(
        ClientRepositoryInterface $clientRepository,
        AccessTokenRepositoryInterface $accessTokenRepository,
        ScopeRepositoryInterface $scopeRepository,
        $privateKey,
        $publicKey,
        ResponseTypeInterface $responseType = null,
        AuthorizationValidatorInterface $authorizationValidator = null
    ) {
        $this->clientRepository = $clientRepository;
        $this->accessTokenRepository = $accessTokenRepository;
        $this->scopeRepository = $scopeRepository;

        if (!$privateKey instanceof CryptKey) {
            $privateKey = new CryptKey($privateKey);
        }
        $this->privateKey = $privateKey;

        if (!$publicKey instanceof CryptKey) {
            $publicKey = new CryptKey($publicKey);
        }
        $this->publicKey = $publicKey;

        $this->responseType = $responseType;
        $this->authorizationValidator = $authorizationValidator;
    }

    /**
     * Enable a grant type on the server.
     *
     * @param \League\OAuth2\Server\Grant\GrantTypeInterface $grantType
     * @param \DateInterval                                  $accessTokenTTL
     */
    public function enableGrantType(GrantTypeInterface $grantType, DateInterval $accessTokenTTL)
    {
        $grantType->setAccessTokenRepository($this->accessTokenRepository);
        $grantType->setClientRepository($this->clientRepository);
        $grantType->setScopeRepository($this->scopeRepository);
        $grantType->setPrivateKey($this->privateKey);
        $grantType->setPublicKey($this->publicKey);
        $grantType->setEmitter($this->getEmitter());

        $this->enabledGrantTypes[$grantType->getIdentifier()] = $grantType;

        $this->grantTypeAccessTokenTTL[$grantType->getIdentifier()] = $accessTokenTTL;
    }

    /**
     * Return an access token response.
     *
     * @param \Psr\Http\Message\ServerRequestInterface $request
     * @param \Psr\Http\Message\ResponseInterface      $response
     *
     * @throws \League\OAuth2\Server\Exception\OAuthServerException
     *
     * @return \Psr\Http\Message\ResponseInterface
     */
    public function respondToRequest(ServerRequestInterface $request, ResponseInterface $response)
    {
        $tokenResponse = null;
        while ($tokenResponse === null && $grantType = array_shift($this->enabledGrantTypes)) {
            /** @var \League\OAuth2\Server\Grant\GrantTypeInterface $grantType */
            if ($grantType->canRespondToRequest($request)) {
                $tokenResponse = $grantType->respondToRequest(
                    $request,
                    $this->getResponseType(),
                    $this->grantTypeAccessTokenTTL[$grantType->getIdentifier()]
                );
            }
        }

        if ($tokenResponse instanceof ResponseTypeInterface) {
            return $tokenResponse->generateHttpResponse($response);
        }

        throw OAuthServerException::unsupportedGrantType();
    }

    /**
     * Determine the access token validity.
     *
     * @param \Psr\Http\Message\ServerRequestInterface $request
     *
     * @throws \League\OAuth2\Server\Exception\OAuthServerException
     *
     * @return \Psr\Http\Message\ServerRequestInterface
     */
    public function validateAuthenticatedRequest(ServerRequestInterface $request)
    {
        return $this->getAuthorizationValidator()->validateAuthorization($request);
    }

    /**
     * Get the token type that grants will return in the HTTP response.
     *
     * @return ResponseTypeInterface
     */
    protected function getResponseType()
    {
        if (!$this->responseType instanceof ResponseTypeInterface) {
            $this->responseType = new BearerTokenResponse($this->accessTokenRepository);
        }

        $this->responseType->setPrivateKey($this->privateKey);

        return $this->responseType;
    }

    /**
     * @return \League\OAuth2\Server\AuthorizationValidators\AuthorizationValidatorInterface
     */
    protected function getAuthorizationValidator()
    {
        if (!$this->authorizationValidator instanceof AuthorizationValidatorInterface) {
            $this->authorizationValidator = new BearerTokenValidator($this->accessTokenRepository);
        }

        $this->authorizationValidator->setPublicKey($this->publicKey);

        return $this->authorizationValidator;
    }
}
First commit of new server class 2015-04-05 21:33:06 +05:30			`<?php`
Refactored constructor to set defaults, added new setter methods for default token TTL and default token type 2015-04-06 13:02:44 +05:30
First commit of new server class 2015-04-05 21:33:06 +05:30			`namespace League\OAuth2\Server;`

Fix for non-imported namespace 2016-02-12 19:48:34 +05:30			`use DateInterval;`
Checkin 2015-10-14 14:21:53 +05:30			`use League\Event\EmitterAwareInterface;`
			`use League\Event\EmitterAwareTrait;`
Fix #468 and #473 2016-03-17 20:07:21 +05:30			`use League\OAuth2\Server\AuthorizationValidators\AuthorizationValidatorInterface;`
			`use League\OAuth2\Server\AuthorizationValidators\BearerTokenValidator;`
Updates 2015-11-13 23:11:05 +05:30			`use League\OAuth2\Server\Exception\OAuthServerException;`
Checkin 2015-10-14 14:21:53 +05:30			`use League\OAuth2\Server\Grant\GrantTypeInterface;`
New server constructor 2016-01-17 19:33:41 +05:30			`use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;`
			`use League\OAuth2\Server\Repositories\ClientRepositoryInterface;`
			`use League\OAuth2\Server\Repositories\ScopeRepositoryInterface;`
Updates 2015-11-13 23:11:05 +05:30			`use League\OAuth2\Server\ResponseTypes\BearerTokenResponse;`
			`use League\OAuth2\Server\ResponseTypes\ResponseTypeInterface;`
allow middleware use 2016-01-15 18:32:47 +05:30			`use Psr\Http\Message\ResponseInterface;`
Checkin 2015-10-14 14:21:53 +05:30			`use Psr\Http\Message\ServerRequestInterface;`
First commit of new server class 2015-04-05 21:33:06 +05:30
Checkin 2015-10-14 14:21:53 +05:30			`class Server implements EmitterAwareInterface`
First commit of new server class 2015-04-05 21:33:06 +05:30			`{`
Checkin 2015-10-14 14:21:53 +05:30			`use EmitterAwareTrait;`

First commit of new server class 2015-04-05 21:33:06 +05:30			`/**`
			`* @var \League\OAuth2\Server\Grant\GrantTypeInterface[]`
			`*/`
			`protected $enabledGrantTypes = [];`

			`/**`
abstract access token validation 2016-02-12 18:49:47 +05:30			`* @var \DateInterval[]`
First commit of new server class 2015-04-05 21:33:06 +05:30			`*/`
			`protected $grantTypeAccessTokenTTL = [];`

deferred default objects creation 2016-01-15 17:11:48 +05:30			`/**`
handle RSA key passphrase 2016-03-28 20:12:34 +05:30			`* @var \League\OAuth2\Server\CryptKey`
deferred default objects creation 2016-01-15 17:11:48 +05:30			`*/`
handle RSA key passphrase 2016-03-28 20:12:34 +05:30			`protected $privateKey;`
deferred default objects creation 2016-01-15 17:11:48 +05:30
First commit of new server class 2015-04-05 21:33:06 +05:30			`/**`
handle RSA key passphrase 2016-03-28 20:12:34 +05:30			`* @var \League\OAuth2\Server\CryptKey`
First commit of new server class 2015-04-05 21:33:06 +05:30			`*/`
handle RSA key passphrase 2016-03-28 20:12:34 +05:30			`protected $publicKey;`
First commit of new server class 2015-04-05 21:33:06 +05:30
			`/**`
handle RSA key passphrase 2016-03-28 20:12:34 +05:30			`* @var ResponseTypeInterface`
First commit of new server class 2015-04-05 21:33:06 +05:30			`*/`
handle RSA key passphrase 2016-03-28 20:12:34 +05:30			`protected $responseType;`
First commit of new server class 2015-04-05 21:33:06 +05:30
Checkin 2015-10-14 14:21:53 +05:30			`/**`
New server constructor 2016-01-17 19:33:41 +05:30			`* @var \League\OAuth2\Server\Repositories\ClientRepositoryInterface`
Checkin 2015-10-14 14:21:53 +05:30			`*/`
New server constructor 2016-01-17 19:33:41 +05:30			`private $clientRepository;`

			`/**`
			`* @var \League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface`
			`*/`
			`private $accessTokenRepository;`

			`/**`
			`* @var \League\OAuth2\Server\Repositories\ScopeRepositoryInterface`
			`*/`
			`private $scopeRepository;`
Refactored constructor to set defaults, added new setter methods for default token TTL and default token type 2015-04-06 13:02:44 +05:30
Fix #468 and #473 2016-03-17 20:07:21 +05:30			`/**`
			`* @var \League\OAuth2\Server\AuthorizationValidators\AuthorizationValidatorInterface`
			`*/`
			`private $authorizationValidator;`

Refactored constructor to set defaults, added new setter methods for default token TTL and default token type 2015-04-06 13:02:44 +05:30			`/**`
Applied fixes from StyleCI 2016-02-20 04:39:39 +05:30			`* New server instance.`
First commit of new server class 2015-04-05 21:33:06 +05:30			`*`
Applied fixes from StyleCI 2016-03-17 20:07:48 +05:30			`* @param \League\OAuth2\Server\Repositories\ClientRepositoryInterface $clientRepository`
			`* @param \League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface $accessTokenRepository`
			`* @param \League\OAuth2\Server\Repositories\ScopeRepositoryInterface $scopeRepository`
handle RSA key passphrase 2016-03-28 20:12:34 +05:30			`* @param \League\OAuth2\Server\CryptKey\|string $privateKey`
			`* @param \League\OAuth2\Server\CryptKey\|string $publicKey`
Applied fixes from StyleCI 2016-03-17 20:07:48 +05:30			`* @param null\|\League\OAuth2\Server\ResponseTypes\ResponseTypeInterface $responseType`
Fix #468 and #473 2016-03-17 20:07:21 +05:30			`* @param null\|\League\OAuth2\Server\AuthorizationValidators\AuthorizationValidatorInterface $authorizationValidator`
First commit of new server class 2015-04-05 21:33:06 +05:30			`*/`
New server constructor 2016-01-17 19:33:41 +05:30			`public function __construct(`
			`ClientRepositoryInterface $clientRepository,`
			`AccessTokenRepositoryInterface $accessTokenRepository,`
			`ScopeRepositoryInterface $scopeRepository,`
handle RSA key passphrase 2016-03-28 20:12:34 +05:30			`$privateKey,`
			`$publicKey,`
Fix #468 and #473 2016-03-17 20:07:21 +05:30			`ResponseTypeInterface $responseType = null,`
			`AuthorizationValidatorInterface $authorizationValidator = null`
New server constructor 2016-01-17 19:33:41 +05:30			`) {`
			`$this->clientRepository = $clientRepository;`
			`$this->accessTokenRepository = $accessTokenRepository;`
			`$this->scopeRepository = $scopeRepository;`
handle RSA key passphrase 2016-03-28 20:12:34 +05:30
			`if (!$privateKey instanceof CryptKey) {`
			`$privateKey = new CryptKey($privateKey);`
			`}`
			`$this->privateKey = $privateKey;`

			`if (!$publicKey instanceof CryptKey) {`
			`$publicKey = new CryptKey($publicKey);`
			`}`
			`$this->publicKey = $publicKey;`

Removed default wording as there is no override 2016-01-17 19:53:18 +05:30			`$this->responseType = $responseType;`
Fix #468 and #473 2016-03-17 20:07:21 +05:30			`$this->authorizationValidator = $authorizationValidator;`
Refactored constructor to set defaults, added new setter methods for default token TTL and default token type 2015-04-06 13:02:44 +05:30			`}`
First commit of new server class 2015-04-05 21:33:06 +05:30
			`/**`
Applied fixes from StyleCI 2016-02-20 04:39:39 +05:30			`* Enable a grant type on the server.`
First commit of new server class 2015-04-05 21:33:06 +05:30			`*`
Checkin 2015-10-14 14:21:53 +05:30			`* @param \League\OAuth2\Server\Grant\GrantTypeInterface $grantType`
abstract access token validation 2016-02-12 18:49:47 +05:30			`* @param \DateInterval $accessTokenTTL`
First commit of new server class 2015-04-05 21:33:06 +05:30			`*/`
Fix for non-imported namespace 2016-02-12 19:48:34 +05:30			`public function enableGrantType(GrantTypeInterface $grantType, DateInterval $accessTokenTTL)`
configurable refresh token TTL per grant 2016-01-21 22:41:53 +05:30			`{`
Inject required params into grant type 2016-01-17 19:33:07 +05:30			`$grantType->setAccessTokenRepository($this->accessTokenRepository);`
			`$grantType->setClientRepository($this->clientRepository);`
			`$grantType->setScopeRepository($this->scopeRepository);`
handle RSA key passphrase 2016-03-28 20:12:34 +05:30			`$grantType->setPrivateKey($this->privateKey);`
			`$grantType->setPublicKey($this->publicKey);`
Checkin 2015-10-14 14:21:53 +05:30			`$grantType->setEmitter($this->getEmitter());`
First commit of new server class 2015-04-05 21:33:06 +05:30
allow refresh token ttl assign 2016-01-20 16:51:44 +05:30			`$this->enabledGrantTypes[$grantType->getIdentifier()] = $grantType;`
First commit of new server class 2015-04-05 21:33:06 +05:30
Removed default overrides 2016-01-17 19:33:33 +05:30			`$this->grantTypeAccessTokenTTL[$grantType->getIdentifier()] = $accessTokenTTL;`
First commit of new server class 2015-04-05 21:33:06 +05:30			`}`

			`/**`
Applied fixes from StyleCI 2016-02-20 04:39:39 +05:30			`* Return an access token response.`
First commit of new server class 2015-04-05 21:33:06 +05:30			`*`
handle RSA key passphrase 2016-03-28 20:12:34 +05:30			`* @param \Psr\Http\Message\ServerRequestInterface $request`
			`* @param \Psr\Http\Message\ResponseInterface $response`
First commit of new server class 2015-04-05 21:33:06 +05:30			`*`
Updates 2015-11-13 23:11:05 +05:30			`* @throws \League\OAuth2\Server\Exception\OAuthServerException`
Applied fixes from StyleCI 2016-02-20 04:39:39 +05:30			`*`
			`* @return \Psr\Http\Message\ResponseInterface`
First commit of new server class 2015-04-05 21:33:06 +05:30			`*/`
Fix #468 and #473 2016-03-17 20:07:21 +05:30			`public function respondToRequest(ServerRequestInterface $request, ResponseInterface $response)`
First commit of new server class 2015-04-05 21:33:06 +05:30			`{`
include CryptTrait tests, allow Server::respondToRequest trhow exceptions and fix ResposeType tests 2016-03-18 04:55:32 +05:30			`$tokenResponse = null;`
			`while ($tokenResponse === null && $grantType = array_shift($this->enabledGrantTypes)) {`
			`/** @var \League\OAuth2\Server\Grant\GrantTypeInterface $grantType */`
			`if ($grantType->canRespondToRequest($request)) {`
			`$tokenResponse = $grantType->respondToRequest(`
			`$request,`
			`$this->getResponseType(),`
			`$this->grantTypeAccessTokenTTL[$grantType->getIdentifier()]`
			`);`
Fix #468 and #473 2016-03-17 20:07:21 +05:30			`}`
include CryptTrait tests, allow Server::respondToRequest trhow exceptions and fix ResposeType tests 2016-03-18 04:55:32 +05:30			`}`
The response may be a PSR response which is valid 2016-02-12 19:48:45 +05:30
include CryptTrait tests, allow Server::respondToRequest trhow exceptions and fix ResposeType tests 2016-03-18 04:55:32 +05:30			`if ($tokenResponse instanceof ResponseTypeInterface) {`
			`return $tokenResponse->generateHttpResponse($response);`
allow middleware use 2016-01-15 18:32:47 +05:30			`}`
include CryptTrait tests, allow Server::respondToRequest trhow exceptions and fix ResposeType tests 2016-03-18 04:55:32 +05:30
			`throw OAuthServerException::unsupportedGrantType();`
allow middleware use 2016-01-15 18:32:47 +05:30			`}`
allow refresh token ttl assign 2016-01-20 16:51:44 +05:30
abstract access token validation 2016-02-12 18:49:47 +05:30			`/**`
Applied fixes from StyleCI 2016-02-20 04:39:39 +05:30			`* Determine the access token validity.`
abstract access token validation 2016-02-12 18:49:47 +05:30			`*`
			`* @param \Psr\Http\Message\ServerRequestInterface $request`
			`*`
			`* @throws \League\OAuth2\Server\Exception\OAuthServerException`
Applied fixes from StyleCI 2016-02-20 04:39:39 +05:30			`*`
			`* @return \Psr\Http\Message\ServerRequestInterface`
abstract access token validation 2016-02-12 18:49:47 +05:30			`*/`
rename determineAccessTokenInHeader 2016-02-13 19:08:23 +05:30			`public function validateAuthenticatedRequest(ServerRequestInterface $request)`
abstract access token validation 2016-02-12 18:49:47 +05:30			`{`
Fix #468 and #473 2016-03-17 20:07:21 +05:30			`return $this->getAuthorizationValidator()->validateAuthorization($request);`
abstract access token validation 2016-02-12 18:49:47 +05:30			`}`

allow refresh token ttl assign 2016-01-20 16:51:44 +05:30			`/**`
Applied fixes from StyleCI 2016-02-20 04:39:39 +05:30			`* Get the token type that grants will return in the HTTP response.`
allow refresh token ttl assign 2016-01-20 16:51:44 +05:30			`*`
			`* @return ResponseTypeInterface`
			`*/`
abstract access token validation 2016-02-12 18:49:47 +05:30			`protected function getResponseType()`
allow refresh token ttl assign 2016-01-20 16:51:44 +05:30			`{`
			`if (!$this->responseType instanceof ResponseTypeInterface) {`
Fix #468 and #473 2016-03-17 20:07:21 +05:30			`$this->responseType = new BearerTokenResponse($this->accessTokenRepository);`
allow refresh token ttl assign 2016-01-20 16:51:44 +05:30			`}`

handle RSA key passphrase 2016-03-28 20:12:34 +05:30			`$this->responseType->setPrivateKey($this->privateKey);`
Fix #468 and #473 2016-03-17 20:07:21 +05:30
allow refresh token ttl assign 2016-01-20 16:51:44 +05:30			`return $this->responseType;`
			`}`
Fix #468 and #473 2016-03-17 20:07:21 +05:30
			`/**`
			`* @return \League\OAuth2\Server\AuthorizationValidators\AuthorizationValidatorInterface`
			`*/`
			`protected function getAuthorizationValidator()`
			`{`
			`if (!$this->authorizationValidator instanceof AuthorizationValidatorInterface) {`
			`$this->authorizationValidator = new BearerTokenValidator($this->accessTokenRepository);`
			`}`

handle RSA key passphrase 2016-03-28 20:12:34 +05:30			`$this->authorizationValidator->setPublicKey($this->publicKey);`
Fix #468 and #473 2016-03-17 20:07:21 +05:30
			`return $this->authorizationValidator;`
			`}`
First commit of new server class 2015-04-05 21:33:06 +05:30			`}`