2013-12-02 18:42:54 +00:00
|
|
|
<?php
|
|
|
|
|
/**
|
2014-01-08 16:15:29 +00:00
|
|
|
* OAuth 2.0 Abstract grant
|
2013-12-02 18:42:54 +00:00
|
|
|
*
|
2014-01-08 16:15:29 +00:00
|
|
|
* @package league/oauth2-server
|
2013-12-02 18:42:54 +00:00
|
|
|
* @author Alex Bilbie <hello@alexbilbie.com>
|
2014-03-09 19:34:23 +00:00
|
|
|
* @copyright Copyright (c) Alex Bilbie
|
2013-12-02 18:42:54 +00:00
|
|
|
* @license http://mit-license.org/
|
2014-03-09 20:05:38 +00:00
|
|
|
* @link https://github.com/thephpleague/oauth2-server
|
2013-12-02 18:42:54 +00:00
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
namespace League\OAuth2\Server\Grant;
|
|
|
|
|
|
2014-02-24 14:42:22 +00:00
|
|
|
use League\OAuth2\Server\AuthorizationServer;
|
2014-05-02 17:21:53 +01:00
|
|
|
use League\OAuth2\Server\Entity\ScopeEntity;
|
2014-09-30 23:55:21 +01:00
|
|
|
use League\OAuth2\Server\Entity\ClientEntity;
|
2014-04-25 11:24:48 +01:00
|
|
|
use League\OAuth2\Server\Exception;
|
2013-12-05 20:25:50 +00:00
|
|
|
|
2014-01-08 16:15:29 +00:00
|
|
|
/**
|
|
|
|
|
* Abstract grant class
|
|
|
|
|
*/
|
|
|
|
|
abstract class AbstractGrant implements GrantTypeInterface
|
|
|
|
|
{
|
|
|
|
|
/**
|
|
|
|
|
* Grant identifier
|
|
|
|
|
* @var string
|
|
|
|
|
*/
|
|
|
|
|
protected $identifier = '';
|
2013-12-02 18:42:54 +00:00
|
|
|
|
2013-12-05 20:25:50 +00:00
|
|
|
/**
|
2014-01-08 16:15:29 +00:00
|
|
|
* Response type
|
|
|
|
|
* @var string
|
2013-12-05 20:25:50 +00:00
|
|
|
*/
|
2014-01-10 12:30:13 +00:00
|
|
|
protected $responseType;
|
2014-01-08 16:15:29 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Callback to authenticate a user's name and password
|
|
|
|
|
* @var function
|
|
|
|
|
*/
|
2014-01-10 12:30:13 +00:00
|
|
|
protected $callback;
|
2014-01-08 16:15:29 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* AuthServer instance
|
2014-11-07 01:30:54 +00:00
|
|
|
* @var \League\OAuth2\Server\AuthorizationServer
|
2014-01-08 16:15:29 +00:00
|
|
|
*/
|
2014-01-10 12:30:13 +00:00
|
|
|
protected $server;
|
2014-01-08 16:15:29 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Access token expires in override
|
|
|
|
|
* @var int
|
|
|
|
|
*/
|
2014-01-10 12:30:13 +00:00
|
|
|
protected $accessTokenTTL;
|
2013-12-05 20:25:50 +00:00
|
|
|
|
2013-12-02 18:42:54 +00:00
|
|
|
/**
|
|
|
|
|
* Return the identifier
|
|
|
|
|
* @return string
|
|
|
|
|
*/
|
|
|
|
|
public function getIdentifier()
|
|
|
|
|
{
|
|
|
|
|
return $this->identifier;
|
|
|
|
|
}
|
|
|
|
|
|
2013-12-04 17:23:19 -05:00
|
|
|
/**
|
|
|
|
|
* Return the identifier
|
2014-05-03 10:53:43 +01:00
|
|
|
* @param string $identifier
|
2013-12-04 17:23:19 -05:00
|
|
|
* @return self
|
|
|
|
|
*/
|
|
|
|
|
public function setIdentifier($identifier)
|
|
|
|
|
{
|
|
|
|
|
$this->identifier = $identifier;
|
2014-05-03 10:53:43 +01:00
|
|
|
|
2013-12-04 17:23:19 -05:00
|
|
|
return $this;
|
|
|
|
|
}
|
2013-12-05 20:28:31 +00:00
|
|
|
|
2013-12-02 18:42:54 +00:00
|
|
|
/**
|
|
|
|
|
* Return the response type
|
|
|
|
|
* @return string
|
|
|
|
|
*/
|
|
|
|
|
public function getResponseType()
|
|
|
|
|
{
|
|
|
|
|
return $this->responseType;
|
|
|
|
|
}
|
|
|
|
|
|
2014-09-11 13:39:50 +01:00
|
|
|
/**
|
|
|
|
|
* Get the TTL for an access token
|
|
|
|
|
* @return int The TTL
|
|
|
|
|
*/
|
|
|
|
|
public function getAccessTokenTTL()
|
|
|
|
|
{
|
|
|
|
|
if ($this->accessTokenTTL) {
|
|
|
|
|
return $this->accessTokenTTL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $this->server->getAccessTokenTTL();
|
|
|
|
|
}
|
|
|
|
|
|
2013-12-02 18:42:54 +00:00
|
|
|
/**
|
|
|
|
|
* Override the default access token expire time
|
2014-05-03 10:53:43 +01:00
|
|
|
* @param int $accessTokenTTL
|
2013-12-02 18:42:54 +00:00
|
|
|
* @return self
|
|
|
|
|
*/
|
|
|
|
|
public function setAccessTokenTTL($accessTokenTTL)
|
|
|
|
|
{
|
|
|
|
|
$this->accessTokenTTL = $accessTokenTTL;
|
2014-05-03 10:53:43 +01:00
|
|
|
|
2013-12-02 18:42:54 +00:00
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
2013-12-05 20:25:50 +00:00
|
|
|
/**
|
|
|
|
|
* Inject the authorization server into the grant
|
2014-11-07 01:25:13 +00:00
|
|
|
* @param \League\OAuth2\Server\AuthorizationServer $server The authorization server instance
|
2014-05-03 10:53:43 +01:00
|
|
|
* @return self
|
2013-12-05 20:25:50 +00:00
|
|
|
*/
|
2014-02-24 14:42:22 +00:00
|
|
|
public function setAuthorizationServer(AuthorizationServer $server)
|
2013-12-05 20:25:50 +00:00
|
|
|
{
|
2013-12-24 17:01:56 +00:00
|
|
|
$this->server = $server;
|
2014-05-03 10:53:43 +01:00
|
|
|
|
2013-12-05 20:25:50 +00:00
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
2014-01-08 16:15:29 +00:00
|
|
|
/**
|
2014-11-07 01:25:13 +00:00
|
|
|
* Given a list of scopes, validate them and return an array of Scope entities
|
|
|
|
|
* @param string $scopeParam A string of scopes (e.g. "profile email birthday")
|
|
|
|
|
* @param \League\OAuth2\Server\Entity\ClientEntity $client A string of scopes (e.g. "profile email birthday")
|
|
|
|
|
* @return \League\OAuth2\Server\Entity\ScopeEntity[]
|
|
|
|
|
* @throws \League\OAuth2\Server\Exception\ClientException If scope is invalid, or no scopes passed when required
|
2014-01-08 16:15:29 +00:00
|
|
|
*/
|
2014-09-30 23:55:21 +01:00
|
|
|
public function validateScopes($scopeParam = '', ClientEntity $client)
|
2013-12-24 17:01:56 +00:00
|
|
|
{
|
|
|
|
|
$scopesList = explode($this->server->getScopeDelimeter(), $scopeParam);
|
|
|
|
|
|
|
|
|
|
for ($i = 0; $i < count($scopesList); $i++) {
|
|
|
|
|
$scopesList[$i] = trim($scopesList[$i]);
|
2014-05-03 11:08:33 +01:00
|
|
|
if ($scopesList[$i] === '') {
|
|
|
|
|
unset($scopesList[$i]); // Remove any junk scopes
|
|
|
|
|
}
|
2013-12-24 17:01:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (
|
2014-05-03 11:08:33 +01:00
|
|
|
$this->server->scopeParamRequired() === true
|
|
|
|
|
&& $this->server->getDefaultScope() === null
|
|
|
|
|
&& count($scopesList) === 0
|
2013-12-24 17:01:56 +00:00
|
|
|
) {
|
2014-04-25 11:24:48 +01:00
|
|
|
throw new Exception\InvalidRequestException('scope');
|
2013-12-24 17:01:56 +00:00
|
|
|
} elseif (count($scopesList) === 0 && $this->server->getDefaultScope() !== null) {
|
|
|
|
|
if (is_array($this->server->getDefaultScope())) {
|
|
|
|
|
$scopesList = $this->server->getDefaultScope();
|
|
|
|
|
} else {
|
|
|
|
|
$scopesList = [0 => $this->server->getDefaultScope()];
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$scopes = [];
|
|
|
|
|
|
|
|
|
|
foreach ($scopesList as $scopeItem) {
|
2014-01-10 12:30:13 +00:00
|
|
|
$scope = $this->server->getStorage('scope')->get(
|
2013-12-24 17:01:56 +00:00
|
|
|
$scopeItem,
|
2014-09-30 23:55:21 +01:00
|
|
|
$this->getIdentifier(),
|
|
|
|
|
$client->getId()
|
2013-12-24 17:01:56 +00:00
|
|
|
);
|
|
|
|
|
|
2014-05-02 17:21:53 +01:00
|
|
|
if (($scope instanceof ScopeEntity) === false) {
|
2014-08-06 09:53:47 +01:00
|
|
|
throw new Exception\InvalidScopeException($scopeItem, true);
|
2013-12-24 17:01:56 +00:00
|
|
|
}
|
|
|
|
|
|
2014-01-10 12:30:13 +00:00
|
|
|
$scopes[$scope->getId()] = $scope;
|
2013-12-24 17:01:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $scopes;
|
|
|
|
|
}
|
|
|
|
|
|
2014-01-10 12:30:13 +00:00
|
|
|
/**
|
|
|
|
|
* Format the local scopes array
|
2014-11-07 01:25:13 +00:00
|
|
|
* @param \League\OAuth2\Server\Entity\ScopeEntity[]
|
2014-01-10 12:30:13 +00:00
|
|
|
* @return array
|
|
|
|
|
*/
|
|
|
|
|
protected function formatScopes($unformated = [])
|
|
|
|
|
{
|
|
|
|
|
$scopes = [];
|
|
|
|
|
foreach ($unformated as $scope) {
|
2014-05-02 17:21:53 +01:00
|
|
|
if ($scope instanceof ScopeEntity) {
|
2014-01-10 12:30:13 +00:00
|
|
|
$scopes[$scope->getId()] = $scope;
|
|
|
|
|
}
|
|
|
|
|
}
|
2014-05-03 10:53:43 +01:00
|
|
|
|
2014-01-10 12:30:13 +00:00
|
|
|
return $scopes;
|
|
|
|
|
}
|
2013-12-04 17:23:19 -05:00
|
|
|
}
|
