oauth2-server/src/OAuth2/Grant/AuthCode.php

<?php
/**
 * OAuth 2.0 Auth code grant
 *
 * @package     lncd/oauth2
 * @author      Alex Bilbie <hello@alexbilbie.com>
 * @copyright   Copyright (c) 2013 University of Lincoln
 * @license     http://mit-license.org/
 * @link        http://github.com/lncd/oauth2
 */

namespace OAuth2\Grant;

use OAuth2\Request;
use OAuth2\AuthServer;
use OAuth2\Exception;
use OAuth2\Util\SecureKey;
use OAuth2\Storage\SessionInterface;
use OAuth2\Storage\ClientInterface;
use OAuth2\Storage\ScopeInterface;

/**
 * Auth code grant class
 */
class AuthCode implements GrantTypeInterface {

    /**
     * Grant identifier
     * @var string
     */
    protected $identifier = 'authorization_code';

    /**
     * Response type
     * @var string
     */
    protected $responseType = 'code';

    /**
     * AuthServer instance
     * @var AuthServer
     */
    protected $authServer = null;

    /**
     * Constructor
     * @param AuthServer $authServer AuthServer instance
     * @return void
     */
    public function __construct(AuthServer $authServer)
    {
        $this->authServer = $authServer;
    }

    /**
     * Return the identifier
     * @return string
     */
    public function getIdentifier()
    {
        return $this->identifier;
    }

    /**
     * Return the response type
     * @return string
     */
    public function getResponseType()
    {
        return $this->responseType;
    }

    /**
     * Complete the auth code grant
     * @param  null|array $inputParams
     * @return array
     */
    public function completeFlow($inputParams = null)
    {
        // Get the required params
        $authParams = $this->authServer->getParam(array('client_id', 'client_secret', 'redirect_uri', 'code'), 'post', $inputParams);

        if (is_null($authParams['client_id'])) {
            throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'client_id'), 0);
        }

        if (is_null($authParams['client_secret'])) {
            throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'client_secret'), 0);
        }

        if (is_null($authParams['redirect_uri'])) {
            throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'redirect_uri'), 0);
        }

        // Validate client ID and redirect URI
        $clientDetails = $this->authServer->getStorage('client')->getClient($authParams['client_id'], $authParams['client_secret'], $authParams['redirect_uri'], $this->identifier);

        if ($clientDetails === false) {
            throw new Exception\ClientException($this->authServer->getExceptionMessage('invalid_client'), 8);
        }

        $authParams['client_details'] = $clientDetails;

        // Validate the authorization code
        if (is_null($authParams['code'])) {
            throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'code'), 0);
        }

        // Verify the authorization code matches the client_id and the request_uri
        $session = $this->authServer->getStorage('session')->validateAuthCode($authParams['client_id'], $authParams['redirect_uri'], $authParams['code']);

        if ( ! $session) {
            throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_grant'), 'code'), 9);
        }

        // A session ID was returned so update it with an access token,
        //  remove the authorisation code, change the stage to 'granted'

        $accessToken = SecureKey::make();
        $refreshToken = ($this->authServer->hasGrantType('refresh_token')) ? SecureKey::make() : null;

        $accessTokenExpires = time() + $this->authServer->getExpiresIn();
        $accessTokenExpiresIn = $this->authServer->getExpiresIn();

        $this->authServer->getStorage('session')->updateSession(
            $session['id'],
            null,
            $accessToken,
            $refreshToken,
            $accessTokenExpires,
            'granted'
        );

        $response = array(
            'access_token'  =>  $accessToken,
            'token_type'    =>  'bearer',
            'expires'       =>  $accessTokenExpires,
            'expires_in'    =>  $accessTokenExpiresIn
        );

        if ($this->authServer->hasGrantType('refresh_token')) {
            $response['refresh_token'] = $refreshToken;
        }

        return $response;
    }

}
Initial commit of AuthCode grant type 2013-02-01 10:50:32 +00:00			`<?php`
Docblock updates 2013-02-13 19:36:56 +00:00			`/**`
			`* OAuth 2.0 Auth code grant`
			`*`
			`* @package lncd/oauth2`
			`* @author Alex Bilbie <hello@alexbilbie.com>`
			`* @copyright Copyright (c) 2013 University of Lincoln`
			`* @license http://mit-license.org/`
			`* @link http://github.com/lncd/oauth2`
			`*/`
Initial commit of AuthCode grant type 2013-02-01 10:50:32 +00:00
Finished AuthCode grant 2013-02-01 14:41:52 +00:00			`namespace OAuth2\Grant;`
Initial commit of AuthCode grant type 2013-02-01 10:50:32 +00:00
Finished AuthCode grant 2013-02-01 14:41:52 +00:00			`use OAuth2\Request;`
			`use OAuth2\AuthServer;`
Initial commit of AuthCode grant type 2013-02-01 10:50:32 +00:00			`use OAuth2\Exception;`
Finished AuthCode grant 2013-02-01 14:41:52 +00:00			`use OAuth2\Util\SecureKey;`
			`use OAuth2\Storage\SessionInterface;`
			`use OAuth2\Storage\ClientInterface;`
			`use OAuth2\Storage\ScopeInterface;`
Initial commit of AuthCode grant type 2013-02-01 10:50:32 +00:00
Docblock updates 2013-02-13 19:36:56 +00:00			`/**`
			`* Auth code grant class`
			`*/`
Initial commit of AuthCode grant type 2013-02-01 10:50:32 +00:00			`class AuthCode implements GrantTypeInterface {`

Docblock updates 2013-02-13 19:36:56 +00:00			`/**`
			`* Grant identifier`
			`* @var string`
			`*/`
Finished AuthCode grant 2013-02-01 14:41:52 +00:00			`protected $identifier = 'authorization_code';`
Docblock updates 2013-02-13 19:36:56 +00:00
			`/**`
			`* Response type`
			`* @var string`
			`*/`
Initial commit of AuthCode grant type 2013-02-01 10:50:32 +00:00			`protected $responseType = 'code';`

Removed static functions, inject authserver instance into grants 2013-03-06 16:59:18 +00:00			`/**`
			`* AuthServer instance`
			`* @var AuthServer`
			`*/`
			`protected $authServer = null;`

			`/**`
			`* Constructor`
			`* @param AuthServer $authServer AuthServer instance`
			`* @return void`
			`*/`
			`public function __construct(AuthServer $authServer)`
			`{`
			`$this->authServer = $authServer;`
			`}`

Docblock updates 2013-02-13 19:36:56 +00:00			`/**`
			`* Return the identifier`
			`* @return string`
			`*/`
Initial commit of AuthCode grant type 2013-02-01 10:50:32 +00:00			`public function getIdentifier()`
			`{`
			`return $this->identifier;`
			`}`

Docblock updates 2013-02-13 19:36:56 +00:00			`/**`
			`* Return the response type`
			`* @return string`
			`*/`
Initial commit of AuthCode grant type 2013-02-01 10:50:32 +00:00			`public function getResponseType()`
			`{`
			`return $this->responseType;`
			`}`

Docblock updates 2013-02-13 19:36:56 +00:00			`/**`
			`* Complete the auth code grant`
			`* @param null\|array $inputParams`
			`* @return array`
			`*/`
Added AuthServer::getParam() function to reduce repetitive code 2013-02-13 18:25:10 +00:00			`public function completeFlow($inputParams = null)`
Initial commit of AuthCode grant type 2013-02-01 10:50:32 +00:00			`{`
Docblock updates 2013-02-13 19:36:56 +00:00			`// Get the required params`
Removed static functions, inject authserver instance into grants 2013-03-06 16:59:18 +00:00			`$authParams = $this->authServer->getParam(array('client_id', 'client_secret', 'redirect_uri', 'code'), 'post', $inputParams);`
Initial commit of AuthCode grant type 2013-02-01 10:50:32 +00:00
Docblock updates 2013-02-13 19:36:56 +00:00			`if (is_null($authParams['client_id'])) {`
Removed static functions, inject authserver instance into grants 2013-03-06 16:59:18 +00:00			`throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'client_id'), 0);`
Finished AuthCode grant 2013-02-01 14:41:52 +00:00			`}`
Initial commit of AuthCode grant type 2013-02-01 10:50:32 +00:00
Finished AuthCode grant 2013-02-01 14:41:52 +00:00			`if (is_null($authParams['client_secret'])) {`
Removed static functions, inject authserver instance into grants 2013-03-06 16:59:18 +00:00			`throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'client_secret'), 0);`
Finished AuthCode grant 2013-02-01 14:41:52 +00:00			`}`
Initial commit of AuthCode grant type 2013-02-01 10:50:32 +00:00
Finished AuthCode grant 2013-02-01 14:41:52 +00:00			`if (is_null($authParams['redirect_uri'])) {`
Removed static functions, inject authserver instance into grants 2013-03-06 16:59:18 +00:00			`throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'redirect_uri'), 0);`
Finished AuthCode grant 2013-02-01 14:41:52 +00:00			`}`
Initial commit of AuthCode grant type 2013-02-01 10:50:32 +00:00
			`// Validate client ID and redirect URI`
Added grant to getClient calls. Fixes #21 2013-03-27 14:47:07 +00:00			`$clientDetails = $this->authServer->getStorage('client')->getClient($authParams['client_id'], $authParams['client_secret'], $authParams['redirect_uri'], $this->identifier);`
Initial commit of AuthCode grant type 2013-02-01 10:50:32 +00:00
			`if ($clientDetails === false) {`
Removed static functions, inject authserver instance into grants 2013-03-06 16:59:18 +00:00			`throw new Exception\ClientException($this->authServer->getExceptionMessage('invalid_client'), 8);`
Initial commit of AuthCode grant type 2013-02-01 10:50:32 +00:00			`}`

Finished AuthCode grant 2013-02-01 14:41:52 +00:00			`$authParams['client_details'] = $clientDetails;`

Added AuthServer::getParam() function to reduce repetitive code 2013-02-13 18:25:10 +00:00			`// Validate the authorization code`
Finished AuthCode grant 2013-02-01 14:41:52 +00:00			`if (is_null($authParams['code'])) {`
Removed static functions, inject authserver instance into grants 2013-03-06 16:59:18 +00:00			`throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'code'), 0);`
Finished AuthCode grant 2013-02-01 14:41:52 +00:00			`}`
Initial commit of AuthCode grant type 2013-02-01 10:50:32 +00:00
			`// Verify the authorization code matches the client_id and the request_uri`
Removed static functions, inject authserver instance into grants 2013-03-06 16:59:18 +00:00			`$session = $this->authServer->getStorage('session')->validateAuthCode($authParams['client_id'], $authParams['redirect_uri'], $authParams['code']);`
Initial commit of AuthCode grant type 2013-02-01 10:50:32 +00:00
			`if ( ! $session) {`
Removed static functions, inject authserver instance into grants 2013-03-06 16:59:18 +00:00			`throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_grant'), 'code'), 9);`
Initial commit of AuthCode grant type 2013-02-01 10:50:32 +00:00			`}`

			`// A session ID was returned so update it with an access token,`
			`// remove the authorisation code, change the stage to 'granted'`

Finished AuthCode grant 2013-02-01 14:41:52 +00:00			`$accessToken = SecureKey::make();`
Removed static functions, inject authserver instance into grants 2013-03-06 16:59:18 +00:00			`$refreshToken = ($this->authServer->hasGrantType('refresh_token')) ? SecureKey::make() : null;`
Initial commit of AuthCode grant type 2013-02-01 10:50:32 +00:00
Removed static functions, inject authserver instance into grants 2013-03-06 16:59:18 +00:00			`$accessTokenExpires = time() + $this->authServer->getExpiresIn();`
			`$accessTokenExpiresIn = $this->authServer->getExpiresIn();`
Initial commit of AuthCode grant type 2013-02-01 10:50:32 +00:00
Removed static functions, inject authserver instance into grants 2013-03-06 16:59:18 +00:00			`$this->authServer->getStorage('session')->updateSession(`
Initial commit of AuthCode grant type 2013-02-01 10:50:32 +00:00			`$session['id'],`
			`null,`
			`$accessToken,`
			`$refreshToken,`
			`$accessTokenExpires,`
			`'granted'`
			`);`

			`$response = array(`
			`'access_token' => $accessToken,`
			`'token_type' => 'bearer',`
			`'expires' => $accessTokenExpires,`
			`'expires_in' => $accessTokenExpiresIn`
			`);`

Removed static functions, inject authserver instance into grants 2013-03-06 16:59:18 +00:00			`if ($this->authServer->hasGrantType('refresh_token')) {`
Initial commit of AuthCode grant type 2013-02-01 10:50:32 +00:00			`$response['refresh_token'] = $refreshToken;`
			`}`

			`return $response;`
			`}`

			`}`