oauth2-server/src/Grant/AuthCodeGrant.php

<?php

namespace League\OAuth2\Server\Grant;

use DateInterval;
use DateTime;
use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\ResponseTypes\ResponseTypeInterface;
use Psr\Http\Message\ServerRequestInterface;

class AuthCodeGrant extends AbstractGrant
{
    /**
     * @inheritdoc
     */
    public function respondToRequest(
        ServerRequestInterface $request,
        ResponseTypeInterface $responseType,
        DateInterval $tokenTTL,
        $scopeDelimiter = ' '
    ) {
        if (
            isset($request->getQueryParams()['response_type'])
            && $request->getQueryParams()['response_type'] === 'code'
            && isset($request->getQueryParams()['client_id'])
        ) {
            return $this->respondToAuthorizationRequest($request, $scopeDelimiter, $tokenTTL);
        } elseif (
            isset($request->getParsedBody()['grant_type'])
            && $request->getParsedBody()['grant_type'] === 'authorization_code'
        ) {
            return $this->respondToAccessTokenRequest($request, $responseType, $tokenTTL);
        } else {
            throw OAuthServerException::serverError('respondToRequest() should not have been called');
        }
    }

    /**
     * Respond to an authorization request
     *
     * @param \Psr\Http\Message\ServerRequestInterface $request
     * @param string                                   $scopeDelimiter
     * @param DateTime                                 $tokenTTL
     */
    protected function respondToAuthorizationRequest(
        ServerRequestInterface $request,
        $scopeDelimiter = ' ',
        DateTime $tokenTTL
    ) {
        // Get required params
        /*$clientId = array_key_exists('client_id', $request->getQueryParams())
            ? $request->getQueryParams()['client_id'] // $_GET['client_id']
            : null;

        if (is_null($clientId)) {
            throw OAuthServerException::invalidRequest('client_id', null, '`%s` parameter is missing');
        }

        $redirectUri = array_key_exists('redirect_uri', $request->getQueryParams())
            ? $request->getQueryParams()['redirect_uri'] // $_GET['redirect_uri']
            : null;

        if (is_null($redirectUri)) {
            throw OAuthServerException::invalidRequest('redirect_uri', null, '`%s` parameter is missing');
        }

        // Validate client ID and redirect URI
        $client = $this->clientRepository->getClientEntity(
            $clientId,
            $this->getIdentifier(),
            null,
            $redirectUri
        );

        if (($client instanceof ClientEntityInterface) === false) {
            throw OAuthServerException::invalidClient();
        }

        $state = array_key_exists('state', $request->getQueryParams())
            ? $request->getQueryParams()['state'] // $_GET['state']
            : null;

        // Validate any scopes that are in the request
        $scopeParam = array_key_exists('scope', $request->getQueryParams())
            ? $request->getQueryParams()['scope'] // $_GET['scope']
            : '';
        $scopes = $this->validateScopes($scopeParam, $scopeDelimiter, $client);

        // Create a new authorization code
        $authCode = new AuthCodeEntity();
        $authCode->setIdentifier(SecureKey::generate());
        $authCode->setExpiryDateTime((new \DateTime())->add($authCodeTTL));
        $authCode->setClient($client);
        $authCode->setUserIdentifier($userEntity->getIdentifier());

        // Associate scopes with the session and access token
        foreach ($scopes as $scope) {
            $authCode->addScope($scope);
        }*/
    }

    /**
     * Respond to an access token request
     *
     * @param \Psr\Http\Message\ServerRequestInterface                  $request
     * @param \League\OAuth2\Server\ResponseTypes\ResponseTypeInterface $responseType
     * @param \DateInterval                                             $accessTokenTTL
     *
     * @return \League\OAuth2\Server\ResponseTypes\ResponseTypeInterface
     */
    protected function respondToAccessTokenRequest(
        ServerRequestInterface $request,
        ResponseTypeInterface $responseType,
        DateInterval $accessTokenTTL
    ) {

    }

    /**
     * @inheritdoc
     */
    public function canRespondToRequest(ServerRequestInterface $request)
    {
        return (
            (
                strtoupper($request->getMethod()) === 'GET'
                && isset($request->getQueryParams()['response_type'])
                && $request->getQueryParams()['response_type'] === 'code'
                && isset($request->getQueryParams()['client_id'])
            ) || (
                isset($request->getParsedBody()['grant_type'])
                && $request->getParsedBody()['grant_type'] === 'authorization_code'
            )
        );
    }
}
Initial commit of AuthCode grant type 2013-02-01 16:20:32 +05:30			`<?php`

Renamed AuthServer to Authorization, renamed ResourceServer to Resource. Updated all tests and other files 2013-05-09 00:12:23 +05:30			`namespace League\OAuth2\Server\Grant;`
Renamed namespace to League\OAuth2\ 2013-05-08 23:36:09 +05:30
First commit of updated auth code grant 2015-04-06 02:27:29 +05:30			`use DateInterval;`
First commit of AuthCode rewrite 2016-02-11 23:00:01 +05:30			`use DateTime;`
			`use League\OAuth2\Server\Exception\OAuthServerException;`
			`use League\OAuth2\Server\ResponseTypes\ResponseTypeInterface;`
			`use Psr\Http\Message\ServerRequestInterface;`
Initial commit of AuthCode grant type 2013-02-01 16:20:32 +05:30
Renamed Grants 2014-05-02 21:54:55 +05:30			`class AuthCodeGrant extends AbstractGrant`
AuthCode grant 2014-04-06 23:44:46 +05:30			`{`
First commit of updated auth code grant 2015-04-06 02:27:29 +05:30			`/**`
First commit of AuthCode rewrite 2016-02-11 23:00:01 +05:30			`* @inheritdoc`
First commit of updated auth code grant 2015-04-06 02:27:29 +05:30			`*/`
First commit of AuthCode rewrite 2016-02-11 23:00:01 +05:30			`public function respondToRequest(`
			`ServerRequestInterface $request,`
			`ResponseTypeInterface $responseType,`
			`DateInterval $tokenTTL,`
			`$scopeDelimiter = ' '`
First commit of updated auth code grant 2015-04-06 02:27:29 +05:30			`) {`
First commit of AuthCode rewrite 2016-02-11 23:00:01 +05:30			`if (`
			`isset($request->getQueryParams()['response_type'])`
			`&& $request->getQueryParams()['response_type'] === 'code'`
			`&& isset($request->getQueryParams()['client_id'])`
			`) {`
			`return $this->respondToAuthorizationRequest($request, $scopeDelimiter, $tokenTTL);`
			`} elseif (`
			`isset($request->getParsedBody()['grant_type'])`
			`&& $request->getParsedBody()['grant_type'] === 'authorization_code'`
			`) {`
			`return $this->respondToAccessTokenRequest($request, $responseType, $tokenTTL);`
			`} else {`
			`throw OAuthServerException::serverError('respondToRequest() should not have been called');`
			`}`
Added method to set the auth token TTL 2013-05-08 03:50:32 +05:30			`}`

Docblock updates 2013-02-14 01:06:56 +05:30			`/**`
First commit of AuthCode rewrite 2016-02-11 23:00:01 +05:30			`* Respond to an authorization request`
Docbloc improvements 2014-11-12 23:40:29 +05:30			`*`
First commit of AuthCode rewrite 2016-02-11 23:00:01 +05:30			`* @param \Psr\Http\Message\ServerRequestInterface $request`
			`* @param string $scopeDelimiter`
			`* @param DateTime $tokenTTL`
Move authorisation code grant stuff into own grant 2013-03-31 18:07:02 +05:30			`*/`
First commit of AuthCode rewrite 2016-02-11 23:00:01 +05:30			`protected function respondToAuthorizationRequest(`
			`ServerRequestInterface $request,`
			`$scopeDelimiter = ' ',`
			`DateTime $tokenTTL`
			`) {`
AuthCode grant 2014-04-06 23:44:46 +05:30			`// Get required params`
First commit of AuthCode rewrite 2016-02-11 23:00:01 +05:30			`/*$clientId = array_key_exists('client_id', $request->getQueryParams())`
			`? $request->getQueryParams()['client_id'] // $_GET['client_id']`
			`: null;`

Updated copyright 2014-03-10 01:04:23 +05:30			`if (is_null($clientId)) {`
First commit of AuthCode rewrite 2016-02-11 23:00:01 +05:30			throw OAuthServerException::invalidRequest('client_id', null, '`%s` parameter is missing');
Move authorisation code grant stuff into own grant 2013-03-31 18:07:02 +05:30			`}`

First commit of AuthCode rewrite 2016-02-11 23:00:01 +05:30			`$redirectUri = array_key_exists('redirect_uri', $request->getQueryParams())`
			`? $request->getQueryParams()['redirect_uri'] // $_GET['redirect_uri']`
			`: null;`

Updated copyright 2014-03-10 01:04:23 +05:30			`if (is_null($redirectUri)) {`
First commit of AuthCode rewrite 2016-02-11 23:00:01 +05:30			throw OAuthServerException::invalidRequest('redirect_uri', null, '`%s` parameter is missing');
Move authorisation code grant stuff into own grant 2013-03-31 18:07:02 +05:30			`}`

Fix #169 2014-08-06 14:23:47 +05:30			`// Validate client ID and redirect URI`
First commit of AuthCode rewrite 2016-02-11 23:00:01 +05:30			`$client = $this->clientRepository->getClientEntity(`
Fix #169 2014-08-06 14:23:47 +05:30			`$clientId,`
First commit of AuthCode rewrite 2016-02-11 23:00:01 +05:30			`$this->getIdentifier(),`
Fix #169 2014-08-06 14:23:47 +05:30			`null,`
First commit of AuthCode rewrite 2016-02-11 23:00:01 +05:30			`$redirectUri`
Fix #169 2014-08-06 14:23:47 +05:30			`);`

First commit of AuthCode rewrite 2016-02-11 23:00:01 +05:30			`if (($client instanceof ClientEntityInterface) === false) {`
			`throw OAuthServerException::invalidClient();`
Move authorisation code grant stuff into own grant 2013-03-31 18:07:02 +05:30			`}`

First commit of AuthCode rewrite 2016-02-11 23:00:01 +05:30			`$state = array_key_exists('state', $request->getQueryParams())`
			`? $request->getQueryParams()['state'] // $_GET['state']`
			`: null;`
Move authorisation code grant stuff into own grant 2013-03-31 18:07:02 +05:30
Updated copyright 2014-03-10 01:04:23 +05:30			`// Validate any scopes that are in the request`
First commit of AuthCode rewrite 2016-02-11 23:00:01 +05:30			`$scopeParam = array_key_exists('scope', $request->getQueryParams())`
			`? $request->getQueryParams()['scope'] // $_GET['scope']`
			`: '';`
			`$scopes = $this->validateScopes($scopeParam, $scopeDelimiter, $client);`

			`// Create a new authorization code`
			`$authCode = new AuthCodeEntity();`
			`$authCode->setIdentifier(SecureKey::generate());`
			`$authCode->setExpiryDateTime((new \DateTime())->add($authCodeTTL));`
			`$authCode->setClient($client);`
			`$authCode->setUserIdentifier($userEntity->getIdentifier());`

			`// Associate scopes with the session and access token`
			`foreach ($scopes as $scope) {`
			`$authCode->addScope($scope);`
			`}*/`
			`}`
Move authorisation code grant stuff into own grant 2013-03-31 18:07:02 +05:30
			`/**`
First commit of AuthCode rewrite 2016-02-11 23:00:01 +05:30			`* Respond to an access token request`
Move authorisation code grant stuff into own grant 2013-03-31 18:07:02 +05:30			`*`
First commit of AuthCode rewrite 2016-02-11 23:00:01 +05:30			`* @param \Psr\Http\Message\ServerRequestInterface $request`
			`* @param \League\OAuth2\Server\ResponseTypes\ResponseTypeInterface $responseType`
			`* @param \DateInterval $accessTokenTTL`
CS fixes 2014-12-10 18:40:35 +05:30			`*`
First commit of AuthCode rewrite 2016-02-11 23:00:01 +05:30			`* @return \League\OAuth2\Server\ResponseTypes\ResponseTypeInterface`
Move authorisation code grant stuff into own grant 2013-03-31 18:07:02 +05:30			`*/`
First commit of AuthCode rewrite 2016-02-11 23:00:01 +05:30			`protected function respondToAccessTokenRequest(`
			`ServerRequestInterface $request,`
			`ResponseTypeInterface $responseType,`
			`DateInterval $accessTokenTTL`
			`) {`
AuthCode grant 2014-04-06 23:44:46 +05:30
First commit of AuthCode rewrite 2016-02-11 23:00:01 +05:30			`}`
Move authorisation code grant stuff into own grant 2013-03-31 18:07:02 +05:30
			`/**`
First commit of AuthCode rewrite 2016-02-11 23:00:01 +05:30			`* @inheritdoc`
Docblock updates 2013-02-14 01:06:56 +05:30			`*/`
First commit of AuthCode rewrite 2016-02-11 23:00:01 +05:30			`public function canRespondToRequest(ServerRequestInterface $request)`
			`{`
			`return (`
			`(`
			`strtoupper($request->getMethod()) === 'GET'`
			`&& isset($request->getQueryParams()['response_type'])`
			`&& $request->getQueryParams()['response_type'] === 'code'`
			`&& isset($request->getQueryParams()['client_id'])`
			`) \|\| (`
			`isset($request->getParsedBody()['grant_type'])`
			`&& $request->getParsedBody()['grant_type'] === 'authorization_code'`
			`)`
AuthCode grant 2014-04-06 23:44:46 +05:30			`);`
Initial commit of AuthCode grant type 2013-02-01 16:20:32 +05:30			`}`
Gave "bearer" a capital "B" 2013-09-07 22:29:44 +05:30			`}`