ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2024-12-15 17:58:56 +05:30
Code Issues Packages Projects Releases Wiki Activity

Too many changes to describe

Browse Source
This commit is contained in:
Alex Bilbie 2014-01-08 16:15:29 +00:00
parent 2d90a09f65
commit 0250d8d4d1
31 changed files with 742 additions and 489 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
composer.json
View File

@ -6,11 +6,11 @@
"license": "MIT",
"require": {
"php": ">=5.4.0",
"symfony/http-foundation": "v2.4.*"
"symfony/http-foundation": "2.4.*"
},
"require-dev": {
"mockery/mockery": ">=0.7.2",
"league/phpunit-coverage-listener": "~1.0"
"league/phpunit-coverage-listener": "~1.0",
"phpdocumentor/phpdocumentor": "2.*"
},
"repositories": [
{

44
src/League/OAuth2/Server/Authorization.php
View File

@ -2,9 +2,9 @@
/**
* OAuth 2.0 Authorization Server
*
* @package php-loep/oauth2-server
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
* @copyright Copyright (c) PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/
@ -16,6 +16,7 @@ use League\OAuth2\Server\Grant\GrantTypeInterface;
use League\OAuth2\Server\Exception\ClientException;
use League\OAuth2\Server\Exception\ServerException;
use League\OAuth2\Server\Exception\InvalidGrantTypeException;
use League\OAuth2\Server\Storage\StorageWrapper;
use League\OAuth2\Server\Storage\ClientInterface;
use League\OAuth2\Server\Storage\AccessTokenInterface;
use League\OAuth2\Server\Storage\AuthCodeInterface;
@ -231,45 +232,49 @@ class Authorization
/**
* Set the client storage
* @param ClientInterface $client
* @param ClientInterface $storage
* @return self
*/
public function setClientStorage(ClientInterface $client)
public function setClientStorage(ClientInterface $storage)
{
$this->storages['client'] = $client;
$storage->setServer($this);
$this->storages['client'] = $storage;
return $this;
}
/**
* Set the session storage
* @param SessionInterface $session
* @param SessionInterface $storage
* @return self
*/
public function setSessionStorage(SessionInterface $session)
public function setSessionStorage(SessionInterface $storage)
{
$this->storages['session'] = $session;
$storage->setServer($this);
$this->storages['session'] = $storage;
return $this;
}
/**
* Set the access token storage
* @param AccessTokenInterface $accessToken
* @param AccessTokenInterface $storage
* @return self
*/
public function setAccessTokenStorage(AccessTokenInterface $accessToken)
public function setAccessTokenStorage(AccessTokenInterface $storage)
{
$this->storages['access_token'] = $accessToken;
$storage->setServer($this);
$this->storages['access_token'] = $storage;
return $this;
}
/**
* Set the refresh token storage
* @param RefreshTokenInteface $refreshToken
* @param RefreshTokenInteface $storage
* @return self
*/
public function setRefreshTokenStorage(RefreshTokenInterface $refreshToken)
public function setRefreshTokenStorage(RefreshTokenInterface $storage)
{
$this->storages['refresh_token'] = $refreshToken;
$storage->setServer($this);
$this->storages['refresh_token'] = $storage;
return $this;
}
@ -280,18 +285,20 @@ class Authorization
*/
public function setAuthCodeStorage(AuthCodeInterface $authCode)
{
$storage->setServer($this);
$this->storages['auth_code'] = $authCode;
return $this;
}
/**
* Set the scope storage
* @param ScopeInterface $scope
* @param ScopeInterface $storage
* @return self
*/
public function setScopeStorage(ScopeInterface $scope)
public function setScopeStorage(ScopeInterface $storage)
{
$this->storages['scope'] = $scope;
$storage->setServer($this);
$this->storages['scope'] = $storage;
return $this;
}
@ -359,7 +366,8 @@ class Authorization
}
/**
* Default scope to be used if none is provided and requireScopeParam is false
* Default scope to be used if none is provided and requireScopeParam() is false
* @param string $default Name of the default scope
* @param self
*/
public function setDefaultScope($default = null)

128
src/League/OAuth2/Server/Entities/AbstractToken.php
View File

@ -1,64 +1,80 @@
<?php
/**
* OAuth 2.0 Abstract token
*
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/
namespace League\OAuth2\Server\Entities;
use League\OAuth2\Server\Storage\SessionStorageInterface;
use Symfony\Component\HttpFoundation\ParameterBag;
use League\OAuth2\Server\Util\SecureKey;
use League\OAuth2\Server\Exception\ServerException;
use \League\OAuth2\Server\Authorization;
use \League\OAuth2\Server\Resource;
use Symfony\Component\HttpFoundation\ParameterBag;
/**
* Abstract token class
*/
abstract class AbstractToken
{
/**
* Access token ID
* @var string
*/
protected $token = null;
protected $token;
/**
* Access token storage
* @var \League\OAuth2\Server\Storage\AccessTokenInterface
* Session ID
* @var string
*/
protected $storage = null;
/**
* Session storage
* @var \League\OAuth2\Server\Storage\SessionInterface
*/
protected $sessionStorage = null;
protected $sessionId;
/**
* Associated session
* @var \League\OAuth2\Server\Session
*/
protected $session = null;
protected $session;
/**
* Session scopes
* @var \Symfony\Component\HttpFoundation\ParameterBag
*/
protected $scopes = null;
protected $scopes;
/**
* Token expire time
* @var int
*/
protected $expireTime = 0;
/**
* Authorization or resource server
* @var \League\OAuth2\Server\Authorization|\League\OAuth2\Server\Resource
*/
protected $server;
/**
* __construct
* @param mixed $storage
* @param \League\OAuth2\Server\Authorization|\League\OAuth2\Server\Resource $server
* @return self
*/
public function __construct($storage)
public function __construct($server)
{
$this->storage = $storage;
if (! $server instanceof Authorization && ! $server instanceof Resource) {
throw new ServerException('No instance of Authorization or Resource server injected');
}
$this->server = $server;
$this->scopes = new ParameterBag();
return $this;
}
/**
* Get storage
* @return AccessTokenInterface
*/
public function getStorage()
{
return $this->storage;
}
/**
* Set session
* @param \League\OAuth2\Server\Session $session
@ -76,55 +92,35 @@ abstract class AbstractToken
*/
public function getSession()
{
return $this->session;
if ($this->session instanceof Session) {
return $this->session;
}
if ($this->sessionId !== null) {
$session = $this->server->getStorage('session')->getSession($this->sessionId);
}
throw new ServerException('No session ID set for this token');
}
/**
* Set token TTL
* @param integer $ttl TTL in seconds
* Set the expire time of the token
* @param integer $expireTime Unix time stamp
* @return self
*/
public function setTTL($ttl = 0)
public function setExpireTime($expireTime)
{
$this->ttl = $ttl;
$this->expireTime = $expireTime;
return $this;
}
/**
* Get token TTL
* @return integer
*/
public function getTTL()
{
return $this->ttl;
}
/**
* Set the creation timestamp
* @param integer $timestamp Unix timestamp
* @return self
*/
public function setTimestamp($timestamp = 0)
{
$this->timestamp = $timestamp;
}
/**
* Get access token creation timestamp
* @return integer Unix timestamp
*/
public function getTimestamp()
{
return $this->timestamp;
}
/**
* Return creation timestamp + TTL
* Return token expire time
* @return int
*/
public function getExpireTime()
{
return $this->getTimestamp() + $this->getTTL();
return $this->expireTime;
}
/**
@ -181,8 +177,14 @@ abstract class AbstractToken
}
/**
* Save the token to the database
* @return self
* Expire the token
* @return void
*/
abstract function save();
abstract public function expire();
/**
* Save the token
* @return void
*/
abstract public function save();
}

27
src/League/OAuth2/Server/Entities/AccessToken.php
View File

@ -1,28 +1,33 @@
<?php
/**
* OAuth 2.0 Access token entity
*
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/
namespace League\OAuth2\Server\Entities;
use League\OAuth2\Server\Storage\SessionStorageInterface;
use League\OAuth2\Server\Storage\AccessTokenInterface;
use Symfony\Component\HttpFoundation\ParameterBag;
use League\OAuth2\Server\Util\SecureKey;
use League\OAuth2\Server\Exception\InvalidAccessTokenException;
use Symfony\Component\HttpFoundation\ParameterBag;
/**
* Access token entity class
*/
class AccessToken extends AbstractToken
{
/**
* __construct
* @param AccessTokenInterface $storage
* @return self
* {@inheritdoc}
*/
public function __construct(AccessTokenInterface $storage)
{
parent::__construct($storage);
}
public function save()
{
$this->getStorage()->createAccessToken(
$this->server->getStorage('access_token')->createAccessToken(
$this->getToken(),
$this->getExpireTime(),
$this->getSession()->getId()
@ -30,7 +35,7 @@ class AccessToken extends AbstractToken
// Associate the scope with the token
foreach ($this->getScopes() as $scope) {
$this->getStorage()->associateScope($this->getToken(), $scope->getId());
$this->server->getStorage('access_token')->associateScope($this->getToken(), $scope->getId());
}
return $this;

88
src/League/OAuth2/Server/Entities/Client.php
View File

@ -1,58 +1,144 @@
<?php
/**
* OAuth 2.0 Client entity
*
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/
namespace League\OAuth2\Server\Entities;
use League\OAuth2\Server\Exception\ServerException;
use League\OAuth2\Server\Authorization;
use League\OAuth2\Server\Resource;
/**
* Client entity class
*/
class Client
{
/**
* Client identifier
* @var string
*/
protected $id = null;
/**
* Client secret
* @var string
*/
protected $secret = null;
/**
* Client name
* @var string
*/
protected $name = null;
/**
* Client redirect URI
* @var string
*/
protected $redirectUri = null;
/**
* Authorization or resource server
* @var \League\OAuth2\Server\Authorization|\League\OAuth2\Server\Resource
*/
protected $server;
/**
* __construct
* @param \League\OAuth2\Server\Authorization|\League\OAuth2\Server\Resource $server
* @return self
*/
public function __construct($server)
{
if (! $server instanceof Authorization && ! $server instanceof Resource) {
throw new ServerException('No instance of Authorization or Resource server injected');
}
}
/**
* Set the client identifier
* @param string $id
* @return self
*/
public function setId($id)
{
$this->id = $id;
return $this;
}
/**
* Return the client identifier
* @return string
*/
public function getId()
{
return $this->id;
}
/**
* Set the client secret
* @param string $secret
* @return self
*/
public function setSecret($secret)
{
$this->secret = $secret;
return $this;
}
/**
* Return the client secret
* @return string
*/
public function getSecret()
{
return $this->secret;
}
/**
* Set the client name
* @param string $name
* @return self
*/
public function setName($name)
{
$this->name = $name;
return $this;
}
/**
* Get the client name
* @return string
*/
public function getName()
{
return $this->name;
}
/**
* Set the client redirect URI
* @param string $redirectUri
* @return self
*/
public function setRedirectUri($redirectUri)
{
$this->redirectUri = $redirectUri;
return $this;
}
/**
* Returnt the client redirect URI
* @return string
*/
public function getRedirectUri()
{
return $this->redirectUri;
}
}
}

36
src/League/OAuth2/Server/Entities/RefreshToken.php
View File

@ -1,30 +1,36 @@
<?php
/**
* OAuth 2.0 Refresh token entity
*
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/
namespace League\OAuth2\Server\Entities;
use League\OAuth2\Server\Storage\SessionStorageInterface;
use League\OAuth2\Server\Storage\RefreshTokenInterface;
use Symfony\Component\HttpFoundation\ParameterBag;
use League\OAuth2\Server\Util\SecureKey;
use League\OAuth2\Server\Exception\InvalidAccessTokenException;
use Symfony\Component\HttpFoundation\ParameterBag;
/**
* Refresh token entity class
*/
class RefreshToken extends AbstractToken
{
/**
* Access token associated to refresh token
* @var \League\OAuth2\Server\Entities\AccessToken
*/
protected $accessToken;
/**
* __construct
* @param RefreshTokenInterface $storage
* @return self
*/
public function __construct(RefreshTokenInterface $storage)
{
parent::__construct($storage);
}
/**
* Associate an access token
* @param AccessToken $accessToken
* @param \League\OAuth2\Server\Entities\AccessToken $accessToken
* @return self
*/
public function setAccessToken(AccessToken $accessToken)
@ -43,11 +49,11 @@ class RefreshToken extends AbstractToken
}
/**
* (@inheritdoc)
* {@inheritdoc}
*/
public function save()
{
$this->getStorage()->createAccessToken(
$this->server->getStorage('refresh_token')->createAccessToken(
$this->getToken(),
$this->getExpireTime(),
$this->getAccessToken()->getToken()
@ -55,7 +61,7 @@ class RefreshToken extends AbstractToken
// Associate the scope with the token
foreach ($this->getScopes() as $scope) {
$this->getStorage()->associateScope($this->getToken(), $scope->getId());
$this->server->getStorage('refresh_token')->associateScope($this->getToken(), $scope->getId());
}
}
}

61
src/League/OAuth2/Server/Entities/Scope.php
View File

@ -1,30 +1,87 @@
<?php
/**
* OAuth 2.0 scope entity
*
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/
namespace League\OAuth2\Server\Entities;
/**
* Scope entity class
*/
class Scope
{
protected $id = null;
/**
* Scope identifier
* @var string
*/
protected $id;
protected $description = null;
/**
* Scope description
* @var string
*/
protected $description;
/**
* Authorization or resource server
* @var \League\OAuth2\Server\Authorization|\League\OAuth2\Server\Resource
*/
protected $server;
/**
* __construct
* @param \League\OAuth2\Server\Authorization|\League\OAuth2\Server\Resource $server
* @return self
*/
public function __construct($server)
{
if (! $server instanceof Authorization && ! $server instanceof Resource) {
throw new ServerException('No instance of Authorization or Resource server injected');
}
return $this;
}
/**
* Set the scope identifer
* @param string $id The scope identifier
* @return self
*/
public function setId($id)
{
$this->id = $id;
return $this;
}
/**
* Return the scope identifer
* @return string
*/
public function getId()
{
return $this->id;
}
/**
* Set the scope's descripton
* @param string $description
* @return self
*/
public function setDescription($description)
{
$this->description = $description;
return $this;
}
/**
* Return the scope's description
* @return string
*/
public function getDescription()
{
return $this->description;

178
src/League/OAuth2/Server/Entities/Session.php
View File

@ -1,71 +1,112 @@
<?php
/**
* OAuth 2.0 session entity
*
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/
namespace League\OAuth2\Server\Entities;
use OutOfBoundsException;
use League\OAuth2\Server\Exception\OAuth2Exception;
use League\OAuth2\Server\Storage\SessionInterface;
use League\OAuth2\Server\Exception\ServerException;
use League\OAuth2\Server\Authorization;
use League\OAuth2\Server\Resource;
use Symfony\Component\HttpFoundation\ParameterBag;
/**
* Session entity grant
*/
class Session
{
/**
* Session ID
* Session identifier
* @var string
*/
protected $id = null;
protected $clientId = null;
protected $ownerId = null;
protected $ownerType = null;
protected $authCode = null;
protected $accessToken = null;
protected $refreshToken = null;
protected $id;
/**
* Session storage
* @var \League\OAuth2\Server\Storage\SessionInterface
* Client identifier
* @var string
*/
protected $storage = null;
protected $clientId;
/**
* Session owner identifier
* @var string
*/
protected $ownerId;
/**
* Session owner type (e.g. "user")
* @var string
*/
protected $ownerType;
/**
* Auth code
* @var \League\OAuth2\Server\Entities\AuthCode
*/
protected $authCode;
/**
* Access token
* @var \League\OAuth2\Server\Entities\AccessToken
*/
protected $accessToken;
/**
* Refresh token
* @var \League\OAuth2\Server\Entities\RefreshToken
*/
protected $refreshToken;
/**
* Session scopes
* @var \Symfony\Component\HttpFoundation\ParameterBag
*/
protected $scopes = null;
protected $scopes;
/**
* Constuctor
* @param SessionInterface $storage
* Authorization or resource server
* @var \League\OAuth2\Server\Authorization|\League\OAuth2\Server\Resource
*/
protected $server;
/**
* __construct
* @param \League\OAuth2\Server\Authorization|\League\OAuth2\Server\Resource $server
* @return self
*/
public function __construct(SessionInterface $storage)
public function __construct($server)
{
$this->storage = $storage;
if (! $server instanceof Authorization && ! $server instanceof Resource) {
throw new ServerException('No instance of Authorization or Resource server injected');
}
$this->scopes = new ParameterBag();
return $this;
}
/**
* Get storage
* @return SessionInterface
* Set the session identifier
* @param string $id
* @return self
*/
public function getStorage()
{
return $this->storage;
}
public function setId($id)
{
$this->id = $id;
return $this;
}
/**
* Return the session identifier
* @return string
*/
public function getId()
{
return $this->id;
@ -95,41 +136,62 @@ class Session
return $this->scopes->has($scope);
}
/**
* Return all scopes associated with the session
* @return array Array of \League\OAuth2\Server\Entities\Scope
*/
public function getScopes()
{
return $this->scopes;
}
public function associateAccessToken(AccessToken $accessToken)
{
$this->accessToken = $accessToken;
}
public function associateRefreshToken(RefreshToken $refreshToken)
{
$this->refreshToken = $refreshToken;
}
public function associateAuthCode(AuthCode $authCode)
{
$this->authCode = $authCode;
return $this->scopes->all();
}
/**
* Associate a client
* @param League\OAuth2\Server\Client $client The client
* Associate an access token with the session
* @param \League\OAuth2\Server\Entities\AccessToken $accessToken
* @return self
*/
public function associateAccessToken(AccessToken $accessToken)
{
$this->accessToken = $accessToken;
return $this;
}
/**
* Associate a refresh token with the session
* @param \League\OAuth2\Server\Entities\RefreshToken $refreshToken
* @return self
*/
public function associateRefreshToken(RefreshToken $refreshToken)
{
$this->refreshToken = $refreshToken;
return $this;
}
/**
* Associate an authorization code with the session
* @param \League\OAuth2\Server\Entities\AuthCode $authCode
* @return self
*/
public function associateAuthCode(AuthCode $authCode)
{
$this->authCode = $authCode;
return $this;
}
/**
* Associate a client with the session
* @param League\OAuth2\Server\Entities\Client $client The client
* @return self
*/
public function associateClient(Client $client)
{
$this->client = $client;
return $this;
}
/**
* Return client
* @return League\OAuth2\Server\Client
* Return the session client
* @return League\OAuth2\Server\Entities\Client
*/
public function getClient()
{
@ -139,7 +201,7 @@ class Session
/**
* Set the session owner
* @param string $type The type of the owner (e.g. user, app)
* @param string $id The ID of the owner
* @param string $id The identifier of the owner
* @return self
*/
public function setOwner($type, $id)
@ -151,7 +213,7 @@ class Session
}
/**
* Return session owner ID
* Return session owner identifier
* @return string
*/
public function getOwnerId()
@ -168,10 +230,14 @@ class Session
return $this->ownerType;
}
/**
* Save the session
* @return void
*/
public function save()
{
// Save the session and get an ID
$id = $this->getStorage()->createSession(
// Save the session and get an identifier
$id = $this->server->getStorage('session')->createSession(
$this->getOwnerType(),
$this->getOwnerId(),
$this->getClient()->getId(),
@ -182,7 +248,7 @@ class Session
// Associate the scope with the session
foreach ($this->getScopes() as $scope) {
$this->getStorage()->associateScope($this->getId(), $scope->getId());
$this->server->getStorage('session')->associateScope($this->getId(), $scope->getId());
}
}
}

4
src/League/OAuth2/Server/Exception/ClientException.php
View File

@ -2,9 +2,9 @@
/**
* OAuth 2.0 Client Exception
*
* @package php-loep/oauth2-server
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
* @copyright Copyright (c) PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/

4
src/League/OAuth2/Server/Exception/InvalidAccessTokenException.php
View File

@ -2,9 +2,9 @@
/**
* OAuth 2.0 Invalid Access Token Exception
*
* @package php-loep/oauth2-server
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
* @copyright Copyright (c) PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/

4
src/League/OAuth2/Server/Exception/InvalidGrantTypeException.php
View File

@ -2,9 +2,9 @@
/**
* OAuth 2.0 Invalid Grant Type Exception
*
* @package php-loep/oauth2-server
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
* @copyright Copyright (c) PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/

4
src/League/OAuth2/Server/Exception/OAuth2Exception.php
View File

@ -2,9 +2,9 @@
/**
* OAuth 2.0 Base Exception
*
* @package php-loep/oauth2-server
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
* @copyright Copyright (c) PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/

4
src/League/OAuth2/Server/Exception/ServerException.php
View File

@ -2,9 +2,9 @@
/**
* OAuth 2.0 Server Exception
*
* @package php-loep/oauth2-server
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
* @copyright Copyright (c) PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/

77
src/League/OAuth2/Server/Grant/GrantTrait.php → src/League/OAuth2/Server/Grant/AbstractGrant.php
View File

@ -1,10 +1,10 @@
<?php
/**
* OAuth 2.0 Client credentials grant
* OAuth 2.0 Abstract grant
*
* @package php-loep/oauth2-server
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
* @copyright Copyright (c) PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/
@ -12,16 +12,42 @@
namespace League\OAuth2\Server\Grant;
use League\OAuth2\Server\Authorization;
use League\OAuth2\Server\Entities\Scope;
trait GrantTrait {
/**
* Abstract grant class
*/
abstract class AbstractGrant implements GrantTypeInterface
{
/**
* Grant identifier
* @var string
*/
protected $identifier = '';
/**
* Constructor
* @return void
* Response type
* @var string
*/
public function __construct()
{
}
protected $responseType = null;
/**
* Callback to authenticate a user's name and password
* @var function
*/
protected $callback = null;
/**
* AuthServer instance
* @var AuthServer
*/
protected $server = null;
/**
* Access token expires in override
* @var int
*/
protected $accessTokenTTL = null;
/**
* Return the identifier
@ -74,6 +100,12 @@ trait GrantTrait {
return $this;
}
/**
* Given a list of scopes, validate them and return an arrary of Scope entities
* @param string $scopeParam A string of scopes (e.g. "profile email birthday")
* @return array
* @throws ClientException If scope is invalid, or no scopes passed when required
*/
public function validateScopes($scopeParam = '')
{
$scopesList = explode($this->server->getScopeDelimeter(), $scopeParam);
@ -100,24 +132,37 @@ trait GrantTrait {
$scopes = [];
foreach ($scopesList as $scopeItem) {
$scopeDetails = $this->server->getStorage('scope')->getScope(
$scope = $this->server->getStorage('scope')->getScope(
$scopeItem,
$client->getId(),
$this->getIdentifier()
);
if ($scopeDetails === false) {
if (($scope instanceof Scope) === false) {
throw new ClientException(sprintf($this->server->getExceptionMessage('invalid_scope'), $scopeItem), 4);
}
$scope = new Scope($this->server->getStorage('scope'));
$scope->setId($scopeDetails['id']);
$scope->setName($scopeDetails['name']);
$scopes[] = $scope;
}
return $scopes;
}
/**
* Complete the grant flow
*
* Example response:
* <pre>
* array(
* 'access_token' => (string), // The access token
* 'refresh_token' => (string), // The refresh token (only set if the refresh token grant is enabled)
* 'token_type' => 'bearer', // Almost always "bearer" (exceptions: JWT, SAML)
* 'expires' => (int), // The timestamp of when the access token will expire
* 'expires_in' => (int) // The number of seconds before the access token will expire
* )
* </pre>
*
* @return array An array of parameters to be passed back to the client
*/
abstract public function completeFlow();
}

4
src/League/OAuth2/Server/Grant/AuthCode.php
View File

@ -2,9 +2,9 @@
/**
* OAuth 2.0 Auth code grant
*
* @package php-loep/oauth2-server
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
* @copyright Copyright (c) PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/

34
src/League/OAuth2/Server/Grant/ClientCredentials.php
View File

@ -2,9 +2,9 @@
/**
* OAuth 2.0 Client credentials grant
*
* @package php-loep/oauth2-server
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
* @copyright Copyright (c) PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/
@ -25,10 +25,8 @@ use League\OAuth2\Server\Storage\ScopeInterface;
/**
* Client credentials grant class
*/
class ClientCredentials implements GrantTypeInterface
class ClientCredentials extends AbstractGrant
{
use GrantTrait;
/**
* Grant identifier
* @var string
@ -78,35 +76,30 @@ class ClientCredentials implements GrantTypeInterface
}
// Validate client ID and client secret
$clientDetails = $this->server->getStorage('client')->getClient(
$client = $this->server->getStorage('client')->getClient(
$clientId,
$clientSecret,
null,
$this->getIdentifier()
);
if ($clientDetails === false) {
if (($client instanceof Client) === false) {
throw new ClientException(Authorization::getExceptionMessage('invalid_client'), 8);
}
$client = new Client;
$client->setId($clientDetails['id']);
$client->setSecret($clientDetails['secret']);
// Validate any scopes that are in the request
$scopeParam = $this->server->getRequest()->request->get('scope', '');
$scopes = $this->validateScopes($scopeParam);
// Create a new session
$session = new Session($this->server->getStorage('session'));
$session = new Session();
$session->setOwner('client', $client->getId());
$session->associateClient($client);
// Generate an access token
$accessToken = new AccessToken($this->server->getStorage('access_token'));
$accessToken->setId(SecureKey::make());
$accessToken->setTimestamp(time());
$accessToken->setTTL($this->server->getAccessTokenTTL());
$accessToken = new AccessToken();
$accessToken->setToken(SecureKey::make());
$accessToken->setExpireTime($this->server->getAccessTokenTTL() + time());
// Associate scopes with the session and access token
foreach ($scopes as $scope) {
@ -115,18 +108,17 @@ class ClientCredentials implements GrantTypeInterface
}
// Save everything
$session->save();
$session->save($this->server->getStorage('session'));
$accessToken->setSession($session);
$accessToken->save();
$accessToken->save($this->server->getStorage('access_token'));
$response = [
'access_token' => $accessToken->getId(),
'access_token' => $accessToken->getToken(),
'token_type' => 'Bearer',
'expires' => $accessToken->getExpireTime(),
'expires_in' => $accessToken->getTTL()
'expires_in' => $this->server->getAccessTokenTTL()
];
return $response;
}
}

28
src/League/OAuth2/Server/Grant/GrantTypeInterface.php
View File

@ -2,9 +2,9 @@
/**
* OAuth 2.0 Grant type interface
*
* @package php-loep/oauth2-server
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
* @copyright Copyright (c) PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/
@ -19,30 +19,14 @@ use League\OAuth2\Server\Storage\SessionInterface;
use League\OAuth2\Server\Storage\ClientInterface;
use League\OAuth2\Server\Storage\ScopeInterface;
/**
* Grant type interface
*/
interface GrantTypeInterface
{
/**
* Constructor
*
* @return void
*/
public function __construct();
/**
* Complete the grant flow
*
* Example response:
* <code>
* array(
* 'access_token' => (string), // The access token
* 'refresh_token' => (string), // The refresh token (only set if the refresh token grant is enabled)
* 'token_type' => 'bearer', // Almost always "bearer" (exceptions: JWT, SAML)
* 'expires' => (int), // The timestamp of when the access token will expire
* 'expires_in' => (int) // The number of seconds before the access token will expire
* )
* </code>
*
* @return array An array of parameters to be passed back to the client
* @return array
*/
public function completeFlow();
}

7
src/League/OAuth2/Server/Grant/Implicit.php
View File

@ -2,9 +2,9 @@
/**
* OAuth 2.0 implicit grant
*
* @package php-loep/oauth2-server
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
* @copyright Copyright (c) PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/
@ -52,10 +52,9 @@ class Implicit implements GrantTypeInterface {
/**
* Complete the client credentials grant
* @param null|array $inputParams
* @return array
*/
public function completeFlow($authParams = null)
public function completeFlow()
{
// Remove any old sessions the user might have
$this->authServer->getStorage('session')->deleteSession($authParams['client_id'], 'user', $authParams['user_id']);

50
src/League/OAuth2/Server/Grant/Password.php
View File

@ -2,9 +2,9 @@
/**
* OAuth 2.0 Password grant
*
* @package php-loep/oauth2-server
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
* @copyright Copyright (c) PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/
@ -27,10 +27,8 @@ use League\OAuth2\Server\Storage\ScopeInterface;
/**
* Password grant class
*/
class Password implements GrantTypeInterface {
use GrantTrait;
class Password extends AbstractGrant
{
/**
* Grant identifier
* @var string
@ -109,23 +107,17 @@ class Password implements GrantTypeInterface {
}
// Validate client ID and client secret
$clientDetails = $this->server->getStorage('client')->getClient(
$client = $this->server->getStorage('client')->getClient(
$clientId,
$clientSecret,
null,
$this->getIdentifier()
);
if ($clientDetails === false) {
if (($client instanceof Client) === false) {
throw new ClientException(Authorization::getExceptionMessage('invalid_client'), 8);
}
$client = new Client;
$client->setId($clientDetails['id']);
$client->setSecret($clientDetails['secret']);
$username = $this->server->getRequest()->request->get('username', null);
if (is_null($username)) {
throw new ClientException(
@ -146,7 +138,7 @@ class Password implements GrantTypeInterface {
$userId = call_user_func($this->getVerifyCredentialsCallback(), $username, $password);
if ($userId === false) {
throw new Exception\ClientException($this->authServer->getExceptionMessage('invalid_credentials'), 0);
throw new ClientException($this->server->getExceptionMessage('invalid_credentials'), 0);
}
// Validate any scopes that are in the request
@ -154,15 +146,14 @@ class Password implements GrantTypeInterface {
$scopes = $this->validateScopes($scopeParam);
// Create a new session
$session = new Session($this->server->getStorage('session'));
$session = new Session($this->server);
$session->setOwner('user', $userId);
$session->associateClient($client);
// Generate an access token
$accessToken = new AccessToken($this->server->getStorage('access_token'));
$accessToken->setId(SecureKey::make());
$accessToken->setTimestamp(time());
$accessToken->setTTL($this->server->getAccessTokenTTL());
$accessToken = new AccessToken($this->server);
$accessToken->setToken(SecureKey::make());
$accessToken->setExpireTime($this->server->getAccessTokenTTL() + time());
// Associate scopes with the session and access token
foreach ($scopes as $scope) {
@ -171,29 +162,28 @@ class Password implements GrantTypeInterface {
}
$response = [
'access_token' => $accessToken->getId(),
'access_token' => $accessToken->getToken(),
'token_type' => 'Bearer',
'expires' => $accessToken->getExpireTime(),
'expires_in' => $accessToken->getTTL()
'expires_in' => $this->server->getAccessTokenTTL()
];
// Associate a refresh token if set
if ($this->server->hasGrantType('refresh_token')) {
$refreshToken = new RefreshToken($this->server->getStorage('refresh_token'));
$refreshToken->setId(SecureKey::make());
$refreshToken->setTimestamp(time());
$refreshToken->setTTL($this->server->getGrantType('refresh_token')->getRefreshTokenTTL());
$response['refresh_token'] = $refreshToken->getId();
$refreshToken = new RefreshToken($this->server);
$refreshToken->setToken(SecureKey::make());
$refreshToken->setExpireTime($this->server->getGrantType('refresh_token')->getRefreshTokenTTL() + time());
$response['refresh_token'] = $refreshToken->getToken();
}
// Save everything
$session->save();
$session->save($this->server->getStorage('session'));
$accessToken->setSession($session);
$accessToken->save();
$accessToken->save($this->server->getStorage('access_token'));
if ($this->server->hasGrantType('refresh_token')) {
$refreshToken->setAccessToken($accessToken);
$refreshToken->save();
$refreshToken->save($this->server->getStorage('refresh_token'));
}
return $response;

211
src/League/OAuth2/Server/Grant/RefreshToken.php
View File

@ -2,9 +2,9 @@
/**
* OAuth 2.0 Refresh token grant
*
* @package php-loep/oauth2-server
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
* @copyright Copyright (c) PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/
@ -18,50 +18,27 @@ use League\OAuth2\Server\Util\SecureKey;
use League\OAuth2\Server\Storage\SessionInterface;
use League\OAuth2\Server\Storage\ClientInterface;
use League\OAuth2\Server\Storage\ScopeInterface;
use League\OAuth2\Server\Entities\RefreshToken as RT;
use League\OAuth2\Server\Entities\AccessToken;
use League\OAuth2\Server\Entities\Session;
use League\OAuth2\Server\Exception\ClientException;
/**
* Referesh token grant
*/
class RefreshToken implements GrantTypeInterface {
use GrantTrait;
class RefreshToken extends AbstractGrant
{
/**
* Grant identifier
* @var string
* {@inheritdoc}
*/
protected $identifier = 'refresh_token';
/**
* Response type
* @var string
*/
protected $responseType = null;
/**
* AuthServer instance
* @var AuthServer
*/
protected $authServer = null;
/**
* Access token expires in override
* @var int
*/
protected $accessTokenTTL = null;
/**
* Refresh token TTL
* Refresh token TTL (default = 604800 | 1 week)
* @var integer
*/
protected $refreshTokenTTL = 604800;
/**
* Rotate refresh tokens
* @var boolean
*/
protected $rotateRefreshTokens = false;
/**
* Set the TTL of the refresh token
* @param int $refreshTokenTTL
@ -82,126 +59,110 @@ class RefreshToken implements GrantTypeInterface {
}
/**
* When a new access is token, expire the refresh token used and issue a new one.
* @param boolean $rotateRefreshTokens Set to true to enable (default = false)
* @return void
* {@inheritdoc}
*/
public function rotateRefreshTokens($rotateRefreshTokens = false)
public function completeFlow()
{
$this->rotateRefreshTokens = $rotateRefreshTokens;
}
/**
* Complete the refresh token grant
* @param null|array $inputParams
* @return array
*/
public function completeFlow($inputParams = null)
{
// Get the required params
$authParams = $this->authServer->getParam(array('client_id', 'client_secret', 'refresh_token', 'scope'), 'post', $inputParams);
if (is_null($authParams['client_id'])) {
throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'client_id'), 0);
$clientId = $this->server->getRequest()->request->get('client_id', null);
if (is_null($clientId)) {
throw new Exception\ClientException(
sprintf($this->server->getExceptionMessage('invalid_request'), 'client_id'),
0
);
}
if (is_null($authParams['client_secret'])) {
throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'client_secret'), 0);
$clientSecret = $this->server->getRequest()->request->get('client_secret', null);
if (is_null($clientSecret)) {
throw new Exception\ClientException(
sprintf($this->server->getExceptionMessage('invalid_request'), 'client_secret'),
0
);
}
// Validate client ID and client secret
$clientDetails = $this->authServer->getStorage('client')->getClient($authParams['client_id'], $authParams['client_secret'], null, $this->identifier);
$client = $this->server->getStorage('client')->getClient(
$clientId,
$clientSecret,
null,
$this->getIdentifier()
);
if ($clientDetails === false) {
throw new Exception\ClientException($this->authServer->getExceptionMessage('invalid_client'), 8);
if ($client === null) {
throw new ClientException(Authorization::getExceptionMessage('invalid_client'), 8);
}
$authParams['client_details'] = $clientDetails;
if (is_null($authParams['refresh_token'])) {
throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'refresh_token'), 0);
$oldRefreshTokenParam = $this->server->getRequest()->request->get('refresh_token', null);
if ($oldRefreshTokenParam === null) {
throw new Exception\ClientException(
sprintf($this->server->getExceptionMessage('invalid_request'), 'refresh_token'),
0
);
}
// Validate refresh token
$accessTokenId = $this->authServer->getStorage('session')->validateRefreshToken($authParams['refresh_token'], $authParams['client_id']);
$oldRefreshToken = $this->server->getStorage('refresh_token')->getToken($oldRefreshTokenParam);
if ($accessTokenId === false) {
throw new Exception\ClientException($this->authServer->getExceptionMessage('invalid_refresh'), 0);
if (($oldRefreshToken instanceof RT) === false) {
throw new Exception\ClientException($this->server->getExceptionMessage('invalid_refresh'), 0);
}
// Get the existing access token
$accessTokenDetails = $this->authServer->getStorage('session')->getAccessToken($accessTokenId);
$oldAccessToken = $oldRefreshToken->getAccessToken();
// Get the scopes for the existing access token
$scopes = $this->authServer->getStorage('session')->getScopes($accessTokenDetails['access_token']);
// Get the scopes for the original session
$session = $oldAccessToken->getSession();
$scopes = $session->getScopes();
// Generate new tokens and associate them to the session
$accessToken = SecureKey::make();
$accessTokenExpiresIn = ($this->accessTokenTTL !== null) ? $this->accessTokenTTL : $this->authServer->getAccessTokenTTL();
$accessTokenExpires = time() + $accessTokenExpiresIn;
// Get and validate any requested scopes
$requestedScopesString = $this->server->getRequest()->request->get('scope', '');
$requestedScopes = $this->validateScopes($requestedScopesString);
// Associate the new access token with the session
$newAccessTokenId = $this->authServer->getStorage('session')->associateAccessToken($accessTokenDetails['session_id'], $accessToken, $accessTokenExpires);
// If no new scopes are requested then give the access token the original session scopes
if (count($requestedScopes) === 0) {
$newScopes = $scopes;
} else {
// The OAuth spec says that a refreshed access token can have the original scopes or fewer so ensure
// the request doesn't include any new scopes
if ($this->rotateRefreshTokens === true) {
foreach ($requestedScopes as $requestedScope) {
// if ()
}
// Generate a new refresh token
$refreshToken = SecureKey::make();
$refreshTokenExpires = time() + $this->getRefreshTokenTTL();
// Revoke the old refresh token
$this->authServer->getStorage('session')->removeRefreshToken($authParams['refresh_token']);
// Associate the new refresh token with the new access token
$this->authServer->getStorage('session')->associateRefreshToken($newAccessTokenId, $refreshToken, $refreshTokenExpires, $authParams['client_id']);
$newScopes = $requestedScopes;
}
// There isn't a request for reduced scopes so assign the original ones (or we're not rotating scopes)
if ( ! isset($authParams['scope'])) {
// Generate a new access token and assign it the correct sessions
$newAccessToken = new AccessToken();
$newAccessToken->setToken(SecureKey::make());
$newAccessToken->setExpireTime($this->server->getAccessTokenTTL() + time());
$newAccessToken->setSession($session);
foreach ($scopes as $scope) {
$this->authServer->getStorage('session')->associateScope($newAccessTokenId, $scope['id']);
}
} elseif ( isset($authParams['scope']) && $this->rotateRefreshTokens === true) {
// The request is asking for reduced scopes and rotate tokens is enabled
$reqestedScopes = explode($this->authServer->getScopeDelimeter(), $authParams['scope']);
for ($i = 0; $i < count($reqestedScopes); $i++) {
$reqestedScopes[$i] = trim($reqestedScopes[$i]);
if ($reqestedScopes[$i] === '') unset($reqestedScopes[$i]); // Remove any junk scopes
}
// Check that there aren't any new scopes being included
$existingScopes = array();
foreach ($scopes as $s) {
$existingScopes[] = $s['scope'];
}
foreach ($reqestedScopes as $reqScope) {
if ( ! in_array($reqScope, $existingScopes)) {
throw new Exception\ClientException(sprintf($this->authServer->getExceptionMessage('invalid_request'), 'scope'), 0);
}
// Associate with the new access token
$scopeDetails = $this->authServer->getStorage('scope')->getScope($reqScope, $authParams['client_id'], $this->identifier);
$this->authServer->getStorage('session')->associateScope($newAccessTokenId, $scopeDetails['id']);
}
foreach ($newScopes as $newScope) {
$newAccessToken->associateScope($newScope);
}
$response = array(
'access_token' => $accessToken,
'token_type' => 'bearer',
'expires' => $accessTokenExpires,
'expires_in' => $accessTokenExpiresIn
);
// Expire the old token and save the new one
$oldAccessToken->expire($this->server->getStorage('access_token'));
$newAccessToken->save($this->server->getStorage('access_token'));
if ($this->rotateRefreshTokens === true) {
$response['refresh_token'] = $refreshToken;
}
$response = [
'access_token' => $newAccessToken->getToken(),
'token_type' => 'Bearer',
'expires' => $newAccessToken->getExpireTime(),
'expires_in' => $this->server->getAccessTokenTTL()
];
// Expire the old refresh token
$oldRefreshToken->expire($this->server->getStorage('refresh_token'));
// Generate a new refresh token
$newRefreshToken = new RT();
$newRefreshToken->setToken(SecureKey::make());
$newRefreshToken->setExpireTime($this->getRefreshTokenTTL() + time());
$newRefreshToken->setAccessToken($newAccessToken);
$newRefreshToken->save($this->server->getStorage('refresh_token'));
$response['refresh_token'] = $newRefreshToken->getToken();
return $response;
}
}

10
src/League/OAuth2/Server/Resource.php
View File

@ -2,9 +2,9 @@
/**
* OAuth 2.0 Resource Server
*
* @package php-loep/oauth2-server
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
* @copyright Copyright (c) PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/
@ -257,10 +257,8 @@ class Resource
/**
* Checks if the presented access token has the given scope(s)
*
* @param array|string An array of scopes or a single scope as a string
*
* @return bool Returns bool if all scopes are found, false if any fail
* @param array|string $scopes An array of scopes or a single scope as a string
* @return bool Returns bool if all scopes are found, false if any fail
*/
public function hasScope($scopes)
{

40
src/League/OAuth2/Server/Storage/AccessTokenInterface.php
View File

@ -1,24 +1,56 @@
<?php
/**
* OAuth 2.0 Access token storage interface
*
* @package php-loep/oauth2-server
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
* @copyright Copyright (c) PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/
namespace League\OAuth2\Server\Storage;
/**
* Access token interface
*/
interface AccessTokenInterface
{
/**
* Get an instance of Entites\AccessToken
* @param string $token The access token
* @return \League\OAuth2\Server\Entities\AccessToken
*/
public function getToken($token);
/**
* Get the scopes for an access token
* @param string $token The access token
* @return array Array of \League\OAuth2\Server\Entities\Scope
*/
public function getTokenScopes($token);
/**
* Creates a new access token
* @param string $token The access token
* @param integer $expireTime The expire time expressed as a unix timestamp
* @param string|integer $sessionId The session ID
* @return \League\OAuth2\Server\Entities\AccessToken
*/
public function createAccessToken($token, $expireTime, $sessionId);
public function associateScope($token, $scopeId);
/**
* Associate a scope with an acess token
* @param string $token The access token
* @param string $scope The scope
* @return void
*/
public function associateScope($token, $scope);
/**
* Delete an access token
* @param string $token The access token to delete
* @return void
*/
public function delete($token);
}

43
src/League/OAuth2/Server/Storage/Adapter.php Normal file
View File

@ -0,0 +1,43 @@
<?php
/**
* OAuth 2.0 storage adapter
*
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/
namespace League\OAuth2\Server\Storage;
/**
* Storage adapter class
*/
class Adapter
{
/**
* Server
* @var \League\OAuth2\Server\Authorization|\League\OAuth2\Server\Resource $server
*/
protected $server;
/**
* Set the server
* @param \League\OAuth2\Server\Authorization|\League\OAuth2\Server\Resource $server
*/
public function setServer($server)
{
$this->server = $server;
return $this;
}
/**
* Return the server
* @return \League\OAuth2\Server\Authorization|\League\OAuth2\Server\Resource
*/
protected function getServer()
{
return $this->server;
}
}

15
src/League/OAuth2/Server/Storage/AuthCodeInterface.php
View File

@ -1,18 +1,25 @@
<?php
/**
* OAuth 2.0 Refresh token storage interface
* OAuth 2.0 Auth code storage interface
*
* @package php-loep/oauth2-server
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
* @copyright Copyright (c) PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/
namespace League\OAuth2\Server\Storage;
/**
* Auth code storage interface
*/
interface AuthCodeInterface
{
/**
* Get the auth code
* @param string $code
* @return \League\OAuth2\Server\Entities\AuthCode
*/
public function getCode($code);
}

21
src/League/OAuth2/Server/Storage/ClientInterface.php
View File

@ -2,15 +2,18 @@
/**
* OAuth 2.0 Client storage interface
*
* @package php-loep/oauth2-server
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
* @copyright Copyright (c) PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/
namespace League\OAuth2\Server\Storage;
/**
* Client storage interface
*/
interface ClientInterface
{
/**
@ -38,23 +41,11 @@ interface ClientInterface
* oauth_client_endpoints.redirect_uri = :redirectUri
* </code>
*
* Response:
*
* <code>
* Array
* (
* [id] => (string) The client ID
* [secret] => (string) The client secret
* [redirect_uri] => (string) The redirect URI used in this request
* [name] => (string) The name of the client
* )
* </code>
*
* @param string $clientId The client's ID
* @param string $clientSecret The client's secret (default = "null")
* @param string $redirectUri The client's redirect URI (default = "null")
* @param string $grantType The grant type used in the request (default = "null")
* @return bool|array Returns false if the validation fails, array on success
* @return League\OAuth2\Server\Entities\Client|null
*/
public function getClient($clientId, $clientSecret = null, $redirectUri = null, $grantType = null);
}

31
src/League/OAuth2/Server/Storage/RefreshTokenInterface.php
View File

@ -1,18 +1,41 @@
<?php
/**
* OAuth 2.0 Refresh token storage interface
*
* @package php-loep/oauth2-server
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
* @copyright Copyright (c) PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/
namespace League\OAuth2\Server\Storage;
/**
* Refresh token interface
*/
interface RefreshTokenInterface
{
public function getToken($token, $clientId);
/**
* Return a new instance of \League\OAuth2\Server\Entities\RefreshToken
* @param string $token
* @return \League\OAuth2\Server\Entities\RefreshToken
*/
public function getToken($token);
/**
* Create a new refresh token_name
* @param string $token
* @param integer $expireTime
* @param string $accessToken
* @return \League\OAuth2\Server\Entities\RefreshToken
*/
public function createRefreshToken($token, $expireTime, $accessToken);
/**
* Delete the refresh token
* @param string $token
* @return void
*/
public function delete($token);
}

22
src/League/OAuth2/Server/Storage/ScopeInterface.php
View File

@ -2,15 +2,18 @@
/**
* OAuth 2.0 Scope storage interface
*
* @package php-loep/oauth2-server
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
* @copyright Copyright (c) PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/
namespace League\OAuth2\Server\Storage;
/**
* Scope interface
*/
interface ScopeInterface
{
/**
@ -22,22 +25,9 @@ interface ScopeInterface
* SELECT * FROM oauth_scopes WHERE scope = :scope
* </code>
*
* Response:
*
* <code>
* Array
* (
* [id] => (int) The scope's ID
* [scope] => (string) The scope itself
* [name] => (string) The scope's name
* [description] => (string) The scope's description
* )
* </code>
*
* @param string $scope The scope
* @param string $clientId The client ID (default = "null")
* @param string $grantType The grant type used in the request (default = "null")
* @return bool|array If the scope doesn't exist return false
*/
public function getScope($scope, $clientId = null, $grantType = null);
public function getScope($scope, $grantType = null);
}

13
src/League/OAuth2/Server/Storage/SessionInterface.php
View File

@ -1,27 +1,24 @@
<?php
/**
* OAuth 2.0 Session storage interface
*
* @package php-loep/oauth2-server
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
* @copyright Copyright (c) PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/
namespace League\OAuth2\Server\Storage;
/**
* Session storage interface
*/
interface SessionInterface
{
/**
* Get a session
*
* Response:
* <code>
*
* </code>
*
* @param int $sessionId
* @return array (As described above)
*/

4
src/League/OAuth2/Server/Util/RedirectUri.php
View File

@ -2,9 +2,9 @@
/**
* OAuth 2.0 Redirect URI generator
*
* @package php-loep/oauth2-server
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
* @copyright Copyright (c) PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/

29
src/League/OAuth2/Server/Util/RequestInterface.php
View File

@ -1,29 +0,0 @@
<?php
/**
* OAuth 2.0 Request class interface
*
* @package php-loep/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/
namespace League\OAuth2\Server\Util;
interface RequestInterface
{
public function get($index = null);
public function post($index = null);
public function cookie($index = null);
public function file($index = null);
public function server($index = null);
public function header($index = null);
}

4
src/League/OAuth2/Server/Util/SecureKey.php
View File

@ -2,9 +2,9 @@
/**
* OAuth 2.0 Secure key generator
*
* @package php-loep/oauth2-server
* @package league/oauth2-server
* @author Alex Bilbie <hello@alexbilbie.com>
* @copyright Copyright (c) 2013 PHP League of Extraordinary Packages
* @copyright Copyright (c) PHP League of Extraordinary Packages
* @license http://mit-license.org/
* @link http://github.com/php-loep/oauth2-server
*/