mirror of
https://github.com/elyby/oauth2-server.git
synced 2024-11-30 02:33:14 +05:30
Fix #213
This commit is contained in:
Alex Bilbie
parent
62d658524b
commit
136edf16c5
@ -14,6 +14,7 @@ namespace League\OAuth2\Server\Entity;
|
||||
use League\OAuth2\Server\Util\SecureKey;
|
||||
use League\OAuth2\Server\AbstractServer;
|
||||
use Symfony\Component\HttpFoundation\ParameterBag;
|
||||
use League\OAuth2\Server\Entity\SessionEntity;
|
||||
|
||||
/**
|
||||
* Abstract token class
|
||||
@ -28,7 +29,7 @@ abstract class AbstractTokenEntity
|
||||
|
||||
/**
|
||||
* Associated session
|
||||
* @var \League\OAuth2\Server\SessionEntity
|
||||
* @var \League\OAuth2\Server\Entity\SessionEntity
|
||||
*/
|
||||
protected $session;
|
||||
|
||||
@ -64,7 +65,7 @@ abstract class AbstractTokenEntity
|
||||
|
||||
/**
|
||||
* Set session
|
||||
* @param \League\OAuth2\Server\SessionEntity $session
|
||||
* @param \League\OAuth2\Server\Entity\SessionEntity $session
|
||||
* @return self
|
||||
*/
|
||||
public function setSession(SessionEntity $session)
|
||||
|
||||
@ -13,6 +13,7 @@ namespace League\OAuth2\Server\Grant;
|
||||
|
||||
use League\OAuth2\Server\AuthorizationServer;
|
||||
use League\OAuth2\Server\Entity\ScopeEntity;
|
||||
use League\OAuth2\Server\Entity\ClientEntity;
|
||||
use League\OAuth2\Server\Exception;
|
||||
|
||||
/**
|
||||
@ -120,10 +121,11 @@ abstract class AbstractGrant implements GrantTypeInterface
|
||||
/**
|
||||
* Given a list of scopes, validate them and return an arrary of Scope entities
|
||||
* @param string $scopeParam A string of scopes (e.g. "profile email birthday")
|
||||
* @param ClientEntity $client A string of scopes (e.g. "profile email birthday")
|
||||
* @return array
|
||||
* @throws ClientException If scope is invalid, or no scopes passed when required
|
||||
*/
|
||||
public function validateScopes($scopeParam = '')
|
||||
public function validateScopes($scopeParam = '', ClientEntity $client)
|
||||
{
|
||||
$scopesList = explode($this->server->getScopeDelimeter(), $scopeParam);
|
||||
|
||||
@ -153,7 +155,8 @@ abstract class AbstractGrant implements GrantTypeInterface
|
||||
foreach ($scopesList as $scopeItem) {
|
||||
$scope = $this->server->getStorage('scope')->get(
|
||||
$scopeItem,
|
||||
$this->getIdentifier()
|
||||
$this->getIdentifier(),
|
||||
$client->getId()
|
||||
);
|
||||
|
||||
if (($scope instanceof ScopeEntity) === false) {
|
||||
|
||||
@ -114,7 +114,7 @@ class AuthCodeGrant extends AbstractGrant
|
||||
|
||||
// Validate any scopes that are in the request
|
||||
$scopeParam = $this->server->getRequest()->query->get('scope', '');
|
||||
$scopes = $this->validateScopes($scopeParam);
|
||||
$scopes = $this->validateScopes($scopeParam, $client);
|
||||
|
||||
return [
|
||||
'client' => $client,
|
||||
|
||||
@ -86,7 +86,7 @@ class ClientCredentialsGrant extends AbstractGrant
|
||||
|
||||
// Validate any scopes that are in the request
|
||||
$scopeParam = $this->server->getRequest()->request->get('scope', '');
|
||||
$scopes = $this->validateScopes($scopeParam);
|
||||
$scopes = $this->validateScopes($scopeParam, $client);
|
||||
|
||||
// Create a new session
|
||||
$session = new SessionEntity($this->server);
|
||||
|
||||
@ -127,7 +127,7 @@ class PasswordGrant extends AbstractGrant
|
||||
|
||||
// Validate any scopes that are in the request
|
||||
$scopeParam = $this->server->getRequest()->request->get('scope', '');
|
||||
$scopes = $this->validateScopes($scopeParam);
|
||||
$scopes = $this->validateScopes($scopeParam, $client);
|
||||
|
||||
// Create a new session
|
||||
$session = new SessionEntity($this->server);
|
||||
|
||||
@ -108,7 +108,7 @@ class RefreshTokenGrant extends AbstractGrant
|
||||
|
||||
// Get and validate any requested scopes
|
||||
$requestedScopesString = $this->server->getRequest()->request->get('scope', '');
|
||||
$requestedScopes = $this->validateScopes($requestedScopesString);
|
||||
$requestedScopes = $this->validateScopes($requestedScopesString, $client);
|
||||
|
||||
// If no new scopes are requested then give the access token the original session scopes
|
||||
if (count($requestedScopes) === 0) {
|
||||
|
||||
@ -20,7 +20,8 @@ interface ScopeInterface
|
||||
* Return information about a scope
|
||||
* @param string $scope The scope
|
||||
* @param string $grantType The grant type used in the request (default = "null")
|
||||
* @param string $clientId The client sending the request (default = "null")
|
||||
* @return \League\OAuth2\Server\Entity\ScopeEntity
|
||||
*/
|
||||
public function get($scope, $grantType = null);
|
||||
public function get($scope, $grantType = null, $clientId = null);
|
||||
}
|
||||
|
||||
@ -4,6 +4,7 @@ namespace LeagueTests\Grant;
|
||||
|
||||
use League\OAuth2\Server\Grant;
|
||||
use League\OAuth2\Server\Entity\ScopeEntity;
|
||||
use League\OAuth2\Server\Entity\ClientEntity;
|
||||
use League\OAuth2\Server\AuthorizationServer;
|
||||
use League\OAuth2\Server\Exception\InvalidRequestException;
|
||||
use LeagueTests\Stubs\StubAbstractGrant;
|
||||
@ -63,11 +64,13 @@ class AbstractGrantTest extends \PHPUnit_Framework_TestCase
|
||||
$grant = new StubAbstractGrant;
|
||||
$grant->setAuthorizationServer($server);
|
||||
|
||||
$client = (new ClientEntity($server))->hydrate(['id' => 'testapp']);
|
||||
|
||||
$this->assertEquals(
|
||||
[
|
||||
'foo' => (new ScopeEntity($server))->hydrate(['id' => 'foo'])
|
||||
],
|
||||
$grant->validateScopes('foo')
|
||||
$grant->validateScopes('foo', $client)
|
||||
);
|
||||
}
|
||||
|
||||
@ -85,7 +88,9 @@ class AbstractGrantTest extends \PHPUnit_Framework_TestCase
|
||||
$grant = new StubAbstractGrant;
|
||||
$grant->setAuthorizationServer($server);
|
||||
|
||||
$grant->validateScopes();
|
||||
$client = (new ClientEntity($server))->hydrate(['id' => 'testapp']);
|
||||
|
||||
$grant->validateScopes(null, $client);
|
||||
}
|
||||
|
||||
public function testValidateScopesInvalidScope()
|
||||
@ -102,7 +107,9 @@ class AbstractGrantTest extends \PHPUnit_Framework_TestCase
|
||||
$grant = new StubAbstractGrant;
|
||||
$grant->setAuthorizationServer($server);
|
||||
|
||||
$grant->validateScopes('blah');
|
||||
$client = (new ClientEntity($server))->hydrate(['id' => 'testapp']);
|
||||
|
||||
$grant->validateScopes('blah', $client);
|
||||
}
|
||||
|
||||
public function testValidateScopesDefaultScope()
|
||||
@ -123,7 +130,9 @@ class AbstractGrantTest extends \PHPUnit_Framework_TestCase
|
||||
$grant = new StubAbstractGrant;
|
||||
$grant->setAuthorizationServer($server);
|
||||
|
||||
$grant->validateScopes();
|
||||
$client = (new ClientEntity($server))->hydrate(['id' => 'testapp']);
|
||||
|
||||
$grant->validateScopes(null, $client);
|
||||
}
|
||||
|
||||
public function testValidateScopesDefaultScopeArray()
|
||||
@ -144,6 +153,8 @@ class AbstractGrantTest extends \PHPUnit_Framework_TestCase
|
||||
$grant = new StubAbstractGrant;
|
||||
$grant->setAuthorizationServer($server);
|
||||
|
||||
$grant->validateScopes();
|
||||
$client = (new ClientEntity($server))->hydrate(['id' => 'testapp']);
|
||||
|
||||
$grant->validateScopes(null, $client);
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user