ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2024-12-02 11:40:47 +05:30
Code Issues Packages Projects Releases Wiki Activity

Fix #213

Browse Source
This commit is contained in:
Alex Bilbie 2014-09-30 23:55:21 +01:00
parent 62d658524b
commit 136edf16c5
8 changed files with 30 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/Entity/AbstractTokenEntity.php
View File

@ -14,6 +14,7 @@ namespace League\OAuth2\Server\Entity;
use League\OAuth2\Server\Util\SecureKey; use League\OAuth2\Server\Util\SecureKey;
use League\OAuth2\Server\AbstractServer; use League\OAuth2\Server\AbstractServer;
use Symfony\Component\HttpFoundation\ParameterBag; use Symfony\Component\HttpFoundation\ParameterBag;
use League\OAuth2\Server\Entity\SessionEntity;
/** /**
* Abstract token class * Abstract token class
@ -28,7 +29,7 @@ abstract class AbstractTokenEntity
/** /**
* Associated session * Associated session
* @var \League\OAuth2\Server\SessionEntity * @var \League\OAuth2\Server\Entity\SessionEntity
*/ */
protected $session; protected $session;
@ -64,7 +65,7 @@ abstract class AbstractTokenEntity
/** /**
* Set session * Set session
* @param \League\OAuth2\Server\SessionEntity $session * @param \League\OAuth2\Server\Entity\SessionEntity $session
* @return self * @return self
*/ */
public function setSession(SessionEntity $session) public function setSession(SessionEntity $session)

7
src/Grant/AbstractGrant.php
View File

@ -13,6 +13,7 @@ namespace League\OAuth2\Server\Grant;
use League\OAuth2\Server\AuthorizationServer; use League\OAuth2\Server\AuthorizationServer;
use League\OAuth2\Server\Entity\ScopeEntity; use League\OAuth2\Server\Entity\ScopeEntity;
use League\OAuth2\Server\Entity\ClientEntity;
use League\OAuth2\Server\Exception; use League\OAuth2\Server\Exception;
/** /**
@ -120,10 +121,11 @@ abstract class AbstractGrant implements GrantTypeInterface
/** /**
* Given a list of scopes, validate them and return an arrary of Scope entities * Given a list of scopes, validate them and return an arrary of Scope entities
* @param string $scopeParam A string of scopes (e.g. "profile email birthday") * @param string $scopeParam A string of scopes (e.g. "profile email birthday")
* @param ClientEntity $client A string of scopes (e.g. "profile email birthday")
* @return array * @return array
* @throws ClientException If scope is invalid, or no scopes passed when required * @throws ClientException If scope is invalid, or no scopes passed when required
*/ */
public function validateScopes($scopeParam = '') public function validateScopes($scopeParam = '', ClientEntity $client)
{ {
$scopesList = explode($this->server->getScopeDelimeter(), $scopeParam); $scopesList = explode($this->server->getScopeDelimeter(), $scopeParam);
@ -153,7 +155,8 @@ abstract class AbstractGrant implements GrantTypeInterface
foreach ($scopesList as $scopeItem) { foreach ($scopesList as $scopeItem) {
$scope = $this->server->getStorage('scope')->get( $scope = $this->server->getStorage('scope')->get(
$scopeItem, $scopeItem,
$this->getIdentifier() $this->getIdentifier(),
$client->getId()
); );
if (($scope instanceof ScopeEntity) === false) { if (($scope instanceof ScopeEntity) === false) {

2
src/Grant/AuthCodeGrant.php
View File

@ -114,7 +114,7 @@ class AuthCodeGrant extends AbstractGrant
// Validate any scopes that are in the request // Validate any scopes that are in the request
$scopeParam = $this->server->getRequest()->query->get('scope', ''); $scopeParam = $this->server->getRequest()->query->get('scope', '');
$scopes = $this->validateScopes($scopeParam); $scopes = $this->validateScopes($scopeParam, $client);
return [ return [
'client' => $client, 'client' => $client,

2
src/Grant/ClientCredentialsGrant.php
View File

@ -86,7 +86,7 @@ class ClientCredentialsGrant extends AbstractGrant
// Validate any scopes that are in the request // Validate any scopes that are in the request
$scopeParam = $this->server->getRequest()->request->get('scope', ''); $scopeParam = $this->server->getRequest()->request->get('scope', '');
$scopes = $this->validateScopes($scopeParam); $scopes = $this->validateScopes($scopeParam, $client);
// Create a new session // Create a new session
$session = new SessionEntity($this->server); $session = new SessionEntity($this->server);

2
src/Grant/PasswordGrant.php
View File

@ -127,7 +127,7 @@ class PasswordGrant extends AbstractGrant
// Validate any scopes that are in the request // Validate any scopes that are in the request
$scopeParam = $this->server->getRequest()->request->get('scope', ''); $scopeParam = $this->server->getRequest()->request->get('scope', '');
$scopes = $this->validateScopes($scopeParam); $scopes = $this->validateScopes($scopeParam, $client);
// Create a new session // Create a new session
$session = new SessionEntity($this->server); $session = new SessionEntity($this->server);

2
src/Grant/RefreshTokenGrant.php
View File

@ -108,7 +108,7 @@ class RefreshTokenGrant extends AbstractGrant
// Get and validate any requested scopes // Get and validate any requested scopes
$requestedScopesString = $this->server->getRequest()->request->get('scope', ''); $requestedScopesString = $this->server->getRequest()->request->get('scope', '');
$requestedScopes = $this->validateScopes($requestedScopesString); $requestedScopes = $this->validateScopes($requestedScopesString, $client);
// If no new scopes are requested then give the access token the original session scopes // If no new scopes are requested then give the access token the original session scopes
if (count($requestedScopes) === 0) { if (count($requestedScopes) === 0) {

3
src/Storage/ScopeInterface.php
View File

@ -20,7 +20,8 @@ interface ScopeInterface
* Return information about a scope * Return information about a scope
* @param string $scope The scope * @param string $scope The scope
* @param string $grantType The grant type used in the request (default = "null") * @param string $grantType The grant type used in the request (default = "null")
* @param string $clientId The client sending the request (default = "null")
* @return \League\OAuth2\Server\Entity\ScopeEntity * @return \League\OAuth2\Server\Entity\ScopeEntity
*/ */
public function get($scope, $grantType = null); public function get($scope, $grantType = null, $clientId = null);
} }

21
tests/unit/Grant/AbstractGrantTest.php
View File

@ -4,6 +4,7 @@ namespace LeagueTests\Grant;
use League\OAuth2\Server\Grant; use League\OAuth2\Server\Grant;
use League\OAuth2\Server\Entity\ScopeEntity; use League\OAuth2\Server\Entity\ScopeEntity;
use League\OAuth2\Server\Entity\ClientEntity;
use League\OAuth2\Server\AuthorizationServer; use League\OAuth2\Server\AuthorizationServer;
use League\OAuth2\Server\Exception\InvalidRequestException; use League\OAuth2\Server\Exception\InvalidRequestException;
use LeagueTests\Stubs\StubAbstractGrant; use LeagueTests\Stubs\StubAbstractGrant;
@ -63,11 +64,13 @@ class AbstractGrantTest extends \PHPUnit_Framework_TestCase
$grant = new StubAbstractGrant; $grant = new StubAbstractGrant;
$grant->setAuthorizationServer($server); $grant->setAuthorizationServer($server);
$client = (new ClientEntity($server))->hydrate(['id' => 'testapp']);
$this->assertEquals( $this->assertEquals(
[ [
'foo' => (new ScopeEntity($server))->hydrate(['id' => 'foo']) 'foo' => (new ScopeEntity($server))->hydrate(['id' => 'foo'])
], ],
$grant->validateScopes('foo') $grant->validateScopes('foo', $client)
); );
} }
@ -85,7 +88,9 @@ class AbstractGrantTest extends \PHPUnit_Framework_TestCase
$grant = new StubAbstractGrant; $grant = new StubAbstractGrant;
$grant->setAuthorizationServer($server); $grant->setAuthorizationServer($server);
$grant->validateScopes(); $client = (new ClientEntity($server))->hydrate(['id' => 'testapp']);
$grant->validateScopes(null, $client);
} }
public function testValidateScopesInvalidScope() public function testValidateScopesInvalidScope()
@ -102,7 +107,9 @@ class AbstractGrantTest extends \PHPUnit_Framework_TestCase
$grant = new StubAbstractGrant; $grant = new StubAbstractGrant;
$grant->setAuthorizationServer($server); $grant->setAuthorizationServer($server);
$grant->validateScopes('blah'); $client = (new ClientEntity($server))->hydrate(['id' => 'testapp']);
$grant->validateScopes('blah', $client);
} }
public function testValidateScopesDefaultScope() public function testValidateScopesDefaultScope()
@ -123,7 +130,9 @@ class AbstractGrantTest extends \PHPUnit_Framework_TestCase
$grant = new StubAbstractGrant; $grant = new StubAbstractGrant;
$grant->setAuthorizationServer($server); $grant->setAuthorizationServer($server);
$grant->validateScopes(); $client = (new ClientEntity($server))->hydrate(['id' => 'testapp']);
$grant->validateScopes(null, $client);
} }
public function testValidateScopesDefaultScopeArray() public function testValidateScopesDefaultScopeArray()
@ -144,6 +153,8 @@ class AbstractGrantTest extends \PHPUnit_Framework_TestCase
$grant = new StubAbstractGrant; $grant = new StubAbstractGrant;
$grant->setAuthorizationServer($server); $grant->setAuthorizationServer($server);
$grant->validateScopes(); $client = (new ClientEntity($server))->hydrate(['id' => 'testapp']);
$grant->validateScopes(null, $client);
} }
} }