ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2025-05-31 14:12:07 +05:30
Code Issues Packages Projects Releases Wiki Activity

New property on AuthorizationServer to receive an encryption key which is used for future encryption/decryption instead of keybased encryption/decryption

Browse Source
This commit is contained in:
Alex Bilbie
2017-07-01 15:57:40 +01:00
parent 4a717104fa
commit 1af4012df4
6 changed files with 68 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
src/AuthorizationServer.php
View File

@@ -26,6 +26,8 @@ class AuthorizationServer implements EmitterAwareInterface
{
use EmitterAwareTrait;
const ENCRYPTION_KEY_ERROR = 'You must set the encryption key going forward to improve the security of this library - see this page for more information https://xxxx/xxxx';
/**
* @var GrantTypeInterface[]
*/
@@ -66,6 +68,11 @@ class AuthorizationServer implements EmitterAwareInterface
*/
private $scopeRepository;
/**
* @var string
*/
private $encryptionKey;
/**
* New server instance.
*
@@ -101,6 +108,16 @@ class AuthorizationServer implements EmitterAwareInterface
$this->responseType = $responseType;
}
/**
* Set the encryption key
*
* @param string $key
*/
public function setEncryptionKey($key)
{
$this->encryptionKey = $key;
}
/**
* Enable a grant type on the server.
*
@@ -120,6 +137,11 @@ class AuthorizationServer implements EmitterAwareInterface
$grantType->setPublicKey($this->publicKey);
$grantType->setEmitter($this->getEmitter());
if ($this->encryptionKey === null) {
error_log(self::ENCRYPTION_KEY_ERROR);
}
$grantType->setEncryptionKey($this->encryptionKey);
$this->enabledGrantTypes[$grantType->getIdentifier()] = $grantType;
$this->grantTypeAccessTokenTTL[$grantType->getIdentifier()] = $accessTokenTTL;
}
@@ -135,6 +157,10 @@ class AuthorizationServer implements EmitterAwareInterface
*/
public function validateAuthorizationRequest(ServerRequestInterface $request)
{
if ($this->encryptionKey === null) {
error_log(self::ENCRYPTION_KEY_ERROR);
}
foreach ($this->enabledGrantTypes as $grantType) {
if ($grantType->canRespondToAuthorizationRequest($request)) {
return $grantType->validateAuthorizationRequest($request);