Updated examples

2024-11-26 16:52:04 +05:30 · 2016-04-18 08:32:58 +01:00 · 2016-04-18 08:32:58 +01:00 · 2a6f900323
commit 2a6f900323
parent fb8f47e868
3 changed files with 16 additions and 7 deletions
--- a/examples/public/auth_code.php
+++ b/examples/public/auth_code.php
@ -29,7 +29,7 @@ $app = new App([
    ],
    AuthorizationServer::class => function () {
        // Init our repositories
-        $clientRepository = new ClientRepository();
+        $clientRepository = new ClientReptository();
        $scopeRepository = new ScopeRepository();
        $accessTokenRepository = new AccessTokenRepository();
        $authCodeRepository = new AuthCodeRepository();
--- a/examples/public/client_credentials.php
+++ b/examples/public/client_credentials.php
@ -30,9 +30,9 @@ $app = new App([
        $accessTokenRepository = new AccessTokenRepository(); // instance of AccessTokenRepositoryInterface

        // Path to public and private keys
-        $privateKey = 'file://path/to/private.key';
+        $privateKey = 'file://'.__DIR__.'/../private.key';
        //$privateKey = new CryptKey('file://path/to/private.key', 'passphrase'); // if private key has a pass phrase
-        $publicKey = 'file://path/to/public.key';
+        $publicKey = 'file://'.__DIR__.'/../public.key';

        // Setup the authorization server
        $server = new AuthorizationServer(
--- a/examples/src/Repositories/ClientRepository.php
+++ b/examples/src/Repositories/ClientRepository.php
@ -17,13 +17,14 @@ class ClientRepository implements ClientRepositoryInterface
    /**
     * {@inheritdoc}
     */
-    public function getClientEntity($clientIdentifier, $clientSecret = null, $redirectUri = null, $grantType = null)
+    public function getClientEntity($clientIdentifier, $grantType, $clientSecret = null, $mustValidateSecret = true)
    {
        $clients = [
            'myawesomeapp' => [
-                'secret'       => password_hash('abc123', PASSWORD_BCRYPT),
-                'name'         => 'My Awesome App',
-                'redirect_uri' => 'http://foo/bar',
+                'secret'          => password_hash('abc123', PASSWORD_BCRYPT),
+                'name'            => 'My Awesome App',
+                'redirect_uri'    => 'http://foo/bar',
+                'is_confidential' => true,
            ],
        ];

@ -32,6 +33,14 @@ class ClientRepository implements ClientRepositoryInterface
            return;
        }

+        if (
+            $mustValidateSecret === true
+            && $clients[$clientIdentifier]['is_confidential'] === true
+            && password_verify($clientSecret, $clients[$clientIdentifier]['secret']) === false
+        ) {
+            return;
+        }
+
        $client = new ClientEntity();
        $client->setIdentifier($clientIdentifier);
        $client->setName($clients[$clientIdentifier]['name']);