diff --git a/examples/relational/Storage/AuthCodeStorage.php b/examples/relational/Storage/AuthCodeStorage.php index c5dbe41f..856d852d 100644 --- a/examples/relational/Storage/AuthCodeStorage.php +++ b/examples/relational/Storage/AuthCodeStorage.php @@ -7,6 +7,8 @@ use League\OAuth2\Server\Storage\Adapter; use League\OAuth2\Server\Entity\AuthCodeEntity; use League\OAuth2\Server\Entity\ScopeEntity; +use Illuminate\Database\Capsule\Manager as Capsule; + class AuthCodeStorage extends Adapter implements AuthCodeInterface { /** @@ -14,7 +16,29 @@ class AuthCodeStorage extends Adapter implements AuthCodeInterface */ public function get($code) { - die(var_dump(__METHOD__, func_get_args())); + $result = Capsule::table('oauth_auth_codes') + ->where('auth_code', $code) + ->where('expire_time', '>=', time()) + ->get(); + + if (count($result) === 1) { + $token = new AuthCodeEntity($this->server); + $token->setToken($result[0]['auth_code']); + return $token; + } + + return null; + } + + public function create($token, $$expireTime, $sessionId) + { + Capsule::table('oauth_auth_codes') + ->insert([ + 'auth_code' => $token, + 'client_redirect_uri' => $redirectUri, + 'session_id' => $sessionId, + 'expire_time' => $expireTime + ]); } /** @@ -30,7 +54,11 @@ class AuthCodeStorage extends Adapter implements AuthCodeInterface */ public function associateScope(AuthCodeEntity $token, ScopeEntity $scope) { - die(var_dump(__METHOD__, func_get_args())); + Capsule::table('oauth_auth_code_scopes') + ->insert([ + 'auth_code' => $token->getToken(), + 'scope' => $scope->getId() + ]); } /** diff --git a/examples/relational/Storage/ClientStorage.php b/examples/relational/Storage/ClientStorage.php index dbee1ab7..0b61f074 100644 --- a/examples/relational/Storage/ClientStorage.php +++ b/examples/relational/Storage/ClientStorage.php @@ -16,7 +16,31 @@ class ClientStorage extends Adapter implements ClientInterface */ public function get($clientId, $clientSecret = null, $redirectUri = null, $grantType = null) { - die(var_dump(__METHOD__, func_get_args())); + $query = Capsule::table('oauth_clients') + ->select('oauth_clients.*') + ->where('oauth_clients.id', $clientId); + + if ($clientSecret !== null) { + $query->where('oauth_clients.secret', $clientSecret); + } + + if ($redirectUri) { + $query->join('oauth_client_redirect_uris', 'oauth_clients.id', '=', 'oauth_client_redirect_uris.client_id') + ->select(['oauth_clients.*', 'oauth_client_redirect_uris.*']) + ->where('oauth_client_redirect_uris.redirect_uri', $redirectUri); + } + + $result = $query->get(); + + if (count($result) === 1) { + $client = new ClientEntity($this->server); + $client->setId($result[0]['id']); + $client->setName($result[0]['name']); + + return $client; + } + + return null; } /** @@ -37,5 +61,7 @@ class ClientStorage extends Adapter implements ClientInterface return $client; } + + return null; } } diff --git a/examples/relational/Storage/ScopeStorage.php b/examples/relational/Storage/ScopeStorage.php index 1dcdde73..ab31bfc3 100644 --- a/examples/relational/Storage/ScopeStorage.php +++ b/examples/relational/Storage/ScopeStorage.php @@ -4,6 +4,9 @@ namespace RelationalExample\Storage; use League\OAuth2\Server\Storage\ScopeInterface; use League\OAuth2\Server\Storage\Adapter; +use League\OAuth2\Server\Entity\ScopeEntity; + +use Illuminate\Database\Capsule\Manager as Capsule; class ScopeStorage extends Adapter implements ScopeInterface { @@ -12,6 +15,16 @@ class ScopeStorage extends Adapter implements ScopeInterface */ public function get($scope, $grantType = null) { - die(var_dump(__METHOD__, func_get_args())); + $result = Capsule::table('oauth_scopes') + ->where('id', $scope) + ->get(); + + if (count($result) === 0) { + return null; + } + + return (new ScopeEntity($this->server)) + ->setId($result[0]['id']) + ->setDescription($result[0]['description']); } } diff --git a/examples/relational/Storage/SessionStorage.php b/examples/relational/Storage/SessionStorage.php index fa8cf1b2..faf0162b 100644 --- a/examples/relational/Storage/SessionStorage.php +++ b/examples/relational/Storage/SessionStorage.php @@ -57,7 +57,22 @@ class SessionStorage extends Adapter implements SessionInterface */ public function getScopes(SessionEntity $session) { - die(var_dump(__CLASS__.'::'.__METHOD__, func_get_args())); + $result = Capsule::table('oauth_sessions') + ->select('oauth_scopes.*') + ->join('oauth_session_scopes', 'oauth_sessions.id', '=', 'oauth_session_scopes.session_id') + ->join('oauth_scopes', 'oauth_scopes.id', '=', 'oauth_session_scopes.scope') + ->where('oauth_sessions.id', $session->getId()) + ->get(); + + $scopes = []; + + foreach ($result as $scope) { + $scopes[] = (new ScopeEntity($this->server)) + ->setId($scope['id']) + ->setDescription($scope['description']); + } + + return $scopes; } /** @@ -65,7 +80,14 @@ class SessionStorage extends Adapter implements SessionInterface */ public function create($ownerType, $ownerId, $clientId, $clientRedirectUri = null) { - die(var_dump(__CLASS__.'::'.__METHOD__, func_get_args())); + $id = Capsule::table('oauth_sessions') + ->insert([ + 'owner_type' => $ownerType, + 'owner_id' => $ownerId, + 'client_id' => $clientId + ]); + + return $id; } /** diff --git a/examples/relational/auth.php b/examples/relational/auth.php index d99b38e9..15fb3592 100644 --- a/examples/relational/auth.php +++ b/examples/relational/auth.php @@ -5,40 +5,32 @@ namespace OAuth2Server\RelationalExample; use \Orno\Http\Request; use \Orno\Http\Response; use \Orno\Http\JsonResponse; -use \League\OAuth2\Server\AuthorizationServer; -use \League\OAuth2\Server\Exception; -use \League\OAuth2\Server\Grant; +use \Orno\Http\Exception\MethodNotAllowedException; + +use Illuminate\Database\Capsule\Manager as Capsule; + +// use \League\OAuth2\Server\Exception; use \RelationalExample\Storage; use \RelationalExample\Model; -use Illuminate\Database\Capsule\Manager as Capsule; include __DIR__.'/vendor/autoload.php'; // Routing setup -$request = (new Request)->createFromGlobals(); $router = new \Orno\Route\RouteCollection; -$router->setStrategy(\Orno\Route\RouteStrategyInterface::RESTFUL_STRATEGY); // Set up the OAuth 2.0 resource server -$sessionStorage = new Storage\SessionStorage(); -$accessTokenStorage = new Storage\AccessTokenStorage(); -$clientStorage = new Storage\ClientStorage(); -$scopeStorage = new Storage\ScopeStorage(); -$accessTokenStorage = new Storage\AccessTokenStorage(); -$refreshTokenStorage = new Storage\RefreshTokenStorage(); -$authCodeStorage = new Storage\AuthCodeStorage(); +$server = new \League\OAuth2\Server\AuthorizationServer; +$server->setSessionStorage(new Storage\SessionStorage); +$server->setAccessTokenStorage(new Storage\AccessTokenStorage); +$server->setRefreshTokenStorage(new Storage\RefreshTokenStorage); +$server->setClientStorage(new Storage\ClientStorage); +$server->setScopeStorage(new Storage\ScopeStorage); +$server->setAuthCodeStorage(new Storage\AuthCodeStorage); -$server = new AuthorizationServer(); -$server->setSessionStorage($sessionStorage); -$server->setAccessTokenStorage($accessTokenStorage); -$server->setRefreshTokenStorage($refreshTokenStorage); -$server->setClientStorage($clientStorage); -$server->setScopeStorage($scopeStorage); -$server->setAuthCodeStorage($authCodeStorage); - -$authCodeGrant = new Grant\AuthCodeGrant(); +$authCodeGrant = new \League\OAuth2\Server\Grant\AuthCodeGrant(); $server->addGrantType($authCodeGrant); +$request = (new Request)->createFromGlobals(); $server->setRequest($request); // GET /authorize @@ -61,9 +53,13 @@ $router->get('/authorize', function (Request $request) use ($server) { // ... + // ... + + // ... + // Create a new authorize request which will respond with a redirect URI that the user will be redirected to - $redirectUri = $server->newAuthorizeRequest('user', 1, $authParams); + $redirectUri = $server->getGrantType('authorization_code')->newAuthorizeRequest('user', 1, $authParams); $response = new Response('', 200, [ 'Location' => $redirectUri @@ -72,6 +68,22 @@ $router->get('/authorize', function (Request $request) use ($server) { return $response; }); +// /access_token +$router->post('/access_token', function (Request $request) use ($server) { + + try { + $response = $server->getGrantType('authorization_code')->completeFlow(); + } catch (\Exception $e) { + echo json_encode([ + 'error' => $e->errorType, + 'message' => $e->getMessage() + ]); + + exit; + } + +}); + $dispatcher = $router->getDispatcher(); $response = $dispatcher->dispatch($request->getMethod(), $request->getPathInfo()); $response->send(); diff --git a/examples/relational/config/init.php b/examples/relational/config/init.php index 9bf4b7f9..8baa61fd 100644 --- a/examples/relational/config/init.php +++ b/examples/relational/config/init.php @@ -59,6 +59,21 @@ Capsule::table('oauth_clients')->insert([ /******************************************************************************/ +print 'Creating client redirect uris table'.PHP_EOL; + +Capsule::schema()->create('oauth_client_redirect_uris', function ($table) { + $table->increments('id'); + $table->string('client_id'); + $table->string('redirect_uri'); +}); + +Capsule::table('oauth_client_redirect_uris')->insert([ + 'client_id' => 'testclient', + 'redirect_uri' => 'http://example.com/redirect' +]); + +/******************************************************************************/ + print 'Creating scopes table'.PHP_EOL; Capsule::schema()->create('oauth_scopes', function ($table) { diff --git a/src/Grant/AuthCodeGrant.php b/src/Grant/AuthCodeGrant.php index 81baf42c..8b8234fc 100644 --- a/src/Grant/AuthCodeGrant.php +++ b/src/Grant/AuthCodeGrant.php @@ -142,7 +142,8 @@ class AuthCodeGrant extends AbstractGrant // Create a new auth code $authCode = new AuthCodeEntity($this->server); $authCode->setToken(SecureKey::generate()); - $authCode->setRedirectUri($authParams['redirect_uri']); + $authCode->setRedirectUri(); + $authCode->setExpireTime(time() + $this->authTokenTTL); foreach ($authParams['scopes'] as $scope) { $authCode->associateScope($scope); @@ -156,10 +157,9 @@ class AuthCodeGrant extends AbstractGrant /** * Complete the auth code grant - * @param null|array $inputParams * @return array */ - public function completeFlow($inputParams = null) + public function completeFlow() { // Get the required params $clientId = $this->server->getRequest()->request->get('client_id', null); diff --git a/src/Grant/PasswordGrant.php b/src/Grant/PasswordGrant.php index 9c2b27e3..a44c718b 100644 --- a/src/Grant/PasswordGrant.php +++ b/src/Grant/PasswordGrant.php @@ -72,10 +72,9 @@ class PasswordGrant extends AbstractGrant /** * Complete the password grant - * @param null|array $inputParams * @return array */ - public function completeFlow($inputParams = null) + public function completeFlow() { // Get the required params $clientId = $this->server->getRequest()->request->get('client_id', null);