ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2024-11-15 09:47:46 +05:30
Code Issues Packages Projects Releases Wiki Activity

Variable name fixes + little changes to support unit tests

Browse Source
This commit is contained in:
Alex Bilbie 2013-03-27 14:26:46 +00:00
parent e563230f10
commit 3481ec8aa2
1 changed files with 19 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
src/OAuth2/AuthServer.php
View File

@ -120,9 +120,9 @@ class AuthServer
/** /**
* Exception error HTTP status codes * Exception error HTTP status codes
* @var array * @var array
* *
* RFC 6749, section 4.1.2.1.: * RFC 6749, section 4.1.2.1.:
* No 503 status code for 'temporarily_unavailable', because * No 503 status code for 'temporarily_unavailable', because
* "a 503 Service Unavailable HTTP status code cannot be * "a 503 Service Unavailable HTTP status code cannot be
* returned to the client via an HTTP redirect" * returned to the client via an HTTP redirect"
*/ */
@ -134,13 +134,13 @@ class AuthServer
'invalid_scope' => 400, 'invalid_scope' => 400,
'server_error' => 500, 'server_error' => 500,
'temporarily_unavailable' => 400, 'temporarily_unavailable' => 400,
'unsupported_grant_type' => 400, 'unsupported_grant_type' => 501,
'invalid_client' => 401, 'invalid_client' => 401,
'invalid_grant' => 400, 'invalid_grant' => 400,
'invalid_credentials' => 400, 'invalid_credentials' => 400,
'invalid_refresh' => 400, 'invalid_refresh' => 400,
); );
/** /**
* Get all headers that have to be send with the error response * Get all headers that have to be send with the error response
* *
@ -164,35 +164,37 @@ class AuthServer
default: default:
$headers[] = 'HTTP/1.1 400 Bad Request'; $headers[] = 'HTTP/1.1 400 Bad Request';
} }
// Add "WWW-Authenticate" header // Add "WWW-Authenticate" header
// //
// RFC 6749, section 5.2.: // RFC 6749, section 5.2.:
// "If the client attempted to authenticate via the 'Authorization' // "If the client attempted to authenticate via the 'Authorization'
// request header field, the authorization server MUST // request header field, the authorization server MUST
// respond with an HTTP 401 (Unauthorized) status code and // respond with an HTTP 401 (Unauthorized) status code and
// include the "WWW-Authenticate" response header field // include the "WWW-Authenticate" response header field
// matching the authentication scheme used by the client. // matching the authentication scheme used by the client.
// @codeCoverageIgnoreStart
if ($error === 'invalid_client') { if ($error === 'invalid_client') {
$auth_scheme = null; $authScheme = null;
$request = new Request(); $request = new Request();
if ($request->server('PHP_AUTH_USER') !== null) { if ($request->server('PHP_AUTH_USER') !== null) {
$auth_scheme = 'Basic'; $authScheme = 'Basic';
} else { } else {
$auth_header = $request->header('Authorization'); $authHeader = $request->header('Authorization');
if ($auth_header !== null) { if ($authHeader !== null) {
if (strpos($auth_header, 'Bearer') === 0) { if (strpos($authHeader, 'Bearer') === 0) {
$auth_scheme = 'Bearer'; $authScheme = 'Bearer';
} elseif (strpos($auth_header, 'Basic') === 0) { } elseif (strpos($authHeader, 'Basic') === 0) {
$auth_scheme = 'Basic'; $authScheme = 'Basic';
} }
} }
} }
if ($auth_scheme !== null) { if ($authScheme !== null) {
$headers[] = "WWW-Authenticate: $auth_scheme realm=\"\""; $headers[] = 'WWW-Authenticate: '.$authScheme.' realm=""';
} }
} }
// @codeCoverageIgnoreEnd
return $headers; return $headers;
} }